Brakeing Down Security Podcast   /     Managing messaging with management, becoming a CISO with Mary Gardner from Goldiknox

Description

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time based on new information and experiences and do not represent views of past, present, or future employers.   Recorded: 08 Apr 2024 Youtube VOD: https://www.youtube.com/watch?v=K8qApvsFtqw   Show Topic Summary: If you want to get in the mind of a board member, I submit to you my discussion with Mary Gardner we did last night on #brakesec #education. Join Mary and I as we discuss the functions of a board, messaging to various levels of leadership and teams, and what it takes to make that leap to being a CISO. And when you're done, and you need someone to help your org get more mature, contact the team at GoldiKnox. #cybersecurity #informationsecurity #ciso #leadership #GRC   Questions and topics: https://hbr.org/2023/05/boards-are-having-the-wrong-conversations-about-cybersecurity “Just 69% of responding board members see eye-to-eye with their chief information security officers (CISOs). Fewer than half (47%) of members serve on boards that interact with their CISOs regularly, and almost a third of them only see their CISOs at board presentations. “ They obviously have different priorities, so what brings everyone to the table to discuss? Are they even worried about security? Tactical goals vs. org goals and aligning them What are boards most worried about these days?  Staying relevant in the face of AI? What tech will protext them from the newest threats? GRC is forced security, security is completely optional, Compliance requires some sort of security   Additional information / pertinent LInks (Would you like to know more?): Research organizations (gartner, forrester, etc) https://goldiknox.com/  https://www.linkedin.com/pulse/board-needs-help-planning-cybersecurity-start-here-daniel-briley-k7xzc https://hbr.org/2022/11/is-your-board-prepared-for-new-cybersecurity-regulations https://www.justice.gov/usao-ndca/pr/former-chief-security-officer-uber-sentenced-three-years-probation-covering-data   Show points of Contact: Amanda Berlin: @infosystir @hackershealth  Brian Boettcher: @boettcherpwned Bryan Brake: https://linkedin.com/in/brakeb  Brakesec Website: https://www.brakeingsecurity.com Youtube channel: https://youtube.com/@brakeseced Twitch Channel: https://twitch.tv/brakesec Discord: https://discord.gg/brakesec

Subtitle
Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time based on new...
Duration
01:22:56
Publishing date
2024-04-09 05:05
Link
http://brakeingsecurity.com/managing-messaging-with-management-becoming-a-ciso
Contributors
  Mary Gardner and Bryan Brake
author  
Enclosures
https://traffic.libsyn.com/secure/brakeingsecurity/audio_only-Mary-Gardner.mp3?dest-id=177487
audio/mpeg

Shownotes

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time based on new information and experiences and do not represent views of past, present, or future employers.

 

Recorded: 08 Apr 2024

Youtube VOD: https://www.youtube.com/watch?v=K8qApvsFtqw

 

Show Topic Summary:

If you want to get in the mind of a board member, I submit to you my discussion with Mary Gardner we did last night on #brakesec #education. Join Mary and I as we discuss the functions of a board, messaging to various levels of leadership and teams, and what it takes to make that leap to being a CISO. And when you're done, and you need someone to help your org get more mature, contact the team at GoldiKnox. #cybersecurity #informationsecurity #ciso #leadership #GRC

 

Questions and topics:

  1. https://hbr.org/2023/05/boards-are-having-the-wrong-conversations-about-cybersecurity

    1. “Just 69% of responding board members see eye-to-eye with their chief information security officers (CISOs). Fewer than half (47%) of members serve on boards that interact with their CISOs regularly, and almost a third of them only see their CISOs at board presentations. “

    2. They obviously have different priorities, so what brings everyone to the table to discuss? Are they even worried about security?

  2. Tactical goals vs. org goals and aligning them

  3. What are boards most worried about these days? 

    1. Staying relevant in the face of AI?

    2. What tech will protext them from the newest threats?

  4. GRC is forced security, security is completely optional, Compliance requires some sort of security

 

Additional information / pertinent LInks (Would you like to know more?):

  1. Research organizations (gartner, forrester, etc)

  2. https://goldiknox.com/ 

  3. https://www.linkedin.com/pulse/board-needs-help-planning-cybersecurity-start-here-daniel-briley-k7xzc

  4. https://hbr.org/2022/11/is-your-board-prepared-for-new-cybersecurity-regulations

  5. https://www.justice.gov/usao-ndca/pr/former-chief-security-officer-uber-sentenced-three-years-probation-covering-data

 

Show points of Contact:

Amanda Berlin: @infosystir @hackershealth 

Brian Boettcher: @boettcherpwned

Bryan Brake: https://linkedin.com/in/brakeb 

Brakesec Website: https://www.brakeingsecurity.com

Youtube channel: https://youtube.com/@brakeseced

Twitch Channel: https://twitch.tv/brakesec

Discord: https://discord.gg/brakesec