HPR3424: Infosec Podcasts Part 6 - Infosec Leadership

Inoffensive in every region of the world.

Thank you to everyone who has listened to my previous episodes. This is the final episode in the Infosec Podcasts series.

I listen to many, MANY podcasts. The vast majority of these are related to information security.

Because there are so many podcasts to list, I have broken them down into 6 different episodes based on topics:

• Part 1 - News & Current Events - Episode 3324
• Part 2 - General Information Security - Episode 3334
• Part 3 - Career & Personal Development - Episode 3344
• Part 4 - Social Engineering - Episode 3368
• Part 5 - Episode 3387
  • Hacks & Attacks
  • Technical Information & Learning
  • Infosec Community / Social / History
  • Part 6 - Infosec Leadership

Preamble

Term: CISO

• Pronounced SEE-so or SAI-so
• Chief Information Security Officer
• Sounds like executive leadership position, similar to Chief Executive Officer (CEO), Chief Financial Officer (CFO), etc but this is often not the case

Security leadership is changing

Old way:

• Experienced technologists (Usually old white guys) worked way up ranks
• Usually reported through IT (CIO/CTO)
• Department of "No" - Block everything bad
• Slows down business

New way:

• Experienced business professionals with leadership skills and security understanding
• Can report through:
  • IT (CIO/CTO)
  • Legal (For compliance reasons)
  • Finance (CFO) for governance or compliance reasons
  • Financial impacts of attacks
  • Direct costs
  • Fines
  • CEO - Seat at the table with other C-level execs
  • Direct to board
• Empowers the business to succeed in a secure way
• Can still slow down the business, but only when needed
  • Brakes on a race car

Infosec Leadership Podcasts

• CISO Tradecraft - G Mark Hardy (Weekly)
  • Discussion of topics related to becoming a CISO or maturing as a CISO
  • https://www.cisotradecraft.com/
• CISO Vendor Relationship Podcast - David Spark & Guests (Weekly)
  • Weekly podcast addressing the challenges experienced by both security professionals and the vendors with whom they interact.
  • https://cisoseries.com/subscribe-podcast/
• CISO Talks (Weekly)
  • The talk show series with discussions of current trends in the world of information security with CISOs on the front line.
  • https://www.lepide.com/ciso-talks.html
• CISO Talk - James Azar (Weekly)
  • Presents the CISO view on cybersecurity, talent development, technology, leadership and much more.
  • https://cisotalk.podbean.com/
• The Cyber Ranch Podcast - Allan Alford & Hacker Valley Studios (Weekly)
  • Interviews with security leaders discussing relevant topics
  • https://hackervalley.com/cyberranch/
• CISO's Secrets - Currently hosted by Grant Asplund and sponsored by Checkpoint
  • Interviews with security leaders across a wide range of industries
  • Addresses real issues facing security professionals and businesses
  • https://cp.buzzsprout.com/
• CISO Stories - Hosted by Todd Fitzgerald and Sam Curry and part of the Security Weekly family of podcasts
  • Based originally on interviews with security leaders who contributed to the book "CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers"
  • Episodes are usually only about 20 minutes
  • https://securityweekly.com/category-shows/the-ciso-stories-podcast/
• The New CISO - Hosted by Exabeam's Chief Security Strategist, Steve Moore and Sponsored by Exabeam
  • Interviews with industry leading and visionary security leaders
  • How do lead security teams and business
  • Interacting with business leaders
  • https://www.exabeam.com/fr/library-by-type/ciso-podcasts/

That wraps up this series. I welcome any feedback you might have in the comments section for this episode on the HPR site.

Thank you very much for listening.

Comments

More Information...