Sign up to save your podcasts
Or
Share Leadership Buy-In: The #1 Success Factor in Security - Kenny Vu - Guardians of the Data - Episode #20
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Leadership Buy-In: The #1 Success Factor in Security - Kenny Vu - Guardians of the Data - Episode #20
How do you get true leadership buy-in for your data security program and turn risk assessments into real action?
In this episode, AVP of InfoSec and data security leader Kenny Vu breaks down why leadership support is the biggest determining factor in whether a program thrives or fails. With over a decade of experience across engineering, consulting, and hands-on data protection work, Kenny shares a clear, practical framework for assessing risk, creating a roadmap, and earning long-term organizational trust. He dives into the nuances of implementing and managing data security programs, the necessity of education and awareness among employees, and strategies for gaining ongoing support from leadership. Kenny also recounts his journey in the cybersecurity field and offers advice for those looking to move into leadership roles.
Takeaways:
- Secure Leadership Buy-In Early: Success in data security programs hinges on strong leadership support. When starting a new role or initiative, assess the level of leadership commitment and ask tough questions during interviews or project kickoffs.
- Conduct a Thorough Assessment: Begin with a comprehensive assessment of your organization’s data security posture. Identify all current risks, compliance obligations, and gaps in your program.
- Develop a Risk-Based Roadmap: Use your assessment to create a clear, prioritized roadmap. Focus first on “low-hanging fruit” or quick wins that deliver value with minimal effort, then tackle more complex issues.
- Be Flexible with Tools and Solutions: Evaluate existing tools before bringing in new ones. Ensure any solution meets your control requirements, and be prepared to adapt if another team’s priorities or tools impact your plans.
- Show Value Through Reporting: Consistently report on your progress, quick wins, and risk reduction. Use metrics and reports to demonstrate the ongoing value of your data security program.
- Plan for Resource Needs: When building your roadmap, factor in the resources required. Present options to leadership that show what can be achieved with current resources versus additional headcount.
Quote of the Show:
- “If you don't act on it, you accept. You're accepting the risk.” - Kenny Vu
Links:
- LinkedIn: https://www.linkedin.com/in/kenny-vu-cissp-94193289/
Ways to Tune In:
- Transistor: https://guardiansofthedata.show/
- Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ
- Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323
- Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
- iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
- YouTube: https://www.youtube.com/@GuardiansoftheDataPod
View all episodes
By Ward BalcerzakHow do you get true leadership buy-in for your data security program and turn risk assessments into real action?
In this episode, AVP of InfoSec and data security leader Kenny Vu breaks down why leadership support is the biggest determining factor in whether a program thrives or fails. With over a decade of experience across engineering, consulting, and hands-on data protection work, Kenny shares a clear, practical framework for assessing risk, creating a roadmap, and earning long-term organizational trust. He dives into the nuances of implementing and managing data security programs, the necessity of education and awareness among employees, and strategies for gaining ongoing support from leadership. Kenny also recounts his journey in the cybersecurity field and offers advice for those looking to move into leadership roles.
Takeaways:
- Secure Leadership Buy-In Early: Success in data security programs hinges on strong leadership support. When starting a new role or initiative, assess the level of leadership commitment and ask tough questions during interviews or project kickoffs.
- Conduct a Thorough Assessment: Begin with a comprehensive assessment of your organization’s data security posture. Identify all current risks, compliance obligations, and gaps in your program.
- Develop a Risk-Based Roadmap: Use your assessment to create a clear, prioritized roadmap. Focus first on “low-hanging fruit” or quick wins that deliver value with minimal effort, then tackle more complex issues.
- Be Flexible with Tools and Solutions: Evaluate existing tools before bringing in new ones. Ensure any solution meets your control requirements, and be prepared to adapt if another team’s priorities or tools impact your plans.
- Show Value Through Reporting: Consistently report on your progress, quick wins, and risk reduction. Use metrics and reports to demonstrate the ongoing value of your data security program.
- Plan for Resource Needs: When building your roadmap, factor in the resources required. Present options to leadership that show what can be achieved with current resources versus additional headcount.
Quote of the Show:
- “If you don't act on it, you accept. You're accepting the risk.” - Kenny Vu
Links:
- LinkedIn: https://www.linkedin.com/in/kenny-vu-cissp-94193289/
Ways to Tune In:
- Transistor: https://guardiansofthedata.show/
- Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ
- Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323
- Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
- iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
- YouTube: https://www.youtube.com/@GuardiansoftheDataPod