ECSO News, European CISOs, WG3 - Cyber Resilience of Economy, Infrastructure and Services

ECSO wrapped its advocacy activity on the CISO Role in ENISA’s European Cybersecurity Skills Framework (ECSF).

07/08/2023

ECSO recently produced a master document offering recommendations for the depiction of the CISO role within ENISA’s European Cybersecurity Skills Framework (ECSF). The suggestions were gathered through ECSO’s active CISO community, comprising of CISOs from 28 European countries. As the only non-profit organisation hosting a European cross-sector CISO community, ECSO acts as the facilitator of this network of practitioners across Europe, bringing them together to provide output to relevant stakeholders.

The main objective of ECSO’s master document is to offer recommendations for enhancing the depiction of the CISO Role within ENISA’s European Cybersecurity Skills Framework (ECSF). The suggestions resulted from the collaborative effort of ECSO’s CISO Community that gathers 352 CISOs representing 28 European countries.

CISOs (Chief Information Security Officers) are responsible for overseeing an organisation’s cybersecurity strategy and its effective implementation to ensure the robust security and protection of digital systems, services, and assets. Throughout the document, the suggestion is to enhance inclusivity by incorporating the term “Information Security” alongside “Cybersecurity.” For instance, phrases like “Cyber and Information Security Governance” and “Manage cyber and information security risks” should be utilised.

The key discussions among the CISOs were aimed at striking a balance in crafting a clear and concise recommendations following the structure of ENISA’s CISO Role Description: Alternative Title, Summary Statement, Mission, Deliverables, Main Tasks, Key Skills, Key Knowledge.

The document also contains suggestions to expand the list of alternative CISO titles to include roles that are contingent on the specific organisational structure, for instance: Business Information Security Officer (BISO) and Divisional Information Security Officer (DISO). This inclusion allows to represent the diverse and dynamic nature of these positions in various organisational settings.

Additionally, ECSO suggests that the main tasks of the CISO shall be structured according to the NIST framework:

Business Strategy
Mission
Vision
Technology
Cyber and information security tasks related to technology.

The master document will now be sent to ENISA for a potential inclusion in the future iterations of the CISO Role in the ECSF. ECSO’s belief is that this well-balanced and realistic document is a great step forward to synchronising main aspects of the CISO role across the EU.

More information about ENISA’s European Cybersecurity Skills Framework:https://www.enisa.europa.eu/topics/education/european-cybersecurity-skills-framework.

For any question, please contact Sebastijan Cutura at sebastijan.cutura@ecs-org.eu.

Share this article on social media

ECSO and Women4Cyber’s new initiative has officially launched: register to Road2Cyber today!

Activities, ECSO News, WG5 - Education, Training, Awareness, Cyber Ranges, Women4Cyber, Youth4Cyber

02/05/2024

Decoding European Cybersecurity Market Trends: How to Expand to the US Market?

Activities, ECSO Members, ECSO News, W2- Market Deployment, Investments and International Collaboration, WG4 - Support to SMEs, Coordination with Countries and Regions

29/04/2024

European Cyber Security Organisation

Office

Avenue des Arts 46 Kunstlaan
1000 Brussels, Belgium

secretariat@ecs-org.eu

+32 (0)2 759 59 83

Warning: if you receive an error message subscribing to the newsletter, please empty your cache and try again. Should the error persist, contact laura.salvemini[at]ecs-org.eu

SUBSCRIBE TO OUR NEWSLETTER

EU Transparency registry 684434822646-91

Data Privacy Policy

Website by alchemiser.com