Sign up to save your podcasts
Or
Share Risk Management, Security Education, and Sales Knowledge with Gerald Beuchelt, the CISO at Sprinklr
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Risk Management, Security Education, and Sales Knowledge with Gerald Beuchelt, the CISO at Sprinklr
This episode features an interview with Gerald Beuchelt, the CISO at Sprinklr, the leader in customer experience management, serving companies like Microsoft, P&G, and 50% of the Fortune 100. Gerald has nearly 30 years of experience in IT, having served in leadership roles at companies like MITRE, Demandware, a Salesforce company, and LogMeIn. He is also a cyber security consultant and advisor. And in this episode, host Andy Schneider and Gerald discuss fostering an organization-wide culture of security through effective employee education, communication with leaders, and building trust as a security leader.
Key Quotes
*”Standing in the limelight and being exposed is very humbling on the one side. But on the other side, it's like once you go through it, it does give you more confidence about yourself. And I think that's something that is important as you're facing an environment that is sometimes skeptical of what security people are saying and for all the right reasons.”
*”We think of people, processes, and technology. Strong gates have big locks on those gates. If nobody’s protecting that kind of wall and knows what to do if an adversary’s coming in, just use a ladder and climb over it, and it’s a done deal, right? It’s exactly the same thing when it comes to security. It’s mainly about people and processes first. And then we can see how we can use technology as a force multiplier, as something that enables certain things that we couldn’t do otherwise. ”
*”Once you can relate security issues in a very concrete and tangible way, education sticks much better. And that is how you build education over time.”
*”The vast majority of senior leaders, executive leaders, board members do fully understand the importance of security. They sometimes just don't know what they can do in order to help. So really helping them to help you in terms of structuring education, in terms of structuring outreach to employees, customers, contractors, I think that is really important. And once that clicks, it becomes self-reinforcing, because at the end of the day, the customers are happier. That goes back to the sales reps, that goes back to tangibly increase the revenue, but even customer satisfaction scores can go up. And all those things reinforce a positive security culture just the same way a negative security culture can take this thing down.”
“If I'm going into an executive leadership team discussion or board meeting, I'm starting to say, ‘Well, let me talk about the structure of the TCP/IP package that we discovered in the last meeting.’ You lost them. They understand that this is important and they may even be awed by your knowledge and make you feel good for a short period of time. But in the long run, this is not really sustainable, right? It doesn't really convey the kind of information that senior leaders would need in order to be able to help you. You need to translate this into things that are tangible. Cost, benefits, risk that you can mitigate.“
Time Stamps
[0:33] Introducing Gerald Beuchelt, the CISO at Sprinklr
[1:18] What is the scope of Gerald’s role at Sprinklr?
[3:19] What is the CISO role like at a company that is purely on the cloud? What are Gerald’s top priorities and concerns?
[6:19] How does Gerald educate employees on security?
[10:15] How do you make security relevant from a business perspective?
[12:25] How do you build trust as a new CISO?
[14:55] What was Gerald’s path to becoming the CISO at Sprinklr?
[18:33] Does having experience in sales lend itself to being a CISO?
[22:27] Gerald shares a story of what happens when you apply old controls to new environments
Links
Connect with Gerald on LinkedIn
Check out Sprinklr
View all episodes
By Lacework
5
3939 ratings
This episode features an interview with Gerald Beuchelt, the CISO at Sprinklr, the leader in customer experience management, serving companies like Microsoft, P&G, and 50% of the Fortune 100. Gerald has nearly 30 years of experience in IT, having served in leadership roles at companies like MITRE, Demandware, a Salesforce company, and LogMeIn. He is also a cyber security consultant and advisor. And in this episode, host Andy Schneider and Gerald discuss fostering an organization-wide culture of security through effective employee education, communication with leaders, and building trust as a security leader.
Key Quotes
*”Standing in the limelight and being exposed is very humbling on the one side. But on the other side, it's like once you go through it, it does give you more confidence about yourself. And I think that's something that is important as you're facing an environment that is sometimes skeptical of what security people are saying and for all the right reasons.”
*”We think of people, processes, and technology. Strong gates have big locks on those gates. If nobody’s protecting that kind of wall and knows what to do if an adversary’s coming in, just use a ladder and climb over it, and it’s a done deal, right? It’s exactly the same thing when it comes to security. It’s mainly about people and processes first. And then we can see how we can use technology as a force multiplier, as something that enables certain things that we couldn’t do otherwise. ”
*”Once you can relate security issues in a very concrete and tangible way, education sticks much better. And that is how you build education over time.”
*”The vast majority of senior leaders, executive leaders, board members do fully understand the importance of security. They sometimes just don't know what they can do in order to help. So really helping them to help you in terms of structuring education, in terms of structuring outreach to employees, customers, contractors, I think that is really important. And once that clicks, it becomes self-reinforcing, because at the end of the day, the customers are happier. That goes back to the sales reps, that goes back to tangibly increase the revenue, but even customer satisfaction scores can go up. And all those things reinforce a positive security culture just the same way a negative security culture can take this thing down.”
“If I'm going into an executive leadership team discussion or board meeting, I'm starting to say, ‘Well, let me talk about the structure of the TCP/IP package that we discovered in the last meeting.’ You lost them. They understand that this is important and they may even be awed by your knowledge and make you feel good for a short period of time. But in the long run, this is not really sustainable, right? It doesn't really convey the kind of information that senior leaders would need in order to be able to help you. You need to translate this into things that are tangible. Cost, benefits, risk that you can mitigate.“
Time Stamps
[0:33] Introducing Gerald Beuchelt, the CISO at Sprinklr
[1:18] What is the scope of Gerald’s role at Sprinklr?
[3:19] What is the CISO role like at a company that is purely on the cloud? What are Gerald’s top priorities and concerns?
[6:19] How does Gerald educate employees on security?
[10:15] How do you make security relevant from a business perspective?
[12:25] How do you build trust as a new CISO?
[14:55] What was Gerald’s path to becoming the CISO at Sprinklr?
[18:33] Does having experience in sales lend itself to being a CISO?
[22:27] Gerald shares a story of what happens when you apply old controls to new environments
Links
Connect with Gerald on LinkedIn
Check out Sprinklr