In this episode of The Virtual CISO Moment, Greg Schaffer sits down with cybersecurity leader and Cyber Risk Navigator founder Becky MacDonald to discuss the evolution of cybersecurity leadership, the realities of virtual CISO work, and why effective security programs must be built around risk—not just compliance checklists. Drawing from decades of experience across healthcare, higher education, and nonprofit organizations, Becky shares practical insights into building mature cybersecurity programs with limited budgets, communicating risk to leadership, and avoiding common traps like tool sprawl and “checkbox security.”

Greg and Becky also explore the growing virtual CISO space, including what separates strong vCISO leadership from superficial security consulting. The conversation covers the importance of business communication skills, balancing technical and strategic perspectives, and the challenges organizations face when trying to operationalize security in real-world environments. Becky also offers candid perspectives on entrepreneurship, cybersecurity burnout, and the realities of building a boutique advisory practice.

Whether you are an aspiring vCISO, a cybersecurity practitioner, or a business leader trying to better understand risk and resilience, this episode delivers practical insights grounded in real-world experience.