As the CISO, it is my duty to protect and maintain the security of all data within the trading company. I would ensure that I have a NIST framework ready to guide me on ways that I could protect the Internet from any breaches. Also, I must make sure everyone is playing their role in the security base so there wouldn’t be risk. I will implement a risk management plan ahead so I could know what I am risking and if something were to happen, then I would know the recovery rate, time, and cost of repair. Other than looking at the Internet security, as the CISO, I should look at any physical security like guards, pass codes and authentication, cameras, and secret rooms that may only be accessed by authorized individuals. The CIA ties into things like being admin and assigning roles to every individual. In this case, you will know who has what permissions and will not allow anyone to just modify something that was not meant to be touched.