CISO's perspective from the frontlines

Latest stories

So, you want to be a CISO

S

Ever dreamt of becoming a CISO? Before grabbing the reins, consider the motivations. Titles and fat checks are tempting, but the reality is demanding, stressful, and requires more than tech mastery. The right reasons? Leadership, protecting critical assets, building high-performing teams, and shaping a security-aware culture. The best part? Collaborating with an amazing security community. But...

Risk never sleeps podcast: Securing the Digital Future with Adaptability and Communication

R

In an ever-evolving digital landscape, cybersecurity has become more critical than ever. In this episode of Risk Never Sleeps, I visited with Ed Gaudet CEO at Censinet and shared insights earned from my career journey, highlighting adaptability and essential skills as key elements of his success across diverse industries. We talked about emotional intelligence in cybersecurity communication, AI...

Cyber Security Headlines Week in Review: July 10-14, 2023

C

In this episode of CISO Series, Cyber Security Headlines, I am reviewing this week’s cyber security headlines and stories with Sean Kelly We talked about: Threat actors gaining access to US government email USB drive malware attacks Cloud environment breaches US and EU agree on new data transfer agreement JumpCloud resets customer API keys California resident charged with cyberattack on...

Defense in depth podcast: Third Party Risk vs. Third Party Trust

D

This time I am sitting in as a guest co-host in this episode of Defense in Depth podcast. David Sparks, Dan Walsh and I talked about how businesses grow based on trust, but they have to operate in a world of risk. Even cybersecurity operates this way, but when it comes to third party analysis, what if we leaned on trust more than trying to calculate risk?

The cyber ranch podcast: Is It Even Our Job to Make Them Care About Cybersecurity?

T

In this episode of Cyber Range Podcast, I joined Allan Alford plays Devil’s advocate – challenging the practitioner community to refute the idea that we should quit trying to make the organization care about cybersecurity and simply make suggestions and accept the organization’s level of risk tolerance, so we got together to discuss if this is really our job. Listen to hear a...

Xcitium CISO Blend Webinar: Is the Industry Failing At Incident Response?

X

How effective has Incident Response been over the last 20+ years? Tim Bandos, EVP, SOC Services at Xcitium, and I did a deep into the current methods of practicing incident response (IR) and explore why current strategies continue to fail. We also detailed how to evolve the organization’s IR plans to meet today’s threats, and how to train your team to best respond to the current...

Jay walkin: Conferring on Conferences

J

Join Joel Fulton, CEO of Lucidum, and Yaron Levi, CISO of Dolby, for the first episode of JaY Walkin. Where Joel and Yaron walk in front of the traffic of security to discuss security, leadership, and everything in between while avoiding being hit by the threat bus. In this episode of JaY Walkin, Joel and Yaron chat about the recent and notable security conferences, including RSA, Black Hat...

Understanding SEC’s Proposal for Cyber Risk Management

U

I went down to the Ranch to talk with Allan Alford about the March 2022 proposal from Securities and Exchange Commission (SEC). Titled the Cyber Risk Management Strategy: Governance and Incident Disclosure, this report has huge implications for cybersecurity in any publicly-traded company. We walked through this report and explained what this means in the future for real-world cyber practitioners.

Where’s the Trust in Zero Trust?

W

In this episode of Defense in Depth podcast, David Sparks, Geoff Belknap and I talked about why Zero trust is a hollow buzzword. In any form of security, there exist critical points where we have to trust. What we need is a move away from implicit trust to explicit trust, or identity that can be verified.

Down the security rabbit hole: How to Win Friends and Influence CISOs

D

Have you noticed that the relationship between buyer and seller, or more precisely, between CISO and seller is… eh … tenuous lately? OK, maybe it’s a lot worse than that in some cases. Why is that? How did we get here? And how do we fix a relationship that is quite clearly necessary, but just so broken? Rafal and I went down the security rabbit hole to discuss the challenges and...

CISO's perspective from the frontlines

Topics

Follow me

Get in touch

Do you want to get in touch? have a question? want me to speak at your event? need advice? please use the form below. No sales messages please!
Please enable JavaScript in your browser to complete this form.