CISO Resources

  • How to CISO, Volume 1: The First 91 Days

    How to CISO, Volume 1: The First 91 Days

    Just want to download the eBook? Head over to How to CISO, Volume 1: The First 91 Days! It seems to be a rite of passage for all CISOs to, at some point in their career, write down their advice for other CISOs starting a new job, whether they are a first-time or veteran CISO.…

    Read more…


Security Talks

  • This talk delves into the intersection between security–helping make wiser risk choices–and leadership–getting more done with a lower energy cost. It draws on the lessons of the Six Leadership Disciplines and Humans are Awesome at Risk Management talks, providing a handful of examples of specific leadership skills to practice. The 24 skills in the matrix…


  • Summary Everybody sells, right? Wrong. Unless you’re taking an order and retiring your quota, you don’t sell – instead, you market. If you’re selling to a CISO, you need to understand the organizational dynamics that surround a CISO’s decision-making process. This talk walks through nine critical questions that CISOs need to understand the answers to…


  • The Untold Story of Fantastical Social Engineering. Hidden inside the story of Harry Potter is a most subtle of social engineering attacks. Explore how J.K. Rowling hid the world’s greatest villain in plain sight. This talk explores the world of Harry Potter from a different angle: that of the villain. In this talk, given in…


  • How do you know what to invest in next, or whether the time and energy that you’re spending on a security technology or program is a good investment?  Learn how veteran CSOs think about security investments, and develop your own rubric for evaluating where to best make your next security improvement.


  • How do you design defenses against DDoS? And how do you think about them from a policy perspective?


  • How do humans make risk decisions, and are they good, bad, or something else?


  • How do the grand challenges of the future look like the grand challenges of the past?


  • What does a Zero Trust journey look like? Explore how we migrated Akamai to a zero trust network access model, before that was even a phrase people knew.



Security Panels

  • Lenovo Late Night I.T: Cybersecurity: Trust No One

    Join Baratunde Thurston, Tim Brown, and Andy Ellis as they demistify security.


  • Cyberweek 2021: Navigating the CISO-Vendor relationship

    The panel discusses the do’s and don’ts of engagements between CSOs and early-stage startups, the concerns around long integration cycles, the value in quick implementations, and the need to show value quickly.


  • Cyberweek 2021: YL Ventures & Scale Fireside Chat

    YL Ventures and Scale Venture Partners hosted a Cyber Week 2021 Fireside chat where Wendy Nather, Sounil Yu, Ryan Gurney, and Ariel Tseitlin discussed the cyber industry challenges and trends. They talked about the burning challenges and the basics that CSOs are still struggling with, and how ransomware attacks undermine our ability to recover. Other…



Security Blog


Security Podcasts

  • CISO Series: What We Lack In Security We’ll Make Up in School Spirit
    CISO Series: What We Lack In Security We’ll Make Up in School Spirit

    https://cisoseries.com/what-we-lack-in-security-well-make-up-in-school-spirit/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Dave Stirling, CISO, Zions Bancorporation. Full transcript [Voiceover] Ten-second security tip, go! [Dave Stirling] How do you know your managers are being thoughtful about certifying their users’ access rather than just rubber-stamping the recertification request? So, you can…

  • Cloud Security Reinvented: Ryan Gurney
    Cloud Security Reinvented: Ryan Gurney

    https://open.spotify.com/episode/58u0ezHnngNW1xQ0iGrxIr Guest-at-a-Glance 💡 Name: Ryan Gurney 💡 What he does: Ryan is the CISO-in-Residence at YL Ventures. 💡 Company: 💡 Noteworthy: Before joining YL Ventures, Ryan held security leadership positions at Looker, Google, eBay, and Zendesk. 💡 Where to find Ryan: ## Key Insights ⚡ Your cloud provider’s weaknesses can become your problem. Since the cloud has become more prevalent, many…

  • CISO Series: Ignoring Your Vulnerabilities
    CISO Series: Ignoring Your Vulnerabilities

    https://cisoseries.com/why-ignoring-most-of-your-vulnerabilities-is-the-best-strategy/‘ Which vulnerability should you tackle first? Second? Which ones should you ignore? Probably a lot more than you think. On this week’s CISO/Security Vendor Relationship Podcast, David Spark of CISO Series and I welcome sponsored guest Ed Bellis, CTO, co-founder, Kenna Security (now part of Cisco) to discuss vulnerability management among many other issues.…