Securing the Sprint to Digital Business


Virtual Town Hall Insights
Dallas CISO Community

Gary Todd

Associate Director, Cyber Security

PNM Resources

MODERATOR

Michael Anderson

Chief Information Security Officer

Dallas County

PANELIST

Mustapha Kebbeh

Global CISO

Brinks

PANELIST

Jeffery Schilling

Global CISO

Teleperformance

PANELIST

May 2020

Five weeks after the stay-at-home order was mandated by the governor, Dallas CISOs are just starting to realize the importance digital transformation has had on their business continuity efforts. The need to quickly adjust to remote workforces and digital business models has dramatically, and possibly permanently, altered operations. 

In this community town hall, participants explored how COVID-19 has impacted digital transformation in their organization and how they are ensuring security. To set the stage, Dallas CISOs responded to a survey prior to the town hall indicating the following:

38% are continuing standard business operations at a reduced level

33% expect to return to standard business operations in the next 6-12 months

50% expect to start embracing new delivery models in the next two weeks

59% predict a moderate or significant impact on their organization’s budget

This virtual town hall was moderated by Gary Todd, associate director, cyber security, PNM Resources. Todd was joined by Michael Anderson, chief information security officer of Dallas County, Mustapha Kebbeh, global CISO of Brinks, and Jeffery Schilling, global CISO of Teleperformance. During the conversation, they shared how their organizations have been adapting to the COVID-19 crisis. 

Enabling Rapid Digital Acceleration

As the COVID-19 crisis started to impact the Dallas community, CISOs were forced to react quickly and pivot. Some accelerated their move to the cloud, others took a manual approach and reviewed their tech stack to ensure preparedness, and some ran risk assessments to ensure they were not taking on additional risk by moving to a work-from-home environment. Regardless of the action taken to enable digital transformation during the pandemic, there was a common thread for all — to ensure success, CISOs must be at the table and allowed to make decisions.

To gain a seat at the table, CISOs need to make sure they are adding value to the leadership team, finding creative ways to say yes, rather than no, and positioning themselves as a trusted adviser who is able to move quickly. Having strong ties within your organization allows CISOs to lean in early and avoid the Band-Aid approach.

There’s nothing like a crisis to bring a team together.

 

 Remote Work and the Future of Cybersecurity Talent

The security job market in the greater Dallas area is 0%, which brings profound challenges and is causing security leaders to think outside the box when it comes to talent. Some CISOs are looking globally to secure up-and-coming talent. They are finding success in markets like Israel, Mexico, and Singapore. Working with talent outside the Dallas region allows for a diversity in perspective and problem solving, which can help teams to find solutions that otherwise would not have been possible. 

However, CISOs should not expect security team members from around the world to shift their hours to match the hours within your organization. These people have job opportunities all over the world, so they need to be incentivized to join your team. Some organizations use a follow-the-sun model, where team members are working their preferred hours in their geography. In order to be geographically agnostic, security leaders must make sure that they have the security architecture to support a global team. 

Addressing the Threat Landscape

As the majority of the workforce shifted to a work-from-home model, security leaders were faced with the question of how to address the evolving threat landscape. In order to protect their users and organization, CISOs need to understand how users are using their resources at home. Security leaders have found that the threat landscape hasn’t radically changed, but their security risk has increased due to users having more access than ever. 

One thing security leaders were surprised by was the increased anxiety their employees are feeling about cybersecurity. To help mitigate the increased risk and anxiety, CISOs increased their security awareness efforts and doubled down on communication about risk and security. One positive result from COVID-19 is that people are willing to listen to security more than ever before.

 


by CISOs, for CISOs


Join the conversation with peers in your local CISO community.

LEARN MORE