Cyber-Security Top Best Practices of

Successful CISOs in 2021

In todays episode of Life of a CISO, Dr. Eric Cole reviews some of the common tips, tricks, and tactics that every world class CISO should know.

A good CISO must know the basics of the business they are in; specifically, they must know what an organization is known for, what its competitive advantage is, and how it makes money.

Listen to this episode to learn the common tips, tricks, and tactics to becoming a world class CISO.

In this episode:

  • 0:45 What is the most important question that a world class ciso must be able to answer.
  • 1:02 I’m often brought in when executives and CISOs don’t understand each other.
  • 2:42 Why detailed slides are awful
  • 3:47 I was making a presentation and I could tell I wasn’t connecting with the audience.
  • 5:47 Back to the CISO story
  • 6:20 Most CISOs forget that they’re the expert. Executives don’t want a lesson, they want a report
  • 7:00 If you get a question you don’t know the answer to, don’t do this
  • 8:36 Many CISOs get lucky because most CEOs aren’t going to call them out
  • 10:06 McDonald’s isn’t known for high-end food, they’re known for fast food
  • 11:48 What is your competitive advantage, and what gives you the advantage in the marketplace, and how do you make money?
  • 14:00 Information is out there, if you do research, you can find those three things
  • 16:23 World class CISOs can take complex topics and reduce them to the level an executive can understand
  • 17:55 Why security engineers do not always make great CISOs
  • 20:49 I’m not saying you can’t do it, you just have to know your job is managing risk
  • 21:46 The three big questions
  • 24:11 4 general ways an adversary can get into your organization
  • 26:13 How I fix security issues
  • 27:17 Spear-phishing