Resilient Cyber

Today’s episode is sponsored by Wiz. Resilient Cyber listeners can get a free cloud security health scan by visiting wiz.io/rc

Wiz transforms cloud security.  

Wiz is the #1 cloud security platform -- based on independent customer reviews -- that helps security leaders and developers protect everything they build and run in the cloud.

Leading organizations from the Fortune 100 to high-growth companies all trust Wiz to innovate at the pace of cloud while staying secure.

FREE Cloud Security Scan!

In this episode we sit down with industry leader Ross Young to discuss the keys to becoming a CISO. Ross is the current CISO at Team8, former CISO at Caterpillar Financial Services, Divisional CISO at Capital One and former CIA.

- First off, for those who don't know you, can you tell us a bit about your background?

- You've been providing a deep dive talk into how to become a CISO. I'm curious, what made you put together the presentation, and how has it been received so far when you've had a chance to deliver it?

- You have broken down what you call "four stages of the journey" that encompasses skills in areas such as Technical, Management, Leadership and Political. This to me comes across as CISO's need to be multidisciplinary professionals with a variety of skillsets. What do you think makes this so important for CISO's to be successful?

- Let's walk through the four stages a bit. You start off with Technical skills. This seems to the foundation many CISO's start with, coming from roles in areas such as engineering, architecture and so on. What makes this foundation so key?

- How do CISO's maintain a strong technical foundation and depth, as they get further away from the tactical work and more into the leadership and strategic role?

- CISO's of course have to be able to manage the teams they build and/or oversee. What are some of the key management leadership skills you think CISO's must have?

- Leading is a fundamental part of what CISO's do. Whether it is direct reports, or the broader security org. What are some of these leadership skills and how can they have a positive or negative impact?

- Last but not least is the political side of things. CISO's of course operate among other C Suite peers, the board and within complex organizations with competing interests, personalities and incentives. This could arguably be the most important skill to hone in terms of ensuring you're effective in your role, and have a lasting impact on organizational risks. What are your thoughts on the political skills front? 

- I'm curious as someone who's been a multiple time CISO and is now advising others on how to obtain the role - where do you see the role of the CISO headed in the future? We see new aspects such as litigation, SEC rules, determining materiality, CISO's needing to speak the language of the business and more - all while needing to manage risks with the ever changing technological landscape, with AI being the latest example. Where is it all headed?