Being An Effective Chief Information Security Officer (CISO)

Richard Biever, Chief Information Security Officer, Duke University, shares valuable insights on how to create an effective CISO function. In a wide-ranging and substantive discussion that touched upon key aspects of cybersecurity governance, Richard shared his philosophy and approach to a) building strong relationships, b) creating a strong sense of agency and ownership, c) communicating effectively, d) protecting against ransomware attacks, e) creating and sustaining a high-performance information security culture, and more.

Memorable Richard Biever Quotes/Statements

“Security is everybody’s responsibility and that is a culture that is really important to bring into an organization.”

“Finding that balance of how the security function can be an enabler and a good partner within the organization.”

“A lot of it is about telling a story, and I think cybersecurity has come a long way in that regard.”

Timestamps

2:55 – What does it take to be an effective CISO?

5:33 – What mechanisms do you have in place to be an effective listener?

7:58 – How do you effectively communicate the dos and don’ts? How do you approach cybersecurity communication at your institution?

11:57 – How do you customize communication? What mechanisms are in place to do that?

15:08 – What are some steps and measures to protect against ransomware attacks?

21:00 – How can CISO’s help create and sustain a high-performance information security culture?

27:22 – When it comes to students, how are you able to build that kind of relationship where students have a sense of ownership?

31:17 – How do you ensure that academic departments and initiatives are taking the appropriate steps to minimize security risk exposure?

35:18 — What is the single biggest hurdle that you face on a day-to-day basis? How do you cope with it?

39:40 – What performance measures do you track?

43:55 – Any final words of wisdom?

Please subscribe to the podcast so you don’t miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/