CISO Confidential Podcast: Leading through a Cyber Attack, Step by Step

Call the CEO or let her sleep? Veteran CISO Brandon Pinzon’s guidance on making the judgment calls

CISO Confidential Podcast feat Brandon Pinzon ex CISO
Argo Group and SAFE CEO Saket Modi

It’s your basic CISO nightmare: The 4 AM alert that attackers are inside your systems – but you don’t know the who, what, when, where or why.

In this latest episode of the CISO Confidential podcast series, veteran CISO Brandon Pinzon (most recently with Argo Group speciality insurance provider) tells SAFE CEO Saket Modi an edge-of-the-seat story of a pre-dawn cyber attack and the methodical way that Brandon led his organization’s response. If you’re looking for a playbook on moving from incident detection, through response and containment, you’ll want to watch this podcast.

As Brandon explains, some of the most critical steps during a cyber incident aren’t technical—they’re judgment calls made under pressure: who to loop in, who to wake up, and how certain you need to be about the incident’s scope before escalating communication, all the way up to the CEO.

“The two things you really need to be successful, as a CISO, is a strong partnership with your CIO and a strong partnership with your Legal team because they are the ones that are helping you temper who does what and when…when you are having a bad day like that.”

“You never waste an incident,” Brandon adds. “You always take the opportunity to learn from it.”

Here are some takeaways from the CISO Confidential episode:

>>Take control early—don’t wait for all the facts before leading through uncertainty.

>>How you show up and lead in a crisis sets the tone for everyone around you.

>>Balance transparency with calm structure when briefing executives mid-incident.

These were part of the winning formula that Brandon implemented earning not only him the trust of the executives but also his team.

Watch Episode 5 of the CISO Confidential podcast with Brandon Pinzon