CISO

The CISO is responsible for managing information and cyber concerns in the organization on both the administrative and technical sides. He is charged with preserving the confidentiality, integrity and availability of data and information and protecting it from internal and external threats while emphasizing business continuity.

He is responsible for protecting the operating systems, communication network, systems and application security as well as raising awareness so as to avoid information leakage. The role of the CISO encompasses professional responsibility for all aspects of information security in the organization.

CISO MAIN RESPONSIBILITIES

  • Building an enterprise information security strategy.
  • Conducting risk assessments on both the physical and logical aspects of information security.
  • Classification of organizational information.
  • Building policies and writing information security procedures.
  • Building and executing a work plan for the IT and information security systems.
  • Responsible for the human factor of information security and organizational information systems  
  • Addressing information security gaps, hardening the IT and information systems.
  • Supervising best security practices and improving protection of business processes.
  • As the source of knowledge on information security issues, the CISO will promote information security for company employees.
  • Communicate with IT entities to deal with and close security gaps.
  • Update management and the board of directors on a monthly basis concerning the status of information security.

Professional Opinion

In the end, the most important role of the CISO in my opinion, is to balance the organization’s security needs with business continuity and the day-to-day functions of all organizational entities.