Oops, all Interviews: Switching to Cyber, CISO Reflections, and the State of TPCRM - Alexandre Sieira, Lenny Zeltser, Helen Patton - ESW #452

9 snips

Mar 30, 2026

Guest

Alexandre Sieira

Alexandre Sieira, serial entrepreneur and Tenchi Security CTO, on making inside-out third-party risk checks possible. Helen Patton, CISO advisor and author, on switching to cyber mid-career and leveraging diverse backgrounds. Lenny Zeltser, veteran security leader and former Axonius CISO, on CISO archetypes, leadership lessons, and securing fast-moving teams. Conversations cover TPCRM innovation, career pivots, and CISO reflections.

Ask episode

AI Snips

Chapters

Books

Transcript

Episode notes

ADVICE

Choose CISO Roles That Fit Your Strengths

Identify whether you're a builder, fixer, or scale operator and choose roles that match that strength.
Lenny Zeltser recommends pausing annually to reflect on program stage so you deliberately stay or transition rather than drift into complacency.

INSIGHT

Reframe Security As Shock Absorbers Not Just Brakes

Reframe the CISO role from gatekeeper to 'chief insecurity officer' who defines tolerated risk and builds shock absorbers.
Lenny says this enables secure business enablement for AI agents by creating guardrails instead of outright blocking innovation.

INSIGHT

Unconventional Backgrounds Offer High Value In Cyber

Non-obvious backgrounds like music, nursing, HR, or social work give cognitive skills valuable for threat detection, triage, and people problems in security.
Helen and Jackie note pattern recognition, triage calm, and people skills translate directly into cybersecurity roles.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Interview with Helen Patton about her new book, Switching to Cyber

Helen joins us to discuss her second book, "Switching to Cyber." Her first book discussed strategies for handling various stages of the cybersecurity career, while this one, co-written with Josiah Dykstra, provides a guide for switching to cyber mid-career.

Check out her book, Switching to Cyber: The Mid-Career Guide to Launching a Cybersecurity Career:

on Amazon
on Barnes & Noble
and on the publisher's website

Interview with Lenny Zeltzer: Reflections on Being a CISO

After a cybersecurity career in various roles, doing everything from product management to malware analysis training, Lenny spent 6 years in the CISO seat at Axonius, from near the inception of the company through its growth from its modest Series A stage in 2019 to the present, with nearly a billion in funding today.

Lenny's CISO Essays:

Interview with Alexandre Sieira: The state of TPCRM is shifting

The gold standard for third party cyber risk management has long been the humble questionnaire. While we've seen security rating services companies generate scores by scanning a company's external resources. Both approaches are widely considered inaccurate for either creating trust relationships or determining the true risk of doing business with a third party.

Every analysis of this problem comes to the same conclusion: without internal data about the state of systems and the security program, TPCRM can't improve substantially. Most this believe this to be an impossible problem: third parties would never share data this sensitive with a customer and first parties assume the same.

What if they did?

That's exactly the premise behind Tenchi Security, and Alexandre joins us to talk about how they've accomplished the 'impossible' in Brazil and aim to expand their success to the US.

Resources:

Thoughts from a panel discussion at a recent FS-ISAC event, shared on LinkedIn
Predicts 2026: Third-Party Cybersecurity Risk Management Evolves for the AI Era (Gartner Subscribers only, sorry)

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-452