OpenIDEO is an open innovation platform. Join our global community to solve big challenges for social good. Sign Up / Login or Learn more

Once Upon a Time: A CISO Tale

Have you ever asked yourself: What's the CISO talking about? My tale compares a CISO to a medieval king ruling in accordance to ISO 27001.

Photo of Patrizia Russ
9 8

Written by

Sketch 1 (1,500 characters)

Picture 1: This sketch illustrates one problem a Chief Information Security Officer (CISO) of an organization may encounter daily: Looking into blank faces while using specialist terms in front of employees in order to explain a really important and urgent topic. Picture 2: To be fair, hundreds of years ago, medieval kings did not have an easier task having to protect their kingdom than the CISO has today. Picture 3 & 4: While sketch 1 & 2 show a colorful IT organization and kingdom, Sketch 3 & 4 show that it is and it not always has been as peaceful and colorful for the king and the CISO. Sometimes information security as well as the kingdom is in danger. Picture 5 & 6: Illustrates possible threat actors of the kingdom and the IT organization, being very different from each other. Those are the ones the king and the CISO have to protect their land against. What's next? The king and the CISO will protect and defend their assets based on the ISO 27001 standard (which is one of the most important standards on how to implement an Information Security Management System in an organization). Materials: For the sketches I used news paper letters, water brush markers, aquarelle color pencils, ink for calligraphy, and permanent markers on a water color pad. Based on demand, I could create computer graphs out of the different elements/sketches enrolled or leave them in this children book-like painting style. A video is another possibility.

Sketch 2 (1,500 characters)

Our lives' digitization nowadays already begins at a very early stage with parents employing baby alarms connected to the Internet. The amount of data describing our preferences, tracking our positions, assessing our abilities, and measuring our performance from there on continuously grows. Instead of physically having control, more and more of this data is stored in what we call "The Cloud" - an unimaginable amount of servers potentially distributed all over the world. This makes not only the collection of data ubiquitous but also its utilization - in most cases noticeable as increasing convenience. However, there is always the risk that the sheer amount of data in the cloud might eventually also be used against you.

What have you learned through this sketching process? (1,000 characters)

Having a background in computer science and security, one of the hardest challenges is to find the thin line on which common knowledge ends and expertise begins. This is not a static but dynamical positioning which is highly depending on the respective audiences. In my everyday work, I usually know the audience of my work beforehand so that I can adjust correspondingly. In the Cybersecurity Visuals Challenge, however, the audience is the global public with a variety of professional, cultural, and educational backgrounds. I therefore decided to use a language which everybody learns to speak already during their childhood - the language of fairy tales.

Tell us more about you. (1,000 characters)

I graduated with a Bachelor's in 'Media & Information Technology and Design' as well as a Master's in Computer Science with a focus on IT Security and Artificial Intelligence. During my studies, I taught children the basics of the World Wide Web by employing different visualising techniques and metaphors. I wrote my thesis about 'Cognitive Cyber Attack Detection' in cooperation with the research & development division of an international IT company and a well-known university in the Washington, DC Metro Area. Subsequently, I started working as a Security Consultant assessing and quantifying the cyber exposure and protection controls of the world's largest organisations. In my Bachelor's I had drawing classes as well as classes in image editing programmes (Adobe Photoshop, Illustrator, Indesign), story telling, sound design, animation movies, etc.

Why are you participating in this Challenge? (750 characters)

The Cybersecurity Visuals Challenge perfectly combines my academic and professional background in computer science and security, as well as media design with my passion for art. I always had in mind to publish a children book-like story about IT security. When I heard about this challenge, I took one day of vacation in order to have enough time to create some drawings.

Website(s)

https://www.linkedin.com/in/patrizia-russ/

What is your experience with the field of cybersecurity?

  • I have considerable experience and/or knowledge in the cybersecurity field.

What best describes you?

  • I’m a cybersecurity professional with an interest in visuals.

How did you hear about this OpenIDEO Challenge?

  • Someone in my network (word of mouth)

Location: City

I currently live in London (UK) and Munich (Germany)

Location: State / District

Bavaria & London

Location: Country

  • Germany

Attachments (1)

9 comments

Join the conversation:

Comment
Photo of DeletedUser

DeletedUser

I like the visualizations of the medieval king's dilemma and I think that you are onto something with a story book. I am less sure about switching back and forth from the modern CISO and the King. I do know that one technique in children story telling for bilingual books is to have one language at the top of the page and the other one at the bottom, sharing the same visuals. Perhaps a similar concept would work for you.

As a fellow entrant, I invite you to visit my submission and let me know what you think. https://challenges.openideo.com/challenge/cybersecurity-visuals/review/what-is-appropriate-encryption

Best of luck.

John Messing

Photo of Patrizia Russ

Thank you very much for your comment and feedback, John! Love your idea, I will definitely consider it for further steps! Just thought about giving them names. That would probably make it easier to identify with them as well. :) And... maybe it's also worth thinking about making them speak for things which are important to remember (maybe also rhymes). Happy to look at your work as well! :) Thank you! It's great to get inspired by this feedback round! :)

View all comments