The Pace of Investments Requires Better Risk Management, Boards Challenged, & More – BSW #388
Cybersecurity teams were under increasing strain in 2024. To alleviate this burden, 2025 will see greater reliance on automation to streamline workflows, enhance threat detection, and accelerate incident response. But some of these investments may come with risks.
Greg Sullivan, Founding Partner at CIOSO Global, joins Business Security Weekly to discuss how the pace of investment will require better risk management. Greg will cover topics, including:
- The seismic C-level shift in interest will require a top-down approach to cybersecurity.
- The focus will shift from external cybersecurity solutions to building in-house resilience.
- The critical criteria needed to drive more refined defenses, smarter resource allocation, and wiser cybersecurity investments.
In the leadership and communications segment, Boards Challenged to Embrace Cybersecurity Oversight, Why Cybersecurity Needs More Business-Minded Leaders, How to Build a Cybersecurity Resume that Gets You Hired, and more!
Announcements
Identiverse 2025 is returning to Las Vegas, June 3-6. Hear from 250+ expert speakers and connect with 3,000+ identity security professionals across four days of keynotes, breakout sessions, and deep dives into the latest identity security trends. Plus, take part in hands-on workshops and explore the brand-new Non-Human Identity Pavilion. Register now and save 25% with code IDV25-SecurityWeekly at https://www.securityweekly.com/IDV2025
Hosts
- 1. Boards Challenged to Embrace Cybersecurity Oversight
Cybersecurity failures are now business risks that CEOs and Boards must own. The world of business owners, investors, and their representatives are collectively realizing the potentially catastrophic impacts of cybersecurity incidents if not incorporated into the strategic management of the most senior business leadership. Many regulatory bodies, insurance providers, business partners, and customers take cybersecurity very seriously and now hold the CEO and Board accountable. As a result, the oversight of cybersecurity is being elevated to the CEO and Board of Directors.
- 2. The Berkshire Dilemma – Are Boards Making The Same Mistakes On AI Governance That They Made On Cybersecurity?
To lead or not to lead in the boardroom on AI, that is the dilemma facing the Berkshire Hathaway board and their shareholders.
- 3. That breach cost HOW MUCH? How CISOs can talk effectively about a cyber incident’s toll
The painful duty of informing the C-suite or board how much an incident cost is critical to the CISO role, but a good response plan, tabletop exercises, and proactive engagement can smooth the process.
- 4. Why Cybersecurity Needs More Business-Minded Leaders
While traditional cybersecurity leadership has come from engineering, IT, and security operations, today's evolving threat landscape requires a broader skill set. Being able to understand and convey the importance of regulatory compliance, financial risk management, operational resilience, and business continuity is just as critical as technical defenses and disaster response when considering cybersecurity strategy. That's why more cybersecurity executives are emerging from finance, law, and corporate strategy — bringing a risk-first mindset to security leadership.
- 5. Not all cuts are equal: Security budget choices disproportionately impact risk
Security leaders must fight proposed cuts by justifying return on investments and zeroing in on the risk narrative. A recent survey of CISO peers sheds light on which cuts are more likely to result in security consequences.
- 6. Leading through the storm: How CISOs and teams thrive under pressure
The pressures on CISOs have never been greater. With an expanding threat landscape, and recent SEC regulations holding executives personally liable for breaches, leaders in the industry are facing an unprecedented level of scrutiny. The widening cybersecurity skills gap is only adding more pressure and strain to teams. Currently, 25% of CISOs are actively considering leaving their positions, and 77% fear that the next major breach could cost them their jobs.
As a longtime cybersecurity leader, I’ve witnessed these challenges in the field. With 25 years in the industry, including more than a decade as a CISO, I can confidently say that while the pressures have intensified, they are not insurmountable.
- 7. How to Build a Cybersecurity Resume that Gets You Hired
In today’s difficult job market, companies are on the hunt for skilled security professionals to secure their infrastructure, safeguard their data, and protect their organization against threats. If you’re anything like me, that sounds like an ideal day — a mix of technology, security, and just the right amount of challenge. But before you land that dream role, you need a resume that actually gets you interviews.
