CISO's perspective from the frontlines
In the previous post (Part 1), we explored some business questions you, the prospective CISO, should ask to truly grasp the organization’s landscape and set yourself up for success. In this part we will focus on questions about the position itself. This is important because the previous questions were understanding the company’s DNA, and gain understanding if the organization and its culture are...
Landing a CISO interview is thrilling, especially for newcomers! But be prepared for a marathon. These interviews can involve multiple rounds with numerous participants, particularly if it’s the organization’s first CISO hire. The most I ever had was 19 people who interviewed me. Yes, you read it right! So why does it take so long? because many times organizations don’t really...
Cybersecurity isn't just a cost anymore, it's a strategic advantage. That's why CISOs have gone from behind-the-scenes techies to boardroom influencers. The CISO is a Renaissance figure of the digital age - blending tech mastery, strategic foresight, and human touch. This path is demanding, but for those who answer, the triumphs are equally profound.
Do you ever feel like you’re your own worst critic? You set goals, make plans, and then suddenly find yourself veering off course, tripped up by negative thoughts and self-doubt. Welcome to the club! I recently listened to Dr. Judy Ho excellent audiobook: 4 ways to stop self sabotage. It is a short 30 minuted audiobook and has great tips and strategies. Self-sabotage is a surprisingly...
Ever dreamt of becoming a CISO? Before grabbing the reins, consider the motivations. Titles and fat checks are tempting, but the reality is demanding, stressful, and requires more than tech mastery. The right reasons? Leadership, protecting critical assets, building high-performing teams, and shaping a security-aware culture. The best part? Collaborating with an amazing security community. But...
In an ever-evolving digital landscape, cybersecurity has become more critical than ever. In this episode of Risk Never Sleeps, I visited with Ed Gaudet CEO at Censinet and shared insights earned from my career journey, highlighting adaptability and essential skills as key elements of his success across diverse industries. We talked about emotional intelligence in cybersecurity communication, AI...
In this episode of CISO Series, Cyber Security Headlines, I am reviewing this week’s cyber security headlines and stories with Sean Kelly We talked about: Threat actors gaining access to US government email USB drive malware attacks Cloud environment breaches US and EU agree on new data transfer agreement JumpCloud resets customer API keys California resident charged with cyberattack on...
This time I am sitting in as a guest co-host in this episode of Defense in Depth podcast. David Sparks, Dan Walsh and I talked about how businesses grow based on trust, but they have to operate in a world of risk. Even cybersecurity operates this way, but when it comes to third party analysis, what if we leaned on trust more than trying to calculate risk?
In this episode of Cyber Range Podcast, I joined Allan Alford plays Devil’s advocate – challenging the practitioner community to refute the idea that we should quit trying to make the organization care about cybersecurity and simply make suggestions and accept the organization’s level of risk tolerance, so we got together to discuss if this is really our job. Listen to hear a...
How effective has Incident Response been over the last 20+ years? Tim Bandos, EVP, SOC Services at Xcitium, and I did a deep into the current methods of practicing incident response (IR) and explore why current strategies continue to fail. We also detailed how to evolve the organization’s IR plans to meet today’s threats, and how to train your team to best respond to the current...
CISO's perspective from the frontlines