CISOs: The Ultimate Stress Test With Jill Knesek

The CISO role is constantly changing. With all the shifts in cybersecurity, it's crucial to find ways to attract new talent to close the growing skills gap. CISOs now juggle complex systems managed at multiple levels and handle burnout amongst many other responsibilities.

Today's guest is Jill Knesek. Jill is the Chief Information Security Officer for Blackline, a company that does financial SaaS solutions. It's based out of the Los Angeles area. She's been there almost three years now as the CISO, running the information security team.

She previously served as Chief Security Officer for BT Global Services. She has more than 15 years' experience directing security programs, including service as a special agent for the FBI assigned to the Cyber Crime Squad in Los Angeles Field Office, where she was involved in several high-profile cases, including Kevin Mitnick.

In this episode, we cover the CISO role evolving from low visibility to a C-level position, managing multi-cloud infrastructures and aligning with other teams and the ongoing cybersecurity skills gap and burnout. Jill also talks about incident response and crisis management and collaboration within the cybersecurity community to fill the blind spots and strengthen the defenses.

Show Notes:

• [01:23] She's now the Chief Information Security Officer for Blackline, a company that does financial SaaS solutions.
• [02:00] She was also an FBI special agent for 3 and 1/2 years working cybercrime. She was super excited, because this was her lifelong dream.
• [03:35] She loved the FBI, but she knew she could do more for the industry on the private side.
• [04:21] Jill talks about how the CISO role has evolved. It's now a C-level position.
• [06:26] Some of the boards were very interested in what was going on with security. There has to be a balance with funding and proving your success.
• [07:39] Now complexity is an issue.
• [09:03] The cloud adds so many connecting services.
• [11:45] CISOs are getting more responsibility and need more qualified people in their teams. There's a gap with not enough people coming into the cybersecurity industry.
• [12:30] How the idea of stress and working nights and weekends can deter some graduates from the cybersecurity industry.
• [15:15] Boards and executive committees expect the CISO to be right in the middle of things. They want real-time updates and to know what everyone is working on right now.
• [17:47] The importance of keeping a calm level-headed view when something goes wrong.
• [21:41] We learn about the flow of straightening out curves or incidents. Learn during the small incidents and practice the process.
• [23:57] The importance of not scolding the team for being too quick to react. It's better to have a false alarm than to ignore a serious problem.
• [25:10] Jill does a one-to-one with everyone on her team each quarter. She tries to Mentor them with some of the things that she's learned.
• [30:29] We hear about a couple of incidents where ransomware got into the environment.
• [35:01] When someone else reported that something weird was going on in the network.
• [38:27] To help with the talent gap, we need to start introducing cybersecurity at the high school level.
• [42:15] It's important for CISOs to be connected with other groups and events.

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.

Links and Resources:

• Podcast Web Page
• Facebook Page
• whatismyipaddress.com
• Easy Prey on Instagram
• Easy Prey on Twitter
• Easy Prey on LinkedIn
• Easy Prey on YouTube
• Easy Prey on Pinterest
• Jill Knesek at Blackline
• Jill Knesek on LinkedIn