Recommended Key Initiative Plan
These 9 initiatives have been found to elicit the most significant measurable impact for professionals in this role.
- 1. Diagnose Security Issues
- 2. Build an Information Security Strategy
- 3. Optimize Security Mitigation Effectiveness
- 4. Consolidate Security Risk Management Solutions
- 5. Develop a Security Incident Management Program
- 6. Build a Security Awareness and Training Program
- 7. Develop and Deploy Security Policies
- 8. Select and Implement a Governance, Risk, and Compliance Solution
- 9. Build a Risk-Based Security Budget
Security Risk, Strategy & Governance
Featured Blueprints

October 20, 2021
This blueprint will help you to operationalize your privacy program by guiding you through processes related to determining your current state, dra...

August 10, 2021
Info-Tech has developed an approach to prioritizing the threat areas that are most pressing to your enterprise. Using the MITRE ATT&CK framework, i...

May 27, 2021
A strong security program and privacy framework are fundamental to successful organizations and require a proactive approach that embeds principles...

May 10, 2021
Your security budget is being slashed and you need to find creative ways of securing the environment. You are familiar with Microsoft, but it’s nev...

March 12, 2021
Info-Tech has developed an approach to cloud security that is built on the strong foundations of our security strategy model that has been successf...

January 27, 2021
In a world dominated by rapid digital development, every risk is a digital risk. As a result, risk no longer exists in isolation in the IT or audit...

December 16, 2020
Mastering a cost-effective approach to cybersecurity and data protection compliance can provide organizations with a clear strategic advantage. Tak...

November 06, 2020
What’s the key to a data security plan that keeps breaches at bay? A multi-layered approach that covers all the bases and data sources. Comprehensi...
Resources
Security Technology & Operations
Featured Blueprints

December 03, 2021
Security leaders view modernizing identity security as too daunting and prefer to focus on narrower technology challenges. This limited focus is re...

April 16, 2021
Vulnerabilities will always exist. Addressing these will consume your department’s time and resources, and your efforts will quickly become stale a...

March 12, 2021
Info-Tech has developed an approach to cloud security that is built on the strong foundations of our security strategy model that has been successf...

March 09, 2021
Ransomware has the attention of every executive team. The challenge is translating that attention into specific actions to improve your organizatio...

November 05, 2020
Weak identity and access management (IAM) practices result in considerable risk to the organization because IAM plays a role in most things in IT. ...

October 06, 2020
Info-Tech has developed an approach to cloud security that is built on the strong foundations of our security strategy model that has been successf...

September 18, 2020
Many security leaders put off adding metrics to their program because they don't know where to start or how to assess what is worth measuring.

August 10, 2020
Businesses prioritize speed to market over secure coding and testing practices in the development lifecycle. As a result, vulnerabilities exist nat...