In Name Only, “Reasonable” Cybersecurity, & Value in Veterans – BSW #254
In the Leadership and Communications section: CISOs are still chiefs in name only, Defining “Reasonable” Cybersecurity: Lessons from the States, Security Leaders Find Value in Veterans to Solve Cyber Skills Shortage, and more!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Hosts
Matt Alderman
VP, Product at Living Security
- 1. CISOs are still chiefs in name onlyIf you’re not in the meeting where decisions are made, then you’re not part of the C-Suite—whatever your title may be.
- 2. 10 Signs of a Poor Security LeaderWeak leadership can demotivate and demoralize the security workforce. Here's what to look out for: 1. Inability to think strategically 2. Running from crisis to crisis 3. Hesitance to put anything in writing 4. Words and actions don't align 5. Poor communication skills 6. Suppressing talent 7. Self-centered 8. Does not make tough decisions 9. Does not answer tough questions 10. Takes cover (and credit)
- 3. Defining “Reasonable” Cybersecurity: Lessons from the StatesUnderstanding the state of cybersecurity in private companies is essential to forming a legal standard of reasonable cybersecurity at the state and local level.
- 4. The Importance of Tabletop Cybersecurity ExercisesContinuous practice makes perfect; the same is true for cybersecurity. Ultimately, tabletop exercises will reduce the risk of damage from a cybersecurity attack, which gives businesses greater peace of mind and confidence that their experts can execute a recovery plan efficiently. These exercises bring teams together, increasing their effectiveness and enhancing cooperation and communication between key people across departments beyond just IT. Employees will also develop a clear understanding of their responsibilities, hone their decision-making skills and learn how to support the incident management processes.
- 5. SEC proposes new rules for public companies to report breaches in four days?The Securities and Exchange Commission this week proposed new rules that would require public companies to report a cybersecurity incident within four business days after the organization determines that it has experienced a "material cybersecurity incident."
- 6. Security Leaders Find Value in Veterans to Solve Cyber Skills ShortageCISOs struggling to fill their vacancies should take a closer look at the opportunities afforded by military veterans.
- 7. To Win Over an Audience, Focus on Building TrustWhen we craft a presentation, we sometimes spend more time on how to deliver the message than on the strategy and vision that will make the message more effective. We make a monumental mistake when we skip strategy and head straight for delivery. Instead, presenters should focus on building trust. The authors identified five competencies a leader can utilize to gain buy-in and build trust in the context of a presentation: clarity, compassion, competency, connection, consistency.
