Instead of Increased Cybersecurity, Could We Just Order Less Risk?

Published: April 12, 2022, 10 a.m.

All links and images for this episode can be found on CISO Series

"No business wants more security, they want less risk," said a redditor on the cybersecurity subreddit. Executives seem to not care about cybersecurity because they're not talking in those terms. They talk in terms of managing risk. It's the InfoSec professional's job to do the translation.

This week\u2019s episode is hosted by me,\xa0David Spark\xa0(@dspark), producer of CISO Series and\xa0Mike Johnson. Our guest is Tom Doughty, vp and CISO, Prudential Financial.

Thanks to our podcast sponsor, CYREBRO

Ninety percnet of post mortems show that the high cost of damage from a cyberattack was avoidable, but no one knew in time to stop it. CYREBRO's SOC Platform is your cybersecurity central command, integrating all your security events with 24/7 strategic monitoring, proactive threat intelligence, and rapid incident response. More from CYREBRO.

In this episode:

  • How do you discuss cybersecurity with executives who don\u2019t care about cybersecurity?
  • Does cybersecurity insurance help motivate better cybersecurity awareness?
  • Why are we still struggling with cybersecurity hiring?
  • What does a great day in information security look like?