Do whatever it takes to avoid a breach | Khelan Bhatt - Cybersecurity Expert and Strategist | Episode 26

From his time overseeing cybersecurity for prominent Gap Inc.
brands including Gap, Athleta, Old Navy, and Banana Republic as
Deputy CISO, Khelan Bhatt has nearly two decades of information
security expertise. He currently orchestrates cybersecurity
strategy at FabFitFun as CISO and VP of IT. 


 


In this episode, Khelan and Matt discuss:


Threat prevention & detection

The crucial role of a CISO

Data handling - Best practices

The true cost of a cyber attack on your business



 


Chapters:


 


(0:00:00) The importance of bringing in security and privacy
early in the data process


(0:01:03) Critical steps to build a culture of security for
growth


(0:03:46) The role of a CISO and their responsibilities


(0:06:51) The function of security in the earliest days of a
company


(0:08:37) When to designate a CISO and the structure of a
security department


(0:10:22) Common targets for cyber attacks and what attackers are
trying to obtain


(0:10:41) Credit card numbers and valuable data on the dark web


(0:14:10) The value of hacking larger companies vs. smaller
companies


(0:15:56) Considerations for data handling and sharing with
external partners


(0:18:20) Post IDFA world and data handling for marketing teams


(0:20:34) Evaluating third-party partners' security and privacy
maturity


(0:21:06) What marketers should understand about data handling


(0:21:31) Bring security and privacy experts in early during
contract negotiations


(0:22:32) Data duplication increases risk and dilutes controls


(0:22:54) Define granular roles and responsibilities for data
access


(0:23:23) Consider hiding sensitive fields based on user roles


(0:24:11) Regularly assess and update security frameworks as the
company grows


(0:24:48) Data lakes can improve data governance and analytics


(0:25:43) Regular security assessments are crucial for maturing
organizations


(0:26:13) Boards want to be aware of risks and progress in
security measures


(0:26:56) Security should be seen as a feature to increase trust
and attract customers


(0:28:32) Incorporate security features like SSO and role-based
access control


(0:30:24) Security, legal, and brand efforts contribute to
long-term growth


(0:31:37) Investments in security may protect against potential
disasters


(0:32:32) Advice for early stage CEOs who raised funding


(0:33:04) Importance of investing in security for startups


(0:33:29) Options for outsourcing security services


(0:33:49) Creating a virtual security team within the
organization


(0:34:19) Evaluating security maturity level and making
investments


(0:34:48) Conclusion and appreciation for the discussion


 


Link to Transcript