HINT: You're probably NOT the fairest of them all (and neither am I).
The dreaded (by some) topic of information security roles and responsibilities.
When people don't know their role, or they’re not held accountable for it, what happens? Too often, nothing happens. Information security falters, breaches happen, people suffer, and everybody is left pointing fingers at everybody else.
- NOBODY is more responsible for your information security than you are.
- NOBODY should give a shit about your excuses.
- SOMEBODY suffers when you don't understand (or define) your role and play it as well as you can.
- A CISO can only do what he/she is EMPOWERED to do. Does burying them within IT, empower them?
So much shit to talk about in this episode, and there's sure to be some sparks flying (and maybe a disagreement or two).
Questions we'll cover (and more):
- Who the hell is responsible? You? Me? Them?
- At your organization, who's ultimately responsible for information security?
- At home, who's ultimately responsible for information security?
- Who's to blame when shit goes wrong?
- Where's accountability in all this?
- Worried about the Russians, the Iranians, the hackers taking all your shit? Whose problem is that and what are you going to do?
- You've got the CISO job! Yay! Are you empowered to do your shit? Why/why not?
So many angles to take on this and lots to discuss! Join us tonight (7/2) @ 10PM CDT to get the Shit Show Crew's take!