By name: solo-ciso-operating-system description: Build and run a one-person cybersecurity operating cadence across command center, vulnerability prioritization, incident readiness, trust responses, and policy governance. Use when requests involve "solo CISO", "one-person security team", weekly cyber priorities, or creating an end-to-end security operating model.
Solo CISO Operating System
Use this skill to turn broad security goals into an executable cadence for one security owner.
Workflow
- Establish operating context:
- Business profile, crown-jewel systems, compliance targets, and current backlog pressure.
- Build the mission stack:
- Daily mission (highest-risk action),
- Weekly burn-down (vulnerabilities, evidence, trust requests),
- Monthly assurance cycle (policies, tabletop, executive report).
- Prioritize by exploitability and blast radius:
- Favor active exploitation and identity exposure over cosmetic findings.
- Assign each task to an execution surface:
Command Centerfor prioritization,Findingsfor remediation,Security Analystfor incident/threat analysis,Trust Inboxfor customer assurance output,Policiesfor governance updates.
- Produce operator output:
- 7-day mission queue,
- 30-day risk reduction plan,
- Decision log (accepted, deferred, escalated risks).
Output Contract
- Keep output concise, action-first, and date-bound.
- Include explicit priorities (
P0,P1,P2). - Include success checks for each action.
References
- Daily/weekly cadence: references/daily-and-weekly-cadence.md
- Decision model: references/risk-decision-model.md
Script
- Backlog generator:
scripts/generate-weekly-backlog.py- Use to convert pulse and trend JSON into a markdown action plan.