The New CISO

What separates a CISO who survives from one who shapes the boardroom? In this episode, Steve Moore sits down with Walt Powell, Lead Field CISO at CDW and author of The CISO 3.0, to unpack the modern CISO playbook—why technical credentials alone no longer cut it, how to build personal eminence, and why most security leaders are still treated as second-class C-suite citizens.Walt traces his path from teaching networking before stateful firewalls existed, to writing CISSP exam questions for ISC2, to running CDW's Global Security Strategy Office. He explains what a field CISO does, why the role is harder than ex-CISOs realize, and how one bad meeting can tarnish a brand built over decades.He and Steve break down the four pillars Walt uses to measure his team—embedded advisory, eminence building, sales enablement, and voice of the customer—and how a karate-style “belt system” maps each consultant's competency. Walt explains why the same skills matrix from The CISO 3.0 works for any CISO trying to spot their own gaps.Walt argues a CISO who is not liked cannot succeed: you are the talent magnet, the culture builder, and the person proving in every board meeting that you belong in the seat. He shares the questions every candidate should ask before accepting the role—from D&O coverage to 10-K disclosure access—and why the 30-60-90 plan should be written before the second interview, not after the offer.The conversation closes with what Walt calls “strategic debt”—the identity and data governance work organizations skipped a decade ago that is now blocking AI adoption. Walt shares lessons from running OpenClaw on a Mac mini, why non-human identity tops every 2026 CISO worry list, and how Deep Research is reshaping senior architects.Key Topics• The modern field CISO role and the four pillars of impact• Why CISOs are still treated as second-class C-suite citizens• Building personal eminence through books, speaking, and writing• The CISO 3.0 skills matrix and self-assessment spider wheel• Two paths to the CISO seat: technical vs. MBA, and the gaps each leaves• Why likability is not optional for a successful CISO• Board readiness and proving you belong in the seat• Interview questions every CISO candidate must ask• Strategic debt: identity and data governance blocking AI adoption• OpenClaw, non-human identity, and the future of senior architectsGuest Bio:Walt Powell is the Lead Field CISO at CDW and a founding member of CDW's Global Security Strategy Office, where he leads a team of former CISOs advising security leaders in the field. A longtime executive coach and ISC2 exam development committee member, Walt is the author of The CISO 3.0: A Guide to Next-Generation Cybersecurity Leadership and Quantum Ready, his book on post-quantum cryptography. Connect with Walt on LinkedIn or at ciso30.com.GET A DEMO:👉 Get a hands-on demo of the Exabeam products: https://www.exabeam.com/demo🔔 Subscribe for more product demos and cybersecurity insights!ABOUT EXABEAM:Exabeam is the leader in Behavior Intelligence for the agentic enterprise. As organizations deploy digital workers and confront machine-speed adversaries, Exabeam applies agent-powered analytics to understand and govern the behavior of both human and non-human insiders. With integrated Exabeam Nova cybersecurity agents, Exabeam delivers flexible, industry-proven solutions for insider threat coverage of humans and agents and faster, more accurate threat detection, investigation, and response (TDIR). As the pioneer of user and entity behavior analytics (UEBA) and the innovator behind Agent Behavior Analytics (ABA), Exabeam is trusted by more than 3,000 enterprises worldwide to reduce risk, secure the digital workforce, and accelerate security operations. Learn more at www.exabeam.com. Exabeam: Stop Insider Threats. Human or AI. CONNECT WITH US:X: https://x.com/exabeamLinkedIn: https://www.linkedin.com/company/exabeam/Blog: https://www.exabeam.com/blog/

In this episode of The New CISO, host Steve Moore speaks with Steve Lodin, VP of Information Security at Sallie Mae, about the career challenges that shaped his leadership style and the lessons he’s learned across decades in cybersecurity.From breaking into his high school to experiment with Apple II computers to leading global security teams in Europe, Steve shares the pivotal experiences that defined his career. He opens up about career missteps, the importance of asking the right questions before accepting a new role, and how succession planning and crisis preparation are critical for every security leader. Steve also reflects on how medical emergencies, breach response, and shifting industries—from automotive to healthcare to financial services—taught him resilience, adaptability, and perspective.Key Topics Covered:Early career pivots, from engineering to cybersecurity leadershipLessons learned from career missteps and short-lived rolesThe five factors Steve now evaluates before taking a new jobSuccession planning and preparing teams to lead during emergenciesWhy tabletop exercises and exposure to executives matter for resilienceManaging stress, staying calm, and keeping perspective in high-pressure rolesThe long-tail business impact of breaches beyond immediate costsWhy financial services foster collaboration and innovation in securityThe importance of mentoring and introducing students to cybersecurity careersSteve’s story reveals why the most valuable lessons often come from challenges, not successes. His insights provide a roadmap for CISOs and aspiring leaders who want to navigate setbacks, lead with composure, and build stronger teams for the future.

In this episode of The New CISO, host Steve Moore speaks with Aleksandar Radosavljevic, Global CISO at Global Fashion Group, about building trust, measuring resilience, and the evolving role of the security leader.Aleksandar shares how his unexpected pivot from electrical engineering to cybersecurity sparked a passion for protecting systems and solving problems. With over two decades of experience across pharma, manufacturing, and tech, he offers insights into how security leaders can establish trust, drive business value, and focus on what really matters.The conversation covers the art of starting strong in a new CISO role, navigating interviews with curiosity and care, and avoiding common traps like overcomplicating metrics or chasing the latest tools without mastering the basics.Key Topics Covered:Why pharma’s mission-driven work made a lasting impact on AleksandarCareer advice for cybersecurity newcomers: follow learning, not just industryHow CISOs can build early trust by listening and understanding the businessRed flags and green lights during the CISO interview processWhy being challenged in an interview signals a healthy security cultureThe problem with vanity metrics—and what to track insteadAleksandar’s favorite KPIs: time to detect, respond, and contain incidentsThe role of situational awareness in building cyber resilienceHow simplifying language helps CISOs align with executive teamsWhy mandate and mindset matter more than reporting linesAleksandar’s story is a reminder that cybersecurity leadership is about more than tools and tactics—it’s about trust, transparency, and transforming security from a blocker into a true business enabler.

In this episode of The New CISO, host Steve Moore speaks with Ben, Director of Group Security and Architecture at Bilfinger, about the role of self-awareness, confidence, and communication in effective cybersecurity leadership.Ben shares his unconventional path to becoming a CISO, how he applies the “done is better than perfect” philosophy, and why embracing vulnerability, curiosity, and creativity is key to building strong teams. From baking sourdough to producing his own podcast, Ben highlights how personal passions can shape professional growth.Key Topics Covered:Why done is better than perfect can be a strength—not a flaw—in cybersecurityThe surprising connection between baking sourdough and fostering security cultureHow Ben’s podcast, Infosec Theater, educates non-technical audiences using humor and storytellingThe creative interview question he uses to gauge mindset: “If cybersecurity were an animal, what would it be?”Why hiring for attitude and resilience beats hiring for experience aloneHow podcasting sharpened his ability to listen, simplify, and leadBen also emphasizes the importance of recognizing your own strengths and surrounding yourself with people who balance them out. His perspective offers actionable takeaways for CISOs and security professionals seeking to grow into thoughtful, human-centered leaders.🔗 Listen to Ben’s podcast, Infosec Theater: https://www.infosec.theater/

In this episode of The New CISO, host Steve Moore speaks with Rich Durost, Chief Information Security Officer at Froedtert ThedaCare Health, about his journey from West Point cadet to cybersecurity leader—and what slicing cake has to do with building effective security programs.Drawing from 23 years in the military and over 15 years in cybersecurity, Rich shares how discipline, preparation, and teamwork—skills first sharpened during plebe year dessert duty—translate directly into the responsibilities of a CISO. He reflects on the shift from tactical to strategic thinking, the value of mentoring deputies, and why authentic leadership and relationship-building are vital in today’s remote work environment.Rich also explores the unique challenges of healthcare cybersecurity, the importance of aligning with clinical goals, and how CISOs can move from being the "department of no" to strategic business enablers by simply asking “how” instead of “no.”Whether you're a rising security professional or a seasoned executive, you’ll gain practical leadership takeaways—and maybe a new appreciation for cake.

In this episode of The New CISO, host Steve Moore sits down with Yannick Herrebaut, Cyber Resilience Manager at the Port of Antwerp-Bruges, to explore his unconventional journey from intern to security leader. Yannick shares how his early passion for technology, sparked by gaming and building his own PCs, laid the foundation for his career in cybersecurity.They discuss the importance of strong internship programs, the transition from network engineering to security leadership, and the key lessons learned when stepping into a CISO role for the first time. Yannick also reflects on the challenges of building a security program from scratch and the critical skills needed to lead a growing security team.Key topics include:How internships can shape future cybersecurity leadersThe transition from network engineering to security leadershipThe importance of business alignment in cybersecurityLessons learned in managing a growing security teamAdvice for aspiring CISOs on stepping into leadership roles00:00 - Introduction & Meet Yannick Herrebaut02:30 - From Gaming to Cybersecurity: A Passion for Technology06:30 - Internship at the Port of Antwerp: A Career Launchpad10:00 - The Value of Cybersecurity Internships & Mentorship17:00 - From Network Admin to CISO: A Big Career Leap27:00 - Building a Security Program from Scratch35:00 - Lessons in Leadership & Team Growth45:30 - What It Means to Be a New CISOLinks: LinkedIn

In this insightful episode of The New CISO, host Steve Moore sits down with Sanju Misra, Chief Information Security Officer (CISO) at Alnylam Pharmaceuticals, to explore the pivotal moments that have shaped her impressive career in cybersecurity leadership. Sanju shares her strategies for navigating career transitions, the importance of aligning with a company’s mission, and how to identify the right time to move on from a role.Listeners will gain valuable insights into:How Sanju built her career by embracing challenging projects and maintaining authentic professional relationships.The decision-making processes behind her moves from GE to Praxair, and eventually to Alnylam Pharmaceuticals.The evolution of her leadership style from a technical expert to a business risk executive.Why aligning with a company’s culture and mission is crucial for long-term success.Tips for aspiring CISOs on taking initiative, growing their networks, and articulating risk in business terms.Sanju’s reflections on imposter syndrome, professional growth, and the rewards of working in a patient-focused organization offer both inspiration and practical advice for leaders at every stage of their careers. Tune in to hear her story and discover actionable strategies for thriving as a modern CISO.0:00 - Introduction and Show Overview1:10 - Sanju Misra’s Career Path: From GE to Praxair4:00 - Building Security Programs and Leadership Growth6:30 - Navigating Mergers and the Role of Culture10:00 - Transitioning from Technologist to Business Risk Leader15:50 - Career Advice for Aspiring CISOs22:00 - Key Takeaways: Communication and Leadership EvolutionLinks: LinkedIn