BROADCASTS.com

b'

Since no one ever checks a research study\'s methodology, why not just make up all the numbers? You\'re in the risk analysis business, right? Chances are very good they\'ll never check and research studies are a great way to get free press.

This show, like all the previous ones is hosted by me,\\xa0David Spark\\xa0(@dspark), founder of\\xa0Spark Media Solutions\\xa0and\\xa0Mike Johnson. Our guest this week is Melody Hildebrandt (@mhil1), CISO of FOX.

Thanks to this week\'s sponsors, Axonius and New Context.

New Context helps fortune 500s build secure and compliant data platforms. New Context created \\u201cLean Security\\u201d, a set of best practices designed to help enterprises manage and secure data for critical infrastructure, and offers professional services and a software solution, LS/IQ, to help enterprises build a secure and compliant data platforms for their business.

Huge congrats to Axonius for their two big wins at RSA this year. They were named Rookie Security Company of the Year by SC Media and they also won top prize at RSA\\u2019s Innovation Sandbox. They\\u2019ve been touted as the company trying to solve the least sexy part of cybersecurity, asset management. Go to Axonius\\u2019 site to learn more.

On this episode

Ask a CISO

It\\u2019s been reported many times, that the average life of a CISO is 18 months and Mike Johnson lasted 18 months at Lyft. At the time of Mike\\u2019s departure so many people were forwarding me articles regarding the stress level of CISOs, most notably around Nominet\\u2019s study that claimed that about 1 in 5 CISOs turn to alcohol or self-medicating. With two CISOs on the panel we discuss if this was the most high-pressured job they had and would you be eager and willing to jump back into the CISO role again.

Why is everybody talking about this now?

Couple weeks ago I wrote an article entitled\\xa0\\u201c30 Security Behaviors that Set Off a CISO\\u2019s BS Detector.\\u201d\\xa0There was quite a response from the community to this. Now that we\\u2019ve just finished RSA, did our CISOs see or hear anything that set off their BS detectors.

What\\u2019s Worse?!

We play two rounds of \\u201cWhat\\u2019s Worse?!\\u201d Both rounds are cases of employees putting security in very compromising positions.

What\\u2019s a CISO to do?

When we talk about security we\\u2019re often talking about protecting customer and employee data. While all companies have intellectual property they need to protect, at FOX, Melody Hildebrandt is having to deal with some very high profile individual assets that are of interest to many hackers. What are the factors a CISO must consider, that most security people probably aren\\u2019t thinking about, when you\\u2019re trying to secure a single media asset that\\u2019s worth hundreds of millions of dollars?

What do you think of this pitch?

After you hear this pitch, every security professional may be out of a job. Tip of the hat to Christopher Stealey of Barclays for providing this pitch he received.

You\\u2019re a CISO, what\\u2019s your take on this?

Ameer Shihadeh of Varonis asks a question of trying to overcome the objection from a security professional that they don\\u2019t have any security initiatives or projects.

And now this\\u2026

We field questions from our audience for the CISOs.