Building Teams vs. Buying Talent: Insights from CISO Joey Rachid
09/18/24 • 35 min
Episode 30: Joey Rachid – Professionalizing the CISO Role & Building Strong Cyber Teams
In this episode of The Professional CISO Show, host David Malicoat interviews Joey Rachid, Chief Information Security Officer (CISO) at UST. Joey takes us on a fascinating journey from his early days in the U.S. Marine Corps, where he first got involved with technology, to his rise as a cybersecurity leader in the consulting and services industry.
They discuss:
• The difference between building vs. buying cybersecurity talent
• The importance of professionalizing the CISO role in today’s business environment
• Joey’s views on how business acumen and an MBA can elevate your role as a CISO
• Effective leadership strategies for developing high-performing cybersecurity teams
• The future of the CISO role and what it means for aspiring security professionals
Whether you’re a current or aspiring CISO, Joey’s insights on leadership, risk management, and aligning cybersecurity with business objectives are invaluable for anyone looking to grow in the field. Tune in for a deep dive into the practical and strategic aspects of being a cybersecurity leader today.
Key Takeaways:
• Joey Rachid’s path from the Marine Corps to cybersecurity leadership
• Developing vs. hiring talent: Which is the better approach?
• How an MBA can boost your business credibility as a CISO
• The role of trust, competence, and character in effective leadership
• Future trends in cybersecurity leadership and the evolving CISO role
Resources & Links:
• Follow Joey Rachid on LinkedIn: https://www.linkedin.com/in/joeyrachid/
• Learn more about UST: https://www.ust.com/
• Follow The Professional CISO Podcast on LinkedIn: https://www.linkedin.com/company/the-professional-ciso-show
• Subscribe to our YouTube channel: www.youtube.com/@TheProfessionalCISO
• Visit our website: www.thpc.co
Timestamps:
00:00 – Introduction
02:30 – Joey’s background: From Marine Corps to cybersecurity
06:45 – Building vs. buying talent in cybersecurity
10:30 – Why professionalizing the CISO role matters
15:00 – The value of an MBA in cybersecurity leadership
20:00 – Leading and developing high-performing teams
25:00 – Trust, character, and competence in leadership
30:00 – The future of the CISO role
Episode 30: Joey Rachid – Professionalizing the CISO Role & Building Strong Cyber Teams
In this episode of The Professional CISO Show, host David Malicoat interviews Joey Rachid, Chief Information Security Officer (CISO) at UST. Joey takes us on a fascinating journey from his early days in the U.S. Marine Corps, where he first got involved with technology, to his rise as a cybersecurity leader in the consulting and services industry.
They discuss:
• The difference between building vs. buying cybersecurity talent
• The importance of professionalizing the CISO role in today’s business environment
• Joey’s views on how business acumen and an MBA can elevate your role as a CISO
• Effective leadership strategies for developing high-performing cybersecurity teams
• The future of the CISO role and what it means for aspiring security professionals
Whether you’re a current or aspiring CISO, Joey’s insights on leadership, risk management, and aligning cybersecurity with business objectives are invaluable for anyone looking to grow in the field. Tune in for a deep dive into the practical and strategic aspects of being a cybersecurity leader today.
Key Takeaways:
• Joey Rachid’s path from the Marine Corps to cybersecurity leadership
• Developing vs. hiring talent: Which is the better approach?
• How an MBA can boost your business credibility as a CISO
• The role of trust, competence, and character in effective leadership
• Future trends in cybersecurity leadership and the evolving CISO role
Resources & Links:
• Follow Joey Rachid on LinkedIn: https://www.linkedin.com/in/joeyrachid/
• Learn more about UST: https://www.ust.com/
• Follow The Professional CISO Podcast on LinkedIn: https://www.linkedin.com/company/the-professional-ciso-show
• Subscribe to our YouTube channel: www.youtube.com/@TheProfessionalCISO
• Visit our website: www.thpc.co
Timestamps:
00:00 – Introduction
02:30 – Joey’s background: From Marine Corps to cybersecurity
06:45 – Building vs. buying talent in cybersecurity
10:30 – Why professionalizing the CISO role matters
15:00 – The value of an MBA in cybersecurity leadership
20:00 – Leading and developing high-performing teams
25:00 – Trust, character, and competence in leadership
30:00 – The future of the CISO role
Previous Episode
The Challenge of Selling Cybersecurity: Insights from Matt Walker
In this episode of The Professional CISO Show, host David Malicoat is joined by Matt Walker, Managing Director of Security and Compliance at Goosehead Insurance. Matt shares his unique journey from a career in commercial art to becoming a cybersecurity leader. Together, they explore the evolving role of the CISO and the importance of professionalizing the position within organizations.
Key Takeaways:
- Professionalizing the CISO Role: Matt discusses the need for establishing a standardized professional framework for CISOs and the challenges associated with it.
- Translating Technical Risk into Business Terms: Learn how to communicate complex technical risks in a way that resonates with non-technical stakeholders and aligns with business objectives.
- Building Relationships in the C-Suite: Discover strategies for developing strong, trust-based relationships within the executive team, and how to navigate the political landscape of the boardroom.
- The Journey from IT to Cybersecurity Leadership: Matt shares his personal experiences and insights on transitioning from a technical background to a leadership role in cybersecurity.
About the Guest: Matt Walker is the Managing Director of Security and Compliance at Goosehead Insurance. With a rich background in network security, commercial art, and leadership roles at Bain & Company and Dell, Matt brings a unique perspective to the discussion on cybersecurity leadership and the future of the CISO role.
Episode Highlights:
- [02:00] Matt Walker’s early career and transition from commercial art to cybersecurity
- [07:00] The importance of professionalizing the CISO role
- [13:00] Strategies for effectively communicating risk to business leaders
- [18:00] Navigating stakeholder relationships and building trust in the C-suite
- [25:00] Matt’s tips for introverts on building professional relationships and influence
- [30:00] The role of diplomacy in cybersecurity leadership
Connect with Matt Walker:
- LinkedIn: https://www.linkedin.com/in/techguymatt/
- Goosehead Insurance: Website
Connect with David Malicoat:
- Website: The Professional CISO
- YouTube: The Professional CISO
- LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/
Subscribe & Leave a Review: Enjoyed the episode? Subscribe to The Professional CISO Show on Apple Podcasts, Spotify, or your favorite podcast platform. Don’t forget to leave a review and share the episode with your network!
Next Episode
Is It Time to Break Apart GRC?
In this episode of The Professional CISO Show, David Malicoat tackles a bold question: Is it time to break apart Governance, Risk, and Compliance (GRC) into separate, specialized functions? Join us as we explore how unbundling GRC could transform your cybersecurity program from a checkbox exercise into a powerful tool for business alignment and risk management. With thought-provoking insights and historical examples, David makes the case for why GRC needs a fresh approach in today’s fast-paced digital landscape.
If you’re a CISO, security professional, or business leader, this episode is packed with actionable advice to help you elevate your organization’s cybersecurity maturity.
Key Takeaways:
• Why governance, risk, and compliance deserve individual attention
• How CISOs can take ownership of governance for strategic impact
• Using compliance to secure resources and improve risk management
• Practical strategies to rethink and realign your GRC structure
Timestamps:
• 00:00 – Welcome and Introduction
• 02:00 – Why GRC Needs a Fresh Approach
• 06:00 – Historical Example: British Defense of Singapore
• 09:00 – The Evolution of GRC: From 2000s to Present
• 15:00 – Governance: A CISO’s Primary Responsibility
• 21:00 – Risk Management: Aligning Cyber and Business Risk
• 25:00 – Compliance: Turning It into a Strategic Advantage
• 29:00 – Final Thoughts: Breaking Apart GRC for Cyber Superpowers
• 31:00 – Call to Action: Professionalizing the CISO Role
Quotes:
• “Governance isn’t just a checkbox; it’s the CISO’s responsibility to lead and set the strategic direction of the cybersecurity program.”
• “Risk is the lens through which all programs need to make decisions. Without it, you’re misaligned with the business.”
• “Just because you have GRC doesn’t mean you’re using it to its full potential. It could be your superpower if harnessed properly.”
Connect with David Malicoat:
Website: www.thpc.co
YouTube: The Professional CISO Show
LinkedIn: David Malicoat on LinkedIn
Twitter: @ProfessionalCISO
Listen & Subscribe:
Don’t miss an episode! Subscribe on Spotify | Apple Podcasts | Google Podcasts
Please leave us a review to help spread the word!
Hashtags for Social Sharing:
#CISO #GRC #GovernanceRiskCompliance #Cybersecurity #RiskManagement #ProfessionalCISO #Leadership
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/the-professional-ciso-497498/building-teams-vs-buying-talent-insights-from-ciso-joey-rachid-74119740"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to building teams vs. buying talent: insights from ciso joey rachid on goodpods" style="width: 225px" /> </a>
Copy