CISO Series Podcast Why Highlight Diversity When We Can Just Hope You Don't Notice?
Mar 24, 2026
Julie Myerholtz, CISO at Brunswick Corporation and security leader, discusses cloud shared responsibility, insecure defaults, and when to retire obsolete controls. She explores AI risks from vendors and adaptive malware, building a beginner's mind on teams, and treating feedback about diversity as a gift.
AI Snips
Chapters
Transcript
Episode notes
Isolate Privileged Cloud Capabilities
- Take accountability for cloud security controls and segment risky capabilities away from core corporate networks.
- If privileged access is needed, isolate it so compromise has limited impact on the organization.
Prune Controls Based On Practical Risk
- Revisit longstanding controls and retire those that no longer reduce real risk.
- Evaluate control practicality per user role (e.g., simplify passwords for RF gun users, harden domain admins) and align to actual business needs.
Use New Hires To Challenge Assumptions
- Create a beginner's mind by asking new hires and recent joiners why processes exist.
- Embed questioning into onboarding and act on feedback to break learned helplessness and surface cruft.