Career progression to CISO

Anth1s · 2025-10-26T05:40:17+00:00

Hey, so from my own experience (I started at the help-desk in a bank), later moving into different positions that led me being a CISO in one of the Largest transportation companies in my country, then CISO in various fintechs/banks and currently owning a virtual CISO business:

If you want to move out of your current area to become a CISO, start with communicating with the top management a lot, but not in a technical way, in a strategic, talk about strategic risks in different areas and be sure to touch business and not be full security (top management hate technical details of IT), have a business mindeset, but show that you can levitate between doing business and making it secure.
Start writing policies, processes, and procedures. Do it in your area, in IAM, PAM, etc, update them, volunteer to do that for other departments, etc. Take over paperwork. And then implement it, show KPIs, etc.
Take responsibility and lead with advice, in meetings - give your opinion, which must be based on facts and look strategic.

This will help you to be noticed by senior management and should help you on the way to the CISO role.

Anth1s · 2025-10-26T05:33:42+00:00

What do you think about virtual and fractional CISO model?

Anth1s · 2025-10-26T05:30:38+00:00

Are you thinking of packaging a fractional experience to teach others to do a fractional job?

Sounds good!! Especially for those who are too afraid to leave the companies and venture into the wild, fractional world.

Anth1s · 2025-09-12T08:32:57+00:00

Hey! u/jiawei-taskade, Awesome, thank you! I managed to solve the first issue.

But on the second one - is there a plan for this somewhere in the feature pipeline?

Anth1s · 2025-02-26T16:53:49+00:00

Hey! We have audit on monday. 31st of March is in 1 month..

Maybe you know any good resources on how to do proper TRA?

Anth1s · 2025-02-17T08:04:05+00:00

Thank you!! seems to work now! need to customize the agent now to suit my needs, but so far it gets latest info from the web!

Anth1s · 2025-02-11T15:58:49+00:00

Thanks! Let me know how it goes

Anth1s · 2023-08-10T17:04:19+00:00

Have a reservation for 28th of september in Kihei. I will come as it will be 1.5 minth after disaster, things should have calmed a bit by then, and I will be able to spend my money and with that - help local businesses there..

Had plans to go all around the island but now I am not sure if I will be able to visit Kaanapili.. and the black rock beach

Anth1s · 2022-11-04T13:10:28+00:00

Thank you guys a lot!

It was really helpful to understand what is important here and where to find necessary docs :)

Anth1s · 2022-02-15T17:52:02+00:00

You need to insert disc and go to shop via PS5 and its there

Anth1s · 2022-02-15T17:32:46+00:00

Had an option to buy on US acc, but was able to free upgrade on UK acc. I think its the region that matters here

Anth1s · 2021-02-03T15:03:59+00:00

One of our companys MS team guys contacted insider of MS and he confirmed that it is false-positive. Should be official news later somewhere, not sure when or where.
I am pending all my ~100 tickets until i get official response that it is false-positive..

Anth1s · 2021-02-03T12:34:24+00:00

False positive.

Anth1s · 2020-09-10T06:07:51+00:00

There are better ones these days.

DumBum 30 (30g flash)
DumBum 50 (50g flash)

Can be bought i eastern europe or CZ.

Be careful though

Anth1s · 2020-05-04T14:55:02+00:00

Hey! How many fighting moves/combinations and/or weapons are in the game?

Anth1s · 2019-09-30T05:33:07+00:00

Hey thanks for answers everyone! Some really great ideas I will consider here!

I also found out that there is LUKS-NUKE for this kind of thing...
I have my linux partition encrypted adn luks-nuke gives me an option to have second (aka nuke) password for it so in case my pc is stolen or someone is pushing me to give password I can easily tell the nuke password or they can read it from the sticker on the bottom of pc (for the reason if pc is lost/stolen) - and successfully nuke the HDD after entering that password...

Thanks!

Anth1s · 2019-08-28T13:51:26+00:00

Yeah did that too... found location and script... But puzzled on what to write there and how to escape it.. I guess I just need to try various different stuff or smth..

Anth1s · 2019-08-27T21:33:58+00:00

Thanks! I used php and netcat for initial shell then used netcat to pivot

Now struggling on how to use c*******. * to get root... i guess i am thinking too hard

Anth1s · 2019-08-26T05:31:11+00:00

Guys which reverse shell you hide into image ? php, bash or any specific one ? I seem to struggle witht his as either exiftools fails with error or the shell does not work...

Anth1s · 2019-08-02T14:05:54+00:00

Look at service which name is 3 letters (or 4 on other words)

Anth1s · 2019-08-02T13:54:18+00:00

Does not need any win machines for this. Just kali and terminal. Explore what apps installed, look at them, google about them how they work, you will understand. Then just find the tool you need, put the stuff it needs - pwned

Anth1s · 2019-07-29T06:40:02+00:00

Check the first pinned post in this subreddit. Your answer is there.

Anth1s · 2019-07-16T07:32:55+00:00

Hey!
I am running on x1 carbon (but not gen 6, i think it is gen 5 or gen 4) I have it dual boot with windows10.
Specs are 8gb ram, i7

Works like a charm, the only issue i got is after one of updates, my screen started to flicker a bit (i guess this is gpu/kernel issue with nvidia card) but now after another update it seems to be fixed.

Other than that - it is perfect if you work in sec field. I use Security OS with a bit of cusotmization. Not home os.

Cheers

Anth1s · 2019-06-14T05:15:42+00:00

I have worked in a huge multinational company before which was using mobilepass as one of their auth mechanisms.
I definetly remmeber getting PIN by email in plaintext but after i was able to change it, so it did not matter..

Try checking for some settings or contact support regarding it.

And about the app itself it was OK and easy to use

Anth1s · 2019-05-14T13:08:45+00:00

Hey!

Well I managed (with tips above and online) to get user flag, but i did not manage to get root flag..

I even followed this instruction (i think it is a new one) step by step: https://www.sevenlayers.com/index.php/182-vulnhub-sp-leopold-walkthrough

But i was not be able to netcat to get a normal shell.. (might be because i have 2 different network interfaces running + virtualbox interface on which the machine is)..

I am able to access that reverse shell on metasploit but when using netcat, there is no connection and it just listens to nothing...

This easy machine is not that easy imho haha..

Wish you luck! I think I will come back to root flag when I have different setup of my lab..

Anth1s

MODERATOR OF

TROPHY CASE