Last Week As A vCISO

Share this post

The Best Of Last Week As A vCISO

www.lastweekasavciso.com

The Best Of Last Week As A vCISO

It's been two years since I started this... so let's look back at some highlights!

Ayman Elsawah
Jan 1
1
Share this post

The Best Of Last Week As A vCISO

www.lastweekasavciso.com

Happy Holidays and Happy New Year Everyone!🎆 I hope you’re 2022 was good filled with personal growth and hope your 2023 bring you more of what’s good for you. Personally, 2022 was more challenging than anticipated, but nonetheless I was able to find tons of joy and blessing in it. In the end, I learned a lot.

So it’s been two years since I started this publication. I’d like to highlight some of the articles that resonated with readers out there as well as some of my favorites.

30, 60, 90 Day Plan For Infosec

This article resonated well with CEOs. As with any position, especially leadership roles, we want to know what is going to happen. It’s even more obscure sometimes in Information Security though. So any clarity we can provide is helpful all around.

Last Week As A vCISO
30, 60, 90 Day Plan For New Security Leaders
When hiring anyone, it’s always great to understand what they should be working in their first 90 days of employment. You as a hiring manager likely have an understanding already of what needs to be done, otherwise, you wouldn’t be hiring 😄, but probably from just a high level and only some of the burning/immediate issues…
Read more
a year ago · Ayman Elsawah

Share

A Story Of 3 CISO’s

This story tries to illustrate the personality side of Security Leadership.

Last Week As A vCISO
3 CISO's Walk Into A Startup...
I was watching a video on beekeeping and how three different groups of beekeepers came to 3 different conclusions on the same beehive. The answers were very surprising and touched on emotional intelligence in a way I had never considered in beekeeping…
Read more
a year ago · 2 likes · Ayman Elsawah

Share

I Read Things…

This was by far the most popular post that it organically made it to the front page of Hacker News! In fact I had no idea the post was on there until a client pinged me via slack and made me aware of it! 😮

Last Week As A vCISO
I Read The Entire Cybersecurity Executive Order... Here's What You Need To Know
As you probably know, the US experienced a cyber-attack against its critical infrastructure. In response to the attack, President Biden signed an executive order to improve our cybersecurity posture. I read the entire document, here is what you need to know…
Read more
2 years ago · 3 likes · 2 comments · Ayman Elsawah

Share

Defining A vCISO

This article came out of the sheer obscurity out there regarding the vCISO role. For that reason, I try to say Fractional CISO to folks when introducing the term. As the industry is becoming more familiar with fractional executive roles, it’s been a long time coming.

I started using the term in 2015 and frankly people had no idea what it meant.

Last Week As A vCISO
What IS A vCISO???
I came up with the term on my own in 2015, no one had heard of it at the time and it was a hard sell. Fast forward now to 2022 and vCISO’s are EVERYWHERE! Even in the last 6 months, there has been a 50% increase in vCISO titles on LinkedIN. So what is a vCISO…
Read more
10 months ago · 1 like · Ayman Elsawah

Share

Speaking The Uncomfortable Truth

This article attempts to be a little sobering and communicate that information security also includes ethics. 🤔

Last Week As A vCISO
Speaking The Uncomfortable Truth
As a cybersecurity leader there WILL be times when you will have to speak the uncomfortable truth. Sometimes it may cost you your job or a client. I was told a long time ago to go by “Do The Right Thing”. It’s a difficult position to be in. Once upon a time ago there was a…
Read more
2 years ago · Ayman Elsawah

Share

How To Articles

With my personal mission of making cybersecurity expertise accessible and this blog, I try to publish practical guides from the trenches. Although my clients get access to a slew on non-public ones, here are few I think everyone should be aware of:

Share

Data Classification 101

Last Week As A vCISO
Data Classification 101
Data sensitivity is a relative thing. Where should I put sensitive data? Who can access it? Let's go over how to put a Data Classification Policy & Standard together. Most people don’t read security policies out there… but if there is one policy out there that is helpful for such a wide array of folks…. The Data Classification and Handling Policy…
Read more
a year ago · Ayman Elsawah

Enterprise Logging

Last Week As A vCISO
Enterprise Logging Guide
Watch now (16 min) | I put together a video walkthrough of how to setup you logging. The guide is geared for fast growing B2B SaaS companies with 500-1000 employees. The reasons I’m so specific are in the video. This video is for email subscribers only and not posted on the Last Week As A vCISO website. Feel free to forward this video though to anyone you like…
Read more
6 months ago · Ayman Elsawah

Create A Risk Register

Last Week As A vCISO
Step 0: Create A Risk Register
In this issue: Why A Risk Register Putting A Risk Register Together Quantifiable or Quantitative? Quantifiable Examples Quantitative Examples Mistakes To Avoid When Using A Risk Register Under or Over Estimating the risk Coming up with a solution for risks without the involved parties…
Read more
5 months ago

Ok, that’s a wrap for today. Next week I’ll putting together some predictions for Information Security in 2023.

If you like this blog, please share with friends and enemies. Everyone needs to be secure at the end of the day, as we’ll all be better off. 😁

Share

Share this post

The Best Of Last Week As A vCISO

www.lastweekasavciso.com
Previous
Next
Comments
TopNewCommunity

No posts

Ready for more?

© 2023 Ayman Elsawah
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing