Uber CISO Trial Learnings for CISOs: In the CISO’s Own Words – Joe Sullivan – CSP #141>
– [Energy Central] Richard Brooks
The trial of former Uber CISO Joe Sullivan, in which he was accused of covering up a hack of 57 million customer records, provided a valuable opportunity to hear a CISO reflect on their responsibilities and what they should have done better.
In his own words, Sullivan highlighted a few key points for security executives:
1) Having the right processes and systems in place are of utmost importance: Ensuring that security processes are holistic, regularly monitored, and up-to-date is critical.
This includes implementing ISO certifications when possible, particularly if working with sensitive data or interstate commerce.
2) Pay attention to details: No matter how small, missed details can come back and bite you.
Security professionals should ensure that all the details are taken care of, from basic tasks like keeping record books up to date with crucial information to making sure policies are reflected in internal documents.
3) Develop relationships with your executive team: Working with executive teams to ensure their understanding of the challenges the business is facing from a security perspective is vital.
Understanding the company’s threat landscape and creating alignment around a strategy can ensure that the same risks aren’t taken over and over again.
4) Speak up when you see something wrong: If something seems out of the ordinary, don’t assume it’s right.
Speak up, seek explanation, and report any suspicious activity or breach of policy to the right stakeholders.
Sullivan’s experience makes it clear that CISOs can no longer afford to overlook the importance of their role.
Security professionals must stay abreast of changes in their field and be able to articulate the importance of security protocols with empathy and understanding.
Without doubt, CISOs must remain vigilant in order to ensure the safety of their customers, employees, and assets.
Link: https://energycentral.com/c/pip/uber-ciso-trial-learnings-cisos-ciso%E2%80%99s-own-words-%E2%80%93-joe-sullivan-%E2%80%93-csp-141
Uber CISO Trial Learnings for CISOs: In the CISO’s Own Words – Joe Sullivan – CSP #141
Categories:
Tags: