Information security departments are often challenged to come up with “ROI” or Return on Investment for the information security initiatives. Why should the information security department be any different? Join this podcast and learn why calculating an ROI may not be necessary and how reducing risk has different considerations.
To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/02/CISOCOMPASS_PaulHypki.pdf
Hypki, P. 2019. Where’s the ROI? In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 83. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald.
This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!
Paul Hypki – Chief Information Security Officer at Children’s Minnesota
Paul Hypki has been the CISO at Children’s Minnesota since 2017. His background includes healthcare, banking, and brokerage. His Information Security journey began in the early 2000s as the Risk Officer with a job description of “keep us off the front page of the Wall Street Journal.” Moving from finance to health care was a culture shock. After years in health care, Paul better understands that information security risk must be continuously measured, evaluated, and prioritized across the entire enterprise, and monies allocated where the maximum risk reduction can be achieved.
Todd Fitzgerald – Vice President, Cybersecurity Strategy at Cybersecurity Collaborative
Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.