EP67: Threat Exposure Clarity, CISO Certification Origins & Startup Security Strategy
Live from CISO XC DFW, this episode of The Professional CISO Show features two powerhouse conversations. First, David Malicoat sits down with Critt Golden of Hive Pro to demystify Continuous Threat Exposure Management (CTEM) and explore how Hive Pro helps CISOs move from fragmented assessments to unified risk clarity. Then, we hear from Eric Svetcov, CISO and VP of IT at XCures, co-author of the original CCISO Body of Knowledge, and ISO 27001 pioneer at Salesforce, as he shares candid lessons from shaping certifications and securing SaaS startups.
š From understanding attacker-centric threat exposure to the real story behind Salesforceās first ISO 27001 certification, this episode is packed with actionable insights for CISOs and rising security leaders alike.
Key Highlights:
- Why CTEM is a process, not a product
- Hive Proās mission to unify fragmented assessments
- Asset criticality, risk prioritization, and validation
- The origin story of the EC-Councilās CCISO certification
- ISO 27001 at Salesforce: Lessons from the first SaaS certification
- Security tooling strategy in early-stage startups
- Real-world CISO challenges, from certifications to budgets
Guest Info:
- Critt Golden, Vice President at Hive Pro
- Eric Svetcov, CISO & VP of IT at XCures; co-author of EC-Councilās CCISO Body of Knowledge
š Hosted by David Malicoat, CISO and founder of The Professional CISO Show.