If I were the CISO, the first and foremost implementations would involve training my employees. Testing them based on their knowledge of the work and training them on how to handle certain types of attacks in itself will boost the protections of my company’s security system. Live Fire Training exercises will also help them recognize the bait work, like phishing for example, that hackers send out and the data from that can be used to work in more weaker areas of the company’s security. Since the people are considered the weakest part of the security chain, it’s crucial to teach them what they need to know in scenarios that they should know how to handle. As far as technology, ensuring that the security system has the upmost technology, process data at fast speeds, and can detect threats quickly creates an advanced field of protection for my company even while still making enhancements.