Name: The Changing Role of the CISO — for Better or Worse
Start: 2025-07-08T15:00:00Z
End: 2025-07-08T15:00:59.000Z
Location: BrightTALK
Rating: 4.6

Today’s security leaders are busy managing the increasingly complicated relationship between security and privacy. As the CISO role evolves, they're not only security leaders but strategists and negotiators, often working to keep other employees safe while ensuring their cybersecurity plans align with business goals. In this series we’ll highlight security trends and share insights from industry thought leaders on cyber security strategies, best practices, and important compliance regulations. 

Even in the face of compulsory awareness training and countermeasures, phishing and fraud attacks continue to fool people with alarming regularity. December’s episode of CISO Insights examines how threat actors are leveraging AI, deepfakes, and advanced social engineering to create increasingly convincing deceptions.

Key discussion points will include:
- How modern phishing campaigns have transcended email to exploit social media and mobile channels
- The rise of hyper-personalized attacks that leverage data aggregation and AI-generated content
- Why traditional security awareness approaches are falling short in an era of advanced social engineering
- Creating effective human defenses through contextual awareness rather than rote training
- Strategies for building organizational resilience against social engineering

Join Dan, Earl, and this month’s guest experts as they dissect ideas for how security leaders can protect their organizations against these increasingly legitimate-seeming deceptions.

The Continued Perfection of Phishing and Fraud

Threats continue to grow in sophistication and impact, and as technology itself continues to evolve, this much will remain true. In this climate, traditional cyber insurance models are struggling to keep pace. 

November’s episode of CISO Insights looks at the trends and changes reshaping the cyber insurance landscape, and asks how security leaders can navigate this complex environment and ensure adequate protection. 

Key discussion points will include:
- How insurers are amending coverage in response to escalating ransomware and supply chain attacks
- The shift from broad policies to more nuanced, risk-adjusted coverage models
- The impact of recent high-profile claims on policy availability and premiums
- Critical security controls now required for coverage eligibility
- The growing importance of quantitative risk assessment in policy negotiations
- How to evaluate modern cyber insurance policies for coverage gaps and exclusions

Join Dan, Earl, and their panel of guests as they provide insights and guidance on how to navigate today’s cyber insurance marketplace.

A New Generation of Cyber Insurance Policies

We live in an era where digital assets represent billions in value. As a result, blockchain security has moved from a fairly niche concern to more of a mainstream priority. This month’s episode of CISO Insights takes a look at the evolving threat landscape targeting cryptocurrency infrastructure, smart contracts, and exchanges.

Key discussion points will include:
- Examining exploits that have resulted in massive cryptocurrency thefts
- The human element and how social engineering tactics target crypto holders and exchanges
- An analysis of emerging threats targeting DeFi protocols and NFT marketplaces
- Strategies for securing cryptocurrency assets against sophisticated threat actors
- Approaches for developing incident response plans specific to blockchain environments

Join Dan, Earl, and this month’s special guests as they provide actionable insights and advice for security leaders tasked with protecting digital assets.

Attacking Blockchains: Is Cryptocurrency Secure?

High-profile global events are prime targets for sophisticated cyber attacks, and it doesn’t get much bigger than the Olympics. 

This timely webinar examines the evolving tactics and techniques employed by bad actors targeting high-profile tournaments, summits, concerts and more.

Key discussion points will include:

- An examination of potential attack patterns 
- Attack sophistication, from basic DDoS to complex multi-vector operations
- How resilient security architectures are designed for temporary, high-visibility environments
- Effective threat intelligence sharing among international stakeholders
- Balancing security controls with operational requirements and user experience
- Practical approaches to preparing for potential incidents under intense public scrutiny

Join Dan, Earl and their panel of seasoned security leaders for this month’s episode of CISO Insights to learn more.

Cyberattacks on Global Events: An Olympic-Size Primer

As generative AI tools become increasingly accessible, organizations face critical security challenges when employees adopt personal AI solutions for workplace tasks. This month’s episode of CISO Insights sees Dan, Earl and guests examine the complex security, compliance, and governance implications of the emerging "Bring Your Own AI" trend.

Key discussion points will include:
- Identifying data exposure vulnerabilities when using consumer AI platforms
- Evaluating potential intellectual property and confidentiality breaches
- Developing effective BYOAI policies that balance innovation with protection
- Implementing technical controls without stifling productivity
- Creating awareness programs that address shadow AI usage
- Real-world examples of successful BYOAI governance frameworks
- Conducting comprehensive risk assessments of employee AI tool usage
- Techniques for detecting and managing unauthorized AI adoption
- Approaches for educating employees about AI security risks without creating fear

Join our expert panel as they navigate the complex landscape of AI governance and provide actionable insights for security leaders seeking to harness AI's benefits while protecting their organization's most valuable assets.

Secure Bots: Can You Safely Bring Your Own AI (BYOAI)?

Join CISO Insights hosts Dan Lohrmann and Earl Duby on stage as they summarize the 10th annual Cyber-Physical Systems Security Summit (CPS3), which was held May 13-14, 2025. 

The summit's goals were to drive discussion on major emerging cyber-physical security challenges affecting the military and critical assets for both national defense and homeland security. In this panel discussion, Dan and Earl are joined by experts who address both the problems and possible solutions to some of the hardest cybersecurity challenges facing the US today. 

Guest speakers include:
- Cherri Caddy, Former Deputy Assistant, National Cyber Director, White House
- Jeff Walthers, CEO, American Cybersecurity Group
- Jennifer Tisdale, Founder, Secure Vision Consulting LLC

From the stage: CISO Insights hosts recap the Cyber-Physical Systems Security Summit (CPS3)

Our world is becoming increasingly digitized and automated, from the cars we drive to the energy we use. Introducing technology to previously-manual processes can bring efficiency and greater ease of use, but it also opens up new risk areas. If the technology fails, access to critical utilities could be lost – to devastating effect. We are already seeing challenges with the water supply in many areas of the United States; hindering public access to water through technical issues only compounds an existing problem. Access to safe water must be protected, but how can we do this?

It’s not just technical error that can cause problems; more concerning is the ability for cybercriminals to target these municipal services, as a way to disable an entire geographical area. One of the most precious resources to secure in this new landscape must be water. So how can this utility and others be protected?

In the June episode of CISO Insights, hosts Dan and Earl will be joined by a panel of experts to break down what it will take to keep the water safe and ensure access to our most critical utilities.

Securing Utilities and Keeping the Water Safe

Technology continues to be one of the most exciting sectors for young professionals to enter and for veterans to conquer – but the rules are constantly changing. What was true for the class of 2022 is no longer true for today’s graduates, let alone those who entered the market a few years before. And what about those who have been in the industry for a while now, but are still unsure about the next step in their career? As companies invest in new technology areas and prioritize different programs, the roles they need and the jobs they are hiring for also change. 

It is reported that there are approximately 3 million cyber jobs available, but what do those roles actually entail? Who is hiring and which segments are seeing the most professional opportunity? How can current professionals adapt to this shifting industry and position themselves for years of future success?

Join Dan Lohrmann and Earl Duby in this latest episode of CISO Insights, as they are joined by a panel of industry experts to reflect on the current state of cybersecurity jobs.

Where Are the 3 Million Cyber Jobs? Cyber Careers & Your Next Tech Role

Since Elon Musk’s DOGE was formed, the Cybersecurity and Infrastructure Agency (CISA) has been gutted and top CISOs from numerous agencies have been fired. A further 32 (and counting) cybersec contracts with the CFPB have also been cancelled.

What do these unprecedented moves mean for the cyber safety of the USA’s citizens and its national security?

Join cybersec experts Dan Lohrmann and Earl Duby as they speak to guests about:

- DOGE's current cybersecurity setup following the changes made 
- How not having cybersecurity as top of mind can open the door to insider threats, foreign intelligence services and cyber criminals
- What's next: potential impacts from hacks, fraud, and privacy breaches
- And more

The DOGE-effect on Cyber: What's happened and what's next?

Ransomware is a constant thorn in the side of CISOs everywhere. No matter how we adapt our security measures, these cybercriminals are similarly devoted to finding a way through and causing grievous harm. It can feel like running on a hamster wheel, but it is imperative that cybersecurity teams don’t become complacent or fall into a false sense of security. In 2025, ransomware must be taken as seriously as in the years before.

Cybercriminals have more advanced weapons but modern CISOs can be equally well-equipped. The key is to keep evolving. In this new world of ransomware, of ransomware 3.0, what does it take to stop a cyber attack in its tracks? How can IT teams safeguard their operations from the most persistent and dangerous criminals? Can anything truly stop these bad actors?

Join Dan, Earl and their panel of guests to deep dive into the current state of ransomware, pinpoint how it’s changed in 2025 and learn what security teams can do to stay one step ahead.

Ransomware 3.0: Can Anything Stop These Bad Actors?

It has never been easier to spread information across our interconnected world, but with information comes disinformation. The advancement of generative AI and its increasing accessibility are making it hard to tell truth from fiction on the internet – and this will only become more challenging as the tools improve. Even the most discerning netizens can find themselves falling for deepfakes and disinformation, especially when the sheer volume of material makes fact checking a mammoth task.

What is the role of governance in this new environment? Is it the responsibility of our institutions to enact laws and bans to control the spread of disinformation, or should we be taking this on as individuals? What does it mean for the internet if we cannot trust what we find there to be real? 

In this episode of CISO Insights, hosts Dan and Earl will be joined by an expert panel to look at what practically can be done to combat deepfakes and disinformation – and ask what should be done.

Deepfakes and Disinformation: Will Laws and Bans Stop the Flow?

The cybersecurity landscape is constantly evolving and no one can truly know what lies ahead… but we can make informed predictions about the industry in 2025. Those who have a good sense of what’s around the corner will be better prepared to respond to arising challenges – and opportunities. The key is to pay attention to the right data and the right industry experts.

The predictions market is about more than looking at clear trends and buzzy innovations: The most useful ones take into account current pain points and growth areas; they analyze current global players and review the latest research on global security incident trends; and they invite the perspectives of fellow industry veterans, to collate the most comprehensive and well-developed forecast. We may not be able to pin down the future exactly, but we can come close.

Join series hosts Dan Lohrmann and Earl Duby as they open 2025 with their beloved annual predictions episode. In this conversation, the panel will look at the most exciting areas of development in cybersecurity and predict what may lie ahead, so that we all might feel more prepared for the future.

For an advance look at Dan Lohrmann's security predictions for 2025, you'll find his online post, "The Top 25 Security Predictions for 2025 (Part 1)," now linked in the attachments section.

Episode Guests:
Sravish Sridhar, CEO & Founder of TrustCloud
Tabice Ward, Cybersecurity Executive and Adjunct Lecturer at the University of Detroit Mercy

The Top 25 Security Predictions for 2025

Modern conflict increasingly centers around technology and digital infrastructure. The battlefield is no longer solely a physical stretch of terrain between territories; war is waged behind enemy lines, within their networks and inside their security systems. Cyber attacks can be hugely debilitating when launched successfully, causing widespread damage and incapacitating many functions. How can entities protect their operations from opponents, particularly in this new landscape of warfare?

Following several years of international conflict and discord, this episode will look at what we have learned about cyber warfare and what we should take with us to greater protect our digital terrain. While we cannot always avoid the battle, there are steps that can be taken to reduce the harm inflicted.

Join Dan Lohrmann, Earl Duby and their expert guests, Richard Stiennon and Michael McLaughlin, in the final CISO Insights webinar of 2024, for a thoughtful conversation around the key takeaways of cyber warfare to date.

Guest Panelists:
Richard Stiennon's impressive career in cybersecurity includes authoring two key texts on cyber warfare: "Surviving Cyberwar" (2010) and "There Will Be Cyberwar" (2015). An established leader in the field, Stiennon is also the Chief Research Analyst for IT Harvest, the industry analyst firm that he founded in 2005. His newest book is Security Yearbook 2024.
https://www.linkedin.com/in/stiennon/

Michael McLaughlin is currently the Co-Leader of the Cybersecurity & Data Privacy Practice Group and a Principal Policy Advisor at Buchanan Ingersoll & Rooney PC. His vast career history includes experience in cybersecurity, government contracting, and national security, and he authored the notable book, "Battlefield Cyber: How China and Russia are Undermining our Democracy and National Security."
https://www.linkedin.com/in/michael-g-mclaughlin/

Cyber Warfare: What We’ve Learned From Past Conflict

With a new election around the corner and last election's voting dramas still in our minds, security concerns around digital voting booths are at an all time high. Not only does a democracy require a secure voting system to function at all, but the voting public must be able to feel confident that the election has been handled safely and honestly. Without this trust, our nation’s public institutions could find themselves vulnerable.

Despite concerns about criminal interference, a software-powered ballot box remains the most efficient and accessible form of voting that we have – and one that doesn’t look like it will go away any time soon. So how can we strengthen this system and foster confidence in the voting system? What does a truly secure ballot box look like? And is this something that should be modernized or improved upon for future elections?

Join hosts Dan Lohrmann and Earl Duby in this election-themed episode of CISO Insights, to hear them and their expert guests take a sharp look at defending the ballot box.

Defending the Ballot Box: What It Takes to Digitally Protect an Election

Hosts: Dan Lohrmann, Presidio; Earl Duby, Auxiom
Speakers: Jennifer Tisdale, Grimm; Moe Yassine, Stealth AI Startup

Concern for the environment and a move away from fossil fuels has supercharged the growth of the electric vehicle market. While in many ways this is a sign of progress, the explosion of electric transport has placed new demands on local infrastructure and created new security risks. The digitization of a previously analog process has opened the door to a new kind of cyber crime, which in turn has prompted a new kind of cyber security.

What does it look like to install and secure charging stations across the country? How can electric vehicles be safeguarded against cyber attacks, particularly ones that feature self-driving functionality? What does it mean to secure the future of mobility in this new electric landscape?

In this latest episode of CISO Insights, hosts Dan Lohrmann and Earl Duby will be joined by expert guests to review the security concerns of electric transport – and discuss what it will take to protect it.

Securing Software Defined Vehicles

As local public infrastructures become increasingly digital and "smart", protecting these systems poses a new security challenge. Depending on whether these programs are run by local government or outsourced to corporate entities, there may be varying levels of existing security protocols – and varying amounts of investment available. But the stakes are higher than ever: Once a town or city digitizes its public environment, every resident is now an active participant in this smart landscape.

To address these new and growing security concerns, municipal services and cyber security providers must work together. Defending smart cities will be an evolving process, as new service features are introduced and new threats are detected. For security professionals, this could be an exciting, if high-stakes, challenge for both today and the future. But where should cities begin? And where are the biggest risks?

Join CISO Insights hosts Dan Lohrmann and Earl Duby in this latest webinar, as they take a closer look at what it really takes to defend smart cities with their expert guests.

Defending Smart Cities: How to Protect Local Infrastructure in a Digital World

Every organization is concerned about cyber crime and their security protocol, which can be a source of stress – but also a great source of opportunity for security professionals. The industry is full of new challenges and investment, yet not every company is approaching cyber security in the same way and with the same resources. As a security professional, there is clearly opportunity to thrive, but it’s not always clear where those opportunities lie. How can you know when to stay put and when to move onto the next role?

Cyber security jobs range from service providers and developers, to in-house teams and consultants. The nature of each position will also vary depending on the size of the organization, the amount of investment available and the organization’s approach to security. For professionals, this landscape might be overwhelming – or inspiring.

In this next installment of CISO Insights, hosts Dan Lohrmann and Earl Duby will be joined by cybersecurity experts to look into the cyber job market and assess what your next move should be.

The Cyber Job Market: When to Stay and When to Move

In today's rapidly evolving threat landscape, the Chief Information Security Officer's role has undergone dramatic transformation. This month’s CISO Insights episode explores how the CISO position has evolved beyond traditional security management into a strategic business function with expanded responsibilities and challenges.

Key discussion points will include:
- The expanding scope of CISO responsibilities in 2025
- Balancing security imperatives with business innovation demands
- Managing board-level expectations and communication
- Predictions for the next evolution of the CISO role
- Addressing the cybersecurity talent shortage effectively
- Strategies for maintaining relevance in AI-driven security environments
- Building resilient security cultures across distributed organizations

Join our panel of veteran security leaders as they share candid insights about the changing dynamics of the CISO position, offering practical wisdom for both established security executives and those aspiring to the role.

The Changing Role of the CISO — for Better or Worse

CISO

Threat Defence

Ransomware

Malware

Hackers

Cyber Security

IT Security

Secure Cloud

Cyber Attacks

Cyber Defense

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The Changing Role of the CISO — for Better or Worse

Presented by

About this talk

CISO Insights