If I Were a CISO

The chief information security officer(CISO) is a senior cyber security personnel with a high level of responsibilities when it comes to enforcing preventative and redundancies for ensuring the availability of systems. A public traded company is a company that retails shares of stocks. A company that shares stocks are large financial target for criminal syndicates. Availability is part of the CIA triad, Availability ensures access user information and resources. If I were a CISO for a publicly traded company tasked with ensuring availability of systems I would implement system redundancies, detection and prevention measures, a secured network for DDOS attacks, and establish a well constructed incidence response process. A crucial part of ensuring availability is having a redundancy; which is a back up. redundancies can be used to house back-up systems, networks, data centers, and much more. By having a back-up, if one were to lose access to either: systems, networks and data centers, there would be a secondary systems to ensure continuity of operations. Secondly, I would impose an Intrusion Prevention System(IPS). An IPS works actively to detect malicious activity or malware and works to engage and stop malicious activities on a system. The IPS is a much more advanced system than it’s adversary the Intrusion detection system(IDS) as the IDS can only seek malicious activity and not stop those activities. DDOS are attacks that will overload a system to the point of inoperability. This attacks works by sending packets to a network from multiple locations making it difficult to pin point the direction of the attack. By having a prevention measure for DDOS attacks it would clear out one avenue of attack for potential threats. Finally if all the previously mentioned preventative measures were to fail. It would be important to establish a proper incident response protocol to ensure an efficient means to rebooting operations. 

Sources: Cisco. “What Is CISO?” Https://Www.Cisco.Com/www.cisco.com/c/en/us/products/security/what-is-ciso.htmlLinks to an external site..

Leave a Reply

Your email address will not be published. Required fields are marked *