- Artificial Intelligence What to Make of AIUC-1, a New AI Agent Certification
New certifications start as claims and earn credibility through cycles of scrutiny. AIUC-1, a compliance framework for AI agent vendors, is at that starting point. How its structure, governance, and...
- Leadership When Executives Reject Your Security Recommendations
A rejected security recommendation feels personal, but it often reflects competing demands the security team doesn't fully see. Knowing how to act on that reality helps the CISO become someone the...
- Risk Management Understand the Reality of the SOC 2 Checkbox
SOC 2 standardized security reporting, but it left the vendor in control of the system boundary and auditor selection. Understanding that structural gap helps vendors and buyers get the most value...
- Leadership From Chief Opinion Officer to Action-Taker
Security leaders who only assess risks and express concerns operate as Chief Opinion Officers rather than change agents. Delivering outcomes requires agreeing with colleagues on what's real, deciding...
- Leadership What Being a CISO Taught Me About Security Leadership
A four-point framework to succeeding as a CISO, based on my experiences of building and leading a security program at a high-growth company. It shows how to focus on the defender's advantage and...
- Leadership The Chief Insecurity Officer
What if the CISO's job isn't to maximize security but to calibrate the right amount of insecurity? Reframing the role this way turns security leaders from obstacles into enablers of business velocity.