The article focuses on the journey of Sandy Dunn, CISO of Blue Cross of Idaho, as she evolves from a “hostage negotiator” between business teams and the security team to a business leader in the field of cybersecurity. Dunn emphasizes the importance of simplifying knowledge management and becoming a “business listener” in order to make informed decisions.
Key Points:
- Sandy Dunn’s career has evolved from being a “hostage negotiator” to a business leader in cybersecurity.
- Dunn highlights the significance of simplifying knowledge management and being a “business listener” to make informed decisions.
Sandy Dunn’s career in cybersecurity spans 20 years, during which she has worked with organizations like NASA, JPL, Secret Service, and IRS. Her roles have included Competitive Intelligence, Security Engineer, Information Security Officer, Senior Security Strategist, and IT Security Architect. Dunn prioritizes a risk-based, business-focused approach to cybersecurity through process, standards, and threat intelligence.
Dunn explains that in the earlier days of her career, she acted as a “hostage negotiator” between the business teams and the security team. However, as she matured in her role, she realized the importance of simplifying knowledge management. Dunn believes that understanding security should be made easy for all stakeholders, which requires clear communication and making complex concepts accessible.
Another key aspect of Dunn’s journey is becoming a “business listener.” She emphasizes the need for cybersecurity professionals to understand the business and its objectives in order to make the right decisions. By becoming a business listener, Dunn believes that cybersecurity leaders can align their strategies with the goals and needs of the organization.
The article also highlights Dunn’s extensive qualifications and experience in cybersecurity. She holds a Masters degree from SANS in Information Security Management and is certified in various areas such as CISSP, SANS GSEC, GWAPT, GCPM, GCCC, GCIH, GLEG, GSNA, GSLC, GCPM, Security +, ISTQB, and FAIR. Dunn is also an Adjunct Professor at BSU in their Cybersecurity program and a frequent speaker on cybersecurity.
In conclusion, the article showcases Sandy Dunn’s career journey from a “hostage negotiator” to a business leader in cybersecurity. Her emphasis on simplifying knowledge management and becoming a “business listener” highlights the importance of clear communication and understanding the business in the field of cybersecurity.