In this episode of The New CISO, host Steve Moore talks with Nithin Reddy, Global VP of Cybersecurity at Dayforce, about how his dual roles in cybersecurity leadership and education shape his approach to building stronger, smarter teams.

Nithin reveals how teaching cybersecurity not only amplifies his impact but also sharpens his communication and leadership skills. From protecting millions of users’ data to mentoring students and influencing curriculum design, he shares why simplifying complex ideas is the key to inspiring both executives and future security professionals.

The conversation explores:

• The link between teaching and leadership growth
• How to manage stress in high-stakes security operations—and tell the difference between “good” and “bad” stress
• Dayforce’s in-house employee risk scoring model and the power of just-in-time access controls
• The impact of generative AI on phishing threats and how awareness training must evolve
• A real-life story of using a fake $200 gift card to teach conference-goers a lesson on social engineering

Whether you’re leading a SOC or standing at the front of a classroom, this episode is a masterclass in turning knowledge into influence—and purpose into performance.

In this episode of The New CISO, host Steve Moore speaks with Rich Durost, Chief Information Security Officer at Froedtert ThedaCare Health, about his journey from West Point cadet to cybersecurity leader—and what slicing cake has to do with building effective security programs.

Drawing from 23 years in the military and over 15 years in cybersecurity, Rich shares how discipline, preparation, and teamwork—skills first sharpened during plebe year dessert duty—translate directly into the responsibilities of a CISO. He reflects on the shift from tactical to strategic thinking, the value of mentoring deputies, and why authentic leadership and relationship-building are vital in today’s remote work environment.

Rich also explores the unique challenges of healthcare cybersecurity, the importance of aligning with clinical goals, and how CISOs can move from being the "department of no" to strategic business enablers by simply asking “how” instead of “no.”

Whether you're a rising security professional or a seasoned executive, you’ll gain practical leadership takeaways—and maybe a new appreciation for cake.

In this episode of The New CISO, host Steve Moore sits down with Michael Mendelsohn, CISO at Majesco, to discuss his journey in cybersecurity—from his early days as a software developer to leading security for a major insurance software company.

Michael shares insights into the evolving role of a CISO, the intersection of security and technology, and how curiosity and problem-solving have shaped his career. He dives into his experience building Arcus, an early security tool designed for software inventory and patch management, and how grassroots security engineering played a pivotal role in his professional growth.

Other key topics include:

✅ The changing landscape of cybersecurity leadership

✅ The balance between open-source tools and enterprise security solutions

✅ AI’s impact on security automation and risk management

✅ How security leaders can work effectively with legal teams

✅ The importance of curiosity, adaptability, and mentorship in a security career

Whether you're a seasoned security professional or an aspiring CISO, this episode offers valuable insights into the challenges and opportunities of leading security in today’s rapidly evolving digital landscape.

🔗 Listen now and learn how to navigate the complexities of cybersecurity leadership with a strategic and technical mindset!

#Cybersecurity #CISO #Leadership #SecurityEngineering #AI #CyberThreats #RiskManagement #DataSecurity #TechLeadership

In this episode of The New CISO, host Steve Moore sits down with Yannick Herrebaut, Cyber Resilience Manager at the Port of Antwerp-Bruges, to explore his unconventional journey from intern to security leader. Yannick shares how his early passion for technology, sparked by gaming and building his own PCs, laid the foundation for his career in cybersecurity.

They discuss the importance of strong internship programs, the transition from network engineering to security leadership, and the key lessons learned when stepping into a CISO role for the first time. Yannick also reflects on the challenges of building a security program from scratch and the critical skills needed to lead a growing security team.

Key topics include:

• How internships can shape future cybersecurity leaders
• The transition from network engineering to security leadership
• The importance of business alignment in cybersecurity
• Lessons learned in managing a growing security team
• Advice for aspiring CISOs on stepping into leadership roles

00:00 - Introduction & Meet Yannick Herrebaut

02:30 - From Gaming to Cybersecurity: A Passion for Technology

06:30 - Internship at the Port of Antwerp: A Career Launchpad

10:00 - The Value of Cybersecurity Internships & Mentorship

17:00 - From Network Admin to CISO: A Big Career Leap

27:00 - Building a Security Program from Scratch

35:00 - Lessons in Leadership & Team Growth

45:30 - What It Means to Be a New CISO

Links: LinkedIn

In this insightful episode of The New CISO, host Steve Moore reconnects with Azzam Zahir to explore his career evolution, from cybersecurity leadership to his recent role as a vertical CIO at General Motors. Azzam shares candid reflections on his conscious decision to leave his 12-year tenure, embracing change, and navigating personal growth in leadership roles.

Dive into Azzam’s inspiring journey as he discusses:

• Overcoming Career Burnout: How to recognize signs of exhaustion and take proactive steps toward rejuvenation.
• Navigating Career Pivots: The importance of calculated risks and stepping beyond the traditional boundaries of cybersecurity.
• Building Trust Through Relationships: Insights on fostering trust and credibility within organizations to facilitate career growth.
• Maintaining Mental Health: Practical tips on incorporating wellness into demanding careers, from mental health check-ins to daily habits for balance.
• The Gartner Hype Cycle of Careers: Azzam's unique perspective on managing career highs and lows and knowing when to make a change.

This episode is a must-listen for IT and security professionals considering career transitions, aspiring leaders seeking inspiration, or anyone looking to balance professional growth with personal well-being. Tune in to gain actionable advice and deep reflections from a leader who’s successfully embraced transformation.

0:00 Introduction and Guest Overview

1:43 Announcing a Career Change

5:54 Transitioning from Cybersecurity to CIO

13:03 The Emotional Impact of Cybersecurity Careers

22:36 Prioritizing Health and Wellness

30:10 The Power of Non-Traditional Thinking

35:34 The Gartner Hype Cycle of Careers

41:55 Advice for Career Transitions

Links: LinkedIn

In this insightful episode of The New CISO, host Steve Moore sits down with Sanju Misra, Chief Information Security Officer (CISO) at Alnylam Pharmaceuticals, to explore the pivotal moments that have shaped her impressive career in cybersecurity leadership. Sanju shares her strategies for navigating career transitions, the importance of aligning with a company’s mission, and how to identify the right time to move on from a role.

Listeners will gain valuable insights into:

• How Sanju built her career by embracing challenging projects and maintaining authentic professional relationships.
• The decision-making processes behind her moves from GE to Praxair, and eventually to Alnylam Pharmaceuticals.
• The evolution of her leadership style from a technical expert to a business risk executive.
• Why aligning with a company’s culture and mission is crucial for long-term success.
• Tips for aspiring CISOs on taking initiative, growing their networks, and articulating risk in business terms.

Sanju’s reflections on imposter syndrome, professional growth, and the rewards of working in a patient-focused organization offer both inspiration and practical advice for leaders at every stage of their careers. Tune in to hear her story and discover actionable strategies for thriving as a modern CISO.

0:00 - Introduction and Show Overview

1:10 - Sanju Misra’s Career Path: From GE to Praxair

4:00 - Building Security Programs and Leadership Growth

6:30 - Navigating Mergers and the Role of Culture

10:00 - Transitioning from Technologist to Business Risk Leader

15:50 - Career Advice for Aspiring CISOs

22:00 - Key Takeaways: Communication and Leadership Evolution

Links: LinkedIn

In this episode of The New CISO, host Steve Moore is joined by Sanju Misra, CISO and IT Risk Leader at Alnylam Pharmaceuticals. Sanju shares her journey from a college side hustle on a typewriter to becoming a security leader in the pharmaceutical industry. Along the way, she reflects on the importance of taking risks, embracing roles outside of your comfort zone, and the power of transferable skills.

Listen to Steve and Sanju discuss career transitions, building diverse teams, and why not checking every box on a job description might be the best career move:

00:00 - Meet Sanju

06:15 - The Start of a Tech Journey

18:30 - Taking the Leap

27:00 - Advice for Job Seekers

39:45 - Hiring from Within

51:15 - Networking and Career Growth

Links: LinkedIn

In this episode of The New CISO, host Steve Moore welcomes Ryan Shaw, Director of Information Security at Bond Brand Loyalty. Ryan shares his unique journey from working in kitchens and warehousing to becoming a leader in cybersecurity. He reflects on the importance of career change, battling imposter syndrome, and the challenges candidates face in a tough job market where companies often hunt for "unicorn" candidates.

Listen to Steve and Ryan discuss the transition into IT security, why hiring practices need to evolve, and the importance of mentorship for both personal and professional growth:

00:00 - Ryan Shaw’s Journey: From Warehousing to InfoSec Leadership

03:00 - Career Pivot: Entering Technology

06:00 - Overcoming Imposter Syndrome in IT

09:00 - The Importance of Mentorship and Support

13:00 - Navigating the Challenges of Job Hunting

17:00 - Advice for Better Hiring Practices in Security

20:00 - Building Visibility and Breaking Into InfoSec

24:00 - What It Means to Be a Security Leader

Links: LinkedIn

Summary:

In this episode of The New CISO, host Steve Moore speaks with Nicola Sotira, Head of CERT at Poste Italiane, about his journey from technical expert to business leader, all while following his dreams. Nicola shares the importance of mentorship, the value of building strong teams, and how he applied a Viking mentality to overcome challenges in his career. Listen in as Nicola reflects on leaving a prestigious role in Italy to embrace new opportunities abroad and what aspiring leaders can learn from his story. Whether you're thinking about making a career change or simply looking for advice on leadership, Nicola’s insights will inspire you to take action and move toward your dreams.

Listen to Steve and Nicola discuss:

00:00 -Nicola Sotira's Career Journey and Mentorship

03:37 - Balancing Business and Technical Roles

06:40 - Adapting to Technological Disruption

08:47 - Taking Risks: Moving to Sweden at Age 40

15:12 - Leadership Lessons from Peter: The Viking Mentality

18:17 - Hiring and Building a Strong IT Security Team

23:23 - Making Work Fun and Following Your Passion

28:52 - Advice for Aspiring CISOs: Follow Your Dreams

Links: LinkedIn

Episode Summary: In this episode of The New CISO, host Steve Moore is joined by Nicola Sotira, head of CERT at Poste Italiane. Nicola shares his journey from working on cryptographic devices in the pre-internet era to leading security teams today. His early work with assembly language, hardware security, and cryptanalysis offered unique challenges, but it also taught him the value of persistence, creativity, and mentorship. Steve and Nicola discuss the evolving role of hardware in cybersecurity and the importance of securing the supply chain. Listen in to hear about the lessons Nicola learned from breaking hardware before it was sold and how they continue to inform his approach to security today.

Listen to Steve and Nicola discuss the importance of hardware security, debugging code, and supply chain risks:

00:00 - Nicola Sotira: Career in Cryptography

04:46 - The Realities of Debugging Without Modern Tools

07:58 - Key Lessons from Early Hardware Security Work

12:43 - The Importance of Hardware in Cybersecurity

16:26 - Supply Chain Security Risks and Real-World Examples

23:00 - Criminal Collaboration and Emerging Cyber Threats

Links: LinkedIn