Bob Bragdon, senior vice president and publisher of CSO, hosts this podcast featuring interviews with top chief information security officers from across the country. Listen in as these tech leaders discuss current security threats, critical IT projects, security skills and careers, and much more.
How COVID-19 changed security priorities at Bristol Myers Squibb
After a nearly 21-year career in the FBI, Roberts joined Bristol Myers Squibb in April, 2020, and has spent the past 7 months navigating the pandemic impact on the pharmaceutical giant. For BMS, like many organizations, the rapid shift to wide-scale work from home brought some unique challenges. "We're putting a lot more resources into protecting our systems, our information, and a lot more resources into educating our employees that maybe didn't have to worry about securing information themselves," Roberts says. "Our adversaries, not just nation-states, but also criminal organizations are very active ... and relentless." This is, of course, not unique to the pharmaceutical industry, but it is why there needs to be a constant focus on educating the workforce and reinforcing protections, says Roberts.
Serving up a risk management culture at McDonald's
In addition to being the largest fast food restaurant in the world, McDonald's is also one of the world's largest employers, real estate companies, and toy companies, thanks to the Happy Meal. It has also been transitioning into a tech company over the past several years, introducing a mobile app, kiosk systems, and digital menu boards, and investing in a data analytics company, a mobile tech company, and a voice analytics company. For CISO Tim Youngblood that means driving a framework for understanding and managing risk, and building a risk-aware culture at the fast food giant. Tune in to learn how he approaches risk management and how he believes the pandemic changed the security landscape.
Building board relationships
Over the past decade, CSOs have had significantly more interaction with their boards of directors, becoming critical partners and driving risk management in many organizations. And cybersecurity, information security and privacy have become key topics of board meetings today, says Mark Weatherford, chief strategy officer at the National Cyber Security Center. Why the shift? "Just a few years ago... information security was background noise [to the board]. Now it's right in their face," he says.
Still, a board's time is limited and CSOs need to make the most of their time in front of the board. In this podcast episode, Weatherford shares his six guidelines for building board relationships, starting with inspiring confidence, which he says is the single most important thing a CSO can do.
TikTok don’t stop: Data privacy and the transparency imperative
After 10 years as CSO of payroll and HR solutions provider ADP, Roland Cloutier was looking for a challenge. He found one in his new role as Global CSO at TikTok, the fast-growing social media startup that has found itself in the news over privacy concerns. For Cloutier, who joined TikTok in April, dispelling disinformation and being transparent about how user data is protected quickly become job number one. In this interview, he calls on the security industry to take on a shared responsibility for transparency, to have the conversations and hold each other accountable.
Don’t be Batman: Why CISOs should embrace the sidekick role, Part 2
In this second half, Akamai CISO Andy Ellis and host Bob Bragdon continue their talk about the good guy/bad guy dynamic in the infosec community and why it can result in you being marginalized in your organization. Ellis’ advice: Don’t try to be the hero; be the sidekick.
Produced by IDG Communications, Inc.
Don’t be Batman: Why CISOs should embrace the sidekick role, Part 1
There is a prevailing attitude in the infosec community that security pros are the good guys and the bad guys are, well, just about everyone else — users, developers, senior leadership. This good guy/bad guy dynamic can result in you being marginalized in your organization, says Akamai CISO Andy Ellis. His advice: Don’t try to be the hero; be the sidekick.
Produced by IDG Communications, Inc.