Home/Tag: vCISO

Webinar: The CISO Role: How to Design a Security Leadership Role Custom Fit to Your Organization

Check out our webinar from Shane Peden and Christian Hyatt in which they discuss common pitfalls of the CISO role as well as a framework to design a CISO role that makes sense for your organization. See also: Podcast | The CISO Role: How to Design a Security Leadership Role Custom Fit to for Your Organization https://www.youtube.com/watch?v=46dYkYzENgo

How to Interview for Grit

I just finished the book "GRIT: The Power of Passion and Perseverance" by Angela Duckworth. Duckworth is a professor at the University of Pennsylvania and has studied Grit in the context of success for over a decade. The results of her studies: Grit matters. Instinctively, when I speak with leaders of organizations they know that grit plays a big role in [...]

By |2020-01-25T12:36:01+00:00June 18th, 2018|CISO Discussions, Culture|0 Comments

Build a Security Program and Run It Like a Business

I recently finished the book "Traction" by Gino Wickman. Next to Scaling-Up by Verne Harnish, I think it is one of the most actionable business books I've ever read. Our team has informally adopted both books as part of the risk3sixty cannon. While the book is largely about building a great running business - I think a lot of the same [...]

By |2020-01-17T21:40:10+00:00April 30th, 2018|CISO Discussions, Cyber Risk Management|0 Comments

How to Turn the Risk Committee Meeting into the Most Valuable Meeting on Your Calendar

Mention "Risk Committee" or "Enterprise Risk" to upper management and you will probably get an eye role. If you suggest a standing meeting about risk - it might get you fired. BUT - I believe the risk committee meeting can be the most valuable meeting on your calendar. Here's how: Why Risk Committee Meetings Are Important Successful risk committee meetings are [...]

Thoughts on Building an Information Security Program that Sticks

Most executives realize that information security (and cybersecurity) is a rising threat within their organization. This is the new normal in the digital economy. As result information security professionals that used to be viewed as technical practitioners are finding seats at the executive table and at with the board of directors. The problem for most organizations trying to build an information [...]

Quality Work Does Not Mean Quality Service

Quality Work Does Not Mean Quality Service "Managing the Professional Services Firm" by David Maister is considered to be "core canon" among consulting professionals. Though it was originally published over 25 years ago (1993) it has aged gracefully and almost all of its content is still relevant today. One of our team's favorite distinction, as pointed out by Maister, is the [...]

How to Effectively Communicate Your Security and Compliance Story to Prospective Clients and Business Partners

I read an article last week about Wal-Mart forcing some of their vendors off Amazon’s cloud. Wal-Mart has an incredible amount of leverage over their vendors so my guess is that most SaaS providers probably went along with Wal-Mart’s request. This type of thing isn’t uncommon in the world of vendor management. I have personally worked with high-growth companies and service [...]