CISO Secrets: Delivering Consistent Infosec Value With Security Commits

A CISO shares his secrets to cyber security professionals and cyber nerds of how to consistently deliver infosec program value using security commits.

This video isn’t a re-hash of agile but a completely new approach to prioritizing cyber security work items so the most important program building items are delivered consistently and then communicating those items in a way that builds credibility and trust with executives and board members as well as more broadly across the infosec program.

In this video, you’ll learn the following:

● How current conversational approaches for setting expectations with executives can be improved
● Why a simpler, more pragmatic approach is needed for prioritization of infosec work items
● A new way to think about and communicate infosec commitments
● A new model that supports reliable quarterly delivery of infosec commits
● Four examples of how to communicate the progress and status of security commits


See Also:

KPIs and Metrics For Cyber Nerds: Infosec Engagement

Measuring Cyber Program Success: Cyber Threat Intelligence




This channel exists to help CISOs, BISOs, and senior infosec practitioners grow and mature their programs.

Recommended from Medium

{UPDATE} Racing Fever: Moto Hack Free Resources Generator

Intel ME Vulnerability for Mere Mortals

Find bugs or suggest improvements and get paid!

{UPDATE} 斗地主-全民斗地主经典版 Hack Free Resources Generator

{UPDATE} F.L.O.W Hack Free Resources Generator

{UPDATE} Just 2 Words Plus Hack Free Resources Generator

SUN DeFi: anti-regulatory, anti-censorship, most secure DeFi financial products, peace of mind…


Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Opinionated Security

Opinionated Security

Tony Grey * CISO for an insurance company * grew team from 3 to 22 * led large software teams at Microsoft * blogs about cyber leadership & program development

More from Medium

Critical Security Areas That Software Engineers Have To Know To Secure Their Solutions

Why you should have the habit to sign all your git commits

Commit Signature

Reverse engineering musings: WhisperGate Stages 1 & 2

Why Log Management is Important, and ‘Logging Made Easy’