Profiles in Leadership: Michael OwensEquifax BISO on the Need to Create a Cybersecurity Culture Across the Organization
All employees should consider upholding the security of the organization part of their job regardless of their official role at the company, says Equifax Business Information Security Officer Michael Owens.
Owens says creating an organization-wide cybersecurity culture is easier said than done and requires consistent effort as well as support from executive leadership. He recommends a carrot-and-stick approach that incorporates both bonuses and incentives for workers who are highly engaged with improving the company's security and repercussions for employees who don't participate in the training (see: Profiles in Leadership: Octavia Howell, Equifax Canada).
"The underlying aspects of ensuring that you're doing the right thing technically is still important," Owens says. "But as cybersecurity becomes top of mind for everyone, it becomes more and more important that we learn to talk about the challenges and opportunities we face from a business perspective and ensure that's understood across the organization."
In this interview with Information Security Media Group as part of the CyberEdBoard's ongoing Profiles in Leadership series, Owens discusses:
- How the security landscape has changed over the years;
- How joining the Marine Corps influenced his career path;
- His experience in working with the Ukrainian government to boost security.
Owens is a distinguished cybersecurity leader with more than 25 years of experience in startup, corporate, government and military organizations. He has been at the vanguard of some of the most complex issues dealing with security risk assessments, breach mitigation/recovery, threat intelligence sharing and diversity within the tech and cybersecurity industries. A transformation leader and sought-after speaker, Owens frequently keynotes on topics related to cybersecurity, cyber policy and national security matters. In his current role, Owens helps to safeguard Equifax applications and data. Prior to this, he led the global cybersecurity, cybercrime, and critical infrastructure program for EY within the forensics, investigations and dispute division. In that role, Owens was responsible for the global strategic direction and standardization of threat intelligence, cybersecurity assessments, audits and incident response services. Before this, he was a key member of the public sector advanced service team at Cisco Systems. During this time, he led cybersecurity, information security risk and IT strategy engagements for government agencies and universities across the Southeastern United States and New York.
CyberEdBoard is ISMG's premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.
Join the Community - CyberEdBoard.io.