A CISO's Guide to Proactive Security
David Gee on Open Communication and Building a Stronger Security CultureDavid Gee's career has evolved from CIO of a major bank to CISO and board risk adviser. In his latest book, "The Aspiring CIO and CISO," he draws on his extensive journey to offer valuable lessons on leadership and security.
See Also: 6 Lessons for Cybersecurity Leaders
In his role as CISO, Gee faced significant security challenges, including a vulnerability discovered in a mobile banking application. By engaging with the researcher who reported the issue, he turned a potential threat into an opportunity for improvement. This proactive approach, Gee said, is important to foster a culture where vulnerabilities are addressed openly and constructively.
Effective communication is crucial in managing security risks, he said. "As a leader, I expect my team to communicate, to be transparent as much as possible. Sometimes these [incidents] are sensitive, but you can always acknowledge that there's an incident. If you're talking to a board member of management, how do you relate the same story?" Gee said.
In this video interview with Information Security Media Group, Gee also discussed:
- The importance of proactive risk management and team engagement;
- Strategies for simplifying cybersecurity communication with management;
- Future cybersecurity trends including AI and automation.
Gee has more than 25 years of experience as a business leader. He is a transformation change agent who has worked across industries, including banking, insurance, pharmaceutical and media. Gee is a member of the CyberEdBoard.