Run Your Security Program Like an Election Campaign – Kush Sharma – BSW #367
Full Audio
View Show IndexSegments
1. Run Your Security Program Like an Election Campaign – Kush Sharma – BSW #367
Does the CISO need to act like a politician? Negotiating budgets, communicating risks, and selling your strategy across the organization does sound a little like a politician. And if that's the case, are you hiring the right campaign staff?
Kush Sharma, former CISO for CPR, City of Toronto, and Saputo, joins Business Security Weekly to discuss why you should run your security program like an election campaign. Kush will discuss the other positions you need to hire, not just the technical positions, to help you budget, communicate, and sell your strategy. A politician can't do it all by themself, so why should a CISO?
Segment Resources: https://www.misa-asim.ca/page/ON_Homepage www.knightspectre.com
Guest
Kush is an award-winning leader with over two decades of experience. He is an active member of the global cyber community, supported over 20 Digital Transformations valued at $1B+ each, was named Global Enterprise CIO of the year, and has led teams through cyber breach response first-hand. His experience market cap is approximately $2.5T and is an innovator specializing in building digital cyber capabilities in complex, decentralized, political organizations with initiatives ranging in value between $500k-$1B.
Kush also has experience of $34B in M&A, has overseen over 700 reports, managed $150M in budgets, lead a portfolio of 100 programs, co-authored the world’s first Cyber Accountability Policy via the WEF, and is currently on the National CISO Committee on Information Protection for Canada as Vice-Chair.
Kush is the Director, Municipal Modernization & Partnerships at MISA Ontario where he advocates for and lobbies on behalf of Ontario Municipalities. Prior to this, he was the acting CISO for CP Rail, inaugural CIO for Aptitude 360, inaugural CISO for the City of Toronto, inaugural Security Executive at Saputo, and advised over 50 organizations from the Fortune 500 to Governments during his 14-year tenure with Accenture and Deloitte. Kush is also the Founder of startup KnightSpectre, leaders in delivering immediate value to Boards, Executives, and Organizations with expertise in cybersecurity advisory, strategy & roadmap, M&A, organization build, business case, risk assessment, digital transformation, and CISO strategic execution.
Hosts
2. Give CISOs a Seat at the Table as CISO Salaries Surge – BSW #367
In the leadership and communications segment, PwC Urges Boards to Give CISOs a Seat at the Table, CISO Salary Surge: Fewer Job Changes, Bigger Paychecks for Experienced Cybersecurity Leaders, Fostering a cybersecurity-first culture: Key leadership insights for building resilient businesses, and more!
Hosts
- 1. PwC Urges Boards to Give CISOs a Seat at the Table
“Give your CISO a seat at the table,” PWC's Global Digital Trust Insights report urged. “Their insights are vital for proactively navigating cybersecurity as a core business enterprise risk. Involving them at the highest level helps your organisation align its approach to safeguarding critical assets and driving resilience.”
- 2. Book Review: “Premier CISO – Board & C-Suite” By Michael S. Oberlaender
In his latest work, Premier CISO -Board & C-Suite, Michael S. Oberlaender delivers a comprehensive guide for aspiring and current Chief Information Security Officers (CISOs) navigating the complex landscape of cybersecurity leadership. This book, the third in Michael’s series on cybersecurity management, focuses specifically on succeeding at the board and C-suite levels.
- 3. CISO Salary Surge: Fewer Job Changes, Bigger Paychecks for Experienced Cybersecurity Leaders
CISOs are getting paid more and moving less – and experience counts. Average annual compensation packages for these cybersecurity leaders is more than $550K; and ‘top’ CISOs’ earnings can be above $1 million a year.
- 4. Overtaxed State CISOs Struggle with Budgeting, Staffing
CISOs for US states face the same kinds of challenges those at private companies do: lots of work to handle, but not necessarily enough money or people to handle it sufficiently well.
- 5. Maximize Alignment Between Security & Compliance
Security and compliance are both serious issues that can keep you awake at night. In theory, they should be perfect partners, complementing each other to keep your organization resilient and its digital assets safe. Here are some practical steps that organizations can take to align these two pillars.
- 6. Fostering a cybersecurity-first culture: Key leadership insights for building resilient businesses – ET Edge Insights
In today’s fast-paced world, driven by rapid technological advancements and innovations, we are more connected than ever. However, this increased connectivity has also led to a surge in cyber-attacks and data breaches, which are becoming increasingly sophisticated and pose significant risks to businesses of all sizes. In this ever-evolving threat landscape, where attack methods constantly advance, organizations must go beyond traditional cybersecurity measures and focus on becoming cyber resilient.
- 7. Strategic Leadership in Challenging Times: Lessons from Dale Carnegie’s Leadership Training
Leadership is not a destination – it’s an evolving journey of learning, adapting, and applying strategic insights to real-world challenges. The Leadership Training for Managers gave me tools, but more importantly, it reaffirmed that leadership is about driving long-term success through people and strategy. As we continue to face global disruptions and shifts in industry, I believe the application of these principles is more important than ever.
