The Business of Security
This podcast focuses on many non-technical aspects of cyber risk, cyber security and information security at the intersection of technology and managing to business expectations. Guests include CIOs, CEOs, and CISOs discussing the many facets of the information security industry, what matters, what needs to change and how to deal with modern-day challenges in this dynamic industry.
The Business of Security
#32 – Do SMBs Need a CISO? – John Prokap, CISO
In this episode, guest John Prokap discusses the cyber security needs of small and mid-sized businesses, and if and when they need to hire a CISO. His discussion with hosts Malcolm and Chad covers:
- Why SMBs absolutely need a security program
- How and when to hire a vCISO, and when it's time to hire a full-time CISO
- How industry associations can help their SMB members
- The headwinds of change that a CISO will encounter, including "Technical Ego"
- Why SMBs need to think about "Extinction Events" in their security planning
Recoil in horror as John, Malcolm, and Chad share stories from their pasts, including: users with one-character passwords, RSA auth tokens zip-tied to forklifts, and how one company had more domain admins that IT staff.
Guest:
John Prokap, former CISO at HarperCollins
Hosts:
Malcolm Harkins, Chief Security and Trust Officer, Cymatic
Chad Boeckmann, Founder/CEO, TrustMAPP
Sponsor:
TrustMAPP (https://trustmapp.com)