Leadership & Executive Communication , Training & Security Leadership , Video

Google CISO Phil Venables on Building Strong CIO-CISO Bonds

CIO, CISO Must Join Forces to Upgrade Organization to More Defendable Architecture
Phil Venables, vice president and chief information security officer, Google Cloud (Image: Google Cloud)

Increased engagement from boards on digital transformation initiatives around cloud and AI adoption has spurred greater investment in cybersecurity, said Google Cloud CISO Phil Venables.

See Also: Post-Transformation: Building a Culture of Security

Systems built and designed decades ago have become increasingly difficult to secure, he said, and dropping tons of cybersecurity products is never really effective. Instead, Venables said, CIOs and CISOs should work together to upgrade to a more defendable technology architecture to gain more agility and efficiency, adopt an improved technology platform, and jointly pursue business and risk mitigation goals (see: Execs Say Google-Mandiant Deal to Merge Threat Intel, SecOps).

"There's a lot of talk in the industry about how there's a conflict between the CIO and the CISO, and I just don't find that anymore," Venables said. "When I speak with CIOs or CTOs at major organizations, the CIO or the CTO feels immensely responsible for the security of the organization. The CEO and the boards are looking to the CIO and the CTO just as much as the CISO."

In this video interview with Information Security Media Group, Venables also discussed:

  • Best practices for maintaining a healthy CIO-CISO relationship;
  • How the security knowledge of the CIO and CTO has changed recently;
  • How board knowledge of security varies based on company size.

Venables leads risk, security, compliance and privacy teams at Google Cloud. He joined Google in 2020 after spending over 25 years as a CISO at multiple financial services companies including Goldman Sachs, Deutsche Bank, Standard Chartered Bank and Barclays Bank.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.