Cyber Lacuna

Random gaps of memory about information security and some things cyber.

Wednesday, January 1, 2025

Tuesday Cyber Lacuna Slide (Governance) - A day late.

Cyber Lacuna Slide: Why would governance not be a foundational part of information security awareness, culture, strategy, and planning? List: Aligning with business goals; Complying with regulations; Managing Risk; Maintaining business continuity; Building trust. Would you know information security. Would you?

Posted by David Stucky at 11:33 AM No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Tuesday, November 26, 2024

Tuesday Cyber Lacuna Slide (Shadow Leadership)

Cyber Lacuna Slide: Be wary of a culture that lets you lead from where you are. And is not able to acknowledge or see you lead from where you are at. Shadow leadership is enabled by the needs on which culture’s light is unable to shine. Scratch shadow leadership, I mean shadow IT. Shadow leadership is not shown to exist.

Posted by David Stucky at 11:50 AM No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Tuesday, November 19, 2024

Tuesday Cyber Lacuna Slide (Credit Card Fraud)

Posted by David Stucky at 1:18 PM No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Tuesday, October 15, 2024

Tuesday Cyber Lacuna Slide (Sponsoring The CISO)

Cyber Lacuna Slide: Sponsoring the CISO - Before deciding what kind of CISO you need, know and understand how you are able and willing to sponsor your CISO within the business. Whether IT or business focused, the CISO will consider your expressed willingness to sponsor the role.

Posted by David Stucky at 4:44 PM No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Wednesday, September 25, 2024

Tuesday Cyber Lacuna Slide (Make Breakfast) – Even if a day late.

Cyber Lacuna Slide: If culture eats strategy for breakfast, then make breakfast. Almost anything fed to the culture without enabling the culture and advocating for a feeling of material belonging to the strategy will likely not be appetizing to the culture. Remind those in the culture they belong. If you can't invite everyone to the table at least leave them a key to the strategy where they sit. Let them know how their work has, is, and will impact the strategy.

Posted by David Stucky at 4:44 PM No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Tuesday, September 17, 2024

Tuesday Cyber Lacuna Slide (CISO Is Not a Checkbox Title)

Cyber Lacuna Slide: CISO is not a checkbox title. It is a position in the C-suite. The discussion is not where to place your CISO. The discussion is do you need a CISO. Many organizations need Director of Information Security, ISO, Head of Cybersecurity, etc. Not every organization needs a CISO in the C-suite.

Posted by David Stucky at 12:00 PM No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Tuesday, September 3, 2024

Tuesday Cyber Lacuna Slide (Office of CISO Org Chart) – These articles are part of my work on a series of "Cyber Security Strategic Business Partner" articles.

A Need for the Cyber Security Strategic Business Partner: https://cxotechmagazine.com/a-need-for-the-cyber-security-strategic-business-partner/

A ChatGPT response to the article, A Need for the Cyber Security Strategic Business Partner: https://www.linkedin.com/pulse/chatgpt-response-article-need-cyber-security-strategic-david-stucky/

A Business Information Security Analyst Job Profile Within the Information Security Job Family: https://www.linkedin.com/pulse/business-information-security-analyst-job-profile-within-david-stucky/

Positioning the Cyber Security Strategic Partner within the Office of CISO: https://www.linkedin.com/pulse/positioning-cyber-security-strategic-partner-within-office-stucky-w21re/

Cyber Lacuna Slide: What happens when you re-imagine the Office of CISO aligned with Higher Education Strategic Initiatives rather than only aligning with Information Technology. Sample Organization Chart 1 Office of CISO -Principle CISO Academia - Deputy CISO 1 Administration - Deputy CISO/BISO 2 Research - Deputy CISO 3 Information Technology - Principle CISO Sample Organization Chart 2 Office of CISO - Principle CISO Business - Deputy CISO/BISO Academia - Strategic Partner 1 Administration - Strategic Partner 2 Research - Strategic Partner 3 Information Technology - Principle CISO

Posted by David Stucky at 2:53 PM No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Older Posts Home

Subscribe to: Posts (Atom)

Blog Archive

▼ 2025 (1)
- ▼ January (1)
  - Tuesday Cyber Lacuna Slide (Governance) - A day late.

► 2024 (29)
- ► November (2)
- ► October (1)
- ► September (3)
- ► August (5)
- ► July (2)
- ► June (2)
- ► May (2)
- ► April (2)
- ► March (3)
- ► February (3)
- ► January (4)

► 2013 (4)
- ► July (1)
- ► June (3)

► 2012 (7)
- ► June (1)
- ► May (1)
- ► April (5)

I want to understand.

David Stucky: "The truly educated man is that rare individual who can separate reality from illusion." - Author Unknown

View my complete profile

InfoSec Thoughts

Copyright © 2012 David Stucky. Awesome Inc. theme. Powered by Blogger.