Vigilance, by The Roundtable Network Pam Brodt

In this episode of the Vigilance podcast, host Pam Brodt welcomes Archana Vemulapalli, a seasoned technology executive, to explore the transformative impact of generative AI on cybersecurity. As AI advances at an unprecedented pace, CISOs must navigate the challenges and opportunities presented by this game-changing technology.

Archana shares her insights and practical advice for security leaders looking to enable their organizations to harness the power of generative AI:
— Develop a strategic approach to leveraging generative AI
— Enable teams through education and governance frameworks
— Engage early in cross-functional AI initiatives
— Extend existing data usage and privacy controls to generative AI
— Invest in secure computing environments to protect data
— Adopt nimble organizational structures to keep pace with AI innovation
— Identify high-value use cases to drive meaningful outcomes
— Foster a culture of continuous learning and experimentation
— Partner with technology providers that prioritize security in AI offerings

While the generative AI landscape is rapidly evolving, CISOs can apply proven methodologies and governance practices to manage risks while enabling innovation. Archana also highlights the importance of using AI and generative AI to enhance an organization's own security posture.
Whether you're a CISO at a Fortune 500 company or a cybersecurity professional seeking to stay ahead of the curve, this episode offers valuable insights and actionable steps to begin your generative AI journey. The time to embrace this transformative technology is now.

In this episode of Vigilance, host Pam Brodt sits down with Tom Patterson, Managing Director for Emerging Technology Security at Accenture, to discuss the critical issue of quantum security. As quantum computers advance rapidly, the encryption methods that secure most of today's digital information and communication are at risk of becoming vulnerable.

Tom breaks down what organizations need to know about this emerging threat and outlines a process to start preparing now:

— Develop a quantum security strategy
— Discover where vulnerable encryption exists across the enterprise
— Engage with your technology ecosystem and vendors
— Design a crypto-agile security architecture
— Set up quantum-safe encryption test environments
— Run limited trials of quantum-safe solutions
— Roll out quantum-safe encryption more broadly
— Transition to steady-state quantum security management

While the exact timeline is uncertain, experts advise starting the multi-year quantum security transition process immediately. Tom also discusses new cryptographic standards on the horizon, leveraging AI to accelerate the process, and an open maturity model to help benchmark progress.
Whether you're a CISO at a Fortune 500 company or a cybersecurity professional looking to learn more, this episode provides a wealth of knowledge and practical steps to begin quantum-proofing your organization. The time to start is now.

___

Vigilance is presented by The Roundtable Network
Produced by Thursday Labs

On the latest episode of the Vigilance podcast, I had the pleasure of speaking with Jim Routh.

Jim is a renowned cybersecurity expert with a wealth of experience, including:

— Serving as CISO at six different organizations
— Board memberships at FS-ISAC and H-ISAC
— Advising roles with cybersecurity and IT companies
— Teaching cybersecurity at NYU
— Mentoring CISOs

He brings unique insights to the conversation through his expertise in:
— Applying risk management discipline to global enterprises
— Designing security controls using innovation and data science

During our discussion, Jim shared a powerful perspective on decision-making for CISOs:

Better decisions stem from facts. While facts are becoming increasingly elusive in today’s world, it is a non-negotiable for cybersecurity experts. KPIs are fact-based and provide a clear picture of reality by design.

KPIs:
— Measure progress at a specific moment in time
— Help you make informed decisions and take action

When a KPI indicates a process is performing optimally, no action is needed. But when the results fall short, it's time for change. This is an opportunity to discuss improvements and support the process owner. By helping them implement necessary changes, we enhance security. KPIs help us rally stakeholders to avoid acting based on speculation.

This approach ensures that:
— Efforts are grounded in reality
— Resources are allocated effectively
— The right actions are prioritized

In a world where facts are often obscured, KPIs provide clarity.

___

Vigilance is presented by The Roundtable Network
Produced by Thursday Labs

Welcome to the inaugural episode of Vigilance, our new podcast and content series designed for Fortune 500 Chief Information Security Officers (CISOs). Every month, we’ll be diving deep into the multifaceted and ever-evolving realm of corporate cybersecurity. This series is more than just a discussion on cybersecurity; it's an exploration of strategic foresight and actionable intelligence in a space where vigilance is non-negotiable.

I’m thrilled to be joined by Shamla Naidoo in our first episode to discuss how the US SEC legal actions put CISOs at risk. Here is a quick outline of what we’ll cover in this article and episode:

- The impact of the SEC’s legal action on CISOs
- Understanding the risks and liabilities of a CISO role
- The importance of clear job descriptions
- Balancing professional & personal accountabilities
- The role of indemnity in protecting CISOs
- The Importance of Documenting Decisions and Actions
- Effective Communication and Reporting Strategies

With over 42 years working in the tech sector, Shamla has served as a CISO for major corporations, gaining first-hand knowledge of the role's complexities. In addition to her CISO background, she holds a law degree, giving her an invaluable legal perspective on the regulatory and liability issues confronting security leaders.

Currently, Shamla serves on the boards of public companies, leveraging her seasoned understanding of both corporate governance and cybersecurity dynamics. She also advises an emerging cybersecurity startup, staying actively involved with innovative technologies.

Additionally, she teaches courses on technology law and policy at the University of Illinois Chicago, helping shape future business leaders and policymakers.

With her diverse background spanning CISO leadership, legal expertise, corporate board experience, and academic roles, Shamla brings unparalleled insights to any conversation on cybersecurity.