Cyber-Risk Threat, 4 Steps to Better Security Hygiene, & 10 Rules for Work-Life – BSW #213
In the Leadership and Communications section, Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy, What Good Leaders Do When Replacing Bad Leaders, My Ten Rules for Work-Life Balance, and more!
CISOs know that cybersecurity depends upon a foundation of strong security hygiene and posture management, but increasing scale and complexity make the basics all but impossible. So, what do they do? Leading CISOs I've spoken with recently take the following steps:
1. Take over attack surface management
2. Focus on the crown jewels
3. Invest in cloud security
4. Increase testing
Any leader who is assuming a role previously held by someone else has to face their predecessor’s legacy, but those who are replacing poor or controversial leaders have a special challenge. These three strategies will help your company move on:
1) Acknowledge the contributions of the previous leader. Don’t ignore their contributions or blame them for all of the organization’s challenges.
2) Create space for forgiveness. It will allow people to let go of the past and make room for a new vision and direction.
3) Seek to understand your employees’ experience. Ask them what they want and need going forward. You will have some employees who are supportive of previous leadership.
You don’t automatically become a good leader merely by taking over for a bad one. Ultimately you become a good leader by leading differently and more inclusively.
In turbulent times organizations need to focus on business priorities and restructure processes and teams. How should security leaders set their priorities and how do they tackle the security incidents at scale – even as security budgets remain flat? And what are the communication strategies that CISOs need to adopt while communicating with Board members and other stakeholders?
My 10 Rules for Work-Life Balance:
1. I do not wake up before 7:30 a.m. and I make certain I go to sleep before 1 a.m.
2. I always get 7.5 to 8 hours of sleep a night. (And if I don’t, I will take an afternoon nap, period.)
3. I do not take meetings on Wednesdays.
4. One day a month — and only one day a month — I binge watch YouTube for a few hours.
5. I do not work while I’m eating lunch and dinner, even if that means I eat in 10 minutes and am 10 minutes late to a meeting.
6. I play an iPhone game every single day.
7. I meditate every day.
8. I call my mom when I wake up, when I go to sleep, and at lunch and dinner.
9. I schedule monthly catch-ups with my friends.
10. I play with my dog, walk him, and/or train him every day.
Russ runs the show solo with the absence of Dr. Doug to talk about Travel Security! He explains different aspects such as Personal Security, Asset Security, and Digital Security! Traveling is a lot of fun, but also requires a lot of responsibility. Don't be intimidated, use common sense, adhere to all of the points we mentioned above, stay away fro...
Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minutes. How has this knowledge changed the publicly accessible Internet? We find out when we talk to Censys's Aidan Holland today.
This week, we discuss Island's raise, unicorn status, and what that means for both the enterprise browser market and the cybersecurity market in general. We discuss Censys and the state of the external attack surface management market, or what they're trying to call, "exposure management". We discuss the details of the Okta breach in depth, and why...