RICK JORDAN

CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers 1st Edition

by Todd Fitzgerald (Author)

4.8 out of 5 stars

98 ratings

#1 Best Selling Information Security Book by Taylor & Francis in 2019 and 2020

2020 Cybersecurity CANON Hall of Fame Winner

Todd Fitzgerald, co-author of the ground-breaking (ISC)2 CISO Leadership: Essential Principles for Success, Information Security Governance Simplified: From the Boardroom to the Keyboard, co-author for the E-C Council CISO Body of Knowledge, and contributor to many others including Official (ISC)2 Guide to the CISSP CBK, COBIT 5 for Information Security, and ISACA CSX Cybersecurity Fundamental Certification, is back with this new book incorporating practical experience in leading, building, and sustaining an information security/cybersecurity program.

CISO The COMPASS CISO includes practical, personal perspectives and experiences of over 75 award-winning CISOs and security leaders professional association leaders and cybersecurity standard-setting experts who have fought the difficult fight. Todd has in the very first instance, made an adaptation of his McKinsey SevenS Framework (strategy and structure and systems shared values, employees, skills and style) for organization effectiveness. the process of conducting cybersecurity. This framework is used to organize the contents to ensure complete and complete coverage of the CISO and security executives on important issues that affect the implementation of the cybersecurity strategy . It also helps provide board members of Directors the due diligence. These insights will aid the security manager to develop programs that are appreciated and backed by the business capable of gaining industry or peer-recognized recognition, improve the maturity of cybersecurity, increase confidence from senior management and avoid costly pitfalls.

The book is a complete book that provides soup-to-nuts information to enable security managers to effectively secure the information assets of their organizations and develop award-winning programs . It covers subjects like the development of a cybersecurity strategies, the latest technology and trends including cybersecurity organizational structures and reporting models, using current security incidents to build controls, frameworks for risk-management regulations and laws regarding privacy and data protection effective guidelines and procedures and multi-generational team dynamics, soft skills and communication to the Board of Directors as well as the executive management. The book is beneficial for future and current security professionals as a useful source and is an essential part of any college curriculum for informationand cybersecurity.

Chibargies

5.0 out of 5 stars

An indispensable and time-saving tool for any InfoSec Leader

Reviewed in the United States on February 2, 2021

Verified Purchase

Soon after making this purchase, I quickly recognized that this is far more than a book, rather an invaluable tool for any security leader’s toolbox. Thinking back to the endless Google searches merely to confirm a nugget here and there, or to find a better definition to articulate a point in a presentation; this book reminds me of Google for Security Leaders. Digging deeper, this resource not only serves as a time saving reference but manages to share an impressive wealth of insights which prove contextually relevant and thought provoking. For an industry that has no single right way and a multitude of wrong ways, this book definitely has the potential to save a lot of time while affording ample opportunity to gain new perspective. Definitely recommend.

One person found this helpful

Helpful

Report abuse

Robert J. Bender

5.0 out of 5 stars

CISO Compass - #FITCUSO Must Read CISO Books

Reviewed in the United States on May 26, 2021

Verified Purchase

Todd Fitzgerald is a significant presence in the world of Cybersecurity, aligning with the complexity of Governance, Risk, and Compliance of Information and Technology. His ability to present in person or book is rewarding and empowering for a field that is challenging at the enterprise level. Additionally, Todd's latest book, CISO Compass, delivers more valuable insight into building their professional collection of resources. I attend many ISACA conferences where Todd presents and trains IT Professionals on the areas of Cybersecurity. I was not disappointed in the valuable information Todd offers in what truly is his passion in life. Great job Todd and thanks for all your effort to make this subject easier for the rest of us.

One person found this helpful

Helpful

Report abuse

Pearl hundley

5.0 out of 5 stars

Valuable resource for all experience levels.

Reviewed in the United States on January 8, 2019

Verified Purchase

An excellent resource for the aspiring, first time, or even seasoned CISO. While we learn many things through the course of studies, work, and life experiences it’s not many of us that can keep it all fresh in our heads as we navigate our careers. Todd’s book, with great contributions from experienced CISO’s, reminds one of lessons learned as well as provides guidance and insight to upcoming challenges.

Thanks, Todd and to all the contributors for sharing your valuable insights.

Helpful

Report abuse

Suzan Nascimento

5.0 out of 5 stars

All-in-one comprehensive cybersecurity AND leadership manual

Reviewed in the United States on January 7, 2019

Verified Purchase

Restaurants either nail service, food or atmosphere - but rarely all 3. Books either nail applicability, innovation or style - but rarely all 3. This book nailed it for me on 3 levels. It's now sitting on my office bookshelf to be referenced regularly as my comprehensive cybersecurity AND leadership manual.

One person found this helpful

Helpful

Report abuse

Conal B Gallagher

5.0 out of 5 stars

Worth Every Penny

Reviewed in the United States on December 4, 2019

Verified Purchase

I rarely if ever write reviews but had to put pen to paper for Todd’s outstanding publication. I am currently working through the CISO Compass and find the material fascinating and very helpful. I have two decades in Information Security leadership roles and thought I had done and seen it all. Todd is providing me a new perspective and forcing me to rethink some of my previous assumptions. I especially like the short vignettes from some notable security practitioners. So many books seemed filled with potential but fall short on delivery. This is not one of them. I intend re-reading a second time to make sure I fully absorb all the goodness within. Wonderful stuff!

Helpful

Report abuse

Jason G.

5.0 out of 5 stars

Essential guide for Chief Information Security Officers

Reviewed in the United States on February 12, 2020

Verified Purchase

CISO COMPASS does an excellent job of breaking down the functions and responsibilities of a CISO by using the McKinsey 7S Framework. Todd Fitzgerald guides the reader through the framework and expertly maps each element to the CISO's world.

The book strikes the right balance of objective information (security frameworks, compliance laws, etc.) with pragmatic advice (how to explain technical security concepts to CEOs and boards of directors).

Whether you're looking to become a CISO, or have been a CISO for several years and want to become a better one, this is a fantastic book for you.

Helpful

Report abuse

Dena Kapetansky

5.0 out of 5 stars

Worth it now, worth it later

Reviewed in the United States on December 24, 2018

Verified Purchase

Some books make good teaching texts: laid out with a progression of concepts, building on each other and increasing in complexity. Those books typically make poor references, since the same topics are revisited thoughout.

Other books make good reference texts: grouped by concept, they make dry teaching material since you magically need the maturity gained by the end of the course in order to read each topic.

Todd has managed the rare book that is both easy to read (all 500 pages!) and also easy to pick up later and find stuff. And it is full of "stuff" that is worth finding!

I look forward to pulling it off my shelf for years: to learn, to refresh, to quote in my own talks and articles!

Helpful

Report abuse

Helen Patton

5.0 out of 5 stars

A Reference To Keep Handy - You Will Use It A Lot!

Reviewed in the United States on January 9, 2019

Verified Purchase

Todd has somehow managed to do the impossible - to take years of learning as a Senior Security Professional, and combine all the complicated intricacies of this profession into one handy reference.

The topics are both broad and deep. They cover everything from the history of the CISO role to the future of the profession. They touch on organizational management as well as technical acuity.

The materials here are high level enough that they won't become outdated, and they will stay relevant to senior security leaders for years to come. The references and additional readings allow the reader to go deeper where needed, and the comments by other CISOs shows immediate applicability from the theory.

A master text...

2 people found this helpful

Helpful

Report abuse

Charles Wood

5.0 out of 5 stars

Wise and experienced advice

Reviewed in the United States on January 10, 2019

Verified Purchase

The author clearly has many years of leadership experience in the information security and privacy field, and it is great that he is offering both helpful perspectives and balanced viewpoints about a wide array of complex topics. Being a CISO is a very difficult job and the number of seasoned executives in this area who are willing to share their views is very limited. Fitzgerald has done an admirable job with this sharing. Fitzgerald references his own many relevant experiences, and also brings in a large number of "grey box" additions from many other experienced professionals in the field. This book is highly recommended as a desk reference and is well worth the price!

- Charles Cresson Wood, Esq., JD, MBA, MSE, CISM, CISSP, CISA, CGEIT

author of "Information Security Policies Made Easy"

One person found this helpful

Helpful

Report abuse

Dnace

5.0 out of 5 stars

Actual results... not just theories

Reviewed in the United States on January 16, 2019

Verified Purchase

This book is rare in leadership and security. It is frustrating that there are so many publications that talk about an approach, a methodology, or strategy however; fall flat in tested real world applicability applicability. Ciso compass combines the factual data, theoretical practices, and strategies with actual "battle tested" practices and stories of CISOs. I would recommend this book for any ciso, aspiring security leader or architect.