The Basics Of Being A Global CISO  The various pillars include security, which is, operations, corporate, product, customer, production, and automation.  It also includes compliance, undergoing audits and certifications throughout each year. You need to maintain trust between platforms, products, and customers. Quality management, data protection, privacy principals, customer advocacy, risk and assurance, are also major pieces of the CISO puzzle.     How Lakshmi Got Where Is Today  Lakshmi built herself up over the past 24 years with a vast background of experience. She’s been in the information risk-management/security field for a long time and has developed her view of the position over that time. Beginning as a security engineer, she has elevated her career to where it is today.     Empathy In The Professional Realm  Lakshmi has worn many hats in her long career, which lets her understand where her colleagues are coming from. She is able to put herself in their shoes, because she has been there. This has created an empathetic environment around her work and lets her effectively communicate with others. As a child she developed a strong sense of empathy, which wasn’t lost as an adult, she has kept this with her and was able to incorporate this mindset in her professional life. Being in the business of trust, empathy goes along way to gaining that trust you need to provide the work for your clients and colleagues.     What Is The Trust Office?  The Trust Office is comprised of all the teams working with Lakshmi; she is the head of this office at Box. Trust is the key to any and every aspect of her position. The mission statement of this office is protect the Box brand with secure products, secure operations, and continued compliance. She believes that seeing through a lens of trust leads to a less fragmented and more cohesive view of how to engage, invest, converse, and prioritize around risks.     The Cloud And How Customers Are Confused  No cloud provider comes without risks involved, the customer needs to weigh the risks involved between the platforms they are researching. If all platforms were more transparent with their customers, some of this confusion could be alleviated. Customers are also entering into a partnership with their provider, both playing their own unique roles in this relationship. The takeaway; understand the risks and understand that this is a partnership.     Recognizing Red Flags  It is very important to understand your own risk appetite before getting too deep with any platform, have the conversations with your team to be able to pinpoint what will and will not be acceptable to the company. Secondly, understanding what the actual risks are. If you aren’t getting the level of transparency you’re looking for with that platform, this probably shouldn’t end in a partnership. Another important aspect to consider is mutual understanding, the platform should understand how and why you going to be using their product. There should be open dialogue about what both parties need from each other beforehand.     The Concept Of Zero Touch Defined  This can be explained by looking into the three different layers. RPA or rapid process automation, the most basic layer, the next layer up is ML or machine learning, followed by AI or augmented intelligence. These are the three phases a customer could be in on their way to zero touch. By utilizing this concept, and minimizing human intervention a company can retain their manpower to focus on strategy and more proactive work. This is also beneficial for the customer by saving time, remaining consistent, keeping manual errors at a lower rate, and a general better user experience.       Understanding The Risks Security Teams Face In The Era Of Cloud Services  The major risk is a security team becoming obsolete; the team is only as valuable as they are irreplaceable. If the security team isn’t highly educated on the specific need