Cybersecurity Works When You Coach, Not Enforce episode artwork

EPISODE · Sep 4, 2024 · 28 MIN

Cybersecurity Works When You Coach, Not Enforce

from Gaining the Technology Leadership Edge · host Mike Mahony

Cybersecurity breaks down when it’s imposed instead of coached. In this episode, Chris Foulon—founder of CPF Coaching LLC and an experienced vCISO—explains why most security programs fail and what leaders can do differently. With a background spanning healthcare, education, and nonprofit work, Chris brings a human-centered approach to security that prioritizes resilience over rigid control. Chris shares how his early exposure to computers in the Caribbean and later experiences during the Napster era shaped his belief that behavior—not technology—is the root cause of most breaches. From ransomware preparedness to supply-chain risk, he emphasizes that organizations don’t fail because they lack tools, but because they try to change everything at once. You’ll hear why annual one-hour security trainings don’t work, how incremental process improvement enables faster response to vulnerabilities, and why testing backups matters more than simply having them. Chris also explains the importance of data classification as a foundational policy and breaks down common misconceptions around passwords, MFA, and convenience versus security. The conversation covers real-world scenarios—from SolarWinds-style vendor risk to disaster recovery planning in hurricane zones—showing how small oversights can escalate into major incidents. If you’re a technology leader trying to balance speed, safety, and business outcomes, this episode offers a practical, grounded perspective on building security that actually holds up under pressure

Episode metadata supplied by the publisher feed · Published Sep 4, 2024

Cybersecurity breaks down when it’s imposed instead of coached. In this episode, Chris Foulon—founder of CPF Coaching LLC and an experienced vCISO—explains why most security programs fail and what leaders can do differently. With a background spanning healthcare, education, and nonprofit work, Chris brings a human-centered approach to security that prioritizes resilience over rigid control. Chris shares how his early exposure to computers in the Caribbean and later experiences during the Napster era shaped his belief that behavior—not technology—is the root cause of most breaches. From ransomware preparedness to supply-chain risk, he emphasizes that organizations don’t fail because they lack tools, but because they try to change everything at once. You’ll hear why annual one-hour security trainings don’t work, how incremental process improvement enables faster response to vulnerabilities, and why testing backups matters more than simply having them. Chris also explains the importance of data classification as a foundational policy and breaks down common misconceptions around passwords, MFA, and convenience versus security. The conversation covers real-world scenarios—from SolarWinds-style vendor risk to disaster recovery planning in hurricane zones—showing how small oversights can escalate into major incidents. If you’re a technology leader trying to balance speed, safety, and business outcomes, this episode offers a practical, grounded perspective on building security that actually holds up under pressure

PodParley-generated summary based on available episode metadata and transcript content.

NOW PLAYING

Cybersecurity Works When You Coach, Not Enforce

0:00 28:41

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Gaining the Technology Leadership Edge?

This episode is 28 minutes long.

When was this Gaining the Technology Leadership Edge episode published?

This episode was published on September 4, 2024.

What is this episode about?

Cybersecurity breaks down when it’s imposed instead of coached. In this episode, Chris Foulon—founder of CPF Coaching LLC and an experienced vCISO—explains why most security programs fail and what leaders can do differently. With a background...

Can I download this Gaining the Technology Leadership Edge episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!