When you enter into an organization as a CIO/CISO, what is the first document you prioritize updating?

Leadership End-User Services & Collaboration

Information Security Policy21%

Business Continuity Plan53%

Acceptable Use Policy15%

Incident Response Plan7%

Other (share below)1%

535 PARTICIPANTS

4.1k views1 Comment

Sort by:

Director in Manufacturing4 years ago

The answer depends on why I was hired
What’s the biggest and most costly problem I was hired to resolve?

Did they have a Ransomeware situation? Then Security

Did they recently have a big disaster and it took to long to recover? Then business continuity

From experience with acquisitions, both Security and Business Continuity are the top issues almost all of the time

Content you might like

Do you think it’s important for leaders to experiment with AI capabilities for security even if implementation is currently cost-prohibitive for their organization? Could small-scale experimentation be worth the effort in the long term?

How does your organization handle security team involvement in change requests submitted to CAB/RAB — specifically in relation to formal security review and approval?

Always required – Security must formally review and approve every change request.8%

Required for security-impacting changes – Security reviews only changes flagged as having potential security implications. Please comment : Who decides which changes require security review and which do not ? Is this determination manual or automated? How do you avoid gaps or oversights in this process ?84%

Not required – Security does not review changes submitted CAB/RAB by other teams. 8%

Risk-based or automated – Security involvement is determined by a tiered model or automated risk scoring within ITSM.

View Results

JBS has announced it paid hackers the equivalent of $11 million in bitcoin to resolve a cyberattack last week after consulting with internal IT professionals and third-party cybersecurity experts. Do you agree with their decision to pay?

https://www.axios.com/jbs-pays-11-million-ransom-end-cyber-attack-e9a85abd-754f-4fcc-827e-907ce30ea3ac.html

Yes70%

No29%

What strategies can organizations use to address the added compliance burden that comes with AI-enabled tools? How do you keep up with changes to both the vendor’s Terms of Service as well as various data privacy laws?

How are you collaborating with other business leaders to ensure IT strategy remains aligned during periods of rapid change? Can you share examples of cross-functional planning approaches that have been effective?

When you enter into an organization as a CIO/CISO, what is the first document you prioritize updating?

Sort by:

Content you might like

Do you think it’s important for leaders to experiment with AI capabilities for security even if implementation is currently cost-prohibitive for their organization? Could small-scale experimentation be worth the effort in the long term?

How does your organization handle security team involvement in change requests submitted to CAB/RAB — specifically in relation to formal security review and approval?

What strategies can organizations use to address the added compliance burden that comes with AI-enabled tools? How do you keep up with changes to both the vendor’s Terms of Service as well as various data privacy laws?

How are you collaborating with other business leaders to ensure IT strategy remains aligned during periods of rapid change? Can you share examples of cross-functional planning approaches that have been effective?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

Elevating Experiences: The AI Revolution in Customer Engagement

Environmental Supply Chain Sustainability: Tactics, Benefits and Barriers

Brand management: Addressing changes in customer behavior resulting from economic uncertainty

Impact & Perceptions of A Privacy-First Digital Era

Take Your Insights On-the-Go