Where Should the CISO Report? Guess Again! – Stephen Fried – CSP #74

Sam Estrella Cloud Security Tech, dockerized, endpoint detection/response, endpoint prevention, life of a virtual CISO, MSSP, Network Security Engineer, security careers, security certifications, security degree, Security Operations and Endpoint Protection, security services, Stephen Fried, threat intelligence, Todd Fitzgerald, Travis Isaacson, VP of Enterprise Information Security June 14, 2022

Where the CISO should report has been debated for many years, with the predominant view being “anywhere but the CIO”, while even in 2022, most CISOs are reporting to the CIO! Which reporting structure viewpoint is right? This podcast will examine the pros and cons of reporting to the CIO and other departments. Join Stephen as he shares his experience as a Former CISO for several large financial institutions, along with his current views.

To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2022/05/CISOSTORIES_StephenFried_Article.pdf

Fried, S. 2019. The Best Reporting Relationship for a CISO May Not Be What You Think! In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pgs. 174-5. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald.

Full Episode Show Notes

Where Should the CISO Report? Guess Again!

Guests

Stephen Fried – Digital Risk Principal at American Family Insurance

@sdfried

Stephen Fried has spent his professional career studying, designing, and building information security programs for both large and small organizations. He is an accomplished leader with over 20 years of experience in information security risk management, technology, and organizational leadership, including the creation of the security programs for two global Fortune 500 companies. His expertise covers a wide range of cyber risk areas, including information risk management, privacy, governance and regulatory compliance, cloud security, security architecture, insider threat, and incident management.

Stephen is currently a Digital Risk Principal at American Family Insurance in Madison, WI. supporting the company’s Information Risk Management program. Prior to joining American Family, he was the Senior Vice President for Information Security for QBE North America, the 1st Vice President and CISO for People’s United Bank in Bridgeport, CT, and the Vice President for Information Security at FIS. Stephen lives in the suburbs of Wisconsin and spends his scarce spare time golfing (badly), amateur woodworking, watching Star Trek, and building electronic gadgets that have no useful purpose.

Hosts

Todd Fitzgerald – Vice President, Cybersecurity Strategy at Cybersecurity Collaborative

@securityfitz

Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.

Where Should the CISO Report? Guess Again! – Stephen Fried – CSP #74

Where Should the CISO Report? Guess Again!

Guests

Hosts

Related Posts

Getting Past the Hype of Next Generation Endpoint Security