The staffing model for many mid-sized security programs is typically based on a highly centralized security team. While that provides a high degree of control, it can create inefficiencies and a lack of ownership relative to implementation of the program. This session will share the presenter’s experience as a CISO with no direct reports, leveraging people and budgets across the entire company.