This episode explores the experiences and priorities of a CISO during their first 90 days in a new role, specifically within the complex environment of the City and County of Denver. The interviewee, Merlin Namuth, emphasizes the importance of initial listening and relationship-building to understand the existing security program and its context. More significantly, he highlights the need to balance immediate needs, such as addressing critical security gaps, with long-term strategic goals aligned with the organization's overall priorities. For instance, he discusses prioritizing foundational security elements like endpoint protection and monitoring before considering tool replacements based solely on personal preference. As the discussion pivoted to team management, Namuth shared his approach to evaluating existing staff and integrating new team members, emphasizing a measured approach rather than immediate sweeping changes. He also discussed the importance of building strong relationships with vendors, advocating for a collaborative partnership approach rather than a transactional one. Ultimately, this episode offers valuable insights into the multifaceted challenges and strategic considerations faced by CISOs entering new roles, particularly in large and complex organizations.
Sign in to continue reading, translating and more.
Continue
