In this episode of The New CISO, Steve is joined by guest Ash Hunt, Global CISO at Apex Group Ltd.

Today, Steve and Ash dive into the action of M&A (mergers and acquisitions) and how to conduct it well. As a CISO at one of the world’s largest administrators, Ash shares his valuable insight on loss, risk, and revenue generation in a constantly changing IT environment. Tune in to learn more about what causes loss during a merger, why decision management and risk management are one and the same, and the cultural changes in the security industry.

Listen to Steve and Ash discuss how to quantify loss and what jaywalking and cyber security have in common.

Meet Ash (1:34)

Ash shares that he is proud to work for a fast-moving organization that has expanded worldwide. This growth has led to an exciting time from a technology and cybersecurity perspective.

Successful M&A (5:16)

Steve presses Ash on how to conduct M&A successfully. What hurts a business during an acquisition is when there are breaks in infrastructure that get overlooked.

Luckily for Ash, he has a strong team that prioritizes infrastructure integration to avoid loss and increase revenue.

Things in Common (12:25)

Ash reveals what jaywalking and risk have in common. For example, everyone in London jaywalks, but like in cyber security, there is a degree of risk.

Risk Management (15:10)

According to Ash, risk management is decision management. Decision science is a critical part of Ash’s approach to security.

Psychological barriers in the workplace halt optimal investment decisions that can generate revenue.

Adding Value (25:36)

Ash acknowledges that his most significant contribution toward his company is successfully integrating their infrastructure into one operating platform. He knows it will rationalize his tool stacks and clean up his budget, amongst other benefits.

He has seen other companies experience operation inefficiency, access control failure, and inadvertent data disclosure, which he actively prevents.

Changing the Operation Process (30:48)

Steve and Ash marvel at the operational changes that need to be done in security. For example, many people still default to email versus a more secure portal for data exchange.

In order to mitigate risk, cultural changes need to be made to operational processes.

Links:

LinkedIn

In this episode of The New CISO, host Steve is joined again by guest Ron Banks, CISO at Toyota Financial Services.

In part two of his interview series, Ron shares his career advice for new cyber leaders. Listen to the episode to learn more about Ron’s take on China’s strategies, the importance of being inquisitive, and why we must be calm under chaos.

Listen to Steve and Ron discuss key attributes CISOs look for in a young manager and the importance of communication and leadership:

Where We Left Off (1:43)

Piggy-backing from the last episode’s conversation, Ron explains the current state of our security concerning China and how they’ve recently gone dark. According to Ron, China has been playing 3D chess for a while and has found tangible ways to disrupt American life.

A Shoutout To Ron (10:19)

Steve gives a shoutout to Ron’s book, highlighting the state of American security and its relationship with China. Academic with numerous footnotes, Ron’s work provides readers with meaningful context related to cyber security.

Valuable Advice (12:20)

Ron reflects on the advice he wishes he could have given his younger self. He asserts that there is a path to cyber if you gain a technical foundation. He also shares how you need to be creative and curious to thrive in this industry.

Evaluating Young Leaders (15:16)

Steve presses Ron on how he evaluates young leaders in the security field. For the young manager, you must have the technical chops in addition to the personality.

Managers need leadership and communication skills to inspire their teams. And, of course, practice makes perfect.

Calm Communication (21:50)

Ron and Steve discuss why leaders should practice calm communication. Leaders must put their teams at ease when there is chaos.

New CISO (28:00)

To Ron, being a new CISO means also being a business leader. Bridging the gap between the worlds is becoming more and more necessary as the world progresses.

Links:

Linkedin

In this episode of The New CISO, host Steve is joined by guest Ron Banks, CISO at Toyota Financial Services.

In part one of his two-part interview, Ron shares how he transitioned from a fighter pilot to a cybersecurity leader. He also digs into what is required for a joint government, private industry, cyber offensive response. Listen to the episode to learn more about Ron’s years as a combat veteran, how the government can improve security strategies, and the necessity of political will.

Listen to Steve and Ron discuss the importance of public-private partnerships and the challenges of posing consequences on adversaries:

Meet Ron (1:35)

Steve introduces guest Ron Banks, a CISO, author, veteran, and academic. Ron details his duties as a fighter pilot and how he transitioned to education and then cyber security.

What He Misses Most (5:17)

Ron shares that what he misses most about his fighter pilot days is the rush from flying. However, he found the transition into cyber security simple because he gets to evaluate offensive and defensive security strategies reminiscent of his time serving.

Possible Friction (8:10)

Steve presses Ron on whether there is friction between cyber teams, their capabilities, and the grounds they are trying to defend on the private side.

Ron explains that the virtual defense of the United States contains over 200 government organizations, each controlling a different lane. The cyber camp mainly covers the DOD, which comes with problems.

On the Private Side (12:07)

When discussing the lack of consequences for bad actors, Ron shares the great strides the FBI has made to improve their relationships with law enforcement in other countries. Despite these efforts, the behavior of cyber criminals has not changed enough, demonstrating that there is more our government can do.

Things to Work On (17:54)

Ron shares some advice for new security leaders working within the government. He suggests focusing on public/private partnerships because sharing information is critical.

How Breach’s Occur (21:54)

Ron discusses his tips for dealing with a breach and why they occur. There is a strategy where they can impose consequences on cyber criminals, which his team has accomplished by focusing on counter-terrorism.

Ultimately, no more money needs to be invested, the relationships are built, and the technology is there, but there has to be the political will to defeat threat actors effectively.

Advice to Lobby (29:01)

Steve presses Ron on what it would take to lobby the government and get the necessary resources. Since the capability is there, Ron reaffirms that change is in the president’s control.

Links:

Linkedin