Épisodes

  • Ask the Right Questions: How Building Trust Brings Value
    Jul 3 2025

    In this episode of The New CISO, host Steve Moore speaks with Aleksandar Radosavljevic, Global CISO at Global Fashion Group, about building trust, measuring resilience, and the evolving role of the security leader.

    Aleksandar shares how his unexpected pivot from electrical engineering to cybersecurity sparked a passion for protecting systems and solving problems. With over two decades of experience across pharma, manufacturing, and tech, he offers insights into how security leaders can establish trust, drive business value, and focus on what really matters.

    The conversation covers the art of starting strong in a new CISO role, navigating interviews with curiosity and care, and avoiding common traps like overcomplicating metrics or chasing the latest tools without mastering the basics.

    Key Topics Covered:

    • Why pharma’s mission-driven work made a lasting impact on Aleksandar
    • Career advice for cybersecurity newcomers: follow learning, not just industry
    • How CISOs can build early trust by listening and understanding the business
    • Red flags and green lights during the CISO interview process
    • Why being challenged in an interview signals a healthy security culture
    • The problem with vanity metrics—and what to track instead
    • Aleksandar’s favorite KPIs: time to detect, respond, and contain incidents
    • The role of situational awareness in building cyber resilience
    • How simplifying language helps CISOs align with executive teams
    • Why mandate and mindset matter more than reporting lines

    Aleksandar’s story is a reminder that cybersecurity leadership is about more than tools and tactics—it’s about trust, transparency, and transforming security from a blocker into a true business enabler.

    Voir plus Voir moins
    51 min
  • The Challenge of Securing Critical Infrastructure
    Jun 12 2025

    In this episode of The New CISO, host Steve Moore speaks with Keith Price, Chief Security Officer at National Highways, about the evolving responsibilities of modern security leaders and the critical role of convergence between cyber, physical, and people security.

    Keith shares real-world stories from his work protecting England’s strategic road network—used by over four million people daily—and explains why understanding both legacy infrastructure and cutting-edge technology is essential for building a resilient security strategy. From managing insider threats and recovering stolen radar equipment to championing mental health and developing junior talent, Keith offers a holistic approach to leadership in critical infrastructure.

    Key Topics Covered:

    • How converging physical, cyber, and personnel security leads to stronger protection
    • Real-life insider threat examples—and how sensors helped prevent major damage
    • The challenge of managing decades-old asset tracking systems across regions
    • Why availability and integrity of data now outweigh confidentiality in certain sectors
    • How Keith’s team detected stolen highway radar for sale on eBay
    • The importance of empathetic leadership and supporting mental health in security teams
    • How "Cyber Coffee" sessions create safe spaces for vulnerability and connection
    • Upskilling IT staff into cybersecurity roles through “pay-it-forward” learning
    • The case for offering security-as-a-service to small but critical supply chain partners

    Keith’s insights reveal why successful security leadership requires more than just technical knowledge—it demands communication, humility, and a deep understanding of human behavior. This conversation is a must-listen for any security professional working to bridge silos and lead with impact.

    Voir plus Voir moins
    1 h
  • Is Done Better Than Perfect? Self-Awareness as a CISO
    May 22 2025

    In this episode of The New CISO, host Steve Moore speaks with Ben, Director of Group Security and Architecture at Bilfinger, about the role of self-awareness, confidence, and communication in effective cybersecurity leadership.

    Ben shares his unconventional path to becoming a CISO, how he applies the “done is better than perfect” philosophy, and why embracing vulnerability, curiosity, and creativity is key to building strong teams. From baking sourdough to producing his own podcast, Ben highlights how personal passions can shape professional growth.

    Key Topics Covered:

    • Why done is better than perfect can be a strength—not a flaw—in cybersecurity
    • The surprising connection between baking sourdough and fostering security culture
    • How Ben’s podcast, Infosec Theater, educates non-technical audiences using humor and storytelling
    • The creative interview question he uses to gauge mindset: “If cybersecurity were an animal, what would it be?”
    • Why hiring for attitude and resilience beats hiring for experience alone
    • How podcasting sharpened his ability to listen, simplify, and lead

    Ben also emphasizes the importance of recognizing your own strengths and surrounding yourself with people who balance them out. His perspective offers actionable takeaways for CISOs and security professionals seeking to grow into thoughtful, human-centered leaders.

    🔗 Listen to Ben’s podcast, Infosec Theater: https://www.infosec.theater/

    Voir plus Voir moins
    48 min
  • Classroom to Boardroom: How Teaching Makes Leaders Better
    May 1 2025

    In this episode of The New CISO, host Steve Moore talks with Nithin Reddy, Global VP of Cybersecurity at Dayforce, about how his dual roles in cybersecurity leadership and education shape his approach to building stronger, smarter teams.

    Nithin reveals how teaching cybersecurity not only amplifies his impact but also sharpens his communication and leadership skills. From protecting millions of users’ data to mentoring students and influencing curriculum design, he shares why simplifying complex ideas is the key to inspiring both executives and future security professionals.

    The conversation explores:

    • The link between teaching and leadership growth
    • How to manage stress in high-stakes security operations—and tell the difference between “good” and “bad” stress
    • Dayforce’s in-house employee risk scoring model and the power of just-in-time access controls
    • The impact of generative AI on phishing threats and how awareness training must evolve
    • A real-life story of using a fake $200 gift card to teach conference-goers a lesson on social engineering

    Whether you’re leading a SOC or standing at the front of a classroom, this episode is a masterclass in turning knowledge into influence—and purpose into performance.

    Voir plus Voir moins
    52 min
  • What Can Cutting Cake Teach a CISO?
    Apr 10 2025

    In this episode of The New CISO, host Steve Moore speaks with Rich Durost, Chief Information Security Officer at Froedtert ThedaCare Health, about his journey from West Point cadet to cybersecurity leader—and what slicing cake has to do with building effective security programs.

    Drawing from 23 years in the military and over 15 years in cybersecurity, Rich shares how discipline, preparation, and teamwork—skills first sharpened during plebe year dessert duty—translate directly into the responsibilities of a CISO. He reflects on the shift from tactical to strategic thinking, the value of mentoring deputies, and why authentic leadership and relationship-building are vital in today’s remote work environment.

    Rich also explores the unique challenges of healthcare cybersecurity, the importance of aligning with clinical goals, and how CISOs can move from being the "department of no" to strategic business enablers by simply asking “how” instead of “no.”

    Whether you're a rising security professional or a seasoned executive, you’ll gain practical leadership takeaways—and maybe a new appreciation for cake.

    Voir plus Voir moins
    46 min
  • Why the Best Security Leaders Stay Curious
    Mar 20 2025

    In this episode of The New CISO, host Steve Moore sits down with Michael Mendelsohn, CISO at Majesco, to discuss his journey in cybersecurity—from his early days as a software developer to leading security for a major insurance software company.

    Michael shares insights into the evolving role of a CISO, the intersection of security and technology, and how curiosity and problem-solving have shaped his career. He dives into his experience building Arcus, an early security tool designed for software inventory and patch management, and how grassroots security engineering played a pivotal role in his professional growth.

    Other key topics include:

    ✅ The changing landscape of cybersecurity leadership

    ✅ The balance between open-source tools and enterprise security solutions

    ✅ AI’s impact on security automation and risk management

    ✅ How security leaders can work effectively with legal teams

    ✅ The importance of curiosity, adaptability, and mentorship in a security career

    Whether you're a seasoned security professional or an aspiring CISO, this episode offers valuable insights into the challenges and opportunities of leading security in today’s rapidly evolving digital landscape.

    🔗 Listen now and learn how to navigate the complexities of cybersecurity leadership with a strategic and technical mindset!

    #Cybersecurity #CISO #Leadership #SecurityEngineering #AI #CyberThreats #RiskManagement #DataSecurity #TechLeadership

    Voir plus Voir moins
    52 min
  • Embracing Naivety as a New CISO
    Feb 27 2025

    In this episode of The New CISO, host Steve Moore sits down with Yannick Herrebaut, Cyber Resilience Manager at the Port of Antwerp-Bruges, to explore his unconventional journey from intern to security leader. Yannick shares how his early passion for technology, sparked by gaming and building his own PCs, laid the foundation for his career in cybersecurity.

    They discuss the importance of strong internship programs, the transition from network engineering to security leadership, and the key lessons learned when stepping into a CISO role for the first time. Yannick also reflects on the challenges of building a security program from scratch and the critical skills needed to lead a growing security team.

    Key topics include:

    • How internships can shape future cybersecurity leaders
    • The transition from network engineering to security leadership
    • The importance of business alignment in cybersecurity
    • Lessons learned in managing a growing security team
    • Advice for aspiring CISOs on stepping into leadership roles

    00:00 - Introduction & Meet Yannick Herrebaut

    02:30 - From Gaming to Cybersecurity: A Passion for Technology

    06:30 - Internship at the Port of Antwerp: A Career Launchpad

    10:00 - The Value of Cybersecurity Internships & Mentorship

    17:00 - From Network Admin to CISO: A Big Career Leap

    27:00 - Building a Security Program from Scratch

    35:00 - Lessons in Leadership & Team Growth

    45:30 - What It Means to Be a New CISO

    Links: LinkedIn

    Voir plus Voir moins
    51 min
  • Take a Preemptive Strike on Your Career
    Jan 23 2025

    In this insightful episode of The New CISO, host Steve Moore reconnects with Azzam Zahir to explore his career evolution, from cybersecurity leadership to his recent role as a vertical CIO at General Motors. Azzam shares candid reflections on his conscious decision to leave his 12-year tenure, embracing change, and navigating personal growth in leadership roles.

    Dive into Azzam’s inspiring journey as he discusses:

    • Overcoming Career Burnout: How to recognize signs of exhaustion and take proactive steps toward rejuvenation.
    • Navigating Career Pivots: The importance of calculated risks and stepping beyond the traditional boundaries of cybersecurity.
    • Building Trust Through Relationships: Insights on fostering trust and credibility within organizations to facilitate career growth.
    • Maintaining Mental Health: Practical tips on incorporating wellness into demanding careers, from mental health check-ins to daily habits for balance.
    • The Gartner Hype Cycle of Careers: Azzam's unique perspective on managing career highs and lows and knowing when to make a change.

    This episode is a must-listen for IT and security professionals considering career transitions, aspiring leaders seeking inspiration, or anyone looking to balance professional growth with personal well-being. Tune in to gain actionable advice and deep reflections from a leader who’s successfully embraced transformation.

    0:00 Introduction and Guest Overview

    1:43 Announcing a Career Change

    5:54 Transitioning from Cybersecurity to CIO

    13:03 The Emotional Impact of Cybersecurity Careers

    22:36 Prioritizing Health and Wellness

    30:10 The Power of Non-Traditional Thinking

    35:34 The Gartner Hype Cycle of Careers

    41:55 Advice for Career Transitions

    Links: LinkedIn

    Voir plus Voir moins
    45 min