What it REALLY means to be a Chief Information Security Officer | What is a CISO?

Опубликовано: 01 Январь 1970
на канале: Dr Eric Cole

2,177

Although I use the word CISO every day, on this episode of Life of a CISO, I review what it really means to be a Chief Information Security Officer. The CISO’s primary job is oversight and accountability, and in order to do this, he must understand what the organization’s cybersecurity threats are, and be able to communicate that information to both executives and engineers. Engineers understand very technical terms like “hashing algorithm” and “crypto-free zone,” and executives understand one language: MONEY! If you can properly explain what your security needs are, and how much it “really” costs to protect your organization, then you can let the executives focus on growing the organization and the IT department focus on keeping the organization safe.

📖 [PRE-ORDER] Cyber Crisis
How to Protect your Business from Real Threats in the Virtual World
cybercrisisbook.com

🔑 [FREE MASTERCLASS]
Discover How You Can Advance Your Career Through Cybersecurity
https://safe.secure-anchor.com/nl-web...

Show Notes:
1:10 What is really a Chief Information Security Officer?
2:42 A CISO is an executive who understands cybersecurity and can translate it to executives
5:02 How hard is it to break a weak password?
6:33 Advanced attacker doesn’t mean advanced attack vector
7:38 The difference between a major and minor breach
8:40 Are you lying to yourself if you were successfully attacked?
10:16 What do we know?
10:46 Golden rule of firewalls is all connections must go through one
12:49 Until we have international internet police, companies have to step up
14:24 I believe the CISO’s role is oversight and regulation
16:03 Don’t get too technical
18:00 Executives understand one thing best: Money!
18:43 4 columns
20:20 The problem with cool new products
23:20 Why breaches go undetected
25:44 Executives think spending money means you are 100% secure
26:56 Why my procedure works
29:23 Risk, not the solution, drives the equation
30:12 One final warning
31:46 Would your exact budget fix the problem?
35:34 Wrap up

About Dr Eric Cole
Eric Cole, PhD, is an industry-recognized security expert with over 20 years of hands-on experience in consulting, training, and public speaking. As the founder and CEO of Secure Anchor Consulting, Dr. Cole focuses on helping customers prevent security breaches, detect network intrusions, and respond to advanced threats. In addition, he is a sought-after expert witness and a 2014 inductee to the InfoSecurity Hall of Fame.

#LifeOfaCISO #Cybersecurity #Careerpath