The Cyber Security Transformation Podcast

In this episode, JC Gaillard and Richard Preece continue their exchanges initiated in Episode 6 of this series around supply chain risk and comment on the outcome of the Security Transformation Research Foundation meeting in late June

In this episode, JC Gaillard looks at the challenges involved with cybersecurity benchmarking, and why the CISOs need to be careful when answering what could be a politically loaded question

In this episode, JC Gaillard explores the momentum behind the role of the Chief Security Officer and why it starts to make sense in many firms to evolve the role of the CISO and return it to its native technical content

In this episode, JC Gaillard and guest Richard Preece start exploring the various dimensions involved in managing supply chain risk, what it means for businesses, and how it differs from traditional vendor risk.

JC Gaillard reaches the final episode in this third series of the Corix Partners Cyber Security Transformation Podcast, and revisits a few key aspects highlighted throughout the series, in particular the importance of the "Process and People first, then Technology" principle

JC Gaillard continues to analyze the way the various aspects highlighted in earlier episodes of the Series are interlinked; in this episode, he goes back to the "when-not-if" paradigm around cyber attacks and why tactical and strategic execution is paramount for the new CISO

JC Gaillard reaches the final episodes in this Series and starts to look at how the various aspects highlighted in earlier episodes are interlinked; in this episode, the key traits senior execs and Board members need to focus on when hiring a new CISO

JC Gaillard looks at the way the cyber security agenda needs to be framed at Board level, to enable the best positioning of the role and profile of the new CISO ahead of the "First 100 Days"

JC Gaillard digs into the concept and definition of a Security Operating Model, why it needs to underpin the "First 100 Days of the New CISO", and why "Process and People first, then Technology" has to be the main guiding principle here

JC Gaillard continues exploring a few specific topics surrounding the "First 100 Days of the New CISO"; in this episode, the reporting line of the CISO, why it matters and how to determine which would work best

As part of his continuing exploration of the "First 100 Days of the New CISO", JC Gaillard looks into the profile of the CISO and why management experience is of paramount importance, over and above technical knowledge.

JC Gaillard continues exploring the topics surrounding the "First 100 Days of the New CISO"; in this episode, he dives into the aspects surrounding the tenure of the CISO and why it is key to driving security transformation

JC Gaillard is joined by Head of Cyber and Information Security at Swansea University Neil Cordell, to discuss his real-life experience of taking up a new CISO position in the midst of the Covid pandemic, and the lessons that can be learnt about bringing all stakeholders on board the cyber security transformation journey

Neil's details can be found here on Linkedin >> https://www.linkedin.com/in/neilcordell/

JC Gaillard reaches the end of his exploration of the "First 100 Days of the New CISO" and before moving on to a number of episodes with guests on the theme, he digs into "expectations vs. reality" and explores the root causes of the disconnect which may exist between what the CISO finds on arrival and what they were sold at interview time

JC Gaillard continues its exploration of the "First 100 Days of the New CISO" with an analysis on how tactical firefighting and the unavoidable handling of cybersecurity incidents must not be seen just as a "curse" throughout the first 100 days, but can be used to build up trust with stakeholders

JC Gaillard reaches the end of the "6 days-6 weeks-6 months" cycle he explored around "The First 100 Days of the New CISO", and looks at what happens next, and how CISOs can continue to drive change

JC Gaillard reaches the "6 months" part of his journey throughout the "First 100 Days of the New CISO"; in this episode, how to build an execution framework to support the strategic vision defined earlier, and why governance is key at this stage to support lasting change

JC Gaillard continues developing his "6 days - 6 weeks - 6 months" model, framing the first 100 days of the new CISO; in this episode, the six weeks horizon, and how to continue building a strategic framework addressing the key challenges of the new CISO role

JC Gaillard continues to look back at his 2017-2018 series of articles about "The First 100 Days of the New CISO"; in this episode, he looks into the challenges of the first week, and why it is key to understand the firm, its people and its culture from the start

We enter the second part of our third series and JC Gaillard starts exploring and revisiting his 2017-2018 series of articles entitled "The First 100 Days of the New CISO"; in this episode, why context is key and how to assess it, looking in turn at the profile of the person, the nature of the role and the maturity of the firm

JC Gaillard reaches the final part in the re-examination of his 2015 series titled "The CIO Guide to a Successful Cyber Security Practice"; in this episode, why it is key to think in terms of process first when architecting a cyber security practice, and not in terms of technical tools

JC Gaillard reaches the 7th key management pitfall to avoid in his re-assessment of his 2015 series of articles entitled "The CIO Guide to a Successful Cyber Security Practice"; in this episode, why it is key to look at cyber security as a structured practice, and not just a collection of tactical activities and technical projects

JC Gaillard reaches a key point in his journey through the 8 key management pitfalls for CIOs and CTOs to avoid when building or rebuilding cyber security practices; in this episode, why it is key to see cyber security not just as a technology discipline, and to build it as a cross-silo practice from the start

JC Gaillard moves onto his 5th key management pitfall to avoid when building or rebuilding effective and efficient cyber security practices; in this episode, why it is key to think in terms of operating model and work with all stakeholders including HR, in the definition and distribution of cyber security accountabilities and responsibilities

JC Gaillard continues his re-examination of his 2015 series of articles titled "The CIO Guide to a Successful Cyber Security Practice"; in this episode, why it is key to look beyond the short term and think in terms of process to drive effective and lasting change

JC Gaillard continues exploring and updating his 2015 series on the "CIO Guide to a Successful Cyber Security Practice"; in this episode, why throwing money at the problem is rarely the solution to maturity development around cyber security and why trust is paramount in the relation between the CISO and senior execs

JC Gaillard continues to look back at his 2015 articles series "The CIO Giude to a Successful Cyber Security Practice" and highlights why risk management alone can no longer be the beating heart of cyber security practices

JC Gaillard looks back at his 2015 series of articles published on the Corix Partners blog under the title of "The CIO Guide to a Successful Cyber Security Practice"; in this episode, he re-examines the first pitfall to avoid for CIOs and why cyber security cannot just be seen as an "enabler"