01-30-20 - Post Breach Desperation and Salary Negotiations

Post Breach Desperation and Salary Negotiations

January 30, 2020

CISO | Security Vendor Relationship Series

This week's episode of Defense in Depth

Post Breach Desperation and Salary Negotiations

Post Breach Desperation and Salary Negotiations

 On this episode of Defense in Depth:

Co-host Allan Alford and our guest Michael Piacente, co-founder and managing partner, Hitch Partners, discussed:

  • Salary negotiation is a topic that is always in vogue, but the post-breach angle shows the value companies are eventually seeing in the CISO role. Unfortunately for them they realize it after the fact.

  • A bad breach incident will cost far more than an investment in a good security team. But that's your insurance policy.

  • Location, industry, and size of company are all key factors on whether or not a CISO will be able to command a seven figure salary.

  • Industry specific skills will definitely come into play. If a bank is breached and you've been a security professional or a CISO at multiple banks that has maintained its cybersecurity without any significant incidents, then you have a lot of leverage.

  • When a company needs a CISO to right the ship, they're going to want someone who has gained skills in the areas of communicating with the board, strategy, vision, leadership, and successfully creating a pro-security culture.

  • Negotiating salary is not just isolated to CISO role. There are cloud security architects that are in high demand and can garner a much higher wage than just a couple years ago.

  • Threats outnumber security people regardless of their rank. There's no one person that's going to prevent breaches. But if you have a poor security culture, then a company will need to pay for the talent to get it operating in the right direction.

Special thanks to this week's Defense in Depth podcast sponsor, Anomali.

Anomali

Anomali is a leader in intelligence-driven cybersecurity solutions. Anomali turns threat data into actionable intelligence that drives effective security and risk decision making. Customers using Anomali identify cyber threats from all layers of the web, automate blocking across their security infrastructures, and detect and remediate any threats present in their networks. www.anomali.com 

Nicholas Hayden, global head of threat intelligence, Anomali on testing when threats are high

Live recording of CISO/Security Vendor Relationship Podcast at BsidesSF on 2/23/20

After attending and filming at what I believe has been every single BsidesSF, I'm excited to announce that we've been invited to do a live recording of CISO/Security Vendor Relationship Podcast at the conference. Mike Johnson will be there and our guest will be Olivia Rose, CISO, Mailchimp.We would love to see you there. You'll need to get a ticket to BsidesSF to be able to attend the event, but we'll be going recording at 3:30 PM on Sunday, February 23rd, 2020. And for another first, we'll be recording inside a movie theater!Go ahead and register for BsidesSF. It's only $50 to attend. And then make sure you put our live audience recording on your schedule.We still have sponsorship opportunities open for this first ever event. Please contact me if you're interested in sponsoring.

Adrian Ludwig, CISO, Atlassian on a more fun way to approach cybersecurity

SUBSCRIBE TO BOTH PODCASTS

Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.

If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.