As the year 2025 rushes forward, the responsibilities of CISOs are continuing to evolve. We increasingly recognize the importance of not just identifying risks but actively addressing them through direct action and influence. To remain relevant, we must continue to stay on top of emerging technologies, such as AI and automation. We must also engage... Read more ..read more

The notion that cybersecurity defenders are at an inherent disadvantage—the so-called defender's dilemma—is incorrect and counterproductive. Instead of focusing solely on how we respond to attackers’ tactics, we can identify and use the advantages inherent in our position as defenders. This article explains what a defender-oriented mindset entails and how it can help you strengthen... Read more ..read more

Organizing events that gather cybersecurity leaders requires significant effort and sponsorships. Unfortunately, some events and communities exclude CISOs who work for security vendors. This stance, though well-meaning, harms the industry and allows hidden conflicts of interest to go unchecked. Here's why and how we can address this issue to improve such events and the community at large. CISOs of All Types Industry veteran Andrew Hay once posted a tongue-in-cheek "CISO hierarchy of industry respect." At the top were security leaders of Fortune 500 companies. Further down were CISOs at financ ..read more

Creating an informative and readable report is among the many challenges of responding to cybersecurity incidents. A good report not only answers its reader's questions but also instills confidence in the response and enables the organization to learn from the incident. This blog highlights my advice on writing such incident reports. It's based on the presentation I delivered at the RSA Conference, which offers more details and is available to you on YouTube. What Do Incident Report Readers Want to Know Though you probably have your own objective for the incident report, write it with your re ..read more

Wherever you are in your professional journey, it helps to peak into another's career story to learn from their approach, mistakes, and triumphs. In the following three videos, I reflect on my career so far to share my story, hoping that others in the industry will find it useful. Perhaps you'll glean from these short episodes the insights that will help you chart your own path in cybersecurity. Episode 1: Foundation In the first episode, I discuss the challenges and opportunities of starting as an outsider--an immigrant from the former Soviet Union. I pursued a degree in computer science and ..read more

Several years into your role as a security leader at a company, you’ll reach a point when you ask yourself, “What’s next for me?” This article discusses three ways to proceed if you choose to stay at your current organization. (It was co-authored by Yael Nagler and Lenny Zeltser.) At this point in your CISO tenure, you know your way around the company, you’re familiar with the cadence and patterns of the organization, you know what’s expected, and you understand your trajectory. Consider three paths available to you if you decide not to switch employers­­. Each path comes with the b ..read more

The notion that security is everyone’s responsibility in computer systems dates back to at least the early 1980s when it was included in a US Navy training manual and hearings in the US House of Representatives. Behind the pithy slogan is the idea that every person in the organization contributes to its security program. Even if the company has employees with “security” in their title, they cannot safeguard information assets on their own. After all, people outside the security team are the ones who deliver services, build products, or otherwise engage in business activities that require maki ..read more

As the CISO at a tech company, my responsibilities include empowering our software engineering teams to maintain a strong security posture of our products. While everyone agrees that security is important, the different incentives of security and engineering teams can make it harder to collaborate. Here's some advice on weaving security into the software development cycle based on my experience as a security leader (now, at Axonius) and a product manager (prior to my current role). Understand the Teams' Motivations To collaborate with software teams, first understand their worldview. What mot ..read more

Preparing for cybersecurity and data privacy incidents involves creating checklists and documented plans to enable the response team to do their best during the incident. Preparation also includes creating a template that the team can use as the basis for the incident report, which is critical to ensuring that the incident is handled well. We created such an incident report template when we developed our incident response procedures at Axonius. I’m happy to share the public version of this template with the community in this blog post. Incident responders are welcome to use it to strengthen t ..read more

As companies seek to optimize operations and constrain expenses, cybersecurity leaders worry about funding the projects we consider essential. Fortunately, in such an economic climate, we can achieve an outcome that benefits the organization from cybersecurity as well as financial perspectives. Here’s how. Start by critically reviewing how you’ll spend the security funds; this involves broadening your perspective beyond security. Next, partner with other departments to identify opportunities for them to save money in a way that also decreases the company’s attack surface. You’ll help reduce r ..read more