As the Chief information security officer, my first and main goal would be to manage information assets. By conducting an inventory of all hardware, software, applications, databases, etc. By doing so would allow me to better understand all that is a risk and the potential security procedures needed. The first protection I would implement would be a two-step authentication process in order to access said assets. This will ensure that anyone trying to obtain access to the systems would need to verify themselves beforehand. Furthermore, training would need to be conducting for all employees. Granting them better knowledge and awareness of their own potential security risks and how to avoid them. Training is one of the most effective methods used as employees can be the weakest link in a security chain. As technology continues to develop, the older generations start to become more confused about what can be harmful to the overall security of a company. Another major contributor to keeping the system up and running properly would be to establish an information security team. Individuals that are trained in a particular area allowing for smooth operations. This would be very beneficial because then when an incident was to occur there would not be any downtime. In the sense that there would be people able and ready to fight any threats and potentially stopping them before any harm is done.