How I Became A CISO: Jennings Aske, Nuance Communications

  /     /     /  
Publicated : 22/11/2024   Category : security


How I Became A CISO: Jennings Aske, Nuance Communications


With the training of an attorney, the curiosity of an academic, and some fortuitous timing, Aske rode the compliance wave straight through to the CISO role.



The regulatory compliance wave of the late 90s and early 2000s carried unsuspecting people from a variety of professions into a career in information security. Jennings Aske, CISO of Nuance Communications, was one of those who caught the wave -- but not just because he had the good fortune of being in the right place at the right time.
Like many chief information security officers, Aske did not set out for a career in security or even technology.
I really did stumble into something good for me, he says.
Aske was an English major who just happened to build PCs and crystal radio sets for fun in his spare time. Yet, his next career maneuver didnt proceed along either the English or technology tinkering paths.
Instead, Aske became an attorney. While editing law journals and working for the Chief Privacy Officer in the Massachusetts office of health and human services, Aske became intimately familiar with the hefty text of the Health Information Portability and Accountability Act. While studying HIPAA, something became clear to him.
There was a need for people who understood law to get into data security issues, says Aske. Although he was not a technologist by education, that old interest in technology combined with his new experience made him a good fit.
Yet perhaps most importantly, he was simply curious, and willing to educate himself about the tools and techniques of the trade, whether it be business operations or Ruby on Rails development.
Its definitely a very academic approach that Ive taken, says Aske. I liken it to a lawyer preparing for a case.
He points out that even those people who enter the information security field with a formal education in IT have to continue their studies while on the job, because in such a quickly evolving field, what you learned in school will be largely outdated a mere five or 10 years after graduation.
Security doesnt seem to [invest as much] in training as other parts of IT, says Aske. You really have to invest in yourself and your knowledge.
Aske rose up to become CISO for the Massachusetts Executive Office of Health and Human Services, overseeing information security for 16 state agencies. He moved on to other CISO positions within healthcare before taking the job at Nuance Communications in January.
I dont have to be a subject matter expert in everything, says Aske. However, he cautions, Ive seen some security leaders who are so divided from technology that they arent able to lead the operational staff.
Askes main advice to aspiring CISOs is to always be learning -- not only from peers, but from staff and from those outside IT entirely.
Dont come into the organization as King Security, he says. Come in and listen. Come across as humble. Because eventually youll need to tell people no -- theyll be more likely to cooperate with you then, if you cooperated with them first.
This is part four of Dark Readings How To Become a CISO series. Read the previous segments to learn
what employers are looking for in a CISO
, and to hear how
Janet Levesque, CISO of RSA,
and
Quinn Shamblin, CISO of Boston University
made their way to the top job.

Last News

▸ Sony, XBox Targeted by DDoS Attacks, Hacktivist Threats ◂
Discovered: 23/12/2024
Category: security

▸ There are plenty of online tools for reporting bugs. ◂
Discovered: 23/12/2024
Category: security

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
How I Became A CISO: Jennings Aske, Nuance Communications