The Data Diva E221 - Matthew Rosenquist and Debbie Reynolds

Send us a text Debbie Reynolds “The Data Diva” talks to Matthew Rosenquist, Mercury Risk"s Chief Information Security Officer (CISO), cybersecurity strategist, and LinkedIn Top Voice. With over 35 years of experience, Matthew shares his dynamic career journey, which started with internal investigations, building Intel’s first Security Operations Center, and leading crisis response teams. His extensive background includes advising governments, businesses, and academia on emerging threats and cybersecurity best practices. Matthew highlights the critical evolution of cybersecurity from a “nice-to-have” to a mission-critical business necessity while discussing how rising consumer and regulatory expectations are reshaping the cybersecurity landscape. He explains the growing gap between mounting security demands and available resources, emphasizing that cybersecurity leaders must demonstrate value beyond risk prevention. Matthew advocates for evolving cybersecurity’s role from compliance-focused operations to strategic business enablers that deliver competitive advantages and even revenue opportunities. The conversation explores the interconnectedness of privacy and cybersecurity, framing both as foundational to digital trust. Matthew emphasizes that privacy failures and cybersecurity breaches undermine trust with customers, regulators, and business partners, making collaboration between cybersecurity and privacy professionals essential. He also illuminates the importance of proactivity in cybersecurity, contrasting it with the reactive “firefighting” mindset often seen in organizations. Matthew goes into the threat of insider risks, distinguishing between malicious insiders and non-malicious actors who unintentionally create vulnerabilities. Drawing from his experience, he underscores the need for strong leadership, clear policies, and an organizational culture where employees feel empowered to report issues without fear. Looking to the future, he stresses the importance of having cybersecurity expertise on boards of directors, enabling organizations to navigate rising risks and better align cybersecurity initiatives with business objectives. As the discussion concludes, Matthew shares his wish for the cybersecurity industry: improved communication, collaboration, and leadership. He calls for greater strategic thinking, proactive risk management, and a collective effort to stay ahead of evolving threats in an increasingly complex digital world. He also highlights his hope for Cybersecurity and Data Privacy in the future. Support the show