How to become a World Class CISO (Chief Information Security Officer) | Life of a CISO Episode 1
Vložit
- čas přidán 4. 07. 2024
- Welcome to Life of a CISO, in this show you will learn everything you need to know to become a successful Chief Information Security Officer.
🔑 [FREE MASTERCLASS]
Discover How You Can Advance Your Career Through Cybersecurity
safe.secure-anchor.com/nl-web...
In this episode:
1:11 What is a CISO
3:00 You can't prevent all cyber attacks
7:24 Avoid all extremes
8:00 What's the value or benefit?
8:58 What's the risk or exposure?
11:44 The old school approach doesn't work anymore
15:36 The CISO's main responsibility
17:51 What is the Risk?
20:43 CISO's allow business to function and be successful
22:09 Cybersecurity is a business enabler
27:08 If security negatively impact the business, then security is wrong
31:18 Strategy V.S. Tactics
About Dr Eric Cole
Eric Cole, PhD, is an industry-recognized security expert with over 20 years of hands-on experience in consulting, training, and public speaking. As the founder and CEO of Secure Anchor Consulting, Dr. Cole focuses on helping customers prevent security breaches, detect network intrusions, and respond to advanced threats. In addition, he is a sought-after expert witness and a 2014 inductee to the InfoSecurity Hall of Fame.
#LifeOfaCISO #CISO - Věda a technologie
Always good stuff @Eric! I’m taking a ton of notes.
This was hard core and on point, I really learned a lot with this talk. Thanks Dr. Cole!
Glad this was relevant to you.
Great video Dr. Cole. Just beginning my cybersecurity career. I have a lot of time to get skin in the game but I am gaining a lot of insight on what I should expect to accomplish this position I want for myself.
thank you, I really enjoyed , a time well spent.
You're welcome! Glad you enjoyed it.
Very good video and recommend for those that are in senior management and well as those security practitioners to watch. Love the transfer the risk segment. Will watch the rest.
Thank you for the feedback. Many times organizations make security harder than it needs to be but the risk transfer is an easy way to make sure those that have the authority also have the responsibility.
That's great. Your sharing is so practical and useful.
Glad it was helpful! Thanks for watching!
So glad I found this channel. I want to be a CISO one day.
This was an awesome video Dr. Cole, I really hope you release at least 10 more of these 30 min videos :-)!!!
That's the plan! thank you for watching.
Great video 👍 thanks
Thanks!
Great Video
That's very nice of you to say.
I agree with what Dr. Cole mentioned. AM
Thank you for watching
Wowwww... great point for my future interviews
if you can achive 100% security there wont be a funtionality
Thank you so much
You're most welcome! Thanks for watching!
Great introduction Eric, I'm following your work and look to forward to more CISO knowledge. Take care
Now this is an INTRO! HAHAHAHAHA Great job! wow.
Thanks for watching!
Hi Eric, what advice would you give me as a recently graduated software developer if I wanted to gain the skills required to be a CISO or other positions adept at handling company-wide security? I feel like there is no one path that I see, people come from penetration testing, network, sys admins, devs, etc. So I'm a bit overwhelmed trying to figure out a "career" path. Thank you!
lol Buffet definitely invested in Bitcoin , great video tho
either he is playing the upside or the downside cause hes got connections.
I do disagree with the phone example. The FBI has extracted data from phones that were lit on fire, and can get a warrant to retrieve data from the service provider. Even though something may be non-functional doesn't mean it is secure or that it contains no risk. What is non functioning to a business might be a treasure trove for someone else.
Thanks for sharing your opinion :)
A security control needs to make it more expensive to the adversary than the worth of the data that would be compromised. If you have a nation state as your adversary, then you need to go to great lengths to make that the case.
Hey sir love from india . And I'm just 12 passed i wanna become a ciso can you share best roadmap
5:10 oh god
The bodyguard humble brag 🤦♂️
The real question is what is an ISO?
An ISO is an information security officer. In some organizations “chief” before a title has a special meaning and often has corporate responsibility and/or liability. Therefore in those cases the person who is responsible for security would be given a title of ISO (information security officer) because CISO (chief information security officer) would be to senior.
Thanks for the reply Dr. E. What about organizations with both a CISO and ISO? Is this somewhat redundant?
@ Vic
The Chief Information Security Officer is an executive position within a company whose role is to lead the junior Information Security Officers and talk to the CEO.
He looks stressful and pressured! LOL!!! CISO?!?!
That mobile example is just a waste of time.
You need to ensure your functionality is well defined. Then it can only be used in distinct ways, and cannot be abused..... that doesnt imply it's "zero functionality".... so I kinda disagree here, Mr. "CISO".