CISO Stories Podcast (Audio)

Writing a cybersecurity strategy is an essential role of the CISO. How do you avoid the strategy from becoming outdated? Shelfware? Not in line with the business? Join us as Joey articulates his techniques for gaining stakeholder adoption of the strategy. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp120

Obtaining our first CISO role is an exciting and challenging experience at the same time. At some point, we will move on to another company. How have you prepared the person who needs to take your role? What knowledge and experience are you sharing with the next in line? Join Dave, as he has some great leadership lessons, approaches and tips for helping the next CISO and the organization. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp119

Everyone has a struggle or hurdle they will face. Your outcome is largely determined by your approach. Does this mean you will get OVER every hurdle? No. But sometimes, you can go around it or under it and still reach your final destination. Show Notes: https://securityweekly.com/csp118

Ensuring organizations have the proper governance, risk and compliance (GRC) practices is essential to ensuring risks are appropriately mitigated. Join us as we discuss the interconnectedness of risk, the process of GRC , and Michael's thoughts on how to improve the process. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp117

How is County Government Security different from company cybersecurity? Is it difficult to get funding and attract resources? What are the advantages to working in Country government cybersecurity? Join two experienced County Government CISOS, with experience in leading cybersecurity in two of the largest counties in the U.S, Fairfax County and Los Angeles County. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp116

Finding cyber talent is difficult in today's market. At a time when cyber salaries are high, working with universities to tap into the new cyber workforce is something all companies should be looking at. Today we will explore how to work with universities to bring talent to your organization. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp115

The role of CISO is one filled with challenges and decisions. Frequently, a CISO is faced with having to decide in compromise with Operations, in favor of Operations. This can be a very difficult and risky choice to make - but the ideal of having both get 100% of what they want, or need is not realistic. How to do this? In this session, we discuss how to analyze both POV, both sets of requirements and issues and reach optimal decisions that, hopefully, achieves a balance between these without amplifying risk. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp114

Cybersecurity is becoming a #1 business risk for many organizations. For CISOs to effectively manage this risk, proper strategy, adequate resourcing, and leadership support are all essential, but not enough. CISOs need a trusted partner on the supplier side, a product CISO, known within industry as a Chief Product Security Officer, who understands customer risk, drives secure product design and development, and manages cyber support across the lifecycle of software products and connected solutions. Manufacturers around the world are investing in the Chief Product Security Officer role to elevate and mature their product security program. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp113

Now more than ever, the significant demand for cybersecurity professionals serves as an opportunity to align with your organization's DE&I priorities. Building a diverse and inclusive workforce is achievable and begins with intentional leadership. Learn from a cybersecurity leader's successful track record and how to stand by your organization's greatest asset. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp112

As risk practitioners CISOs make risk vs reward decisions on a daily and sometimes hour by hour basis. As a profession we must understand our organizations risk tolerance and appetite as well as our own. Regulations are lagging indicators. SOX was established as a direct response to unethical behavior. Unfortunately, regulations in cybersecurity and data privacy are also "lagging indicators" that organizations "left to their own device" have failed to allocate sufficient reasonable cost-effective resources to mitigate the significant risk in prudent ways that place the organization in a position to demonstrate both due diligence and due care in a worst case scenario. CISOs must: 1 Understand your organizations risk tolerance and appetite 2 Know your own risk tolerance and appetite as well as your personal code of conduct and ethics. 3 Build and maintain your "rainy day", emergency or as my more colorful colleagues refer, FU funds. 4 Find your calm, peace and happiness. These days, mine is Yoga and Meditation What is yours? 5 To avoid stressful days and sleepless nights, maintain our integrity and sense of humor! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp111