As such, your first 100 days in a new organization are key to your success. They will lay the groundwork for your long-term achievements. To aid you in this critical phase, we introduce a comprehensive guide: a five-step, 100-day action plan, “Your First 100 Days as a vCISO – 5 Steps to Success”.
The playbook covers:
- vCISO goals
- Pitfalls to avoid
- 5 phases: Research, Understand, Prioritize, Execute, Report
- Key activities for each phase
Some example activities include:
- Research (Days 0-30): Meeting stakeholders and management, meeting the IT/security team, reviewing past security incidents and responses
- Understand (Days 0-45): Conducting a security risk assessment, showing the current security posture and gaps to the management, identifying short-term and long-term needs
- Prioritize (Days 15-60): Defining short, mid and long-term goals, creating a remediation/work plan based on those goals, planning budgets and resources
- Execute (Days 30-80): Communicating the plan to all stakeholders, implementing automated systems that can deliver low hanging fruit, setting a cadence for external scanning and reporting
- Report (Days 45-100): Measuring success, communicating progress at least once a month, integrating reporting into your overall plan
Source: https://thehackernews.com/
