When I or my team members meet with CISOs, sometimes we need a simple set of questions to assess how they’re doing in security. I worked with a bunch of our experts here to get to a core group, and thought I’d share.
Ones that get the CISO really to think: am I secure? We organized these along the dimensions of People, Data, Applications, and Infrastructure. Why? Cause if you think about People, the Data they Access, the Applications they use and the Gear they’re on (Infrastructure) then you have a decently holistic view of their security posture.