The SEC & the CISO: It’s A New World Out There

Welcome to Episode 6 of the Professional CISO Podcast, Hosted by David Malicoat

Today’s lesson in becoming a professional CISO goes back to where a lot of our journey began; the SEC complaint against Solarwinds and its CISO, Tim Brown. David points out the good, the bad, and the key takeaways from the complaint that you can take to work with you today. 

Don’t forget to subscribe to the podcast and join us on LinkedIn so we can keep the conversation moving forward.

Sponsors: 

This episode is brought to you by ContraForce. When you need to to get maximum productivity from your existing Microsoft Security stack and other leading tools, you should be working with ContraForce. https://www.contraforce.com/

Impactful Moments:

00:00 - Welcome

02:14 - Disclaimers

02:59 - Background

04:17 - What the SEC Got Right

05:43 - Where the SEC Fumbled

08:16 - Conflating the Publications

10:46 - Who Can Publish Public Statements?

12:10 - Takeaways

15:52 - From our Sponsor, Contraforce

16:52 - Buried Four Levels Deep in the Org

22:40 - Closure

 

Links:

Join the Conversation: www.theprofessionalciso.com

SEC Complaint: https://www.sec.gov/news/press-release/2023-227

NIST CSF: https://www.nist.gov/cyberframework

NIST 800-53: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf