Episode Details

About the CISO Circuit Series

Sean Martin and Michael Piacente will join forces roughly once per month to discuss everything from looking for a new job, entering the field, finding the right work/life balance, examining the risks and rewards in the role, building and supporting your team, the value of the community, relevant newsworthy items, and so much more. Join us to help us understand the role of the CISO so that we can collectively find a path to Redefining CyberSecurity. If you have a topic idea or a comment on an episode, feel free to contact Sean Martin.

____________________________

Guests: 

Michael Piacente, Managing Partner and Cofounder of Hitch Partners

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/michael-piacente

Mandy Huth, Global CISO - VP of Cybersecurity, Kohler Co.

On LinkedIn | https://www.linkedin.com/in/mandyhuth/

Whitney Merrill, Head of Global Privacy & Data Protection Officer, Asana [@asana]

On LinkedIn | https://www.linkedin.com/in/whitney-merrill-5ab05012/

____________________________

Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin

____________________________

This Episode’s Sponsors

Imperva | https://itspm.ag/imperva277117988

LevelBlue: https://itspm.ag/attcybersecurity-3jdk3

___________________________

Episode Notes

In this episode of the CISO Circuit series on the Redefining CyberSecurity podcast, co-hosts Sean Martin and Michael Piacente lead an engaging discussion about the current state of cybersecurity leadership, liability, and protection. Their conversation features insights from two distinguished guests: Mandy Huth, an enterprise security leader with over 20 years of experience, and Whitney Merrill, a privacy attorney with a strong background in computer science and legal frameworks around consumer protection.

The discussion opens with an exploration of individual liability for cybersecurity leaders and broader business leadership within organizations. Whitney Merrill argues that regulators like the FTC and SEC are increasingly holding individuals accountable for security and privacy lapses. The conversation highlights notable cases where executives have faced scrutiny, emphasizing the growing expectation for tangible processes and proper security postures within organizations.

Mandy Huth underscores the importance of shared responsibility and accountability within a business, noting that security decisions are not made in isolation. She advocates for a collaborative approach where security leaders outline risks comprehensively to allow for informed decision-making across the executive team. Huth also expresses concern over the proliferation of CYA (Cover Your Ass) practices that prioritize documentation over meaningful risk mitigation, warning that this can dilut