CISO: A Critical Role in Resilience of the Extended Enterprise



Understanding and managing risk in today’s environment requires a new paradigm in managing the interconnections and relationships of risk. Given the pervasive use of information and technology across the organization, today’s CISO needs to be a strategic leader in the organization’s operational risk and resiliency efforts to govern the extended enterprise of third-party relationships. This requires that this role have robust, accurate, and relevant risk intelligence to govern security in the extended enterprise. By doing so, the organization knows pivotal details and can quickly remediate risk issues to be agile and resilient. It also needs to capture changing business and risks for interpretation, analysis, and holistic awareness of security in the context of the extended enterprise. CISOs need to stay on top of their game by monitoring risk to the extended enterprise to stay competitive in today’s economy. Organizations must understand information security risks and make risk-informed business decisions to be both resilient and agile, which requires a resiliency operations center to provide situational awareness.

Have a question about Third Party GRC/Risk Management strategies or solutions for Third Party GRC/Risk Intelligence & Management available in the market?

Table of Contents

  • Information Security at the Center of Risk Chaos

    • Inevitable Failure: Managing Information Risk in a Silo

  • The CISO in Context of Risk & Resilience Brings Agility

    • Aligning IT Risk in the Context of Business

    • CISO as a Leader of Risk and Resiliency Management

    • Risk Intelligence Enables the CISO in Leading Risk & Resilience

    • Benefits the CISO Can Expect in Being a Leader in Risk & Resilience

  • GRC 20/20’s Final Perspective

    • Action Items the CISO Must Take to Lead Risk and Resilience

  • About GRC 20/20 Research, LLC

  • Research Methodology

©GRC 20/20 Research, LLC. All Rights Reserved.