Defense in Depth

Information Security vs. Cybersecurity

Aug 15, 2024

Mike Lockhart, Chief Information Security Officer at EagleView, delves into the nuances of information security versus cybersecurity. He explains how terminology shapes public perception and emphasizes the importance of effective communication in aligning security strategies with client understanding. The conversation also highlights the diverse career paths in the security field, including red teaming and penetration testing. Lockhart discusses the crucial role of security leadership in fostering collaboration and managing stakeholder expectations to enhance organizational security.

26:41

Creator website

Episode guests

Mike Lockhart

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The role of a CISO extends beyond cybersecurity, incorporating governance, risk management, and data protection into their responsibilities.

There is a significant confusion between cybersecurity and information security, which can hinder effective communication and influence security strategies within organizations.

Deep dives

The Expansive Role of the CISO

The role of a Chief Information Security Officer (CISO) is often narrowly framed within the context of cybersecurity, but it encompasses a much broader spectrum of responsibilities. Key areas include governance, risk management, data protection, and physical security, beyond just cybersecurity concerns. This misconception arises, in part, because the term cybersecurity has been heavily marketed and simplified, leading to a lack of understanding regarding the full range of information security duties. A more holistic view is essential, as it allows organizations to communicate effectively with stakeholders and better manage risk across all facets of the business.

Intro

3min

Understanding Security: InfoSec vs Cybersecurity

11min

Exploring Career Paths in Information Security and Cybersecurity

5min

The Vital Role of Communication in Security Leadership

3min

Navigating Business Enablement and Cybersecurity

4min

All links and images for this episode can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and John Underwood, vp, information security, Big 5 Sporting Goods. Joining us is our guest, Mike Lockhart, CISO, EagleView.

In this episode:

Marketing versus strategy
A distinction without a difference?
Terminology follows function
Security convergence

Thanks to our podcast sponsor, Scrut Automation

Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Our best-in-class features like process automation, AI, and 75+ native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit www.scrut.io to learn more or schedule a demo.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Defense in Depth

Information Security vs. Cybersecurity

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Expansive Role of the CISO

The Confusion Between Cybersecurity and Information Security

Influencing Organizational Security Strategy

Remember Everything You Learn from Podcasts