How do you encourage your software staff to follow security best practices? Have you ever had problems with developers who aren’t following formal security processes after they’re in place?
If you’ve been part of a return to office initiative, have you cut back on any collaboration tools, or did you leave things as is to avoid workflow disruptions? Did you cut back on any other tooling as part of the RTO?
Have you ever worked for, or with a leader that thrived in chaos (perhaps to the point of neglecting preventative measures that would avoid a crisis)? What strategies helped you work with them without sacrificing your own wellbeing?
What techniques have been most successful in getting the more technical members of your team to think in terms of business outcomes rather than technical features?
Non-security IT leaders - how do you make sure you and your infosec partners share the same risk appetite? How do you handle disputes?