author photo
By Bruce Sussman
Mon | Jul 29, 2019 | 8:55 AM PDT

“We need to stop thinking like an IT organization."

Say what?

Brent Lassi, CISO at Bluecore, Inc., is unapologetic about that statement.

And he's the same way about his list of 20 things CISOs and security teams can stop doing now in order to put their limited time and resources in the right place while helping business in the right way.

"We need to become integral gears in the value creation machine; that’s what the rest of the organization wants from us.”

Watch our interview on the CISO Stop List:

Here are some excerpts from our interview with Lassi, who is an Advisory Council Member for SecureWorld Twin Cities. A few things Lassi says InfoSec can stop doing now:

  • Stop being a curmudgeon
  • Stop selling fear
  • Stop talking about problems without bringing solutions
  • Stop hiring too many engineers and not enough programmers in security
  • Stop ignoring advice from trusted vendors

His list goes on. And he wants you to create your own "Stop List" this year.

"You don’t have to get budget or get buy-in. You can just think about it and start making changes within the organization."