CISO Edge, The Gartner Cybersecurity Podcast

Join Gartner experts Chris Mixter and Richard Addiscott in this episode of CISO Edge to debunk the myths around why employees behave nonsecurely, why most tactics and executive communications around employee behavior don’t work, and to explore ways to rapidly increase the value delivered by your secure behavior and culture program (SBCP).

• What if I told you that “lack of cyberawareness” isn’t the reason people behave nonsecurely? (03:50)
• Where do your employee-related security incidents come from? (09:56)
• How can we move from compliance-centric to behavior-centric cybersecurity? (13:48)
• Help executives understand what is a defensible level of performance around human risk exposure. (26:15)

Richard Addiscott is a Vice President Analyst in Gartner's global security and risk management practice, helping CISOs and senior cybersecurity executives deliver highly effective information security programs and build high performing cybersecurity teams. With more than 20 years of experience in industry, Richard has held enterprise information security and IT leadership, information security consulting and advisory, IT governance, and business development roles across the public, private, and not-for-profit sectors.

Join Gartner experts Chris Mixter and Bart Willemsen for a conversation on the steps that CISOs must take to evolve their role in privacy from merely supporting compliance to improving cyber risk management.

This episode of CISO Edge Podcast explores the role that privacy can play in accelerating cybersecurity’s priorities:

• The five questions smart CISOs ask to focus their privacy efforts. (4:30)
• How to counteract “data hoarding” with a tool already at cybersecurity’s disposal. (8:30)
• This month’s obligatory GenAI-focused conversation. (12:10)
• How CISOs can use privacy legislation to their advantage. (17:10)
• Where to use privacy-enhancing technology to enhance cybersecurity. (25:20)

Bart Willemsen is a Gartner VP Analyst with focus on privacy and related challenges in an international context, as well as on ethics, digital society, and the intersection of these disciplines with modern technology including AI. He has a broad, in-depth history of experience, and was among the earlier Fellows of Information Privacy (FIP), and has held accreditations like CIPP/E, CIPM, CISA, CISM, bringing proven and multidisciplinary best practices to our worldwide clients. Before Gartner, Bart held various roles as (chief) privacy and security officer where he implemented, audited and oversaw privacy and security and compliance program strategies for holding companies and their subsidiaries.

Attrition is a natural part of any function, yet cybersecurity organizations are often caught off-guard and see productivity and morale drop when staff depart. Having a strategy for planned and unplanned turnover is a crucial component of your cybersecurity programs’ greater success. In this episode of the CISO Edge Podcast, Gartner experts Chris Mixter and Victoria Cason discuss the three essential components of an effective talent release program: transition planning, offboarding and alumni relations.

The U.S. Securities and Exchange Commission’s (SEC’s) new cybersecurity disclosure rules standardized the timing and location of reporting material cybersecurity incidents, and disclosing risk, governance and strategy processes. In this episode of the CISO Edge Podcast, Gartner experts Chris Mixter, Alissa Lugo and Lisa Neubauer have an in-depth discussion on how general counsel and chief information security officers can team up to accelerate compliance with these high profile new expectations.

Guest Speaker: Lisa Neubauer

Lisa Neubauer is a Senior Director Analyst with Gartner, advising chief information security officers, chief information officers, security leaders and non-IT executives on maturing their security and risk management programs and practices. In particular, Lisa focuses on executive/board reporting, strategy, metrics, governance, policy and security organizational structure.

Guest Speaker: Alissa Lugo

Alissa Lugo is a Senior Director Analyst with Gartner, providing C-suite, boards, and general counsel advice relating to corporate governance challenges facing their companies. Alissa assists clients on a wide range of corporate governance issues, including emerging corporate governance trends, board and management matters, director lifecycle events, corporate secretarial duties, developing and improving ESG programs, and assessing and improving corporate governance practices and board processes.

CISOs today are taking on more responsibilities and doing so faster. However, this rapid expansion comes at the cost of stability and amorphous priorities. CISO Edge podcast host Chris Mixter talks to Gartner VP analyst Nader Henein about trust — who needs to trust CISOs, what trust means to each constituency, and how CISOs can build trust with each one.

This episode explores :

• The connection between trust and the CISO’s effectiveness in role. (02:00)
• What trust means to the C-suite and board in the context of cybersecurity (07:30)
• What trust means to the CISO’s peers around the organization. (16:15)
• How CISOs should build and maintain trust with their direct reports. (23:00)
• How CISOs can support the development of trust from the organization’s customers. (29:24)