On this whopper of a show, Steve speaks with Chuck Markarian, CISO of PACCAR and Sean Murphy, CISO of BECU, about the value of professional relationships early in your career; how an internal cybersecurity risk council can manage expectations and better prepare your organization, and why we should be realistic about the strength of the adversary.
Starting a Risk Council
How do you socialize the idea of a risk council and ultimately get one off the ground? Bottom line: ask the right kind of questions that help employees find out what is important to them and discuss responses to situations when dealing with risk management. Then, develop a plan of attack.
Sean, Chuck and Steve also tackle topics like:
- Networking as an Introvert
- Dealing with High-Risk Situations
- Taking off the ‘rose-colored glasses’ when reporting security data
Check out the full episode here, and if you like the show, remember to review, rate us, and subscribe to get new episodes when they go live.
More about Sean
Sean is an accomplished cybersecurity executive with about two decades of experience leading information security and risk management in highly-regulated industries and fast-paced organizations like BECU. As a senior vice president and Chief Information Security Officer at BECU, he is responsible for providing and optimizing an enterprise-wide security program and architecture that minimizes risk, enables business imperatives, and further strengthens the credit union’s security posture. He’s an industry-recognized information security expert, with more than 20 years of experience in highly-regulated, security-focused organizations. Sean retired from the U.S. Air Force (Medical Service Corps) after achieving the rank of lieutenant colonel. He has served as CIO and CISO in the military service and private sector at all levels of organizations. Sean has a master’s degree in business administration (advanced IT concentration) from the University of South Florida, a master’s degree in health services administration from Central Michigan University, and a bachelor’s degree in human resource management from the University of Maryland. He served on the (ISC)2 committee to develop the HCISPP credential. He is also a noted speaker at a national level and the author of numerous industry whitepapers, articles, and educational materials, including his most recent book, “HCISPP® HealthCare Information Security and Privacy Practitioner All-in-One Exam Guide,” available now in bookstores and on Amazon.com.
More about Chuck
Chuck is the Chief Information Security Officer for PACCAR. In this role, Chuck is accountable for all elements of Information Security globally, across all PACCAR divisions. This includes security consulting, investigations, litigation support, strategic planning, standards and day to day activities. Chuck has additional ITD responsibilities which include Access Management, Disaster Recovery, Facilities and Vehicle Security. Chuck joined PACCAR in 2005 as the Assistant Director, Information Security. Chuck has two security certifications from ISACA (Information Systems Audit and Control Association); CISM (Certified in Information Security Management) and CRISC (Certified in Risk and Information Systems Controls). Prior to coming to PACCAR, Chuck worked at BOEING and AT&T Wireless/Cingular in various IT and security roles. Chuck has a Bachelor of Science in Math from Washington State University.