cio scoreboard overview
TRANSCRIPT
![Page 1: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/1.jpg)
The CIO Scoreboard Empowering CIOs through IT Security Strategy
and Risk Management
![Page 2: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/2.jpg)
Visualization is the KeyWhat if in 10 seconds you could explain to the business the current stat of your IT Security program…
![Page 3: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/3.jpg)
Visualization is the Key
![Page 4: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/4.jpg)
Board/CEO Reporting LevelOutput from this
![Page 5: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/5.jpg)
IT Security & Risk Management Flow
![Page 6: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/6.jpg)
CIO – Opinion Management
Security Vendor HW and SW
Internal &/or ExternalAudit
Internal Staff
RegulatorFFIEC,HIPPA, PCI, etc
Integrator
Whose Opinion Do you Follow?
MediaGartner/Think Tank
![Page 7: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/7.jpg)
LanguageSecurity is Verb and not a Noun
![Page 8: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/8.jpg)
Hustle Curve for Compliance
![Page 9: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/9.jpg)
Transparency
![Page 10: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/10.jpg)
Human Error
![Page 11: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/11.jpg)
50+ Security Domainswith Complete Transparency
![Page 12: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/12.jpg)
50+ Security Domains
![Page 13: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/13.jpg)
Risk & Criticality Assignment
![Page 14: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/14.jpg)
Risk Rating
![Page 15: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/15.jpg)
Common Language
![Page 16: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/16.jpg)
Visualization is the Key
![Page 17: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/17.jpg)
Point in Time Analysis
![Page 18: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/18.jpg)
Overview of Process Methodology
Three Stages1. Risk assignment – actual Technical Security
Reality State2. Criticality assignment – the order in which the
business should/needs to do things due to technical fundamentals, true audit issue, actual threat risk
3. Gap review - the technical reality of where you are compared to where you need to be
![Page 19: CIO Scoreboard Overview](https://reader036.vdocuments.mx/reader036/viewer/2022081513/58e5de3d1a28ab1d608b6609/html5/thumbnails/19.jpg)
The CIO Scoreboard allows you to:
• Measure and analyze the current state of IT Security Risk in your company
• Demonstrate and prove IT Security execution• Develop and show a roadmap of investment
needed to fix weaknesses and problems within the enterprise