I’ve worked in all levels of management, including C-level at a Fortune 500 company, and I can tell you that from the perspective of the C level, the tools are a given. If the employees have complaints about the tools, the perception is that either the mid to lower level management or the employees are not competent and need to be replaced with ones that are able to deliver on the promise of the tools.

(I say this without judgement - most of the time it’s BS, some of the time it’s true)

What do yall think a CISO of today needs to know/understand?

good luck! I was an amazing day when I got my CISO position. It was an even better day when I left it :)

How do you validate the responses here?

I’m not sure what you mean?

Has anyone taken a course in FAIR? Wondering how useful it is…

Mbin performs quite well. I just applied the most recent update which removed mercure and it’s very fast now.

I was probably the most prominent person who runs both and had database issues with k/mbin. I am happy to say that those are well behind me, largely because of the skill and patience of the Mbin team helping me resolve them.

It’s a rough job market for several reasons. My best recommendation is to do something that will distinguish yourself from others (blog, podcast, etc etc) and also try to establish a relationship with someone at prospective employers to get them to “pull” you in. I know, I know, easier said than done, but that’s where we are at.