Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

wallarm

CISO Spotlight: Craig Riddell on Curiosity, Translation, and Why API Security is the New Business Imperative

Feb 11, 2026 By Wallarm In Wallarm
It’s an unusually cold winter morning in Houston, and Craig Riddell is settling into his new role as Wallarm’s Global Field CISO. It’s a position that suits him down to the ground, blending technical depth, empathy, business acumen, and, what Craig believes, the most underrated skill in cybersecurity: curiosity. Like so many of us, Craig got into cybersecurity by accident. He first learned Unix under the guidance of a mentor while transitioning out of the military.
Read Post
How to Improve Cyber Security and Phishing Protection with a Fractional Executive

How to Improve Cyber Security and Phishing Protection with a Fractional Executive

Feb 10, 2026 By SecuritySenses In SecuritySenses
Many organisations today turn to fractional executives - such as a fractional CEO or fractional CFO - to gain fast access to reliable external expertise that improves operations without committing to a full-time hire. Similar solutions exist for specialised cyber security leadership: a fractional CISO can provide strategic oversight, governance, and risk-based decision-making on a flexible basis. For organisations facing ever-more sophisticated threats and limited internal resources, engaging an expert on a fractional basiscan mean the difference between reactive firefighting and proactive cyber resilience.
Read Post
miniorange

Identity & Access Management (IAM) Metrics Every CISO Must Track in 2026

Feb 3, 2026 By Minal Purwar In miniOrange
Consider a common scenario: Your organization has allocated millions toward firewalls, endpoint protection, and advanced threat detection systems. Your security operations team maintains continuous monitoring through sophisticated dashboards. Yet, despite these comprehensive defenses, an attacker can gain unauthorized access using nothing more than compromised credentials and a hijacked service account. This is where identity and access management metrics play a key role.
Read Post
keep

What does a virtual CISO (vCISO) actually do?

Feb 2, 2026 By Keep Information Security Services In KEEP
A virtual CISO is your on-demand cybersecurity resource. We provide the same strategic leadership as an in-house CISO, without the full-time commitment. vCISOs are used by organisations that need experienced security leadership to meet their compliance requirements, manage cyber risk, and guide security decisions, but don’t yet have a permanent CISO, or may have an interim requirement for a vCISO.
Read Post
levelblue

LevelBlue Security Colony: A Practical Cybersecurity Resource Hub for CISOs

Feb 2, 2026 By LevelBlue In LevelBlue
Few cybersecurity knowledge repositories are as broad, deep, or widely respected as LevelBlue Security Colony. Industry analyst firm IDC has recognized the value of Security Colony, noting that clients and other organizations interested in understanding their cybersecurity posture download thousands of resources each month, many of which are available at no cost.
Read Post

The New CISO Podcast Ep. 140 - Manuel Ressel | The Four Cs: Why a Schoolteacher Makes a Great CISO

Jan 29, 2026 By Exabeam In Exabeam
In this episode of The New CISO, host Steve Moore speaks with Manuel "Manu" Ressel, CISO at SAUTER Group, about his unconventional journey from classroom teacher to cybersecurity leader—and why the "Four Cs" of modern education provide a powerful framework for building effective security programs. Drawing from years as both a teacher and school principal in Germany, Manu introduces Critical Thinking, Communication, Collaboration, and Creativity as essential leadership skills that fundamentally challenge how the industry approaches awareness training and incident response.
View Video
salt security

Measuring Agentic AI Posture: A New Metric for CISOs

Jan 29, 2026 By Eric Schwake In Salt Security
In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers indicate to the Board how quickly we respond when issues arise. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised, data exfiltration happens in milliseconds rather than days. If you are waiting for an incident to measure your success, you have already lost.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.