Sign up to save your podcasts
Or
Share No as a Service: Why Security Can Stifle Innovation and How to Prevent It
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
No as a Service: Why Security Can Stifle Innovation and How to Prevent It
Transitioning Into The CISO Role
Learning to balance the executive role with the tactical needs of the team can be tricky to balance. Being able to see to the larger picture within both roles can keep you on track and relevant within both places. Remember the roles you’ve had in the past and draw from those experiences and knowledge. Audits are typically not something anyone wants to have on their plate, but there are values in the audits. Audits not only bring an extra set of eyes to your team, but can also point out the areas of weakness that can use some bulking up before there is a major crisis. It can be very proactive to lean in to the audit and partner with the auditor instead of just trying to get through it unscathed.
What Is Lacking In The Security Industry
The major points that come to mind when thinking of security might be something like, integrity, confidentiality, availability of data, and protection. But as much as we need to protect we also needs to share, the future of healthcare is being able to safely exchange information, and if it is locked away nothing can be exchanged. Within healthcare security things tend to be more vulnerable, especially for the nurses and caretakers working within hospice care. The have the weight of caring for a patient that is at the end of their life, as a security executive the last thing you want to do is make that caretaker’s jobs more difficult. To be able to put yourself in that caretaker’s position and be able to see what their user experience is like can be pivotal to how your base your security team and program. Take a step back and remember what you’re trying to protect in the first places, behind each client is a real person.
Designing Solutions For Real Threats
There are many different security strategies for different types of needs. Some companies needs full steam ahead all the time, but many need a different type of solution. Before you build a program that just looks good on paper, get in there and really analyze what the threats and weaknesses are. After those points have been identified then move on to the next steps of building the program around the actual threats. An example of this is knowing how to use automation within your specific needs within the company. Identifying what can safely be automated before just jumping in with all the new automation tools will help everyone involved. Get to know your team; what is the most tedious part of their job is, identify their largest stressor, and what they believe can be automated. Being a CISO means breaking down all the barriers and having the power to show a more practical approach to security and how being able to provide help can influence drastic changes in the way information is protected.
Resources:
Steve Moore: Linkedin
Richard Kaufman: Linkedin
Exabeam: Website
Amedisys: Website
View all episodes
By Steve Moore
4.9
3939 ratings
Transitioning Into The CISO Role
Learning to balance the executive role with the tactical needs of the team can be tricky to balance. Being able to see to the larger picture within both roles can keep you on track and relevant within both places. Remember the roles you’ve had in the past and draw from those experiences and knowledge. Audits are typically not something anyone wants to have on their plate, but there are values in the audits. Audits not only bring an extra set of eyes to your team, but can also point out the areas of weakness that can use some bulking up before there is a major crisis. It can be very proactive to lean in to the audit and partner with the auditor instead of just trying to get through it unscathed.
What Is Lacking In The Security Industry
The major points that come to mind when thinking of security might be something like, integrity, confidentiality, availability of data, and protection. But as much as we need to protect we also needs to share, the future of healthcare is being able to safely exchange information, and if it is locked away nothing can be exchanged. Within healthcare security things tend to be more vulnerable, especially for the nurses and caretakers working within hospice care. The have the weight of caring for a patient that is at the end of their life, as a security executive the last thing you want to do is make that caretaker’s jobs more difficult. To be able to put yourself in that caretaker’s position and be able to see what their user experience is like can be pivotal to how your base your security team and program. Take a step back and remember what you’re trying to protect in the first places, behind each client is a real person.
Designing Solutions For Real Threats
There are many different security strategies for different types of needs. Some companies needs full steam ahead all the time, but many need a different type of solution. Before you build a program that just looks good on paper, get in there and really analyze what the threats and weaknesses are. After those points have been identified then move on to the next steps of building the program around the actual threats. An example of this is knowing how to use automation within your specific needs within the company. Identifying what can safely be automated before just jumping in with all the new automation tools will help everyone involved. Get to know your team; what is the most tedious part of their job is, identify their largest stressor, and what they believe can be automated. Being a CISO means breaking down all the barriers and having the power to show a more practical approach to security and how being able to provide help can influence drastic changes in the way information is protected.
Resources:
Steve Moore: Linkedin
Richard Kaufman: Linkedin
Exabeam: Website
Amedisys: Website
More shows like The New CISO
View all
Security Now (Audio)
2,002 Listeners
Risky Business
371 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
638 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
369 Listeners
CyberWire Daily
1,012 Listeners
Click Here
415 Listeners
Cybersecurity Today
176 Listeners
CISO Series Podcast
188 Listeners
Hacking Humans
316 Listeners
Defense in Depth
73 Listeners
Life of a CISO with Dr. Eric Cole
33 Listeners
Cyber Security Headlines
133 Listeners
CISO Tradecraft®
48 Listeners
Risky Bulletin
44 Listeners
Bulletproof Cyber
9 Listeners