Artwork for podcast The CISO Diaries
Andrea Bonime-Blanc - CEO & Founder, GEC Risk Advisory LLC; Global Ethicist; NYU Cybersecurity Professor; Book Author
Episode 146th January 2022 • The CISO Diaries • Syya Yasotornrat & Leah McLean
00:00:00 00:46:00

Share Episode

Shownotes

Dr. Bonime-Blanc spent two decades as a c-suite global corporate executive at Bertelsmann, Verint, and PSEG overseeing legal, governance, risk, ethics, corporate responsibility, crisis management, compliance, audit, InfoSec and environmental health and safety, among other functions. She began her career as an international corporate lawyer at Cleary Gottlieb, was born and raised in Europe and is multi-lingual.

She serves on several Boards and Advisory Boards including Greenward Partners (a Spanish green energy firm), Ethical Intelligence (an EU-based AI ethics firm), ProtectedBy.AI (A US based AI cybersecurity firm), Epic Theatre Ensemble (a NYC nonprofit), the NACD New Jersey Chapter and NYU Stern-based think tank, Ethical Systems. She also serves as a Governance Mentor at Plug & Play Tech Centre, a global start-up eco-system. She is a NACD Board Leadership Fellow and Governance faculty and holds the Carnegie Mellon CERT Certification in Cyber-Risk Oversight.

Andrea is a global speaker, including at Davos, and appears regularly on Bloomberg TV, Yahoo Finance, Cheddar and other media. She is faculty at NYU’s Center for Global Affairs Masters program teaching “Cyber Leadership, Risk Oversight and Resilience”. She is an extensively published author of many articles and several books including The Reputation Risk Handbook, Emerging Practices in Cyber-Risk Governance and The Artificial Intelligence Imperative. Her latest book, Gloom to Boom: How Leaders Transform Risk into Resilience and Value (Routledge 2020) debuted as an Amazon #1 Hot Release in Business Ethics and Game Theory. She serves on the board of directors at Cyber Future Foundation, a non-profit and think tank of doers and executives. She lives in New York City with her family and is an avid photographer and artist.

About This Discussion:

Highlights:

0:00 - Intros & How did Andrea Get into GRC and Ethics?

  • WHY GRC?
  • Started out life as a lawyer at a start up
  • Moved to be Crisis Management, Became the person that got the non-financial issues
  • Y2K was her first contact to prepare the team and IT people and coordinate
  • Grew Up in Germany and Spain, came to US at 17
  • Social Sciences have always interested Andrea

7:40 - Crisis of The Week - Launching her own business

  • Frustrated with the corporate world on corporate responsibilities, GRC, Cyber issues, etc
  • Saw opportunity to be an outside advisor across multiple industries for clients who really care
  • Notably, clients are doing the right things and want to do better

12:00 - Legal Background and Cybersecurity

  • Legal background and how it helps differentiate to advise
  • Don't consider herself as "narrow" but looking at situational awareness
  • Moving from legal to strategic consultant
  • World have a perception that lawyers
  • Process is commonality in legal and cybersecurity industries - Andrea's German Mom help instill discipline and rigor to establish process
  • Keep learning and helps to drive for themselves or others

19:00 -  Difference between GRC and Security

  • There is a parallel threads between GRC and Security communities
  • Big push in cybersecurity for CISO to be on the C-suite and Boards
  • Andrea  argues that not all CISOs are equal, so multiple backgrounds, though good, the CISO needs to have a broad view.
  • CISO runs risk of being relegated as a focused expert versus an equal peer who speaks the language of business and CRG, Cybersecurity, etc.

22:52- TALENT Question and GRC

  • Cybersecurity is so broad and multi-faceted, so different ways of thinking is welcome in GRC
  • Finding solutions in the world that is dynamic and be curious
  • Don't need to be in the bucket
  • Master Program - Cybercrime and International Security
  • Students - May not have a career in cyber, but she helps connect the dots to help others understand and recognize

27:00 - How do people get into GRC

  • Requires design
  • Interesting on Risk Management
  • Meeting Executives for the first time that addresses areas of 
  • Don't be alarming about it, 
  • Risk can be opportunity
  • Risk is always going to exist because things are constantly evolving
  • Look at perspectives - There is always opportunity to look at risk
  • People need to go where passion and talents and be a learning person to create a new world

32:30 - Avoiding Burn Out

  • Burn out is a real problem
  • Living in NYC during pandemic
  • Default position is to work, but she loves what she does
  • Finding YES to too many things
  • Volunteer work and
  • Constant reading and doing things, but needs to stop occasionally

37:00 - Is it Achievable to Stop To Smell The Roses

  • Give yourself a day off and say no
  • Personal designated times are important
  • Covid has underscored a mentality shifts, ie. leaning to introverted side
  • Misses Traveling, especially with her girlfriends in Mallorca

Final Thoughts:

Spread the word and bring people with different backgrounds in all spaces.

LinkedIn: https://www.linkedin.com/in/andreabonimeblanc/

Twitter: https://twitter.com/GlobalEthicist

World Economic Forum Contributed Piece, co-Authored: The 5 'Ts' of cyber-crisis readiness for every kind of organization

Follow

Links

Chapters

Video

More from YouTube