#26 – Information Security Leadership with David Cass
In Algo Podcast Episode 26, David Cass and Amjad Hussain discuss Information Security Leadership.
Skip, recap, or review with timestamps:
0:00 Episode Preview
3:07 How businesses should think about Cybersecurity
5:29 Where organizations should start on the cloud
9:09 How to organize an Information Security function
11:50 CISO Leadership
15:00 What should CEOs do to assess information security?
17:09 Outside InfoSec assessments & danger of complacency
17:55 CISO internal partnerships & training team
20:00 Importance of understanding the business
20:42 Protecting people while allowing them to be productive
21:16 Training IT team
22:58 What InfoSec certifications are meaningful?
25:15 Data Governance Considerations
27:37 GDPR Considerations
28:54 What should companies do when they are under cyber attack?
31:52 Cyber Insurance
32:35 When to contact law enforcement
33:25 Incident Response Plan & Paying Ransom
35:02 Role of CISO in Incident Response Plan
39:15 Protecting borders from cyber attacks
43:25 Role of the Federal Government
46:15 Industry Alliances
49:06 Responsibility of Cloud providers to provide security
51:34 Mapping out controls
52:20 Advice for organizations
54:51 Quantum computing threats
57:31 Closing Thoughts