Wendy Nather (director of Advisory CISOs at Duo), Chad Loder (CEO and co-founder of Habitu8), and Manju Mude ("Paranoid" Security Leader at Oath) swap stories about their CISO days. They discuss things that surprised them about being a CISO: problems aren't always technology-related and the fact that non-security related factors are just as critical as technical questions.
"They were going to do what they were going to do," Nather said, recalling how she had to change business processes before she could even think about what scripts to execute or technical controls to implement.
One area they all agreed on was the importance of diversity and empathy in security: "We all need to let more people in. We need to stop the security elitism and gatekeeping," Mude said.
CISOs aren't always just dealing with outsiders. "Things come your way. You end up in a position where you can potentially have a lot of information [of your users]," Loder said. "How did this job fall to me?"