Back in My Day, You Could Get a Cybersecurity Job at the Corner Store
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “Back in My Day, You Could Get a Cybersecurity Job at the Corner Store” inside PodZeus.
In this episode of the CISO Series Podcast, hosts David Spark and Andy Ellis explore the evolving landscape of cybersecurity leadership, vendor dynamics, and generational differences in digital literacy. The conversation kicks off with a playful yet insightful discussion on the phrase 'Do you know who I am?', dissecting its connotations and offering respectful alternatives for asserting authority. The central theme revolves around the tension between startups chasing Fortune 500 logos for validation versus serving mid-market CISOs who often need their solutions most. Paul Drapeau, Head of Global Information Security at New Balance, shares his firsthand experience from the startup world, emphasizing the value of early customer feedback—even from small organizations—in shaping product-market fit. The hosts then delve into the idea of 'generational immunity' in cybersecurity, debating whether those who grew up with dial-up internet and manual troubleshooting have a deeper, more intuitive grasp of technology than today’s Gen Z users, who grew up with locked-down devices and seamless interfaces. The discussion evolves into the critical role of synthesis in modern security leadership, with Paul and Andy highlighting the need for 'specialist generalists' who can connect disparate domains and think beyond technical details. The episode closes with a humorous yet revealing 'What's Worse?' game, where a supply chain attack during a sixth-grade field trip is deemed far more damaging than a DDoS attack during a school musical—underscoring the real-world responsibilities that come with leadership. Throughout, the emphasis remains on trust, delegation, and purpose-driven decision-making in cybersecurity. Key takeaways include: 1) The 'Do you know who I am?' line can be reframed respectfully through context and humility; 2) Startups should balance enterprise deals with mid-market adoption to build sustainable growth; 3) Generational differences in tech exposure don’t equate to skill—curiosity and hands-on experience matter more; 4) The most effective CISOs are not just technical experts but synthesizers who connect dots across disciplines; 5) True leadership means empowering teams to act independently, with clear success criteria; 6) Delegation is not micromanagement, and overruling team decisions undermines trust; 7) The 'Does this stop the shoes?' test forces leaders to focus on business impact over technical minutiae; 8) AI tools require human judgment—especially in recognizing hallucinations and system constraints.
Reframe 'Do you know who I am?' with context and respect rather than ego.
Startups should serve mid-market CISOs as much as Fortune 500s for sustainable growth.
Generational tech exposure doesn't guarantee cybersecurity skill—curiosity and hands-on experience do.
Effective CISOs are 'specialist generalists' who synthesize across domains.
Delegation requires trust, clear success criteria, and protection from unnecessary escalations.
…and 3 more takeaways available in PodZeus
The Power of Perspective: Why Vendors Matter
David Spark and Andy Ellis open the episode by highlighting the value of external perspectives from security vendors, setting the stage for a conversation on leadership, trust, and generational differences in cybersecurity.
The 'Do You Know Who I Am?' Dilemma
“There's a way to treat people with respect and to cajole them a little bit rather than make them feel bad about who they are or them not knowing you.”
Startups vs. Fortune 500: The Marketing Trap
“Our first paying customer was about a 60-person textile manufacturing company. We probably spent more at the bar that night celebrating than we got for the deal, but we learned a ton.”
Generational Immunity: The 80s & 90s Advantage
“We grew up watching these things get built. We probably had a home computer that wasn't connected to anything, and then we got to dial-up, and then we got to wired internet...”
Synthesis: The New Edge in Cybersecurity Leadership
“The value now belongs to what he calls the, quote, specialist generalist, someone deep enough to master something wide enough to connect it meaningfully to something else.”
“If you're once you master Paul's skill, which is right on like that's where you need to get to watch out for escalations every time somebody outside your organization escalates because they didn't like a decision that somebody on your team made and you overrule the person on your team. That's a failure on your part, not on the person's part.”
“The value now belongs to what he calls the, quote, specialist generalist, someone deep enough to master something wide enough to connect it meaningfully to something else.”
“The DDoS is hurting us and but it's recoverable... That's a much worse problem. These are just not even comparable to me.”
Hosts
Guest
Andy Ellis
person
Paul Drapeau
person
David Spark
person
CISO Series Podcast
media
Doppel
brand
RSA Conference
other
New Balance
brand
LimeWire
product
Commodore 64
other
Bruce Schneier
person
Do You Think These Compliance Boxes Check Themselves? (LIVE in Clearwater, FL)
CISO Series Podcast • 43m • 3/31/2026
Remember, Every Underappreciated Risk Is Just a Crisis Waiting to Be Discovered
CISO Series Podcast • 42m • 4/7/2026
Our Theoretical Controls Work Great Against Hypothetical Attacks
CISO Series Podcast • 43m • 4/14/2026
Get the full intelligence
Search transcripts, export clips, track mentions, and explore all topics from “Back in My Day, You Could Get a Cybersecurity Job at the Corner Store” inside PodZeus.
Start discovering podcast insights today
Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.
No credit card required • 7-day trial • Cancel anytime