Sign up to save your podcasts
Or
Share A CEO’s Guide To Ignoring Your Security Program (LIVE in Santa Monica)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
A CEO’s Guide To Ignoring Your Security Program (LIVE in Santa Monica)
All links and images for this episode can be found on CISO Series.
Usually the buck stops with the CEO. But for a CISO, what do you do when a CEO wants to exempt themselves from your security program? Whether it's granting privileged network access or just ignoring protocols, it can put a CISO in a tough spot. So how do you deal with a leader that thinks they're above the controls you have in place? Is it enough to document your disagreement or is there anything else you can do in that position?
This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and John C. Underwood, VP, information security, Big 5 Sporting Goods. Joining me is our guest, Joshua Scott, Head of Security and IT, Postman.
Thanks to our podcast sponsor, Veza
75% of breaches happen because of bad permissions. The problem is that you don’t know exactly WHO has access to WHAT data in your environment. For example, roles labeled as “read-only” can often edit and delete sensitive data. Veza automatically finds and fixes every bad permission—in every app—across your environment.
In this episode:
- For a CISO, what do you do when a CEO wants to exempt themselves from your security program?
- How do you deal with a leader that thinks they're above the controls you have in place?
- Is it enough to document your disagreement or is there anything else you can do in that position?
View all episodes
By David Spark, Mike Johnson, and Andy Ellis
4.8
183183 ratings
All links and images for this episode can be found on CISO Series.
Usually the buck stops with the CEO. But for a CISO, what do you do when a CEO wants to exempt themselves from your security program? Whether it's granting privileged network access or just ignoring protocols, it can put a CISO in a tough spot. So how do you deal with a leader that thinks they're above the controls you have in place? Is it enough to document your disagreement or is there anything else you can do in that position?
This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and John C. Underwood, VP, information security, Big 5 Sporting Goods. Joining me is our guest, Joshua Scott, Head of Security and IT, Postman.
Thanks to our podcast sponsor, Veza
75% of breaches happen because of bad permissions. The problem is that you don’t know exactly WHO has access to WHAT data in your environment. For example, roles labeled as “read-only” can often edit and delete sensitive data. Veza automatically finds and fixes every bad permission—in every app—across your environment.
In this episode:
- For a CISO, what do you do when a CEO wants to exempt themselves from your security program?
- How do you deal with a leader that thinks they're above the controls you have in place?
- Is it enough to document your disagreement or is there anything else you can do in that position?
More shows like CISO Series Podcast
View all
Security Now (Audio)
1,969 Listeners
Risky Business
361 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
626 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
364 Listeners
Hacked
184 Listeners
CyberWire Daily
1,007 Listeners
Smashing Security
312 Listeners
Click Here
397 Listeners
Darknet Diaries
7,864 Listeners
Cybersecurity Today
169 Listeners
Hacking Humans
314 Listeners
Defense in Depth
77 Listeners
Cyber Security Headlines
129 Listeners
Risky Bulletin
33 Listeners
Hacker And The Fed
158 Listeners