Company Information /

Revisiting our 2017-2018 Series – “The First 100 Days of the New CISO”

first 100 days

The Third Series of our Cyber Security Transformation Podcast

 

We are continuing with the third series of our Cyber Security Transformation Podcast and will now be focusing on revisiting our 2017-2018 series of articles entitled “The First 100 Days of the New CISO”

The series, originally published on the Corix Partners blog between November 2017 and March 2018, followed the journey of the new CISO, framing it in a “6 days – 6 weeks – 6 months” pattern, and was followed by a number of commentary pieces published later in 2018 on which the podcast series will also look back.

As we publish the podcast episodes of this second part of our third series, we will be updating this page, together with links to the original piece each comments on.

A summary piece for the 2017-2018 series can also be found here on the Security Transformation Leadership publication on Medium

Once again, we would like to take this opportunity to thanks all our followers, and all of those – clients, partners, friends, and in this case, many CISOs – who have been with us on this journey over the past 7 years, and have been instrumental in developing this narrative.

 

 

1- The Person, the Role and the Culture of the Firm

Click here to listen to the 9th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 5 July 2022

We enter the second part of our third series and JC Gaillard starts exploring and revisiting his 2017-2018 series of articles entitled “The First 100 Days of the New CISO”; in this episode, why context is key and how to assess it, looking in turn at the profile of the person, the nature of the role and the maturity of the firm

 

2- The First Week: The Firm and its People: Positioning the Challenge

Click here to listen to the 10th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 12 July 2022

JC Gaillard continues to look back at his 2017-2018 series of articles about “The First 100 Days of the New CISO”; in this episode, he looks into the challenges of the first week, and why it is key to understand the firm, its people and its culture from the start

 

3- The Six Weeks Horizon: The Firm and its Management: Defining and validating a Strategic Framework

Click here to listen to the 11th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 19 July 2022

JC Gaillard continues developing his “6 days – 6 weeks – 6 months” model, framing the first 100 days of the new CISO; in this episode, the six weeks horizon, and how to continue building a strategic framework addressing the key challenges of the new CISO role

 

4- The 6 Months Horizon: The Firm and its Culture: Defining and validating an Execution Framework

Click here to listen to the 12th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 26 July 2022

JC Gaillard reaches the “6 months” part of his journey throughout the “First 100 Days of the New CISO”; in this episode, how to build an execution framework to support the strategic vision defined earlier, and why governance is key at this stage to support lasting change

 

5- The Transformational CISO: Making an impact and driving change … and what happens beyond the 6 months horizon

Click here to listen to the 13th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 2 August 2022

JC Gaillard reaches the end of the “6 days-6 weeks-6 months” cycle he explored around “The First 100 Days of the New CISO”, and looks at what happens next, and how CISOs can continue to drive change

 

6- The First 100 Days of the New CISO: How to avoid the “Curse of Firefighting”?

7- The First 100 Days of the New CISO: From Tactical Firefighter to Change Agent (and why it matters to get your hands dirty)

Click here to listen to the 14th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 9 August 2022

JC Gaillard continues its exploration of the “First 100 Days of the New CISO” with an analysis on how tactical firefighting and the unavoidable handling of cybersecurity incidents must not be seen just as a “curse” throughout the first 100 days, but can be used to build up trust with stakeholders

 

8- The First 100 Days of the New CISO: Expectations vs. Reality

Click here to listen to the 15th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 16 August 2022

JC Gaillard reaches the end of his exploration of the “First 100 Days of the New CISO” and before moving on to a number of episodes with guests on the theme, he digs into “expectations vs. reality” and explores the root causes of the disconnect which may exist between what the CISO finds on arrival and what they were sold at interview time

 

A Real Life Take on the “First 100 Days” – with guest Neil Cordell

Click here to listen to the 16th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 23 August 2022

JC Gaillard  is joined by Head of Cyber and Information Security at Swansea University Neil Cordell, to discuss his real-life experience of taking up a new CISO position in the midst of the Covid pandemic, and the lessons that can be learnt about bringing all stakeholders on board the cyber security transformation journey

 

Why the Tenure of the CISO is key to Driving Cyber Security Transformation

Click here to listen to the 17th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 30 August 2022

JC Gaillard  continues exploring the topics surrounding the “First 100 Days of the New CISO”; in this episode, he dives into the aspects surrounding the tenure of the CISO and why it is key to driving security transformation

 

Why it is key to look beyond raw technology skills when considering the profile of the new CISO

Click here to listen to the 18th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 6 September 2022

As part of his continuing exploration of the “First 100 Days of the New CISO”, JC Gaillard looks into the profile of the CISO and why management experience is of paramount importance, over and above technical knowledge.

 

The reporting line of the CISO, why it matters and how to determine which would work best

Click here to listen to the 19th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 13 September 2022

JC Gaillard continues exploring a few specific topics surrounding the “First 100 Days of the New CISO”; in this episode, the reporting line of the CISO, why it matters and how to determine which would work best

 

Security Operating Models and the “Process and People first, then Technology” Principle

Click here to listen to the 20th episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 20 September 2022

JC Gaillard digs into the concept and definition of a Security Operating Model, why it needs to underpin the “First 100 Days of the New CISO”, and why “Process and People first, then Technology” has to be the main guiding principle here

 

How to Frame the Cyber Security Agenda at Board Level

Click here to listen to the 21st episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 27 September 2022

JC Gaillard looks at the way the cyber security agenda needs to be framed at Board level, to enable the best positioning of the role and profile of the new CISO ahead of the “First 100 Days”

 

The Key Traits of the New CISO

Click here to listen to the 22nd episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 4 October 2022

JC Gaillard reaches the final episodes in this Series and starts to look at how the various aspects highlighted in earlier episodes are interlinked; in this episode, the key traits senior execs and Board members need to focus on when hiring a new CISO

 

The “When-not-If” Paradigm and Why Execution is Paramount

Click here to listen to the 23rd episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 11 October 2022

JC Gaillard continues to analyze the way the various aspects highlighted in earlier episodes of the Series are interlinked; in this episode, he goes back to the “when-not-if” paradigm around cyber attacks and why tactical and strategic execution is paramount for the new CISO

 

“Process and People first, then Technology”

Click here to listen to the 24th and final episode of  the the Cyber Security Transformation Podcast – Series 3 – as released on 18 October 2022

JC Gaillard reaches the final episode in this third series of the Corix Partners Cyber Security Transformation Podcast, and revisits a few key aspects highlighted throughout the series, in particular the importance of the “Process and People first, then Technology” principle

 

 

Contact Corix Partners to find out more about developing a successful Cyber Security Practice for your business.

Corix Partners is a Boutique Management Consultancy Firm and Thought-Leadership Platform, focused on assisting CIOs and other C-level executives in resolving Cyber Security Strategy, Organisation & Governance challenges.