- CISO Series Newsletter
- Posts
- 11-05-19 - Get Out! The FUD Is Coming from the Inside
11-05-19 - Get Out! The FUD Is Coming from the Inside
Get Out! The FUD Is Coming from the Inside
This week's episode of CISO/Security Vendor Relationship Podcast
Get Out! The FUD Is Coming from the Inside
On
, Mike Johnson and our guest, Eddie Contreras, CISO, Frost Bank. discussed:
FUD isn't just for vendors.
Security professionals love to complain about vendors using FUD (fear, uncertainty, and doubt) to sell their products. But cybersecurity practitioners are guilty of using FUD internally. It's often used internally to scare users into compliance or to get budget they so desire for security tooling.
Just because you conducted security awareness training it doesn't mean you're more secure.
In many organizations security awareness training exists to adhere to compliance requirements. Treat training like the deployment of any security solution. After deployment you monitor its effectiveness and keep adjusting when necessary.
CISOs must give up parts of the fun aspects of security.
Much of what you learned growing into your security role, like being an analyst, may have to be forfeited when you become a CISO. Your job has now broadened to the greater organization and you're required to communicate the security practice to every division in the business.
Special thanks to this week's CISO/Security Vendor Relationship Podcast sponsor, Trend Micro.
Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks, and endpoints. For more information, visit
.
CISO Series Video Chat (Friday, 11/8/19 at 10 AM Pacific)
Hacking the CIS Top 20:
An hour of critical thinking on the most well known beginner’s guide to setting up a security program
On the CISO Series podcasts both Mike Johnson and Allan Alford often refer to the CIS Top 20 as a great place to start when you're beginning your security program. How do you best approach the list? Can it use an update? And are there any tricks to managing your assessment and build out?Joining me will be Jeff Kohrman, CEO of eCISO and Greg van der Gaast, head of information security at The University of Salford.Anyone else can join and be a part of the discussion. Please REGISTER and be part of the event this Friday.
Preview video from this week's episode of CISO/Security Vendor Relationship Podcast
Do You Want to Be a CISO?
Is the role of CISO the cybersecurity job you've always wanted? Second time CISOs Mike Johnson, co-host of
CISO/Security Vendor Relationship Podcast
and Eddie Contreras, CISO, Frost Bank discuss the upsides and downsides of the CISO role. Was it what they expected and what did they have to give up to take on this role?
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.