What led you to get involved in multiple CISO communities?

965 views2 Comments

Sort by:

Director of IT in Software3 years ago

My main reason is the chance to learn from peers and industry leaders and share my experience and knowledge.

SVP, Chief Information Security Officer in Education3 years ago

I like sharing whatever I can to add value. But to me, it's a bidirectional activity. No matter how many years you've been in this industry, there's always something to learn. There's always a different perspective to absorb and I find that bidirectional exchange to be critical, even in terms of my day-to-day operations.

One of the coolest things that drives me to get involved in different organizations is the sector specializations that appeal to specific populations. For instance, in New York, you find a more financial sector type of perspective. Down here in North Carolina, there's more of a healthcare perspective. On the west coast of the US, you're probably going to find more of an entrepreneurial perspective. Each one of those presents an awesome dynamic to bring together and learn from.

Content you might like

If you didn't have to work, what would you do?

What are the fundamental leadership capabilities that are needed for an era of exponential technology and AI innovation?

Robinhood Market's cryptocurrency unit expects to pay a $30mil fine to end a New York state investigation into its cybersecurity and anti-money-laundering practices, 3x the initial estimate of the potential penalty. Do you currently use Robinhood to track investments?

Yes64%

No35%

Has anyone drafted an SOW for a cloud-based SIEM with setup, migration, and maintenance? I’m working on a FedRAMP-authorized SIEM SOW, migrating from on-prem Splunk, covering data, searches, alerts, dashboards, and models. Scope includes Environment Setup: Cloud provisioning, configuration, testing. Connectors/Parsers: Custom data source integration. Content Development: Rules, use cases, threat feeds. Performance Tuning: Query/index optimization. Runbooks: Operational procedures. Also required: 24x7 support, maintenance, lifecycle and application management, role-based training, and documentation. Must comply with NIST SP 800-53, CJIS, and FedRAMP Moderate+. Goal: Secure, scalable SIEM for rapid deployment. I may be missing elements, so suggestions are welcome. Please share redacted SOWs or tips if possible.

If you have a budget to improve your security operations, are you planning to invest in any of the following initiatives?

Analytics platforms to automate the detection of threats across endpoints, networks, and identities.61%

Solutions to automate the response to threats across endpoints, networks, and other systems.54%

None of the above1%

View Results

What led you to get involved in multiple CISO communities?

Sort by:

Content you might like

If you didn't have to work, what would you do?

What are the fundamental leadership capabilities that are needed for an era of exponential technology and AI innovation?

Robinhood Market's cryptocurrency unit expects to pay a $30mil fine to end a New York state investigation into its cybersecurity and anti-money-laundering practices, 3x the initial estimate of the potential penalty. Do you currently use Robinhood to track investments?

If you have a budget to improve your security operations, are you planning to invest in any of the following initiatives?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go