From the top

CSO Spotlight: Grant Bourzikas, McAfee

The skills shortage is real, is likely bigger than most estimates suggest, and isn't just about the sheer numbers of people, says Bourzikas. His advice for aspiring IT leaders: emphasize and encourage diversity of thought on your teams.

grant bourzikas mcafee
Courtesy of McAfee

As CISO & VP of McAfee Labs Operations, Bourzikas is responsible for the company’s cybersecurity and physical security strategy, including security architecture and solutions delivery, security governance, risk and vulnerability, and security operations and intelligence programs. He also oversees the company’s threat intelligence team and analytics for customers. Prior to joining McAfeee in early 2017, Bourzikas served in several other positions leading cybersecurity strategy, architecture, engineering and operations. Here, he shares his career path and offers advice for aspiring security leaders.

What was your first job? After college, I got a job at one of the top 5 public accounting firms, leading cybersecurity technical attack and penetrations, risk assessments, and strategy development and consulting teams.

How did you get involved in cybersecurity? Cybersecurity always interested me. While I studied for my accounting degree, I was building websites and one of them was defaced. This piqued my interest in cybersecurity, and I began reading everything I possibly could about cybersecurity, networking, operating systems, along with learning C++, J2EE, SQL, and Python. Because of this interest and the talent shortage in cybersecurity, the public accounting firm asked that I join the national cybersecurity practice.

Tell us about your career path. My college degree was in accounting, so naturally that’s where I my career path began. Fortunately, my detour with my first job and joining the firm’s cybersecurity strategy and assessment consulting team set me on a new path. It was the perfect storm, really. Cybersecurity was something that always interested me, and I enjoyed reading up on it in my spare time. Since then, nearly my entire career has been spent in cybersecurity strategy, architecture, engineering and operations — for both tech, non-tech, and now a cybersecurity company — spanning gaming, finance, and utilities.

Several years ago, I also took a brief hiatus from cybersecurity and ran the back and middle office operations for a brokerage. It was a fascinating time because it taught me a lot about process discipline within business operations, which is now being applied into our own security operations center.

To continue reading this article register now

22 cybersecurity myths organizations need to stop believing in 2022