- CISO Series Newsletter
- Posts
- 01-28-20 - Revisiting a Whole Career of Cyber Screw Ups
01-28-20 - Revisiting a Whole Career of Cyber Screw Ups
Revisiting a Whole Career of Cyber Screw Ups
This week's episode of CISO/Security Vendor Relationship Podcast
Revisiting a Whole Career of Cyber Screw Ups
was recorded in front of a live audience at the Silicon Valley ISSA chapter meeting in Santa Clara, CA at Malwarebytes offices. It features my co-host, Mike Johnson, and guest Peter Liebert, former CISO, state of California. Peter is now an independent consultant and commander of cyber operations for California State Guard. All three of us discussed:
It's OK to be a generalist in cybersecurity.
In a discussion of admitted mistakes that we advise greener security people not to make, Peter Liebert said it was OK not to specialize. There is so much pressure in the industry for security specializations, especially around cloud, that many feel that they have to choose a specific path. Generalists are still very attractive.
(left to right) David Spark, producer, CISO Series, Mike Johnson, co-host,
CISO/Security Vendor Relationship Podcast
, and Peter Liebert, commander, cyber operations, California State Guard
Be a trusted adviser by admitting when you can't help.
The best way to build trust with a CISO is to explain that you
can't
do everything and that your product does have limitations. It's amazing how much CISOs really appreciate that level of honesty.
The black hoodie hacker isn't the only person who works in cybersecurity.
Yes, there are tons of other cybersecurity roles that don't fall into this well know trope. If you want more people to care about cybersecurity and more importantly think of cybersecurity as a career path, they need to understand there are other available positions, like data scientist, privacy lawyer, auditor, or even project manager. They're all extremely valuable, useful, and appreciated.
Computer gaming has value in cybersecurity beyond being a well-needed break.
Certain games, our panel noted Warcraft, require a lot of coordination with other players. And working as a team, in any manner, is an extremely valuable skill to learn and constantly be honing. Security peeps know this is critical, and they're happy to improve while they're having fun playing a game.
Special thanks to this week's CISO/Security Vendor Relationship Podcast sponsor, Malwarebytes.
secures endpoints, making workplaces resilient. Our adaptive cyber protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response with machine learning that is actionable and automated, allowing for full recovery when a compromise occurs. We empower enterprise endpoint orchestration across siloed IT and Security organizations, simplifying security management and making responses effective. Malwarebytes makes endpoints resilient so workplaces can protect and remediate, and employees can regain control of their digital lives.
MORE live events coming up in SF, NYC, and Boston
We're in Tel Aviv all this week covering the Cybertech conference, but we have plans for live audience recordings of CISO/Security Vendor Relationship Podcast coming up in SF, NYC, and Boston over the next two months. We've got great packages for sponsors. If you're interested in sponsoring, please feel free to contact me.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.