In Episode 9, Mike and Nate, along with returning guest Kevin Dushney and special guest Bob Litterer (CISO at Teradyne), discuss Chapter 10 of the IT Survival Guide, which is focused on the philosophy and initial activities behind the construction of a security stack at your new company. Though this chapter was written in late 2019, the paradigm introduced is still a pivotal moment in the start of your IT journey. Bob helps us uncover new insights into other considerations when it comes to security and how the industry at large is evolving.

We take a deep dive into AI as a pure revenue concept (which it is) and how one day it may be used for the betterment of humankind, how far away we may be from an alternative Hollywood, and the other usual stuff.

Podcast References:

The Markup.org report

The Pew Report

Post-chapter 10 analysis/reflection questions:

1. Which perspective - technology, governance, or growth - should be prioritized in the first 90 days, and why?
2. What challenges might arise in balancing security needs with business productivity, and how would you address them?
3. From a technology and governance perspective, which phase 1 objectives should be the focus?
4. How would you unite stakeholders to build consensus around a new security strategy?
5. How would you prioritize addressing security gaps in systems, policies, procedures, and cultural awareness?
6. Which stakeholder groups might resist changes in security approaches, and how would you gain their buy-in?
7. What key questions need answers from stakeholders when planning your initial security strategy?
8. How do you balance differing views on security within your strategy while ensuring adequate protection of the organization's assets?
9. Which foundational elements of your security plan do you prioritize in the short term, and what is your implementation plan?
10. How do you decide between using Managed Security Services Providers (MSSPs) and building internal security capabilities?
11. Discuss the role of governance in ensuring adherence to security policies, procedures, and controls.
12. As an IT leader, how do you stay updated on security threats and technologies and incorporate this knowledge into your planning?
13. What approaches for raising security awareness have you found effective in educating the business and gaining stakeholder buy-in?

Support the show

The Calculus of IT website - https://www.thecoit.us
"The New IT Leader's Survival Guide" Book - https://www.longwalk.consulting/library
"The Calculus of IT" Book - https://www.longwalk.consulting/library
The COIT Merchandise Store - https://thecoit.myspreadshop.com
Buy us a Beer!! - https://www.buymeacoffee.com/thecalculusofit
Youtube - @thecalculusofit
Slack - Invite Link
Notta - The best audio transcriptions on the Internet
Email - nate@thecoit.us
Email - mike@thecoit.us