Preview Mode Links will not work in preview mode

The New CISO

Aug 20, 2020

Improving the Sales Process 


In this episode, we discuss how and why it’s so difficult for a security team leader to discover new trends in technologies in a safe and effective way. Damien points out that it can be challenging to discern who and what to rely on when broaching new systems. Listen to the episode to hear more about how to find the right balance of someone who understands the company and the importance of building a long term, trusted relationship.  


Advice for the New Salesperson 


One of the first points that Damien brings up is that the best way to increase your sales isn’t always trying to sell everything new. Rather, he encourages the salesperson to focus on building sustainable and genuine relationships with clients, that will then result in introductions to others in the field. We delve into why CISOs tend to shy away from salespeople and what to do about it. 


Reaching Executives You Don’t Know  


If you are in sales and struggles to cut through the hesitation and cynicism to reach executives you personally don’t know, how can you do your job? Damien suggests several strategies including referrals and what that requires, as well as attending conferences and how to properly go about starting conversations with new people.  



Two Types of CISOs 


In examining the culture around CISOs, Damien identifies the two personas that frequently crop up and the problems with each. First, there is the traditional CISOs that are aggressive in order to reach the top of that particular environment, and as a result, can have a superiority complex—even towards other CISOs. Unfortunately, these people are hard to change when it comes to sales relationships. Then, there are the steady and calm leaders, who have consistently delivered. However, sometimes they feel overwhelmed and when they get cold sales calls, they can be dismissive. 

Damien reminds everyone is human and to give everyone a chance.  


Social Hierarchy of CISOs 


In this episode, we talk about what good-natured CISOs can fall prey to, and what we mean by a “Hollywood” CISO. Damien identifies real leaders as those who want to learn, but also want to pay it forward through education, experience and introductions. He believes this is what makes a good CISO with a longstanding reputation in the industry.  



The Problems with the Award Systems  


The idea of “Hollywood” CISOs brings up the point that there are some companies that  

have better marketing and PR, and therefore result in the same individuals winning awards. We discuss how unfortunately, this creates a boy’s club, so to speak, that ends up shutting out those of different backgrounds, cultures, experiences. Listen on to hear about the consequences of generating a myopic view of leadership.  


Factions in the Industry and Shifting Positions 


Particularly in Australia, Damien delves into how the CISO is starting to morph into the CSO and the factions that are forming in the industry. While some people believe the position is all about the tech and data, others believe it incorporates consideration about the work culture and organization. Although there are different theories, one thing remains clear: one person can’t do all the responsibilities anymore. Listen on to discover why this fragmentation occurs and how leadership backgrounds provide different lens through which to view the role of a CISO.  


Misaligned Incentive and How Capitalism Affects the Technology  


We delve deep into how and why politics and business now seep into technology decisions. Capitalism pushes companies to look for growth from year to year, which incentivizes employees but can also have many negative consequences. We touch on how this effects salespeople and creates a vicious cycle for them, as well as how it breaks down their relationships with CISOs.  

As the industry sometimes forces growth, new softwares are rushed through with little time spent on design and testing. We discuss how this rushed process impacts the software itself, the product team, the utilization of the program with potential mistakes.  

Damien advocates for not trying to tick a box, but rather seeking out added value for the business.  




As a result of this rushed software, we touch on the importance of remediation and its business consequences. Damien brings up the prevelance of half-baked installations that remain in the network once abandoned and the importance and cost of cleaning those out.  




Offshore Vulnerability  


We shift our conversation to focus on how COVID-19 highlights vulnerabilities of organizations with offshore facilities. Companies must decide if they want to pay to bring those services back onshore or relax standards and let people work on sensitive information from home in different countries. 


COVID-19’s Effect on Australia and Why a Vaccine isn’t a Simple Fix 


As Damien is a part of Deakin University in Australia, he touches on how COVID-19 has greatly affected one of Australia’s top three exports: education. With a travel ban, foreign students can’t come into the country to receive their degrees from universities that are sometimes comprised of 50-70% international students. 

With a background in biology and chemistry, Damien also discusses why a vaccine isn’t a magic bullet for normalacy and the unintended consequences of a vaccine. He also talks about how misinformation can be exploited by foreign threats and the question of safety and privacy. 


What does the New CISO mean to Damien?  


Lastly, Damien answers the question, what does the new CISO mean to him. He asserts an attention to a positive work culture, and the strive towards improved behavior and an inclusive industry.  







Damien Manuel - LinkedIn