InfoSec Teams: Getting Comfortable Saying “No”

  • Some CISOs, in some industries, can monetize their assets, systems or data. In other words: “If system X is not available for 30 minutes, it will cost us $10 million dollars in lost memberships”.
  • Some CISOs can evaluate the life impact: ”If this system is hacked, a person will die.”
  • Some CISOs can do none of these things, so resort to a legal/regulatory view: “If the data in this system is compromised, it will cost us $10 million in fines.”

Teach Them To Phish

Make Security Services Easier To Use

Improve The Pipeline

Related image

Make Security Teams More Agile



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Helen Patton

Helen Patton

Cyber Security, Technology Ethics, and Humanity. What else? I can be found at or on Twitter @CisoHelen