Interview Question: Candidates for a CISO Staff Position Actions for ‘Interview Question: Candidates for a CISO Staff Position’ More and more hiring actions start with a written essay from job candidates followed by a telephone ‘screening’ interview. For this week’s discussion topic, you will take on the role of ‘job candidate’ for an entry level position in a CISO organization. You are at the first stage in the hiring process — writing the essay. Your assigned topic is: Why should a large company (>1000 employees) invest in new or upgraded IT security products and services? Your audience is a group of managers (both technical and non-technical) who depend upon IT security to protect their business operations (including intellectual property, company strategic and financial information, and customer data). Write a 3 to 5 paragraph essay that addresses the points listed below and which responds fully to the required topic. Your essay should not exceed 500 words so be concise, accurate, and clear in your essay. Your essay should include: 1. Definitions and discussions of threats which could impact confidentiality, integrity, and availability of information, information systems, and networks. 2. Three examples of IT security products or services (by class, e.g. firewall, intrusion detection, encryption, etc.) and what is protected (info, systems, networks) by each. 3. An explanation of why last year’s IT security technologies may not be sufficient to protect against today’s threats. 4. A brief strategy for buying the ‘best of the best’ when it comes to IT security technologies (think back to CSIA 310’s case studies). Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your article.