Broad Knowledge is Power: Building a Better Security Team with Bryan Willett


Manage episode 341936728 series 2643387
By Steve Moore. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

In this episode of The New CISO, Steve is joined by Bryan Willett, CSO at Lexmark International, Inc, to highlight the importance of collaboration and team building.

With over two decades of experience, Bryan understands the CISO role and how to support your team. With this in mind, he shares what CISOs can do once they achieve this status to develop their skills further. Listen to the episode to learn more about transitioning into management, sharing your knowledge, and the benefits of diversity.

Listen to Steve and Bryan discuss how to build a diverse security team and the skills needed to be a better CISO:

Meet Bryan (1:50)

Host Steve Moore introduces our guest today, Bryan Willett. Bryan has worked at Lexmark for over 25 years and prioritizes minimizing risk for the business.

With a unique scope of duties, Bryan has worked his way up the ranks and monitors security trends, such as supply chain measures. Ultimately, he understands the importance of collaboration to keep all company areas safe.

The Road Travelled (5:37)

Beginning his career in firmware development, Bryan wanted to transition into a position where he could learn more about the product development pipeline and work with people. He then went down the product management track, which set him up for the leadership side of the field.

The Best PM (10:27)

When asked about his stepping stone from product manager to manager, Bryan reflects on what motivates him to work hard and improve the team around him.

Feeling Intimidated (13:00)

Steve presses Bryan on how intimidation and imposter syndrome impacts career goals.

Bryan shares that he’s primarily looking for team members who are jacks of all trades and that he believes having a diverse set of knowledge will set you up for success. With multiple skills, you will be able to work well in the security field, even if it’s initially uncomfortable.

Developing as a CISO (16:26)

Bryan shares what CISOs can do in their position to develop further. Once getting into a management position, you should always support your team and prepare them for their subsequent roles.

Improving as a Salesperson (24:02)

As you pitch executive leadership on programs you want to implement, make sure you can explain what you need simply, without technical jargon, to convey the key points you are trying to make. Crafting a clear elevator pitch will help you make the sale.

Solving Business Problems (31:18)

Early in Bryan’s career, Lexmark was experiencing challenges due to the nature of the printing industry. Noticing that the company could experience a certain level of risk, Bryan built a highly capable team to harden the system and create a security development lifecycle for both the company and the customers.

Third-Party Risk Management (38:16)

When Bryan started his third-party risk management program at Lexmark, he had to partner with the procurement and legal team. Due to experience with other aspects of the business, Bryan was well-prepared to oversee this endeavor and communicate with others about their needs.

Business Savvy (42:07)

Steve presses Bryan on the future of CISOs.

Considering the CISO today, Bryan understands they likely worked their way up in the security field. However, Bryan recognizes that this field will mature as we uncover new risks, and the CISO role will change with it. Bryan predicts that future CISOs will have the immense business knowledge needed to keep the company moving and make necessary trade-offs.

The New CISO (45:47)

To Bryan, being a new CISO means focusing on diversity in the workplace by hiring individuals different than you. It’s essential to understand your weaknesses and fill in the gaps with other talented security professionals who can make your team complete.

Links mentioned:


80 episodes