The New CISO

Steve Moore

The New CISO is hosted by Exabeam Chief Security Strategist, Steve Moore. A former IT security leader himself, Steve sits down with Chief Information Security Officers to get their take on cybersecurity trends, what it takes to lead security teams and how things are changing in today’s world.

  1. 12/04/2025

    Just Starting in Security? Here’s What You Need to Succeed

    In this episode of The New CISO, host Steve Moore speaks with Iain Paterson, Chief Information Security Officer at Well Health Technologies, about his unconventional path into cybersecurity and the lessons learned from building programs across industries—from banking and healthcare to breach response and beyond. From skipping college to take an eight-month technical boot camp to leading enterprise security programs, Iain shares how curiosity, hands-on experience, and communication skills shaped his journey. He opens up about the realities of hiring in cybersecurity, why foundational IT work still matters, and how soft skills like empathy and composure are essential for effective leadership. Iain also reflects on leading through high-stress incidents, including the Ashley Madison breach, and explains why staying calm, communicating clearly, and maintaining emotional intelligence define the “new CISO.” Key Topics Covered: A nontraditional start: skipping college for certifications and hands-on learningWhy technical foundations—servers, networks, and support—still matterThe problem with “boilerplate” resumes and lack of real-world experienceWhy soft skills are a security superpower: communication, patience, and empathyTransitioning from technician to business enabler in cybersecurityHow early help desk experience builds composure and problem-solving abilityLessons from running vulnerability management in large-scale bankingLearning resilience and resourcefulness as a one-person security team in healthcareBehind the scenes of the Ashley Madison breach: stress, responsibility, and empathyWhy composure, calm communication, and credibility matter in crisis responseThe leadership evolution from technical expert to executive decision-makerBuilding peer networks and finding mentorship to combat isolation as a CISO Iain’s story highlights how real experience, emotional intelligence, and community support transform good technologists into exceptional leaders. His insights remind us that cybersecurity isn’t just about defense—it’s about communication, composure, and connection.

    50 min

  2. 11/13/2025

    Think Outside the Job: How to Shift Your Career Mindset

    In this episode of The New CISO (Episode 137), host Steve Moore speaks with Gideon Knocke, CISO at Visage Imaging, about rethinking how we grow in our careers and why learning to “think outside the job” is key to long-term success. From studying cybersecurity when the field was still new to leading security for millions of patient records in healthcare, Gideon shares how his early curiosity and “career accidents” helped shape his mindset as a modern CISO. He reflects on shifting from technical problem-solving to people-centric leadership, learning how visibility and credibility shape opportunity, and why networking—inside and outside your company—is essential for resilience and growth. Gideon also explains why risk quantification isn’t just about numbers, but about decision-making, communication, and understanding what your organization truly values. Key Topics Covered: Early lessons from studying cybersecurity before it went mainstreamWhy some of the best careers evolve through “happy accidents” and curiosityHow to build visibility and relevance beyond doing good workThe difference between being seen as an asset versus a personHow networking and outreach can transform your mindset and open new doorsTurning fear of public speaking into confidence through preparation and iterationThe leadership balance between taking accountability and fostering team candorWhy large-organization politics can hinder honest communicationThe art of quantifying risk for better decision-making, not just reportingWhy the new CISO must start with company beliefs and build security on shared values Gideon’s journey reveals that career success often comes from stepping outside your comfort zone—whether that’s reaching out to 100 strangers on LinkedIn, giving your first talk, or reframing how you communicate risk. His insights remind leaders that growth begins when you stop thinking only about your job and start thinking about your impact.

    52 min

  3. 10/23/2025

    Pick Your Pain: A Methodical Approach to Career Growth

    In this episode of The New CISO (Episode 136), host Steve Moore speaks with Carl Cahill, CISO, about a deliberate, methodical approach to career growth—and why every leader must “pick their pain” to progress. From combat arms in the U.S. Army to Active Directory engineering and large-enterprise incident response, Carl shares the pivotal choices that shaped his leadership. He opens up about moving from certifications to business fluency, using a personal gap analysis to chart his path to the C-suite, and how feedback like being called a “propeller head” pushed him to translate geek speak into the language of finance, law, and strategy. Carl also explains his five-phase 100-day plan, why IR readiness comes first, and how “radical collaboration” defines the modern CISO. Key Topics Covered: Early career pivots: Army leadership, perseverance, and precision → IT foundationsCertifications as a fast track (then) vs. blended learning and passion projects (now)The “pick your pain” decision: staying comfortable vs. returning to school to advanceBuilding a CISO gap analysis from job reqs and targeting stretch assignmentsUpgrading the lexicon: finance, legal, and general management (e.g., Wharton GMP)Turning tough feedback into growth: from geek speak to boardroom dialogueConsulting variety vs. ownership: when to switch for long-term impactThe 100-day plan: assess → plan → act → measure → adjust (with IR first)Stakeholder mapping, team SWOTs, and making strategy stick beyond 90 daysMetrics as a “health language” and why today’s CISO must be a radical collaborator Carl’s story shows how intentional trade-offs—education, language, and leadership style—compound into career momentum. His roadmap helps CISOs and aspiring leaders navigate transitions with discipline, communicate across the business, and build resilient teams that lead with clarity.

    45 min

  4. 10/02/2025

    From Breach to BISO: Becoming a Security Influencer

    Most security professionals know what a CISO does. But what about a BISO? And why are Fortune 500 companies increasingly creating this executive role? In this episode of The New CISO Podcast, host Steve Moore sits down with Evan Ferree, Staff Vice President and Business Information Security Officer at a Fortune 50 company, to decode one of cybersecurity's most misunderstood leadership positions. What You'll Learn:Understanding the BISO Role: What a Business Information Security Officer actually does (and how it differs from a Deputy CISO)When organizations need a BISO - the size, industry, and complexity indicatorsWhy the BISO serves as a "force multiplier" for the security organizationHow to measure and defend BISO value during organizational change The Career Journey: Evan's unconventional path from IT infrastructure to executive security leadershipHow a major cybersecurity breach became his "MBA in cybersecurity" in six monthsWhy volunteering for uncomfortable work during crisis creates career opportunitiesThe progression from vulnerability analyst to SOC leadership to Staff VP The 90% Influence Principle: Why the BISO role is about influence, not authorityHow to navigate multiple business units with different security needsMastering the "why" behind security initiatives for non-technical audiencesBuilding relationships and organizational awareness over time Executive Skills That Matter: The "log lines" storytelling framework from Deloitte CISO AcademyDeveloping executive presence through failure and self-awarenessWhen to end a meeting and start over (and why that's okay)Speaking plain English vs. technical jargon with business leaders Practical Career Advice: Transitioning from tactical security operations to strategic leadership rolesWhy getting uncomfortable is essential for growthBuilding business acumen alongside technical expertiseWhy Evan's best security hires came from outside cybersecurity Key Insight: "You are 90% an influencer in this role. Unlike tactical security work where authority and urgency create credibility, the BISO must master explaining why security matters to the business - in terms the business understands." Whether you're a security professional planning your path to executive leadership, a CISO considering adding a BISO function, or a business leader trying to understand how security enables business outcomes, this episode delivers actionable insights from someone who's lived the journey. Guest: Evan Ferree, Staff Vice President & Business Information Security Officer at a Fortune 50 company, with 11 years of progressive security leadership experience spanning Security Operations, threat management, vulnerability management, and business information security. Hosted by: Steve Moore | Produced in partnership with: Exabeam

    42 min

  5. 09/11/2025

    Are You Relying on the Right Tools?

    In this episode of The New CISO, host Steve Moore speaks with Dr. Timo Wandhöfer, Group CISO and Head of Information Security & Business Continuity Management at Klöckner & Co, about the evolving responsibilities of modern CISOs and why influencing—not just convincing—stakeholders is essential for success. From his early career as a researcher in computer science to leading global security and resiliency efforts in the steel industry, Timo shares how critical thinking, skepticism, and cross-functional collaboration shaped his leadership style. He reflects on the dangers of overconfidence in detection, the risks of over-relying on tools, and the lessons learned from merging information security with business continuity. Timo also explores how AI can both accelerate remediation and introduce new risks, and why resilience planning and transparent communication are at the core of effective leadership. Key Topics Covered: The evolving role of the CISO: from protection to resilience and adaptabilityHow research skills translate into critical thinking and cross-functional collaborationWhy overconfidence and lack of visibility remain major pitfalls in security programsThe importance of transparency, maturity, and asset inventory for strong defensesResiliency planning: ransomware recovery, crisis management, and operating modelsInsider threat investigations and the role of HR, Legal, and IT in responseThe shift from convincing to influencing stakeholders through dialogueThe promise and risks of AI and automation in remediation and decision-makingWhy today’s CISO must be a communicator, storyteller, and business leader Timo’s journey highlights how resilience, adaptability, and influence define the “new CISO.” His insights provide a roadmap for leaders who want to strengthen security programs, build trust with stakeholders, and guide their organizations with both technical and business acumen.

    44 min

  6. 08/21/2025

    Teachable Moments: How to Learn from Career Challenges

    In this episode of The New CISO, host Steve Moore speaks with Steve Lodin, VP of Information Security at Sallie Mae, about the career challenges that shaped his leadership style and the lessons he’s learned across decades in cybersecurity. From breaking into his high school to experiment with Apple II computers to leading global security teams in Europe, Steve shares the pivotal experiences that defined his career. He opens up about career missteps, the importance of asking the right questions before accepting a new role, and how succession planning and crisis preparation are critical for every security leader. Steve also reflects on how medical emergencies, breach response, and shifting industries—from automotive to healthcare to financial services—taught him resilience, adaptability, and perspective. Key Topics Covered: Early career pivots, from engineering to cybersecurity leadershipLessons learned from career missteps and short-lived rolesThe five factors Steve now evaluates before taking a new jobSuccession planning and preparing teams to lead during emergenciesWhy tabletop exercises and exposure to executives matter for resilienceManaging stress, staying calm, and keeping perspective in high-pressure rolesThe long-tail business impact of breaches beyond immediate costsWhy financial services foster collaboration and innovation in securityThe importance of mentoring and introducing students to cybersecurity careers Steve’s story reveals why the most valuable lessons often come from challenges, not successes. His insights provide a roadmap for CISOs and aspiring leaders who want to navigate setbacks, lead with composure, and build stronger teams for the future.

    42 min

  7. 07/24/2025

    How to Score a Security Role — Without Collecting Certifications

    In this episode of The New CISO, host Steve Moore speaks with Marius Poskus, Chief Information Security Officer at Glow Financial Services and creator of the Cyber Diaries podcast. Marius shares his journey from physical security into cybersecurity leadership—and how he did it without relying on traditional certifications. Marius reflects on how self-directed learning, mentorship, and a strong personal brand helped him pivot careers and thrive in the FinTech space. He explains why the security industry needs to stop glorifying certifications, how to break in through SOC roles, and what truly makes a candidate stand out in interviews. From coaching new talent to advising startups on go-to-market strategies, Marius emphasizes that attitude and aptitude matter far more than credentials. Key Topics Covered: Why Marius walked away from a career in physical security—and how that experience shaped his cyber pathThe critical difference between certification collecting and real-world skill developmentWhy most entry-level cybersecurity roles are in SOCs—and how to leverage thatHow sharing your learning journey online builds credibility and unlocks job opportunitiesThe two A’s that matter most when hiring: attitude and aptitudeCommon mistakes startups make when targeting CISOs and building security toolsThe growing risks of “AI-washing” and what real AI innovation should look likeWhy mentorship only works when mentees are willing to put in the workHow to shift from security awareness “stick” tactics to culture-based collaborationWhat it means to build a personal brand that outlasts your job title Marius’ story proves that cybersecurity success doesn’t come from certificates—it comes from curiosity, consistency, and community. Whether you’re just starting your career or leading a security team, this episode will inspire you to focus on what really moves the needle. Marius Poskus Podcast - Cyber Diaries Podcast

    52 min

  8. 07/03/2025

    Ask the Right Questions: How Building Trust Brings Value

    In this episode of The New CISO, host Steve Moore speaks with Aleksandar Radosavljevic, Global CISO at Global Fashion Group, about building trust, measuring resilience, and the evolving role of the security leader. Aleksandar shares how his unexpected pivot from electrical engineering to cybersecurity sparked a passion for protecting systems and solving problems. With over two decades of experience across pharma, manufacturing, and tech, he offers insights into how security leaders can establish trust, drive business value, and focus on what really matters. The conversation covers the art of starting strong in a new CISO role, navigating interviews with curiosity and care, and avoiding common traps like overcomplicating metrics or chasing the latest tools without mastering the basics. Key Topics Covered: Why pharma’s mission-driven work made a lasting impact on AleksandarCareer advice for cybersecurity newcomers: follow learning, not just industryHow CISOs can build early trust by listening and understanding the businessRed flags and green lights during the CISO interview processWhy being challenged in an interview signals a healthy security cultureThe problem with vanity metrics—and what to track insteadAleksandar’s favorite KPIs: time to detect, respond, and contain incidentsThe role of situational awareness in building cyber resilienceHow simplifying language helps CISOs align with executive teamsWhy mandate and mindset matter more than reporting lines Aleksandar’s story is a reminder that cybersecurity leadership is about more than tools and tactics—it’s about trust, transparency, and transforming security from a blocker into a true business enabler.

    51 min
See All (138)

4.9
out of 5
39 Ratings

About

The New CISO is hosted by Exabeam Chief Security Strategist, Steve Moore. A former IT security leader himself, Steve sits down with Chief Information Security Officers to get their take on cybersecurity trends, what it takes to lead security teams and how things are changing in today’s world.

Information

  • Creator
    Steve Moore
  • Years Active
    2019 - 2025
  • Episodes
    138
  • Rating
    Clean
  • Copyright
    © 517748
  • Show Website
    The New CISO

You Might Also Like