A CEO’s Guide To Ignoring Your Security Program (LIVE in Santa Monica)
A CEO’s Guide To Ignoring Your Security Program (LIVE in Santa Monica)

A CEO’s Guide To Ignoring Your Security Program (LIVE in Santa Monica)

Stoblane

42 min
Business & Finance
Play

Description

<p>All links and images for this episode can be found on <a href= "https://cisoseries.com/a-ceos-guide-to-ignoring-your-security-program-live-in-santa-monica/" target="_blank" rel="noopener">CISO Series</a>.</p> <p>Usually the buck stops with the CEO. But for a CISO, what do you do when a CEO wants to exempt themselves from your security program? Whether it's granting privileged network access or just ignoring protocols, it can put a CISO in a tough spot. So how do you deal with a leader that thinks they're above the controls you have in place? Is it enough to document your disagreement or is there anything else you can do in that position? </p> <p>This week’s episode is hosted by me, <a href= "https://www.linkedin.com/in/davidspark/">David Spark</a> (<a href= "http://twitter.com/dspark">@dspark</a>), producer of CISO Series and <a href="https://www.linkedin.com/in/jcunderwood/">John C. Underwood</a>, VP, information security, <a href= "https://www.careersatbig5.com/">Big 5 Sporting Goods</a>. Joining me is our guest, <a href= "https://www.linkedin.com/in/joshuascott/">Joshua Scott</a>, Head of Security and IT, <a href= "https://www.postman.com/">Postman</a>.</p> <p><strong id= "docs-internal-guid-e857f8c4-7fff-f61a-671a-0a47a124586f">Thanks to our podcast sponsor, Veza</strong></p> <p><a href= "https://www.veza.com/schedule-demo?utm_campaign=SCFriday&utm_medium=Display&utm_source=3rdParty&utm_content=image" target="_blank" rel="noopener"><img src= "https://assets.libsyn.com/secure/show/24425/Veza-banner-ad-600x100_resized.png" alt="Veza" width="600" height="100" /></a></p> <p><em>75% of breaches happen because of bad permissions. The problem is that you don’t know exactly WHO has access to WHAT data in your environment. For example, roles labeled as “read-only” can often edit and delete sensitive data. <a href= "https://www.veza.com/schedule-demo?utm_campaign=SCFriday&utm_medium=Display&utm_source=3rdParty&utm_content=image" target="_blank" rel="noopener">Veza</a> automatically finds and fixes every bad permissi

Uploader

wade_stream

wade_stream

A CEO’s Guide To Ignoring Your Security Program (LIVE in Santa Monica) - Listen Free | WowFM