Resource Materials - Yass Partners

resources

you’ll find useful and can use (yay!)

Chief of Staff to CISO

CISO Programs

Coaching

CISO Operations Guide

Yass Publications

Yass Talks

Mindmaps

Chief of Staff to CISO

CISO Programs

Coaching

CISO Operations Guide

Yass Publications

Yass Talks

Mindmaps

booklet

Preview Download

Do You Need a Chief of Staff or Project Manager?

Running a department (well) is more than just knowing how to ‘do’ the work. Are you performing at your best? Which area needs the most attention?

infographic

Preview Download

The Personas of a Chief of Staff

Not all Chief of Staffs are the same and they probably shouldn't be managed the same either. Know yours and set clearer goals and expectations.

mindmap

Preview Download

Chief of Staff - Onboarding, and the Pitfalls of Onboarding

Great! You're hired as a Chief of Staff, now you need to plan for your onboarding and avoid a these common pitfalls.

booklet

Preview Download

Last Minute NCSAM Guide for CISOs 2024

You're behind on planning, but you're not too far behind to plan. Here's all you need to do for NCSAM.

booklet

Preview Download

What is a BISO?

Essentially, it is the person responsible for defining and (or) messaging the security program for a business area (or department). And it's also the program.

infographic

Preview Download

Common Business Information Risk Artifacts

These artifacts determine the common business information risks that the business faces.

booklet

Preview Download

Assessing BISO Performance

Determine if your Business Information Risk Program needs a fix, or if it needs refining and improving.

booklet

Preview Download

Maturing & Expanding the CISO’s Communications Program

Look, we said it was about a CISO calendar, and that’s true. It’s also just the starting point for a CISO communications program and plan.

booklet

Preview Download

General Principles to Consider for CISO Communications

There’s more than just the Calendar & Plan…
We need templates and principles for the ‘ad-hoc’

booklet

Preview Download

Building Your Crown Jewels Program

Most companies have many of the same “crown jewels” in common… but how do YOU define it when you’re talking about it?

booklet

Preview Download

Board Updates - Quarterly vs Annual

CISOs, the expectation for your "annual" briefing to the board is different from their expectation of your "quarterly" update. We explain each.

booklet

Preview Download

Common Scenarios to Teach Up

As an executive, you'll be expected to 'teach up' to other executives. There are 6 common scenarios that the CISO should be prepared to teach up.

booklet

Preview Download

Things That Need to be Taught

Security is complicated. And yet we need to start at the beginning and get to the top quickly when explaining it to executives. Prepare these 10 domains with analogies and simple descriptions now.

booklet

Preview Download

Reflection Guide for CISOs Considering Their "Next" Step

Woah, you’ve been the CISO for 3 years at your firm, now what?

booklet

Preview Download

The Secret Truths about the CISO Interview

As a CISO candidate, YOU are expected to 'drive' more of the interview process than you are doing currently.

booklet

Preview Download

The 6 priorities for CISOs entering a new company 

You’re onboarding. And you want a framework to onboard successfully.

booklet

Preview Download

CISO Personal Brand –Review and Consider

Your brand can unlock doors and it’s how you’re known (your reputation). Share more intentionally.

booklet

Preview Download

Frame Conversations to Enable Progress

The way you frame a message impacts how that message is received.

booklet

Preview Download

Yass CISO Board Member Profiles

If you could anticipate their persona, would you connect better?

booklet

Preview Download

Behaviors of a Department Head

As a department head, the CISO should be prepared to be evaluated differently. This is the playbook you need. Uncover the behaviors and competencies to accel.

booklet

Preview Download

Corporate Schedule for the Department Leader

“Schedule” means different things in different industries. In this case, "schedule" means "framework."
Dig into these 4 domains.

booklet

Preview Download

Priorities & Needs in a CISO Org

Understanding the company context really matters when thinking about the CISO organization – whether you’re just arriving or just coming up to revise..

booklet

Preview Download

Staffing Considerations in a CISO Org

How many people depends on where you’re starting…
Success in organizational alignment depends more on the rate of growth than on the size.

booklet

Preview Download

CISO, when you leave, do it the right way.

The moment your departure is announced will also signal a shift in your influence.

published work

Preview Download

The “Office of the CISO”: A Framework for Chief Information Security Officers

The Office of the CISO framework outlines and integrates three key elements required to
operate at an ‘executive’ level, in the context of the CISO role. Chief Information Security
Officers (CISOs) are more impactful, and their programs are more effective, when they
deliver at a higher caliber of ‘executive.’

Booklet

Preview Download

Deciphering Company Culture for CISOs

The 4 domains of corporate culture that CISOs should use to prioritize security programs and better understand how to perform their role.

Case Study

Preview Download

First Time CISO

Case Study

Preview Download

Experienced CISO, New Org

booklet

Preview Download

Art into Science - a Conference on Defense in October 2023

This talk presents the notion that securing maturity necessarily means adjusting the security program (shrinking it).
We discuss what maturity looks like, and the blockers standing in the way.

Mindmap

Preview Download

2024 CISO Roadmap

A roadmap starts with a compelling message of business direction and then builds out prioritized details for execution. This example is a 2024 starting point.

Chief of Staff to CISO

booklet

Do You Need a Chief of Staff or Project Manager?

Running a department (well) is more than just knowing how to ‘do’ the work. Are you performing at your best? Which area needs the most attention?

Preview Download

infographic

The Personas of a Chief of Staff

Not all Chief of Staffs are the same and they probably shouldn't be managed the same either. Know yours and set clearer goals and expectations.

Preview Download

mindmap

Chief of Staff - Onboarding, and the Pitfalls of Onboarding

Great! You're hired as a Chief of Staff, now you need to plan for your onboarding and avoid a these common pitfalls.

Preview Download

CISO Programs

booklet

Last Minute NCSAM Guide for CISOs 2024

You're behind on planning, but you're not too far behind to plan. Here's all you need to do for NCSAM.

Preview Download

booklet

What is a BISO?

Essentially, it is the person responsible for defining and (or) messaging the security program for a business area (or department). And it's also the program.

Preview Download

infographic

Common Business Information Risk Artifacts

These artifacts determine the common business information risks that the business faces.

Preview Download

booklet

Assessing BISO Performance

Determine if your Business Information Risk Program needs a fix, or if it needs refining and improving.

Preview Download

booklet

Maturing & Expanding the CISO’s Communications Program

Look, we said it was about a CISO calendar, and that’s true. It’s also just the starting point for a CISO communications program and plan.

Preview Download

booklet

General Principles to Consider for CISO Communications

There’s more than just the Calendar & Plan…
We need templates and principles for the ‘ad-hoc’

Preview Download

booklet

Building Your Crown Jewels Program

Most companies have many of the same “crown jewels” in common… but how do YOU define it when you’re talking about it?

Preview Download

Coaching

booklet

Board Updates - Quarterly vs Annual

CISOs, the expectation for your "annual" briefing to the board is different from their expectation of your "quarterly" update. We explain each.

Preview Download

booklet

Common Scenarios to Teach Up

As an executive, you'll be expected to 'teach up' to other executives. There are 6 common scenarios that the CISO should be prepared to teach up.

Preview Download

booklet

Things That Need to be Taught

Security is complicated. And yet we need to start at the beginning and get to the top quickly when explaining it to executives. Prepare these 10 domains with analogies and simple descriptions now.

Preview Download

booklet

Reflection Guide for CISOs Considering Their "Next" Step

Woah, you’ve been the CISO for 3 years at your firm, now what?

Preview Download

booklet

The Secret Truths about the CISO Interview

As a CISO candidate, YOU are expected to 'drive' more of the interview process than you are doing currently.

Preview Download

booklet

The 6 priorities for CISOs entering a new company 

You’re onboarding. And you want a framework to onboard successfully.

Preview Download

booklet

CISO Personal Brand –Review and Consider

Your brand can unlock doors and it’s how you’re known (your reputation). Share more intentionally.

Preview Download

booklet

Frame Conversations to Enable Progress

The way you frame a message impacts how that message is received.

Preview Download

booklet

Yass CISO Board Member Profiles

If you could anticipate their persona, would you connect better?

Preview Download

CISO Operations Guide

booklet

Behaviors of a Department Head

As a department head, the CISO should be prepared to be evaluated differently. This is the playbook you need. Uncover the behaviors and competencies to accel.

Preview Download

booklet

Corporate Schedule for the Department Leader

“Schedule” means different things in different industries. In this case, "schedule" means "framework."
Dig into these 4 domains.

Preview Download

booklet

Priorities & Needs in a CISO Org

Understanding the company context really matters when thinking about the CISO organization – whether you’re just arriving or just coming up to revise..

Preview Download

booklet

Staffing Considerations in a CISO Org

How many people depends on where you’re starting…
Success in organizational alignment depends more on the rate of growth than on the size.

Preview Download

booklet

CISO, when you leave, do it the right way.

The moment your departure is announced will also signal a shift in your influence.

Preview Download

Yass Publications

published work

The “Office of the CISO”: A Framework for Chief Information Security Officers

Preview Download

Booklet

Deciphering Company Culture for CISOs

The 4 domains of corporate culture that CISOs should use to prioritize security programs and better understand how to perform their role.

Preview Download

Case Study

First Time CISO

Preview Download

Case Study

Experienced CISO, New Org

Preview Download

Yass Talks

booklet

Art into Science - a Conference on Defense in October 2023

This talk presents the notion that securing maturity necessarily means adjusting the security program (shrinking it).
We discuss what maturity looks like, and the blockers standing in the way.

Preview Download

Mindmaps

Mindmap

2024 CISO Roadmap

A roadmap starts with a compelling message of business direction and then builds out prioritized details for execution. This example is a 2024 starting point.

Preview Download

resources you’ll find useful and can use (yay!)

resources you’ll find useful and can use (yay!)

resources

you’ll find useful and can use (yay!)

resources

you’ll find useful and can use (yay!)