CISO Stories Podcast (Audio)

Where the CISO should report has been debated for many years, with the predominant view being "anywhere but the CIO", while even in 2022, most CISOs are reporting to the CIO! Which reporting structure viewpoint is right? This podcast will examine the pros and cons of reporting to the CIO and other departments. Join Stephen as he shares his experience as a Former CISO for several large financial institutions, along with his current views. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/05/CISOSTORIES_StephenFried_Article.pdf Fried, S. 2019. The Best Reporting Relationship for a CISO May Not Be What You Think! In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 174-5. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp74

Managing cybersecurity defense inside an organization is an enormously complex endeavor, considering the interconnections, vendor relationships, cloud, and mobile proliferation of the data. While many of these computing technologies have a clear purpose and usefulness, many times organizations minimize the complexity when presenting to the Board. Should we? Join us as we discuss a different approach to better communications. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/05/CISOSTORIES_EdwardAmoroso_Article.pdf Amoroso, E. 2019. Educating Senior Management in Cybersecurity. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 150-1. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp73

Careers can just happen, or they can be planned. Join us as we discuss making the decision to become a CISO and then taking the steps necessary to develop the skills to attain the job and thrive in the role. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_ShaunCavanaugh_Article.pdf Cavanaugh, S. 2019. From Techie to CISO – Identify Where you Want to Be and How to Get There. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 480-481. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp72

The cybersecurity field has traditionally been male dominated and there is clearly a desire to attract more women into the field. Join us as we discuss practical tips for women advancement to leadership positions, how to stand apart when climbing the leadership ladder, and advice for leading effective teams. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_StayMill_Article.pdf Mill, S. 2019. Women In Leadership – Practical Advice. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg. 425 Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Show Notes: https://securityweekly.com/csp71

The security spend is increasing year over year as hackers become more sophisticated, organized, and opportunistic. Join us as we discuss ways to determine and evaluate the cost of cybersecurity to ensure the organization is spending the appropriate amount to reduce the risk to an acceptable level. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_DevonBryan_Article.pdf Bryan, D. 2019. The Cost of Cybersecurity. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 501-2. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp70

A key function of the CISO is to provide an accurate organizational picture of the risk the organization is currently accepting and communicate the strategy for enhancing the security maturity in support of the business goals. The way you prepare and communicate is just as important as the message. Join us as we discuss how to improve the delivery of the message. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_JasonWitty_Article.pdf Witty, J. 2019. Projecting Confidence when Presenting to the Board of Directors. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 493-4. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp69

Security metrics are often a struggle to establish by security departments. These metrics may be taking too narrow of a view, whereby metrics visible and embraced by other areas can improve the security program success. Join us as we discuss these metrics. Additionally, Caroline is graciously offering her Linkedin metrics course focused on establishing objectives and measuring progress towards the objectives, to CISO STORIES listeners at no cost at https://www.linkedin.com/learning/learning-security-metrics/why-are-security-metrics-important?autoplay=true To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_CarolineWong_Article.pdf Wong, C. 2019. Sharing the Metrics Goal Between Departments. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 158-9. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald. Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes! Show Notes: https://securityweekly.com/csp68

Organizations want to know, how are we doing with respect to security? Companies can accept risks they are aware of, and don't want to outspend the competitors with the industry vertical. They also need a way to understand and benchmark the effectiveness of the security program. Join us as we discuss how to ensure the threats are being evaluated. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/04/CISOSTORIES_JasonTaule_Article.pdf Taule, J. 2019. Keeping Up with The Jones (When Your Neighbors Are Bad Actors). In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 156-7. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp67 Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

We have four generations predominantly in the workforce today, boomers, generation X, Millennials, and Generation Z. Each generation was influenced by different world events, shaping values towards work, family, and technology. The past few years have brought a changing view towards work, with remote and hybrid working. Join us as we discuss these challenges. McGaw, C. 2019. Optimizing Four Generations in The Workforce. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 443-4. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp66 Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

In addition to serving as a CISO for several large companies, Phil was instrumental in co-founding the Cloud Security Alliance (CSA) and creating the Cloud Controls Matrix (CCM) to identify what standards from the many frameworks such as NIST, ISO27000, COBIT, HIPAA, PCIDSS, etc. would be applicable to the cloud environment. Join Phil as he discusses his view of these frameworks and his approach to security today. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/12/CISOSTORIES_Phil_Agcaoili_Article.pdf Agcaoili, P. 2019. Leveraging Control Frameworks. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 223-227. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp65 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/