Silo Busting 70: Lessons for the Modern CISO with Tim Ramsay and Sam Rehman

The EPAM Continuum Podcast Network

Вміст надано The EPAM Continuum Podcast Network and EPAM Continuum. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією The EPAM Continuum Podcast Network and EPAM Continuum або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.

8M ago 26:56

MP3•Головна епізоду

How are CISOs holding up in the era of AI? According to Tim Ramsay, Managing Director of Mandiant Client Advisory (now part of Google Cloud), and our guest on *Silo Busting*: “You have a number of parts of the organization that may be embracing AI without any involvement from central IT, and more importantly… without security.” Not an easy situation for a CISO. But not to worry, Ramsay and Sam Rehman, EPAM’s CISO and SVP, have seen this kind of thing before. In the pre-AI age, there were other technology inflection points, such as virtualization and the cloud, and our conversationalists learned that dealing with them involved clear communication and trust. Today’s CISOs “don't want to kill the business or stop the business,” says Ramsay. “They want to enable the business. But that kind of presupposes they know what the business is trying to do.” What’s necessary, he says, is for business leaders “to have some level of trust that the security people are actually going to bring something productive to the conversation and not just rule from a position of fear, uncertainty and doubt.” CISOs must teach their colleagues that secure business is, as Ramsay notes, a team sport and that organizations must know their data assets. Security people must also be clear about risk. “We need to be real about what type of threats we actually are engaging,” says Ramsay. The lessons of DeepSeek emerge during the episode. Ramsay says he thought there’d be “some voice in the room who would have said, ‘Guys, are we ready? Are we ready for global type of exposure here?’” Getting ready, in fact, means that security must be included from the beginning, both Ramsay and Rehman agree. Rehman adds: “To secure something as an aftermath is a million times more difficult than if you have security in mind when you’re actually going through that innovation process.” Rehman asks how CISOs can build the necessary trust. “Meetings are always good, but relationships are where it gets real,” replies Ramsay. “Conversations that CISOs are having alongside other C-levels are going to be much more effective” than meetings that can sometimes feel adversarial. Build strong enough relationships and sometimes business leaders will deliver the security message themselves. “It takes a secure CISO to let others carry the message sometimes,” says Ramsay. “It takes the pressure off the CISO to be always the bearer of threats and news of risk.” Says Rehman: “So much of security requires... letting go of that insecurity.” Host and Producer: Ken Gordon Engineer: Kyp Pilalas

174 епізодів

#Business #EPAM Continuum Podcast Network #EPAM Continuum