Episode 6

Holistic Approach to Cybersecurity Readiness

Ram R. Kumar, Executive Director, AT&T Business, discusses at length significant cybersecurity governance issues, from achieving inter-and intra-organizational buy-in to employee empowerment, education and training, integration of security and development teams, vendor selection and monitoring, and more. Mr. Kumar also speaks to the operational realities and dilemma of speed vs safety and ethics vs loyalty.

Memorable Ram Kumar Quotes/Statements

It all starts at the top. The C-Suite must make cybersecurity an integral part of organizational strategic plans and priorities. Leadership commitment is a must, and it all starts from there.

Leaders must commit to Security First mindset and not security as an afterthought.

A cybersecurity governance model that starts and ends with CIS0/IT function is no longer enough. It is time to break down the barriers between IT, Security, and Operations, through education, collaboration, and outreach.

It is tempting to think that cybersecurity is a technical issue. Throwing tools will not solve the problem.

Emphasize ethics over loyalty.

Business unit heads think security is the job of the CISO or IT function because they have work to do and are more focused on achieving their operational targets. They are not in the business of securing data and applications. But that doesn’t mean that security can be a secondary play.

Timestamps

1:35 – How do you get inter and intra-organizational buy-in for cybersecurity management?

7:14 – How do you get employees to recognize and commit to their respective roles in protecting critical data and other strategic assets?

19:04 – How do you effectively deal with the apparent conflict between the security team and the solutions development team?

30:44 – What kind of collaboration agreements can be put in place where even the third-party service providers have a stake in the game?

46:21 – Is there anything else that you wish to discuss?


Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

Next Episode All Episodes Previous Episode

About the Podcast

Show artwork for The Cybersecurity Readiness Podcast Series
The Cybersecurity Readiness Podcast Series
with Dr. Dave Chatterjee

Listen for free

About your host

Profile picture for Dave Chatterjee

Dave Chatterjee

Dr. Debabroto 'Dave' Chatterjee is tenured professor in the Management Information Systems (MIS) department, at the Terry College of Business, The University of Georgia (UGA). He is also a Visiting Scholar at Duke University, affiliated with the Master of Engineering in Cybersecurity program in the Pratt School of Engineering. An accomplished scholar and technology thought leader, Dr. Chatterjee’s interest and expertise lie in the various facets of information technology management – from technology sense-making to implementation and change management, data governance, internal controls, information security, and performance measurement. His work has been accepted and published in prestigious outlets such as The Wall Street Journal, MIT Sloan Management Review, California Management Review, Business Horizons, MIS Quarterly, and Journal of Management Information Systems. Dr. Chatterjee’s research has been sponsored by industry and cited over two thousand times. His book Cybersecurity Readiness: A Holistic and High-Performance Approach was published by SAGE Publishing in March 2021.