Compromising Positions - A Cyber Security Podcast

We all know running a cybersecurity function is expensive and many of us have a hard time successfully negotiating the budgets we need to keep our organisation safe.But what if we let you in on the secrets of successfully securing your cybersecurity budget?This week we are joined by Scott Robertson, CFO of CreateFuture and he gives us the insights on what you should ask for when it comes to your next yearly budget, how to ask for it and crucially (because timing is everything when it comes to money!) when to ask for it!Key Takeaways:What Does a CFO do? A CFO is not just about managing financials but also safeguarding assets and ensuring future stability through effective risk management.Time Your Requests Strategically: Discover the optimal timing to approach your CFO for budget increases and how to align your requests with the organisation's financial planning.Quantify the Cost of Risk: Learn how to effectively communicate the potential financial impact of cyberattacks and the value of preventive measures.Build Strong Relationships: Cultivate relationships with key stakeholders, including the CFO and other executives, to foster trust and support.Prioritise and Justify: Identify critical security needs, prioritise investments, and present a compelling business case to secure the necessary budget.

The data landscape is changing faster than ever, and with it, the security threats - so whose responsibility is it to make sure your data is safe? Is it the data team? Or is it the cyber team? We tackle this question and more with Head of Data at AND Digital, Tim Hatton.From leveraging AI to secure data to the importance of real user testing, to how Tim threat models his client’s data capability, you won’t want to skip this ever-important topic!We also talk about ‘data mesh’ and if you’re not familiar with that term - it’s a data management framework that decentralises data ownership and responsibility to the teams that use the data. The idea is to make data more accessible and available to business users by directly connecting data owners, data producers, and data consumers.So you can see why we thought that was an important topic to cover because, with this model, comes a lot of trust in others doing the right thing when it comes to data security!So you won’t want to ‘mesh it up’ if people are following this framework in your organisation.Key Takeaways:Test User Journeys with Real People: Assumptions don't cut it—Tim emphasizes the importance of validating user journeys with real-world testing to ensure effective data usage.AI and the Data Deluge: Friend or Foe? We explore the booming trend of AI in data management, but also ask the tough questions: Can AI be used for good in cybersecurity? Can it even help solve cold cases?Holistic Data Security Assessments: Discover Tim's approach to assessing clients' data capabilities and security, involving both data and cybersecurity teams for comprehensive protection.Maturity Matters: Responsibility for Data Protection. Tim reveals a surprising trend - immature organizations might have stricter controls! Discover how your organization's maturity level defines data security ownership.The Future of Self-Sovereign Data: Explore the concept of self-sovereign data and why it might be the future of personal data management and security.Show NotesBook - Wicked Beyond Belief (The one I mistakenly said was Helter Skelter)An Article on Self-Sovereign DataAbout Tim HattonTim Hatton has been working in digital since before it was called digital. Over the course of his career, he has worked on data and digital transformation projects for some of the biggest companies in the world.He joined AND Digital in 2016 and is currently Head of Data. At AND he has worked on data strategy projects for clients in industries including finance, travel, publishing and retail as well as for several government departments.Tim joined AND from Accenture Digital, and prior to this Tim ran his own digital marketing agency for many years, and co-founded a number of dotcom start-ups during the 1990s, none of which made him a millionaire but all of which taught him a great deal.Tim is a regular speaker on digital topics at AND Digital events, for AND’s clients and in the media.LINKS FOR Tim HattonTim’s LinkedIn

LinkedIn is very divisive! Some people love it, and others hate it and everything it stands for. And if you’ve ever hangout on the subreddit, LinkedIn lunatics, then you can see why.Now for all the braggarts and the ‘what working during my wedding taught me about b2b sales’ posts, there is a lot to like about LinkedIn and many opportunities to be had…if you do it right!We can all learn how to be good LinkedIn citizens, So if you’re LinkedIn has two followers, or 20,000, there is plenty to be getting your ears around in this conversation with John Moore -the question is…have you endorsed me yet?Key Takeaways:Why Humour Makes You Human (and Helps You Get Hired): Ditch the cringe! Learn how humour can break the ice and make your cybersecurity expertise more relatable.Building Your Personal Brand Brick by Brick: Discover John's three-pronged approach to building a lasting LinkedIn legacy (think Time, Effort, and Commitment!).Embrace the Journey: Failure is Fertilizer (But Not Fertilizer for Your Profile): Don't shy away from sharing lessons learned.The Power of Storytelling: Learn how to craft compelling narratives that resonate with your audience and build genuine connections.LinkedIn as Your Digital Shopfront: Make sure your profile shines!Show NotesNegotiate Anything PodcastHumour is Serious Business in Cybersecurity ComplianceAbout John MooreJohn C. Moore brings over two decades of dynamic experience in recruitment and operations management to his role at TekBank. With a keen eye for talent assessment and acquisition, John has mastered the art of full-cycle recruitment, excelling in sourcing, screening, and onboarding top-tier candidates. His expertise extends across diverse areas, including IT recruitment for commercial and government sectors.LINKS FOR John MooreJohn’s LinkedInTekBank

No new episode this week because we’re are both speaking at the AI for the Rest of Us conference this week.So instead we’ve hit up the vaults for the wonderful Paula Cizek, Chief Research Officer at Nobl. She guides leaders and teams through the change management process, from assessing the organization’s readiness for change to implementing initiatives. In this episode, we explore the fascinating topic of Corporate Change and how its lessons can be applied to cybersecurity.Normal service resumes next week but for now keep secure!Show NotesAsana’s guide to running Project Pre-mortemsHow to “Start with the Skateboard” - SpotifyExplaining Fail save vs Safe to Fail changes - NOBLBarriers to Change - NOBLHow long does it take to make organisational change? NOBLComplexity Science Explained - Complexity ExplainedAn introduction to Network theoryBlending Complexity Science and Network TheoryDisentangling Risk and Uncertainty: When Risk-Taking Measures Are Not About RiskNegotiation Tips - Getting Comfortable being UncomfortablePsychological Safety - McKinseyAbout Paula CizekPaula Cizek is the Chief Research Officer of NOBL, where she guides organizations through large-scale transformation. A thought leader in change management and change resistance, she specializes in translating complex concepts into simple, practical tactics that deliver immediate and meaningful change.Before joining NOBL, she was Innovation Manager at the IPG Media Lab, advising brand and media clients on emerging technology. Prior to that, she was Senior Innovation Consultant at Mandalah, where she led consumer behavior and brand strategy research for brands around the world. She's worked with a diverse roster of clients including Warner Bros., Chanel, Capital One, Bayer Pharmaceuticals, Airbnb, Chipotle, Grupo Bimbo, and more, and she's been published or quoted in publications like BrandingMag and Women's Wear Daily. She graduated from Georgetown University, majoring in Marketing and International Business.LINKS FOR Paula CizekPaula’s LinkedInNOBL