This month’s them is professional development. Just as personal development is a journey, so too is a person’s career part of the development process. In an aptly titled book The CISO Journey: Life Lessons and Concepts to Accelerate Your Professional Development (Auerbach Publications 978-1138197398), author Gene Fredriksen takes the reader on an information security journey.
Fredriksen spent decades as a CISO, and brings his life lessons to the book. The book is made for a person who is on the CISO track, or even a newly minded CISO, looking for guidance along their new journey.
Fredriksen details a number of interesting scenarios, all based on his real-world experience. He then details what happened, including the successes, challenges and occasional failure along the way. He takes a more management focused approach, rather than getting into the heavy technical details. The 10 chapters in the book correspond to what he calls the 10 rules of information security.
A book like this is important in that it is the CISO who often sets an organization’s security processes and technologies on an effective course. By drawing on Fredriksen’s years of experience and research; the reader is better able to define and prioritize the strategic and tactical steps they need to execute on to ensure their journey as a CISO is a smooth.
An important point the book reiterates is that the role of a CISO is not that of a technologist. Rather the CISO is an effective manager, leader and communicator. He observed that technology is an important aspect of information security. But being a good CISO means a lot more than just technical expertise.
The book does a good job of showing to develop and managing an effective enterprise security program. This is not a trivial thing, and that precisely the journey the book helps the reader with.
For those looking to start their path down the road to being a CISO now or in the future, The CISO Journey is a good guide to help you along the way.