The CISO is the chief information security officer and they are responsible for an organization’s information and data security. Over the years, the role has evolved and now it is more of an exchange between the CISO and VP of security within the organization. If I was CISO, I would be doing security operations, security architecture, investigations and forensics, identity and access management, and program management. Security operations would be analyzing immediate threats and classify if something goes wrong. Security architecture is planning or buying security hardware and software to make sure the IT and network infrastructures is designed with the best materials. Investigating and using forensics would be for to determine what happened in the breach and planning out to prevent repeats. Identity and access management is making sure only authorized people are allowed to have access to restricted data and systems. Program management would prepare and keep security ahead of programs and projects that might be at risk such as patches. The reason I would do these protections is to make sure the organization’s information and secured data is well protected and out of reach from hackers. Doing these protections as a CISO, the availability of my systems would be implemented and safely protected.