Defense in Depth

Why are CISOs Excluded from Executive Leadership?

Mar 7, 2024

Exploring the absence of CISOs in executive leadership, challenges faced by CISOs in Fortune 100 companies, importance of clear guidelines and compliance, CISOs' role in disclosure decision-making post-security breaches, and contrasting perspectives on privacy and security prioritization.

33:04

Creator website

Episode guests

Ben Sapiro

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

CISOs are not often included in executive leadership due to the role's novelty compared to established companies in Fortune 100 lists.

CISOs should transition from being seen as the 'Department of No' to facilitating strategic risk-taking to drive business growth and success.

Deep dives

Lack of CISOs in Executive Leadership

Investigative reporter Brian Krebs discovered that very few Fortune 100 companies list security professionals in executive leadership. The CISO role is relatively new compared to the legacy companies dominating the list, leading to a lack of representation. While it doesn't imply a lack of seriousness about cybersecurity, it highlights the evolving importance of security in successful companies.

Introduction

3min

Evolution of CISOs in Executive Leadership

11min

Importance of Clear Guidelines, Compliance, and New Sponsor Offering Security Data Solutions

4min

The Role of CISOs in Disclosure Decision-Making

12min

Contrasting Perspectives on Privacy and Security Prioritization

3min

All links and images for this episode can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our guest, Ben Sapiro, head of global cyber security services, Manulife.

In this episode:

Why do we see a dearth of CISOs listed in executive leadership?
Is this just a factor of company reporting structure?
Or do CISOs really not have a seat at the table with the business?
How do we convince the C-suite?

Thanks to our podcast sponsor, Query

Query Federated Search gets to your security relevant data wherever it is - in data lakes, security tools, cloud services, SIEMs, or wherever. Query searches and normalizes data for use in security investigations, threat hunting, incident response, and everything you do. And we plug into Splunk. Visit query.ai.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Defense in Depth

Why are CISOs Excluded from Executive Leadership?

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Lack of CISOs in Executive Leadership

Significance of Risk Management by CISOs

Importance of Governance and Culture in Cybersecurity Reporting

Risk Management and Insurance Underwriting

Remember Everything You Learn from Podcasts