Introduction
The ScotlandIS CISO Safe Space is an exclusive forum designed for Chief Information Security Officers (CISOs) and professionals performing similar functions within their respective organisations. This initiative aims to provide a supportive, non-competitive and non-judgmental environment where CISOs can collaborate, build a strong network, discuss pain points, share best practice and learn from each other’s experiences. CISO Safe Space will foster an atmosphere of trust and confidentiality to enable open and candid discussions about incidents and other challenges faced in the Scottish cybersecurity eco-system.
Objectives
The primary objectives of the ScotlandIS CISO Safe Space are:
- Networking and rapport building to facilitate meaningful connections among CISOs and those performing similar functions, encouraging relationship-building within the cybersecurity community.
- Knowledge exchange to promote the sharing of expertise and best practice related to information security and risk management.
- Incident discussion to establish a platform for CISOs to discuss cybersecurity incidents, analyse incident response strategies and learn from each other’s experiences.
- Industry experts to deliver talks, presentations and workshops on relevant and current cybersecurity topics.
- Monthly Meetings. Each meeting will have a different format over a 3-month cycle – including informal get-togethers, online catch ups and in-person events with expert speakers, working groups and Q&A sessions.
Meeting Format
The ScotlandIS CISO Safe Space will follow a 3-month meeting cycle with the following formats:
Month 1 – Informal Get-Together
- Casual, informal networking and open discussions among CISOs.
- In-person
- Ice-breaking, introduction of new members and group-driven topics.
Month 2 – Online Catch-Up
- Virtual meeting to discuss pre-determined topics and expert speaker sessions.
- Topics decided by the group, expert speaker session and interactive discussions.
Month 3 – In-Person Event with Speakers and Working Groups
- Face-to-face discussions, participate in working groups, and learn from expert speakers.
- Rotating locations hosted by different member organisations.
- Expert speaker session, working group discussions, Q&A opportunities and networking.
Topics of Discussion
The topics for discussion within the ScotlandIS CISO Safe Space will be determined by the group. They may include:
- Wellbeing and Mental Health in Cybersecurity Roles
- Communication Plans during Cyber Incidents
- Incident Response Strategies and Case Studies
- Leadership and Management Styles in Cybersecurity
- Cybersecurity Finance and Funding Challenges
- Legal, Regulatory, and Policy Issues in Information Security
- Incident of the month
Confidentiality and Non-Disclosure
Chatham House Rules and a strict non-disclosure policy will be adhered to during all meetings to ensure confidentiality and encourage open discussions without fear of repercussions.
Expectation from Cybersecurity Community
The ScotlandIS CISO Safe Space welcomes active participation from the Scottish cyber-security community and welcome their support, contributions of their experiences, suggestions of relevant topics and the offer of hosting/providing venues for in-person events.
Membership
Participation in the ScotlandIS CISO Safe Space is open to ScotlandIS Members. Members of the Cyber Cluster will be able to participate and attend events for a nominal fee that will be outlined prior to each event.
Chief Information Security Officers (CISOs) and professionals performing similar functions are invited to become involved. Additional membership will be by invitation and subject to approval by the existing members to maintain the integrity and relevance of the group.
Review and Amendments
These terms of reference will be reviewed periodically to ensure their effectiveness and may be amended with the consensus of the group members.
Conclusion
The ScotlandIS CISO Safe Space aims to foster collaboration, knowledge exchange, and support among CISOs in a friendly and inclusive environment. By sharing experiences, challenges, and best practices, the members can collectively strengthen the cybersecurity landscape in Scotland and beyond.