A CISO’s Life, FOMO Is Real, & Cybersecurity’s Hiring Problem – BSW #239
In the Leadership and Communications section, The First 100 Days in A CISO’s Life — Biggest Mistakes and Best Quick Wins, Hybrid work woes: FOMO is real, employees feel disconnected, Breaking Down Cybersecurity's Hiring Problem, and more!
Announcements
InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
Hosts
Matt Alderman
Chief Product Officer at CyberSaint
- 1. The First 100 Days in A CISO’s Life?—?Biggest Mistakes and Best Quick WinsLanding the position of a Chief Information Security Officer job can be quite thrilling, and at the same time, overwhelming. The first three months of a new security chief’s life are highly significant. Like any leadership position, how you begin can make or stain your position within the company. Here are bad moves to avoid: 1. Trying to do too Much 2. Having a Negative Mindset 3. Blaming Others Instead, here are things to consider to realize big wins in the first 100 days: 1. Make Preparations 2. Assess the Organization and Risk Status 3. Start Developing your Security Plan 4. Act and Measure
- 2. Advice from a young, female CISO: Key lessons learned – Help Net SecurityEllen Benaim, the newest CISO at Copenhagen-based SaaS provider Templafy, started her career at the company in June 2018 as technical support, but from the moment she sat down in an interview with Henrik Printzlau, the company’s co-founder and former CISO, she knew that she wanted to become CISO at Templafy one day. That day came in March 2020.
- 3. Why we need to move from cyber security to cyber resilienceToday, we work from anywhere, on more devices, more networks, facing more risk than ever before. Widespread phishing, malware, ransomware attacks, and other frauds pose a risk not just to individuals or platforms, but to entire economies, governments, and our way of life. Yet the way we think about securing our businesses and our data hasn’t really kept up. Business resources are often still allocated to defensive cyber security, which is focused on protecting the confidentiality and integrity of data. But these defenses are proving insufficient in the face of attacks that grow more sophisticated by the day. We need cyber resilience in addition to cyber security, and it’s important to understand the difference.
- 4. Hybrid work woes: FOMO is real, employees feel disconnectedOne troubling insight is that, according to many Enboarder respondents, HR's problem-solving may be to no avail. Two-thirds of respondents said they have not changed their behavior or opinions because of an HR initiative in the past 12 months. Many employees are feeling battered by the demands of digital work. Generally speaking, 54% of workers surveyed said they feel more overwhelmed by the number of work-related notifications since March 2020. The rate is higher for managers surveyed, with 63% of respondents saying they're overwhelmed.
- 5. The Urgent Need For Cybersecurity To DiversifyIt's estimated that the number of cybersecurity jobs will grow by around 31% until 2029, which is seven times faster than the national average. This growth is in large part a response to the huge pressure organizations are under in the face of a surge in cyberattacks during the Covid pandemic.
- 6. Breaking Down Cybersecurity’s Hiring ProblemMicrosoft believes education is key to creating a larger talent pool for America's vacant cybersecurity positions. In this week's SecurityWatch, we examine the barriers applicants must overcome to get a job in cybersecurity.
