Oops, all Interviews: Switching to Cyber, CISO Reflections, and the State of TPCRM – Lenny Zeltser, Helen Patton, Alexandre Sieira – ESW #452
Interview with Helen Patton about her new book, Switching to Cyber
Helen joins us to discuss her second book, "Switching to Cyber." Her first book discussed strategies for handling various stages of the cybersecurity career, while this one, co-written with Josiah Dykstra, provides a guide for switching to cyber mid-career.
Check out her book, Switching to Cyber: The Mid-Career Guide to Launching a Cybersecurity Career:
- on Amazon
- on Barnes & Noble
- and on the publisher's website
Interview with Lenny Zeltser: Reflections on Being a CISO
After a cybersecurity career in various roles, doing everything from product management to malware analysis training, Lenny spent 6 years in the CISO seat at Axonius, from near the inception of the company through its growth from its modest Series A stage in 2019 to the present, with nearly a billion in funding today.
Lenny's CISO Essays:
- What Being a CISO Taught Me About Security Leadership
- As a CISO, Are You a Builder, Fixer, or Scale Operator?
- The Chief Insecurity Officer
Interview with Alexandre Sieira: The state of TPCRM is shifting
The gold standard for third party cyber risk management has long been the humble questionnaire. While we've seen security rating services companies generate scores by scanning a company's external resources. Both approaches are widely considered inaccurate for either creating trust relationships or determining the true risk of doing business with a third party.
Every analysis of this problem comes to the same conclusion: without internal data about the state of systems and the security program, TPCRM can't improve substantially. Most this believe this to be an impossible problem: third parties would never share data this sensitive with a customer and first parties assume the same.
What if they did?
That's exactly the premise behind Tenchi Security, and Alexandre joins us to talk about how they've accomplished the 'impossible' in Brazil and aim to expand their success to the US.
Resources:
- Thoughts from a panel discussion at a recent FS-ISAC event, shared on LinkedIn
- Predicts 2026: Third-Party Cybersecurity Risk Management Evolves for the AI Era (Gartner Subscribers only, sorry)
Lenny Zeltser is a cybersecurity executive with deep technical roots, product management experience, and a business mindset. He has built security products and programs from early stage to enterprise scale. He is also a Faculty Fellow at SANS Institute and the creator of REMnux, a popular Linux toolkit for malware analysis. Lenny shares his perspectives on security leadership and technology at zeltser.com.
Helen Patton is a strategic cybersecurity advisor at Cisco. Previously she served as a CISO for the Cisco Security Business Group, and an Advisory CISO, providing strategic insights to the security community. She was the CISO at The Ohio State University and spent ten years in risk and resiliency at JPMorganChase.
Helen actively encourages cybersecurity collaboration across and within industries, to enable better information security and privacy practices. She actively works to expand the cyber workforce, and mentors people interested in pursuing careers in security, privacy and risk management. She advocates for more naps and is anti-bagpipes.
Helen has a Master’s degree in Public Policy. She serves on various cybersecurity advisory boards and industry groups. Helen is a blogger and the author of “Navigating the Cybersecurity Career Path”.
Alexandre (or Alex) Sieira is a successful information security entrepreneur in the information security field with a global footprint since 2003. He began his security career as a Co-Founder and CTO of CIPHER, an international security consulting and MSSP headquartered in Brazil which was later acquired by Prosegur. In 2015, he became Co-Founder and CTO of Niddel, a bootstrapped security analytics SaaS startup running entirely on the cloud, which was awarded a Gartner Cool Vendor award in 2016. After the acquisition of Niddel by Verizon in January 2018, he became the Senior manager and global leader of Managed Security Services products under the Detect & Respond portfolio tower at Verizon. Currently is the CTO and Co-Founder of Tenchi Security, a company disrupting the Third Party Cyber Risk Management market.
