CISO Interviews

Our Supply Chain Panelists Answer Your Questions

Our Supply Chain Panelists Answer Your Questions

Alan Levine, CISO at Alcoa (retired) and Advisor, Jason Lewkowicz, Global CISO, for Cognizant, Matthew Butkovic, Heinz College of Information Systems and Public Policy at Carnegie Mellon University, and Eris Symms, CISO for Arconic Corporation collaborated to answer viewer questions from our latest webinar, “The Race to Secure Your Supply Chain”.
While most questions were addressed during the webinar, moderator Alan Levine subsequently provided additional insight. If you missed this webinar or would like to watch it again, you can view it below.

A Conversation with Endre Walls – Part 1

A Conversation with Endre Walls – Part 1

Endre Jarraux Walls is the Executive Vice President and CISO for Customers Bancorp and Customers Bank. His accolades include: a top 40 under 40 leader in the greater Philadelphia region, a top 10 global CISO, and an American Cyber Awards honoree. He received a BS in Information Technology from Capella University in Minnesota and Accelerated Management Program Certificate from Yale University’s School of Management for Executive Education.

A Conversation with Greg Crabb – Part 3

A Conversation with Greg Crabb – Part 3

In our third and final interview with Greg Crabb, the Virtual CISO and former CISO and Vice President for the United States Postal Service, he shares the changes he’s seen in cybersecurity during his career and what’s surprised him the most. Greg also explains the 4 C’s of innovation, what’s kept him active during the pandemic, and which family member plans to follow in his footsteps.

A Conversation with Greg Crabb – Part 2

A Conversation with Greg Crabb – Part 2

In part 2 of this three-part interview, Greg Crabb, Virtual CISO and former CISO and Vice President for the United States Postal Service, discusses how he sees the CISO role evolving. Greg proposes a new title for CISOs, who he feels CISOs should report to, and outlines what a CISO should do in their first 90 days on the job. He also shares an interesting story about what event preceded him joining the US Postal Service.

A Conversation with Greg Crabb – Part 1

A Conversation with Greg Crabb – Part 1

Greg Crabb is a Virtual CISO and former CISO and Vice President for the United States Postal Service. He, in fact, is a third-generation postal employee. In part 1 of this interview, Greg shares how he got started in the cybersecurity industry 26 years ago, how to keep the business running without compromising security, and what 80’s movie inspired him to get into federal law enforcement.

This Investment Will Help CISOs Keep Their Jobs

This Investment Will Help CISOs Keep Their Jobs

In the words of renowned cybersecurity technologist and author Bruce Schneier, “Amateurs hack systems, professionals hack people.” Organizations must invest in employee security and awareness programs. Employees engaged in cybersecurity think about security and risk on a daily basis, but what about a frenetic office receptionist, busy ER nurse, or overworked lawyer? Recurring security awareness programs, on a quarterly basis for example, keep security on the forefront of employees’ minds and help mitigate the human errors that cost organizations millions and often CISOs their jobs.

2 Things All CISOs Must Do When Assessing Vendors

2 Things All CISOs Must Do When Assessing Vendors

When businesses transitioned last year to remote work and accelerated their digital transformation initiatives to accommodate this shift, it created a golden opportunity for hackers. While businesses implemented new digital services, one problem became glaringly apparent: 3rd party risk. CISOs who want an easy solution for cloud vendor assessment can use the Consensus Assessments Initiative Questionnaire (CAIQ). However, if CISOs need to vet non-cloud providers, there are two recommendations they must consider.
CISO Street recently interviewed Bryan Kissinger, CISO for Trace3 and author of “The Business Minded CISO.” In this video, Bryan discusses the best approach for building a business case for a security program.

This Is How All CISOs Should Build a Business Case

This Is How All CISOs Should Build a Business Case

Whether you’re deciding what to wear or where to eat, having options is ideal. The same is true when it comes to presenting your business case to your CIO or Board of Directors: you’re better off if you can give them options. Present them with three options: 1) a bare-minimum, 2) centrist, and 3) best-case, no holds barred approach to your cybersecurity program or a strategic initiative. This lets them know you’ve done your homework and it puts the onus on the decision maker, not you.

CISO Street recently interviewed Bryan Kissinger, CISO for Trace3 and author of “The Business Minded CISO.” In this video, Bryan discusses the best approach for building a business case for a security program.

THIS Is Why There Was an Increase in Malware Clickbait

THIS Is Why There Was an Increase in Malware Clickbait

When employees started working from home so, too, did the hackers. The rampant digital transformation opened up vulnerabilities for organizations that prioritized moving to digital quickly over moving to digital securely. Many organizations saw phishing emails containing malicious Zoom links or malware disguised as COVID-19 related webpages. Hackers easily took advantage and attacked these vulnerable devices now residing outside of the organization.