Architect and Firefighter: How a Modern CISO Leads in Crisis

Architect and Firefighter: How a Modern CISO Leads in Crisis

From The New CISO by Steve Moore

March 12, 2026 · 49 min · Season 1 · Episode 142

About this episode

Alan Lucas discusses the dual role of a CISO in crisis management and cybersecurity leadership.

Alan Lucas always wanted to be an architect or a firefighter — as CISO of Worldstream and Greenhouse Datacenters, he has become both. In this episode, he joins host Steve Moore to explore leading cybersecurity at the intersection of design and crisis response. Alan traces his path from Fox-IT through a Dutch cryptocurrency exchange where he arrived post-breach to an organization under near-constant attack from nation-state threat actors. Leading a technically sophisticated but security-anxious leadership team, he learned the lasting power of transparency and directness — and his most memorable measure of success was not a technical control, but a CTO who finally slept through the night. The conversation goes deep into crisis communication. Alan and Steve discuss how the industry has matured from reflexive silence around breaches to embracing transparency as a trust-building tool, the danger of well-meaning legal edits that send customers chasing the wrong narrative, and why the CISO should hold final review over all public incident communications. He also shares his Security Champions Program, tabletop exercise design, and why knowing who to call in a crisis must be mapped out…

People in this episode

Host: Steve Moore

Guest: Alan Lucas

Topics covered

  • cybersecurity
  • crisis management
  • transparency
  • communication
  • leadership
  • ethical hacking

Keywords

  • CISO
  • crisis response
  • security
  • transparency
  • communication
  • ethical hacking
  • trust
  • incident management

Mentioned in this episode

Organizations: Worldstream, Greenhouse Datacenters, Fox-IT, Dutch cryptocurrency exchange, DIVD

More episodes of The New CISO

Explore listener stats, chart rankings, contacts and more on the The New CISO podcast page.