Duha

📣 We're THRILLED to announce Andy Ellis—legendary CISO, Hall of Fame CSO, and author of 1% Leadership—as our keynote speaker at the Cybersecurity Summit on October 9th! Founder & CEO of Duha, co-host of The CISO Series podcast, editor of How to CISO, and an experienced board member and advisor, Andy brings unmatched expertise. With 20+ years leading Akamai's security strategy, plus accolades ranging from the Air Force Commendation Medal to the CSO Compass Award, he is a true leader at the intersection of security, leadership, and innovation. At Summit, he'll share game-changing insights on AI, decision-making, and the future of cybersecurity. And here's what makes this even better: ✨ Free event ✨ Free copy of 1% Leadership for every attendee ✨ Book signing with Andy during the networking reception Don't miss your chance to hear from one of the most respected voices in cybersecurity. Register now—only 23 days to go! aqte.ch/LICyberSummit #AQCybersecuritySummit #CSOHallofFame #CISO #Cybersecurity #AI How to CISO CSO Online Duha

Just came back from one of my favorite activities: working with a GTM team (mostly BDRs and field marketers) on Cultivating CISOs: how to model how a CISO tends to think, how to structure the messaging, and how to engage (plus, importantly, how not to fall flat on your face). Yes, this is a pitch! If you own a sales or marketing team, and you're having a hard time breaking through the noise that inundates CISOs, and you need to improve your engagement, I have the workshop for your team: virtual or on-site. You know how to find me. But! What if you're a BDR/SDR/ADE, or an events/field marketer, and you don't want to wait for your CRO/CMO to bring me to your company? Next week, I'll be offering a virtual workshop, just for you! Space is limited (I'm trying 20 people, so everyone can engage), cost is low ($300 for the best professional development you've ever gotten), and the time commitment is small: 90 minutes on a Friday early afternoon, when no CISO is going to take your call anyway. August 22nd, 1 pm Eastern. Be there, or use the 90 minutes to send cold emails that aren't going to get read anyway. RSVP site in the comments!

The State of Security Vendors: BlackHat 2025 A view from the show floor - which I walked for two days, and then spent a few days summarizing the data. The 359 observed Blackhat vendors, by and large, did a decent job of making their booths tell you enough of what they did so that you could self-select who to talk to, because there isn’t enough time to talk to every vendor. Almost 20% missed the mark: 16 vendors had no useful visible messaging and 55 had unclear messaging. As expected, AI was everywhere (on 1 in 3 booths), and it was sometimes hard to tell exactly what a vendor meant about how they used AI. 118 vendors mentioned AI. 18 vendors appeared to be securing your AI usage, from GenAI to in-house agents (although only two mentioned MCP). 20 vendors mentioned agents/agentic, and another 20 used AI as an adjective (AI-led, AI-enhanced, etc), while 60 just mentioned AI. The biggest space? Code security, with 105 vendors (not including the application delivery side of the house). Surprising absence? Deepfake detection. Maybe all the VCs are excited about it, but only 3 vendors on the show floor advertised it … and one of them was a reseller of another. Platforms abound! 32 vendors mentioned being some kind of platform. Untrusted? Zero trust only appeared on 6 booths. Normally, I link to my PDFs, but since someone else has already redistributed it onto LinkedIn, you get it bonus here without needing to click further. (But you should).