CISO Confidential

Inside History's Biggest Cyberattack - SolarWinds | Tim Brown's Untold Story w/ Saket Modi

In this CISO Confidential episode with Saket Modi, Tim Brown - former CISO of SolarWinds, opens up about the SUNBURST attack that compromised 18,000 customers worldwide and reshaped the cybersecurity industry overnight. Tim walks through the first 48 hours of the breach, the anatomy of the nation-state attack that sat undetected in SolarWinds' build system for nearly a year, and the brutal personal toll that followed - including the SEC's unprecedented decision to charge him personally, and the heart attack he suffered in the middle of it all. The conversation goes deep on what every CISO should know about contracts, liability, and risk quantification in a post-SolarWinds world.

The CISO Playbook for High-Speed Decisions w/ Ben Smith | CISO Confidential | Saket Modi

In this CISO Confidential episode with Saket Modi, Ben breaks down the real playbook for high-speed security decisions: building “networks in a box” before supply chains locked up, balancing controls with urgency, and evolving from scrappy crisis-mode fixes to a mature, defensible risk program. The conversation also goes deep on why quantifying risk (and aligning with standards like FAIR and insurer expectations) is becoming essential for communicating with executives and making smarter security investments.

The $20M Coin Flip: Cyber Risk in Real business terms

CISO Confidential: Speaking Exec – Tony on Turning Cyber Risk into Business Decisions In this eye-opening episode of CISO Confidential, host Saket Modi sits down with Tony, a seasoned technology risk leader, to unpack one of his most vivid experiences: a SQL injection attack that triggered suspected customer data exfiltration. Tony shares not just the technical details of the breach, but the human, cultural, and boardroom dynamics that unfold when systems are at risk. He emphasizes that cyber risk is not about red, yellow, or green - executives don’t speak in colors. They speak in dollars and decisions. From incident response handoffs (security to legal, PR, and execs) to quantitative cyber risk modeling (CRQ), Tony explains how reframing risk in financial terms helps executives take decisive, proactive action. 🔥 Key Insights from Tony: ✔ Speak the language of business: CISOs must translate risk into dollars. ✔ Incident response is a company-wide effort - legal, PR, and executives matter as much as security. ✔ CRQ isn’t new - it’s actuarial science applied to cyber. ✔ Cooler heads prevail: practice through tabletop exercises. ✔ Risk isn’t the end goal - decisions are. If you’ve ever struggled with how to get buy-in from the board or explain cyber risk in a way that secures real action, this episode is a must-listen.

Post-Breach Action Plan: When Systems Go Down for Days w/ Drew Simonis | Saket @ CISO Confidential

CISO Confidential: Leadership Under Fire – Drew Simonis on Surviving a Week-Long Cyber Crisis Saket Modi sat down with Drew Simonis to unpack what it really feels like to lead through a prolonged cyber incident. In this episode of CISO Confidential, Drew goes beyond the technical details to reveal the hidden pressures — from executives demanding answers to teams struggling with burnout — and shares how empathy, preparation, and leadership are what truly matter in a crisis. Drew Simonis has decades of experience in enterprise cybersecurity, advising global businesses on risk, resilience, and security culture. His candid insights will resonate with CISOs who know that it’s not just about frameworks and tools — it’s about guiding people through uncertainty. 🔥 Game Changing Insights for CISOs ✔️ Preparation is everything — without continuity plans, chaos multiplies. ✔️ Security is about ensuring tomorrow looks like today — no surprises. ✔️ Too many executives in the room can kill progress — control the flow. ✔️ The CISO doesn’t own the risk — the business does. ✔️ Empathy > Technology — the best leaders focus on people first.

You won’t believe What Happens after a Cyber Breach w/ Supro Ghose | CISO Confidential | Saket Modi

CISO Confidential: What Really Happens After a Cyber Breach – Supro Ghose on Leadership Under Pressure Saket Modi sat down with Supro Ghose, CISO of Graphene Security, to explore what it truly means to lead with resilience in today’s evolving threat landscape. In this episode of CISO Confidential, Supro opens up about the human challenges behind the role, navigating burnout, driving cultural change, and finding balance between business priorities and security realities. From building trust with executives to mentoring teams through uncertainty, Supro shares stories and strategies that go far beyond frameworks and checklists. This candid conversation shines a light on the emotional intelligence and leadership qualities every CISO needs but few openly talk about. Supro Ghose is the Chief Information Security Officer at Graphene Security, where he oversees enterprise cyber defense, governance, and risk strategy. With a career spanning more than two decades, Supro has held senior security leadership roles across global financial institutions, consulting, and tech startups. He is known for his ability to combine technical depth with boardroom influence, translating complex security risks into actionable business priorities. At Graphene, Supro focuses on embedding a proactive, people-centric approach to security, empowering teams, fostering resilience, and enabling innovation while protecting critical assets. Beyond the office, he is a mentor and advocate for building the next generation of diverse cybersecurity leaders. 🔥 Game-Changing Advice for CISOs ✔️ Security is about people first — technology follows. ✔️ Culture eats controls for breakfast — embed security in everyday behaviour. ✔️ You can’t pour from an empty cup — prioritize mental health and resilience. ✔️ Speak in the language of business — that’s how you win board alignment. ✔️ The future CISO must balance empathy with execution — it’s not just about stopping breaches, it’s about leading people. Hosted by Saket Modi, CEO of SAFE, CISO Confidential pulls back the curtain on real-life breach stories from top security leaders. If you’ve ever wondered what really happens during a cyber crisis, or what a day in the life of a CISO is like, this podcast is your front-row seat to the action.