April 26, 2024 at 08:37AM
Mike Wagner, the former information security professional at Johnson & Johnson, transitioned to become the first CISO of J&J’s spin-off Kenvue. He aimed to create a streamlined, cost-effective security architecture using key roles and incorporating machine learning and AI. Wagner’s team also determined which J&J cybersecurity tools and processes to retain, while assembling a skilled cyber team.
From the meeting notes, I have generated clear takeaways:
1. Mike Wagner, the new CISO at Kenvue, aims to combine the best of J&J with an efficient and modern approach for the standalone company’s security program.
2. The cyber team at Kenvue has prioritized embedding machine learning and AI into its cyber architecture to ensure maximum effectiveness and future scalability.
3. Kenvue chose to adopt about half of its technology stack from J&J, while carefully evaluating the functionalities and fit into the new company’s architecture.
4. Wagner assembled a cyber team with a combination of former J&J employees with deep business knowledge and new hires with modern technical and cyber skills.
5. The BISO role, serving as intermediaries between the cyber organization and different business units, is seen as critical to Kenvue’s success.
6. Maintaining security for both J&J and Kenvue during the transition required constant communication and daily meetings between different functions.
7. Next steps for Kenvue’s security program include leaning into modern security strategies, adopting zero trust, enhancing technical controls, and making greater use of automation to handle overwhelming volumes of data at speed and scale.
These key takeaways provide a clear understanding of the discussions and decisions made in the meeting.