Filter By:
Velocity's Edge Podcast S1E9 - Nick Selby on Factionalism
When leadership is struggling with organizational dysfunction that stems from resource constraints, they tend to see teams in conflict: product versus engineering, sales versus operations, etc. They might assume the solution involves coaching, restructuring reporting lines, adjusting compensation models, or hiring more diplomacy-minded managers. But as EPSD’s Nicko Goncharoff and Nick Selby have learned through years of organizational interventions, the biggest threat to mid-stage technology companies isn’t functional disagreement. It’s the personal resentment that calcifies when strategic pivots in the business force zero-sum resource allocation.
Read more
Velocity's Edge Podcast S1E8 - Dr. Pablo Breuer on CISO Leadership
Many organizations hire Chief Information Security Officers (CISOs) expecting them to be security experts who can implement controls and prevent breaches. But as Dr. Pablo Breuer learned through 22 years in Navy cyber operations and leadership roles spanning National Security Agency red teams to Fortune 50 financial firms, the fundamental challenge isn’t technical — it’s that most companies don’t understand what they actually need from a CISO in the first place.
Read more
Velocity's Edge Podcast S1E7 - Peat Bakke on Operationalizing Decision Records
When Peat Bakke sits down for breakfast with engineering leaders, the conversation inevitably turns to the same frustrating pattern: talented people leave, and with them goes critical context about why systems work the way they do. Not just the technical details—those live in the code—but the reasoning behind architectural and technical choices, the problems those choices solved, and crucially, the alternatives that were deliberately rejected.
Read more
Velocity's Edge Podcast S1E6 - Thomas Dullien & Chris Swan on Decision Records
Most engineering leaders think institutional knowledge loss is an inevitable cost of growth. They see departing employees take critical context with them—why certain processes exist, what problems they solve, how trade-offs were evaluated—and assume the solution involves better handoff documentation or knowledge transfer sessions. But as EPSD Advisory Board members Thomas Dullien and Chris Swan learned through building and scaling organizations, the biggest risk isn’t losing people; it’s losing the reasoning behind the decisions those people made.
Read more
Velocity’s Edge Podcast S1E4 - Carla Geisser & Chris Swan on Crisis Engineering
As Carla Geisser puts it: “The incidents that actually matter to how people interact with technology are not security incidents … They are things like, they can’t log into their bank account, they can’t buy their Taylor Swift tickets, they can’t get on an airplane.” And when everything’s on fire, most organizations make a critical mistake: they treat the crisis as the exception rather than the expectation. The companies that survive and thrive are those that understand a fundamental truth: if your business is growing, crises aren’t anomalies—they’re predictable outcomes of scale.
Read more
Selecting a F-CISO, Part III: Making the Decision and Setting Up for Success
This is Part 3 of our series on selecting fractional CISOs. Part 1 and Part 2 covered evaluating experience, program-building skills, cultural change capabilities, and threat response experience. Now we’ll focus on avoiding common pitfalls, making the final decision, and ensuring your F-CISO succeeds.
Read more
Selecting a F-CISO, Part II: Assessing Cultural Change and Threat Response Capabilities
This is Part 2 of our 3-part series on selecting fractional CISOs. In Part 1, we covered evaluating experience and program-building skills. Today, we focus on the harder-to-assess but equally critical capabilities: driving cultural transformation and managing real-world security threats.
Read more
Selecting a F-CISO, Part 1: Evaluating Experience and Program-Building Skills
This is Part 1 of our 3-part series on selecting and managing fractional CISOs. Our previous post explored the strategic rationale for deploying a fractional CISO before hiring your first permanent Chief Information Security Officer. Part 2 covers evaluating experience, program-building skills, cultural change capabilities, and threat response experience.This series provides a comprehensive guide to finding the right change agent for your organization’s security transformation.
Read more
Strategic Deployment of a Fractional CISO
Before hiring their first Chief Information Security Officer (CISO), CEOs and boards should consider a fractional CISO (F-CISO) to build foundational security programs that set the permanent CISO up for success. This strategy addresses a critical disconnect: executives often view security breaches and compliance failures as technical problems, but these business-threatening issues typically stem from cultural and process deficiencies requiring organizational transformation, not just technical expertise.
Read more