The GC+CISO Connection

Crisis Management Lessons Every GC and CISO Needs | Jenny Gray | The GC+CISO Connection Show

Episode Overview In this episode, host Shawn Tuma welcomes Jenny Gray, VP of Legal and Assistant General Counsel at Torrid, to discuss her firsthand experience guiding her previous employer, Tuesday Morning, through bankruptcy and liquidation — and what those hard-won lessons mean for GCs and CISOs facing cyber crises today. The conversation covers crisis team-building, transparent communication under pressure, the dangers of ego, and the growing connection between cyber attacks and financial collapse. About the Guest Jenny Gray is Vice President of Legal and Assistant General Counsel at Torrid, a national publicly traded women's retailer. A Dallas native and SMU Law graduate, Jenny's career has spanned retail, governance, privacy, sustainability, and risk management.  Key Topics Covered * The Tuesday Morning Bankruptcy — Jenny recounts leading legal through Tuesday Morning's 2023 bankruptcy filing and liquidation, from the quiet crisis before filing to handing the keys to a trustee by August 1 — all in roughly six months at lightning speed. * Parallels Between Bankruptcy and Cyber Crisis — Shawn and Jenny explore striking similarities: the speed, the unpredictability, the victim-to-wrongdoer dynamic, and the critical need for a prepared, trusted team before crisis strikes. * Transparency as a Crisis Strategy — Jenny shares how her leadership team chose to tell hard truths to employees even at the risk of people leaving — and was surprised by how many stayed because they wanted to finish well. * Team, Trust, and Collaboration — Both agree that the relationships you build before a crisis determine how well you survive it. Knowing your team's skills, personalities, and roles before the bad day arrives is non-negotiable. * Data Privacy, AI Governance, and Stewardship — The conversation expands to the responsibility organizations have to protect customer, employee, and applicant data, and how AI introduces new layers of accountability demanding the same principles of transparency and ownership. Key Takeaways * Move slow when everything moves fast. In a crisis, the calmest person in the room wins. Slow down your communication, think deliberately, and resist the urge to react emotionally. * Build your team before you need them. First introductions should never happen on the worst day of your professional life. Know your people, their roles, and how they think long before crisis arrives. * Transparency builds trust — even in the worst situations. Telling hard truths, even imperfect ones, is better than silence. Tell people what you know today, and own it if it changes tomorrow. * Ego is the enemy. Both legal and security leaders have strong, protective personalities. The willingness to say "I don't know — help me understand" is a superpower in any crisis. * Cyber attacks can lead to bankruptcy. The connection is real and growing. Every GC and CISO needs to understand that a cyber crisis is simultaneously a financial, legal, and reputational crisis. Notable Quotes "In crisis, everything moves fast — so you move slow. You have to always be the calmest person on the outside in the room." — Jenny Gray, VP of Legal & Assistant General Counsel, Torrid "You are the victim of a cyber attack — but in law, regulation, even public opinion, you get transmogrified from the victim to the wrongdoer." — Shawn Tuma, Host, The GC+CISO Connection Show "The only thing I'm an expert in is being curious. The more I learn, the more I realize I need more support and more of a team to come beside me." — Jenny Gray, VP of Legal & Assistant General Counsel, Torrid Resources & Links * GC+CISO Connection Website: www.gccisoconnection.com [http://www.gccisoconnection.com/] * Apple Podcasts: https://podcasts.apple.com/au/podcast/the-gc-ciso-connection/id1771903573 [https://podcasts.apple.com/au/podcast/the-gc-ciso-connection/id1771903573] * Join the LinkedIn Community: https://www.linkedin.com/groups/14499302/ [https://www.linkedin.com/groups/14499302/] * Connect with Shawn: www.linkedin.com/in/shawnetuma/ [http://www.linkedin.com/in/shawnetuma/] * Connect with Jenny Gray: https://www.linkedin.com/in/jennyfer-gray/ [https://www.linkedin.com/in/jennyfer-gray/] * The GC+CISO Connection: Uniting the Cyber Risk Defenders by Shawn Tuma: www.gccisoconnection.com [http://www.gccisoconnection.com/] About the Host Shawn E. Tuma is a globally recognized cybersecurity attorney, author of The GC+CISO Connection: Uniting the Cyber Risk Defenders, and Partner at Spencer Fane LLP, where he leads the Cyber, Data, AI & Emerging Technology Practice Group. He has practiced cybersecurity law since 1999 and has been involved in thousands of critical incident response cases. He helps businesses protect their information and protect themselves from their information. Learn more at www.shawnetuma.com [http://www.shawnetuma.com/].

Holiday Bonus: Cyber Safety at Home — Legal + Security Lessons from Real Life

In this special Christmas mini-episode, host Shawn Tuma is joined by his son, Ryan, for a candid conversation about cyber safety at home: screen-time limits, risky chats in games, not believing everything online, and why he doesn’t have his own YouTube channel—practical lessons that mirror how GCs and CISOs collaborate to govern risk at work. See how the same principles of governance, communication, and accountability that improve enterprise cyber resilience also protect our families online. Short, light, and useful—perfect for the holidays. Don’t forget to like, share, and subscribe!

The CISO's Playbook: From Security Leader to Business Partner

From the Department of 'No' to a Seat at the Table: Mastering the Art of CISO Leadership CISO Ian Schneller joins host Shawn Tuma to share how CISOs evolve into true business partners by aligning security with enterprise goals and collaborating closely with GCs and legal on AI governance, risk, and board communications. Hear practical guidance on moving from “defend” to “enable secure growth,” framing board updates from a position of strength, measuring effectiveness vs. risk, and using a decide-and-act mindset to drive outcomes. Perfect for CISOs, GCs, and security leaders who want to speak the language of the business and lead together. Don’t forget to like, share, and subscribe! #GCCISO #GCCISOSHOW #GCCISOBOOK #GCCISOCONNECTION #GC #CISO #CIO #BISO #CLO #CCO #CIO #CPO #CTO #Corporateattorney #Corporatecounsel #Corporatelaw #Corporatelawyer #Cyber #AI #AIStrategy #AIGovernance #AIlaw #Cybersecurity #RiskManagement #BoardCommunication #BusinessAlignment

Bridging Business, Legal, & Cyber: Janie Aggas, Global BISO at CBRE | The GC+CISO Connection Show

In this episode of The GC+CISO Connection Show, host Shawn Tuma sits down with Janie Aggas, Global Business Information Security Officer (BISO) at CBRE, to explore the critical role of collaboration between legal, cybersecurity, and business teams. Janie shares her unique career journey, from real estate law to cybersecurity leadership, and how her role as a BISO bridges the gap between business strategy and cybersecurity priorities. Janie discusses the importance of building strong relationships between legal and cyber teams, the evolving role of BISOs in aligning cybersecurity with business goals, and how her recent Master’s in Cybersecurity Law and Public Policy from Texas A&M has shaped her approach to leadership. She also provides actionable tips for fostering collaboration, preparing for board presentations, and navigating the complexities of emerging technologies like AI and NFTs. Whether you're a CISO, BISO, GC, or legal professional, this episode is packed with valuable insights on how to build stronger partnerships and drive organizational success.

Bridging the Gap: Collaboration Between Legal and Cyber with Carly Duvall Le Riche | The GC+CISO Connection Show

In this episode of The GC+CISO Connection Show, host Shawn Tuma sits down with Carly Duvall Le Riche, General Counsel for Cariloop, to discuss the critical intersection of legal and cybersecurity in today’s business landscape. With experience spanning technology, privacy, and risk management, Carly shares her unique perspective on how legal and cyber teams can work together to manage risk effectively, build resilience, and support organizational goals. Carly dives into her role leading legal, compliance, and information security at a lean technology company, offering insights on how to foster collaboration, communicate effectively with boards, and advocate for cybersecurity within an organization. She also provides practical advice for legal professionals looking to better understand cybersecurity and for security professionals seeking to build strong relationships with their legal counterparts. Whether you're a CISO, CLO, GC, or security professional, this episode offers valuable insights into the evolving partnership between legal and cyber. 👉 Don’t forget to like, share, and subscribe for more engaging conversations on building collaboration between legal and cyber teams!