Case Study: Chief Information Security Officer (CISO)

After transitioning out of the military, you were contracted by a medium-sized start-up company that processes credit card transactions on a daily basis. The Chief Executive Officer (CEO) and other business staff have no knowledge of network security or the threats they face. They have an open position for a Chief Information Security Officer (CISO), but have yet to fill it. Thus, they hire you for your expertise in network security, firewalls, and VPN solutions. This is a short term engagement that lasts 30 days. As the company’s subject matter expert/consultant, the CEO wants a 4-6 page report at the end of your assignment. The CEO tells you they will have remote users, so firewall and VPN technologies are needed. They provide you with the following report outline to use: 1.0 Introduction 2.0 Overview of network security fundamentals, security threats, and issues (discuss from a company wide standpoint). 3.0 Detailed network security recommendations 4.0 Summary