Strategy topics
Play CISO Simulator free
Free · no signup · plays in 30–45 min
Start playing →
The five areas a working CISO spends most strategic time on. Each topic-cluster hub pulls together the relevant risks, investments, and scenarios from across CISO Simulator.
- RansomwareHow CISOs prevent, detect, contain, and recover from ransomware. Risk register, mitigating
- Identity and accessIAM, PAM, MFA, SSO, ITDR — how identity is the new perimeter and the dominant blast-radius
- AI securityPrompt injection, training-data poisoning, model theft, shadow AI, EU AI Act compliance —
- Compliance and auditsSOC 2, ISO 27001, PCI DSS, HIPAA, GDPR, SEC 8-K, NYDFS, OCR HHS, DORA — how a CISO runs th
- Incident responseHow CISOs build the response muscle: IR retainer, MSSP, SIEM, tabletop exercises, war-room
New to the vocabulary? Start with the glossary for plain-English definitions of every mechanic and metric.