Life of a CISO with Dr. Eric Cole

In this episode of Life of a CISO, Dr. Eric Cole sits down with cybersecurity expert and fellow podcaster Christophe Foulon to dive deep into the evolving role of the Chief Information Security Officer. From breaking into cybersecurity to leading organizations through strategic risk decisions, Christophe shares real-world insights on how to transition from technical roles to executive leadership. They explore the challenges of balancing hands-on work with high-level strategy, how to communicate with business leaders without getting lost in technical jargon, and how to manage burnout while building organizational resilience. Christophe also tackles major topics like AI, zero trust, cyberwarfare, and BYOD policies, offering practical advice for today’s and tomorrow’s CISOs. If you're aiming to elevate your cybersecurity career or want to understand how top leaders think, this episode is packed with guidance, clarity, and perspective.  

In this episode of Life of a CISO, Dr. Eric Cole welcomes Michael Coates, a seasoned cybersecurity expert with over 20 years of experience. Michael shares his journey from working as a legal hacker to becoming Twitter’s first Chief Information Security Officer (CISO), and later founding his own data security company. They discuss how core cybersecurity principles remain constant despite evolving technologies and threats, emphasizing the importance of mastering fundamentals while adapting to new contexts like cloud and AI.   Michael offers practical advice for aspiring CISOs, highlighting the value of diverse security experience, business acumen—such as understanding finance and sales—and the ability to balance risk with business needs. He stresses the importance of building strong teams, effective communication with executives, and partnering closely with legal to manage liability. The conversation also touches on optimal reporting structures for CISOs and reframing security as a business enabler rather than a roadblock. Ultimately, Michael advocates for transparent risk communication and thoughtful preparation as keys to successful security leadership.

You’re living in a time where science fiction is quickly becoming your reality. In this high-impact episode of Life of a CISO, Dr. Eric Cole breaks down the current state of cybersecurity—from nation-state attacks and massive password breaches to the hidden threats living on your mobile device. You’ll hear Dr. Cole’s unfiltered take on a breach that exposed billions of credentials, why changing your password isn’t enough, and how an old app could be your biggest risk. Dr. Cole challenges you to see yourself not just as a security expert, but as a business leader with the power to make lives better. That mindset shift is everything. From the practical impact of multi-factor authentication to his radical but simple “delete an app a day” campaign, Dr. Cole shares tools you can implement right now. This episode isn’t just about defense—it’s about stepping up, thinking strategically, and leading the way forward.

In this episode of Life of a CISO, Dr. Eric Cole welcomes a true cybersecurity trailblazer: Dan Lohrmann. With a career that spans the NSA, Lockheed Martin, the State of Michigan, and now Presidio, Dan brings a rare depth of experience in both government and the private sector. As the first Chief Security Officer for an entire U.S. state and now a Field CISO advising public sector clients across the country, Dan shares practical wisdom and compelling stories about navigating the evolving CISO landscape. Together, Dr. Cole and Dan explore what it takes to build lasting trust as a security leader, the importance of strengthening your personal brand, and how to overcome barriers when leadership resists public visibility. Dan emphasizes the power of public speaking, blogging, and storytelling—not just to elevate your own profile, but to position cybersecurity as a strategic business enabler. They also dive into the value of setting clear non-negotiables when evaluating job opportunities, the role of culture and leadership alignment in long-term success, and tactical advice for those trying to land their first CISO role. Whether you’re in government, the private sector, or somewhere in between, this episode is a masterclass in influence, resilience, and leadership at the highest level.  

In this special episode of Life of a CISO, I sit down with the brilliant Jane Frankland, MBE—an internationally recognized thought leader in cybersecurity with over 28 years of experience. Jane shares her unexpected journey into the field, starting not from a tech background but from art and design. Her curiosity and drive led her to co-found one of the earliest penetration testing consultancies, long before the term "cybersecurity" became mainstream. Together, we dive into how the industry has evolved, why penetration testing has become commoditized, and why it's no longer enough to offer just technical solutions—true value now comes from insight, strategy, and resilience.   Jane also offers powerful reflections on the burnout many CISOs face today and why so many are leaving traditional roles to launch their own consultancies or step into virtual CISO models. We discuss what it really means to build a business in today’s climate, the importance of defining your unique value, and why small businesses are an underrated opportunity in the cyber space. From vendor strategy to shifting away from limiting beliefs, Jane brings a fresh, honest, and empowering perspective that challenges the status quo. Whether you're building your career or launching your own venture, this episode is full of clarity and inspiration for the next step in your cyber journey.  

In this episode of Life of a CISO, Dr. Eric Cole reconnects with longtime friend and cybersecurity legend Dr. Anton Chuvakin, whom he has known for over 25 years. The conversation opens with reflections on their decades-long professional journey and transitions into a deep dive into Anton’s current work at Google Cloud’s Office of the CISO. Anton shares how his team supports secure cloud and AI adoption—not as traditional field CISOs focused on sales—but as strategic advisors and researchers helping clients understand and implement Google’s advanced security models. The discussion spotlights Google’s internal use of Zero Trust architecture, highlighting how Google eliminated the need for VPNs over a decade ago. Anton explains how this approach—initially pioneered through Google’s BeyondCorp—combines stronger security with greater usability, a rare balance in cybersecurity. Dr. Cole presses into why more companies haven’t adopted Zero Trust, prompting Anton to emphasize the power of organizational inertia. Drawing from his years at Gartner, Anton notes that despite the proven benefits, many enterprises resist change due to legacy systems and mindset barriers. This episode offers a compelling look at the evolving landscape of enterprise security and the importance of embracing innovation over outdated habits.  

In this episode of Life of a CISO, Dr. Eric Cole interviews Hendrik Parkkinen, a seasoned cybersecurity expert from Sweden with over 20 years of experience, mostly in consulting and security strategy. They discuss Henrik’s journey into cybersecurity, emphasizing how passion and curiosity play a crucial role in succeeding in the field. Henrik shares how he transitioned from studying economics to cybersecurity after a recommendation from his mother and how he fell in love with the subject through a 12-month training program. Both Eric and Henrik highlight the importance of loving the work rather than just chasing money, since cybersecurity demands ongoing learning and commitment beyond regular hours. They also discuss practical advice for newcomers: be curious, explore various domains within cybersecurity, and don’t be afraid to pivot if something doesn’t fit. With the rise of accessible and often free learning resources online, breaking into the field is more feasible than ever, but focus and completing courses is essential. When it comes to certifications, Henrik believes they serve as useful entry points or validation badges, especially for HR filters, but experience and mastery are ultimately more important. Certifications should be viewed as part of a broader learning process, not an end in themselves.  

In this new episode of Life of a CISO, Dr. Eric Cole opens with one of his most powerful guiding principles: “Let data drive decisions, not emotions.” Drawing from his experiences traveling and meeting with top executives, he emphasizes the importance of making decisions based on reliable data rather than emotional impulses. He challenges listeners to ask themselves whether they have enough information to make an informed choice—not perfect information, but sufficient insight to move forward. When we delay decisions out of fear or uncertainty, it’s often because we lack confidence due to missing data. Dr. Cole encourages action: if you don’t have enough data, go get it. He then introduces his second foundational principle: “Smart people know the right answers; brilliant people ask the right questions.” These two mantras form the core of what it means to be a world-class CISO. But Dr. Cole takes it even further, revealing that the root of most professional frustration stems from a lack of alignment—whether it’s misalignment with your goals, your team, or the organization itself. He draws parallels between business alignment and physical alignment in cars or our bodies, reinforcing that clarity of purpose and alignment of actions are essential for not only being effective, but also reducing stress. Whether you’re a CISO or not, these lessons apply to every area of life.  

In this episode of Life of a CISO, Dr. Eric Cole shines a spotlight on a critical blind spot that many Chief Information Security Officers overlook: legal liability. While CISOs are often highly skilled and technically knowledgeable, it’s what they don’t know—particularly about their legal exposure—that can put them at serious risk. Dr. Cole explains that many CISOs hold the title of “chief” without realizing they may not officially be corporate officers, and that distinction matters. If you are considered a true officer of the company, you may be personally liable for failures or breaches, even if you weren't the root cause. He urges CISOs to ask the right questions during negotiations, ensure they understand their official role, and protect themselves with legal counsel and proper insurance coverage. He goes on to emphasize the importance of understanding how communication becomes evidence at the executive level. In today’s digital world, emails and text messages are no longer just conversations—they are legal records that can be used for or against you. Dr. Cole discusses how even a lack of written documentation can lead to lawsuits or termination if it's perceived that a CISO failed to inform the board about a critical risk. However, over-documenting can also backfire by making colleagues uncomfortable or wary. This delicate balance between transparency and discretion is a key leadership skill every CISO must develop. Ultimately, this episode is a wake-up call to every cybersecurity leader: the higher you rise, the more you must be aware of the legal and personal implications of your role.  

In this episode of Life of a CISO, Dr. Eric Cole dives deep into the dominating force of 2025: artificial intelligence. While AI is everywhere—embedded in nearly every conversation and technology—the real concern, he explains, isn’t just about its capabilities but the risks it brings, especially in cybersecurity and data privacy. Dr. Cole breaks AI down into its two primary types: machine learning, which relies on data sets, and expert systems, which mimic expert decision-making through logical rules. He shares how AI isn’t new, recounting his own early work building simple expert systems back in college, but warns that today’s AI is only as good—or as dangerous—as the data it consumes. Dr. Cole emphasizes that data is the real power behind AI, not the algorithms. Using TikTok as an example, he highlights how data collected over years can predict behaviors and influence markets, creating national security and privacy concerns. He also discusses why big players like Amazon might seek access to such rich behavioral data to maintain dominance in e-commerce. Drawing attention to the eerie accuracy of modern predictive systems, Dr. Cole calls on CISOs and security professionals to take responsibility: every interaction with AI is feeding it data, and that data needs to be protected. He urges leaders to ask tough questions about where their data goes, how it's used, and whether they are unknowingly contributing to systems that could expose sensitive information.