Friday, October 18, 2019

Conference Capture The Flag (CTF) for CISOs?

CISOs attend cyber security conferences but miss out on a lot of the more tactical CTF fun.

Imagine what CTFs for CISOs might look like…

- Identify the criteria for determining if a malware incident is large scale enough to trigger the enterprise crisis management team 

- Decipher a complex new cyber threat and garner support in a compelling way for the controls required to manage the risk with non-technical C level executives

- Take a list representing a set of related activities and turn it into a program that executives can understand

- Reprioritize cyber program budget items and team work plans in response to a set of changes in the organization's digital transformation strategy

- Lay out the risk identification and mitigation plan with legal for the acquisition of another company with mobile applications that collect personal data.

On second thought, perhaps those examples don’t look like so much fun after all.

It looks like what CISOs do every day. 

Follow me on Twitter for discussion and the latest blog updates: @Opinionatedsec1. Or, start your own discussion using #crazygoodcyberteams on twitter or Linkedin and I'll read it.


No comments:

Post a Comment