Ask The Tribe

Ask the Tribe connects our community of cybersecurity professionals to our panel of experts on our advisory board, giving you the opportunity to ask your cybersecurity questions you need answers to!

Ask The Tribe

Ask the Tribe connects our community of cybersecurity professionals to our panel of experts on our advisory board, giving you the opportunity to ask your cybersecurity questions you need answers to!


Are you placing restrictions on generative AI within your organization? If so, what?

Rizwan Jan: As of right now we have it globally blocked. We are coming up with a Generative AI policy that will be linked to our Data Classification, AUP, BYOD, and Access Control policies. Requests will go through a vetting process based on the business justification.

Dr. Rebecca Wynn: Yes, I will be putting restrictions on any outbound connected AI. AI Acceptable Use Policy, etc

Kapil Bareja: Not per se. Open-AI is self-governing the space through limited release strategies, monitored use of models. However I believe this should be openly released to democratize access and create the greatest possible impact on the organization. Every legitimate use of generative AI comes with risk. The key is to be vigilant and make sure you don’t use AI professionally in a way that contravenes applicable laws (including privacy laws), client agreements or professional standards.

Answered by:

What actual steps are you taking to develop a succession plan to ensure resiliency in Information Security leadership at your organization?

Jason Elrod: My process starts with an employees' first 1:1 meeting. We discuss what their long-term plans are, what the needs of the program are, and then develop a career path based around that.  It is a given that employees will not always be in the role they are today.  By aligning individual career plans with program needs early on, I get a better understanding of the talent profiles available currently, any skills or experience gaps that need to be bridged, and a sense of who may be a good fit for essential leadership roles or even want to take that path.  That gap analysis continues on a regular cadence with leadership succession plans being adjusted based on organizational changes and any shifts in the program needs.  At a minimum, the organization chart is reviewed on an annual basis and an updated succession plan created.  This is essential to building resiliency into the program as well as rationalizing training spends, employee development opportunities, and long term talent retention.

Jamal Hartenstein: To develop a succession plan to ensure resiliency in Information Security leadership at your organization I am fostering leadership in underrepresented demographics because I am focused on diversity, equity, and inclusion (DEI). Black and female information security professionals are my priorities for succession planning in leadership roles.

Answered by:

How do you recognize if you are suffering from burnout?

Sabino Marquez: When your exhaustion is materially impacting your decision quality and you can never seem to mentally recover no matter how much you rest. 2: When you lose the heartfelt commitment to defend your organisation due to cynicism about its leadership, its mission or strategy, and/or the beneficiary stakeholders. 

Rizwan Jan: Three indicators come to mind: (1) The quality of work you are producing starts to deteriorate (2) loss of motivation and decreased satisfaction with work (3) Detachment from work with consistent negative thoughts.

Dr. Vivian Lyon: Burnout because of work-related stress is a state of emotional or physical exhaustion that involves a loss of personal identity and sense of diminished accomplishment. You know you might be experiencing burnout if you answer YES to most or all these questions: Do you drag yourself to work and have trouble getting started? Have you become cynical or critical at work? Do you feel like you are speaking but no one is listening? Do you feel you have little or no control over your work? Have you become irritable or impatient with co-workers, customers, or clients? Do you find it hard to focus or concentrate? Do you lack the energy or will to be consistently productive? Do you feel disillusioned about your job? Do you lack satisfaction from your achievements? Have your sleep habits changed? Are you using alcohol, food, and drugs to feel better or to simply not feel? Do you have unexplained headaches, bowel or stomach issues, or other physical complaints?

Answered by:

What certifications would you recommend for someone starting out in cyber?

Randall Frietzsche: CompTIA - A+, Network+, Security+ - these are foundational level certs that test your foundational knowledge of technology, which is needed before you can truly begin the next stage of securing technology. 

Sabino Marquez: The full suite of CompTIA certs (A+, N+, Sec+, Linux+, Cloud+, Project+, CySA+, CASP+). All of Offensive Security’s Essentials/Intro’s, and the OSCP, OSWA, and OSDA certifications.

Answered by:

How would I get involved in mentoring the next generation of cybersecurity professionals?

Randall Frietzsche: Social media and relationships.  Find the need.  And to do it on a larger scale - teach.  Use your knowledge and experience to give back.  

Answered by:

How do risk heat maps help in effective risk management?

Randall Frietzsche: They can if done right.  They are only a visual representation, but they catch the eye.  But from there, it depends on what they drill down to.  How are you measuring and prioritizing risk.  If you can build an effective heat map, then you probably have the right measurements. 

Answered by:

How effective is NIST Cybersecurity Framework’s Approach to Risk Management?

Randall Frietzsche: NIST CSF is effective to a point.  It is somewhat of a higher level mapping of control objectives.  It can help an organization that is not a government entity a good foundational set of objectives.  To go deeper around risk management, you need 800-53.  To go deeper across the board, you need 800-171.  Start with NIST CSF. 

Dr. Vivian Lyon: As cyber-attacks become more frequent and sophisticated, it is becoming increasingly important for organizations to have a robust cybersecurity framework in place, such as the NIST Cybersecurity Framework, developed by the National Institute of Standards and Technology (NIST) to help organizations manage and reduce cybersecurity risk. The framework is organized around five core functions: Identify, Protect, Detect, Respond, and Recover. The Identify function helps organizations to effectively identify and document the systems, assets, data, and capabilities that are critical to business operations and cybersecurity. The Protect function helps organizations to effectively develop and implement safeguards to ensure the security of critical assets and data, including access controls, firewalls, and encryption. The detect function helps organizations to effectively implement processes and technologies to detect cybersecurity events promptly, including security monitoring, incident response, and threat intelligence. The Respond function helps organizations to effectively develop and implement an incident response plan to ensure that cybersecurity incidents are handled quickly and effectively. The Recover function helps organizations to effectively develop and implement processes to restore business operations and data in the event of a cybersecurity incident, including data backups and disaster recovery planning.

Implementing this framework with a customized approach to align with a specific organization’s needs, goals, and risk tolerance is very effective to risk management. Although, implementing the NIST Cybersecurity Framework can be a complex process, it is essential for organizations that want to reduce their cybersecurity risk and protect against cyber threats. With a well-implemented NIST Cybersecurity Framework, organizations can gain a better understanding of their cybersecurity risks, develop a more robust and effective cybersecurity strategy, and ultimately improve their overall cybersecurity posture. In turn, this can help reduce the likelihood and impact of cyber incidents, protect their critical assets from cyber threats, and maintain the trust of their customers and stakeholders. Thus, it is critical for organizations to implement the framework effectively and ensure that their networks and data remain secure.

Answered by:

What is the most exciting new technology in cybersecurity?

Rizwan Jan: Open AI’s ChatGPT continues to attract attention. This artificial intelligence freeware program is still being publicly evaluated. ChatGPT is touted for its human-like conversation and sophisticated writing skills. It can answer questions, code software, generate email messages, write papers, and even take academic and professional tests. In short, ChatGPT is a machine learning program capable of producing human-like text. Over time, it can learn from the information it receives and become better at understanding and responding. How to establish a security governance program enforced by security controls around this emerging technology is a critical topic in the cyber world.

Randall Frietzsche: XDR and MSSP - This capability goes beyond SIEM and includes your critical control sources and telemetry to be absorbed, evaluated and acted upon by a true threat hunting team.  The promise is that you could be able to have a real threat mitigated before it can cause any harm, even before your SOC gets an alert.

Dr. Vivian Lyon: AI appears to emulate human performance by learning, analyzing complex content, arriving at conclusions, enhancing human cognitive performance, engaging in natural dialog with people, and executing non-routine tasks. AI technologies can be used to protect data against increasingly malicious and sophisticated social engineering attacks, ransomware, and malware. AI cognitive autonomy can help predict and mitigate cyber-attacks in the near future. ML, in turn, can provide a robust way to identify new cyber-attacks, draw statistical inferences, and deploy that information to endpoint security platforms. Threat intelligence is one use case where AI and ML can be an important functionality for cybersecurity. Generative AI can generate ideas instantaneously and produce first drafts, while assessing risk and demand, despite open questions about this new technology’s accuracy and other ethical issues. Generative AI can help with code reviews for potential security vulnerabilities and efficiency; exploring new tactics that malicious actors might employ; and automating recurring tasks like report writing.

Answered by:

What technologies are most critical if you have a limited cybersecurity budget?

Randall Frietzsche: Best in class email and endpoint security, followed by a few fantastic security analysts.  Depending on the organization and sector, it might include robust web security - layer 7 controls.  It also depends on your specific compliance/regulatory requirements.

Answered by:

Ask Your Question (It will be posted anonymously)

Fill in your details below and when your email address is verified we will forward on your question to the most relevant advisory board member to answer for you! Your details will remain anonymous.