Managing messaging with management, becoming a CISO with Mary Gardner from Goldiknox
Fetch error
Hmmm there seems to be a problem fetching this series right now. Last successful fetch was on November 01, 2024 13:35 ()
What now? This series will be checked again in the next hour. If you believe it should be working, please verify the publisher's feed link below is valid and includes actual episode links. You can contact support to request the feed be immediately fetched.
Manage episode 411446999 series 3562689
Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time based on new information and experiences and do not represent views of past, present, or future employers.
Recorded: 08 Apr 2024
Youtube VOD: https://www.youtube.com/watch?v=K8qApvsFtqw
Show Topic Summary:
If you want to get in the mind of a board member, I submit to you my discussion with Mary Gardner we did last night on #brakesec #education. Join Mary and I as we discuss the functions of a board, messaging to various levels of leadership and teams, and what it takes to make that leap to being a CISO. And when you're done, and you need someone to help your org get more mature, contact the team at GoldiKnox. #cybersecurity #informationsecurity #ciso #leadership #GRC
Questions and topics:
https://hbr.org/2023/05/boards-are-having-the-wrong-conversations-about-cybersecurity
“Just 69% of responding board members see eye-to-eye with their chief information security officers (CISOs). Fewer than half (47%) of members serve on boards that interact with their CISOs regularly, and almost a third of them only see their CISOs at board presentations. “
They obviously have different priorities, so what brings everyone to the table to discuss? Are they even worried about security?
Tactical goals vs. org goals and aligning them
What are boards most worried about these days?
Staying relevant in the face of AI?
What tech will protext them from the newest threats?
GRC is forced security, security is completely optional, Compliance requires some sort of security
Additional information / pertinent LInks (Would you like to know more?):
Research organizations (gartner, forrester, etc)
https://www.linkedin.com/pulse/board-needs-help-planning-cybersecurity-start-here-daniel-briley-k7xzc
https://hbr.org/2022/11/is-your-board-prepared-for-new-cybersecurity-regulations
https://www.justice.gov/usao-ndca/pr/former-chief-security-officer-uber-sentenced-three-years-probation-covering-data
Show points of Contact:
Amanda Berlin: @infosystir @hackershealth
Brian Boettcher: @boettcherpwned
Bryan Brake: https://linkedin.com/in/brakeb
Brakesec Website: https://www.brakeingsecurity.com
Youtube channel: https://youtube.com/@brakeseced
Twitch Channel: https://twitch.tv/brakesec
Discord: https://discord.gg/brakesec
458 episode