CISO's perspective from the frontlines
Once upon a time in a company far far away Several years ago, in a different organization, my team and I successfully implemented a Vulnerability Management program. It was a massive undertaking, taking over a year to complete and sizable budget. Our goal was to continuously scan over 100,000 devices and automate the reporting of findings to relevant teams. The project went beyond reporting by...
Discovery of security issues is important, but ultimately we need to remediate them. So why do so many solutions seem to stop short?
In this episode of Defense in Depth, I joined as a guest co-host to David Spark (@dspark), the producer of CISO Series, and our guest, Neil Watkins, SVP technology and cybersecurity services, i3 Verticals.
Trust is the bedrock of any successful and healthy relationships. In organizations, it fosters collaboration, empowers team members, strengthens decision-making, and inspires confidence in leadership. Building trust takes time and consistent effort, but the rewards are a culture of transparency, accountability, and a workforce that is both motivated and secure. Therefore it is critical for CISOs...
In this episode of CISO Series, Cyber Security Headlines, I am reviewing this week’s cyber security headlines and stories with Richard Stroffolino. We talked about: Vulnerability in Apple’s Silicon M-series chips can’t be patched APT31 uses family members to surveil targets MFA bombing attacks target Apple users Think tank calls for US military cyber service Google recommends scam sites Spyware...
Recently I finished reading the book Range: Why Generalists Triumph in a Specialized World by David Epstein, which I find not only interesting but very relevant to Cybersecurity. Our world is becoming increasingly specialized, and it’s easy to believe that the key to success is to focus on one thing and become an expert. This is especially true in Cybersecurity where over the years I had...
CISOs talk to each other, a lot!!! even on weekends, and when something is going on the word is getting our fast. We also rely on each other professionally and mentally, and some time even emotionally. A few weeks ago, in a conversation with other CISO friends. I expressed my frustration about a sales tactic a Business Development Representative (BDR) tried to use on me, and boy the flood gates...
In the previous post (Part 1), we explored some business questions you, the prospective CISO, should ask to truly grasp the organization’s landscape and set yourself up for success. In this part we will focus on questions about the position itself. This is important because the previous questions were understanding the company’s DNA, and gain understanding if the organization and its culture are...
Landing a CISO interview is thrilling, especially for newcomers! But be prepared for a marathon. These interviews can involve multiple rounds with numerous participants, particularly if it’s the organization’s first CISO hire. The most I ever had was 19 people who interviewed me. Yes, you read it right! So why does it take so long? because many times organizations don’t really...
Cybersecurity isn't just a cost anymore, it's a strategic advantage. That's why CISOs have gone from behind-the-scenes techies to boardroom influencers. The CISO is a Renaissance figure of the digital age - blending tech mastery, strategic foresight, and human touch. This path is demanding, but for those who answer, the triumphs are equally profound.
Ever dreamt of becoming a CISO? Before grabbing the reins, consider the motivations. Titles and fat checks are tempting, but the reality is demanding, stressful, and requires more than tech mastery. The right reasons? Leadership, protecting critical assets, building high-performing teams, and shaping a security-aware culture. The best part? Collaborating with an amazing security community. But...
CISO's perspective from the frontlines