In our last Super Cyber Friday, “Hacking the Resilience Mindset: An hour of critical thinking about building the proper foundation for success,” we examined how cybersecurity teams can move beyond reactive protection toward long-term adaptability and continuity.
Our conversation focused on asset visibility, reframing resilience for business stakeholders, and why doing the “boring stuff” right is often the key to surviving a breach.
Joining us for this conversation were
Liz Morton
, field CISO,
Axonius
, and
Nick Vigier
, CISO,
Oscar Health
.
HUGE thanks to our sponsor, Axonius
Watch the full video here
Watch the demo video here
Join us next Friday, July 18, 2025, for “Hacking Vendor Competition”
Super Cyber Friday will be back Friday, July 18, for our discussion “Hacking Vendor Competition: An hour of critical thinking about when sales tactics cross the line.” It all starts at 1 PM ET/10 AM PT.
>>> REGISTER for 07-18-2025 Super Cyber Friday <<<
Did you know that we have an events calendar?
Visit our events page to subscribe (look at the dropdown in the upper right) so you can stay up to date on Super Cyber Friday and other CISO Series content.
Best quotes from our guests
“You don’t have to be perfect to be resilient. You just have to know that you can recover and that you have the ability to react quickly and deliberately in a moment of chaos.” – Nick Vigier, Oscar Health
“Secure is being prepared for the worst. Resilience goes a step farther—how do you continue to operate if something happens?” – Liz Morton, Axonius
“When you look at resilience, it’s not a framework. It’s not a control. It’s a behavior—and it’s a behavior that’s learned over time.” – Nick Vigier, Oscar Health
“If you’ve worked out your plan for recovery and you’ve practiced how you play, the chances that you’re going to remove a whole bunch of loss, friction, upset, and risk is very high—and the business tends to really like that.” – Liz Morton, Axonius
“If all we’re selling is security, we’re selling insurance, and that’s a race to zero… But if you’re gonna drive performance and resilience—that’s an investment. There’s a multiplier in there.” – Nick Vigier, Oscar Health
“Automation is important, but having your people know what to do—especially when things go wrong—is just as critical.” – Liz Morton, Axonius
Quotes from the chatroom
“Axonius customer here… I can’t underscore how useful it is during an emerging incident to get rapid clarity about your asset inventory and the related blast radius. Speed matters in those situations.” –
Duane Gran
, director of information security,
Converge Technology Solutions Corp.
“You don’t get availability without resilience. But it’s not the only thing you need to get availability.” –
Paul Lanzi
, principal consultant,
IDenovate
“I’ve started to adopt the ‘pre-mortem’ which is an effort before we launch a project to imagine the various ways that it could fail. It really makes you think critically about how deployment risk.” – Duane Gran, director of information security, Converge Technology Solutions Corp.
“Schedule the unplanned outages for 12:00 a.m. and you’ll gain a couple of more hours to get back online.” –
Andrew Aken, PhD, CISSP
, CIO/vCISO,
DocDrew, LLC
“Hardest question for any company to answer in the world of DB’s … how much data can you afford to loose.” –
James S.
, Dev/Sec/Ops
