- 02:05 — The CISO’s struggle to project positivity in a FUD environment.
- 04:38 — Make internal conversations partnership-based instead of adversarial.
- 06:24 — The successful vendor takes a customer-centric view and that means understanding who the CISO is serving.
- 09:35 — People communicate in different ways. As a CISO, it is crucial to not only listen, but speak to people in their own language.
- 11:56 — Conversations are two-sided; professionals who can’t accept practical criticism often burn out.
Helen Patton, CISO of Ohio State University, returns to the Cyber360+ podcast to talk about fear, uncertainty and doubt – FUD – in the security industry. She reminds vendors that FUD is not an effective marketing tool because it’s nothing new to CISOs. In fact, Helen points out that the most successful vendors are those with a customer-centric approach because they appear as partners to the business.
In talking about communication, Helen shares how important this is in the CISO role. She discusses the fine balancing act of talking to the business without disenfranchising the security team. She goes on to share her formula for reminding people of security implications without bursting their innovative bubbles; “The trick is,” she says, “learning how to turn your concerns into a productive conversation.”