To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Artwork

Security Software Development Tech News Cybersecurity Informationsecurity David Spark Tech News Geoff Belknap Steve Zalewski CISO CISOSeries InfoSec
Content provided by David Spark, Steve Zalewski, and Geoff Belknap. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by David Spark, Steve Zalewski, and Geoff Belknap or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Similar to Defense in Depth

Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Defense in Depth « »
Top CISO Communication Issues

27:40
 
Play
Playing
Share
 

MP3Episode home
Manage episode 241923776 series 2478315
Content provided by David Spark, Steve Zalewski, and Geoff Belknap. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by David Spark, Steve Zalewski, and Geoff Belknap or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-top-ciso-communication-issues/)

Understanding risk. Communicating with the board. Getting others to understand and care about security. What is the most vexing cybersecurity issue for a CISO?

Check out this post by Kate Fazzini, cybersecurity reporter for CNBC, for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest for this episode is Mark Eggleston (@meggleston), CISO, Health Partners Plans.

Thanks to this week’s podcast sponsor, Varonis.

The most powerful way to find, protect, and monitor sensitive data at scale. Get total control over your unstructured data in the cloud and on-premises. See it in action in a live cyberattack simulation lab.

On this episode of Defense in Depth, you'll learn:

  • Communications starts with engaging people where they work. CISOs can't have any long-term success selling fear, uncertainty, and doubt (AKA "FUD").
  • CISOs need to focus on people skills. If a CISO is going to be rolling out a solution it's going to be in his/her hands to get others to adopt. Successful CISOs integrate the community into their thinking.
  • While CISOs want to be proactive, you can't be purely proactive or reactive. It's always a blend.
  • The best start for a CISO is to get the C-suite and board to listen and understand.
  • Not only do CISOs need to have conversations about risk, they need to document it and revisit it.
  • Look at where the company is making money by examining the 10-Q report. See where you can apply risk analysis to all of those revenue streams.
  • Whenever a FUD-like headline appears, the C-suite and board will see it. Don't let them fall into the trap of absorbing the hype. CISOs need to show how they're handling such situations and how they would if something similar happened to them.
  • Top issues for CISOs include having a clear understanding of who owns what risk. And more importantly, individual contributors should acknowledge their specific role in the overall security program.

  continue reading

279 episodes

#Security #Software Development #Tech News #Cybersecurity #Informationsecurity #David Spark #Tech #News #Geoff Belknap #Steve Zalewski #CISO #CISOSeries #InfoSec
Artwork

Top CISO Communication Issues

Defense in Depth

202 subscribers

published

Play Playing
iconShare
 
MP3Episode home
Manage episode 241923776 series 2478315
Content provided by David Spark, Steve Zalewski, and Geoff Belknap. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by David Spark, Steve Zalewski, and Geoff Belknap or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-top-ciso-communication-issues/)

Understanding risk. Communicating with the board. Getting others to understand and care about security. What is the most vexing cybersecurity issue for a CISO?

Check out this post by Kate Fazzini, cybersecurity reporter for CNBC, for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest for this episode is Mark Eggleston (@meggleston), CISO, Health Partners Plans.

Thanks to this week’s podcast sponsor, Varonis.

The most powerful way to find, protect, and monitor sensitive data at scale. Get total control over your unstructured data in the cloud and on-premises. See it in action in a live cyberattack simulation lab.

On this episode of Defense in Depth, you'll learn:

  • Communications starts with engaging people where they work. CISOs can't have any long-term success selling fear, uncertainty, and doubt (AKA "FUD").
  • CISOs need to focus on people skills. If a CISO is going to be rolling out a solution it's going to be in his/her hands to get others to adopt. Successful CISOs integrate the community into their thinking.
  • While CISOs want to be proactive, you can't be purely proactive or reactive. It's always a blend.
  • The best start for a CISO is to get the C-suite and board to listen and understand.
  • Not only do CISOs need to have conversations about risk, they need to document it and revisit it.
  • Look at where the company is making money by examining the 10-Q report. See where you can apply risk analysis to all of those revenue streams.
  • Whenever a FUD-like headline appears, the C-suite and board will see it. Don't let them fall into the trap of absorbing the hype. CISOs need to show how they're handling such situations and how they would if something similar happened to them.
  • Top issues for CISOs include having a clear understanding of who owns what risk. And more importantly, individual contributors should acknowledge their specific role in the overall security program.

  continue reading

279 episodes

#Security #Software Development #Tech News #Cybersecurity #Informationsecurity #David Spark #Tech #News #Geoff Belknap #Steve Zalewski #CISO #CISOSeries #InfoSec

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Similar to Defense in Depth

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Quick Reference Guide

Top Podcasts
The Bill Simmons Podcast
PTI
First Take
Marketplace
Comedy of the Week
The Bugle
How Did This Get Made?
Doug Loves Movies
Planet Money
TED Talks Daily
NBC Nightly News with Lester Holt
The World This Hour
Daily Boost Motivation and Coaching
Radiolab
Science Friday
This American Life
Criminal
Sword and Scale
In The Dark
Player FM logo
Help/FAQ | Upgrade | Advertise
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2024 | Sitemap | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox