Boston, March 9, 2021 – Chief information security officers (CISOs) have a limited period to make an indelible impression on their organization’s board of directors, establishing themselves as either visionaries or the same old CISO. And CISOs already in the seat realize it’s a matter of time before their organization is attacked. Other 100-day CISO plans have come before this one; however, they focus mainly on activities that may yield future outcomes, stopping short of telling CISOs what to do now.

This Impact Brief covers 10 specific actions that CISOs can do to reduce risk now, not in the future. It provides a pragmatic and systematic approach to address threats and vulnerabilities immediately. This 100-day plan is supported through the application of industry-leading security standards and practices. Outcomes discussed within this Impact Brief come from the author’s experience working directly with hundreds of CISOs over the past five years.

Clients of Aite Group’s Cybersecurity service can download this 14-page Impact Brief. To learn more about the topic covered in this Impact Brief, please contact us at [email protected].

This report mentions AIG, Asigra Inc., BeyondTrust, Center for Internet Security, Chubb Limited, Cipher, Cisco, Commvault, CoSoSys, CryptoStopper, CyberGRX, Donesafe Pty Ltd, FireCompass, Handy Backup, HBSC, Hiscox, IBM, Index Engines, KnowBe4, Liberty Mutual Group, MetaCompliance Ltd, National Institute of Standards and Technology, One Identity LLC, Onspring Technologies, PayPal, Ponemon Institute, Privacy360, Rapid7, Resolver Inc., Royal Bank of Scotland, ScienceSoft USA, SecurityTrails, Shopify, Sprocket Security LLC, Stripe, SynerComm Inc., Thycotic Software Ltd., Travelex Currency Services, and TrueNAS.