How Securities Teams Share Data Insights with Kim Keever
Subscribe to the podcast!
Every communicator plays a significant role within an organization, but some of those roles get more visibility than others. Sales shares about customer insights, marketing relays their brand and product strategies, and something we’ve seen grow in the last five years, is that data security teams have become big communicators, with many CISO’s managing the communication to leadership teams and corporate Boards.
On this episode of What’s Your Story, Sally connects with Kim Keever, Senior Vice President and Chief Information Security Officer of Cox Communications, one of the leading cable, internet and home automation providers to talk about the increased demand for security insights and how she brings clarity to a pretty complex topic.
More About Kim Keever
Kim Keever is Chief Information Security Officer (CISO) and Senior Vice President of Security, Analytics and Technology Services for Cox Communications (CCI) in Atlanta, Georgia. Her teams are responsible for all aspects of Information Security for Cox Communications; the Technology, Product and Operations Center of Excellence for Analytics; and for Technology people programs. Since joining Cox, she has built an industry recognized security team. Additionally, the new Analytics COE has transformed the use of analytics resulting in significant cost savings for Cox. Her teams partner closely with Cox Enterprises, Cox Automotive and Cox Media Group. In early 2016, Kim’s team received an innovation award from CSO Magazine, and Kim was named a top woman in technology by Multichannel News. Each year from 2017-2019, she was named one of the most powerful women in cable by Cablefax. She was a 2018 Women in Technology (WIT) honoree in the large/enterprise organization category, and early in 2019 she was named the Information Security Executive (ISE) of the Year for the Southeast Region and in November 2019 named the North American Information Security Executive (ISE) of the Year in the Commercial category.
Kim is a graduate of Georgia Institute of Technology. She is a member of several industry associations and boards including Alliance for Telecommunications Industry Solutions (ATIS) and the FCC Communications Security, Reliability and Interoperability Council V. She is active in volunteer organizations including Children’s Healthcare of Atlanta Technology Advisory Board and support of homeless shelters located in Atlanta.
- There has been an increased demand for security insights since 2014 because of large company security breaches.
- Leaders started looking for an increase in security insights out of worry and wanted to know: what happened, how did it happen, and could it happen to us?
- How do you talk to leaders about security without scaring them?
- We talk about security with a risk based approach:
- Call out the highest risks first.
- Do a little bit at a time.
- Give them context.
- Give them a comparison so they can better understand where the risks are.
- There are two types of CISO’s:
- High tech.
- Business focused.
- The ability to explain the technology in a business context and alert companies to what the risks are is important because it’s the most effective way to help CISO’s operate. Companies will be more likely to get buy-in and senior leaders will feel more comfortable with the security team.
- How do you understand the magnitude of what to keep a watch on?
- There are different areas in which data breaches are happening:
- Bad Guys.
- Nation State Actors.
- When you start talking about security and risk, you run the risk of making companies look bad as far as their security of data goes.
- Don’t let your vulnerability be because of funding. How can you partner with other departments or organizations to get the funding needed to reduce the risks and fix the issues early on?
- Don’t bombard your listeners with too much detail, give them the facts but don’t overwhelm them.
- Train your employees on effective communication, and continue to practice it.
- Be sensitive of the information you share.
- Help clear up misunderstandings or potential misunderstandings.
- When you speak about complex things, you may need to say them multiple times and tell them in different ways in order for listeners to fully understand and remember.
- The security team is trying to educate the entire organization, more than just talking about security risks.
- Hands on experiences have helped prove the need for heightened security. Finding ways to make security fun and interesting tends to help the content resonate with people.
- A strong leader is someone that employees are willing to follow.
- As a leader, hire people who are smarter than you and have diversity of thought, those who are independent in their work and want to do the right thing.
- Give employees opportunities to keep them engaged, allow people to own their own space, and let them grow in their career.
- Keep your employee’s best interest in mind, and always keep an open dialogue.
- Security is a great field to get into. Having a background in technology helps, and this career is in high demand and won’t go away.
- Be willing to gently show people that they may not be doing enough in one area.
Like what you hear? Hear more episodes like this on the What’s Your Story podcast page!