Is Done Better Than Perfect? Self-Awareness as a CISO
In this episode of The New CISO, host Steve Moore speaks with Ben, Director of Group Security and Architecture at Bilfinger, about the role of self-awareness, confidence, and communication in effective cybersecurity leadership.Ben shares his unconventional path to becoming a CISO, how he applies the “done is better than perfect” philosophy, and why embracing vulnerability, curiosity, and creativity is key to building strong teams. From baking sourdough to producing his own podcast, Ben highlights how personal passions can shape professional growth.Key Topics Covered:Why done is better than perfect can be a strength—not a flaw—in cybersecurityThe surprising connection between baking sourdough and fostering security cultureHow Ben’s podcast, Infosec Theater, educates non-technical audiences using humor and storytellingThe creative interview question he uses to gauge mindset: “If cybersecurity were an animal, what would it be?”Why hiring for attitude and resilience beats hiring for experience aloneHow podcasting sharpened his ability to listen, simplify, and leadBen also emphasizes the importance of recognizing your own strengths and surrounding yourself with people who balance them out. His perspective offers actionable takeaways for CISOs and security professionals seeking to grow into thoughtful, human-centered leaders.🔗 Listen to Ben’s podcast, Infosec Theater: https://www.infosec.theater/
--------
47:33
Classroom to Boardroom: How Teaching Makes Leaders Better
In this episode of The New CISO, host Steve Moore talks with Nithin Reddy, Global VP of Cybersecurity at Dayforce, about how his dual roles in cybersecurity leadership and education shape his approach to building stronger, smarter teams.Nithin reveals how teaching cybersecurity not only amplifies his impact but also sharpens his communication and leadership skills. From protecting millions of users’ data to mentoring students and influencing curriculum design, he shares why simplifying complex ideas is the key to inspiring both executives and future security professionals.The conversation explores:The link between teaching and leadership growthHow to manage stress in high-stakes security operations—and tell the difference between “good” and “bad” stressDayforce’s in-house employee risk scoring model and the power of just-in-time access controlsThe impact of generative AI on phishing threats and how awareness training must evolveA real-life story of using a fake $200 gift card to teach conference-goers a lesson on social engineeringWhether you’re leading a SOC or standing at the front of a classroom, this episode is a masterclass in turning knowledge into influence—and purpose into performance.
--------
51:46
What Can Cutting Cake Teach a CISO?
In this episode of The New CISO, host Steve Moore speaks with Rich Durost, Chief Information Security Officer at Froedtert ThedaCare Health, about his journey from West Point cadet to cybersecurity leader—and what slicing cake has to do with building effective security programs.Drawing from 23 years in the military and over 15 years in cybersecurity, Rich shares how discipline, preparation, and teamwork—skills first sharpened during plebe year dessert duty—translate directly into the responsibilities of a CISO. He reflects on the shift from tactical to strategic thinking, the value of mentoring deputies, and why authentic leadership and relationship-building are vital in today’s remote work environment.Rich also explores the unique challenges of healthcare cybersecurity, the importance of aligning with clinical goals, and how CISOs can move from being the "department of no" to strategic business enablers by simply asking “how” instead of “no.”Whether you're a rising security professional or a seasoned executive, you’ll gain practical leadership takeaways—and maybe a new appreciation for cake.
--------
45:35
Why the Best Security Leaders Stay Curious
In this episode of The New CISO, host Steve Moore sits down with Michael Mendelsohn, CISO at Majesco, to discuss his journey in cybersecurity—from his early days as a software developer to leading security for a major insurance software company.Michael shares insights into the evolving role of a CISO, the intersection of security and technology, and how curiosity and problem-solving have shaped his career. He dives into his experience building Arcus, an early security tool designed for software inventory and patch management, and how grassroots security engineering played a pivotal role in his professional growth.Other key topics include:✅ The changing landscape of cybersecurity leadership✅ The balance between open-source tools and enterprise security solutions✅ AI’s impact on security automation and risk management✅ How security leaders can work effectively with legal teams✅ The importance of curiosity, adaptability, and mentorship in a security careerWhether you're a seasoned security professional or an aspiring CISO, this episode offers valuable insights into the challenges and opportunities of leading security in today’s rapidly evolving digital landscape.🔗 Listen now and learn how to navigate the complexities of cybersecurity leadership with a strategic and technical mindset!#Cybersecurity #CISO #Leadership #SecurityEngineering #AI #CyberThreats #RiskManagement #DataSecurity #TechLeadership
--------
51:35
Embracing Naivety as a New CISO
In this episode of The New CISO, host Steve Moore sits down with Yannick Herrebaut, Cyber Resilience Manager at the Port of Antwerp-Bruges, to explore his unconventional journey from intern to security leader. Yannick shares how his early passion for technology, sparked by gaming and building his own PCs, laid the foundation for his career in cybersecurity.They discuss the importance of strong internship programs, the transition from network engineering to security leadership, and the key lessons learned when stepping into a CISO role for the first time. Yannick also reflects on the challenges of building a security program from scratch and the critical skills needed to lead a growing security team.Key topics include:How internships can shape future cybersecurity leadersThe transition from network engineering to security leadershipThe importance of business alignment in cybersecurityLessons learned in managing a growing security teamAdvice for aspiring CISOs on stepping into leadership roles00:00 - Introduction & Meet Yannick Herrebaut02:30 - From Gaming to Cybersecurity: A Passion for Technology06:30 - Internship at the Port of Antwerp: A Career Launchpad10:00 - The Value of Cybersecurity Internships & Mentorship17:00 - From Network Admin to CISO: A Big Career Leap27:00 - Building a Security Program from Scratch35:00 - Lessons in Leadership & Team Growth45:30 - What It Means to Be a New CISOLinks: LinkedIn
The New CISO is hosted by Exabeam Chief Security Strategist, Steve Moore. A former IT security leader himself, Steve sits down with Chief Information Security Officers to get their take on cybersecurity trends, what it takes to lead security teams and how things are changing in today’s world.
South Africa