The New CISO Ep. 142 - Alan Lucas | Architect and Firefighter: How a Modern CISO Leads in Crisis скачать в хорошем качестве

The New CISO Ep. 142 - Alan Lucas | Architect and Firefighter: How a Modern CISO Leads in Crisis

Alan Lucas always wanted to be an architect or a firefighter — as CISO of Worldstream and Greenhouse Datacenters, he has become both. In this episode, he joins host Steve Moore to explore leading cybersecurity at the intersection of design and crisis response. Alan traces his path from Fox-IT through a Dutch cryptocurrency exchange where he arrived post-breach to an organization under near-constant attack from nation-state threat actors. Leading a technically sophisticated but security-anxious leadership team, he learned the lasting power of transparency and directness — and his most memorable measure of success was not a technical control, but a CTO who finally slept through the night. The conversation goes deep into crisis communication. Alan and Steve discuss how the industry has matured from reflexive silence around breaches to embracing transparency as a trust-building tool, the danger of well-meaning legal edits that send customers chasing the wrong narrative, and why the CISO should hold final review over all public incident communications. He also shares his Security Champions Program, tabletop exercise design, and why knowing who to call in a crisis must be mapped out before that crisis arrives. Alan also covers his volunteer work with the DIVD, coaching ethical hackers and supporting responsible disclosure worldwide — an extension of his belief that security, done well, creates trust and enables growth for everyone. The episode closes on "bouncing forward" — the idea that true resilience means using every incident as a forcing function for improvement, not just a return to baseline. Alan frames lessons learned as the most important resilience KPI a security team can own. A masterclass in leading through both calm and chaos. Key Topics • The architect-and-firefighter mindset: building security programs while fighting live fires • Alan's career path from Fox-IT (MSSP) to post-breach CISO at a cryptocurrency exchange • Leading security post-breach — and what "sleeping well again" actually means • The unique threat landscape facing cryptocurrency companies, including nation-state adversaries • The Dutch Institute for Vulnerability Disclosure (DIVD): coordinated, ethical vulnerability disclosure worldwide • Mentoring young ethical hackers: communication, confidence, and responsible disclosure process • Crisis communication: balancing transparency with operational security during active incidents • Why legal edits to breach notifications can mislead customers and create dangerous distractions • The CISO's role as final reviewer of all incident communications • Security Champions Programs: bridging the gap between security and non-technical departments • Tabletop exercise design: running effective simulations in under an hour with non-technical staff • Writing the breach notification letter before the breach happens • Bouncing forward, not bouncing back: using lessons learned as a resilience KPI • Security as a business enabler: positioning the CISO role for organizational growth and confidence Guest Bio Alan Lucas is CISO at Worldstream and Greenhouse Datacenters, two of the Netherlands' leading cloud and data center infrastructure providers. With over a decade of cybersecurity experience, he leads security strategy for mission-critical IT and cloud environments. Prior roles include Fox-IT (MSSP) and LiteBit, a Dutch cryptocurrency exchange where he served as CISO post-breach. Alan also volunteers as a coach at the Dutch Institute for Vulnerability Disclosure (DIVD), mentoring ethical hackers and supporting responsible disclosure globally. He is passionate about security as a catalyst for innovation — and about building a safer digital society, one step at a time. LEARN MORE: 👉 Connect with Alan on LinkedIn. GET A DEMO: 👉 Get a hands-on demo of the Exabeam products: https://www.exabeam.com/demo 🔔 Subscribe for more product demos and cybersecurity insights! ABOUT EXABEAM: Exabeam is a leader in intelligence and automation that powers security operations for the world’s smartest companies. As a global cybersecurity innovator, Exabeam provides industry-proven, security-focused, and flexible solutions for faster, more accurate threat detection, investigation, and response (TDIR). Cutting-edge technology enhances security operations center performance, optimizing workflows and accelerating time to resolution. With consistent leadership in AI innovation and a proven track record in security information and event management (SIEM) and user behavior analytics, Exabeam empowers global security teams to combat cyberthreats, mitigate risk, and streamline operations. Real Intelligence. Real Security. Real Fast. Learn more at: https://www.exabeam.com/ CONNECT WITH US: X/Twitter: https://x.com/exabeam Instagram:   / exabeam   LinkedIn:   / exabeam   Facebook:   / exabeam   Blog: https://www.exabeam.com/blog/