Insights from Security Leaders
CISO, fCISO, vCISO, or CISO to the CISO: What's the Difference?
The security leadership market has fragmented. Here's how to tell the difference between a full-time CISO, a fractional CISO, a virtual CISO, and a CISO to the CISO.
Iranian Cyber Operations: An Update for CISOs
Handala's shift from wiper malware to native admin tool abuse is a tactical change, not a strategic surprise. What it reminds us about identity, supply chain, and detection.
A practical guide to your first 90 days as a CISO
The first 90 days in a CISO role set the trajectory for your entire tenure. Here's how to navigate them with purpose, pragmatism, and a plan.
Morgan McSweeney's Stolen Phone: Lessons for CISOs
When Morgan McSweeney's government phone was stolen in London, it exposed gaps in mobile device security that every CISO should address.
LiteLLM Supply Chain Attack: Five Actions for CISOs
On March 24, 2026, LiteLLM version 1.82.8 was compromised on PyPI. Five actions CISOs need to take to address AI-accelerated supply chain threats.
Supply Chain Security: When Your Vendors Become Your Weakest Link
The M&S and JLR breaches reveal how attackers bypass your defences by targeting suppliers. How to build a risk management programme that works.
The Cyber Dimension of the US-Israel-Iran Conflict: A CISO's Guide
As conflict unfolds between the US, Israel, and Iran, cyber operations are a critical battleground. What CISOs need to know.
Seven Critical Lessons for CISOs from the McKinsey Lilli Hack
When McKinsey's internal AI platform was compromised via SQL injection, it revealed new classes of vulnerabilities security programmes miss.
When Does Your Business Need a CISO?
Knowing when to invest in executive security leadership is critical. Key indicators and decision frameworks for when to hire a CISO.
SOC 2 vs ISO 27001: The Strategic Guide to Choosing Your Security Framework
SOC 2 and ISO 27001 serve different strategic purposes. A decision framework, implementation roadmap, and integration strategies that actually work.
Building a Security-First Culture: The Complete Playbook
Technology alone won't protect your business. A framework for creating a culture where security is intrinsic to how work gets done.
Looking for Security Insights for Your Business?
Our fractional CISOs can help you implement the strategies and frameworks discussed in our articles. Book a call to discuss your security needs.