Security Weekly
Business Security WeeklySubscribe
Leadership, Security Staff Acquisition & Development

BSW #286 – Todd Fitzgerald

Todd Fitzgerald, author of CISO Compass and host of CISO Stories, joins BSW to share his top leadership lessons from the first 100 episodes of CISO Stories. Todd interviews CISOs and gains insights into their challenges and how they are solving them. Don't miss this recap!

In the leadership and communications section, The Sacrificial CISO heralds a new age for cybersecurity, To Coach Leaders, Ask the Right Questions, How to Handle Criticism Gracefully: 12 Pro Tips, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Leadership Lessons from the First 100 Episodes of CISO Stories – Todd Fitzgerald – BSW #286

Todd Fitzgerald, author of CISO Compass and host of CISO Stories, joins BSW to share his top leadership lessons from the first 100 episodes of CISO Stories. Todd interviews CISOs and gains insights into their challenges and how they are solving them. Don't miss this recap!

Announcements

  • Security Weekly listeners, we need to hear your voices! Leave us your feedback on Apple podcasts & submit a screenshot to our giveaway form for a chance to win a $100 gift card from Hacker Warehouse! This giveaway will be open until the end of the year. We appreciate your honest feedback so we can continue to make great content for our audience! Visit securityweekly.com/giveaway to enter!

Guest

Todd Fitzgerald
Todd Fitzgerald
Vice President, Cybersecurity Strategy at Cybersecurity Collaborative

Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.

Hosts

Matt Alderman
Matt Alderman
VP, Product at Living Security
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

2. Sacrificial CISO, Ask the Right Questions, and Handle Criticism Gracefully – BSW #286

In the leadership and communications section, The Sacrificial CISO heralds a new age for cybersecurity, To Coach Leaders, Ask the Right Questions, How to Handle Criticism Gracefully: 12 Pro Tips, and more!

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Hosts

Matt Alderman
Matt Alderman
VP, Product at Living Security
  1. 1. The Sacrificial CISO heralds a new age for cybersecurity

    There are many different types of CISO, with many different backgrounds and reporting in to many different business lines. One thing they have in common is their wide, strategic view they have of the business - or at least, it should be.

  2. 2. A CISO’s 100-day run to cyber success – CyberTalk

    By the end of your 100 days run, aim to report on the following questions:

    • What is our current capability maturity?
    • What is the biggest threat to the organization?
    • What part of the security posture requires the most urgent attention?
    • What resources are required to address threats that will cause the organization most harm?
    • How does the executive team want effectiveness of cyber investment reported?
    • What is the organization’s risk if nothing changes?
  3. 3. What Is Top of Mind for CISOs Right Now?

    CISOs differ on which is the more catastrophic cost to the business: business disruption or data exposure. Regardless, preparation is key. Here are some of the top ways that CISOs can guard against rising ransomware.

    • Prepare to defend and recover
    • Use a privileged access strategy
    • Leverage comprehensive, integrated threat detection and response capabilities
  4. 4. 9 Bite-Sized Observations About Team Leadership After Running a Team of 25 People for 6 Months

    Half-baked observations because fully-baked commentary is boring and unhelpful:

    ???? Your Actions are Magnified ???? Adapt Processes for Scale ???? Don’t Try to Own The Details ???? Find The Signal, Ignore The Noise ????️Narrowcasting > Broadcasting ????️ Know Your Influencers ???? Credibility is the Ultimate Currency ???? Don’t Mimic Someone Else’s Leadership Style ⚽️ Team is everything

  5. 5. To Coach Leaders, Ask the Right Questions

    In a fiercely complex and challenging world, C-suite and other senior leaders — and those coaching them — need to understand how their inner life is influencing their actions in the outside world. Instead, many corporate leaders focus on doing more than deep thinking, leaving what’s going on internally a vast unexplored territory that they haven’t valued much. That includes what they’re feeling, where they’re feeling triggered, and how early experiences in their lives influence the choices they’re making in the present. To develop on leadership skills like prioritization, decision-making, accountability, and more, the author describes how he’s coached leaders to think through more personal questions designed to better understand their motivations and impulses: Why are you the person and leader you are? Who are you capable of becoming? What’s standing in your way? This underlying premise is that you can’t transform a company without also transforming yourself.

  6. 6. Best practices for implementing a company-wide risk analysis program – Help Net Security

    How do you kickstart that program? Here are five steps that I’ve found effective for getting risk analysis off the ground.

    1. Determine enterprise-specific assets
    2. Value the assets
    3. Determine relevant threats, assess vulnerability, and identify exposures
    4. Define risk
    5. Implement and monitor safeguards (controls)
  7. 7. How to Handle Criticism Gracefully: 12 Pro Tips

    Criticism may make you feel misunderstood or unappreciated, but it is important to be able to respond to criticism in a productive way.

    6 Ways to Respond to Destructive Criticism 1. Be direct and address the issue  2. Recognize the context 3. Don’t take it to heart 4. Brush it off with a laugh 5. Pep-talk yourself  6. Avoid destructively critical people

    6 Ways to Respond to Constructive Criticism 1. Thank the intention 2. Evaluate the input 3. Avoid anger & cultivate calm 4. Give them a notice 5. Turn destructive into constructive 6. Enlist accountability to help you change 

John Kinsella
John Kinsella
Co-founder & CTO at Cysense
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

Related