An Image May Be Worth A Thousand Words, But In Infosec You Better Have A Good Story To Go With It
EPISODE SUMMARY London, New York, Singapore, Rome, Sydney, San Paolo — Brazil, here we go. All over the World, cybersecurity principles are the same, but the way they apply to businesses is a different story. This story, actually.
London, New York, Singapore, Rome, Sydney, San Paolo — Brazil, here we go. All over the World, cybersecurity principles are the same, but the way they apply to businesses is a different story. This story, actually.
As security leaders, we must always remember to do the basics; to take care of the core cyber hygiene that will protect the businesses. However, for a CISO, that is not enough and just following the book is not a good idea to start with.
The mindset to use a standard set of rules and tools is simply not going to work. Every country, every industry, every business represents a unique situation — the piece of the puzzle will align differently because the jigsaw puzzle you are resolving is not the same. You must look at the organization as its own peculiar environment and figure out where to start, where to go, and how to get there — then, piece by piece, you build something that brings value to the company.
Once you set your own rules, you can place yourself in that particular place that will allow you to look at everything from different points of view and coordinate teams to work on a specific area while not losing sight of the big picture.
Our guest today has had experience in many different industries and worked with international companies. He has learned that it is necessary to be able to change that point of view to make a story work for his audience and to tell a story that goes with that picture that you see — that puzzle that you have to resolve.
Marco Tullio Moraes tells us about his way of translating what he sees in the cyber risk picture he is looking at and how to project his vision to others that can share it from their own perspective. In other words, a CISO must be able to have a plan, communicate it to those that need to understand it and act on it as part of a large team that is working on the same jigsaw. From the board to the security team, the objective is one, and each person and each group has a role in it. In the end, there one goal and many working in synergy to achieve it.
"At the end of the day, you should be very clear about your goals and how these goals are connected to the business; you need to think about how to make the business the business prosper."—Marco Túlio Moraes
Guest(s) Marco Túlio Moraes, Director of Information Security and Privacy, CISO, Red Ventures, Brazil
This Episode’s Sponsors: RSA Security: https://itspm.ag/itsprsaweb
To see and hear more The Business of Security content on ITSPmagazine, visit: https://www.itspmagazine.com/the-business-of-security Are you interested in sponsoring an ITSPmagazine Channel? https://www.itspmagazine.com/podcast-series-sponsorships