CISO Edge, The Gartner Cybersecurity Podcast

Join Gartner experts Chris Mixter and Richard Addiscott in this episode of CISO Edge to debunk the myths around why employees behave nonsecurely, why most tactics and executive communications around employee behavior don’t work, and to explore ways to rapidly increase the value delivered by your secure behavior and culture program (SBCP).

• What if I told you that “lack of cyberawareness” isn’t the reason people behave nonsecurely? (03:50)
• Where do your employee-related security incidents come from? (09:56)
• How can we move from compliance-centric to behavior-centric cybersecurity? (13:48)
• Help executives understand what is a defensible level of performance around human risk exposure. (26:15)

Richard Addiscott is a Vice President Analyst in Gartner's global security and risk management practice, helping CISOs and senior cybersecurity executives deliver highly effective information security programs and build high performing cybersecurity teams. With more than 20 years of experience in industry, Richard has held enterprise information security and IT leadership, information security consulting and advisory, IT governance, and business development roles across the public, private, and not-for-profit sectors.

Join Gartner experts Chris Mixter and Jeremy D’Hoinne on this episode of the CISO Edge Podcast for a conversation on the steps that CISOs must take to fulfill their multiprongmandate: defending the enterprise from AI-fueled attacks, and enabling business and cybersecurity functional use of generative AI (GenAI) — all without losing focus on their other mission-critical priorities.

This episode explores:

• Is generative AI simply a version of a movie CISOs have seen before? (02:32)
• What are the most promising use cases for generative AI within cybersecurity? (6:48)
• How do we avoid inflated expectations around secure development in the GenAI era? (12:29)
• What are the key skills and cybersecurity culture we need to make the most of GenAI? (17:25)

As a Gartner research VP for security operations and infrastructure protection, Jeremy D'Hoinne assists chief information security officers and their teams to develop strategies to protect against advanced threats. Jeremy’s research includes exposure management and how to run a continuous threat exposure management (CTEM) program; it also covers related technologies, such as cybersecurity validation technologies,including breach and attack simulation (BAS). He also studies the intersection of artificial intelligence and cybersecurity with a focus on the disruptions caused by large language models and generative AI.

This episode explores:

• How, despite geopolitical instability, CSCOs can meet growing performance expectations by increasing their supply chain’s flexibility in key areas. (1:20)
• Definitions and applications of terminology associated with this process, such as “trust boundaries” and “supply chain elasticity.” (5:10)
• Concerns of increased complexity associated with supply chain elasticity. (8:30)
• Methods to assess geopolitical risks’ potential impacts on a supply chain. (13:18)
• Recommendations for CSCOs seeking to increase their supply chain’s elasticity. (16:35)

In this episode of the Supply Chain Podcast, host Lindsay Azim and guest Pierfrancesco (Pier) Manenti, research vice president for the Gartner supply chain strategy team, discuss findings from Supply Chain Executive Report: Empowering Growth Through Geopolitically Elastic Supply Chains.

As countries cloister their markets in response to various geopolitical tensions, accessing a global marketplace is becoming harder for CSCOs. Lindsay and Pier explore how “supply chain elasticity,” a concept explored in the Executive Report, can help CSCOs alleviate these market access issues while driving growth. The discussion includes key definitions and actions, success stories from organizations already applying these principles and recommendations for CSCOs to improve elasticity within their own supply chains.

Pierfrancesco (Pier) Manenti is research vice president for the Gartner supply chain strategy team. Pier provides insights and advisory support to chief supply chain officers (CSCOs) and heads of strategy of global manufacturing and retail corporations, especially with regards to future trends and key challenges affecting end-to-end supply chain strategy. He focuses on strategic transformation, digitalization, agility and design for profitability.

See this episode’s highlights:

• How building an intentional brand connects you to the C-suite. (01:00)
• To build an intentional brand, create three lists. (09:45)
• Shout-out to Houston’s late, great Atchafalaya River Cafe. (20:56)
• Use the tactics of framing and priming to reinforce your brand. (23:13)

CISOs tend to see their budget as the key thing capping the cybersecurity function’s potential enterprise impact, when in fact the function’s (and the CISO’s) reputation has just as much to do with the role cybersecurity can play. And, unlike the budget, which has many drivers beyond our control, CISOs can exert almost complete control over their brand! In this episode of CISO Edge podcast, Gartner experts Leigh McMullen and Chris Mixter share the steps needed to create an intentional — and impact-amplifying — CISO (and cybersecurity function) brand.

Leigh C. McMullen is a Distinguished Vice President, Analyst in Gartner's CISO, Security and Risk Management team. Leigh leverages his experience as both a line-of-business manager and IT leader to provide CISOs with insight on navigating and making a difference within the C-suite. Additionally, he provides clients with a holistic view of cybersecurity leadership research, specializing on the topics of future operating models, vision and strategy, politics, influence, business engagement, internal marketing and communications.

The U.S. Securities and Exchange Commission’s (SEC’s) new cybersecurity disclosure rules standardized the timing and location of reporting material cybersecurity incidents, and disclosing risk, governance and strategy processes. In this episode of the CISO Edge Podcast, Gartner experts Chris Mixter, Alissa Lugo and Lisa Neubauer have an in-depth discussion on how general counsel and chief information security officers can team up to accelerate compliance with these high profile new expectations.

Guest Speaker: Lisa Neubauer

Lisa Neubauer is a Senior Director Analyst with Gartner, advising chief information security officers, chief information officers, security leaders and non-IT executives on maturing their security and risk management programs and practices. In particular, Lisa focuses on executive/board reporting, strategy, metrics, governance, policy and security organizational structure.

Guest Speaker: Alissa Lugo

Alissa Lugo is a Senior Director Analyst with Gartner, providing C-suite, boards, and general counsel advice relating to corporate governance challenges facing their companies. Alissa assists clients on a wide range of corporate governance issues, including emerging corporate governance trends, board and management matters, director lifecycle events, corporate secretarial duties, developing and improving ESG programs, and assessing and improving corporate governance practices and board processes.