Deny By Default as CISOs Battle Platform Fatigue and Show Value to the Board – Danny Jenkins – BSW #391
Zero Trust isn't a new concept, but not one easily implemented. How do organizations transform cybersecurity from a "default allow" model, where everything is permitted unless blocked, to a "default deny" model?
Danny Jenkins, Co-founder and CEO at ThreatLocker, joins Business Security Weekly to discuss this approach. Deny by default means all actions are blocked by default, with only explicitly approved activities allowed. This shift enhances security, reduces vulnerabilities, and sets a new standard for protecting organizations from cyber threats. Danny will discuss how ThreatLocker not only protects your endpoints and data from zero-day malware, ransomware, and other malicious software, but provides solutions for easy onboarding, management, and eliminates the lengthy approval processes of traditional solutions.
This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them!
In the leadership and communications section, Bridging the Gap Between the CISO & the Board of Directors, CISO MindMap 2025: What do InfoSec Professionals Really Do?, How to Prevent Strategy Fatigue, and more!
Danny Jenkins, CEO & Co-Founder of ThreatLocker, a cybersecurity firm providing Zero Trust endpoint security, is a leading cybersecurity expert with over two decades of experience building and securing corporate networks, including roles on red and blue teams. He is dedicated to educating industry professionals about the latest cyber threats and frequently speaks on the topics of ransomware and Zero Trust.
Identiverse 2025 is returning to Las Vegas, June 3-6. Hear from 250+ expert speakers and connect with 3,000+ identity security professionals across four days of keynotes, breakout sessions, and deep dives into the latest identity security trends. Plus, take part in hands-on workshops and explore the brand-new Non-Human Identity Pavilion. Register now and save 25% with code IDV25-SecurityWeekly at https://www.securityweekly.com/IDV2025
Matt Alderman
- Bridging the Gap Between the CISO & the Board of Directors
Positioning security leaders as more than risk managers turns them into business enablers, trusted advisers, and, eventually, integral members of the C-suite.
- The Value of a Chief Information Security Officer CISO in the Corporate World – Cybersecurity Insiders
In today’s fast-paced digital landscape, the role of the Chief Information Security Officer (CISO) has become essential to the success and stability of organizations worldwide. With cyber threats growing more sophisticated and data breaches becoming more common, companies can no longer afford to overlook the importance of cybersecurity leadership. The CISO has emerged as a key executive responsible for safeguarding an organization’s information, technology, and assets from evolving security risks.
- CISO MindMap 2025: What do InfoSec Professionals Really Do?
Job of a Chief Information Security Officer (CISO) is complex. Many individuals outside the realm of cybersecurity often underestimate the intricacies involved in a security professional’s role. Since its inception in 2012, the CISO MindMap has served as a valuable educational resource, offering insights into CISO responsibilities and aiding security professionals in crafting and enhancing their security programs. Continuously adapting to reflect the evolving landscape of cybersecurity, the CISO MindMap has been updated to accommodate the latest developments in the field. Here is the most recent iteration of the CISO MindMap for 2025, featuring numerous enhancements and fresh recommendations for the next 12-18 months covering the year 2025-26.
- CISOs battle security platform fatigue
It starts with good intentions. A tool to stop phishing. Another to monitor endpoints. One more for cloud workloads. Soon, a well-meaning CISO finds themselves managing dozens of products across teams, each with its own dashboard, alerts, and licensing headaches.
- Practical Advice for Your Next CISO Job Interview
The landscape for CISOs is shifting, and so should your approach to finding your next role. Whether you’re actively interviewing or just starting to explore opportunities, here are suggestions to navigate the evolving job market strategically and effectively.
- Cybersecurity Pros Are Feeling Pressure from RTO, Budget Cuts
In the past several years, job satisfaction among cyber professionals has begun to drop. A pair of recent studies show that layoffs, budget cuts, return-to-office mandates, and vocational burnout are profoundly affecting the security workforce at a time when threats are rising and critical positions remain open and unfilled.
- How to Prevent Strategy Fatigue
Strategy fatigue is a phenomenon that’s on the rise. Recent studies show a notable increase in the frequency of strategy shifts. A survey of 1,284 executives revealed that 85 percent of senior leaders have observed “an explosive increase” in transformation projects over the past five years. But talented managers on the receiving end of multiple and frequent strategy shifts will lose motivation and energy—and they will leave. To reduce this danger, CEOs need to impose some discipline on the growing tendency to try out the strategy du jour. Before inflicting their shiny new ideas on their people, they should: (1) Use clear screening criteria to evaluate whether a new idea or project aligns with the company’s strategic direction; (2) Apply data-based scoring frameworks to rank ideas by impact and feasibility; (3) Set up proof-of-concept experiments; and (4) Maintain a single, visible pipeline.
