Back To Schedule
Monday, October 30 • 10:30am - 11:15am
Influencing Without Authority: The Foundations of a Successful Security Department of Yes

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
In today’s technology and business landscape, security is a critical component of any successful organization. However, driving the goals of a security organization can be challenging, particularly when that organization resides in a separate line of business than the product engineering organization they wish to influence. The speakers will discuss how to leverage several key concepts of “influencing without authority” to successfully partner with non-security stakeholders and drive the strategic objectives of a security organization.

This talk will explore the telltale signs of the security “Department of No,” well-meaning obstructionists who too often impede the larger business through bureaucracy, and how to shift security practices to empowering the organization through measured, contextual security achievements and partnered collaboration with the rest of the business.

This is not a practice relegated to startups with limited concerns nor only achievable by large institutions with a commensurately large security staff. The security “Department of Yes” is tangible and achievable for organizations of all sizes, including heavily regulated programs.

The speakers will outline several key concepts of influencing without authority and provide practical examples of how these concepts can be applied to a security organization to increase their influence and drive the adoption of security best practices. The talk will also delve into common challenges that security organizations may face when trying to influence others, and provide strategies for overcoming these challenges. The audience will gain a deeper understanding of how to build effective relationships, establish credibility, and create coalitions with other stakeholders to amplify their influence and achieve their goals.

Attendees will leave this talk with a set of actionable strategies that they can use to increase their influence within their organizations, drive the adoption of security best practices, and improve the overall security posture of their business. They will gain an appreciation for the importance of influence and learn how to apply these concepts to drive positive change in their organizations.

avatar for Timothy Lisko

Timothy Lisko

Senior Director of Security Engineering, DigitalOcean
Tim Lisko is the Senior Director of Security Engineering at DigitalOcean. He oversees defensive capabilities, including Product Security, Infrastructure Security, Security Software Engineering, Security Observability and Data Analysis, and Trust and Governance. Leaning into nautical... Read More →
avatar for Ari Kalfus

Ari Kalfus

Product Security Manager, DigitalOcean
Ari Kalfus is a security leader and developer enabler who has tricked people like Tim into letting him run application security programs. In the past, he has worked as a security engineer and penetration tester. Ari believes security programs must be rooted in a partnership with the... Read More →

Monday October 30, 2023 10:30am - 11:15am EDT
Room: Treasury