CISO Resources

  • How to CISO, Volume 1: The First 91 Days

    How to CISO, Volume 1: The First 91 Days

    Just want to download the eBook? Head over to How to CISO, Volume 1: The First 91 Days! It seems to be a rite of passage for all CISOs to, at some point in their career, write down their advice for other CISOs starting a new job, whether they are a first-time or veteran CISO.…

    Read more…

Security Talks

  • Security Leadership
    Security Leadership

    This talk delves into the intersection between security–helping make wiser risk choices–and leadership–getting more done with a lower energy cost. It draws on the lessons of the Six Leadership Disciplines and Humans are Awesome at Risk Management talks, providing a handful of examples of specific leadership skills to practice. The 24 skills in the matrix…

  • 9 CISO Questions
    9 CISO Questions

    Summary Everybody sells, right? Wrong. Unless you’re taking an order and retiring your quota, you don’t sell – instead, you market. If you’re selling to a CISO, you need to understand the organizational dynamics that surround a CISO’s decision-making process. This talk walks through nine critical questions that CISOs need to understand the answers to…

  • Hacking Harry Potter
    Hacking Harry Potter

    The Untold Story of Fantastical Social Engineering. Hidden inside the story of Harry Potter is a most subtle of social engineering attacks. Explore how J.K. Rowling hid the world’s greatest villain in plain sight. This talk explores the world of Harry Potter from a different angle: that of the villain. In this talk, given in…

  • Four Dimensions of Building a Security Program
    Four Dimensions of Building a Security Program

    How do you know what to invest in next, or whether the time and energy that you’re spending on a security technology or program is a good investment?  Learn how veteran CSOs think about security investments, and develop your own rubric for evaluating where to best make your next security improvement.

  • Defense Against the DDoS Arts
    Defense Against the DDoS Arts

    How do you design defenses against DDoS? And how do you think about them from a policy perspective?

  • Humans are Awesome at Risk Management
    Humans are Awesome at Risk Management

    How do humans make risk decisions, and are they good, bad, or something else?

  • Security’s Grand Challenges
    Security’s Grand Challenges

    How do the grand challenges of the future look like the grand challenges of the past?

  • Zero Trust: Ditching Your Firewall
    Zero Trust: Ditching Your Firewall

    What does a Zero Trust journey look like? Explore how we migrated Akamai to a zero trust network access model, before that was even a phrase people knew.

Security Panels

  • Investing in Solutions for Tomorrow’s Attacks

    Potential investors in the cybersecurity sector need a deep understanding of what the pinch points are for cybersecurity practitioners. Andy Ellis, a 20-year CSO at Akamai who is now an operating partner at YL Ventures, discusses what cybersecurity sectors are attracting investment – and why.

  • Scaling Security Programs in High Growth Companies

    This webinar discusses the challenges of scaling security programs in high-growth companies, featuring insights from security experts from HashiCorp and Robinhood.

Security Blog

Security Podcasts

  • I Have So Little. Just Let Me Control Access to the Mail Server.
    I Have So Little. Just Let Me Control Access to the Mail Server.

    https://cisoseries.com/will-employees-eventually-violate-security-policies/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Jadee Hanson (@jadeehanson), CIO/CISO, Code42. Full transcript [Voiceover] 10-second security tip, go! [Jadee Hanson] When you see an employee put company data at risk, don’t assume it was done maliciously. Remind yourself that collaboration tools of…

  • Gartner Creates Another Category for Everyone to Ignore
    Gartner Creates Another Category for Everyone to Ignore

    https://cisoseries.com/gartner-creates-another-category-for-everyone-to-ignore/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is RJ Friedman, CISO, Buchanan Technologies. Full transcription [Voiceover] Biggest mistake I ever made in security. Go! [RJ Friedman] The biggest mistake I’ve ever made in cyber security was assuming that everyone else cared as much as I…

  • Cloud Security Reinvented: Meg Anderson
    Cloud Security Reinvented: Meg Anderson

    https://open.spotify.com/episode/4cWnHffaVFtWrf2fAOlfDU Episode Summary The cloud has been around for a while now. And ever since it emerged — two decades ago — it has brought in new ways to think about security, identity, and access management. But at the end of the day, we still need to make sure that the right people have the…