- CISO Series Newsletter
- Posts
- 06-16-20 - We Compensate Our Low Paying CISO Jobs with High Stress
06-16-20 - We Compensate Our Low Paying CISO Jobs with High Stress
We Compensate Our Low Paying CISO Jobs with High Stress
This week's episode of CISO/Security Vendor Relationship Podcast
We Compensate Our Low Paying CISO Jobs with High Stress
is hosted by me, David Spark, producer of CISO Series and Mike Johnson. Our guest is Nir Rothenberg, CISO, Rapyd. All three of us discussed:
A low paying CISO job doesn't speak well for hiring a security staff.
A company may have a noble cause and/or be in the public sector, but if they're so off base with a CISO salary offering, then chances are they don't have any budget for security staff or security tools. It's going to be very hard to do your job if you don't have both.
A low salary offer may be a sign of internal fraud.
Unless it's obvious that the organization doesn't have budget (e.g., a struggling non-profit or public sector group), a low salary offer may be a sign of misappropriation of funds. Be wary of their financials and potentially the head of HR.
The fun and scary part of cybersecurity is the never ending learning curve.
Never stop learning. That doesn't mean you have to keep studying for certifications, but rather be open to talking with others, even vendors, for educational purposes.
Don't be insulted. CISOs often don't interface with recruiters.
A recruiter going to a CISO to ask for their business is like a coffee distributor going to a CISO for more coffee in the break room. It's often not a CISO's job to interface with recruiters. Many companies have internal recruiters or if they listen to outside recruiters then it will often go through the HR department.
Look to deploy technologies that simplify the need to secure.
If you want an easy to manage security program then look for ways to simplify processes that regularly need a lot of security. Good examples are application whitelisting and SSO (single sign on).
Special thanks to this week's podcast sponsor, Trend Micro.
Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks, and endpoints. For more information, visit
.
This Friday [6-19-20] Hacking API Security
Watch this preview video of our video chat happening this Friday featuring Nir Valtman, vp, head of product & data security at Finastra and Roey Eliyahu, co-founder & CEO, Salt Security.
Upcoming CISO Series Video ChatsAll video chats are held on Fridays and start at 10 AM PT/1 PM ET.[6-26-20] Hacking Tool Optimization[7-3-20] NO SHOW-July 4th break[7-10-20] Hacking Passwords
Best Quotes from “25 API Security Tips You’re Probably Not Considering”
Last week I published an article “25 API Security Tips You’re Probably Not Considering”. If you haven’t read the article yet, or you’re looking for a taste to see whether you should read it or not, here’s a short video where I highlight a few of my favorite quotes. The article includes insights from 27 security experts on the topic of API security.
Thanks to Salt Security for sponsoring our video chat and our best quotes video.
Salt Security protects the APIs at the core of SaaS, web, and mobile applications. By using patented behavioral protection Salt Security automatically and continuously discovers and learns the granular behavior of each unique API and stops attacks. In 2020 Salt Security was named a Gartner Cool Vendor in API Strategy.
Join us for a special THURSDAY (6-25-20) edition of CISO Series Video Chat
We're producing a special episode of our video chat during Living Security's full day virtual conference, Breaking Security Awareness. Our session starts at 12:05 PM PT/3:05 PM ET and we're going to run it just like all of our Friday video chats. Anyone can appear on camera, there will be heavy discussion in the chat room, and we'll be playing "Department of YES" (formerly called "Best Bad Ideas") where our guests will have to argue why these horrible ideas are really truly fantastic. And I'm super excited to have as my guests Manju Mude, sr. security leader, Paranoids, Verizon Media and Christopher Hadnagy, CEO, Social-Engineer.org.
. It's free.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.