Home Podcasts Episode #7: CISO Culture is All About Focusing on the Negatives

Episode #7: CISO Culture is All About Focusing on the Negatives

In this episode, Adam Palmer, Chief Cybersecurity Strategist, Tenable, explains cybersecurity metrics and the CISO culture of focusing on the negatives.

Adam Palmer Tenable

In an industry focused on catching and reporting the bad guys, the good elements of a solid cybersecurity program can easily go unnoticed. CISO culture focuses so much on finding threats and identifying risks that they forget to learn from what is working successfully or how to use positive data to encourage business units that are doing well.  At the same time, finding good data can demonstrate the value and results of their program, but they may struggle to show substantive evidence. Reporting success is equally as important as reporting risk. So, how can CISOs effectively communicate the good initiatives/results to the board?

In this newest podcast episode from CISO MAG, we have Adam Palmer, Chief Cybersecurity Strategist, Tenable, who explains in-depth both the metrics for evaluating cybersecurity and how the CISO culture is based on the concept of cybersecurity Tetris.

Palmer has over 20 years of experience in cybersecurity, which includes executive positions at large cybersecurity vendors, leading the U.N. Global Program against Cybercrime, and working as the Global Director for IT & Cyber Risk at one of the largest EU banks.  His diverse global background perfectly positions him to understand and advise security leaders to be successful.

As Tenable’s Chief Cybersecurity Strategist, Palmer focuses on advising senior leaders (CISO/CIO/CTO) on cybersecurity strategy. Before joining Tenable, he was the Global Director, Cybersecurity Risk & Controls for Banco Santander – the largest bank in the EU and Latin America.  This role provided him with deep global experience with comprehension for a large, advanced cybersecurity program.

Palmer began his career as a U.S. military officer focused on cybercrime cases.  After the military, he worked in a senior operational role by creating the .ORG top-level Internet domain cybersecurity program.  This program has been cited by leading industry groups as a major success for reducing cyber risk.  Palmer later created and led the United Nations Global Program Against Cybercrime, delivering anti-cybercrime capacity building programs to global governments.

Palmer also has significant experience as an advisor working at leading cybersecurity vendors.  In these roles, he advised both large and medium-size organizations on cybersecurity best practices.  He has published numerous articles and is regularly invited to speak about cybersecurity.

Palmer (JD, MBA, CISSP, CIPP) is originally from the U.S.  He has worked across the U.S., Asia-Pacific, Europe, and the Middle East., and is currently based in Dublin, Ireland.

Listen to our previous podcast episodes here.


Augustin Kurian

About the Host 

Augustin Kurian is part of the editorial team at CISO MAG and writes interviews and features.