Leadership & Executive Communication , Training & Security Leadership , Video
CyberEdBoard Profiles in Leadership: Norman Kromberg
CISO on Enterprise Collaboration, Operational Excellence and AI PotentialWhen Norman Kromberg looks back over his career as a security leader and IT audit specialist, understanding threats and vulnerabilities was just part of the reason for his success. A major factor was - and still is - understanding the business side of the organization.
See Also: 6 Lessons for Cybersecurity Leaders
"I started out in a small bank in Midland, Nebraska," said Kromberg, a veteran CISO who provides security advisory services to other organizations. "That journey led me to being a bank examiner with the comptroller of the currency, and that was a pretty powerful step for me because it started this journey out of pure banking into technology."
Over the years, he went on to lead cybersecurity and audit functions at major financial services firms and worked as CISO for several cybersecurity vendors. And one strategy that supported every security program was the tried-and-true steering committee involving stakeholders throughout the enterprise.
"In certain businesses, I also include customers or third parties, if they're regulators or your key suppliers," he said. "Reach out to the business so you understand what their needs are because that's what you're trying to protect."
In this video interview with Information Security Media Group, conducted as part of the CyberEdBoard's ongoing Profiles in Leadership series, Kromberg also discussed:
- The value of collaboration within the enterprise through table top exercises with senior leaders - and mentoring employees interested in a cybersecurity career;
- The benefits and risks associated with artificial intelligence and why the CISO needs to secure emerging AI tools;
- Opportunities to bring together various parts of of the organizations such a security operations and network operations, as well as software development and security.
Kromberg has more than 25 years of experience in helping companies implement effective and efficient technology control management processes. He is a senior-level IT executive with extensive experience in creating and delivering technology management solutions including data controls, transaction processing, quality, operations, network support, regulatory compliance and project management.. He is a member of the CyberEdBoard.
CyberEdBoard is ISMG's premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.
Join the Community - CyberEdBoard.io.