Summary
There is no honeymoon when you are the new CISO. It is incredibly important to get the first 90-day plan of the CISO right. There will be pressure to be on top of everything. It is therefore easy to get overwhelmed with activity.
Taking the time to work through their 90-day plan will help a CISO have a stronger probability of success in the role. While there is a much stronger focus on Process and Technology compared to the CIO 90-day plan, the CISO will still need to spend a considerable amount of time on People aspects.
The CISO will need to understand both the IT strategy and the cyber strategy and roadmap. These are strongly intertwined with priority and resource interdependencies. Also, there is a strong need to dive deeper into understanding technology and cyber controls. They also need to start building business relationships and there will be more time to invest in and build those relationships after the first 90 days.
There will be moments of truth where CISOs...
