Insights from a CISO: What I look for when hiring new talent
We ask Max Imbiel (CISO at Bitpanda) to share his insights on hiring cybersecurity talent in cryptocurrency and fintech.
Read MoreAt Black Hat MEA 2022, Shobha Jagathpal (India CISO at Morgan Stanley) spoke about the lifecycle of an application – and its risk journey.
One point that really stood out to us is that in order to embed security into every stage of application development, or to encourage the effective adoption of modern security processes within existing applications and businesses, engagement is crucial.
And by engagement, we mean the engagement of entire teams – every department, every division, every profession – with security work.
“As security professionals,” Jagathpal said, “we’ve got to drive a mindset and a culture wherein security is no longer an afterthought.”
And to do that, you’ve got to help everyone care about cybersecurity.
Jagathpal shared several ideas for getting your whole team involved. They’re not the standard employee awareness strategies – and we think they’re worth considering if you want to build a truly proactive, security-focused culture.
“Overall, we need to make it easy for the application developers to search and consume and share and walk with us in an integrated fashion,” Jagathpal added.
Driving meaningful, proactive engagement like this will help application developers and their security teams meet the demands of business growth, but with security embedded firmly into company culture and app development.
It’ll help security teams gain the confidence and trust of their peers.
And overall, it will help to create a security culture that will drive future resilience – because everyone’s interested in security, everyone understands how they can contribute, and everyone feels involved and responsible for securing every aspect of the business.
“The security team is required to manage risk .They’ve got to be cogniscient to understand where the risk is; what are the things that are bringing down the risk; and then put in measures to help them manage it.”
But security teams are often perceived by others as “offering non-functioning requirements; barriers to speed; [demanding] additional efforts to meet security needs.”
If everyone’s involved in security, those perceptions will change. And when those perceptions change, security teams will be better able to do their job and manage risk effectively – because everyone will be willing and able to help.
Join the newsletter to receive the latest updates in your inbox.
We ask Max Imbiel (CISO at Bitpanda) to share his insights on hiring cybersecurity talent in cryptocurrency and fintech.
Read MorePhilip Martin (CSO at Coinbase) talks about crypto scams, and how cybersecurity leaders can help to build trust in cryptocurrency.
Read MoreResearchers at Oligo Security uncovered an 18 year old critical vulnerability affecting all major web browsers.
Read More