#119 - Ethics (with Stephen Northcutt)

One of the most difficult things to do as a manager or leader is to take an ethical stance on something you believe in.  Sometimes ethical stances are clear and you know you are doing what’s right.  Others are blurry, messy, and really weigh on your mind.  So we thought we would take this episode to talk about various ethical models, tricky ethical scenarios you might encounter as a CISO, and finally we will look at the Federal Case where Joe Sullivan the Former Chief Security Officer of Uber was convicted of federal charges for covering up a data breach.  Thanks to Stephen Northcutt for coming on today's show.

Full Transcript https://docs.google.com/document/d/1vin7gMBt9YvVGaVqT91ycPmacsKZe2T9

Chapters

• 00:00 Introduction
• 01:49 How to Make a Difference in Cybersecurity
• 03:34 Hackers and the Pursuit of Higher Principles
• 06:06 Is There a Use Case in Cybersecurity
• 10:56 Human Capital is the Most Important Asset That Any Organization Has
• 14:00 The Human Frailty Factor
• 18:21 Has Your Company Fully Embraced Diversity, Equity, and Inclusion
• 20:24 Do you have a Diversity of Experience
• 24:11 Getting Your EXO to Talk to Power and say you are wrong
• 27:40 CISOs and CISOs - Is this a Criminal Thing?
• 30:15 The Penalty of Crossing the Law
• 34:56 Pay the Ransom?
• 36:59 The Key to Resilience as a CISO