CSO – 1. Asking for a 10 percent budget increase in the next fiscal year:
a. “We’re going to need more money next year.” (0)
b. “Incremental investment next year will set us up for long-term efficiency.” (+1)
c. “You’re just going to have to trust me on this.” (-1)
d. “You can’t raise lions on kitty chow.” (-2)
2. Walking the board of directors through your operational metrics:
a. “Areas marked in red require process or technology improvement within this quarter.” (+1)
b. “I’ve appended a more detailed set of sub-measures in case you find those to be of interest.” (+1)
c. “I’ve appended a comprehensive list of virus signatures we’ve blocked.” (-1)
d. “Unfortunately, you can’t really measure security.” (-2)
[Also take 21st Century CSO skills challenge]
3. Responding to a CEO or COO request for an explanation of a new security technology:
a. “That insta-fleebinator plugs into a triple-DES-protected whoosywhatsit and amalgamates the ABDX v.2 concatenations over the darknet backbone.” (-4)
b. “One of our system integrators will have to get back to you on that.” (-1)
c. “First off, the big picture is that we can’t protect these assets properly unless we know exactly where they are and who can access them.” (+1)
d. “It’s so simple, even you will understand it.” (-3)
4. Telling the board of directors you’ve suffered a data breach:
a. “We regret to inform you…” (-1)
b. “Good news and bad news. The good news is, we’ve been honing our incident-response plan…” (-1)
c. “I have some unfortunate news that requires your immediate attention…” (+1)
d. “I told you this would happen.” (-3)
5. Letting your network know you’re looking for a new job:
a. “We regret to inform you…” (-2)
b. “Due to an ill-informed and backward-looking board of directors…” (-3)
c. “The next chapter of my career is about to begin, and I’d like to ask for your help.” (+1)
d. “Does anyone know the manager’s name at Taco Bell?” (-4)
SCORING:
Zero points (or less): Not being a CSO isn’t your biggest problem
1 to 4 points: CSO in the making
5 points: Ask your spouse if you answered the questions honestly
Article source: http://rss.computerworld.com/~r/computerworld/s/feed/topic/17/~3/xRRftEdyn-A/Greetings_and_salutations_
View full post on National Cyber Security » Announcements