May 12, 2021

Becoming a CISO w/ Accidental CISO

by Cyber Ranch

Listen Now

test
Becoming a CISO w/ Accidental CISO

May 12, 2021 Cyber Ranch

00:00:00

Show Notes

With us today, is a very special guest, Accidental CISO, of Twitter fame. His anonymity on Twitter, allows him to be a little more “truthy” about the CISO game than a lot of us can afford to be on social media. We have distorted his voice a bit to protect that anonymity. “Accidental” shares how he got into cyber, and that is a culmination of being in a career where he had to fill “all” the hats. He stepped away from his CISO role a few years ago and is now in consulting where he has the opportunity to help other people realize they need to build security programs when they have never done it or know how. How did he become the “Accidental CISO”? Simply by trying to help during the course of going through an audit. They had to identify who was the CISO, and he made the mistake of asking who the security officer was for the company. The answer was, “That’s you.” Accidental CISO doesn’t think becoming a CISO accidentally is all that uncommon. When going through audits, etc., someone has to be named, someone ends up drawing the short straw. The role is different than what people think. You can draw on your technical background, but you have to be able to focus on the “why” for the business and all the nuts and bolts that come with it. One must understand this is not a technical role. Allan shares his pivotal moment in becoming a CISO and realized all he had to do was recognize the business as the system he was hacking. When Allan asked Accidental CISO about guidance for building a team and getting started, Accidental had one word, “Pray.” In reality, you need to know the skills you need. Allan and Accidental CISO discuss “selling the functions”. It is tied to the business objectives in so many ways, and companies need a human to seal the endpoints. As they close this discussion loop, Accidental shares how to get the practice off the ground and the importance of relationships. Sometimes, believe it or not, not having all the knowledge and knowing all the details is a benefit. In addition, being the first CISO for a company is all about educating, communicating and painting a picture. And of course, Accidental CISO answers Allan’s final question, “Why are you motivated to get out of bed and do more of it?” Key Takeaways 0:30 Introduction of Accidental CISO of Twitter fame 1:37 How Accidental CISO got into cyber 2:14 Accidental CISO talks about his day job 3:33 The background of Accidental CISO 4:49 The security tool Accidental CISO embraces 5:20 Accidental CISO is not an uncommon “thing” 6:37 Advice to becoming a CISO 9:28 Allan shares a pivotal moment 10:15 Guidance on building and getting a team started 13:58 Selling the functions 16:55 Getting the practice off the ground 20:13 Importance of relationships and letting go 22:24 Being “their” first CISO 26:47 Building a security council 27:49 Why Accidental CISO is motivated to get out of bed each day and do more of it Links: Learn more about Accidental CISO on Twitter Follow Allan Alford on LinkedIn and Twitter Learn more about Hacker Valley Studio and The Cyber Ranch Podcast Sponsored by our good friends at Axonius
Read more

Recent Episodes

February 1, 2023
by Cyber Ranch

Joining Allan today are two folks who are passionate about leadership – not just practicing good leadership, but instilling good leadership in future generations.  Joey Rachid is CISO in the ecommerce and financial services industry, is on advisory b...

January 25, 2023
by Cyber Ranch

This week Allan is joined by Nipun Gupta, and industry veteran who has been a consultant, practitioner, vendor, advisor and investor. The topic is "What are we really protecting in cyber?" and the nuances of that question are explored in depth - as w...

January 18, 2023
by Cyber Ranch

This week, Allan is joined by Peter Schawacker, CEO @ Nearshore Cyber, former CISO, advisor to MSPs, etc.  Another one of Allan's illustrious guests with 25 years in cyber.  (https://www.linkedin.com/in/schawacker/).  The topic started as all that th...

January 11, 2023
by Cyber Ranch

This episode is jam-packed with wisdom that is delivered at a rapid pace.  Some folks will find themselves rewinding and taking notes.  Luis Valenzuela, Director of Data Loss Prevention and Data Governance at InComm Payments, joins Allan Alford to ta...

January 4, 2023
by Cyber Ranch

To celebrate the 100th episode, Allan decided to let the audience participate in the show.  21 people called in and answered a wide variety of questions about cybersecurity.  It is a fantastic show and it is very fun to hear all the different perspec...

December 14, 2022
by Cyber Ranch

This is another "'E' for explicit" show as this one is another LIVE! show from the CISO XC conference in Dallas-Fort Worth. Why the 'E'?  Because halfway through Allan Alford's conversation with Andy Ellis (CISO at Orca, Operating Partner at YL Ventu...

December 7, 2022
by Cyber Ranch

In this episode, Allan Alford plays Devil's advocate - challenging the practitioner community to refute the idea that we should quit trying to make the organization care and simply make suggestions and accept the organization's level of risk toleranc...

November 30, 2022
by Cyber Ranch

Scott Schindler, veteran CISO, vCISO, and adjunct professor joins Allan at the ranch to talk about how to build, strengthen, participate in, contribute to and benefit from a cybersecurity community. Allan chose Scott for this show because of his incr...

November 16, 2022
by Cyber Ranch

Dan Holden, a 20+ year industry veteran, former vendor, and current CISO at Big Commerce joins Allan Alford at the ranch to talk about the BIG picture.  Join them on this wild trail ride that goes as far back as the Monroe Doctrine of 1823, the pre-c...

November 9, 2022
by Cyber Ranch

This week Allan Alford is joined by Duane Gran, Director of Information Security at Converge Technology Solutions to discuss three different aspects of the CISO craft -- and to offer practical, concrete guidance on how to achieve the right outcomes: ...