Speed Data: Combating the Cybersecurity Skills Shortage With Bryan Chnowski

Bryan Chnowski, Deputy CISO for Nuvance Health, explains why one of the most significant cybersecurity risks on the horizon is the shortage of workers.
Megan Garza
2 min read
Last updated April 9, 2024
Megan Garza and Bryan Chnowski

Welcome to Speed Data: Quick Conversations With Cybersecurity Leaders. Like speed dating, our goal is to capture the hearts of CISOs with intriguing, unique insight in a rapid format for security professionals pressed for time.

Bryan Chnowski, Deputy Chief Information Security Officer for Nuvance Health, is one of the most personable cybersecurity leaders you’ll ever meet. His passion for providing security awareness education to his staff, combined with his 25-plus years of experience across the education, financial, healthcare, and insurance industries, makes him ideal for leading the cybersecurity strategy at the not-for-profit health system.

Watch Bryan’s full Speed Data episode below to learn the key attributes he thinks all successful leaders should have.

Nontraditional cybersecurity recruiting

Ransomware, malicious actors, vulnerabilities, and insider threats are terms every CISO dreads. But for Bryan Chnowski, one of the most significant risks on the horizon is the shortage of workers.

“What you’re seeing is there are 3.5M open cybersecurity positions worldwide,” the Deputy Chief Information Security Officer for Nuvance Health said. “There’s a skills shortage.”

Rather than rely on existing cyber professionals to continue to fill the growing roles, Bryan offered an alternative suggestion. “Businesses need to target individuals who can transition into cybersecurity roles with proper training and then support their training initiatives, whether it’s boot camps, workshops, or online training platforms,” he said. “Organizations need to look outside of IT."

There are individuals that are more than capable to be successful in cybersecurity that might come from legal or risk management or even your training team.
Bryan Chnowski, Nuvance Health Deputy CISO

Key attributes for cybersecurity leaders

And these individuals could be ideally suited for security leadership positions, Bryan added, if they have specific characteristics.

“There are personality traits a leader needs to have to be successful,” he said, listing off a few key attributes, such as staying calm amid the chaos, being persistent, and keeping wise company. “Surround yourself with people smarter than you — they’ll challenge you. If you’re the smartest one in a room, you’re better off leaving that room.”

Data breaches: prepare, practice, and then proceed.

A sense of situational awareness is also key. “You need to realize that incidents and breaches will occur, so our job as leaders is to limit the frequency and impact,” Bryan said. “Make sure you have up-to-date and accurate business impact analysis, business continuity and disaster recovery plans, and incident response playbooks.”

Your organization needs to feel comfortable that if there is an attack, they’re going to be able to proceed.
Bryan Chnowski, Nuvance Health Deputy CISO

“The way you get them comfortable is to drill it, practice it, and do tabletop exercises. The more comfortable they are, the more successful you’re going to be when you experience some time of attack.”

And in an attack on Bryan’s industry, the stakes are higher. “I’m in healthcare, so any offline system has the ability to impact patient lives in a negative manner,” he said. “When thinking about the different types of attacks that worry me, the biggest one is one that takes down any of our critical systems.”

Life outside of cybersecurity

With more than 25 years of leadership experience across the education, healthcare, and insurance industries, Bryan’s passion for securing data and teaching those around him could have led him down a different path.

“If I wasn’t in cybersecurity, I’d be a teacher,” he said. “I find it rewarding educating those who want to learn.” His face lights up when he talks about the topics he’d teach.

“I love technology, but I’d love to branch out and learn something a little different,” he said. “I love working with my hands, working outside, getting outside my comfort zone, forcing me to grow. I have a lot of hobbies outside of technology, so I think there are plenty of possibilities on what I would wind up teaching.”

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

speed-data:-rethinking-traditional-cybersecurity-principles-with-rick-howard
Speed Data: Rethinking Traditional Cybersecurity Principles With Rick Howard
Rick Howard, author, journalist, and Senior Fellow at the CyberWire, chats about his new book on rebooting cybersecurity principles with Varonis' Megan Garza.
speed-data:-hiring-the-right-cybersecurity-professionals-with-leah-mclean
Speed Data: Hiring the Right Cybersecurity Professionals With Leah McLean
Cofounder of the nonprofit Whole Cyber Human Initiative, Leah McLean, shares her advice for recruiting teams looking for cybersecurity superstars and why it’s so important for women to have representation in tech.
is-your-company-prepared-for-a-cyber-attack?
Is Your Company Prepared for a Cyber Attack?
Would your company survive a cyber attack? Use our flowchart to see if your business is prepared for cybersecurity threats.
do-executives-and-cybersecurity-pros-agree-on-today’s-biggest-cyber-threats?
Do Executives and Cybersecurity Pros Agree on Today’s Biggest Cyber Threats?
Breaches cost companies billions, erode trust and can have a long-lasting negative impact on a company’s brand. With so much as stake, we wondered: are C-Suite executives aligned with their...