02-27-20 - The Countless Ways a Security Team Can Go Sideways

The Countless Ways a Security Team Can Go Sideways

February 27, 2020

CISO | Security Vendor Relationship Series

This week's episode of Defense in Depth

Toxic Security Teams

Toxic Security Teams

 On this episode of Defense in Depth:

Co-host Allan Alford and our guest Jinan Budge, principal analyst serving security & risk professionals at Forrester, discussed:

  • Toxic security teams happen because of tribalism, not just within security, but across all departments.

  • Security is seen as an expense and an IT problem and many don't think it's everyone's issue.

  • One core issue is the lack of security culture and management simply not supporting the InfoSec team's efforts.

  • There are many ways a security team's culture can become toxic. The issues are so numerous that it seems more of a challenge to prevent a team from its natural tendency to go sideways.

  • The hero mentality of one individual, who thinks only he/she can solve the problem, can poison an entire group.

  • It can be argued that it's an issue of ego, but many see it as insecurity. Often the individual needs to prove to themselves and others in order to maintain their cybersecurity rockstar status.

  • A toxic security team will have a very hard time hiring new staff. People will leave and tell others you don't want to work there.

  • If you have a diverse team and there's toxicity, the team won't last.

  • There's an enormous cost to disengaged employees.

Michael Piacente, Hitch Partners on showing how you handle a breach

 Next week...  Tuesday, March 3rd, New York City 

Thursday, March 5th, Boston 

The Power of Being 'Liked' in Cybersecurity

The Power of Being 'Liked' in Cybersecurity

If you want to motivate people to be more cyber vigilant and get greater acceptance of the role of cybersecurity, work really hard on being liked, said Keith McCartney, CISO, Zenefits. After our in-person recording of CISO/Security Vendor Relationship Podcast, Mike Johnson asked Keith why you want to be liked and how you should go about promoting that value.

Chris Hatter, CISO, Nielsen on CISO reporting structure

SUBSCRIBE TO BOTH PODCASTS

Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.

If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.