In our recent episode of the Future of Threat Intelligence podcast, we talk with expert João Pedro Gonçalves, Global Chief Information Security Officer at EQT Group, about risk-based cybersecurity approaches, building security departments from the ground up, and the critical role of cybersecurity steering committees. 

Pedro also talks about his journey in cybersecurity leadership and shares his insights on how security practitioners should aim to work with organizations that prioritize cybersecurity and align business strategies with tech architecture. 

Topics discussed: 

• Risk-based cybersecurity approaches for effective protection.
• Building security departments from scratch in organizations.
• Significance of cybersecurity steering committees in risk management.
• Navigating organizational hierarchies for enhanced security strategies.
• Forming cybersecurity steering committees with executive team members for strategic decision-making.

Key Takeaways: 

• Implement risk-based cybersecurity approaches to enhance protection strategies.
• Establish and structure security departments intentionally from the start.
• Form cybersecurity steering committees with executive team members for strategic decision-making.
• Navigate organizational hierarchies to streamline security strategies effectively.
• Evaluate cybersecurity providers rigorously, focusing on certifications like SoC 2.
• Read and analyze reports critically to ensure comprehensive risk coverage – read what is there and what’s not there.
• Drive discussions with stakeholders to address security challenges and make informed decisions.