- CISO Series Newsletter
- Posts
- 10-29-19 - Say It Loud! I Didn't Read the Privacy Policy and I'm Proud!
10-29-19 - Say It Loud! I Didn't Read the Privacy Policy and I'm Proud!
Say It Loud! I Didn't Read the Privacy Policy and I'm Proud!
This week's episode of CISO/Security Vendor Relationship Podcast
Say It Loud! I Didn't Read the Privacy Policy and I'm Proud!
On
, Mike Johnson and our guest, Roger Hale, CISO in residence, YL Ventures, discussed:
Be selective about how cyber educated your staff is.
A recent Pew Internet Research study held a bizarre poll for which results showed that users had below optimal cyber knowledge. But the questions were all over the board in terms of relevance. If you want your staff to be cyber aware, pick issues that will have the greatest impact, such as multi-factor authentication (MFA), privacy management, and password managers.
Focus on movement to access the data, not the movement of the data.
When employees forward files to personal email addresses it can open a legal and regulatory can of worms. Offer a better solution to combat the "I just need to get it done" behavior by providing tools that allow them to shift their access management of the data, and put limits on forwarding data as email attachments.
Mike Johnson, co-host,
CISO/Security Vendor Relationship Podcast
, Roger Hale, CISO in residence, YL Ventures, David Spark, producer, CISO Series
Vendors need to be prepared for a CISO review.
There's no reason not to be prepared for a customer review since they're all pretty much asking for the same thing. You should be ready to share certifications, third party audits, pen tests, and a pre-filled out questionnaire.
An experienced CISO can help a startup connect to big companies.
A lawyer on retainer with a venture fund can provide much needed advice to their portfolio companies. Similarly, a CISO in residence can guide startups in obtaining necessary regulatory credentials to get third party approval with large enterprise companies.
Special thanks to this week's CISO/Security Vendor Relationship Podcast sponsor, Zix.
simplifies administration and reporting with a single management interface. Configuring, deploying, and monitoring email security and unified archiving services has never been easier – or faster. ZixSuite combines a cloud-based email threat protection, email encryption, and unified business communications archiving, all backed by Zix’s gold standard 24/7/365 support.
CISO Series Video Chat highlights Are Cybersecurity Sales Incentives Helping or Hurting the Industry?
Here are 4 1/2 minutes of the best moments from last month's video-chat webinar.As you'll see these are dynamic chats where anyone can be involved. If you missed out on this one, don't despair, we've got another one this Friday. See below. Some great tidbits in this highlights reel.
CISO Series Video Chat - FRIDAY (11/1/19 at 10 AM Pacific) Hacking the Boardroom Meeting
Please join us this Friday (11/1/19) for the next CISO Series Video Chat entitled, "Hacking the Boardroom Meeting: An hour of critical thinking about communicating with the C-suite".Joining me will be Gary Hayslip, CISO, SoftBank Investment Advisers and cybersecurity consultant, Yael Nagler.Hashtag for the event is #HackingVideoChat. Please register and see how fun these open video chats are.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.