Lesson 3

--------
Learn about the cybersecurity concerns of a typical CISO, the risks they face, and
the possible consequences if they don’t get it right.

Question 1
How long has the role of CISO been present?
Select one:
The role of CISO has existed for 129 years.
The role of CISO is the oldest C-level position.
The role of CISO is relatively new. [CORRECT ANSWER]
The role of CISO does not exist yet.

Question 2
In many of the breaches, tens of millions of credit cards become compromised, and
personally identifiable information for millions of individuals are stolen. What is
one result?
Select one:
Class-action lawsuits [CORRECT ANSWER]
Increase in share price
Market capitalization increase
Clearance sales

Question 3
In what ways are CISOs often expected to represent the company?
Select one:
Career day at a local school.
Thought leadership, partnership development, and customer engagement. [CORRECT
ANSWER]
Presenting new products at a trade show booth.
Public relations, advertising, and marketing.

Question 4
Originally, the role of CISO was mostly concerned with which topic?
Select one:
Finance
Compliance [CORRECT ANSWER]
Operations
Budgeting

Question 5
What can be said for a company’s data that resides outside their buildings?
Select one:
It must be secured and protected just the same. [CORRECT ANSWER]
It is impossible to even find.
It is already secured and protected by the very nature of the cloud.
It is impossible to secure or protect.

Question 6
What do the other C-level executives want from a CISO?
Select one:
A concrete assessment of vendor performance.
A concrete assessment of database performance.
A concrete assessment of information risk and value. [CORRECT ANSWER]
A concrete assessment of website costs.

Question 7
What is the result of these breaches becoming the targets of government regulators?
Select one:
Unexpected tax audits
Lower insurance rates
Huge fines [CORRECT ANSWER]
Increased health department inspections

Question 8
What is the term for when departments or individuals go outside the corporate
policies and spin up their own applications, utilize unapproved or uncoordinated
SaaS services, or otherwise allow what may be key information assets to be stored
out of our control?
Select one:
Ninja IT
Shadow IT [CORRECT ANSWER]
Dodgy IT
Vapor IT

Question 9
What results from the loss of control of customers’ personally identifiable
information?
Select one:
The loss of customer trust and lasting damage to brand reputation. [CORRECT
ANSWER]
A rise in customer-created crowdfunding initiatives.
An increase in customer sympathy and a strengthening of brand reputation.
The loss of customer trust and a strengthening of brand reputation.

Question 10
Where are the information assets in a typical company today?
Select one:
Inside the main building.
Scattered all over the place. [CORRECT ANSWER]
Consolidated in a central mainframe.
Stored in carefully controlled servers.