Last updated on April 27th, 2018 at 11:43 pm.
DISO stands for “Designated Information Security Official.”
DISO (pronounced “Dee•so” or “Dis•so”) is an acronym that GetCyberSecured.com coined to describe the additional role or duty a small business owner can assign to one of their employees. Similar to how a CISO (Chief information security officer) is primarily in charge of cyber security for a medium or large sized company, a DISO is a person that would be responsible for implementing, enforcing, and maintaining cyber security controls and practices to better protect the small business they work for. Unlike a CISO, however, it is not meant to be a senior-level executive position by any means (and doesn’t include any training of this matter), but merely is designed to be an additional side role for an employee to take the burden off of a busy business owner to do all the cyber securing of the business.
This DISO side role should easily compliment an employee’s primary role in the small business and is best assigned to an employee with some computer-use skills (can be average use skills, up to advanced) and average reading, writing, and social skills. So very technical computer skills are not needed, though it can help. Many people assign the DISO duty to their most computer or IT adept employee, but it is absolutely not required. Also, if necessary and allowed to, a DISO can still delegate technical things for others to do to secure the small business, particularly if you want an IT adept employee to do some work but want someone else to be the responsible DISO in charge of the work.
A DISO, on at least a yearly basis, will just need to:
- Access our website and complete the Security Awareness course
- Conduct cyber security awareness training to other employees or business owner on a yearly basis
- Complete the DISO class and assessment (for getting an up-to-date DISO certificate)
- Improve cyber security of the business by completing and taking action with our risk assessments
- Maintain daily cyber security vigilance (often by keeping software up to date when getting alerts from us or ensuring that physical security is paid attention to, and more)
If a DISO is unclear about anything, they have access to consulting with our certified cyber security professionals and can ask questions as they wish. They are never alone in trying to find cyber security answers for the business or business owner.
We include DISO training only on GetCyberSecured.com as part of the “Cyber Secured” monthly plan.
A small business owner would just need to sign up for it, login, have their chosen DISO employee visit the DISO section within our website to complete their training, and start securing.
Our “Cyber Secured” plan will include (for a DISO or Business Owner to use):
- DISO training that teaches (about 1 – 2 hours long):
- DISO role and responsibility, and delegating if necessary
- A DISO’s role in heading any incident response efforts
- Specifics in security awareness that apply to a DISO
- How to go about training others in security awareness and practices
- How to use our provided tools in a systematized manner to secure the small business
- DISO tools:
- Save or print a certificate that lasts 1 year saying they passed the DISO class (there is a thorough assessment to pass)
- Checklist of DISO responsibilities
- Yearly Schedule of when to do cyber security tasks
- Training Tools to teach security awareness to business owner and/or other employees
- Cyber Security Awareness Training Course
- Email Reminders to keep you on schedule to securing the business
- Incident Response Planner for a data breach and ID theft
- Risk Assessments
- Guides to fix issues found through risk assessments
- Generate cyber security related policies (coming soon)
- Ability to get security alerts for new threats to your devices or computers through email or text message
- Consulting with cyber security professionals
- Access to knowledge base of past useful consulting questions
Cyber Security is vital for small businesses. There really should be no small business in the world without the cyber security protections that we cover on GetCyberSecured.com.
Our DISO training will start to be included in the ‘CyberSecured’ plan at the beginning of March, 2018.