In our latest podcast, we were joined with Wes Knight, Chief Information Security Officer at the Georgia Department of Revenue, and account executive at Lockstep Technology Group, James Brown to talk about the role of CISO, cybersecurity and more.

Wes discusses various topics such as:

• The differences between a CISO in SLED versus in the private sector.
• Why SLED has been a target for ransomware
• The biggest weakness is the end-user and they are also your best firewall.
• Maturity assessment vs. risk assessment

“IT was viewed as a department of “No” […] in reality IT is an enabler. Look at the stuff we do today. You can’t do any of that without a good IT structure.” – Wes Knight, CISO at Georgia department of revenue.

We wanted to dive a bit deeper into how to present cybersecurity not just as an IT issue but as a business issue. We asked for Wes for his insight and here’s what he had to share. Wes emphasizes the importance of building a strong relationship between CISO and the business units and directors.

“Ask what you’re trying to do for the next three years,” Wes adds, “and how can I help you get there.”

• Build relationships with C-level executives and ask what you can do to help achieve the business goals in a secure fashion.
• Become a partner to the project management office so when a project is presented, you will be in the loop. If you can be involved in the initiation meeting, it will only take a small nudge to get make sure the project is aligned with the cybersecurity standards of your establishment.
• Having a seat on the board is good but what’s more important is having an ear on the board. Having someone on the board who will listen to you and influence the board is much more important than having a seat on the board.

Listen to the entire episode on Apple iTune, Spotify or wherever you listen to your podcasts: