Would you hire someone who's experienced a major security breach?

People & LeadershipStrategy & ArchitectureSecurity & GRC+8 more
1.2k views1 Upvote4 Comments
Member Board of Directors in Finance (non-banking), 201 - 500 employees
I would hire someone who’s experienced a breach because it is a great learning experience. If you interview someone and you can tell they learn from experience, then it's very valuable, so I wouldn't hesitate to hire someone that went through a traumatic episode like that and learned.
1
CIO in Manufacturing, 1,001 - 5,000 employees
I would definitely hire someone who has experienced a breach. You don't really have real world experience until you've been through something like that. And it’s not just the technical response but all the business learnings you gain, which you can use to help prepare the organization for the next time it happens. It might make sense to look for someone that has gone through a breach just for that reason.
1
CIO in Software, 5,001 - 10,000 employees
We always say: It's not a question of if, it's a question of when. I think all companies have gone through breaches, it’s just a question of severity—maybe you were lucky and it wasn’t a major incident, or it didn't reach your crown jewels. You don’t have to disclose these breaches, but there is no such company that hasn't gone through them. We hire more on a fit, and look for people willing to learn from experience. So if they are a fit, then going through a breach is just something to learn from. You know what not to do, which is equally important sometimes, especially in the security area.
2
CISO in Software, 1,001 - 5,000 employees
Absolutely; there are so many things that can lead to a security breach it would be unfair to disqualify them because they went through a breach. I would further the points raised already that a breach is a great learning opportunity.
3

Content you might like

Which EDR has less false positives?

Security & GRCIT Strategy & RoadmapSecurity Strategy & Roadmap

crowd strike37%

sentinel one59%

carbon black5%

cynet0%


41 PARTICIPANTS
317 views

Would anyone be willing to share best practices about how their organization deals with ensuring Cookie Compliance, specifically to GDPR rules? Where should this sort of compliance review sit in an organization? The particular issue we have is who should review new web deployments that use cookies and to make the decisions on whether Cookies are Strictly Necessary or Functionality Cookies. For example is a Cookie required for a Live Chat to work Functionality or Strictly Necessary? Our Security team does not consider taking on these compliance reviews as their domain, as Cookie Compliance is not an internal security matter and the Data Protection team has a limited interest as the GDPR rules around Cookies apply in case of any Cookie being used by a website, whether or not it contains personal data. 

Security & GRCRegulatory Compliance
209 views1 Comment

Has your organization effectively used AI to cut costs and enhance customer support?

IT Strategy & RoadmapArtificial Intelligence & Machine Learning (AI/ML)People & Leadership

Yes, AI has significantly reduced costs and improved customer experiences.4%

Somewhat, there have been some cost reductions and customer benefits, but there's room for improvement.81%

No, AI implementation has not yielded noticeable cost savings or substantial customer enhancements.11%

Not sure / I don't have enough information to assess AI's impact.4%


27 PARTICIPANTS
216 views

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & LeadershipStrategy & ArchitectureCloud+57 more
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
142 19 Replies
Read More Comments
46.5k views133 Upvotes324 Comments

How do you keep a team motivated in absence of leadership?

People & Leadership
Read More Comments
39.8k views29 Upvotes19 Comments