CISOs: The Ultimate Stress Test With Jill Knesek

The CISO role is constantly changing. With all the shifts in
cybersecurity, it's crucial to find ways to attract new talent to
close the growing skills gap. CISOs now juggle complex systems
managed at multiple levels and handle burnout amongst many other
responsibilities.


Today's guest is Jill Knesek. Jill is the Chief Information
Security Officer for Blackline, a company that does financial
SaaS solutions. It’s based out of the Los Angeles area. She’s
been there almost three years now as the CISO, running the
information security team.


She previously served as Chief Security Officer for BT Global
Services. She has more than 15 years' experience directing
security programs, including service as a special agent for the
FBI assigned to the Cyber Crime Squad in Los Angeles Field
Office, where she was involved in several high-profile cases,
including Kevin Mitnick. 


In this episode, we cover the CISO role evolving from low
visibility to a C-level position, managing multi-cloud
infrastructures and aligning with other teams and the ongoing
cybersecurity skills gap and burnout. Jill also talks about
incident response and crisis management and collaboration within
the cybersecurity community to fill the blind spots and
strengthen the defenses.
Show Notes:

[01:23] She's now the Chief Information Security Officer for
Blackline, a company that does financial SaaS solutions.

[02:00] She was also an FBI special agent for 3 and 1/2 years
working cybercrime. She was super excited, because this was her
lifelong dream.

[03:35] She loved the FBI, but she knew she could do more for
the industry on the private side.

[04:21] Jill talks about how the CISO role has evolved. It's
now a C-level position.

[06:26] Some of the boards were very interested in what was
going on with security. There has to be a balance with funding
and proving your success.

[07:39] Now complexity is an issue. 

[09:03] The cloud adds so many connecting services. 

[11:45] CISOs are getting more responsibility and need more
qualified people in their teams. There's a gap with not enough
people coming into the cybersecurity industry.

[12:30] How the idea of stress and working nights and
weekends can deter some graduates from the cybersecurity
industry.

[15:15] Boards and executive committees expect the CISO to be
right in the middle of things. They want real-time updates and to
know what everyone is working on right now.

[17:47] The importance of keeping a calm level-headed view
when something goes wrong.

[21:41] We learn about the flow of straightening out curves
or incidents. Learn during the small incidents and practice the
process.

[23:57] The importance of not scolding the team for being too
quick to react. It's better to have a false alarm than to ignore
a serious problem.

[25:10] Jill does a one-to-one with everyone on her team each
quarter. She tries to Mentor them with some of the things that
she's learned.

[30:29] We hear about a couple of incidents where ransomware
got into the environment. 

[35:01] When someone else reported that something weird was
going on in the network.

[38:27] To help with the talent gap, we need to start
introducing cybersecurity at the high school level.

[42:15] It's important for CISOs to be connected with other
groups and events.



Thanks for joining us on Easy Prey. Be sure to subscribe to
our podcast on iTunes and leave a nice review. 
Links and Resources:

Podcast Web Page

Facebook Page

whatismyipaddress.com

Easy Prey on Instagram

Easy Prey on Twitter

Easy Prey on LinkedIn

Easy Prey on YouTube

Easy Prey on Pinterest

Jill Knesek at Blackline

Jill Knesek on LinkedIn