First 100 Days of a CISO

Name: First 100 Days of a CISO
Rating: 4.7 (7 reviews)

A Strategic Blueprint for New CISOs and Security Leaders

Created byShawn Valle

Last updated 3/2025

English

What you'll learn

Define the roles and responsibilities of a Chief Information Security Officer
Identify the key steps to take in the first 100 days as a new cybersecurity leader
Learn how to research your new company and conduct initial meetings with executives and key stakeholders
Identify key business risks and potential catastrophic cybersecurity risks
Gain knowledge on the functions across start-up and maturing Information Security teams
Building a foundational CISO checklist to set up for success
Gain skills for financial budget management
Skills on navigating Board of Directors and developing a strong Security Steering Committee
Creating Vision, Mission, and Charters to demonstrate a thoughtful strategic approach to leading Information Security
Navigating staffing challenges

Course content

13 sections • 60 lectures • 1h 46m total length

Introduction5:30

Research the Organization2:39
Plan Initial Meetings1:48
Plan initial meetings by coordinating with your hiring manager to gather leadership and security staff names, schedule introductions, and show readiness before day one, including securing executive assistant support.
Before Day One - Recap & Exercise0:58
research your organization's mission and core values, review privacy policy and security documentation, and plan stakeholder meetings to prepare for the first 100 days as a ciso.

Key Topics0:56
Review Existing InfoSec Programs1:06
Get to Know Your Colleagues0:46
Hold a Department Meeting0:42
Learn Team Structure3:51
Be Visible and Meet People1:19
The BEE (Business Ending Event)0:50
Identify the business ending event by surveying direct teams and peers about the largest risks, compile findings into an initial assessment, and visualize them as a pie chart.
Start a Foundational Checklist1:34
Building Your Foundation - Recap & Exercise0:54

Key Topics1:10
Plan weeks three to six to cover eight topics: information security assessment, one-on-ones, team dynamics, team communications, project snapshot, budget metrics, key business risks, and the foundational checklist.
Queue Up an InfoSec Assessment2:05
Hold 1:1 meetings across your entire team1:27
Review Communication and Collaboration Channels1:16
Get a Project Snapshot1:09
Review Budget, Expenses, and Associated Metrics1:13
Ask About Problem Areas0:47
Complete the Foundational Checklist0:24
Initial Assessments and 1:1s - Recap & Exercise2:06
Recap the module with an infosec assessment, one-on-one meetings, team dynamics, and a project snapshot, reviewing budget, metrics, and business risks to prevent a potential business-ending event.

Key Topics0:38
Explore steering committee preparation, meetings with business leaders, and participation in InfoSec projects within the plan to act transition, aligning security efforts with business goals.
Prepare Steering Committee Materials2:44
1:1s with Business Leaders1:13
Active Project Involvement1:11
Show up and be visible in current infosec initiatives, listening and learning as a fly on the wall; take notes to build a prioritized, risk-based view for the big picture.
Building Alignment and Participation - Recap & Exercise0:25

Requirements

You are expected to have several years of working in Information Security, including management responsibilities

Description

Welcome to the First 100 Days of a CISO! This course will walk you through the essential steps, real-world examples, and practical exercises to set you up for success.

Created and delivered by a 3-time CISO (Chief Information Security Officer and Chief Security Officer), with nearly twenty years working in Information Security and cybersecurity.

By the end of this course, you will have built your own CISO start-up playbook, through the exercises after each module. You’ll also have access to all the templates created and shared in the course files.

The course will be structured, with an initial introduction to the CISO role, and how it’s evolved, and the different CISO personas.

Then will walk through an approach to tackling your first 100 days on the job, actually going week-by-week, through the playbook. This will include the following:

Building your foundation
Conducting an initial assessment and holding 1:1s
Building alignment and gaining participation
Defining your vision and reviewing your budget
Creating a charter and leadership (engaging and delegating)
Strategy, steering committee, and Board of Directors engagement
Program delivery and communications

In this 100 day journey, you have the opportunity to establish your credibility and elevate the security reputation within the company.

Who this course is for:

Aspiring and existing cybersecurity business leaders
CISOs, Chief Information Security Officers
Head of Security
BISOs, Business Information Security Officers
Directors of Information Security

First 100 Days of a CISO

What you'll learn

Explore related topics

Course content

Course Introduction1 lecture • 6min

Module 1: Introduction to the CISO Role6 lectures • 23min

Prepare, Assess, Plan, Act, Measure1 lecture • 3min

Module 2: Before Day One3 lectures • 5min

Module 3: Weeks 1–2 — Building Your Foundation9 lectures • 12min

Module 4: Weeks 3–4 — Initial Assessments and 1:1s9 lectures • 12min

Module 5: Weeks 5–6 — Building Alignment and Participation5 lectures • 6min

Module 6: Weeks 7–8 — Defining Your Vision and Budget Review6 lectures • 7min

Module 7: Weeks 9–10 — Charter and Leadership5 lectures • 7min

Module 8: Weeks 11–14 — Strategy and Steering Committee Engagement6 lectures • 9min

Requirements

Description

Who this course is for: