CISO Resources

  • How to CISO, Volume 1: The First 91 Days

    How to CISO, Volume 1: The First 91 Days

    Just want to download the eBook? Head over to How to CISO, Volume 1: The First 91 Days! It seems to be a rite of passage for all CISOs to, at some point in their career, write down their advice for other CISOs starting a new job, whether they are a first-time or veteran CISO.…

    Read more…


Security Talks

  • This talk delves into the intersection between security–helping make wiser risk choices–and leadership–getting more done with a lower energy cost. It draws on the lessons of the Six Leadership Disciplines and Humans are Awesome at Risk Management talks, providing a handful of examples of specific leadership skills to practice. The 24 skills in the matrix…


  • Summary Everybody sells, right? Wrong. Unless you’re taking an order and retiring your quota, you don’t sell – instead, you market. If you’re selling to a CISO, you need to understand the organizational dynamics that surround a CISO’s decision-making process. This talk walks through nine critical questions that CISOs need to understand the answers to…


  • The Untold Story of Fantastical Social Engineering. Hidden inside the story of Harry Potter is a most subtle of social engineering attacks. Explore how J.K. Rowling hid the world’s greatest villain in plain sight. This talk explores the world of Harry Potter from a different angle: that of the villain. In this talk, given in…


  • How do you know what to invest in next, or whether the time and energy that you’re spending on a security technology or program is a good investment?  Learn how veteran CSOs think about security investments, and develop your own rubric for evaluating where to best make your next security improvement.


  • How do you design defenses against DDoS? And how do you think about them from a policy perspective?


  • How do humans make risk decisions, and are they good, bad, or something else?


  • How do the grand challenges of the future look like the grand challenges of the past?


  • What does a Zero Trust journey look like? Explore how we migrated Akamai to a zero trust network access model, before that was even a phrase people knew.



Security Panels

  • Lenovo Late Night I.T: Cybersecurity: Trust No One

    Join Baratunde Thurston, Tim Brown, and Andy Ellis as they demistify security.


  • Cyberweek 2021: Navigating the CISO-Vendor relationship

    The panel discusses the do’s and don’ts of engagements between CSOs and early-stage startups, the concerns around long integration cycles, the value in quick implementations, and the need to show value quickly.


  • Cyberweek 2021: YL Ventures & Scale Fireside Chat

    YL Ventures and Scale Venture Partners hosted a Cyber Week 2021 Fireside chat where Wendy Nather, Sounil Yu, Ryan Gurney, and Ariel Tseitlin discussed the cyber industry challenges and trends. They talked about the burning challenges and the basics that CSOs are still struggling with, and how ransomware attacks undermine our ability to recover. Other…



Security Blog


Security Podcasts

  • Cloud Security Reinvented: Brian Haugli
    Cloud Security Reinvented: Brian Haugli

    https://open.spotify.com/episode/5gDdavIqVuWIOwOrvHmKZK Episode Summary Implementing an effective security program has become a necessity over the past decade. And without a doubt, all businesses need to level up their security game to mitigate risks and protect their information. But small- and mid-market companies are somehow left behind when it comes to security guidance and realistic capabilities. In…

  • If the Network Is Up, Somebody Is Violating Our Acceptable Use Policy
    If the Network Is Up, Somebody Is Violating Our Acceptable Use Policy

    https://cisoseries.com/if-the-network-is-up-somebody-is-violating-our-acceptable-use-policy/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Matt Radolec, senior director, incident response and cloud operations, Varonis. Full transcript [Voiceover] Ten-second security tip, go! [Andy Ellis] There’s a tendency in cyber to overemphasize specific IOCs, and we’re seeing this a lot with Log4j and…

  • Cloud Security Reinvented: Morey Haber
    Cloud Security Reinvented: Morey Haber

    https://open.spotify.com/episode/1MminP7AWPutYfASjJpM7Z The cloud is the future for a reason. Besides its massive impact on security and more convenient file storage options, the cloud has fostered the creation of an environment where you can have all the information in the palm of your hand. And speaking of the cloud and technology, the best is yet to…