you are the CISO for a publicly traded company. What protections would you implement to ensure availability of your systems (and why)?
As the Chief Information Security Officer (CISO) of a publicly traded company, certain protections and departments would be under constant improvement to guarantee our company’s safety. I would create separate designated departments to run certain aspects of the company’s security. One department would strictly be devoted to policies. This department would ensure we are keeping up with any new technology policies and also make sure that all employees are following these policies. This department would send out constant phishing emails to employees. These would be great resources to see which employees are more likely to fall for the bait. In this department, I would create a separate branch that specializes in sanctions for employees who fail to abide by policies. They would place employees who have received sanctions through education courses. These courses will help improve the employee’s ability to follow policies as well as avoid falling for scams. Thus improving the company’s safety. The third department would be dedicated to looking up privacy techniques we can use to ensure employees’ safety. We would use something like a multi-factor authentication app like Duolingo. Implementing this requires employees to confirm off another device that they are accessing the account. Due to the company being publicly traded as the CISO, employees’ and customers’ security must be heavily guarded. This would be done through the use of multiple checks and balances. For a customer’s account to be adjusted or changed. The departments would have 3 different balances that must be approved for It to occur. Through the use of departments that review and create new policies, sanctions and educate employees on relevant safety measures, and a system of checks and balances that not only ensures employees’ safety but also consumer information safety. I would be able to complete the role of CISO efficiently.