Cybersecurity Leadership is Broken with Richard Brinson and Rachel Briggs
b'
Pending legislation mandating cybersecurity representation at the top levels of an organization in a relatively young field and understanding that field are testing the bounds of practical cybersecurity leadership.
Today\\u2019s guests are Richard Brinson and Rachel Briggs. Richard is an experienced executive, board advisor, and global top 100 Chief Informations Security Officer. He has been providing strategic guidance to many of the world\\u2019s largest global organizations for over 20 years with core expertise in cybersecurity, technology infrastructure, and enterprise architecture. Richard leads Savanti\\u2019s cybersecurity practice, helping large organizations to transform and modernize their security functions for the digital age.\\xa0
Rachel is a leading expert on security and has advised governments and multinational corporations on security, resilience, terrorism, and responses to extremism. She is an Executive Advisor with Savanti and founder and CEO of The Clarity Factory, which provides and arranges services to its clients including research, consultancy, and thought leadership.\\xa0
Show Notes:
- [1:35] - Richard shares his background and what Savanti is known for.
- [2:30] - Rachel works with Richard and his team on thought leadership products.
- [4:01] - Organizations reach out to Savanti and don\\u2019t know if what they are doing is right or wrong. SISOs seemed to be coming and going.
- [5:35] - There were 6 key factors that were causing this churn in the industry.
- [6:50] - The supply in demand problem for cybersecurity leaders is one issue in retaining professionals as SISOs.
- [8:45] - For every three years, a company is really only moving forward one.
- [10:05] - Rachel shares data that shows the importance of strong cybersecurity and leadership that does it right.
- [12:37] - It\\u2019s not just about security. It\\u2019s actually part of a good business model now.
- [14:03] - When cybersecurity isn\\u2019t a part of leadership, the board\'s understanding creates a problem with delegating and solving problems.
- [15:20] - Richard is a board advisor on many organizational boards to help with this lack of understanding.
- [16:48] - There are fewer than 100 SISOs with effective boardroom expertise.
- [18:02] - When speaking with SISOs and others in leadership, things are lost in translation.
- [20:28] - We tend to just expect people to be good communicators but it is a skill that needs to be trained.\\xa0
- [21:43] - There are leadership training companies that organizations can work with to coach a leadership team.
- [23:30] - SISOs can and should be taught to communicate effectively in the boardroom and that should be something the organization provides.
- [25:20] - There is pending legislation that will mandate the requirement of cybersecurity in leadership, but Richard shares some possible problems.
- [27:04] - Savanti helps demystify this problem with communication.
- [28:42] - For smaller companies who cannot afford a full time SISO, fractional SISO roles that are usually virtual are offered by Savanti.
- [31:18] - If an incoming SISO does not have the support of the board, they cannot be effective or successful.
- [32:50] - The turnover rate for this role is quite high.
- [34:02] - Companies who aren\\u2019t willing to implement recommendations or bring in a qualified SISO leads to a number of costs and risks.
- [36:02] - Changing SISOs so often is destabilizing.
- [37:35] - With solid security, a company can take more business risks safely.
- [40:03] - Regulations can be helpful but not helpful in many ways.
- [41:52] - If you are considering a role as a SISO in leadership, round yourself off as a business leader with effective communication skills.
- [43:53] - You can read the recent report that Richard describes by clicking here.
Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.\\xa0