Episode 1: The point of regulation
Overview
Free the CISO, a podcast series that attempts to free CISOs from their shackles so they can focus on securing their organization, is produced by CIO.com in partnership with DataBee®, from Comcast Technology Solutions.
In each episode, Robin Das, Executive Director at Comcast under the DataBee team, explores the CISO’s role through the position’s relationship with other security stakeholders, from regulators and the board of directors to internal personnel and outside vendors.
Episode 1 focuses on regulation. In this episode, Robin is joined by:
Tom Schneider, a 40-year veteran of the cybersecurity and IT industry,
Kristen Maynes, a partner with PwC's cyber risk and regulatory practice, and
Yasmine Abdillahi, an executive director at Comcast in cybersecurity governance risk and compliance.
Together, the group discusses the relationship between regulation compliance and cybersecurity, the penalties that can be incurred for lack of regulatory compliance, and how some CISOs are trying to ease the burden that an ever-changing regulatory environment imposes on the enterprise.
The conversation begins with Robin asking a seemingly innocuous question that has repercussions for not just the CISO, but enterprise security as a whole: “Why do regulations exist, and do they even make us safer?”
According to Schneider, the answer is yes, but with a caveat. “They're there really to enforce a minimum level of protection and to get people to exhibit certain behavior that they're not likely to exhibit otherwise. … There's a statement, “compliance doesn't equal security,” that gets repeated a lot, I think maybe more in the past than it does now. But it kind of equates to: If you've got some kind of compliance regimen, if it doesn't completely prevent security incidents or breaches, then somehow that must mean that that particular compliance standard is flawed. And I think that's not a very helpful way to look at compliance or regulatory requirements. I think they're more foundational requirements.”
With Maynes and Abdillahi, the conversation turns from the immediate goals and impact of regulation to ways in which CISOs are elevating their security stature beyond the status quo.
Listen to the full episode to better navigate the role of CISO and deliver real value for your enterprise.
Don't miss Episode 2: Navigating the Board of Directors.
To learn more about the DataBee Hive™, visit their website or follow along on LinkedIn.
More about Robin Das, Executive Director, Market Growth Strategist, DataBee
Robin is responsible for defining DataBee’s unique value proposition in the market, long term strategy and product vision, and business development opportunities via outreach to strategic targets, partnerships, alliances, and other investments to continue to drive overall growth.
His prior experience at Comcast includes roles in Corporate Strategy, FP&A, and development of Customer Experience tools.
He lives in Philadelphia, with his wife Stephanie, nine-year old daughter Pearl, and two dogs, Emma & Eggy. Outside of work he likes to run slowly, cook adequately, and eat out frequently.
