The Professional CISO

Episode 30: Joey Rachid – Professionalizing the CISO Role & Building Strong Cyber Teams

In this episode of The Professional CISO Show, host David Malicoat interviews Joey Rachid, Chief Information Security Officer (CISO) at UST. Joey takes us on a fascinating journey from his early days in the U.S. Marine Corps, where he first got involved with technology, to his rise as a cybersecurity leader in the consulting and services industry.

They discuss:

• The difference between building vs. buying cybersecurity talent

• The importance of professionalizing the CISO role in today’s business environment

• Joey’s views on how business acumen and an MBA can elevate your role as a CISO

• Effective leadership strategies for developing high-performing cybersecurity teams

• The future of the CISO role and what it means for aspiring security professionals

Whether you’re a current or aspiring CISO, Joey’s insights on leadership, risk management, and aligning cybersecurity with business objectives are invaluable for anyone looking to grow in the field. Tune in for a deep dive into the practical and strategic aspects of being a cybersecurity leader today.

Key Takeaways:

• Joey Rachid’s path from the Marine Corps to cybersecurity leadership

• Developing vs. hiring talent: Which is the better approach?

• How an MBA can boost your business credibility as a CISO

• The role of trust, competence, and character in effective leadership

• Future trends in cybersecurity leadership and the evolving CISO role

Resources & Links:

• Follow Joey Rachid on LinkedIn: https://www.linkedin.com/in/joeyrachid/

• Learn more about UST: https://www.ust.com/

• Follow The Professional CISO Podcast on LinkedIn: https://www.linkedin.com/company/the-professional-ciso-show

• Subscribe to our YouTube channel: www.youtube.com/@TheProfessionalCISO

• Visit our website: www.thpc.co

Timestamps:

00:00 – Introduction

02:30 – Joey’s background: From Marine Corps to cybersecurity

06:45 – Building vs. buying talent in cybersecurity

10:30 – Why professionalizing the CISO role matters

15:00 – The value of an MBA in cybersecurity leadership

20:00 – Leading and developing high-performing teams

25:00 – Trust, character, and competence in leadership

30:00 – The future of the CISO role

The Professional CISO Show - Episode 52: The Future of Professional Organizations for CISOs

🎙️ Hook:

Are the current professional organizations truly serving the needs of CISOs, or is it time for a new approach? In this episode of The Professional CISO Show, host David Malicoat takes a deep dive into the evolution of cybersecurity professional associations, weighing the opportunities and challenges of forming a collective that genuinely represents the interests of security leaders.

Episode Summary:

For years, organizations like ISC2, ISACA, and ISSA have been the backbone of cybersecurity certifications and networking. But with the evolving role of the CISO, should our professional organizations change as well? In this thought-provoking commentary, David explores the potential benefits and pitfalls of both revamping existing associations and creating new ones.

From advocacy and standardization to ethics and vendor influence, he examines the critical aspects that shape the effectiveness of professional organizations. How do we ensure transparency? How do we prevent bureaucracy and power consolidation? Most importantly, how do we build a professional body that truly advances the role of the CISO?

Key Highlights:

🔹 The need for CISO advocacy in regulations and policy

🔹 Challenges of creating a new professional organization vs. reforming existing ones

🔹 Balancing certifications, training, and real-world experience

🔹 The role of transparency and ethics in cybersecurity leadership

🔹 How professional organizations can influence vendors and drive meaningful change

🔹 Addressing bureaucracy, cost barriers, and conflicts of interest

💡 This is more than just a discussion—it’s a call for CISOs to critically assess their affiliations and shape the future of our profession.

Timestamps:

⏳ 00:00 - Introduction: Why This Discussion Matters

⏳ 02:00 - The Changing Role of CISOs & Professional Organizations

⏳ 06:00 - The Pros and Cons of CISO Advocacy

⏳ 10:00 - Standardization & Best Practices: Are We Reinventing the Wheel?

⏳ 14:00 - Certifications, Training & Professional Development

⏳ 18:00 - Collaborative Threat Intelligence: Can It Work?

⏳ 22:00 - Ethics & Transparency: The Foundation of a Trusted Organization

⏳ 28:00 - Vendor Influence: The Good, The Bad, The Necessary

⏳ 34:00 - Public Awareness & The CISO Role in Business

⏳ 40:00 - Overcoming Bureaucracy, Leadership Conflicts & Financial Barriers

⏳ 50:00 - Final Thoughts: Building a Future-Proof Organization

Call to Action:

📢 Join the discussion! Drop a comment below or engage with us on LinkedIn. Do you think CISOs need a new professional organization? What standards should we demand? Let’s shape the future of our industry together.

✅ Subscribe to The Professional CISO Show:

🔗 YouTube: www.youtube.com/@TheProfessionalCISO

🔗 Spotify: https://open.spotify.com/show/2C7JojNZPdg1g6AXvpKDfn?si=a7ac3172bb414673

🔗 Apple Podcasts: https://podcasts.apple.com/us/podcast/the-professional-ciso/id1731138021

🔗 Follow The Professional CISO Show on LinkedIn:

https://www.linkedin.com/company/the-professional-ciso-show

🔗 Visit Our Website:

www.thpc.co

▶️ Live from North Texas ISSA Conference – Conversations with Top CISOs

▶️ Matt Walker on Professionalizing the CISO Role & Business Risk

▶️ Gary Hayslip on CISO Leadership & SoftBank’s Security Strategy

Hashtags:

#CISO #CyberSecurity #CyberLeadership #ProfessionalCISO #CISOCommunity #InfoSec #SecurityLeadership #RiskManagement #CyberRisk #Leadership #CISOAssociation #CyberSecurityPodcast

Welcome to the latest episode of The Professional CISO Show! In this episode, host David Malicoat sits down with Renee Guttmann, the founder and principal of CISO Hive, to discuss her extraordinary journey in cybersecurity. With a career spanning prestigious companies such as Coca-Cola, Royal Caribbean Cruises, Campbell Soup Company, Capital One, and Time Warner, Renee shares her invaluable insights and experiences.

We would like to thank our sponsor Armis for making this episode possible.
If you are going to Black Hat USA 2024, make sure to visit them at their booth or schedule some time at one of their events!

Key Topics Discussed:

• [00:02:00] Early Career: Renee’s unique path from an analyst to a top-tier CISO.
• [00:06:00] Networking: The critical role of networking in the cybersecurity field.
• [00:11:00] Professionalizing the CISO Role: Why it’s essential and its future impact.
• [00:18:00] Reporting Structure: The debate on where the CISO should report within an organization.
• [00:23:00] IT and OT Convergence: The evolution and importance of IT and OT security.
• [00:28:00] Career Advice: Staying well-rounded in cybersecurity and the importance of understanding OT.

Guest Information:

Renee Gutmann

• Founder and Principal, CISO Hive
• Formerly held positions at Coca-Cola, Royal Caribbean Cruises, Campbell Soup Company, Capital One, and Time Warner

Connect with Renee:

• LinkedIn: Renee Guttmann

Host Information:

David Malicoat

• Host of The Professional CISO Show
• Chief Information Security Officer at a medium-sized direct and digital marketing company

Connect with David:

• LinkedIn: David Malicoat
• Website: The Professional CISO

Resources Mentioned:

• National Association of Corporate Directors (NACD)
• Fair Institute
• Black Hat Conference
• North Texas ISSA

Subscribe and Follow:

• Spotify: The Professional CISO Show on Spotify
• Apple Podcasts: The Professional CISO Show on Apple Podcasts

Support the Show: If you enjoyed this episode, please rate and review us on your favorite podcast platform. Your feedback helps us improve and reach more listeners interested in cybersecurity.

Follow Us on Social Media:

• Twitter: @ProfessionalCISO
• LinkedIn: The Professional CISO Show
• YouTube: The Professional CISO

Tags: #Cybersecurity #CISO #ReneeGutmann #CybersecurityLeadership #Networking #Mentorship #ITSecurity #OTSecurity #RiskManagement

In this episode of the Professional CISO Podcast, host David Malicoat interviews Cheryl Nifong, CISO at the University of Texas at Arlington. They discuss Cheryl's career path, the necessity of professionalizing the CISO role, and the transition from technical to governance, risk, and compliance (GRC) positions. Cheryl shares her unique journey starting out in technical support, moving to cybersecurity leadership, and her experiences in creating effective risk management strategies. The episode covers challenges faced by women in cybersecurity, advice for aspiring cybersecurity professionals, and the importance of mentorship. Cheryl emphasizes the significance of strategic leadership and aligning daily tasks with the organization's broader vision. The conversation closes with practical advice for women entering the field and Cheryl's perspective on the future evolution of the CISO role.

00:00 Introduction to the Professional CISO Podcast
00:32 Interview with a Higher Education Security Leader
01:29 Upcoming Event: Digital Fight Club
02:56 Guest Introduction: Cheryl Nyfong
03:30 Cheryl's Journey into Cybersecurity 06:22 Transitioning to GRC and Leadership
11:12 The Evolution of the CISO Role
21:48 Women in Cybersecurity
25:05 Discovering Hidden Talents in Cybersecurity
26:06 Managing Risks with Non-Traditional Hires
27:03 The Power of Internships and Volunteer Programs
29:09 Advice for Women Entering Cybersecurity
32:23 The Importance of Mentorship
36:37 Strategic Leadership in Cybersecurity
44:12 Fun and Personal Insights with Cheryl Nyfong
47:02 Conclusion and Final Thoughts

Cheryl Nifong: https://www.linkedin.com/in/cheryl-nifong/ LinkedIn:

David Malicoat LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/

THPC Website: www.thpc.co

THPC LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcast

Digital Fight Club Website: https://digitalfightclub.co/

Welcome to Episode 7 of the Professional CISO Podcast, Hosted by David Malicoat

David reunites with longtime friend and former coworker, Patrick Benoit. They explore the evolution and professionalization of the CISO role, Pat's career journey from technology and military service to cybersecurity leadership, and the necessity of soft skills alongside technical knowledge. They also discuss the challenge of guiding boards on cyber risk, the relationship between CISOs and technology executives, and the importance of developing trust and leadership qualities.

Don’t forget to subscribe to the podcast and join us on LinkedIn so we can keep the conversation moving forward. www.theprofessionalciso.com

Sponsors: This episode is brought to you by our foundational sponsor, Interpres Security. Visit www.interpressecurity.com/HVM to learn more!

Impactful Moments:

00:00 - Welcome

02:06 - Introducing guest, Pat Benoit

06:08 - Licensing CISOs?

07:37 - CISO Now Is Like CIO Then

09:25 - The ‘Trust & Inspire’ Skills

13:12 - Little c to Big C in CISO

16:00 - Approaching Other ‘C’ Roles

20:11 - 10 questions

27:15 - Cyber-Risk Insight

Links:

Connect with Pat Benoit:

cyber-riskinsights.com

https://www.linkedin.com/in/patricklbenoit/

Books Mentioned:

https://www.amazon.com/Extreme-Ownership-U-S-Navy-SEALs/dp/1250067057

The Four Agreements