10-01-20 - I'd like to introduce you to our CISO, the designated felon

I'd like to introduce you to our CISO, the designated felon

October 01, 2020

CISO Series

This week's episode of Defense in Depth

Legal Protection for CISOs

Legal protection for CISOs

is hosted by me, David Spark, producer of CISO Series and Allan Alford. Our guest is Evan Wolff, partner at Crowell & Moring. All three of us discussed:

  • We repeatedly joke about Davi Ottenheimer's comment that the CISO has held the moniker of "designated felon" in American risk mitigation.

  • Big piece of advice that was repeated throughout the episode is to have an employment contract.

  • In the employment contract you want an exit strategy that allows you to leave if you think a situation is not tenable or the company is asking you to do something that you believe to be unethical. It gives you an opportunity to leave without any blame assigned.

  • The cc field is your friend. If you don't want to be seen as the only one "in the know" take advantage of making sure key people are also in the loop.

  • We heard one unbelievable story of an employment contract where it was clear that the CISO would be the "designated felon" should there be any breach. This was put in place to protect the executive team. The contract offered financial security for two years post breach. We all agreed this was insane and had never heard of anything like that before.

  • Be wary of being forced to take on personal ownership of security issues. A CISO is responsible, not accountable.

Special thanks to this week's podcast sponsor, TrustMAPP.

TrustMAPP

TrustMAPP delivers continuous, automated Security Performance Management, a real-time view of your cybersecurity maturity. TrustMAPP tells you where you are, where you’re going, and what it will take to get there. TrustMAPP lets you manage security as a business, quantifying and prioritizing remediation actions and costs.

CISO Series Turns Two!

CISO Series Turns Two

As of today, CISOseries.com is exactly two years old.

of some of the stats of our two years of production. Or better yet, join us for our video chat happening tomorrow. See below.

Cyber Security Headlines

Cyber Security Headlines - September 30, 2020

This week's sponsor of

Cyber Security Headlines

is ReversingLabs

TOMORROW! Friday [10-2-20] Your chance to hack CISO Series

Our two year celebration is happening tomorrow Friday, October 2nd, 2020 at 10 AM PT/1 PM ET"Hacking CISO Series: An hour of critical thinking and looking back at CISO Series coverage".Yes, my two co-hosts, Mike Johnson and Allan Alford will be there, as well as lots of surprise guests.REGISTER

Thanks to our sponsor Elevate Security.

Best Moments from "Hacking the Supply Chain"

Best Moments from "Hacking the Supply Chain" - CISO Series Video Chat

Here are six minutes of the best moments of last week's CISO Series Video Chat "Hacking the Supply Chain: An hour of critical thinking on building resiliency with the digital supply chain" that features Marcia Peters, vp of third-party risk management, TransUnion and Kelly White, founder & CEO, RiskRecon.

Check out the blog post to watch the video, read the "Best Bad Ideas" and the best quotes from the chat room, and to get access to the full one-hour recording.

Huge thanks to our sponsor, RiskRecon

RiskRecon

Subscribe to all our podcasts

Click any of the podcasts below to get access to the subscription feeds. If you're already a subscriber, thank you!