Pending legislation mandating cybersecurity representation at the top levels of an organization in a relatively young field and understanding that field are testing the bounds of practical cybersecurity leadership.

Today’s guests are Richard Brinson and Rachel Briggs. Richard is an experienced executive, board advisor, and global top 100 Chief Informations Security Officer. He has been providing strategic guidance to many of the world’s largest global organizations for over 20 years with core expertise in cybersecurity, technology infrastructure, and enterprise architecture. Richard leads Savanti’s cybersecurity practice, helping large organizations to transform and modernize their security functions for the digital age. 

Rachel is a leading expert on security and has advised governments and multinational corporations on security, resilience, terrorism, and responses to extremism. She is an Executive Advisor with Savanti and founder and CEO of The Clarity Factory, which provides and arranges services to its clients including research, consultancy, and thought leadership. 

Show Notes:

• [1:35] - Richard shares his background and what Savanti is known for.
• [2:30] - Rachel works with Richard and his team on thought leadership products.
• [4:01] - Organizations reach out to Savanti and don’t know if what they are doing is right or wrong. SISOs seemed to be coming and going.
• [5:35] - There were 6 key factors that were causing this churn in the industry.
• [6:50] - The supply in demand problem for cybersecurity leaders is one issue in retaining professionals as SISOs.
• [8:45] - For every three years, a company is really only moving forward one.
• [10:05] - Rachel shares data that shows the importance of strong cybersecurity and leadership that does it right.
• [12:37] - It’s not just about security. It’s actually part of a good business model now.
• [14:03] - When cybersecurity isn’t a part of leadership, the board's understanding creates a problem with delegating and solving problems.
• [15:20] - Richard is a board advisor on many organizational boards to help with this lack of understanding.
• [16:48] - There are fewer than 100 SISOs with effective boardroom expertise.
• [18:02] - When speaking with SISOs and others in leadership, things are lost in translation.
• [20:28] - We tend to just expect people to be good communicators but it is a skill that needs to be trained. 
• [21:43] - There are leadership training companies that organizations can work with to coach a leadership team.
• [23:30] - SISOs can and should be taught to communicate effectively in the boardroom and that should be something the organization provides.
• [25:20] - There is pending legislation that will mandate the requirement of cybersecurity in leadership, but Richard shares some possible problems.
• [27:04] - Savanti helps demystify this problem with communication.
• [28:42] - For smaller companies who cannot afford a full time SISO, fractional SISO roles that are usually virtual are offered by Savanti.
• [31:18] - If an incoming SISO does not have the support of the board, they cannot be effective or successful.
• [32:50] - The turnover rate for this role is quite high.
• [34:02] - Companies who aren’t willing to implement recommendations or bring in a qualified SISO leads to a number of costs and risks.
• [36:02] - Changing SISOs so often is destabilizing.
• [37:35] - With solid security, a company can take more business risks safely.
• [40:03] - Regulations can be helpful but not helpful in many ways.
• [41:52] - If you are considering a role as a SISO in leadership, round yourself off as a business leader with effective communication skills.
• [43:53] - You can read the recent report that Richard describes by clicking here.

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. 

Links and Resources:

• Podcast Web Page
• Facebook Page
• whatismyipaddress.com
• Easy Prey on Instagram
• Easy Prey on Twitter
• Easy Prey on LinkedIn
• Easy Prey on YouTube
• Easy Prey on Pinterest
• The Future of Cyber Security Leadership Series
• Savanti Website
• Richard Brinson on LinkedIn
• Rachel Briggs on LinkedIn