2022 Planning: A First-Year CISO Shares Her Point of View

2022 Planning: A First-Year CISO Shares Her Point of View

When you're planning for the year ahead in cybersecurity, there's always part of you that's trying to play fortune-teller. You know what risks matter now, and the processes and resources you need to respond to them, but what threats might emerge over the coming 12 months — or 12 weeks, for that matter? What if the landscape changes before you have a chance to react?

Now, imagine you're doing that crystal-ball-peering exercise while still in your first 6 months in a leadership role. That's the situation a first-year CISO finds themselves in — and while it's a little precarious, it's equally ripe with opportunity.

On Thursday, November 17, Rapid7's Chief Security Data Scientist Bob Rudis sat down with Katie Ledoux, Chief Information Security Officer at SMS marketing startup Attentive, to dive into how she's tackling the challenges of planning for her security team's needs in 2022 while navigating her new role.

Freedom to build from the ground up

At just 4 months into her tenure at Attentive as of November 2021, Katie has found a sense of freedom and clarity in being able to start from square one.

"Getting to build a program from scratch is actually kind of amazing... especially because I've made so many mistakes before," she said. It was the process of learning from those mistakes in less high-stakes roles — including a 5-year stint at Rapid7 — and building back more effectively that helped her understand what to prioritize as a new CISO. Now, she has the opportunity start with the things she knows she and her first few hires can do well, addressing lower-complexity, higher-risk areas and seeing progress quickly.

"I'm starting off as very trusted — and I won't lose that trust unless I screw up ..

Support the originator by clicking the read the rest link below.