We could offer a simpler explanation of our technology, but if we confuse you we can charge a lot more.
This episode was recorded in front of a live audience at BsidesSF 2020 in San Francisco. It’s hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest is Olivia Rose, CISO, Mailchimp.
Thanks to this week’s podcast sponsors, Vulcan Cyber and CyberArk
Got feedback? Join the conversation on LinkedIn.
On this week’s episode
How to become a CISO
What is some actionable “let’s start today” advice. What could an individual do right now to develop the skills to be a cyber leader and make it clear to management, that’s what they’re gunning for?
What we’ve got here is failure to communicate
If all vendors stopped sending cold emails, which is what we constantly hear CISOs say they should do, how should they spend their time and money instead to greatly improve their success? If a CISO played the role of a vendor, which happens often, what should you do, to get to you?
We play TWO rounds.
What do you think of this vendor marketing tactic?
According to a recent study by Valimail, CISOs are very suspect of security vendors’ claims. In general, the numbers are horrible for vendor credibility. Close to half of security professionals claim the following:
- Vendors’ tech and explanation are confusing
- Practitioners have a hard time seeing and measuring value
- Practitioners don’t know how a vendor’s product will stay valid on their security roadmap.
What could cybersecurity vendors do to make their claims more believable?
Close your eyes and visualize the perfect engagement
Rafal Los, Armor Cloud Security asked, “If you could implement one thing in your organization that would receive universal adoption without push-back, what would it be?” The question, which seems reasonable, but in the security world often feels impossible, generated a ton of responses on both LinkedIn and Twitter. Many wanted company-wide adoption of one solution, such as MFA or vulnerability management. Others wanted widespread and ongoing security education. Our CISOs debate the one pushback-free solution that would yield the greatest results.