The Importance of Soft Skills in CISO Organizations

I don't think there's enough resource to help the first time CISO today. We certainly codified how to do a risk assessment. But how to manage stakeholder expectations effectively? Not only have we not codified that, but it's something that takes practice. So you have to practice fail and adjust or correct from that experience. And I'm hopeful that maybe ISF can help with that.