Artwork

תוכן מסופק על ידי Steve Moore. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Steve Moore או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !

Demonstrating the Value of Your Program to the 'Layman'

49:33
 
שתפו
 

Manage episode 307459391 series 2643387
תוכן מסופק על ידי Steve Moore. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Steve Moore או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

On today’s episode, we are joined by Andrew Obadiaru, CISO and Head of IT for Cobalt. Andrew discusses using soft skills to build connections within an organization. Listen to the episode to hear his advice on

Two Roles in One

Andrew discusses what it’s like to oversee both security and IT. The fields overlap in many ways and differ in others. He’s not the only guest who has taken on this joint role of security and technology. Andrew explains how depending on the industry and the size of the company, having one person managing both departments can either be extremely helpful or burdensome.

For those entering that joint role with background in only one field, Andrew emphasizes getting to understand why IT or security is important and how it operates. With the help of good managers, you can overcome your lack of experience.

Challenges in Perspective

Andrew chats about the challenges in the industry, mainly how cybersecurity departments must prove their worth to their own company. Only when there’s a breach do many businesses see the importance of cybersecurity. As cybercrimes can happen due to anyone’s actions within an organization, it’s especially important to convey the purpose of the department.

Andrew believes that if you can point to related data points -- for example, how cybersecurity impacts the ROI – then you can properly convince others of its value add.

Developing Soft Skills

When selling the idea of cybersecurity to the rest of an organization, Andrew says to lean on soft skills. Learn the right balance between technical and business language to express yourself when talking to executives. Andrew encourages CISOs to focus on understanding concepts and get into the more technical details only if asked.

Budgeting Meetings

When entering budgeting meetings, your approach must be different than it is for other topics. Andrew encourages CISOs to really understand the crown jewels of the organization, as well as its risks. When you can figure out what’s valued within the company and how well – or not well – it’s protected, then you can properly convey what you need.

If you’re entering a routine optics meeting, you want to outline the current threats that the industry or competitors have seen and discuss how you plan to mitigate those.

Building Connections

Prior to entering a budgeting meeting, it’s important to have allies on your side. This doesn’t mean just someone who you ask to back you before the meeting begins. Andrew stresses that building connections and creating allies can take weeks or even months and should look like you conveying to leaders how cybersecurity will impact their departments. So when asking for a larger budget and explaining why, the other department heads will understand the relevance and are more likely to back you.

Andrew’s Background

Andrew has a background as an auditor, which he feels has benefitted him greatly. As he moved further into his career, he has found that his exposure to difficult conversations around money have helped him with his work now. He doesn’t feel intimidated, as he knows how to discuss difficult topics. Andrew believes that having a diverse background can be helpful in handling interpersonal relations or even conflict during meetings.

Maturity vs. Efficacy

Andrew differentiates a mature organization from an effective one. A mature organization may have a lot of documentation, repeatable steps and other solid processes. However, maturity within in an organization doesn’t always point to how effective they are in a crisis.

“Are We Secure?”

Oftentimes, the CEO or other execs will ask “are we secure, now?” Andrew shares his advice on how to answer without making promises you can’t guarantee. If asked this question in an interview, Andrew explains how sharing a plan of action may be the most impactful answer.

Overall, Andrew encourages CISOs to never rush to answer any question. You don’t need to prove how intelligent you are by answering quickly—instead, it’s more important to answer correctly.

Advice for the Younger Self

Andrew shares that he’d tell his younger self to be more mindful in his career. He says to be measured and clear, to examine the organization and see if he is a good fit for it.

The New CISO

Being a new CISO to Andrew is a big accomplishment and gives you a seat at the table.

Links:

Exabeam Podcasts

Cobalt.io - Andrew Obadiaru

  continue reading

110 פרקים

Artwork
iconשתפו
 
Manage episode 307459391 series 2643387
תוכן מסופק על ידי Steve Moore. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Steve Moore או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

On today’s episode, we are joined by Andrew Obadiaru, CISO and Head of IT for Cobalt. Andrew discusses using soft skills to build connections within an organization. Listen to the episode to hear his advice on

Two Roles in One

Andrew discusses what it’s like to oversee both security and IT. The fields overlap in many ways and differ in others. He’s not the only guest who has taken on this joint role of security and technology. Andrew explains how depending on the industry and the size of the company, having one person managing both departments can either be extremely helpful or burdensome.

For those entering that joint role with background in only one field, Andrew emphasizes getting to understand why IT or security is important and how it operates. With the help of good managers, you can overcome your lack of experience.

Challenges in Perspective

Andrew chats about the challenges in the industry, mainly how cybersecurity departments must prove their worth to their own company. Only when there’s a breach do many businesses see the importance of cybersecurity. As cybercrimes can happen due to anyone’s actions within an organization, it’s especially important to convey the purpose of the department.

Andrew believes that if you can point to related data points -- for example, how cybersecurity impacts the ROI – then you can properly convince others of its value add.

Developing Soft Skills

When selling the idea of cybersecurity to the rest of an organization, Andrew says to lean on soft skills. Learn the right balance between technical and business language to express yourself when talking to executives. Andrew encourages CISOs to focus on understanding concepts and get into the more technical details only if asked.

Budgeting Meetings

When entering budgeting meetings, your approach must be different than it is for other topics. Andrew encourages CISOs to really understand the crown jewels of the organization, as well as its risks. When you can figure out what’s valued within the company and how well – or not well – it’s protected, then you can properly convey what you need.

If you’re entering a routine optics meeting, you want to outline the current threats that the industry or competitors have seen and discuss how you plan to mitigate those.

Building Connections

Prior to entering a budgeting meeting, it’s important to have allies on your side. This doesn’t mean just someone who you ask to back you before the meeting begins. Andrew stresses that building connections and creating allies can take weeks or even months and should look like you conveying to leaders how cybersecurity will impact their departments. So when asking for a larger budget and explaining why, the other department heads will understand the relevance and are more likely to back you.

Andrew’s Background

Andrew has a background as an auditor, which he feels has benefitted him greatly. As he moved further into his career, he has found that his exposure to difficult conversations around money have helped him with his work now. He doesn’t feel intimidated, as he knows how to discuss difficult topics. Andrew believes that having a diverse background can be helpful in handling interpersonal relations or even conflict during meetings.

Maturity vs. Efficacy

Andrew differentiates a mature organization from an effective one. A mature organization may have a lot of documentation, repeatable steps and other solid processes. However, maturity within in an organization doesn’t always point to how effective they are in a crisis.

“Are We Secure?”

Oftentimes, the CEO or other execs will ask “are we secure, now?” Andrew shares his advice on how to answer without making promises you can’t guarantee. If asked this question in an interview, Andrew explains how sharing a plan of action may be the most impactful answer.

Overall, Andrew encourages CISOs to never rush to answer any question. You don’t need to prove how intelligent you are by answering quickly—instead, it’s more important to answer correctly.

Advice for the Younger Self

Andrew shares that he’d tell his younger self to be more mindful in his career. He says to be measured and clear, to examine the organization and see if he is a good fit for it.

The New CISO

Being a new CISO to Andrew is a big accomplishment and gives you a seat at the table.

Links:

Exabeam Podcasts

Cobalt.io - Andrew Obadiaru

  continue reading

110 פרקים

כל הפרקים

×
 
Loading …

ברוכים הבאים אל Player FM!

Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.

 

מדריך עזר מהיר