LIVE Topic: Your Community CISO w/Carlota Sage – from inside the HACKERverse




0 %

User Scrore

0 ratings
Rate This


Kim Crawley,
Craig Ellrod,

Our illustrious Guest today:
Carlota Sage




What is Security Maturity and what is wrong with Security Maturity?
-CMMC doesn’t map to non government organizations

What is the Security Health Model?

Driving Factors:
-Grassroots or Ad Hoc
-Team or Compliance Driven
-Risk-Informed or Risk-Based?

What is a Security Health Checkup?

-What do you measure?
-How do you measure?

Who is doing security?
-Single person or Team – without leadership buy-in
-Part of your culture – leadership is bought in and helping drive
–Need a Security Leader that informs the Leadership

It’s more about People, Process and Technology

Your security budget needs to grow with Inflation and with your Revenue!

If you do hire a vCISO, ask them, if they are getting a kickback from the Managed Security Provider (MSP?)
Don’t work with that vCISO.
Work with a vCISO that will ask the MSP to give you a discount instead.

Expel is her preferred MSP vendor.
She has worked with them when she was at FireEye.

===== Links: