Tuesday Mar 14, 2023
Cybrize’s Diana Kelley: Why compliance is more than a checkbox exercise, and how to integrate it into your security toolkit
In this episode of the Future of Security Operations podcast, Thomas speaks with Diana Kelley, Chief Security Officer / Chief Strategy Officer at Cybrize, which connects organizations, security leaders, and job seekers to train and support the next generation of cybersecurity professionals.
Diana has been a trailblazer in the cybersecurity industry for over three decades. She's served as CTO for Microsoft and Global Executive Security Advisor at IBM; she was also previously VP of Burton Group (now Gartner for Technical Professionals) and a manager at KPMG. Diana volunteers with numerous organizations in her free time, including ACM Ethics & Plagiarism Committee and WiCyS (Women in Cybersecurity), all devoted to advancing diversity within this field.
Topics include:
- How Diana first developed a passion for computers and security
- Diana's career path, from building and managing a global network to working as a consultant
- The changing security landscape and how increasingly sophisticated adversaries challenge it
- Why executives need to recognize compliance is not just a checkbox exercise, and how Diana helps business leaders bring compliance in as part of their toolkits to develop better security programs
- The challenge of balancing security policies with different pressures within an organization
- The cybersecurity skills gap and how hiring managers can attract and retain the best candidates through DEIA, allyship, creating open-minded job descriptions, and recognizing the value of different skill sets
- The importance of sizing security teams properly to prevent exhaustion and burnout, measuring the success of your security program, and communicating the value of your security team
- Why Diana believes SOCs will be more distributed in the future, why it makes sense for smaller companies to outsource, and the rise of AI and automation to support humans rather than replace humans
- Diana reflects on a striking security incident
Resources: