The New CISO Podcast: Building The Right Relationships
On this episode of The New CISO Podcast, Den Jones, Chief Security Officer at Banyan Security, discusses the importance of trustworthy and transparent relationships in the cybersecurity field. Before joining the security intelligence industry, Den first worked as a postman walking the streets of his native Scotland and dreamed of becoming a musician. Now a CISO, he shares the value of creating relationships worth leveraging, being proactive in terms of security, how to keep an eye on user behavior, and what it means to be a security leader.
In this article:
- Every relationship matters
- Invest in proactive security
- Keeping an eye on user behavior
- Aligning security strategies with executive goals
- What does it mean to be a security leader?
Every relationship matters
Den believes it’s better to have a “build relationships, not sell stuff” mentality to develop transparent vendor relationships. It is crucial to think of vendors as partners rather than as suppliers. He says, “If you do this right, your team is not just the people that are full-time employees in your organization. Your team is these third-party vendors, and getting to know them and getting to understand their constraints and their troubles and things that hold them back or things that help them is really important in our business.”
Den says that as a leader, every relationship matters in order to create trust and transparency. He says, “When you’re an individual contributor, you need some relationships to be successful. But when you’re a leader, you need all relationships. You need relationships with peers in your company. You need relationships with vendors. You need to build good relationships with people in your organization.”
Invest in proactive security
Den stresses the benefits of proactive security, giving the example of how not requiring users to change their passwords every 90 days has helped the company. “100,000 people not changing passwords every 90 days,” he says. “That is tangible savings right there. So for me, that was just such a great win. Use the data you have to try and solve problems and get security in the background.”
Den touches on the ways to push and maintain proactive security intelligence. “I look at proactive security and reactive security as different expense line items. I’d rather put more dollars in proactive security that gets you out of the face of the workers because the other thing is, we need a productive workforce,” he says. “So as we’re plying our trade, it’s just really important to think about how do we enable the business, but in a secure way? What’s practical from a technology perspective? I love this concept of security intelligence as a proactive force for good, rather than my IR team as a reactive response based on bad things happening.”
Keeping an eye on user behavior
Den explains how to determine the core questions that lead to good data protection. By looking at identities, user devices, and the intelligence behind both, Den can develop data security strategies. Den mentions, “I think the front line of the defense is all around the user identity and the machine identity, to begin with. So first of all, make sure that you have a really robust identity platform, so the ability for onboarding and offboarding workers has got to be solid. So from your HR system, your identity management, your directory services, all of that needs to be in place, and a capability for logging all of that information needs to be solid. I want to be able to know, demonstrate, and understand when an account was created, why it was created, when it was deactivated, and if the account was stale.”
Aligning security strategies with executive goals
All service accounts should be predictable so that the security team can detect any deviations from the norm. Den recommends maintaining tight access and monitoring of service accounts’ task functions to keep data safe. He understands that executives do not share his interest in users’ security, and are more motivated by avoiding bad press coverage, — which could happen if a preventable security breach were to occur. For practitioners, the goal then must be to help their organizations maintain a solid reputation, but also to find ways to use their work for good.
What does it mean to be a security leader?
To Den, being a CISO means building a solid network of healthy relationships. With the right people around you, you can leverage their wisdom and advice to be a productive leader in the cybersecurity world. Den opines, “I think the biggest thing is relationships and your network. We mentioned it earlier about how you want to be, as a leader, leveraging and building these relationships. As a new security leader, I reached out to people in my network that I’ve gotten to know over the years and built good relationships with, and leveraged their wisdom, their expertise, and guidance. It’s really important to build your network in advance of needing [it], so that when you do become that new CISO for the first time, then you have a bunch of trusted people you can leverage and call upon when you need to.”
The CISO’s Response Plan After a Breach
The New CISO Podcast: Building The Right Relationships
Subscribe today and we'll send our latest blog posts right to your inbox, so you can stay ahead of the cybercriminals and defend your organization.
See a world-class SIEM solution in action
Most reported breaches involved lost or stolen credentials. How can you keep pace?
Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.
Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.
Get a demo today!