CISO Leadership: Essential Principles for Success

Caught in the crosshairs of Leadership and Information Technology, Information Security professionals are increasingly tapped to operate as business executives. This often puts them on a career path they did not expect, in a field not yet clearly defined. IT training does not usually include managerial skills such as leadership, team-building, communication, risk assessment, and corporate business savvy, needed by CISOs. Yet a lack in any of these areas can short circuit a career in information security.

CISO Leadership: Essential Principles for Success captures years of hard knocks, success stories, and yes, failures. This is not a how-to book or a collection of technical data. It does not cover products or technology or provide a recapitulation of the common body of knowledge. The book delineates information needed by security leaders and includes from-the-trenches advice on how to have a successful career in the field.

With a stellar panel of contributors including William H. Murray, Harry Demaio, James Christiansen, Randy Sanovic, Mike Corby, Howard Schmidt, and other thought leaders, the book brings together the collective experience of trail blazers. The authors have learned through experience--been there, done that, have the t-shirt--and yes, the scars. A glance through the contents demonstrates the breadth and depth of coverage, not only in topics included but also in expertise provided by the chapter authors. They are the pioneers, who, while initially making it up as they went along, now provide the next generation of information security professionals with a guide to success.

About the Editors

Todd Fitzgerald, CISSP, CISA, CISM, serves as a Medicare systems security officer for National Government Services, in Milwaukee, Wisconsin, which is the nation’s largest processor of Medicare claims and a subsidiary of WellPoint, Inc., the nation’s leading health insurer. Todd was named as a finalist for the 2005 Midwest Information Security Executive (ISE) of the Year Award, nominee for the national award, judge for the 2006 central region awards, and has served as the global moderator for several Executive Alliance Information Security Executive roundtables. Todd has authored chapters on information security for The 2007 Official (ISC)2 Guide to the CISSP Exam, The Information Security Handbook Series, The HIPAA Program Reference Book, Managing an Information Security and Privacy Awareness and Training Program, and several other security-related publications. Todd is also a member of the editorial board for (ISC)2 Journal and Darkreading.com security publications, and is frequently called upon to present at international, national, and local conferences. Todd serves on the board of directors for the nationally recognized HIPAA Collaborative of Wisconsin, and is an active leader, participant, and presenter in multiple industry associations such as the Information Systems Security Association (ISSA), the Information Systems Audit and Control Association (ISACA), Blue Cross Blue Shield Information Security Advisory Group, CMS/Gartner Security Best Practices Group, Workgroup for Electronic Data Interchange (WEDI), and others. Todd has 28 years of information technology experience, including 20 years of management. Prior to joining NGS, Todd held various broad-based senior information technology management positions for Fortune 500 organizations such as American Airlines, IMS Health, Zeneca (subsidiary of AstraZeneca Pharmaceuticals), Syngenta, as well as prior positions with Blue Cross Blue Shield of Wisconsin. Todd holds a B.S. in business administration from the University of Wisconsin– Lacrosse, serves as an advisor to the College of Business Administration, and holds an MBA with highest honors from Oklahoma State University.

Micki Krause, MBA, CISSP, has held positions in the information security profession for the past 20 years. She is currently the chief information security officer at Pacific Life Insurance Company in Newport Beach, California, where she is accountable for directing the information protection and security program for the enterprise. Pacific Life is the 15th largest life insurance company in the nation, and provides life and health insurance products, individual annuities, mutual funds, group employee benefits, and a variety of investment products and services. She was named one of the 25 most influential women in the field of information security by industry peers and Information Security magazine as part of their recognition of Women of Vision in the IT security field, and was awarded the Harold F. Tipton Award in recognition of sustained career excellence and outstanding contributions to the profession. Micki has held several leadership roles in industry-influential groups including the Information Systems Security Association (ISSA) and the International Information System Security Certification Consortium (ISC)2 and is a passionate advocate for professional security leadership. She is a reputed speaker, published author, and co-editor of the Information Security Management Handbook series.