What Does “Business-Minded” Mean?
You might find it an odd title for a book or a bit of an oxymoron to say business-minded chief information security officer (CISO). The truth is IT risk and information security professionals have hidden behind their Certified Information Systems Security Professional (CISSP) certifications and technical jargon for far too long. I recently came across a quote but do not recall who said it. It read, “You can’t just rearchitect IT; you have to rearchitect the business.” I found this statement impactful and applicable to this publication because many IT professionals think the world revolves around them.
I believe the gap between information security program funding and support has been largely created by information security professionals failing to convey their needs and goals in business terms that senior organizational leaders can understand. Simply put, the business-minded CISO thinks the way the chief executive officer (CEO), chief financial officer (CFO), and board members think; that is, how best can company resources be invested to further the mission, vision, and values of the organization itself?
This concise book will take you through the process of becoming and operating like a business-minded CISO so you can achieve your organizational goals and objectives with the full support of your senior management team and oversight bodies. Let’s start with investigating the job prospect.