Ep. 301 - Security Awareness Series: Leadership Relationships and Becoming a CISO with Travis Farral
Welcome to the Social-Engineer Podcast, where we explore the world of cybersecurity and social engineering. Today, Chris is joined by a seasoned expert in the field, Travis Farral. With over three decades of experience in information security, Travis has worked at top organizations such as Nokia, ExxonMobil, XTO Energy, and currently serves as the VP & CISO at Archaea Energy, a bp owned renewable natural gas company based in Houston, Texas.
Travis's journey in cybersecurity began in the 90s, where he started programming logic controllers and building security teams from scratch. He has spoken at events around the world on topics such as Cyber Threat Intelligence, MITRE ATT&CK, and Incident Response. Throughout his career, Travis has been involved in numerous high-profile projects, including developing threat intelligence programs, handling incident responses, and leading cybersecurity teams.
One of the unique aspects of Travis's approach to security is his emphasis on leadership relationships. He believes that building strong relationships with stakeholders is crucial in creating an effective security strategy. "Anything can be weaponized," Travis says. "It's not just about technology; it's about people and their behavior." This perspective is reflected in his work at Archaea Energy, where he has successfully implemented a range of security measures to protect the organization from various threats.
Throughout the conversation, Chris and Travis discuss the importance of simplicity in security. "You have to keep it simple," Travis says. "Security doesn't have to be complicated; it just has to be effective." This approach is reflected in Travis's work at Archaea Energy, where he has implemented a range of measures to simplify security while still maintaining effectiveness.
Travis also shares some valuable insights on becoming a CISO. In his letter to a young CISO, he advises them to "keep it simple," focus on building strong relationships with stakeholders, and always be prepared for the unexpected. These words of wisdom are particularly relevant for those looking to follow in Travis's footsteps and become a CISO themselves.
Before we wrap up, Chris thanks Travis for his time and insights. If you want to learn more about Travis Farral, check out his bio on R.E. Lee: A Biography by Douglas Southall Freeman. And if you're interested in managing voice phishing or email phishing attacks, be sure to check out Social-Engineer's services at Managed Voice Phishing and Managed Email Phishing.
Don't forget to join the Social-Engineer channel on SLACK at https://social-engineering-hq.slack.com/ssb to stay up-to-date on the latest security news and trends. And if you have any questions or topics you'd like to discuss, feel free to reach out to Chris at chris@socialengineer.com.
Thanks for tuning in to this episode of the Social-Engineer Podcast. Until next time, stay secure!