It’s 90F and sunny and two kids just asked for hot chocolate. Not chocolate milk with ice cubes, but hot, with marshmallows…
English
🇺🇦 SMB CISO 🌻
1.9K posts
🇺🇦 SMB CISO 🌻
@smbciso
tales of #leadership #InfoSec #ginfosec #risk Trust and Safety officer. Player of devils advocate, Opinions are that of others. I delete tweets.
Cyberspace, Internet Katılım Mayıs 2018
402 Takip Edilen672 Takipçiler
If I did a podcast again, would anyone want to be a guest?
English
@rotate26chars The US really needs to up its game. Beyond the areas you mentioned, but like China has mandatory Fundamentals of AI classes in high school. It’s going to create a big gap and have major economic consequences.
English
A lot of people forget, as a leader, like a CISO, we’re not the real doer’s of the function. We’re the team coach, and server a different role and purpose than the team players who do the execution of the plan.
English
@madplatt …descriptions, while not the exact same. It’s going to take 5-10 more years before things really settle. Case law is setting precedence in the US, but it will take something like this, even if it fails now.
English
@madplatt I agree with you 100% here, a small org is going to be structured different than a 60,000+. I’ve seen both, but core of the job descriptions are pretty much the same.
We see central regulation in other areas like finance. But if you look at the US they have the NICE job descripti
English
I’ll take TPRM vendor for $800.
Yea, seeing those LinkedIn posts last week from the CEO & Founder, made me really not a fan.
Merritt Baer@MerrittBaer
TALKING ABOUT YOUR COMPETITION IN FRONT OF CUSTOMERS IS LIKE TALKING ABOUT YOUR EX WHILE ON A DATE. It’s important to understand where your company fits in the tech stack and what attributes are unique to your product. But if you get hung up on competitors it comes across as negative and thirsty. Highlighting features that matter to your customer is helpful. IMO even more importantly, the experience of working with your company and the ability to operationalize your product easily, should distinguish your company. 4/?
English
@hetmehtaa Early on in career it can help show your thinking process and skills. Later on in career, a MBA etc matters less and leas than experience. Don’t let HR fool you. Tides overall are shifting, and college as we knew it may not be in same form 10yrs from now.
English
Leaving current CISO role is bittersweet. Was chatting with one of my reports the other day, and he had no idea of some of the politics I was dealing with. But as the team leader, it was my job to create as safe an environment as I could for them to be successful.
English
@AccidentalCISO @CisoDiagonal @NegaCISO You know I was thinking of coming have out from hiatus…may just have to
English
English
How come there aren't any awards for "Best anonymous CISO?"
English
@BalticAndy @AccidentalCISO important for business integration. We don’t do security, we do things to be secure. Having that tie in to lines of business is critical. The role more than actual title matters. Not just for large orgs, but depends on operating structure.2/2
English
@BalticAndy @AccidentalCISO 100% critical for unified management. All second line functions need to be under the CISO, that includes the SOC. They are 2nd line like and actually doing risk management and assurance, looking for control degradation or failures of what IT delivers. BISO’s are 1/
English
@AccidentalCISO @commandodev Break Out Another Thousand - BOAT
It’s a love-hate relationship, tbh, think of it like a track car in costs.
English
@InfosecHolic @CisoDiagonal @TriTim @AccidentalCISO @water_ciso @m49D4ch3lly @CisoDisabled @Angry_CISO Seems like the Change Mgmt Standard should have clear guidance on what is in or out of scope and then understand how the request gets actioned. Balance and mature the process.
English
@CisoDiagonal @TriTim @AccidentalCISO @water_ciso @m49D4ch3lly @CisoDisabled @smbciso @Angry_CISO …If it is a request for work then create a record. However, sometimes though lines are blurred (or become blurred).
English
If it takes longer to create a ticket for something than to just to do it, is it okay to skip? I know the answer is: it depends!…but curious how you all handle this in your shops. Please RT @AccidentalCISO @CisoDiagonal @water_ciso @m49D4ch3lly @CisoDisabled @smbciso @Angry_CISO
English
@Cyb3rB0r6 @robertgraham @SwiftOnSecurity What is the LIRR Grand Central Concourse. or What is 2nd Ave line. Is this the $600 question?
English
@AccidentalCISO Skip internet. Better off w your cell w an intl plan once you are at a shore stop…plus disconnect if possible as much. Drink package are potentially worth it. You may want ginger pills or a sea-sickness patch if never been.
English
Ok, folks, this nerd is going on a cruise and I’ve never been on one before. Am I going to want to spring for the Internet access on the ship?
Yeah, I get it.. unplug… but… *nerd*
English
For a company, I’m forgoing income/others expenses, that has say 100 people, say each making $100k annual, with a bi-monthly payroll(24/yr), that’s $500k a payroll. Where can you ‘safely’ store your $10m, so as not at risk due how banks manage the cash on your behalf?
English