Yes, firing the CISO probably won’t solve our security issues. But our community has a multi-generational heritage of relying on scapegoats to make them feel good about their decisions.
Thanks to this week’s podcast sponsor, Kenna Security
Got feedback? Join the conversation on LinkedIn.
On this week’s episode
Why is everybody talking about this now?
On the AskNetSec subreddit one redditor asked, “Why do people always get fired over a breach?” to which one responded, like many others, “it’s just tradition. Military, government, corporations. It’s an old-fashioned thing really, but a lot of people still believe a ‘blood sacrifice’ is required to restore faith from the public or the shareholders.” How tenable is it to keep doing this with so many breaches? After a breach what are the different actions needed to appease shareholders, executives, employees, and customers? And when is blood letting warranted?
How to become a CISO
Over on the CISOseries subreddit, a hopefully soon-to-be-CISO asked, “What should I ask before being a CISO at a startup?” This startup is pre-IPO. 2000 employees. About $1B in valuation. The redditor is looking for advice beyond asking what’s the current security strategy and what the reporting structure would look like. What would you want to ask in such a situation?
Probably the ultimate “What’s Worse?!” scenario.
Hey you’re a CISO. What’s your take?
On LinkedIn, Kris Rides asked, “If you can only do one thing to retain your staff what would that be?” What have you done and has any of your staff let you know that certain actions you took meant a lot to them. According to research from leadership consulting firm DDI, 57 percent of employees who walk out the door, do so because they can’t stand their boss. For that reason, the pressure is heavily on the CISO to make sure they’re well-liked by their staff.
There’s got to be a better way to handle this
Can you think of a moment you had to make a significant shift in your security program? What did you do and why? Was there a specific event that triggered it?
(CC BY-SA 2.0) by U.S. Embassy of Jerusalem