Business Leader, CISO Skills, & Building Your Cybersecurity A-Team – BSW #211
Full episode and show notes
In the Leadership and Communications section, Being a CISO in 2021: How to Be a Business Leader in the Boardroom, Skills CISOs Need to Have in 2021, Build your cybersecurity A-team: 7 recruiting tips, and more!
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
VP, Product at Living Security
- 1. How to Create a Winning Post-Pandemic Business ModelMarkets change, and business models have to change in parallel. Success depends on constant business model innovation. In order to succeed, you need to get two things right: 1. You have to target a defensible market segment, and 2. you have to create a business model that enables you to win against competitors who are going after your target segment. In developing a high-profit business model to engage your target customers, you have three choices: 1. increase your customer value, or 2. lower your cost to serve, or 3. do both.
- 2. Boards still aren’t taking cybersecurity seriously, warns new NCSC boss. That means everyone is at riskOrganisations aren't in a position to be complacent about cybersecurity, says NCSC CEO Lindy Cameron, who warns of threats from ransomware to attacks against critical infrastructure.
- 3. Being a CISO in 2021: How to Be a Business Leader in the Boardroom – Security BoulevardIn 2021, CISOs need to be on the top of their game. Here's three tips for managing expectations with the C-Suite and the Board: 1. Open Discourse and Be Transparent 2. Establish a Narrative 3. Focus on the Future
- 4. Why the modern CISO should plan for greater Cybersecurity Regulations in the Biden EraJust a few months past the initial SolarWinds discovery, it is clear that standardized cybersecurity regulation is needed to outline best practices for companies to follow. A coordinated approach at the federal and even global level would strengthen companies’ security posture internally and externally, including customers and third-party vendors.
- 5. Skills CISOs Need to Have in 2021Having good technical skills is not enough to be an effective security leader today. Here are the essential skills to be an effective business leader: 1. Companies today are increasingly looking for their next generation of information security managers to be certified CISO. 2. Need to develop soft critical skills such as communication, reporting, and cost-benefit analysis. 3. Being able to communicate with the Board in clear, concise, relatable terms will be a differentiator for CISOs. 4. Security for the sake of security is a failure on the part of a CISO — collaborative security and functional operability are where everyone is successful. 5. Soft skills such as understanding of privacy, security awareness, and training, knowledge of governance, security communications, or cyber law and ethics. 6. Cloud security skills and understanding the roles of the service vendor, the cloud provider, and the end customer will be a critical need for many companies this year. 7. Companies need to implement formal training programs to continue to educate and train their talented employees as the sector continues to evolve daily.
- 6. 5 Important Insights for CIOs & CISOs in 2021 – Security BoulevardIt is important for information security officers to figure out what needs to be done and how to prioritize each task in order to protect their organization against cyber threats. Some of the insights mentioned below would interest information security officers – 1. Information Security has Taken the Front Seat 2. Information Security Officers are Closer to Business than Ever 3. Nothing Can Replace Human Awareness 4. Insider Threat is a Reality 5. Remote Work Culture is Here to Stay
- 7. Build your cybersecurity A-team: 7 recruiting tipsBest practices for building your cybersecurity team: 1. Look beyond the usual places to find talent 2. Don't require candidates to have niche skills 3. Look for relevant skills beyond formal education 4. Be willing to train candidates after they're hired 5. Use certifications to give a candidate context 6. Carefully craft your job descriptions 7. Sell your job
Founder at Security Weekly