In this episode of The New CISO, Steve is joined by Martin Fisher, CISO at Northside Hospital.
An information security veteran, Martin has worked in the commercial aviation, finance, and healthcare industries and was an award-winning podcast host. Today, he shares how to build a unified team and his approach to managing mental health. Listen to the episode to learn more about the value of hobbies, defining company culture, and being an empowering leader.
Listen to Steve and Martin discusses the importance of shared team culture and how CISOs can balance the stress of the job:
Meet Martin (1:50)
Host Steve Moore introduces our guest today, Martin Fisher. Over his decades-long tech career, Martin has worked in several industries.
His podcast, Southern Fried Security Podcast, lasted ten years and was an incredible learning experience. While a podcast host, Martin discovered that he used too much jargon for non-security listeners, encouraging him to expand to a larger audience.
Other Hobbies (5:52)
Martin considers himself an original nerd, playing Dungeons and Dragons as a kid and an adult. A fan of role-playing tabletop games, Martin has backed many Kickstarters and has a great gaming community within his group of friends.
Mental Healthcare (8:22)
A CISO for a hospital, Martin stresses that mental healthcare is healthcare. Martin believes in what his non-profit-based workplace stands for, which is why he has chosen this role.
The Bad Day Factor (10:27)
Martin manages his mental health by setting boundaries. People need to separate their work and personal life because it’s essential to have time to decompress.
In the IT and security fields, there is a high percentage of neurodivergent employees who may need additional support in dealing with stress. Leaders must have employee assistance programs to help their staff with mental healthcare safely.
Being Authentic (16:50)
To build lasting relationships, you have to be your authentic self. When Martin looks for people to promote within his team, he looks for genuine individuals.
Growing the Team (18:33)
When Martin started his current position, he and the company culture aligned.
Starting as the original security employee, Martin has been able to grow his team. His company understands that security is an investment and helps protect its patients, which has led to its success. Martin hires employees with their personalities in mind and how they fit the company culture.
Patient Safety (22:53)
Confidentiality is paramount to uphold in the medical security field. Since they are a patient-safety-first organization, Martin ensures he hires employees who understand that mentality.
Defining Work Culture (28:25)
Northside lists its company culture on job listings to attract the right candidates, which includes kindness. Since Martin focuses on patient safety and quality care with his CISO work, he hires people who match those ideals.
When you have this approach to hiring, you can create a positive feedback loop while forming a strong team.
Culture Over Security? (33:35)
Steve presses Martin on what’s more important: culture or preventing security issues?
For Martin, security is still, of course, the focus. People are human and make mistakes, but they’ve never had a problem they couldn’t control.
Bad Advice (38:43)
The worst career advice Martin ever received was to work for a hedge fund. This environment was not a good fit for Martin, further emphasizing his point on authenticity's value.
Military Experience (39:56)
Martin explores how he has applied his military service experience to security crises. He has confidence in his CISO role because he has gone through worse. Having army training, he has a quiet confidence that has made him a better leader who empowers his team rather than micromanages them.
The New CISO (48:18)
To Martin, being a CISO at Northside is the best role he’s ever had. Protecting patients is both gratifying and terrifying, but he believes in his colleagues and the company’s mission.
Links mentioned:
LinkedIn
@armorguy@infosec.exchange