Executive Perspectives Pt 3: Reporting to Legal

This post discusses the dynamics of reporting lines in security, specifically through legal channels. Reporting to legal grants direct access to the CEO but may narrow focus to regulatory concerns, resembling internal audit duties. Leveraging legal compliance enhances security without neglecting broader obligations. Engaging legal counsel supports effective security posture and data protection.

Executive Perspectives Pt 2: Reporting to Information Technology

This is the second part of a look at reporting lines in organizations. You can click here to read about when Security reports directly to the CEO. Navigating the complex security landscape in the bustling tech hub of Silicon Slopes, particularly within startup ecosystems, is akin to charting unexplored terrain. Having spent considerable time in…

Executive Perspectives: Navigating Security Reporting Across the C-Suite

An important part of providing value to an organization is dependent on how Security reports to executives. There are lots of ways Security can stack up in an organization. In past lives, I’ve reported to the CTO, to the CISO, to a VP of customer service, to General Counsel, and most recently, to the COO.…

Starting My Master’s Degree

Oh, ISC(2), how I have blocked you from my mind. It’s often said that you need to know much of everything to get your CISSP (Certified Information Systems Security Professional). You need to know information security “a mile wide and an inch deep.” That’s a very accurate description. When I took my CISSP exam, it…