The First 90 Days of Being a CISO

On this episode of Life of a CISO, Dr. Eric Cole talks about what happens when you become a CISO. Your early days as a CISO are all about understanding the business.

Specifically, what does your business do that no one else does as well, and how they make money.

A CISO needs to understand the company so he can treat people the way they want to be treated and not they way a CISO would want to be treated.

In this episode:

  • 0:50 The root cause of bad cybersecurity is poor communication
  • 2:45 Security people say “I told them,” but not in a language execs can understand
  • 3:53 What resources are out there?
  • 5:00 Knowledge transfer
  • 6:28 Why I go to different coaches
  • 7:44 Masterminds
  • 9:08 I have the data to prove my success
  • 9:40 You can do it yourself…
  • 11:03 Being a security engineer actually makes it harder to become a CISO
  • 12:15 Be honest
  • 12:42 What are the first 90 days like?
  • 13:55 What is the mission of your business?
  • 16:27 What happens when you don’t know the mission of your company
  • 18:49 Get clear about understanding the business
  • 20:55 What are the 3 most critical incidents that could threaten the business
  • 22:41 Cybersecurity is all about protecting your critical data