Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

How to Improve Cyber Security and Phishing Protection with a Fractional Executive

Many organisations today turn to fractional executives - such as a fractional CEO or fractional CFO - to gain fast access to reliable external expertise that improves operations without committing to a full-time hire. Similar solutions exist for specialised cyber security leadership: a fractional CISO can provide strategic oversight, governance, and risk-based decision-making on a flexible basis. For organisations facing ever-more sophisticated threats and limited internal resources, engaging an expert on a fractional basiscan mean the difference between reactive firefighting and proactive cyber resilience.

Identity & Access Management (IAM) Metrics Every CISO Must Track in 2026

Consider a common scenario: Your organization has allocated millions toward firewalls, endpoint protection, and advanced threat detection systems. Your security operations team maintains continuous monitoring through sophisticated dashboards. Yet, despite these comprehensive defenses, an attacker can gain unauthorized access using nothing more than compromised credentials and a hijacked service account. This is where identity and access management metrics play a key role.

What does a virtual CISO (vCISO) actually do?

A virtual CISO is your on-demand cybersecurity resource. We provide the same strategic leadership as an in-house CISO, without the full-time commitment. vCISOs are used by organisations that need experienced security leadership to meet their compliance requirements, manage cyber risk, and guide security decisions, but don’t yet have a permanent CISO, or may have an interim requirement for a vCISO.

LevelBlue Security Colony: A Practical Cybersecurity Resource Hub for CISOs

Few cybersecurity knowledge repositories are as broad, deep, or widely respected as LevelBlue Security Colony. Industry analyst firm IDC has recognized the value of Security Colony, noting that clients and other organizations interested in understanding their cybersecurity posture download thousands of resources each month, many of which are available at no cost.

Measuring Agentic AI Posture: A New Metric for CISOs

In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers indicate to the Board how quickly we respond when issues arise. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised, data exfiltration happens in milliseconds rather than days. If you are waiting for an incident to measure your success, you have already lost.

The New CISO Podcast Ep. 140 - Manuel Ressel | The Four Cs: Why a Schoolteacher Makes a Great CISO

In this episode of The New CISO, host Steve Moore speaks with Manuel "Manu" Ressel, CISO at SAUTER Group, about his unconventional journey from classroom teacher to cybersecurity leader—and why the "Four Cs" of modern education provide a powerful framework for building effective security programs. Drawing from years as both a teacher and school principal in Germany, Manu introduces Critical Thinking, Communication, Collaboration, and Creativity as essential leadership skills that fundamentally challenge how the industry approaches awareness training and incident response.
Featured Post

Security's Next Turning Point Is the Workforce

Cybersecurity is entering a turning point. It has less to do with new tools than a new reality: the workforce has changed. For years, security programs assumed risk lived in systems, controls, and configurations. People were the variable managed through policies, training, and best-effort awareness. That model was already under strain. Now it is being outpaced.

The New CISO Podcast Ep. 139 - Alex Rice | Safety Third: Why Security Shouldn't Be Your Top Priority

In this episode of The New CISO, host Steve Moore speaks with Alex Rice, Founder, CTO, and CISO at HackerOne, about challenging one of cybersecurity's most deeply held beliefs—that security should be the top priority. Drawing from his journey building security programs at Facebook and founding HackerOne, Alex introduces the "safety third" philosophy and explains why accepting that security is never first can actually make you more effective as a leader.