This month Chris Hadnagy and Ryan MacDougall are joined by Kathleen (Kate) Mullin. Kate is an influential information security practitioner with over 30 years of experience. She is currently the CISO with Cancer Treatment Centers of America.  Kate has been CISO at various organizations including start-ups, publicly traded, private equity, not-for-profit, and governmental entities. Throughout her career, Kate has volunteered and participated in maturing information security as a profession. She volunteers with ISC(2) and ISACA and has been a member of the ISACA CGEIT Certification and Credentials Committee and a chapter president. Kate serves as a featured international speaker and panelist. She has a BSBA from St Joseph’s College and an MBA from Florida Metropolitan University. Kate is also certified as a Master Level Social Engineer.

[February 21, 2022] 

Download

Ep. 164 – Security Awareness Series – Metrics and Empathy the Answer To Cyber Breaches with Kate Mullin

View on iTunes

Get Involved

Got a great idea for an upcoming podcast? Send us a quick message on the contact form!

Enjoy the Outtro Music? Thanks to Clutch for allowing us to use Emily Dickinson as our new SEPodcast Theme Music

And check out a schedule for all our training at Social-Engineer, LLC.

Check out the Innocent Lives Foundation to help unmask online child predators.

Show Notes

This month Chris Hadnagy and Ryan MacDougall are joined by Kathleen (Kate) Mullin. Kate is an influential information security practitioner with over 30 years of experience. Kate currently is CISO with Cancer Treatment Centers of America.  Kate has been CISO at various organizations including start-ups, publicly traded, private equity, not-for-profit, and governmental entities. Throughout her career, Kate has volunteered and participated in maturing information security as a profession. She volunteers with ISC(2) and ISACA and has been a member of the ISACA CGEIT Certification and Credentials Committee and a chapter president. Kate serves as a featured international speaker and panelist. She has a BSBA from St Joseph’s College and an MBA from Florida Metropolitan University. Kate is also certified as a Master Level Social Engineer. [February 21, 2022] 

00:00 – Intro 

03:09 – Kathleen Mullin intro 

04:25 – How did you get started in Information Security? 

06:39 – What are some indicators that tells you something is ineffective? 

10:21 – Do you think the “cookie cutter” type of training is a reflection on the security awareness team itself? 

12:16 – How can you offer the more personalized training to a company that is spread out all over the U.S. or the globe? 

16:31 – Is having someone in this position who is focused on the people and the results the way to go about having the program be successful? 

18:09 – What are your major security concerns being in the healthcare industry, and how are you dealing with those? 

21:08 – We are seeing SMishing attacks becoming more prevalent in general. Are you seeing that happening in your industry? 

22:47 – Caring about employees’ security outside of work as well 

23:35 – What are some action steps that any company can start doing right now? 

  • Have metrics and measure training effectiveness 
  • Humanize your training 
  • Incremental steps 
  • Care about your users for real 

26:11 – Demoralizing phishing techniques 

28:15 – Book Recommendations: 

30:13 – Who would you consider your greatest mentor? 

34:27 – Finding Kate on the web: 

35:17 – Guest Wrap Up 

36:00 – Outro 

BACK TO PODCASTS