The New CISO Podcast

The New CISO is a podcast hosted by Exabeam Chief Security Strategist, Steve Moore. A former IT security leader himself, Steve sits down with Chief Information Security Officers to get their take on cybersecurity trends, what it takes to lead security teams and how things are changing in today’s world.

What career path is best? When is a data breach is over? How do you manage limited IT budgets for maximum ROI? Informative and educational, The New CISO answers your burning cybersecurity questions. Whether you’re a current or aspiring CISO, The New CISO provides practical advice, guidance, and lessons learned from peers.

Have a topic or guest you’d like to see featured on The New CISO? Email us at

Listen and Subscribe

iTunes Button (via Listen on Google Play Music Listen on Spotify RSS Feed

Hosted by Steve Moore

Steve Moore is Vice President and Chief Security Strategist at Exabeam, helping drive solutions for threat detection and advising customers on security programs and breach response. He is the host of the “The New CISO Podcast” and a Forbes Tech Council member. Prior to Exabeam, Moore served as Staff VP of Cybersecurity Analytics at Anthem, a Fortune 30 healthcare company. Moore’s experience includes leading the investigation of state sponsored cyberespionage campaigns, breach response, associated legal depositions, and client management. He’s passionate about cybersecurity, teamwork and leadership excellence.

Episode 7: Understanding the Adversary

Building a career in security can be a challenge, even for those of us who start off early. For some however, the job can be a natural progression from her Majesty’s armed forces to helping secure the 2012 Olympics and ultimately becoming a CISO. So how do you channel these unique experiences into something that will withstand the diverse threats organizations face today?

Mick Jenkins is the Chief Information Security Officer at Brunel University and a former counter terrorism officer in the British Armed Forces.

Mick Jenkins

Episode 6: Contributing to the Cybersecurity Community

Not too long ago you’d be hard pressed to find cybersecurity communities to engage with, whereas today their ubiquity might be putting them at risk. With so many – and often topical – security communities, how do we ensure the important issues take center stage; promote information sharing, avoid political problems and the sins of our past, all while nurturing young security talent for the future?

Scott Morris is the Vice President, Chief Information Security Officer at BlueCross BlueShield Western New York, where he’s responsible for leading the Enterprise Information Assurance team, including information security, regulatory compliance and process assurance, and incident/problem management.

Scott Morris

Episode 5: Does Security Training Really Work?

If we believe that employees are our first line of defense against attacks – like phishing, credential theft, and business email compromise, we need their active participation. But is security training – specifically phishing training – really effective? Should we be doing it differently? We touch on the idea of training versus education, positive reinforcement versus negative, suggestions for engaging with employees, and the best sushi in Vegas.

David Tyburski is the Global Chief Information Security Officer for Wynn Resorts, where for over the last 10 years, he has been responsible for leading the enterprise strategy for information security, identity / access, governance, and incident management for the Las Vegas based developer and operator of high-end luxury hotels and casinos.

David Tyburski

Episode 4: Winning Over the Board

The CISO and the board generally share something in common – they both want to manage risk and make the business successful. But a CISO has to earn the board’s trust, even when it’s well established that they’re the security subject matter expert.

Colin Anderson is Vice President of Information Technology, Global Chief Information Security Officer at Levi Strauss & Co. In this role he manages an international team responsible for information risk management, regulatory compliance, information privacy, and IT enterprise risk management.

Colin Anderson

Episode 3: What It Means to Be an Honest Broker

Learn what it means to be an “honest broker” in the context of security leadership—an agent of trust and transparency for a business. Brian covers strategies for delivering the right message to the board, the learning opportunities that come with candor, and the honest truth about managing the inherent stress of being a CISO.

Brian Haugli is a partner at Side Channel Security, a consulting firm in the Boston area. Previously VP and chief security officer for The Hanover Insurance Group, he’s a seasoned security leader who’s held numerous roles within the federal government responsible for strategic initiatives involving cybersecurity and information risk management.

Brian Haugli

Episode 2: The Ins and Outs of Budgeting

Andrew Wild, CISO at QTS Data Centers, talks about building an IT security budget, the challenges of prioritizing resources to balance risk, and the value of cooperation–something often more difficult to obtain than the budget itself.

Andrew Wild is CISO of QTS Data Centers. As an information security and risk management executive with over 25 years of experience, he has built and managed numerous corporate information security programs and is known for leading by example with a positive and energetic attitude.

Andrew Wild

Episode 1: Lessons Learned from a Virtual CISO

Matt Klein, Virtual CISO and Executive Advisor at Optiv, sits down with Steve Moore to share his insights on teamwork, getting visibility at the executive level, and the right prep for effective board conversations.

Matt Klein is a virtual CISO and executive advisor for Optiv. He advises enterprises on how to transition through leadership changes, improve security and reduce risk, and identify areas of opportunity where information technology can help contribute value to the bottom line.

Matt Klein