CISO Round Table

Round-table of CISO (and future CISOs) to share ideas on what is going on at this level


CISO hands-on support for Security initiatives is a key factor of success


  • What are the top 5 priorities for CISOs
  • How to become one
  • What is the role of AppSec
  • What is the team structure and budgets
  • What is the best way to present security to the Board

Outcomes (after session)

  • Create document with answers
  • See under Working Materials


  • CISOs
  • future CISOs

Working materials

Synopsis and Takeaways

Target audience: Companies without a CISO


Every Company needs a CISO with Mandate and Resources

  • CISO should report: - 1st to The Board - 2nd to C-Suite and Sub-committees (so there are no conflicts of interest)
  • Centre of gravity skill set: Strong Business, Technical, Security skills and be transformation agent
  • Security is a business Function
  • Facilitates business acceptance of Risk

What they need:

  • Budget (that they control)
  • Mandate
  • Integrity of message
  • Central Team (with seniors SMEs)
  • Network of Security Champions
  • Be involved in cross-function committees and roadmaps

Top board requirements

  • Current programmes status
  • Meeting regulatory requirements
  • Major Business Risks and Incidents
  • Security asks

Top priorities for CISO

  • Situational Awareness
  • Match risk appetite
  • Actionable Metrics and dashboards

Who was here

  • CISO
  • AppSec/SDL Engineer
  • Recuiter
  • CTO
  • CISO Advisor

Back to list of all Working Sessions and Tracks

Edit this page here