On this episode of The New CISO, Steve is joined by Kevin DeLange, the VP and CISO of IGT, to discuss how Kevin’s love of problem-solving led him to a career in cyber security.

Before joining the information security field, Kevin served in the military and completed a degree in Anthropology. Now a CISO, he reflects on how the skills he developed throughout these experiences brought him to where he is now. Listen to the episode to hear more about Kevin’s career journey, solving puzzles in the workplace, and his advice for those applying for CISO positions.

Listen to Steve and Kevin discuss how to define a problem before solving it and the value of real-world experience:

Meet Kevin (1:30)

Host Steve Moore introduces our guest today, Kevin DeLange, who shares more about IGT, a global leader in casino games, and how long he’s worked there.

Life Before IGT (2:43)

At seventeen, Kevin joined the military and worked on nuclear missiles. He credits this experience as his first foray into the security world.

The Practicality of Anthropology (5:58)

After completing his service, Kevin finished a degree in Anthropology. Kevin explores how this discipline allowed him to solve complex problems, which he has applied to his security career.

A Crooked Path (7:49)

Steve asks Kevin what he means by his “crooked path” into cyber security. 

Kevin explains that life is not a straight line and that although he couldn’t predict his career in his youth, he understands that he acquired the right skills along the way.

Generational Differences (9:32)

Although there are college degrees now in the security field, Kevin recognizes that there is no substitute for real-life experience. Kevin then lists the traits he looks for when hiring a security professional, particularly highlighting the value of soft skills.

Working With Senior Management (13:56)

Steve asks Kevin the best ways to present a problem in the workplace and how to stand out to senior management.

Kevin says that you need to tailor your communication to the audience in front of you, whether technical or business groups. It’s also essential to ensure you have advocates outside the company to support you, which comes from building relationships.

CISOS And Their Sales Teams (17:51)

Kevin explains that the company’s goal is to make money and that his job is to ensure that the company is securely making money. Although understandably, security professionals and sales teams may not see eye-to-eye, it is a necessary working relationship with a common goal.

Making A Choice (20:12)

Balancing three full-time jobs, Kevin eventually had to choose what he wanted to pursue. Ultimately, Kevin decided on information security because he finds it exciting and himself well-equipped for its problem-solving component.

Simplifying The Problem (23:28)

The most challenging thing for Kevin is to simplify the problem before trying to solve it, though that is what he strives to do most. Kevin laments that it’s “difficult to prove a negative,” but the more he condenses what he’s communicating to senior management, the more he can get the support he needs.

Let Things Fail (28:12)

You cannot oversee your own work as a CISO, so it’s critical to pass that duty to someone on your security team. Since you cannot do it all, it’s sometimes better to let things fail to move forward.

His Best Advice (35:18)

Steve asks Kevin what his red flags are for people applying for security leadership positions. Kevin provides his main criteria, which is paying attention to the hiring company’s definition of a CISO.

Links mentioned:

IGT