エピソード
-
You’re living in a time where science fiction is quickly becoming your reality. In this high-impact episode of Life of a CISO, Dr. Eric Cole breaks down the current state of cybersecurity—from nation-state attacks and massive password breaches to the hidden threats living on your mobile device. You’ll hear Dr. Cole’s unfiltered take on a breach that exposed billions of credentials, why changing your password isn’t enough, and how an old app could be your biggest risk.
Dr. Cole challenges you to see yourself not just as a security expert, but as a business leader with the power to make lives better. That mindset shift is everything. From the practical impact of multi-factor authentication to his radical but simple “delete an app a day” campaign, Dr. Cole shares tools you can implement right now. This episode isn’t just about defense—it’s about stepping up, thinking strategically, and leading the way forward.
-
In this episode of Life of a CISO, Dr. Eric Cole welcomes a true cybersecurity trailblazer: Dan Lohrmann. With a career that spans the NSA, Lockheed Martin, the State of Michigan, and now Presidio, Dan brings a rare depth of experience in both government and the private sector. As the first Chief Security Officer for an entire U.S. state and now a Field CISO advising public sector clients across the country, Dan shares practical wisdom and compelling stories about navigating the evolving CISO landscape.
Together, Dr. Cole and Dan explore what it takes to build lasting trust as a security leader, the importance of strengthening your personal brand, and how to overcome barriers when leadership resists public visibility. Dan emphasizes the power of public speaking, blogging, and storytelling—not just to elevate your own profile, but to position cybersecurity as a strategic business enabler.
They also dive into the value of setting clear non-negotiables when evaluating job opportunities, the role of culture and leadership alignment in long-term success, and tactical advice for those trying to land their first CISO role. Whether you’re in government, the private sector, or somewhere in between, this episode is a masterclass in influence, resilience, and leadership at the highest level.
-
エピソードを見逃しましたか?
-
In this special episode of Life of a CISO, I sit down with the brilliant Jane Frankland, MBE—an internationally recognized thought leader in cybersecurity with over 28 years of experience. Jane shares her unexpected journey into the field, starting not from a tech background but from art and design. Her curiosity and drive led her to co-found one of the earliest penetration testing consultancies, long before the term "cybersecurity" became mainstream. Together, we dive into how the industry has evolved, why penetration testing has become commoditized, and why it's no longer enough to offer just technical solutions—true value now comes from insight, strategy, and resilience.
Jane also offers powerful reflections on the burnout many CISOs face today and why so many are leaving traditional roles to launch their own consultancies or step into virtual CISO models. We discuss what it really means to build a business in today’s climate, the importance of defining your unique value, and why small businesses are an underrated opportunity in the cyber space. From vendor strategy to shifting away from limiting beliefs, Jane brings a fresh, honest, and empowering perspective that challenges the status quo. Whether you're building your career or launching your own venture, this episode is full of clarity and inspiration for the next step in your cyber journey.
-
In this episode of Life of a CISO, Dr. Eric Cole reconnects with longtime friend and cybersecurity legend Dr. Anton Chuvakin, whom he has known for over 25 years. The conversation opens with reflections on their decades-long professional journey and transitions into a deep dive into Anton’s current work at Google Cloud’s Office of the CISO. Anton shares how his team supports secure cloud and AI adoption—not as traditional field CISOs focused on sales—but as strategic advisors and researchers helping clients understand and implement Google’s advanced security models.
The discussion spotlights Google’s internal use of Zero Trust architecture, highlighting how Google eliminated the need for VPNs over a decade ago. Anton explains how this approach—initially pioneered through Google’s BeyondCorp—combines stronger security with greater usability, a rare balance in cybersecurity. Dr. Cole presses into why more companies haven’t adopted Zero Trust, prompting Anton to emphasize the power of organizational inertia. Drawing from his years at Gartner, Anton notes that despite the proven benefits, many enterprises resist change due to legacy systems and mindset barriers. This episode offers a compelling look at the evolving landscape of enterprise security and the importance of embracing innovation over outdated habits.
-
In this episode of Life of a CISO, Dr. Eric Cole interviews Hendrik Parkkinen, a seasoned cybersecurity expert from Sweden with over 20 years of experience, mostly in consulting and security strategy. They discuss Henrik’s journey into cybersecurity, emphasizing how passion and curiosity play a crucial role in succeeding in the field. Henrik shares how he transitioned from studying economics to cybersecurity after a recommendation from his mother and how he fell in love with the subject through a 12-month training program. Both Eric and Henrik highlight the importance of loving the work rather than just chasing money, since cybersecurity demands ongoing learning and commitment beyond regular hours.
They also discuss practical advice for newcomers: be curious, explore various domains within cybersecurity, and don’t be afraid to pivot if something doesn’t fit. With the rise of accessible and often free learning resources online, breaking into the field is more feasible than ever, but focus and completing courses is essential. When it comes to certifications, Henrik believes they serve as useful entry points or validation badges, especially for HR filters, but experience and mastery are ultimately more important. Certifications should be viewed as part of a broader learning process, not an end in themselves.
-
In this new episode of Life of a CISO, Dr. Eric Cole opens with one of his most powerful guiding principles: “Let data drive decisions, not emotions.” Drawing from his experiences traveling and meeting with top executives, he emphasizes the importance of making decisions based on reliable data rather than emotional impulses. He challenges listeners to ask themselves whether they have enough information to make an informed choice—not perfect information, but sufficient insight to move forward. When we delay decisions out of fear or uncertainty, it’s often because we lack confidence due to missing data. Dr. Cole encourages action: if you don’t have enough data, go get it.
He then introduces his second foundational principle: “Smart people know the right answers; brilliant people ask the right questions.” These two mantras form the core of what it means to be a world-class CISO. But Dr. Cole takes it even further, revealing that the root of most professional frustration stems from a lack of alignment—whether it’s misalignment with your goals, your team, or the organization itself. He draws parallels between business alignment and physical alignment in cars or our bodies, reinforcing that clarity of purpose and alignment of actions are essential for not only being effective, but also reducing stress. Whether you’re a CISO or not, these lessons apply to every area of life.
-
In this episode of Life of a CISO, Dr. Eric Cole shines a spotlight on a critical blind spot that many Chief Information Security Officers overlook: legal liability. While CISOs are often highly skilled and technically knowledgeable, it’s what they don’t know—particularly about their legal exposure—that can put them at serious risk. Dr. Cole explains that many CISOs hold the title of “chief” without realizing they may not officially be corporate officers, and that distinction matters. If you are considered a true officer of the company, you may be personally liable for failures or breaches, even if you weren't the root cause. He urges CISOs to ask the right questions during negotiations, ensure they understand their official role, and protect themselves with legal counsel and proper insurance coverage.
He goes on to emphasize the importance of understanding how communication becomes evidence at the executive level. In today’s digital world, emails and text messages are no longer just conversations—they are legal records that can be used for or against you. Dr. Cole discusses how even a lack of written documentation can lead to lawsuits or termination if it's perceived that a CISO failed to inform the board about a critical risk. However, over-documenting can also backfire by making colleagues uncomfortable or wary. This delicate balance between transparency and discretion is a key leadership skill every CISO must develop. Ultimately, this episode is a wake-up call to every cybersecurity leader: the higher you rise, the more you must be aware of the legal and personal implications of your role.
-
In this episode of Life of a CISO, Dr. Eric Cole dives deep into the dominating force of 2025: artificial intelligence. While AI is everywhere—embedded in nearly every conversation and technology—the real concern, he explains, isn’t just about its capabilities but the risks it brings, especially in cybersecurity and data privacy. Dr. Cole breaks AI down into its two primary types: machine learning, which relies on data sets, and expert systems, which mimic expert decision-making through logical rules. He shares how AI isn’t new, recounting his own early work building simple expert systems back in college, but warns that today’s AI is only as good—or as dangerous—as the data it consumes.
Dr. Cole emphasizes that data is the real power behind AI, not the algorithms. Using TikTok as an example, he highlights how data collected over years can predict behaviors and influence markets, creating national security and privacy concerns. He also discusses why big players like Amazon might seek access to such rich behavioral data to maintain dominance in e-commerce. Drawing attention to the eerie accuracy of modern predictive systems, Dr. Cole calls on CISOs and security professionals to take responsibility: every interaction with AI is feeding it data, and that data needs to be protected. He urges leaders to ask tough questions about where their data goes, how it's used, and whether they are unknowingly contributing to systems that could expose sensitive information.
-
In this powerful episode of Life of a CISO, Dr. Eric Cole opens by highlighting a key success principle: even the world’s top performers — whether in sports, business, or entertainment — rely on coaches to help them spot their blind spots. Drawing from his deep experience coaching CISOs, Dr. Cole shares that cybersecurity leaders are no different. They often miss critical areas simply because they're too focused on day-to-day operations. He emphasizes that one of the most common blind spots for CISOs is the unrealistic pursuit of 100% security, which simply doesn’t exist. As Dr. Cole reminds us, every added functionality in a business decreases security — and breaches are not a question of if but when.
The episode dives deep into the mindset shift every CISO must make: embracing the breach. This doesn’t mean accepting failure, but rather committing to early detection, fast response, and minimizing business impact when an incident occurs. Dr. Cole stresses that a CISO’s survival depends on aligning with executives early, clearly communicating that breaches are inevitable, and setting realistic expectations. Without that alignment, companies often fire the CISO after a breach — not because of the breach itself, but because of failed communication. To prevent this, Dr. Cole recommends that CISOs regularly update executives with simple, non-technical risk reports that show the likelihood, potential cost, and status of key security threats. By turning security into a transparent business conversation, CISOs can transform from scapegoats to trusted advisors — even in the face of attacks.
-
In this episode of Life of a CISO, Dr. Eric Cole kicks off the 2025 CISO Survival Guide Series, diving deep into the evolving demands on security leaders in today’s fast-moving landscape. With shifting tides in government, corporate trends, and technology, Dr. Cole emphasizes the urgent need for CISOs to master AI governance and threat modeling—not from a coding or development angle, but from a strategic oversight perspective. He shares personal stories from his early days working with neural networks in national security, highlighting how today’s cybersecurity environment finally has the historical data to make AI effective in predicting threats. But with AI now being widely used to create work products, Dr. Cole challenges security leaders to think critically about legal, ethical, and governance implications in the workplace.
He also introduces the second major pillar of this survival guide: executive communication. Dr. Cole points out a major gap in how CISOs are treated compared to other C-level executives, and he urges cybersecurity leaders to analyze their org charts and step up their executive presence. If CISOs want a seat at the table, they must learn to speak the language of the boardroom and operate at the same strategic level as their C-suite peers. This episode sets the stage for a multi-part deep dive into the five key areas every CISO must master to survive—and thrive—in 2025 and beyond.
-
In the latest episode of Life of a CISO, Dr. Eric Cole kicks things off with an empowering reminder that it's the little things that often make the biggest difference. He challenges listeners to adopt a simple but powerful habit—repeat the affirmation “I am a world-class CISO” at least ten times a day. Why? Because repetition trains the mind to believe. Dr. Cole explains how our brains are goal-achieving machines, and when we’re vague about what we want, we might get results we didn’t intend. So instead of saying, “I want to be a CISO,” he urges us to define exactly what that means and aim higher: world-class.
This episode dives into the power of affirmations, intention, and mindset. Dr. Cole shares how creating and regularly reviewing a detailed written vision of your future self as a world-class CISO can help anchor that affirmation in reality. The idea is to replace negative internal voices with empowering declarations and make these part of your daily rhythm—while brushing your teeth, driving, or walking between meetings. And once that belief is solidified, you can shift your focus to new growth areas, aligning your “I am” statements with your weekly, monthly, or yearly goals. It’s a masterclass in mental conditioning, identity shaping, and becoming the version of yourself you truly aspire to be.
-
In this powerful new episode of Life of a CISO, Dr. Eric Cole issues a wake-up call to everyone living in the digital age: we are in the middle of a cyber war, and most people are walking around completely unaware. He shares real-life stories of family and friends falling victim to text scams and phishing attacks, driving home the point that if these attacks weren’t working, they wouldn’t keep happening. Dr. Cole stresses the need to shift from a peacetime mentality to a wartime mindset—especially online. Just as we wouldn’t hand out personal information to a stranger on the street, we must stop doing so digitally. The key is education—training those around us, especially the less tech-savvy, to recognize and avoid cyber traps.
He then transitions into the responsibilities of a world-class chief information security officer, focusing on one core truth: you can’t protect what you don’t know. In a world overflowing with data—from laptops to phones to cloud platforms—most organizations can’t answer two critical questions: What is your sensitive data, and where is it located? Dr. Cole warns that if we lose track of our data, we lose control over it entirely. With companies going bankrupt and selling off systems that store sensitive personal data, he raises an urgent concern—who really owns your information? It’s time to take accountability, regain control of our data, and secure our digital future.
-
In this episode of Life of a CISO, Dr. Eric Cole explores the often-overlooked path of consulting within the cybersecurity field. While many professionals transition from security engineering to management and eventually to a CISO role, he emphasizes that consulting can be an invaluable step in that journey. Consulting sharpens essential skills like communication, presentation, and business strategy—skills that are often underdeveloped in technical roles. Dr. Cole highlights how working in isolation, especially in remote environments, has negatively impacted workplace communication, making it even more crucial for cybersecurity professionals to develop interpersonal skills through consulting and in-person interactions.
He then shifts focus to a pressing issue in cybersecurity: the lack of effective measurement. Despite advancements in technology, breaches and financial damages from cyberattacks continue to rise exponentially. Dr. Cole argues that cybersecurity is not just a technical problem—it’s a business problem. Unlike IT, where success is measured in uptime and availability, cybersecurity success is much harder to quantify because it involves human behavior. He challenges CISOs to rethink traditional metrics and embrace business-centric approaches to security. This episode is a must-listen for cybersecurity leaders looking to refine their strategic approach and stay ahead in an evolving threat landscape.
-
In this episode of Life of a CISO, Dr. Eric Cole challenges the common misconception that cybersecurity is an anchor holding organizations back. Instead, he reframes cybersecurity as a stabilizing force—much like how an anchor steadies a boat during rough waters. Just as a well-placed anchor ensures balance and security, effective cybersecurity empowers businesses to grow and succeed in the face of evolving threats.
Dr. Cole also dives into the importance of understanding where you are in your career journey. Using a boat analogy, he categorizes cybersecurity professionals into three stages: those anchored in port (maintaining status quo), those at sea (reactively navigating challenges), and those on a mission (driving business success with clear objectives). He stresses that true CISOs must go beyond a technical mindset and embrace their role as business leaders, setting measurable targets that align with company performance. This episode offers a powerful shift in perspective—helping security leaders take control of their path, assess their current position, and chart a course toward real impact. Tune in to gain clarity, direction, and the strategies needed to elevate your career in cybersecurity.
-
In this episode of Life of a CISO, Dr. Eric Cole challenges cybersecurity leaders to think beyond immediate threats and short-term fixes. Using the famous Mission Impossible phrase, "Your mission, if you choose to accept it," he urges CISOs to define their long-term vision—both for their careers and for the cybersecurity landscape. While businesses like Google and Tesla plan 5 to 10 years ahead, many CISOs remain focused on putting out daily fires, failing to develop a strategic roadmap for their future.
Dr. Cole shares insights on the power of long-term goal-setting, emphasizing that most people overestimate what they can achieve in a year but underestimate what they can accomplish in a decade. He provides an actionable exercise: take 30 minutes, grab a pen and paper, and write down where you want to be in 10 years—your income, role, lifestyle, and aspirations. By shifting from reactive problem-solving to proactive future planning, CISOs can not only elevate their careers but also strengthen their influence within organizations. Tune in to this powerful episode and start shaping your cybersecurity destiny today.
-
In this episode of Life of a CISO, Dr. Eric Cole dives into the power of asking the right questions and the importance of letting data—not emotions—drive decisions. He emphasizes the need to focus on solving root causes rather than just treating symptoms, using cybersecurity as an analogy for how we approach problems in life and leadership. By shifting from reactive thinking to a strategic mindset, CISOs can avoid merely "putting out fires" and instead create long-term, sustainable security solutions. Dr. Cole also highlights the crucial role of self-awareness in leadership, encouraging CISOs to evaluate how much of their time is truly dedicated to impactful, high-quality work that moves the needle forward.
A key theme of the episode is the question: Who is in control? Dr. Cole challenges listeners to reflect on whether they are actively driving their career and decisions or simply reacting to circumstances. He explains that world-class CISOs, like great quarterbacks, don’t just follow plays—they develop their own strategies and make critical decisions in real time. Success, he argues, isn’t about waiting for someone else to provide answers; it’s about cultivating awareness, asking better questions, and taking ownership of one’s path. By embracing this mindset, CISOs can elevate their leadership and make a real impact in their organizations.
-
Are You Thinking Like a True CISO? Or Just Reacting to Cybersecurity?
In this episode of Life of a CISO, Dr. Eric Cole challenges cybersecurity leaders to rethink their approach, shifting from a reactive, firefighting mindset to a long-term, strategic vision. He highlights how most CISOs operate in a short-term, tactical manner—responding to incidents rather than proactively shaping security strategies for the future. He points out a critical disconnect: while CISOs hold a "chief officer" title, they are rarely treated as true corporate officers, lacking the authority and influence that other C-level executives have. This disconnect, he argues, prevents cybersecurity from being fully integrated into business strategy, leaving organizations vulnerable.
Dr. Cole urges CISOs to take control of their time and priorities, planning not just days or weeks ahead, but years into the future. He compares this to personal goal-setting, emphasizing that a well-structured, flexible plan enables organizations to stay ahead of threats rather than constantly reacting to them. By stepping back, thinking strategically, and ensuring security aligns with business objectives, CISOs can transform from crisis managers into true leaders who drive long-term security success.
-
In this episode of Life of a CISO, Dr. Eric Cole dives into one of the most pressing topics in cybersecurity today—Artificial Intelligence (AI) and its impact on the role of a Chief Information Security Officer (CISO). He emphasizes that the key to being an effective CISO is thinking ahead, looking beyond the daily firefighting that many security leaders get caught up in. He shares insights from working with top CISOs, noting that a significant number of them find themselves overwhelmed with reactive tasks rather than focusing on long-term strategy. The best CISOs, he argues, are those who can anticipate threats and solutions months or even years in advance.
Dr. Cole then explores the unstoppable rise of AI in the business world, explaining that whether organizations like it or not, AI is here to stay. Instead of resisting it, CISOs must embrace AI and learn how to manage its risks effectively. He breaks down the fundamentals of AI, explaining how it relies on human data to make predictions and decisions. Using real-world examples, such as AI in the medical field and chess-playing computers, he highlights both the potential benefits and dangers of AI. The discussion ultimately leads to a thought-provoking warning—if AI systems become too powerful by absorbing extensive human expertise, they could challenge human roles in unforeseen ways. This episode is a must-listen for security leaders looking to stay ahead of the AI revolution while ensuring cybersecurity remains a top priority.
-
In this episode of Life of a CISO, Dr. Eric Cole dives deep into a critical question every cybersecurity professional must ask themselves: What is your real role? It’s easy to hide behind job titles like “CISO” or “cybersecurity professional,” but understanding the true essence of your responsibilities can make or break your success. Dr. Cole shares a personal story from his early career, highlighting the costly mistakes he made when transitioning from the CIA to a commercial startup. He candidly discusses how focusing solely on technical security without considering business goals and company culture created friction and isolation.
Dr. Cole emphasizes that a CISO’s primary role isn’t just about locking down systems—it’s about integrating security into the business in a way that enhances productivity, revenue, and company goals. Using the unexpected example of pickleball strategy, he illustrates how thinking differently and questioning assumptions can lead to better outcomes, both on the court and in cybersecurity leadership. This episode challenges CISOs to step back, reassess their approach, and align their strategies with what really matters to the business.
-
Being a Chief Information Security Officer (CISO) is not only stressful, but it can also feel isolating, especially as you move up in leadership. In this episode of Life of a CISO, Dr. Eric Cole discusses the unique challenges CISOs face as they transition from a technical role into executive leadership. He highlights how this shift often removes CISOs from their familiar environments—surrounded by other cybersecurity professionals—and places them in a world where decision-making is driven by business priorities rather than technical considerations.
Dr. Cole emphasizes the importance of letting data—not emotions—drive decisions. He explains how emotions, while essential for survival, can sometimes cloud judgment in business and cybersecurity leadership. He shares a real-world coaching example of helping a security leader prepare for a promotion by focusing on factual performance data rather than self-doubt or anxiety. Finally, Dr. Cole touches on personal resilience, including the role of physical health in mental well-being and how small changes in routine can help validate whether certain habits are truly beneficial. The key takeaway? To be a world-class CISO, you must develop the ability to make decisions based on data, not fear, stress, or assumptions.
- もっと表示する
