CISOs Struggle to Cope, Cybersecurity Metrics, & Security by Design – BSW #218
This week, in the Leadership and Communications section, CISOs Struggle to Cope with Mounting Job Stress, Corporate Compliance Strategies to Protect Data, Cybersecurity Metrics That Matter, and more!
Announcements
Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Hosts
- 1. CISOs Struggle to Cope with Mounting Job StressThe CISOs aren’t OK. A new survey showed the pandemic has ratcheted up job pressure to “extreme stress” levels among chief information security officers (CISOs), and it’s left them grappling for coping mechanisms ranging from workouts to narcotics.
- 2. 8 things CISOs should be thinking about, but probably aren’tCISOs need to cover all the security bases. The problem is, some of the bases are easy to overlook. Here's a rundown of eight often-overlooked areas that CISOs should immediately address: 1. Ensuring that third-party partners maintain strong security 2. Investigating innovation opportunities 3. Understanding their enterprise's data footprint 4. Strengthening security team support and focus 5. Thinking ahead 6. Maintaining return on existing security investments 7. Finding ways to build enterprise management unity 8. Developing a truly effective method to sharpen threat awareness
- 3. Corporate Compliance Strategies to Protect DataCompanies that bring teams together and form an operational strategy are more likely to protect data than the best-intentioned silo approach.
- 4. Cybersecurity Metrics That MatterWendy Nather, head of advisory CISOs at Cisco, recently teamed up with researcher Wade Baker to investigate cybersecurity metrics and determine how to make a cybersecurity program measurably more successful. She shares some of her more surprising findings, including: 1. Best Practices that Improve Security Outcomes: 1) Proactive Technology Refresh and 2) Integrated Technology Stacks 2. Compliance in name only is not enough 3. Metrics that Matter are tied to Outcomes and Capabilities of each Organization
- 5. Security by Design: A New Model for Cloud, CyberAn integrated approach can help build business and technology resilience, which can act as a differentiator for companies focused on building consumer trust. This security-by-design approach can lead to several benefits, including: - Providing leading-edge, innovative security approaches such as intelligent threat detection - Reducing risk related to technology, insider threats, and supply chain - Supporting developers and engineers while enabling the business with development, security, and operations (DevSecOps) - Establishing a cyber-forward approach that reinforces and enhances business objectives, including security and trust - Identifying potential cyber incident and breach scenarios during cloud migration that help build stronger cyber and business resilience.
- 6. 4 ways to handle the cybersecurity skills shortage in 2021Four suggestions for CISOs, executives, and boards to address the negative effects of the cybersecurity skills shortage: 1. Incentivize employees 2. Invest in training 3. Recruit via professional networks 4. Get HR on board
