resources

you’ll find useful and can use (yay!)

resources

you’ll find useful and can use (yay!)

booklet
booklet
Do You Need a Chief of Staff or Project Manager?
Running a department (well) is more than just knowing how to ‘do’ the work. Are you performing at your best? Which area needs the most attention?
infographic
infographic
The Personas of a Chief of Staff
Not all Chief of Staffs are the same and they probably shouldn't be managed the same either. Know yours and set clearer goals and expectations.
mindmap
mindmap
Chief of Staff - Onboarding, and the Pitfalls of Onboarding
Great! You're hired as a Chief of Staff, now you need to plan for your onboarding and avoid a these common pitfalls.
booklet
booklet
Last Minute NCSAM Guide for CISOs 2024
You're behind on planning, but you're not too far behind to plan. Here's all you need to do for NCSAM.
booklet
booklet
What is a BISO?
Essentially, it is the person responsible for defining and (or) messaging the security program for a business area (or department). And it's also the program.
infographic
infographic
Common Business Information Risk Artifacts
These artifacts determine the common business information risks that the business faces.
booklet
booklet
Assessing BISO Performance
Determine if your Business Information Risk Program needs a fix, or if it needs refining and improving.
booklet
booklet
Maturing & Expanding the CISO’s Communications Program
Look, we said it was about a CISO calendar, and that’s true. It’s also just the starting point for a CISO communications program and plan.
booklet
booklet
General Principles to Consider for CISO Communications
There’s more than just the Calendar & Plan…
We need templates and principles for the ‘ad-hoc’
booklet
booklet
Building Your Crown Jewels Program
Most companies have many of the same “crown jewels” in common…​ but how do YOU define it when you’re talking about it?​
Guide
Guide
Navigating Your Job Search
Actively looking for your next job is a deeply personal process. Some people benefit from the nudge and support of trusted friends. This guided flow will help.
booklet
booklet
Board Updates - Quarterly vs Annual
CISOs, the expectation for your "annual" briefing to the board is different from their expectation of your "quarterly" update. We explain each.
booklet
booklet
Common Scenarios to Teach Up
As an executive, you'll be expected to 'teach up' to other executives. There are 6 common scenarios that the CISO should be prepared to teach up.
booklet
booklet
Things That Need to be Taught
Security is complicated. And yet we need to start at the beginning and get to the top quickly when explaining it to executives. Prepare these 10 domains with analogies and simple descriptions now.
booklet
booklet
Reflection Guide for CISOs Considering Their "Next" Step
Woah, you’ve been the CISO for 3 years at your firm, now what?
booklet
booklet
The Secret Truths about the CISO Interview
As a CISO candidate, YOU are expected to 'drive' more of the interview process than you are doing currently.
booklet
booklet
The 6 priorities for CISOs entering a new company 
You’re onboarding. And you want a framework to onboard successfully.​
booklet
booklet
CISO Personal Brand –Review and Consider
Your brand can unlock doors and it’s how you’re known (your reputation). Share more intentionally.
booklet
booklet
Frame Conversations to Enable Progress
The way you frame a message impacts how that message is received.
booklet
booklet
Yass CISO Board Member Profiles
If you could anticipate their persona, would you connect better?
booklet
booklet
Behaviors of a Department Head
As a department head, the CISO should be prepared to be evaluated differently. This is the playbook you need. Uncover the behaviors and competencies to accel.
booklet
booklet
Corporate Schedule for the Department Leader
“Schedule” means different things in different industries. In this case, "schedule" means "framework."
Dig into these 4 domains.
booklet
booklet
Priorities & Needs in a CISO Org
Understanding the company context really matters when thinking about the CISO organization – whether you’re just arriving or just coming up to revise..
booklet
booklet
Staffing Considerations in a CISO Org
How many people depends on where you’re starting… ​
Success in organizational alignment depends more on the rate of growth than ​on the size. ​
booklet
booklet
CISO, when you leave, do it the right way.
The moment your departure is announced will also signal a shift in your influence.
published work
published work
The “Office of the CISO”: A Framework for Chief Information Security Officers
The Office of the CISO framework outlines and integrates three key elements required to
operate at an ‘executive’ level, in the context of the CISO role. Chief Information Security
Officers (CISOs) are more impactful, and their programs are more effective, when they
deliver at a higher caliber of ‘executive.’
Booklet
Booklet
Deciphering Company Culture for CISOs
The 4 domains of corporate culture that CISOs should use to prioritize security programs and better understand how to perform their role.
Case Study
Case Study
First Time CISO
Case Study
Case Study
Experienced CISO, New Org
booklet
booklet
Art into Science - a Conference on Defense in October 2023
This talk presents the notion that securing maturity necessarily means adjusting the security program (shrinking it).
We discuss what maturity looks like, and the blockers standing in the way.
Mindmap
Mindmap
2024 CISO Roadmap
A roadmap starts with a compelling message of business direction and then builds out prioritized details for execution. This example is a 2024 starting point.
Chief of Staff to CISO
booklet
booklet
Do You Need a Chief of Staff or Project Manager?
Running a department (well) is more than just knowing how to ‘do’ the work. Are you performing at your best? Which area needs the most attention?
CISO Programs
booklet
booklet
Last Minute NCSAM Guide for CISOs 2024
You're behind on planning, but you're not too far behind to plan. Here's all you need to do for NCSAM.
Coaching
Guide
Guide
Navigating Your Job Search
Actively looking for your next job is a deeply personal process. Some people benefit from the nudge and support of trusted friends. This guided flow will help.
CISO Operations Guide
booklet
booklet
Behaviors of a Department Head
As a department head, the CISO should be prepared to be evaluated differently. This is the playbook you need. Uncover the behaviors and competencies to accel.
Yass Publications
published work
published work
The “Office of the CISO”: A Framework for Chief Information Security Officers
The Office of the CISO framework outlines and integrates three key elements required to
operate at an ‘executive’ level, in the context of the CISO role. Chief Information Security
Officers (CISOs) are more impactful, and their programs are more effective, when they
deliver at a higher caliber of ‘executive.’
Yass Talks
booklet
booklet
Art into Science - a Conference on Defense in October 2023
This talk presents the notion that securing maturity necessarily means adjusting the security program (shrinking it).
We discuss what maturity looks like, and the blockers standing in the way.
Mindmaps
Mindmap
Mindmap
2024 CISO Roadmap
A roadmap starts with a compelling message of business direction and then builds out prioritized details for execution. This example is a 2024 starting point.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

Unable to display PDF file. Download instead.

This site uses cookies and may process personal data based on our Privacy Policy
Verified by MonsterInsights