High Consequences Cyber: Make or Break the CISO’s Reputation – Andy Jaquith – CSP #154
“High Consequences Cyber” are high-risk, high-stakes cyber projects that can make or break a company or make or break the CISO’s reputation. These include issues such as, how do you architect your networks if you are a multinational with exposure to high-risk countries? What are key choices you can make when moving critical workloads such as email and collaboration to the cloud? What's the role of authentication in the age of cloud, and why do companies keep messing it up? How do you educate the board on critical or strategic initiatives while gaining their confidence that the program is well-run? If you’re coming into a new organization, how do you evaluate the team and determine how to level it up? During this month CISO Stories is focusing on Identity Management, and we discuss Andy’s views on password less identities and Zero Trust.
Fitzgerald, T. 2019. Chapter 15: The CISO and the Board of Directors in CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 491-511. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald.
Jaquith, A. 2007. Security Metrics: Replacing Fear, Uncertainty, and Doubt, 1st Ed, Addison-Wesley, Upper Saddle river, NJ. https://www.amazon.com/Security-Metrics-Replacing-Uncertainty-Doubt/dp/0321349989
Guest
Andy Jaquith is the Managing Director of Markerbench. His 25-year career as a CISO, executive, and cyber practitioner spans startups (with two successful exits), Fortune 100s, global financial services firms, and AMLAW 50 firms. He has managed a broad spectrum of technology and cyber risk areas and is a trusted advisor to customers, staff, and boards.
Prior to Markerbench, Andy was the global Chief Information Security Officer (CISO) for Covington & Burling LLP, a $1.5B AMLAW 50 firm with 14 offices globally. His prior experience includes serving as the CISO of QOMPLX, Inc, a cyber-security startup focused on critical enterprise infrastructure. He was the global Cyber Security Operational Risk Officer for JP Morgan Chase, and was a Managing Director for Technology Risk Measurement and Analytics at Goldman Sachs. Andy’s earlier roles include as Chief Technology Officer (CTO) of the managed security services provider SilverSky. He has held senior security analyst roles at Forrester Research and Yankee Group, and was a co-founder of @stake, a pioneering cyber-security consultancy. Andrew wrote [the book on security metrics](https://www.amazon.com/Security-Metrics-Replacing-Uncertainty-Doubt/dp/0321349989) (“Security Metrics: Replacing Fear, Uncertainty and Doubt”), used by a generation of risk professionals to connect security to the corner office.
Andy graduated from Yale University with a BA in Economics and Political Science. He lives with his family in New York.
Host
Todd Fitzgerald promotes CISO/CPO leadership via the SCMedia CISO STORIES weekly podcast, advisory board participation, and international speaking engagements. Todd serves as VP, Cybersecurity Strategy, CyberRisk Collaborative. Todd authored 5 books, including #1 New Release (2024) Privacy Leader Compass: A Comprehensive Roadmap for Building and Leading Practical Privacy Programs, and #1 Best-selling (2019-2023) and 2020 CANON Cybersecurity Hall of Fame book, CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers. Named 2016–17 Chicago CISO of the Year, Todd’s senior leadership positions include Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, Wellpoint/National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.
