- CISO Series Newsletter
- Posts
- 05-26-20 - Great Security Program! Too Bad We Can't Implement It.
05-26-20 - Great Security Program! Too Bad We Can't Implement It.
Great Security Program! Too Bad We Can't Implement It.
This week's episode of CISO/Security Vendor Relationship Podcast
Great Security Program. Too Bad We Can't Implement It.
is hosted by me, David Spark, producer of CISO Series and Mike Johnson. Our sponsored guest is Scott McCormick, CISO, Reciprocity. We discussed:
If you're going to get your security program to work, you need to operationalize your GRC program.
A GRC program has many moving parts and no one-size-fits-all solution will ever work. First, look for ways to create integrations. If it can be automated, such as passing information through an API, do it.
Want a mentor? Just ask.
It really is that simple. Start with the security leaders at your company. Make it clear your goals and your vision for your future in cybersecurity. If you're not able to articulate it early on, then ask for help.
CISOs do get value out of mentoring.
Mentees can bring fresh new ideas to conversations with mentors. They can challenge established ways of thinking that mentors have heard years on end.
If you want to sell more, make it easy to implement your product.
Most CISOs don't buy the "it'll be up in 10 minutes" line, but they do appreciate easy integrations. If your product is tough to integrate into the CISO's environment, they'll move onto someone else who doesn't make the process difficult.
Special thanks to this week's podcast sponsor, Reciprocity.
ZenGRC by Reciprocity is a cloud-based GRC software that automates and simplifies compliance and risk management, solving critical problems at scale while customizing to your business needs. Adhering to the majority of regulations is a snap with pre-built templates and a unified system of record. Learn more at reciprocitylabs.com.
This FRIDAY! [5-29-20] CISO Series Video Chat: Hacking Zero Budget Security
Please join us Friday, May 29th, 2020 at 10 AM Pacific/1 PM Eastern for “Hacking Zero Budget Security: An hour of critical thinking about what you can do with an all-star security team and no budget for tools”.These are open discussions for which anyone can participate. Joining me to lead the discussion will be, Matthew Southworth, CISO, Priceline and Justin Berman, head of security, Dropbox.Huge thanks to our sponsor Trend Micro.Watch the preview video and then REGISTER.
Next FRIDAY! [6-5-20] CISO Series Video Chat: Hacking the Risk Decision Making Process
Join us next Friday, June 5th, 2020 at 10 AM Pacific/1 PM Eastern for "Hacking the Risk Decision Making Process: An hour of critical thinking on how we look at risk from all areas of the business".I'll be there leading the discussion with Tony Sager, senior vp and chief evangelist, Center for Internet Security and Marnie Wilking, global head of security & technology risk management at Wayfair.REGISTER.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.