• Online, Self-Paced
Course Description
In Ed Amoroso's 'Ask Me Anything' session, he answers Cybrarians' questions on management, entrepreneurship, governmental involvement in security and switching companies.

Learning Objectives

Key Takeaways 1. As a CISO, is it good to work for one company, or move frequently between companies? Consider depth vs breadth and evaluate having expert knowledge vs competitive compensation. 2. When a CISO is starting out, what should be focused on during their first year with a company? Pick something and focus on it until it's better than it was, and move to the next. 3. Are there useful risk metrics for leadership teams? The 5 C-Model (Complexity, Consequence, Conflict, Communication, Controls) 4. What tools are helpful to demonstrate alignment between business and infosec? 5. How do you balance between management skills and hands-on tech skills? There's always one that will be stronger for each person. 6. What advice could you give someone wanting to create a cybersecurity startup? The "Why" should always come first. 7. What are the pros/cons of a cybersecurity maturity model approach to communicating and managing cybersecurity risk? 8. How to approach difficult problems from a security executive's point of view. 9. Is specialization an asset? Dive into specialization vs generalization and determine what is most valuable to you. 10. Should breach notifications be mandated at the state or federal level, or both?

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cybersecurity Management
  • Program/Project Management and Acquisition
  • Executive Cyber Leadership

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.