Gartner: CISO First 100 Days

Most people are lucky if they can find the coffee maker on their first day at a new job. The CISO is held to a much higher standard. As a new CISO, you have a short window to understand leadership expectations, establish your credibility, and create a foundation for a security program that will impact the rest of your tenure. No pressure.

In this CISO guide, Gartner dives deep into everything a new CISO needs to accomplish in their first few months. With this actionable cybersecurity framework, you’ll be able to establish a strategic security vision that instills confidence, secures budget, and maximizes the odds of success.

We believe the roadmap provides detailed action items to complete during each of the five phases:

Prepare: Before your first day, get ready to hit the ground running by creating a plan to engage with leadership and staff alike.
Assess: In your first few weeks, understand the company, its culture, and assess its security gaps so you can prioritize your cybersecurity strategy recommendations.
Plan: Once you determine your priorities, create a defensible cybersecurity program that your team will use over the coming weeks, months, and years.
Act: In this crucial phase, focus on generating tangible, visible accomplishments to build credibility and secure additional buy-in.
Measure: Create and measure a portfolio of KPIs that demonstrate the business value of your security efforts.

Gartner, The CISO’s Guide to Your First 100 Days, William Candrick, Sam Olyaei, Tom Scholtz,24th May 2021

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from CYCOGNITO.

CISO First 100 days

Read Gartner report for maximizing the full potential of your first 100 days in a new CISO position.

Complete this registration to receive the full Gartner report.

Per Gartner, "Your first 100 days in the chief information security officer (or equivalent) role determine your success as a security and risk management leader. Gartner provides guidance and support to help new CISOs maximize their success during this pivotal transition phase."

In this CISO guide, Gartner dives deep into everything a new CISO needs to accomplish in their first few months. With this actionable cybersecurity framework, you’ll be able to establish a strategic security vision that instills confidence, secures budget, and maximizes the odds of success.

We believe the roadmap provides detailed action items to complete during each of the five phases:

Prepare: Before your first day, get ready to hit the ground running by creating a plan to engage with leadership and staff alike.

Assess: In your first few weeks, understand the company, its culture, and assess its security gaps so you can prioritize your cybersecurity strategy recommendations.

Plan: Once you determine your priorities, create a defensible cybersecurity program that your team will use over the coming weeks, months, and years.

Act: In this crucial phase, focus on generating tangible, visible accomplishments to build credibility and secure additional buy-in.

Measure: Create and measure a portfolio of KPIs that demonstrate the business value of your security efforts.

CISO First 100 days﻿

Read Gartner report for maximizing the full potential of your first 100 days in a new CISO position.

Complete this registration to receive the full Gartner report.

Per Gartner, "Your first 100 days in the chief information security officer (or equivalent) role determine your success as a security and risk management leader. Gartner provides guidance and support to help new CISOs maximize their success during this pivotal transition phase."

In this CISO guide, Gartner dives deep into everything a new CISO needs to accomplish in their first few months. With this actionable cybersecurity framework, you’ll be able to establish a strategic security vision that instills confidence, secures budget, and maximizes the odds of success.

We believe the roadmap provides detailed action items to complete during each of the five phases:

Prepare: Before your first day, get ready to hit the ground running by creating a plan to engage with leadership and staff alike.

Assess: In your first few weeks, understand the company, its culture, and assess its security gaps so you can prioritize your cybersecurity strategy recommendations.

Plan: Once you determine your priorities, create a defensible cybersecurity program that your team will use over the coming weeks, months, and years.

Act: In this crucial phase, focus on generating tangible, visible accomplishments to build credibility and secure additional buy-in.

Measure: Create and measure a portfolio of KPIs that demonstrate the business value of your security efforts.

CISO First 100 days