Where’s the “Single Pane of Glass” to My Level of Stress?

Where’s the “Single Pane of Glass” to My Level of Stress?

October 25, 2022

CISO Series

CISO Series Podcast

Where’s the “Single Pane of Glass” to My Level of Stress?

Where’s the “Single Pane of Glass” to My Level of Stress?

We recorded a show in front of a live audience in Chicago for the Evanta Global Executive CISO Summit. My guests on stage were Shawn Bowen, CISO, World Fuel Services and our guest Meredith Harper, svp, CISO, Synchrony. Here are the segments from the show:Commitment to diversity doesn't match reality.  “Although more than three-quarters of white employees consider themselves allies to women of color at work, less than half take basic allyship actions, such as speaking out against bias or advocating for new opportunities for women of color." (source: SC Magazine). Usually, people want to do the right thing, but often they accidentally slip into microaggressions or unconscious bias. Or if they don't do that, they simply don't know what the right thing to do is. ANSWER: Don't be an ally, be an accomplice. Don't wait. Know beforehand how to react when issues come about.CISOs' biggest personal risk is burnout. Breaches, increased regulations, and the tech talent shortage are all contributors to CISO stress. Very capable CISOs are leaving the role because the weight is too much and they don't like passing it off to their team. CISOs need help from their company to relieve the pressure, or they will leave the job, and possibly the industry altogether (source: CNBC).What's the value of fake CISO profiles? Brian Krebs disclosed a disturbing trend of fake CISO profiles. We're still a little puzzled by the motivation, but Shawn Bowen believes it's information warfare/mental malware. What can I get others to believe is happening in terms of personnel at a company? And given that so much information is being scraped from LinkedIn, it seems like a great place to start if you want bogus information distributed. Stop looking for the "ideal" candidate. Putting a job profile out with far too many requirements to "just see what we get" is actually hurting the industry and it's hurting your employer brand. Don't describe the person who just left the position, but rather post a job with the bare essentials of what you need. Second, consider recruiting IT workers to cyber. Yes, they're still hard to get, but not nearly as hard as getting cyber people. (source: CSO Online).Hear all these stories, "What's Worse?!" and our audience question speed round when you listen to the full episode.

Thanks to our podcast sponsor, Cisco

Cisco

Biggest mistake I ever made in security...

"I had an opportunity to talk to my board about a security breach that we were having, and I talked to my board before I actually told the CEO." --Meredith Harper, svp, CISO, Synchrony

Listen to full episode of

Controls only work if you've got visibility

"Fire drills are just bad for business. And so you need to have a strategy that focuses on giving you the visibility of what’s happening. I’ll say this multiple times, but controls are only as good as the visibility you have in order to monitor them. So, if you don’t have the visibility of what’s going on then you can’t implement the controls that you need in order to drive your business forward and avoid those kinds of fire drills." -- David Ratner, CEO, HYAS

Listen to full episode of

Cyber Security Headlines - Week in Review

Make sure you

to join the LIVE "Week In Review" this Friday for

Cyber Security Headlines

. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. 

Thanks to our Cyber Security Headlines sponsor, Votiro

Votiro

Super Cyber Fridays!

Register for "Hacking API Security" on Super Cyber Friday - October 28th, 2022

Hacking API Security

Think you know everything about API security? Of course you don't. That's why we're holding another Super Cyber Friday on this very topic. To give you a little insight into our discussion, I chatted with one of our guests, Karl Mattson, CISO, Noname Security. Also joining us for the conversation will be JJ Agha, CISO, Compass.

Thanks to our Super Cyber Friday sponsor, Noname Security

Noname Security

Thank you for supporting CISO Series and all our programming

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at

.

Interested in sponsorship, contact me,

.