Pragmatic CISO (eBook)

'The Pragmatic CISO' provides practical, actionable advice, making it easy for even non-technical readers to understand and implement effective cybersecurity measures. Many CEOs, CFOs, and COOs rely on their CISOs for purchasing decisions, yet they may lack the knowledge to challenge or refine those strategies. Take control of your company's cybersecurity posture by implementing foundational controls today.

Frank Vese, a technology executive, has over 30 years of experience in various fields, including finance, insurance, maritime, and technology startups. In 1996, Frank joined Goldman Sachs as a technology data analyst, where he worked until he was approached by a senior manager asking if he was interested in joining a startup with 19 other colleagues. The startup was called Storage Networks and was based in Waltham, Massachusetts, and led to raising $243 million with the lead underwriter, Goldman Sachs, which was able to fuel its expansion as a provider of storage services for companies. In 2006, Frank rejoined Goldman Sachs as a vice president of technology infrastructure to implement a standardized global incident and change management program. After a successful implementation, which the federal regulator called 'best on the street,' Frank moved internally to technology risk. Frank streamlined and operationalized several strategic programs, including Cyber Incident Response, Vulnerability Management, Vendor Management, Data Loss Prevention, GDPR Response, and Insider Threat Investigation. Before retiring in 2022 and joining Allvue Systems, Frank was asked by Goldman Sachs to ensure they were cyber-ready for a ransomware attack. Additionally, Frank is a cybersecurity advisor to the US Coast Guard, captain of the New York/New Jersey Port, and holds a government clearance. Frank has presented cybersecurity and technology risk at several universities, including Harvard, the Massachusetts Institute of Technology, and Stevens Institute in New Jersey. He has also presented at a few closed-door sessions at the New York City Police Department Counterterrorism Bureau and the Federal Bureau of Investigation. Lastly, representing Allvue Systems, Frank sat on a Private Funds COO/CFO conference to discuss core cyber foundational controls.

---

In today's world of data protection, cybersecurity is essential. "e;The Pragmatic CISO"e; is a guide that offers a pragmatic approach for small to midsize business owners and managers, equipping them with the knowledge and tools needed to navigate the complex world of cybersecurity. Larger firms can also benefit from the information provided in this guide, as many struggle with excessive software shelf life and overlapping technologies in their portfolios. Inside this guide, you'll discover: Cybersecurity core essentials: Understand foundational control like multi-factor authentication, patching, and asset management Building a strong security foundation: Implement essential practices such as incident response planning, strong password policies, and employee training. Data protection strategies: Learn how to safeguard your valuable data through encryption, access controls, robust backup, recovery plans, and a comprehensive business impact analysis strategy. Creating an incident response plan: Prepare for the inevitable and minimize damage with a clearly defined plan for managing cyber incidents. Ransomware preparedness: Leverage the author's expertise to establish a ransomware response strategy tailored to your business. AI governance: Gain a practical approach to launching and enhancing your AI governance program. Building a culture of security: Empower employees to become your first line of defense through awareness training and security-conscious habits. Interview and collaboration tips. This book will provide you with the information and tools you need to take the chaotic world of cybersecurity head-on. Take control of your company's cybersecurity posture by implementing foundational controls today.