CISO Series Podcast How Much Risk Would a CISO Risk if a CISO Could Risk Risk? (LIVE in Boca Raton)
Dec 16, 2025
Ryan Barris, CISO at Mount Sinai Medical Center, and Brett Conlon, CISO at American Century Investments, dive into the crucial role of communication in cybersecurity. They emphasize the importance of aligning security with business impact and building relationships with leadership. The duo debates industry issues, shares humorous games like 'What's Worse', and highlights how CISOs should effectively communicate with CEOs. Their insights focus on making cybersecurity relatable and actionable, ensuring that organizational risk is clearly understood.
AI Snips
Chapters
Transcript
Episode notes
Relationships Are Core To A CISO's Job
- CISOs must prioritize relationship-building as a core part of their role to get buy-in from leadership.
- Explain security in plain terms so nontechnical leaders understand impact on customers and operations.
Security As A Service, Not Policing
- Security functions as a service to the organization, not just a policing function.
- CISOs must understand culture, vendors, risks, and business breadth to be effective.
Frame Risks In Business Terms
- Translate technical vulnerabilities into business impact (e.g., lost revenue, operational downtime).
- Lead with the worst-case business scenario to get executives' attention.