How do you define cybersecurity?

In this week of Life of a CISO Dr. Eric Cole discusses the responsibilities of a CISO in times of crisis. A CISO must be vigilant about attacks.

But what makes a CISO different from a technical engineer is that he can communicate with the executives in a language they will understand about how to balance this risk with functionality, rather than rigidly go for 100% security at the expense of functionality.

Join Dr. Cole to learn how to find the balance necessary to become a World Class CISO.

In this episode:

  • 0:59 Are you communicating in a way that people understand?
  • 1:33 How I made Cyber Crisis an effective book on communication for executives
  • 4:43 What is the definition of cybersecurity?
  • 6:02 Cybersecurity is understanding, managing, and mitigating the risk of critical data being disclosed, altered, or denied access to.
  • 6:56 Risk, critical data, and CIA (Confidentiality/Integrity/Availability)
  • 8:48 Conversations with executive team are critical
  • 9:52 You produce the list and let them modify and change it
  • 11:52 Do it in a meeting, not over email
  • 14:50 Risk is the probability of loss
  • 18:25 Switching between technical and executive
  • 20:29 Most CISOs stop at risk and confidentiality
  • 21:07 Why availability is crucial
  • 24:40 33/33/33
  • 27:09 Give yourself an honest report card