Cyber-Risk Threat, 4 Steps to Better Security Hygiene, & 10 Rules for Work-Life – BSW #213

Cyberattacks on major financial institutions pose one of the biggest threats to the US economy, with the potential to cripple the system, according to Federal Reserve Chairman Jerome Powell.

CISOs know that cybersecurity depends upon a foundation of strong security hygiene and posture management, but increasing scale and complexity make the basics all but impossible. So, what do they do? Leading CISOs I've spoken with recently take the following steps: 1. Take over attack surface management 2. Focus on the crown jewels 3. Invest in cloud security 4. Increase testing

Any leader who is assuming a role previously held by someone else has to face their predecessor’s legacy, but those who are replacing poor or controversial leaders have a special challenge. These three strategies will help your company move on: 1) Acknowledge the contributions of the previous leader. Don’t ignore their contributions or blame them for all of the organization’s challenges. 2) Create space for forgiveness. It will allow people to let go of the past and make room for a new vision and direction. 3) Seek to understand your employees’ experience. Ask them what they want and need going forward. You will have some employees who are supportive of previous leadership. You don’t automatically become a good leader merely by taking over for a bad one. Ultimately you become a good leader by leading differently and more inclusively.

In turbulent times organizations need to focus on business priorities and restructure processes and teams. How should security leaders set their priorities and how do they tackle the security incidents at scale – even as security budgets remain flat? And what are the communication strategies that CISOs need to adopt while communicating with Board members and other stakeholders?

Lora Vaughn was at a crossroads -- and that was before mandated pandemic lockdowns came into play. Here's her story of how life got sweeter after she stepped away from the CISO job.

My 10 Rules for Work-Life Balance: 1. I do not wake up before 7:30 a.m. and I make certain I go to sleep before 1 a.m. 2. I always get 7.5 to 8 hours of sleep a night. (And if I don’t, I will take an afternoon nap, period.) 3. I do not take meetings on Wednesdays. 4. One day a month — and only one day a month — I binge watch YouTube for a few hours. 5. I do not work while I’m eating lunch and dinner, even if that means I eat in 10 minutes and am 10 minutes late to a meeting. 6. I play an iPhone game every single day. 7. I meditate every day. 8. I call my mom when I wake up, when I go to sleep, and at lunch and dinner. 9. I schedule monthly catch-ups with my friends. 10. I play with my dog, walk him, and/or train him every day.