Effectively communicating about cybersecurity is an increasing and layered challenge for CISOs, security leaders, communications professionals, business executives and boards.

CISOs are mission driven, focused on securing and defending. Anything that is not directly related to securing or defending may get deprioritized. So, serving up actionable impactful and behavior changing communications doesn’t always take top billing for security leaders as they simply don’t have the time.

What if there was a way to deliver more effective messages to the diverse stakeholders of security — executives, board directors, clients, partners — where we could also measure effectiveness, improve engagement and leverage…


Man rubbing his head in work exhaustion
Photo by Andrea Piacquadio from Pexels

There are a few different flavors of “Chief of Staff” that have a clear value proposition and yet manifest differently. They may already exist in your organization and are cloaked under different titles such as: program manager, Chief of Staff, COO, Deputy, CAO.

The below list of different ‘flavors’ of CoS is based on my first hand experience and research (yes, research) into this evolving role:

1. GSD (Get Sh*t Done) — This person is the best friggin’ executer in the universe and yet people still like them when it’s done)

2. Front Man — They can deal with all…


Photo by Austin Chan on Unsplash

Oh hey.

It’s January and you’re thinking about your personal “brand.”

But uh, what’s that even mean?

Especially in 2021…

  • In a remote-first company?
  • In Cybersecurity?
  • In any industry?

“Brand” is 3 things:

  1. Career Path: Where we’ve been and where we want to go.
  2. Leadership Style: How we deliver and execute.
  3. Message and Tone: How we communicate which messages.

Heading into the new school year, I was thinking about the experience my children will have as they start a new school. Naturally that made me think about the new ‘cycle’ of work we’re headed into as we finalize 2021 plans and settle in to working from anywhere (and with everyone and also no one).

I got to thinking about the companies that I’ve been exposed to and wondered:

How much of a company’s culture was born through the the “in person” office connection?

And perhaps even more practically:

Are organizations and teams adapting quickly enough?

There are little things…


No two CISO jobs are the same. This guide is designed to scale for security leadership from the enterprise down to the startup.

People cling to this notion of “first 90 days” in a new job. Sometimes it’s “first 100 days.” In some cases, it’s just referred to as “onboarding.”

Countless articles, opinions, books, and lists have been written about what to do in your “First [#] Days” at your new job. I have read many of them. Too many of them.

So, I’ll be the first to point the finger at myself and groan for writing another. But that’s…


Allison & Dan Turner March 2020. Allison awaits a bone marrow transplant. She depends on platelet transfusions weekly. During the coronavirus pandemic, her access to blood is in jeopardy. Please consider donating Platelets now.

In the middle of the Coronavirus pandemic, there is a desperate shortage of platelets and also plasma for the blood banks and hospitals. Below are specific recommendations for potential donors to prepare for and to donate blood Covid-Safely.

This list was adapted from advice and guidance provided by The World Health Organization (WHO), Center for Disease Control (CDC), The American Red Cross, and first hand experience donating platelets in March 2020.


https://dilbert.com/strip/2019-06-27

The one constant across Chief Information Security Officers (CISOs) is that each of them have different expectations to live up to in their roles. While the role of CISO is still relatively new, companies haven’t yet embraced a consistent set of expectations for CISOs to deliver. Adding to the confusion, each CISO has different training and professional experiences that got them to their role. So, it’s easy to understand how these discrepancies could lead to misalignment and unclear messaging.

There is no clear roadmap for effective engagement or communication between security leaders and their business partners and peer executives. The…


Off the main road, the Back Channel may get you “there” faster. Photo by Pixabay from Pexels

In business, communication is king. And yet, knowing when to communicate what message and to whom can be an art form. Pitch an idea before it’s fully baked and risk losing buy-in. Suggest a new program before you have the right level of support and miss out on budget dollars. Rather than thinking about communication as a formal deliverable or milestone that happens once everything is polished and “ready” successful communicators, change agents and business leaders embrace their company’s “back channel.” …


Layered Security. Photo by Tom Fisk from Pexels

Cybersecurity risk is an increasing focus area for board members, regulators, and business leaders across all industries. Executives are asking questions like: What are the cybersecurity threats that our company faces? What are our Crown Jewel Information Assets that we need to focus our resources on protecting? And just how well are we protecting our most critical or sensitive information assets? [Click here to discover if you’re protecting the right Crown Jewel Information Assets]

Information Security Officers and Risk leaders have a multitude of control frameworks to consider when prioritizing security activities. Each of them covers slightly different focus areas…

Yael Nagler

Cyber. Risk. For 20 years, I’ve led business transformations from within Fortune 100 Financial & Tech companies. More @:https://www.linkedin.com/in/yaelnagler/

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store