Investing in Your Security Team with Zane Gittins
The New CISO - A podcast by Steve Moore - Giovedì
Episode summary:On this special episode of The New CISO, Tim Lowe and Katie Hatch sit down with Zane Gittins, IT security manager. The co-founder of Rincon Security, Zane discusses what he’s learned building and managing an IT team. From computer science to consulting, Zane shares the journey of his career, and what has led him to focus on cyber security visibility. Listen to the episode to hear more about Zane’s day-to-day, his news intake, and how he manages his growing team. Listen to Tim, Katie and Zane discuss security management: Zane’s Background (1:58)Zane discusses his background in IT security management and consulting with his company Rincon. A small organization, Zane wears a lot of hats and tackles a variety of issue. Staffing (3:58)Zane breaks down the misconception that it’s impossible to find good staff. He believes that if you invest in junior employees, as well as off the right packages, you can put together a great team. He believes that people who are great communicators perform well in security. Zane sets up “lunch and learns” as a way to meet and bond with people in other areas of the business. Education (7:01)One internship can change the course of your career. At least, that’s what happened when Zane took on a security internship in college. Interested in computers from a young age, his education helped focus his path. Advice to the Younger Self (8:54)If Zane could change one thing about his journey in security, it would be to meet key members of the business sooner. Through making connections, Zane has learned what their concerns and risks are when it comes to security, and how he can help in those areas. The Day-to-Day (11:00)With security visibility as his top priority, Zane focuses on updating the systems and tools of the business, onboarding new people, helping the business move in the direction it desires. Zane spends several hours a week staying up to date on current trends, utilizing Twitter to identify cybersecurity news. This preparation also helps him give context to family, friends and coworker who hear about security stories in the media. Managing the Security (16:26)A high-pressure job, Zane must stay on top of things to prevent threats. In particular, he is concerned about supply chain attacks and any new type of attack we do not yet know exists. On the other side of the coin, Zane enjoys the technical side of the job. He shares a time where he had to act like a cyber detective while consulting. Motivating the Team (20:17)Hunting down false positives every day, all day, can be fatiguing. Zane shares how weekly practice challenges have boosted the confidence and knowledge of his team. Growing Team (24:07)Zane chats about the specific skills and tools he and his team have utilized as they’ve grown. As there are a lot of tools to learn, Zane encourages team members to become experts in certain tools and platforms. Security Threats and People (27:44)When consulting, Zane is most considered with external threats. Overall, he believes that everyone has something to bring to this growing industry. When it comes to hiring and training, Zane looks to people with passion. By documenting everything, Zane and his team can better scale and onboard. 24/7 Coverage (32:25)Zane talks about what it’s like to cover the environments 24/7 and still allow himself and his team to sleep. Links mentioned:Rincon Security