Secure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and Compliance

Resolving a Conflict Between IT and Cybersecurity | Interview with Jared Leuschen

7 snips

Jan 13, 2026

In this engaging discussion, Jared Leuschen, CEO of Blue Tree, shares his insights on the critical conflict between IT and cybersecurity. He explains the root causes, including misaligned goals and communication breakdowns. Jared emphasizes the importance of aligning teams and setting KPIs for effective security practices. He advocates for proactive involvement of IT in security policy and suggests utilizing fractional consultants to bridge gaps. The conversation reveals how to turn security from a blocker into a business enabler through open dialogue and education.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ADVICE

Start With Stakeholder Interviews

Interview stakeholders individually, then bring them together to surface perceptions and remove language barriers.
Document shared alignment and involve executives to clarify vision and incentives.

ADVICE

Designate A Central Risk Owner

Assign a central risk owner to hold IT, security, and leadership accountable and run regular meetings.
Define success criteria, KPIs and milestones to map new decisions back to the documented plan.

ADVICE

Give IT Time To Innovate

Give IT space and protected time to think proactively and contribute to security design.
Bring IT into policy and procedure drafting early so they can operationalize with buy-in.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

In this episode of the Secure and Simple Podcast, host Dejan Kosutic, CEO of Advisera, discusses the ongoing conflict between IT operations and cybersecurity governance with Jared Leuschen, CEO and Founder of Blue Tree. They delve into the human component behind security and compliance issues, misalignment and communication gaps within organizations, and practical solutions for aligning IT and cybersecurity efforts. The discussion also covers the importance of risk management, the role of consultants, and effective communication strategies between IT and cybersecurity teams.

Links from the episode:
- Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software
- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits
- Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses
- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account
- Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t
- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining

(00:00) - Interview with Jared Leuschen
(01:12) - The IT and Cybersecurity Conflict
(03:21) - Finding Alignment Through Communication
(06:05) - Proactive IT Involvement in Cybersecurity
(15:19) - Time Management and Leadership in IT
(17:38) - The Role of Consultants in Cybersecurity
(23:46) - Vendor Management and Supply Chain Security
(30:33) - Aligning IT and Security with Business Goals
(40:17) - Resources for Consultants