#CISOlife Brian Haugli

In this episode of #CISOLife, hosts Brian Haugli and Dmitriy Sokolovskiy, delve into the dynamics of the RSA Conference, exploring its evolving relevance and the broader implications for cybersecurity. They discuss the nature of cybersecurity events, the benefits of smaller, local conferences like Secure World, and the importance of vendor relationships and ROI in cybersecurity. The conversation also touches on recent news involving TikTok and Kaspersky, highlighting the cybersecurity and geopolitical concerns associated with these companies.Key Points Covered:RSA Conference Overview:Brian and Dimitri discuss the RSA Conference's shift from a must-attend cybersecurity event to one that may not offer the same value for everyone. They note that while the conference was previously a hub for significant industry insights, it now serves more as a networking event.Local vs. Global Conferences:The hosts compare the benefits of global conferences like RSA to regional events like Secure World in Boston, which offer more focused networking opportunities and potential for local partnerships.Cybersecurity Event ROI:Discussion on the return on investment for companies participating in cybersecurity conferences, emphasizing the strategic considerations for both established companies and startups.TikTok and Cybersecurity Risks:The episode addresses the security risks associated with TikTok, including data privacy concerns and the potential for foreign influence, reflecting on recent U.S. government actions to potentially restrict the app.Kaspersky's Scrutiny:They also cover concerns around Kaspersky, given its Russian roots and the potential risks this poses in terms of data privacy and national security.Call to Action:Encouragement for viewers to engage with the topics discussed by commenting on their experiences with cybersecurity events, and sharing their perspectives on TikTok and Kaspersky.Conclusion:The episode wraps up with a discussion on the importance of understanding the sources of one's information and the implications of misinformation online, stressing the need for vigilance in digital consumption.Engagement: Viewers are invited to subscribe for more insights from CISOLife, share their experiences, and follow the discussion on various social media platforms using the hashtag #CISOLife.


Follow us -
Website - https://sidechannel.com
Podcast - https://anchor.fm/cisolife
LinkedIn - https://www.linkedin.com/company/sidechannelsecurity/
Twitter / X - https://twitter.com/sidechannelsec


---

Support this podcast: https://podcasters.spotify.com/pod/show/cisolife/support

"#CISOlife" is a podcast that explores the challenges and strategies of cybersecurity leadership. In a compelling episode, host Brian Haugli welcomes Andrew Pendergast, Managing Director at NFP, to delve into the intricacies of Directors & Officers (D&O) Insurance. This episode provides a thorough breakdown of how D&O Insurance operates and its significance for Chief Information Security Officers (CISOs). Pendergast, with his extensive expertise in insurance and risk management, discusses the coverage aspects that are particularly relevant to CISOs, highlighting how this type of insurance can protect against personal liabilities that may arise from the decisions and actions taken in their professional capacities. This discussion is invaluable for CISOs and other executives who want to understand the protective measures available to safeguard their personal and professional interests.


---

Support this podcast: https://podcasters.spotify.com/pod/show/cisolife/support

What does good look like?

ISSA Keynote by Brian Haugli, CEO, SideChannel

Cybersecurity program goals are often centered around the comparison to sector peers, “best practices”, and “reasonable controls”. These terms and approaches leave much ambiguity in an industry that’s seeking defined, focused expectations on outcomes. While most acknowledge the existence of frameworks like NIST CSF or CIS Controls, many programs are not actually built to them. We see them, yet we do not use them.

This keynote will discuss the pragmatic approach to building frameworks backed and standards-based cybersecurity programs while not campaigning for purely compliance. It will cover the areas required to prioritize within an open framework, govern after it’s implementation, and how to report its effectiveness to leadership in a way they will understand the risks addressed.

Slides: https://sidechannel.com/wp-content/uploads/ISSA-Keynote-2023-Brian-Haugli.pdf


---

Support this podcast: https://podcasters.spotify.com/pod/show/cisolife/support

Welcome back to #CISOlife with your host, Brian Haugli! In this episode, we dive deep into the world of CISO searchability, placement, and the evolving landscape of cybersecurity leadership.

🎙️ Joining us from across the Atlantic, Joe Head, the director of CISO search at Intaso, shares his valuable insights on what makes a top-tier CISO, the nuances of the role across different industries, and how aspiring CISOs can bridge the gap between sectors. Whether you're a seasoned security professional or looking to climb the ranks, this conversation is packed with actionable advice.

Joe also addresses a critical topic - the common missteps of overconfidence among CISO candidates and how to build a genuine profile that stands out.

Moreover, we discuss:

The four key traits of successful CISOs: Leadership, Execution, Influence, and Vision

The importance of understanding business value over technical jargon
Navigating the career leap from technical expertise to strategic management

How to prepare for interacting with a company's board of directors

Don't miss Joe's top tip for cybersecurity professionals: Network before you need it! He emphasizes the power of building relationships long before you're on the job hunt.

🔔 Subscribe to #CISOlife and hit that bell to stay updated on the latest discussions that can shape your cybersecurity career.

To connect with Joe Head:

LinkedIn: https://www.linkedin.com/in/joehead1/
Website: https://intaso.co/

For more #CISOlife content:
Website - http://www.sidechannel.com
LinkedIn - http://linkedin.sidechannel.com
YouTube - http://youtube.sidechannel.com
Facebook - http://facebook.sidechannel.com
Twitter - http://twitter.sidechannel.com
Podcast - https://anchor.fm/cisolife
Spotify - http://spotify.sidechannel.com
iTunes - http://itunes.sidechannel.com

Subscribe to our YouTube channel
Stay safe, stay informed, and we hope to see you in the next #CISOlife episode!

👍 Like | 💬 Comment | 🔄 Share | ✔️ Subscribe

#CISO #CybersecurityLeadership #CareerAdvice #Cybersecurity #Leadership #intaso #JoeHead #ExecutiveSearch #SecurityStrategy #BusinessStrategy


---

Support this podcast: https://podcasters.spotify.com/pod/show/cisolife/support

The world of finance and cybersecurity has entered a new chapter with the U.S. Securities and Exchange Commission’s (SEC) recent final rule on cybersecurity disclosure. Effective September 5, 2023, this new regulation requires public companies to enhance transparency around cybersecurity risks and incidents. We will delve into the details of the final rule, discuss its impact on registrants, and explore how companies can turn this regulatory requirement into a strategic advantage.




---

Support this podcast: https://podcasters.spotify.com/pod/show/cisolife/support

Review of an engagement and initial work as the CISO or a vCISO. More at SideChannel

Why do organizations start a cybersecurity program? 

1. Customer demands 

2. Board or C-suite requests 

3. Regulation requires it 

4. Right thing to do 

5. Post post breach



Assess against a cybersecurity standard, framework or regulation



Build cybersecurity roadmap to address gaps


---

Support this podcast: https://podcasters.spotify.com/pod/show/cisolife/support