Super Cyber Fridays!
Join us TOMORROW, Friday [01-12-24], for "Hacking the Data Privacy Paradox"

It's happening tomorrow, Friday, January 12, 2024. We'll be hosting Super Cyber Friday for “Hacking the Data Privacy Paradox: An hour of critical thinking on where to find the balance between business operations and personal information.”

It all begins at 1 PM ET/10 AM PT on Friday, January 12, 2024 with guests Kim Elias, senior compliance specialist, Vanta and Davi Ottenheimer, vp of trust and digital ethics, Inrupt. We'll have fun conversation and games, plus at the end of the hour (2 PM ET/11 AM PT) we'll do our meetup.

Register

Thanks to our Super Cyber Friday sponsor, Vanta

Defense in Depth
The Do's and Don'ts of Approaching CISOs

Vendors need to reach out to CISOs, but what does a successful approach look like? Too often vendors spray and pray with outreach, rather than doing the bare minimum of research. What should vendors do to try to create meaningful outreach to CISOs?

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our guest, Adam Glick, CISO, PSG. Here’s what we discussed:

Playing the numbers game

The current state of communication between many vendors and CISOs just isn’t productive. "Part of me thinks that they might not actually care if one person buys or not. They just spam these out hoping enough people bite so they can get their quota," said Joseph Samson of Cross River. The problem isn’t just limited to your email inbox either. "I've seen a proliferation of ‘multi-media lead generation’ companies that send Linkedin requests, and if you fall prey, they instantly are spamming you”, said Alan Porten of DXC Technology.

How do you get them to care?

While a cold call often isn’t appreciated, it might lead to a meaningful interaction if the vendor did their homework. But so often these communications seem designed to be low quality. "It’s gotten so much worse. I get people reaching out for my non-profit, I ask them if they even know what my org does. I’ve tried to educate people and some had the nerve to get offended," said Larry Whiteside Jr., CISO at RegScale. It’s hard to do anything but get frustrated when these communications seem willfully ignorant of your organization.

Navigating the sales disconnect 

The job of a vendor is to sell you something, so how did we get here? "Blame middle sales management, they bring nothing to the table except telling people to smile and dial," said Justin Perron of 13 Layers. As Chris Zell of Dell Technologies said, CISOs should be expected to train vendors to improve their game, "We keep getting the same question from sales people over and over: ‘How should we approach you?’ You would think how to approach CISOs would be part of the interview process.” It doesn’t help that almost all vendors operate in a crowded market, where a more deft sales approach might lead to better outcomes. "Sales teams often forget the importance of forming relationships. Meeting quota shouldn't be the defining trait of a good salesperson,” said Divya Taneja of HackNotice.

A dose of empathy

While it’s easy to get frustrated by bad outreach tactics, think for a moment why salespeople resort to them. If it’s obvious to CISOs these aren’t effective, there must be structural issues causing it to happen anyway. "I feel for the sales folks who have to do this. They are hungry and seem to have no other way to try," said Bob Gourley of Stargena, Inc. It could also make for a prime opportunity to differentiate suggested Karisse Hendrick of Chargelytics Consulting.

"Lazy sales reps create an opportunity for those that are different to stand out, in unique ways when they listen to those of us who know this space."

Please listen to the full episode on your favorite podcast app, or over on our blog where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now.

Thanks to our podcast sponsor, Praetorian

LIVE!
Cyber Security Headlines - Week in Review

Make sure you register on YouTube to join the LIVE "Week In Review" this Friday for Cyber Security Headlines with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be Allan Cockriel, CIO of global functions and group CISO, Shell.

Thanks to our Cyber Security Headlines sponsor, Vanta

The FDA's New Medical Device Security Requirements

The Federal Drug Administration published new requirements mandating security standards for newly submitted medical devices. Samantha Jacques, vp of clinical engineering, McLaren Health, doesn't see this impacting large manufacturers as much, given they already make these devices compliant with more stringent European standards. Rather medium and small-sized manufacturers will need to play catch up to get new devices to market.

Watch the video.

Thanks to our sponsor, Claroty

Live!
​​PREVIEW: CISO Series Podcast LIVE in Clearwater, Florida 01-17-24

CISO Series Podcast is kicking off 2024 with live recording at the Convene conference. Joining me on stage for the recording will be Brett Conlon, CISO, American Century Investments, and Mical Solomon, CISO, Port Authority of NY and NJ.

If you’re interested in attending, get your tickets here.

WHERE: Sheraton Sand Key (1160 Gulf Blvd, Clearwater Beach, FL 33767)

Huge thanks to our sponsors, Living Security and KnowBe4

Cyber chatter from around the web...
Jump in on these conversations

"Well, this is embarassing but I need to ask for some guidance here." (More here)

"What sort of value do you think cybersecurity consultants have?" (More here)

"How to handle working in cybersecurity long term" (More here)

Coming Up On Super Cyber Friday...
Coming up in the weeks ahead on Super Cyber Friday we have:

• [01-12-24] Hacking the Data Privacy Paradox

• [01-19-24] Hacking Security Audits

 Save your spot and register for them all now!

Thank you!
Thank you for supporting CISO Series and all our programming

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.