Episode #
58
Church & Dwight’s David Ortiz on Building Effective Cyber Risk Management Strategies
Show Notes
In our latest episode of the Future of Threat Intelligence podcast, host David Monnier welcomes David Ortiz, Global CISO at Church & Dwight. David shares insights from his extensive career in information technology and cybersecurity, emphasizing the importance of understanding the evolving threat landscape.
David touches on the critical role of threat intelligence in decision-making, the challenges posed by sophisticated phishing techniques and deepfakes, and the necessity of integrating cybersecurity into business strategy. He also highlights the significance of collaboration across various teams and the responsible use of AI in enhancing security measures for organizations.
Topics discussed:
The importance of understanding the evolving threat landscape for effective cybersecurity management in organizations.
How threat intelligence plays a crucial role in identifying and mitigating risks, helping CISOs make informed decisions.
How advanced email gateways and spam filters need to evolve to combat increasingly sophisticated phishing attacks and deepfake technologies.
Why integrating cybersecurity into overall business strategy is essential for achieving security by design and enhancing data privacy measures.
The value of collaboration with diverse partners, including legal teams and law enforcement, strengthens cybersecurity resilience and response capabilities.
The importance of comprehensive cybersecurity awareness training to empower employees in recognizing and responding to potential threats.
The responsible use of AI tools is vital for enhancing security measures while maintaining data privacy and compliance standards.
Key Takeaways:
Assess your organization's attack surface to identify vulnerabilities and prioritize protecting critical assets effectively.
Implement a robust threat intelligence program to enhance decision-making and stay informed about emerging cybersecurity threats.
Upgrade email gateways and spam filters to counteract sophisticated phishing attacks and improve overall email security.
Integrate cybersecurity practices into your business strategy to ensure security by design and enhance data privacy initiatives.
Collaborate with various stakeholders, including legal teams and law enforcement, to strengthen your cybersecurity posture and incident response.
Conduct regular cybersecurity awareness training for employees to empower them in recognizing and responding to potential threats.
Monitor the responsible use of AI tools within your organization to balance innovation with data privacy and security compliance.
Engage with third-party vendors to assess their security practices and manage supply chain risks effectively.
Foster a culture of accountability and ownership among team members to ensure everyone understands their role in reducing cyber risk.
Seek mentorship from experienced professionals in both cybersecurity and business to develop a well-rounded skill set for leadership roles.
Quotes from Episode
#1.) “And you still need a person to look at that, right? You still need a person at times to make sure that it's not a false positive or just a baseline adjustment. And people have context that security tools may not. So I would say that's one of the main misconceptions, is that you can automate everything.” 3:45-4:04
#2.)“AI is going to be a force multiplier. It already is. And a lot of us are looking at it through two different lenses — I want to support this and embrace it and make sure that people have these tools and they're using them and learning them and taking advantage of everything at their disposal.” 7:38-7:59