Hot Right Now: IT Pros Question Role of CISO and Safe Harbor Agreement

Jan 18, 2016
Share Button

DecemberWisegate NewsletterThe two hottest topics according to latest Wisegate newsletter? CISOs and data sharing. IT pros questioned specifics about the role of the CISO and discussed the current events and challenges surrounding the Safe Harbor agreement. Both topics were discussed and measured through Wisegate polls, which poll trending newsworthy topics within the community.

When members were discussing the role of the CISO, most agreed that responsibilities for the role were tightly defined and many knew what was expected of them. However one member shared that though his role was tightly defined, it was not evolving and maturing on a yearly basis.

The future for Safe Harbor, an international data-sharing act, and European’s personally identifiable information was discussed between many members throughout the month. Most agreed that businesses will start to store EU data on servers in Europe, while others debated that the US must rewrite its laws to make law enforcement/government access to European data possible through an acceptable court order. While we now know that the EU recently rejected the US agreement, the conversation is far from over.

Members also chatted about topics in the following areas to get the best resources and insights from peers who have relative experience:

  • Who should the CISO report to?
  • Is CISA going to be good or bad for security?
  • How soon after a breach should you disclose?
  • Which information security KPI’s or KRI’s have you successfully mapped to business enablement, operational efficiency, or other value delivery at your organization?
  • What tips/tricks do you use when giving a security keynote to blend the message to both executive and practicing security professionals?
  • How soon (if ever) do you expect to upgrade to, or install, Windows 10 on your company networks?
  • Are you a health organization that has already migrated to Office 365? If so, what HIPAA related concerns did you have and how did you mitigate them?
  • How are you handling PCI compliance for your voice network?
  • If you were asked to write a cyber security (or information security) performance management goal for your CIO and CEO, what are the key points you would include?  Examples might be results of key objectives or projects.
  • What are some best practices for Phishing attacks
  • Have you created a standard response document that can be included as part of your company’s response to an RFP?
  • Does anyone have a documented Windows10 security standard configuration or security recommendations they would like to share?

Wisegate’s Braintrust consists of the experiences and expertise of senior-level IT security professionals. Pressing, real-world problems and challenges drive the daily conversations between Wisegate’s members. No vendors, no ads and definitely no third party agendas. Once a month, Wisegate pulls data on the conversations members are having and shares the results in the monthly newsletter.

Be sure to check out the Wisegate December newsletter for more insights on what’s been trending throughout the community. Have a topic you’d like to discuss in more detail? Be sure to share your thoughts with us on TwitterLinkedInGoogle+, or email (

If you would like to receive our newsletters and toolkits, sign up here.