The Flipside of Security Awareness 

It's taken a "Joan-of-Arcean" effort but for leading CISOs, security awareness has been squarely placed on the front burner of the enterprise mind from the Board to the front lines. Every person within leading organizations are aware of their role in thwarting attacks.

And so, University of Tennessee HSC, CISO, Dennis Leber now introduces us to the inverse universe. What do all of those newly crowned cyber security soldiers have to say to the CISO? What have each of those folks learned over the past few years or months that can benefit the safety of the organization?

The way that Dennis approaches that thought is to actually ask the question, "If I had all the money and all the authority, what's the one  thing you'd like me to fix today?"

When Dennis is pushed to provide multiple choice answers to make it easier on the team- he insists that this question doesn't need ease of use. His instinct is that folks on the front lines (which includes the C-Suite of course) already know the answer, "No. It's not a choice, that's the whole thing. That's the whole beauty of it. It gives me insights to the organization and it gives me insights to letting them communicate the challenges that they see that they may not often get to communicate."

For Dennis a key benefit is to provide a platform to each person especially if that person feels that the business is not listening to them. He notes that folks will provide feedback without understanding the entire cyber security strategy- but problems of note will be identified. 

And so, the cyber community has spent tremendous time and resources on security awareness from the CISO out to the front lines. That investment has paid off in the form of thwarted threats and bolstered vulnerabilities. The next step is a true feedback loop from the front lines back to the CISO.