From CISO to Startup: OT Security, Leadership, and Lessons from the Field

From CISO to Startup: OT Security, Leadership, and Lessons from the Field

From Critical Assets Podcast by Patrick Miller

April 13, 2025 · 44 min · Season 3 · Episode 2

About this episode

Patrick Miller interviews Darren Highfill about his experiences and lessons learned as a CISO in cybersecurity leadership.

In this episode of the Critical Assets Podcast , Patrick Miller interviews Darren Highfill, former CISO of Norfolk Southern, for a candid look behind the curtain of life as a security executive. Darren shares hard-won lessons from building and leading a cybersecurity program in a critical infrastructure environment, including how to gain executive buy-in, scale a team, and align security with business priorities. He reflects on the challenges of translating cyber risk into business risk, managing real-world incidents, and the evolving expectations of the CISO role. Whether you're in the chair now or working toward it, this conversation is packed with practical insights for anyone navigating cybersecurity leadership. Show links: Darren Highfill LinkedIn Profile - https://www.linkedin.com/in/darrenhighfill/ NIST Cyber Security Framework (CSF) - https://www.nist.gov/cyberframework Ankrd website - https://www.ankrd.com/

People in this episode

Host: Patrick Miller

Guest: Darren Highfill

Topics covered

  • cybersecurity
  • leadership
  • critical infrastructure
  • CISO role
  • business alignment
  • executive buy-in

Keywords

  • CISO
  • cybersecurity program
  • executive buy-in
  • business priorities
  • cyber risk
  • real-world incidents
  • NIST Cyber Security Framework

Mentioned in this episode

Organizations: Norfolk Southern, NIST, Ankrd

More episodes of Critical Assets Podcast

Explore listener stats, chart rankings, contacts and more on the Critical Assets Podcast podcast page.