The New CISO Podcast

Episode 10: Assessing Security Reporting Structures

On this episode, Lenny Levy talks to Stephen Moore about how we can influence and ultimately correct existing lines of reporting.

As a modern CISO and security expert, a challenge you may face is that a leader you report to might not understand the business of security. Given that, how do we influence and ultimately correct existing lines of reporting.

Moving From consultant to CISO

Consultants gain a lot of work experience very quickly, because you are working with a lot of clients on many issues. Seeing the transition from consultant to CISO is fairly common. As a consultant you don’t get to see the changes you’ve made grow over time, you only see the short-term effects and move on. If the decision is made to leave consulting and sign on full-time with one company as CISO, you see how everything you do evolves overtime, and are able to put all of your focus into one place.

Listen as Steve and Lenny talk about:

  • Different security reporting structures
  • Evaluating a problem at a new workplace
  • Identifying the right frequency of reporting
  • Identifying Warning signs and red flags

Check out the full episode here, and if you like the show, remember to review, rate us and subscribe to get new episodes when they drop.

Listen and Subscribe

iTunes Button (via NiftyButtons.com) Listen on Google Play Music Listen on Spotify RSS Feed


More About Leonard Levy

Leonard (Lenny) Levy is an accomplished information security executive with over 20 years’ experience addressing cybersecurity challenges. Most recently he served as the interim Chief Information Security Officer for Providence St. Joseph Health, a $26 billion catholic healthcare system.