Building CISO Relevance: Written For BitSight

BitSight is a very interesting security startup that is trying to do something we all have wanted for a long time. Their goal is to find ways to actually quantify risk in a measurable, objective way. If they achieve anything close to that goal, it’s a big deal. I went to work for CORE Security because they are in that same space: using data to provide objective insight into the risk an organization faces.

I was happy to post as a guest on BitSight’s blog because of that. I chose to hit on my favorite topic, being relevant to your business. I think it’s a pretty good read and you should check it out.

I’ve got no interest in BitSight other than wanting to see a good security idea succeed.

Here’s what I think is the key bit of the whole thing.

… security leaders are not outsiders. You don’t need to gain a seat at the table or learn the business or align with the business. You’re already a part of the business—that’s why they hired you. You just need to be relevant to your business.

Go read the whole thing.

This entry was posted in Big Data, General, InfoSec, Risk Management and tagged , , , . Bookmark the permalink.