Tue, 17 December 2019
All links and images for this episode can be found on CISO Series (https://cisoseries.com/ah-heres-the-problem-youve-got-a-leaky-ceo/)
We're waking up the C-suite to the realization that they're the prime target for cyberattacks.
This episode was recorded in front of a live audience at Evanta's CISO Executive Summit in Los Angeles. It is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest this week is Gary Hayslip (@ghayslip), CISO, Softbank Investment Advisers.
CISO/Security Vendor Relationship Podcast live at Evanta CISO Executive Summit in Los Angeles 12/11/19
PLUS, joining us live was Jewels Nation, the voice of the CISO Series. You hear her voice on all the bumpers on our podcasts.
Jewels Nation, the voice of the CISO Series podcasts, and David Spark, producer of CISO Series
Thanks to this week's podcast sponsor Evanta.
Evanta, a Gartner Company, creates exclusive communities of C-level executives from the world’s leading organizations. These invaluable networks are built by and for C-level executives to share innovative ideas, validate strategies and solve critical leadership challenges through peer-to-peer collaboration. Evanta’s trusted communities serve CISOs and their C-suite peers around the world.
On this week's episode
Where does a CISO begin?
Gary recently brought up an excellent discussion pointing out that executives are the backdoor into your organization. Do they understand that they're critical cogs? Do they and are they willing to take on responsibility? What is the patching process?
Walk a mile in this CISO's shoes
Gary, talked a lot about the importance of work/life balance with cyber professionals. Robert Carey of RSA Security said your actions do most of the talking, "As a CISO, you're a model of work life balance. If you stay 14 hours a day, that's what is expected of employees. If you leave at 5pm they'll realize that's ok for them to do." How do our CISOs handle presenting to their staff what is and isn't OK, when they're in the office or when their employees are remote?
You've got a new hire. Which one do you choose?
Is this the best solution?
Does the email pitch still serve a function? On a recent CISO Series video chat, we talked about how CISOs get 50-80% of their information about products from other CISOs and that yeah maybe sometimes they read an email pitch. Is there still room for the email pitch or should it just die? And if it should die, what should it be replaced with?
Security Squares: Where CISOs Put Vendors in Their Place
A brand new game that asks CISOs how well do they know the vendor landscape? This one was a nail biter.
It’s time for the audience question speed round
Our audience has questions, and our CISOs will have answers.