01 Jul 2021

Pentagon CISO Suspected of Sharing Secrets

Katie Arrington, a top cyber official at the Pentagon is reportedly on leave while claims that she leaked classified intelligence are being investigated by the Defense Department. Arrington served as the chief information security officer (CISO) for Acquisition and Sustainment at the Defense Department. Arrington was hired in 2019 under

Read More
06 Nov 2020

OODAcast: Technology Risk Executive and former NASA CISO and CIO Jerry Davis

Jerry Davis has spent decades succeeding in hard jobs supporting critically important missions. He is a decorated combat Veteran who served in he US Marines for 11 years including in Operation Desert Storm/Desert Shield. He also served in the Central Intelligence Agency in service to world wide missions including leveraging technology in denied areas against high profile targets.  Jerry would later become the first CISO at the US Department of Education, then the CISO for NASA and later the CISO for the Department of Veterans Affairs.  He returned to NASA as the CIO for the Ames Research Center, a position he held till 2018.

Read More
21 Jul 2020

Seeking Security Alpha

In cybersecurity, it has long been assumed that the attacker has the advantage and that defenders must deploy a disproportionate amount of resources (time, money, etc.) to even try and maintain some parity. In this piece, we’ve conducted interviews with two successful CISOs to provide insight into how they view security alpha issues. Mark Weatherford is a highly experienced and successful CISO who has worked in the public sector at both the state and federal level and also as a CISO for multi-billion dollar commercial organizations. Our Global FS CISO currently works as the Global CISO at one of the largest financial services firms in the world and has 25 years of experience working on cybersecurity and risk management issues.

Their responses provide direct insight into how they work to improve the ROI of their program and increase attacker cost.

Read More
03 Apr 2020

OODA Network Interview: Tom Quinn

Tom Quinn turned an education in the U.S. Navy into a lifetime of learning.  Read  how Tom used his military skillsets to prepare him for some of the most important positions in the country:  CISO at a the world’s largest financial firms including his current role as CISO at  Investment Firm, T. Rowe Price.

“Using data science to create insight is where we are spending a lot of time.  Tools and controls are necessary and still effective, but they don’t discover the things you don’t expect to find.  You need ML/AI for that – to produce a picture of what is normal and identify what isn’t.”

Read More
18 Dec 2019

11 Habits of Highly Effective CISOs

What does it take to be a highly effective CISO? Over the past 25 years, I’ve consulted for hundreds of executives on cybersecurity issues including direct support to dozens of CISOs working to effectively manage cyber risk in a wide variety of organizations.  With this post, I’ve attempted to capture some of the best practices from the most effective CISOs I know. In future articles, we’ll look at each of the 10 habits in greater detail, including direct input from the CISO community. 

Read More
21 Nov 2019

Federal CISO: Better Info Sharing Will Lead to More Secure Supply Chain

According to the Federal CISO Grant Schneider, supply chain security threats will be on the rise in 2020, culminating with guidance from the Federal Acquisition Supply Chain Council, which was created in late 2018. The council was formed under the SECURE Technologies act and is compromised of civilian agencies, the

Read More
13 Nov 2019

Attention cybersecurity entrepreneurs: CISOs want simplicity!

As the cybersecurity field matures and enterprises face elevated security stacks due to the variety and sophistication of cybersecurity threats, it is critical that cybersecurity entrepreneurs address how to differentiate their organization and insert their offerings into these stacks. Cambell Soup Company CISO Renee Guttmann states that she has been

Read More
04 Jul 2018

Embracing a Future of Technical and Political Churn

Two things happened last week that will ultimately have a huge impact on almost every American consumer alive today.

Read More
07 Jun 2018

10 Rules For Cybersecurity Salespeople

The cybersecurity market is so congested, it can be difficult to establish a dialogue with overwhelmed CISOs.

Read More
19 Sep 2016

GAO Federal CISO Report

Under the Federal Information Security Modernization Act of 2014 (FISMA 2014), the agency chief information security officer (CISO) has the responsibility to ensure that the agency is meeting the requirements of the law, including developing, documenting, and implementing the agency-wide information security program. However, 13 of the 24 agencies GAO

Read More