- CISO Series Newsletter
- Posts
- You're Not Going Anywhere Until You Clean Up That Cyber Mess
You're Not Going Anywhere Until You Clean Up That Cyber Mess
You're Not Going Anywhere Until You Clean Up That Cyber Mess
This week's episode of CISO/Security Vendor Relationship Podcast
You're Not Going Anywhere Until You Clean Up That Cyber Mess
, Mike Johnson and our guest, Gary Hayslip, free agent CISO, discuss:
Leave the next CISO the keys to the security program.
Exiting CISOs have a responsibility to leave a healthy team, documentation of a security program, and an onboarding document. It's what you'll want when you start your next CISO job.
It just make business operational sense to have security own privacy.
There was much debate as to who should own data privacy within an organization, but for the mere fact that data is being handled directly by people and tools within security, for operational efficiency and cost, it makes sense to keep its management and ownership within security.
Security is moving to the data layer.
The transient nature of data is forcing security to become data-specific rather than perimeter-specific.
Catching hackers is a game, and no one wants to tip their hand.
A hacker wants to appear invisible on your system, and at the same time, you don't want the hacker to know that you're on to him or her. When you do have to let them know, it has to be a complete eviction.
Take a cue from businesses built on incentives.
Lyft's business model is a continuous series of incentives to engage behavior. This same type of enticement can be used to create good security behavior, where people are reporting poor security. Create a points system that gives access to prizes, such as a lock picking class.
Special thanks to this week's CISO/Security Vendor Relationship Podcast sponsor, Trend Micro.
Imagine how hard it would be to live in a house that is constantly under attack from burglars, vandals, fire ants, drones, wall-piercing radar and virulent bacteria. Most of us are used to putting a lock on the door, cleaning the various surfaces and keeping a can of Raid on hand for anything that moves in the corner. But could you imagine keeping a staff of specialists around 24/7 to do nothing but attack your house in order to find and exploit every weakness? Read more...Check out more Cloud Security Tips.
Seriously, thank you for the contributions
Usually I reserve this space to plug an upcoming event or some available sponsorship opportunities. But I want to take this space to thank the audience and sponsors for their participation. It is so critical for the success, programming, and survival of this show.
Audience contributions
I've been in media for a while and getting audience contributions is not easy. You constantly cajole listeners trying to find the right words to get them to send something in to you. And when you get it, it's gold. It's no different than trying to get product feedback. So the fact that you do it is awesome and I want to make it clear that I love all of it.
I happily welcome the constructive criticism, suggestions of new segments, and I love ideas for all the current segments. As you can see on both shows, the content is driven off of your ideas, questions, suggestions, and thought-provoking advice.
And that includes the sponsors as well who provide great topics and guests for our sponsored episodes.
Thank you.
David
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.