Preview Mode Links will not work in preview mode

Defense in Depth

Jan 7, 2021

All links and images for this episode can be found on CISO Series (

Many professionals are required to obtain a license before they can do their job legally. The demands of cybersecurity professionals, especially CISOs, has become more critical as evidenced by the increasing number of regulations demanding a person oversee security and privacy controls. Should CISOs be licensed to maintain a minimum standard?

Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and our guest Patrick Benoit (@patrickbenoit), vp, global head of GRC and BISO, CBRE.

Thanks to this week's podcast sponsor, F5


External threats to your organization’s security are constantly evolving. Your apps need broad and preventive protection from bot attacks that cause large-scale fraud, higher operational costs, and problems for your users. And they need to be optimized for secure operation internally. Silverline Shape Defense helps you stay ahead of cyber threats and fraud. Get a free trial.

Highlights from this episode of Defense in Depth:

  • Almost universally, nobody liked the idea of requiring a CISO to have a license in order to practice. But, with that said, the subject stirred up a hornet's nest of discussion.
  • Main complaint is the job changes so drastically depending on what industry you're in.
  • Many argued that a license won't translate into success. Hard to tell how to put a license around someone who is managing risk, but doesn't own the risk.