The CU Lab with NAFCU Services
Business
The Evolving Role of the CISO: From Technical Expert to Strategic Leader l DefenseStorm 2024
Thank you for joining us for another episode of the CU Lab. I’m Madeline Kronfeld with America’s Credit Unions, and today I am sitting down with William Wetherill, Chief Information Security Officer at DefenseStorm, to talk about The Evolving Role of the CISO: From Technical Expert to Strategic Leader. William, it’s great speaking with you, and thanks so much for joining us today.
Join DefenseStorm expert William Wetherill for an informative session to explore: how the role of CISO changed from being a technical role to a more strategic one, the key responsibilities of a CISO in managing an organization’s cyber and technology risk posture, the importance of having a CISO at the decision-making table, how the SolarWinds case highlights the need for transparency in cybersecurity practices, potential legal and financial consequences of failing to prioritize cybersecurity, how CISOs can effectively protect their organization by expanding their strategic roles, the importance of training and awareness in maintaining cybersecurity, the role of the CISO in incident response planning, how the CISO can stay updated on the latest cybersecurity trends, threats, and mitigation strategies, the role of a CISO in ensuring regulatory compliance, and more.
In This Episode:
[00:31] Today I am sitting down with William Wetherill, Chief Information Security Officer at DefenseStorm, to talk about The Evolving Role of the CISO: From Technical Expert to Strategic Leader.
[01:30] Being able to properly implement risk management decisions, especially in the cyber age we live in, is incredibly important so CISOs have a lot of challenges here.
[02:27] Having a leader who can really communicate cyber risks and understand how ready that institution is to deal with cyber events is incredibly important. It really comes down to culture, communication, and being able to help drive that leadership and strategy in a way that ensures the protection of the organization.
[02:58] Having the CISO with their knowledge of the potential impacts really helps drive a strategy that is understanding of those risks.
[05:36] We need to be talking about risk openly. We need to be documenting and really understanding what remediating risk looks like and how you do that strategically.
[08:09] The ramifications and outcomes can be huge in a lot of different ways.
[11:19] Because of this awareness training and just training in general about cybersecurity becomes even more important.
[12:14] Treating people with the respect they deserve for being such an integral part of how a business runs and operates is incredibly important and every CISO should be out learning and understanding their challenges.
[14:28] It is critical that any CISO actually goes and meets the people where they are.
[16:38] Governance, risk, compliance, and adherence to regulatory controls are all being looked at much more closely. You are also seeing other technology that is coming into the fold directly responsible for helping CISOs navigate those waters.
[18:28] The reaction from the governing bodies is directly related to the needs of the position. They’re trying to help make sure that we are positioned in a way that gets us the most possibility of success, maturing our postures and protecting the institutions.
[19:08] Communicate first and relate. Understand the organization.
Links and Resources:
NAFCU
DefenseStorm
William on LinkedIn
Create your
podcast in
minutes
It is Free