31 min listen
A CEO’s Guide To Ignoring Your Security Program (LIVE in Santa Monica)
A CEO’s Guide To Ignoring Your Security Program (LIVE in Santa Monica)
ratings:
Length:
44 minutes
Released:
Oct 24, 2023
Format:
Podcast episode
Description
All links and images for this episode can be found on CISO Series. Usually the buck stops with the CEO. But for a CISO, what do you do when a CEO wants to exempt themselves from your security program? Whether it's granting privileged network access or just ignoring protocols, it can put a CISO in a tough spot. So how do you deal with a leader that thinks they're above the controls you have in place? Is it enough to document your disagreement or is there anything else you can do in that position? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and John C. Underwood, VP, information security, Big 5 Sporting Goods. Joining me is our guest, Joshua Scott, Head of Security and IT, Postman. Thanks to our podcast sponsor, Veza 75% of breaches happen because of bad permissions. The problem is that you don’t know exactly WHO has access to WHAT data in your environment. For example, roles labeled as “read-only” can often edit and delete sensitive data. Veza automatically finds and fixes every bad permission—in every app—across your environment. In this episode: For a CISO, what do you do when a CEO wants to exempt themselves from your security program? How do you deal with a leader that thinks they're above the controls you have in place? Is it enough to document your disagreement or is there anything else you can do in that position?
Released:
Oct 24, 2023
Format:
Podcast episode
Titles in the series (100)
Is Password2 More Secure Than Password1?: Are you managing your passwords the same today as you did five years ago? On this episode of the CISO/Security Vendor Relationship podcast, we discuss the changing landscape of what we once thought were best practices, but aren't anymore. On this... by CISO Series Podcast