Six Trends We Saw on CISO Series in 2020

We’ve been evolving the model of the CISO Series and here are some behaviors we saw emerge over the past year.

1: Short form podcasts are immune to needing a commute

COVID has eradicated most people’s commute, which is usually a popular time to consume podcasts. As a result, most podcasts have suffered. We have found one exception. Cyber Security Headlines is growing faster than any of our podcasts because it’s delivering a much desired service (quick summarized cyber news in audio format), it comes out daily, and it’s short (only 6 minutes). That timing, in particular, is what makes it immune to needing a commute in order to consume.

Got feedback? Join the conversation on LinkedIn.

2: People want to engage without having to be on camera

When we launched our CISO Series Video Chats, we extended the offer that anyone can join us on camera to be part of the video chat. We thought lots of people would really want to do that. Turns out people are in enough Zoom meetings all day that it’s actually a relief to engage with colleagues in real time without the pressure of constantly needing to be “on” via a video call. So while we’ll only get one to two audience members coming on camera during the chat, the chatroom consistently has 350-600 comments over the hour.

3: Cybersecurity people are really funny

One thing I learned from working in comedy is if you have the right setup, you can incite a lot of funny. My video editor noticed that when he looks at clips from the “man on the street” videos I shoot. I’m also seeing that every Friday when we play our BEST BAD IDEA game during our weekly video chat. There is an eagerness to come up with the most clever and funniest answer. I’m amazed every week that we get 40-80 contributions (often very funny) over the hour.

4: People really care about the complicated career of the cyber professional

Any post about career advancement or stagnation results in an explosive response in social media. We all want to celebrate and also gripe about the long and frustrating process of hiring cyber talent. While we supposedly need to hire millions of cybersecurity people, there are tons of people complaining they can’t get jobs and companies that have job openings that stay vacant for months. The problem stems from high expectations of job managers, an unwillingness to train as part of the onboarding process, and candidates simply confused as to what they should do to get hired and to advance.

5: Compared to 2017, there’s a lot less animosity towards security vendors

Late 2017, I witnessed a non-stop level of vitriol towards security vendors for their aggressive marketing tactics. Seeing this is what caused me to launch the concept of CISO Series early in 2018 because a new conversation needed to begin (listen to the episode of Defense in Depth where we discuss the origins of CISO Series in detail). Animosity was not working for anyone. Vendors were passionate about their solutions, eager to engage with CISOs. CISOs wanted to engage with vendors, but with respect for their professionalism in cybersecurity. They didn’t want to be told that a certain company would have survived a breach if they had Company X’s spectacular cyber solution. While my evidence is anecdotal, I don’t see nearly the same kind of anger anymore. The conversation has definitely changed.

6: Meet people where they already are if you want them to pay attention to you

Vendors just want to get their story heard. But at the same time, I know it’s very hard to force people to “pay attention to you” if it’s not something they already have interest in. Before you even think about what you want to do, you must meet people where they are. It’s a formula I’ve tried to adhere to with the development of the CISO Series. “Meeting people where they are” means:

  • Building content in formats that they want to consume (e.g., a daily cybersecurity headlines podcast in audio format that takes only six minutes to consume).
  • Creating content on topics they’re already passionate about (e.g., the relationships between CISOs and vendors).
  • Developing venues where they feel comfortable and are excited to participate (e.g., our weekly video chats and our Icebreaker meetups).

Thank you for making 2020 so successful or us. I will continue to do my best to think of new ways to educate, entertain, and engage with the community. Don’t hesitate to reach out with any suggestions or contributions.