Well it is official, I’m now the Chief Information Security Officer here at Digital Shadows. It has been while since I was on the practitioner side of the house and my days defending networks at the University of Texas at Dallas seems like ages ago. When I was at Forrester Research, I often joked about how much easier it was to parachute in, give some industry analyst words of wisdom and then head back to the airport. It is much easier “to say” than “to do.” The Heartbleeds, WannaCrys, and BadRabbits of the world are going to mean significantly more to me in my practitioner new role. It’s almost as if Morpheus is greeting me with a red pill, welcoming me back to the real-world.
I’ve worked with many CISOs over the years. From the Forrester Leadership Boards, to our own Customer Advisory Board here at Digital Shadows, I’ve found myself in a position to give out security program suggestions and advice to CISOs. To be honest, I always felt like a bit of an impostor; giving advice to a security and risk leader when I hadn’t been one myself. Sometimes I felt analogous to that one friend without children, who gave out parenting advice on how to get a threenager to eat more vegetables. For those with kids you know exactly what I’m talking about. Why don’t you try walking a mile in my shoes before you give me your #protips.
I’m grateful for the opportunity and I’m very excited about this new role as it demonstrates Digital Shadows’ commitment to our customers’ security and privacy. I’m also very appreciative for the CISO network I’ve built up over the years. I will definitely reach out to my new peers for guidance and support on this new path. I also plan to blog more about my journey in the hopes that I can share my personal lessons learned with any other first time CISOs looking for guidance. Stay tuned for more.