100%. This is a theme I keep coming across either at events I attend or through conversation. Communication and being able to articulate your POV effectively to a given audience is a requirement. My question to you, Russell: Who's perspective would you be most interested in hearing from on this conversation? CISO? CFO? CEO? Board Members? All of the above? - Jason
@@PurpleSec Great question. CISO for sure, as it's part of their remit (I would hope). But really whoever is signing checks / cheques. What are they looking for in a business case? What makes a good or bad case? Soft skills are really underated. Almost all security is about the "sexy" side, but policies, procedure, business cases, risk assesments are really (to me) what will make security move in the right direction. Without a stick and a carrot, it's all over the place.
@@RussellKeleher I have a CISO lined up already to have this very conversation (maybe in the next 2-3 weeks). I think it would be great to have a CFO (ideally a CEO who also used to be a CFO) on as well to make it more of a discussion from both perspectives. Really appreciate your feedback :) - Jason
👋 If you're new here, then consider subscribing to our weekly newsletter featuring the top cybersecurity minds in the industry: www.linkedin.com/newsletters/ai-cybersecurity-insights-7058517055238504448/
Great show! What an amazing view into the business.
39:20 - this is really it for me. Security Managers etc NEED to make a business case. So often this not done, or not done well.
100%. This is a theme I keep coming across either at events I attend or through conversation. Communication and being able to articulate your POV effectively to a given audience is a requirement.
My question to you, Russell:
Who's perspective would you be most interested in hearing from on this conversation?
CISO? CFO? CEO? Board Members? All of the above?
- Jason
@@PurpleSec Great question. CISO for sure, as it's part of their remit (I would hope). But really whoever is signing checks / cheques. What are they looking for in a business case? What makes a good or bad case?
Soft skills are really underated. Almost all security is about the "sexy" side, but policies, procedure, business cases, risk assesments are really (to me) what will make security move in the right direction. Without a stick and a carrot, it's all over the place.
@@RussellKeleher I have a CISO lined up already to have this very conversation (maybe in the next 2-3 weeks). I think it would be great to have a CFO (ideally a CEO who also used to be a CFO) on as well to make it more of a discussion from both perspectives.
Really appreciate your feedback :)
- Jason
Thank you ...
Glad you found value!
- Jason
👋 If you're new here, then consider subscribing to our weekly newsletter featuring the top cybersecurity minds in the industry:
www.linkedin.com/newsletters/ai-cybersecurity-insights-7058517055238504448/