Calling CISOs Everywhere: Minimize Breaches by Thinking Like a Hacker and Testing Your Controls

Todd Beebe, Chief Information Security Officer at Freeport LNG, is interested in a lot more than just abiding by compliance requirements and government frameworks. He describes his approach to cybersecurity as “offensive” and “threat-oriented,” which is why his colleagues say he has a “hacker brain.” This mindset is the secret to his success — remaining invested in anticipating attackers’ next moves, testing systems, validating patches, and addressing vulnerabilities.

Compliance requirements and maturity frameworks can help an organization get to a certain level of security, but you also need to pay attention to the real threats in your environment to maximize breach prevention. Thinking like a hacker and responding to legitimate threats means you’re focusing on which devices are most critical and which are missing patches. Being threat-oriented also shapes prioritization and alignment across an organization. A team can’t prioritize everything, but when team members know how the organization is being targeted, they can use threat intelligence to determine with surgical precision the next course of action.

For more takeaways from my conversation with Todd, tune into the full episode. And for more perspectives from security, IT, and engineering leaders delivered straight to your inbox, sign up for our monthly newsletter.