This week's episode is hosted by me, David Spark, producer of CISO Series and Mike Johnson. Our guest is Helen Patton, CISO, The Ohio State University. All three of us discussed:
Aggressive vendor behavior has caused CISOs to ignore all cold calls. Salespeople may have stats that show the success of their cold calls, but the behavior of cold calling has created a culture where CISOs are in avoidance mode. From a CISO's perspective, the solution is not a discussion around more effective cold calling, but rather security vendors using other forms of marketing so they're able to learn about solutions organically.
Create threat scenarios based on the most common user mistakes. While we universally agreed calling end users "dumb" is not an effective security or relationship strategy, it would be a good idea to understand how your security program can withstand the most common user mistakes, such as clicking a phishing email. If you build out such a program, not only are you designing defense in depth, but you're letting your users know you're looking out for them.
Use feelings of impostor syndrome as a positive. The overwhelming majority of security professionals have suffered from impostor syndrome. Any point you feel inadequate use that as an opportunity to learn rather than wallow in self doubt. And yes, it's easier said than done.
For cybersecurity podcasts, audience excitement trends in the wake of host excitement. It's hard to stay up with so many great podcasts. We try our best to come up with interesting topics and guests for our shows. And we're having a lot of fun doing it. But, we know that podcast producing is hard and sometimes hosts don't stay to their schedule or just lose interest in producing altogether. That often shows in their production and the net result is their audience bails.
Click on link to listen the podcast: https://cisoseries.com/i-love-cold-calls-said-the-ciso-on-opposite-day/
Aggressive vendor behavior has caused CISOs to ignore all cold calls. Salespeople may have stats that show the success of their cold calls, but the behavior of cold calling has created a culture where CISOs are in avoidance mode. From a CISO's perspective, the solution is not a discussion around more effective cold calling, but rather security vendors using other forms of marketing so they're able to learn about solutions organically.
Create threat scenarios based on the most common user mistakes. While we universally agreed calling end users "dumb" is not an effective security or relationship strategy, it would be a good idea to understand how your security program can withstand the most common user mistakes, such as clicking a phishing email. If you build out such a program, not only are you designing defense in depth, but you're letting your users know you're looking out for them.
Use feelings of impostor syndrome as a positive. The overwhelming majority of security professionals have suffered from impostor syndrome. Any point you feel inadequate use that as an opportunity to learn rather than wallow in self doubt. And yes, it's easier said than done.
For cybersecurity podcasts, audience excitement trends in the wake of host excitement. It's hard to stay up with so many great podcasts. We try our best to come up with interesting topics and guests for our shows. And we're having a lot of fun doing it. But, we know that podcast producing is hard and sometimes hosts don't stay to their schedule or just lose interest in producing altogether. That often shows in their production and the net result is their audience bails.
Click on link to listen the podcast: https://cisoseries.com/i-love-cold-calls-said-the-ciso-on-opposite-day/
Tags 🏷
#cybersecurity #cso #ciso #infosec #cissp #itriskmanagement #ciberseguranca #cyberattacks #threats #malware #cibercrime #cism #securityleaders #cciso #breach #mitreatt&ck #pentesting #cloudsecurity #cyberwar #datasecurity #ethicalhacking #hacking #cloud #informationsecurity #securitymanagement #infosec #ransomware #datasecurity #cisoseries #csocyber
#cybersecurity #cso #ciso #infosec #cissp #itriskmanagement #ciberseguranca #cyberattacks #threats #malware #cibercrime #cism #securityleaders #cciso #breach #mitreatt&ck #pentesting #cloudsecurity #cyberwar #datasecurity #ethicalhacking #hacking #cloud #informationsecurity #securitymanagement #infosec #ransomware #datasecurity #cisoseries #csocyber
Comentários
Postar um comentário