Holiday Bonus: Cyber Safety at Home — Legal + Security Lessons from Real Life

Cyber Resilience, AI Governance, and the CISO’s Evolution with Andy Land

Episode Overview In this episode of The GC+CISO Connection Show, Shawn Tuma sits down with Andy Land to discuss cyber resilience, AI governance, and the evolution of the CISO role in today’s business environment. Their conversation focuses on how the modern CISO must balance technical leadership with communication, business alignment, and stronger partnership with legal teams to help organizations build real resilience. About the Guest Andy Land is the General Manager of the CISO Executive Network (CISO ExecNet) and a recognized leader within the broader CISO community. He works closely with security executives across industries and brings a practical perspective on how the role of the CISO continues to mature as cyber risk, board expectations, and AI governance become more central to business leadership. Key Topics Covered * Cyber Resilience as a Business Objective — Shawn and Andy discuss why resilience is the real mission and why organizations need to think beyond technical defense to business continuity and long-term strength. * The Evolution of the CISO Role — The conversation highlights how the CISO role has changed from technical operator to strategic leader and business partner. * AI Governance — AI governance is discussed as part of the broader transformation in cyber leadership and the growing need for legal and cyber teams to align on emerging technology risk. * The GC-CISO Partnership — Shawn and Andy emphasize that the relationship between General Counsel and CISOs is becoming increasingly important in managing modern organizational risk. * Humility, Communication, and Leadership — The episode underscores how communication skill, executive presence, and humility are foundational leadership traits for effective CISOs and strong cyber programs. Key Takeaways * Cyber resilience should be treated as a business priority, not just a security program. * The modern CISO must be able to communicate with executives, boards, and legal leaders, not just technical teams. * AI governance is now part of the broader cyber leadership conversation and requires legal-cyber collaboration. * GC-CISO alignment is a strategic advantage in a rapidly changing risk environment. * Humility and clear communication are critical leadership traits in both legal and cyber roles. Resources & Links * GC+CISO Connection Website: www.gccisoconnection.com [http://www.gccisoconnection.com/] * Apple Podcasts: https://podcasts.apple.com/au/podcast/the-gc-ciso-connection/id1771903573 [https://podcasts.apple.com/au/podcast/the-gc-ciso-connection/id1771903573] * Join the LinkedIn Community: https://www.linkedin.com/groups/14499302/ [https://www.linkedin.com/groups/14499302/] * Connect with Shawn: https://www.spencerfane.com/professionals/shawn-tuma/ [https://www.spencerfane.com/professionals/shawn-tuma/] About the Host Shawn E. Tuma is a globally recognized cybersecurity attorney, author of The GC+CISO Connection: Uniting the Cyber Risk Defenders, and Partner at Spencer Fane LLP, where he leads the Cyber, Data, AI & Emerging Technology Practice Group. He has practiced cybersecurity law since 1999 and has been involved in thousands of critical incident response cases. He helps businesses protect their information and protect themselves from their information. Learn more at https://www.spencerfane.com/professionals/shawn-tuma/ [https://www.spencerfane.com/professionals/shawn-tuma/]

Crisis Management Lessons Every GC and CISO Needs | Jenny Gray | The GC+CISO Connection Show

Episode Overview In this episode, host Shawn Tuma welcomes Jenny Gray, VP of Legal and Assistant General Counsel at Torrid, to discuss her firsthand experience guiding her previous employer, Tuesday Morning, through bankruptcy and liquidation — and what those hard-won lessons mean for GCs and CISOs facing cyber crises today. The conversation covers crisis team-building, transparent communication under pressure, the dangers of ego, and the growing connection between cyber attacks and financial collapse. About the Guest Jenny Gray is Vice President of Legal and Assistant General Counsel at Torrid, a national publicly traded women's retailer. A Dallas native and SMU Law graduate, Jenny's career has spanned retail, governance, privacy, sustainability, and risk management.  Key Topics Covered * The Tuesday Morning Bankruptcy — Jenny recounts leading legal through Tuesday Morning's 2023 bankruptcy filing and liquidation, from the quiet crisis before filing to handing the keys to a trustee by August 1 — all in roughly six months at lightning speed. * Parallels Between Bankruptcy and Cyber Crisis — Shawn and Jenny explore striking similarities: the speed, the unpredictability, the victim-to-wrongdoer dynamic, and the critical need for a prepared, trusted team before crisis strikes. * Transparency as a Crisis Strategy — Jenny shares how her leadership team chose to tell hard truths to employees even at the risk of people leaving — and was surprised by how many stayed because they wanted to finish well. * Team, Trust, and Collaboration — Both agree that the relationships you build before a crisis determine how well you survive it. Knowing your team's skills, personalities, and roles before the bad day arrives is non-negotiable. * Data Privacy, AI Governance, and Stewardship — The conversation expands to the responsibility organizations have to protect customer, employee, and applicant data, and how AI introduces new layers of accountability demanding the same principles of transparency and ownership. Key Takeaways * Move slow when everything moves fast. In a crisis, the calmest person in the room wins. Slow down your communication, think deliberately, and resist the urge to react emotionally. * Build your team before you need them. First introductions should never happen on the worst day of your professional life. Know your people, their roles, and how they think long before crisis arrives. * Transparency builds trust — even in the worst situations. Telling hard truths, even imperfect ones, is better than silence. Tell people what you know today, and own it if it changes tomorrow. * Ego is the enemy. Both legal and security leaders have strong, protective personalities. The willingness to say "I don't know — help me understand" is a superpower in any crisis. * Cyber attacks can lead to bankruptcy. The connection is real and growing. Every GC and CISO needs to understand that a cyber crisis is simultaneously a financial, legal, and reputational crisis. Notable Quotes "In crisis, everything moves fast — so you move slow. You have to always be the calmest person on the outside in the room." — Jenny Gray, VP of Legal & Assistant General Counsel, Torrid "You are the victim of a cyber attack — but in law, regulation, even public opinion, you get transmogrified from the victim to the wrongdoer." — Shawn Tuma, Host, The GC+CISO Connection Show "The only thing I'm an expert in is being curious. The more I learn, the more I realize I need more support and more of a team to come beside me." — Jenny Gray, VP of Legal & Assistant General Counsel, Torrid Resources & Links * GC+CISO Connection Website: www.gccisoconnection.com [http://www.gccisoconnection.com/] * Apple Podcasts: https://podcasts.apple.com/au/podcast/the-gc-ciso-connection/id1771903573 [https://podcasts.apple.com/au/podcast/the-gc-ciso-connection/id1771903573] * Join the LinkedIn Community: https://www.linkedin.com/groups/14499302/ [https://www.linkedin.com/groups/14499302/] * Connect with Shawn: www.linkedin.com/in/shawnetuma/ [http://www.linkedin.com/in/shawnetuma/] * Connect with Jenny Gray: https://www.linkedin.com/in/jennyfer-gray/ [https://www.linkedin.com/in/jennyfer-gray/] * The GC+CISO Connection: Uniting the Cyber Risk Defenders by Shawn Tuma: www.gccisoconnection.com [http://www.gccisoconnection.com/] About the Host Shawn E. Tuma is a globally recognized cybersecurity attorney, author of The GC+CISO Connection: Uniting the Cyber Risk Defenders, and Partner at Spencer Fane LLP, where he leads the Cyber, Data, AI & Emerging Technology Practice Group. He has practiced cybersecurity law since 1999 and has been involved in thousands of critical incident response cases. He helps businesses protect their information and protect themselves from their information. Learn more at www.shawnetuma.com [http://www.shawnetuma.com/].

Holiday Bonus: Cyber Safety at Home — Legal + Security Lessons from Real Life

In this special Christmas mini-episode, host Shawn Tuma is joined by his son, Ryan, for a candid conversation about cyber safety at home: screen-time limits, risky chats in games, not believing everything online, and why he doesn’t have his own YouTube channel—practical lessons that mirror how GCs and CISOs collaborate to govern risk at work. See how the same principles of governance, communication, and accountability that improve enterprise cyber resilience also protect our families online. Short, light, and useful—perfect for the holidays. Don’t forget to like, share, and subscribe!

The CISO's Playbook: From Security Leader to Business Partner

From the Department of 'No' to a Seat at the Table: Mastering the Art of CISO Leadership CISO Ian Schneller joins host Shawn Tuma to share how CISOs evolve into true business partners by aligning security with enterprise goals and collaborating closely with GCs and legal on AI governance, risk, and board communications. Hear practical guidance on moving from “defend” to “enable secure growth,” framing board updates from a position of strength, measuring effectiveness vs. risk, and using a decide-and-act mindset to drive outcomes. Perfect for CISOs, GCs, and security leaders who want to speak the language of the business and lead together. Don’t forget to like, share, and subscribe! #GCCISO #GCCISOSHOW #GCCISOBOOK #GCCISOCONNECTION #GC #CISO #CIO #BISO #CLO #CCO #CIO #CPO #CTO #Corporateattorney #Corporatecounsel #Corporatelaw #Corporatelawyer #Cyber #AI #AIStrategy #AIGovernance #AIlaw #Cybersecurity #RiskManagement #BoardCommunication #BusinessAlignment

Bridging Business, Legal, & Cyber: Janie Aggas, Global BISO at CBRE | The GC+CISO Connection Show

In this episode of The GC+CISO Connection Show, host Shawn Tuma sits down with Janie Aggas, Global Business Information Security Officer (BISO) at CBRE, to explore the critical role of collaboration between legal, cybersecurity, and business teams. Janie shares her unique career journey, from real estate law to cybersecurity leadership, and how her role as a BISO bridges the gap between business strategy and cybersecurity priorities. Janie discusses the importance of building strong relationships between legal and cyber teams, the evolving role of BISOs in aligning cybersecurity with business goals, and how her recent Master’s in Cybersecurity Law and Public Policy from Texas A&M has shaped her approach to leadership. She also provides actionable tips for fostering collaboration, preparing for board presentations, and navigating the complexities of emerging technologies like AI and NFTs. Whether you're a CISO, BISO, GC, or legal professional, this episode is packed with valuable insights on how to build stronger partnerships and drive organizational success.