In part 2 of this interview with Endre Jarraux Walls, EVP and CISO for Customers Bancorp and Customers Bank, Endre explains what CISOs and fire chiefs have in common and shares his views on zero trust. He has sage advice for anyone looking to get into cybersecurity, and for CISOs in their first 90 days on the job to ensure they have another 5,000.
Alan Levine, CISO at Alcoa (retired) and Advisor, Jason Lewkowicz, Global CISO, for Cognizant, Matthew Butkovic, Heinz College of Information Systems and Public Policy at Carnegie Mellon University, and Eris Symms, CISO for Arconic Corporation collaborated to answer viewer questions from our latest webinar, “The Race to Secure Your Supply Chain”.
While most questions were addressed during the webinar, moderator Alan Levine subsequently provided additional insight. If you missed this webinar or would like to watch it again, you can view it below.
Endre Jarraux Walls is the Executive Vice President and CISO for Customers Bancorp and Customers Bank. His accolades include: a top 40 under 40 leader in the greater Philadelphia region, a top 10 global CISO, and an American Cyber Awards honoree. He received a BS in Information Technology from Capella University in Minnesota and Accelerated Management Program Certificate from Yale University’s School of Management for Executive Education.
In our third and final interview with Greg Crabb, the Virtual CISO and former CISO and Vice President for the United States Postal Service, he shares the changes he’s seen in cybersecurity during his career and what’s surprised him the most. Greg also explains the 4 C’s of innovation, what’s kept him active during the pandemic, and which family member plans to follow in his footsteps.
In part 2 of this three-part interview, Greg Crabb, Virtual CISO and former CISO and Vice President for the United States Postal Service, discusses how he sees the CISO role evolving. Greg proposes a new title for CISOs, who he feels CISOs should report to, and outlines what a CISO should do in their first 90 days on the job. He also shares an interesting story about what event preceded him joining the US Postal Service.
Greg Crabb is a Virtual CISO and former CISO and Vice President for the United States Postal Service. He, in fact, is a third-generation postal employee. In part 1 of this interview, Greg shares how he got started in the cybersecurity industry 26 years ago, how to keep the business running without compromising security, and what 80’s movie inspired him to get into federal law enforcement.
In the words of renowned cybersecurity technologist and author Bruce Schneier, “Amateurs hack systems, professionals hack people.” Organizations must invest in employee security and awareness programs. Employees engaged in cybersecurity think about security and risk on a daily basis, but what about a frenetic office receptionist, busy ER nurse, or overworked lawyer? Recurring security awareness programs, on a quarterly basis for example, keep security on the forefront of employees’ minds and help mitigate the human errors that cost organizations millions and often CISOs their jobs.
When businesses transitioned last year to remote work and accelerated their digital transformation initiatives to accommodate this shift, it created a golden opportunity for hackers. While businesses implemented new digital services, one problem became glaringly apparent: 3rd party risk. CISOs who want an easy solution for cloud vendor assessment can use the Consensus Assessments Initiative Questionnaire (CAIQ). However, if CISOs need to vet non-cloud providers, there are two recommendations they must consider.
CISO Street recently interviewed Bryan Kissinger, CISO for Trace3 and author of “The Business Minded CISO.” In this video, Bryan discusses the best approach for building a business case for a security program.