What led you to get involved in multiple CISO communities?

965 views2 Comments

Sort by:

Director of IT in Software4 years ago

My main reason is the chance to learn from peers and industry leaders and share my experience and knowledge.

SVP, Chief Information Security Officer in Education4 years ago

I like sharing whatever I can to add value. But to me, it's a bidirectional activity. No matter how many years you've been in this industry, there's always something to learn. There's always a different perspective to absorb and I find that bidirectional exchange to be critical, even in terms of my day-to-day operations.

One of the coolest things that drives me to get involved in different organizations is the sector specializations that appeal to specific populations. For instance, in New York, you find a more financial sector type of perspective. Down here in North Carolina, there's more of a healthcare perspective. On the west coast of the US, you're probably going to find more of an entrepreneurial perspective. Each one of those presents an awesome dynamic to bring together and learn from.

Content you might like

What type of technology does your organization use to provide access to internal resources for remote users?

VPN46%

ZTNA45%

VDI6%

Other2%

View Results

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Our organization is subject to data retention requirements over very long periods (50 years or more). Do your organizations face similar constraints? If so, what long-term retention strategy have you implemented for these regulated data, and what technologies or solutions do you use to ensure their durability and compliance?

What cyber security metrics are CISOs of listed companies reporting to the audit committee of the supervisory board?

Are short term bans of the use of GenAI applications and tools (such as ChatGPT) a good idea for end users in most organizations? For context see this article on the State of Maine Government's directive before you vote: https://www.govtech.com/artificial-intelligence/chatgpt-generative-ai-gets-6-month-ban-in-maine-government

Yes - Maine did the right thing. There are too many security risks with free versions of these tools. Not enough copyright or privacy protections of data.28%

No, but.... - You must have good security and privacy policies in place for ChatGPT (and other GenAI apps). My organization has policies and meaningful ways to enforce those policies and procedures for staff.44%

No - Bans simply don't work. Even without policies, this action hurts innovation and sends the wrong message to staff and the world about our organization.21%

I'm not sure. This action by Maine makes me think. Let me get back to you in a few weeks (or months).5%

View Results

What led you to get involved in multiple CISO communities?

Sort by:

Content you might like

What type of technology does your organization use to provide access to internal resources for remote users?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

What cyber security metrics are CISOs of listed companies reporting to the audit committee of the supervisory board?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go