In the leadership and communications section, 6 board of directors security concerns every CISO should be prepared to address, Four ways to improve the relationship between security and IT, CISO playbook: 3 steps to breaking in a new boss, and more!
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
The COVID pandemic and spike in cybercriminal activity has raised interest in security among corporate boards. These are the concerns and questions CISOs say they are now hearing from them:
1. Cyber accountability
2. Security status during COVID-19 and beyond
3. Security strategy
4. Benchmarking against industry best practices
5. Resilience to cyberattacks
6. Continuous compliance
Corporate security and IT departments and the people who lead them often have complicated relationships. But does it really have to be that way? Here are four suggestions to improve the relationship:
1. Change the culture of division
2. Early communication and collaboration
3. Don’t sweat org charts
4. Embrace the CISO-as-risk-management-leader model
As CISOs know all too well, change is inevitable—and that includes organizational regime change. Here, security leaders share their best advice for starting new C-suite relationships off on the right foot.
1. Establish your base
2. Strengthen your position
3. Set a new course
High performers in any organization aren’t easy to manage. With their uncanny ability to produce outstanding work and an appetite to solve tough problems, they demand even greater attention and engagement from their managers. Here are 7 proactive steps to manage high performers:
1. Scratch below the surface
2. Connect the dots to learning and growth
3. Let them steer their own ship
4. Seek psychological investment
5. Extend visibility beyond team boundaries
6. Don’t make them your fallback option
7. Establish healthy work boundaries
Colin Fisher, associate professor at University College London’s School of Management, conducted in-depth studies at several companies to determine how managers can effectively help employees who need assistance without demoralizing them. He found that the most effective helpers were the ones who clearly communicated their intentions, timed their interventions at points when people were most receptive, and figured out a rhythm of involvement that best suited their needs.
The list of needed security skills is long and growing. Here are the 10 areas where skills are most in demand for the year ahead:
1. Risk identification and management
2. Technical fundamentals
3. Data management and analysis
7. Threat hunting
8. Interpersonal skills
9. Business acumen
Breach disclosures from T-Mobile and PayPal, SSRF in Azure services, Google Threat Horizons report, integer overflows and more, Rust in Chromium, ML for web scanning, Top 10 web hacking techniques of 2022
Exposed secrets from CircleCI, web hackers target the auto industry, $100K bounty for making Google smart speakers listen, inspiration from Office Space, AWS making better defaults for S3, resources for learning Rust