SABSA TRAINING CONSULTING
Skip to content

Transforming CISO Success

  • Duration

    2 Days

  • Delivery Mode

    In-person & Virtual

Overview

The challenges are too profuse to list.  The Business is complex, ever evolving, and full of inter-connected risks and dependencies.  Yet it demands value, and it expects solutions.  There are always too many high priorities and always too much to do but rarely enough support, understanding, money, time, or resources to do it with.  And just when you think you are getting somewhere, everything changes.

In this innovative and ground-breaking two-day seminar, world-leading security strategist and architect, and author of the SABSA methodology, David Lynas, will introduce hugely valuable methods and techniques to transform CISO success in building, leading and sustaining an Enterprise Security program, and take an existing program to the next level.

Course
Outline

The Security Framework

  • Establish a Business-driven focus to ensure Security is always delivered in the context of the Business mission and objectives
  • Define a repeatable approach to understand requirements and make meaningful decisions within the complexity of the modern Enterprise
  • Inform the way the Security team approaches their work and frame the questions they ask
  • Create a common structure, a common language, common principles, and a common means by which diverse specialists can collaborate, interact, and make decisions
  • Integrate and align in a security context, the diverse Enterprise methods, frameworks, and standards, whatever they are, whatever they become
  • Balance the need to protect what matters while embracing innovation in a coherent, holistic, systemic way
  • Deploy techniques to resolve complexity and deliver clarity of risk ownership, governance, and policy

Requirements

  • Define and articulate what Security means and what it must achieve in your unique Enterprise context
  • Create a stakeholder engagement and communications technique to cross the chasm between Business and Security
  • Apply a method to model Business Requirements as normalised, measurable, demonstrable, re-usable, reportable requirements for Security
  • Demonstrate the ability to understand what matters most, articulate it, and validate it with stakeholders at all levels in the most instinctive way possible

Value

  • Overcome the legacy of Security as a constraint to progress, innovation, and change
  • Transform perceptions into those of a pro-active, beneficial, and Business-enabling function
  • Answer the important “So what?” questions
  • Understand what stakeholder success looks like and how to support it
  • Demonstrably contribute to Business and client success
  • Provide traceability that requirements are met
  • Ensure transparency of solutions value
  • Develop the capability to identify and assess real value from supplier snake oil, magic silver bullets, and claims that one-size-fits-all
  • Deliver in-context measures, metrics, and reporting

Risk

  • Architect Security Risk in the context of Business Risk
  • Achieve an appropriate balance between realising opportunities for gain while minimising loss
  • Apply an architecturally structured and comprehensive approach
  • Integrate and align risk silos to holistically embed risk management into all levels and perspectives of Enterprise
  • Traceably align risk management activities to Enterprise context
  • Customise ‘risk thinking’ to be instinctive to the Enterprise culture
  • Provide a method to include and engage Stakeholders at all levels in meaningful terms 
  • Deliver clarity and certainty of risk ownership
  • Empower risk owners to make objective and proportionate risk decisions in-context
  • Cater for the systemic, interconnected, interdependent nature of risk complexity
  • Create an ability to clearly define risk appetite
  • Distribute Business risk appetite downwards to specialist technical areas, and report risk performance upwards to Business

Governance

  • Define clear dominions of authority
  • Understand and communicate the dependencies and inter-dependencies of authorities both internally and externally in a complex interacting Enterprise
  • Resolve the competing and conflicted interests of authorities
  • Allocate and enact clear Accountability
  • Allocate and enact clear Responsibilities
  • Define the necessary channels and types of communication required between Accountable and Responsible parties
  • Understand trust requirements and enable trusted relationships

Policy

  • Transform a rules-based enforcement culture with policy that is advocated and embraced
  • Ensure policy is Business-driven and clearly embeds and supports stakeholder objectives
  • Overcome constraints to policy success
  • Create a simplified structure that is easy to maintain and adaptable to change
  • Provide an integrated and holistic Architectural policy structure that embeds control and enablement objectives for what really matters, with dominions of authority for what matters, and clearly defined authority, roles, and responsibilities

Making it Happen

  • Resolve the strategist’s eternal dilemma – how to turn strategy into reality
  • Provide a method to translate ever-changing complex requirements into a definitive Security Strategy 
  • Specify the Security Roadmap to deliver the Strategy through prioritised actionable transformations, programs, and solutions
  • Ensure that the roadmap encompasses requirements for strategic transformation, remediation of current-state issues, and has the capability to adapt to changing circumstances and priorities
  • Create a problem-solving framework for dealing with tomorrow’s problems

What's Included

In-Person

  • 2-day in-person classroom training
  • Hard-copy training & workshop materials
  • Attendance Certificate
  • Lunch & refreshments

Virtual

  • 2-day virtual classroom training
  • Soft-copy training & workshop materials
  • Attendance Certificate

Transforming CISO Success Dates

march

24mar(mar 24)9:00 am25(mar 25)5:00 pmTransforming CISO SuccessMelbourne

april

15apr(apr 15)9:00 am16(apr 16)5:00 pmTransforming CISO SuccessLondon

june

02jun(jun 2)9:00 am03(jun 3)5:00 pmTransforming CISO SuccessAmsterdam

05jun(jun 5)9:00 am06(jun 6)5:00 pmTransforming CISO SuccessLondon

See full schedule


Course Enquiry

LEARN SABSA
from the
source.

Knowledge transfer from a team of SABSA® authors & contributors, with multiple SABSA® Practitioner or Masters Certifications.

Meet the Team

Insights &
Resources

Australian Cyber Conference, 26-28 November 2024

Find us on Stand 10 at the Australian Cyber Conference 2024, 26-28 November at Melbourne Convention & Exhibition Centre.


W100 – The SABSA White Paper

An executive summary of the SABSA Method, it’s tools, techniques and concepts. White Paper from The SABSA Institute.

Learn more - W100 – The SABSA White Paper

More Resources

EUREuro
X
X