Welcome to Compromising Positions!

The tech podcast that asks non-cybersecurity professionals what we in the industry can do to make their lives easier and help make our organisations more prepared to face ever-changing human-centric cyber threats!

For the longest time podcast host, Lianne Potter has been saying: “Cybersecurity has a PR problem!” So what better way of tackling this problem than to get on the show an actual PR and marketing expert?

This week we are joined by Sarah Evans, the head of digital PR at Energy PR. Sarah has over 12 years of experience in SEO, digital PR, digital marketing, content and social media.

In this episode ‘Can Cybersecurity Overcome its PR Problem? Building Your Brand and Social Capital’ - we’re going to learn how to target our cybersecurity message for maximum effect, how to rebuild your team's image, learn what marketing and PR really think about cybersecurity, and learn how to be prepared during a public cybersecurity incident with a 101 on crisis comms.

We will also shed off our desire to the the hero in the story and transition in a more useful role, that of cybersecurity sage as we deep dive into brand personas!

SHOW NOTES

ABOUT SARAH EVANS

Sarah Evans has over 12 years of experience in SEO, digital PR, digital marketing, content, social. Currently working as a digital PR specialist, she’s worked on audience profiling, insights, comms and campaigns for a broad mix of B2B and B2C brands including Gousto, Rowse, AXA and Goodyear. She puts her curiosity for data and creativity at the heart of her team and has spoken at events for PR Moment and Google on SEO, content and attribution. She loves data, tea and puns

LINKS FOR SARAH EVANS

Energy PR’s website

Sarah’s LinkedIn

Welcome to Compromising Positions!

The tech podcast that asks non-cybersecurity professionals what we in the industry can do to make their lives easier and help make our organisations more prepared to face ever-changing human-centric cyber threats!

This week we are joined by James Charlesworth, a seasoned Director of Engineering at Pendo with 15 years of experience in software engineering. James is also the creator of the Train to Code YouTube channel, where he shares a wealth of excellent training videos on software development.

In this episode, Say Goodbye to ‘Git Blame’: Building Collaborative and Secure Software Development Lifecycles, we dive into some great topics aimed at saying goodbye to the blame game and hello to good app and product sec!

James talks us through his process of building up cross-functional empathy between his engineering function and the security team; why the engineering team might not be the best team to speak to if you’ve got a lot of vulnerable code and a step-by-step guide on how he excels in delivering product security in his organisation.

Key Takeaways:

Empathy-Driven Collaboration: James emphasises the importance of empathy when aligning priorities across inter-departmental teams. Whether it’s engineering or cybersecurity, understanding why people request specific tasks is crucial.

Shared Ownership of the Codebase: Forget the notion of “that engineer’s code.” James advocates for a hyper-collaborative approach where everyone takes responsibility for the codebase. Avoid the blame game (say goodbye to ‘Git Blame!’) and recognise that collective ownership leads to better outcomes.

Coding Literacy for All: Should security professionals learn to code? Absolutely! While not everyone needs to be an expert, having a basic understanding of coding helps bridge communication gaps. It enables security teams to comprehend technical issues and collaborate effectively with developers.

What is Product Security?: Product security isn’t an afterthought; it’s embedded throughout the development process. Prioritising security ensures a robust and reliable end product.

Learning from Errors: James encourages learning from coding errors early in the software development lifecycle.

Cowboy Coders and Robust Processes: James shares his thoughts on “cowboy coders”—those who cut corners.

SHOW NOTES

Train to Code YouTube Channel

ABOUT JAMES CHARLESWORTH

James is a Director of Engineering at Pendo, where he also serves as the site lead for the Sheffield office. With 15 years of experience in software engineering, he is committed to Pendo's mission to elevate the world's experience with software. An author and public speaker, James is passionate about diversifying the tech industry and actively works to help individuals from various backgrounds enter the field of software engineering. In addition to his role at Pendo, he also organizes the Sheffield AI Meetup, further fostering a community around artificial intelligence. James is not just a lifelong computer nerd; he's a leader committed to making an impact in technology and community.

LINKS FOR JAMES CHARLESWORTH

James’ website

James’ LinkedIn

Welcome to Compromising Positions!

The tech podcast that asks non-cybersecurity professionals what we in the industry can do to make their lives easier and help make our organisations more prepared to face ever-changing human-centric cyber threats!

We are joined again by Dr Bettina Palazzo a business ethics expert! She works with compliance managers to create a culture of integrity that focuses on the leadership and behavioural dimensions of compliance.

In this episode, “The Dilemma Game”: Unleashing The Power of Ethics and Good Cybersecurity Through Play”, we delve into the complexities of power dynamics within organisations, exploring the efficacy of policies and the role of ethical standards in both corporate and personal settings.

We question the effectiveness of merely adding regulations in response to ethical crises and stresses the importance of cultural context in shaping responsibilities towards cybersecurity.

Then our discussion extends to the necessity of embracing local nuances while maintaining universal ethical standards, and the limits of systemic solutions in a diverse, evolving landscape.

And finally, this episode also introduces the "dilemma game," an innovative approach to enhance understanding and application of policy texts through real-world scenarios, fostering a culture of integrity and psychological safety where open communication and trust are paramount.

This thought-provoking episode is a must-listen for anyone interested in the intersection of culture, ethics, and organisational behaviour.

Show Notes

Cyber-attacks and stock market activity By Onur Kemal Tosun

‘Biggest cyber risk is complacency, not hackers’ - UK Information Commissioner issues warning as construction company fined £4.4 million. ICO

How to fuck up an airport (Podcast)

On the Importance of Trial and Error with Stefan Gaillard By Christian Hunt

About dr Bettina Palazzo

Bettina stumbled on the topic of business ethics in the early 90s and soon found out that it is such a rich and exciting topic that she never stopped doing anything else – at least professionally. She suffered through the cumbersome but rewarding effort of getting her head around the philosophical and economical foundations of business ethics, won a prize for her PhD. thesis and rode off into the sunset to join KPMG. There she helped to build their business ethics consulting services. Tough pioneer work at that time! After a short detour into strategic management consulting, she returned to her true passion and started her own business ethics advisory in 2000. Over the years Bettina has learned that you cannot press ethics into checklists and processes and that unethical companies make unhappy people. The desire to create corporate cultures that make work fun and meaningful instead of dreadful and depressing drives everything she does.

Fun facts: Bettina also has a blog about her city of the heart Rome and dances salsa. She met her husband, Guido Palazzo, on a business ethics conference and they have two almost grown sons.

LINKS FOR DR Bettina Palazzo

Dr Palazzo’s website

Dr Palazzo’s LinkedIn