CyberOXtales
Join Neatsun Ziv, CEO of OX Security, in this bi-weekly, 20-minute video podcast designed for senior-level security professionals. Each episode features one guest and includes 3-5 questions, delving into key areas such as cybersecurity leadership and strategy. Gain insights into the strategic aspects of being a CISO, developing effective cybersecurity policies, building a security-minded culture, and aligning security strategies with business objectives. Stay updated on emerging threats and trends, focusing on the latest cybersecurity threats, trends, and techniques affecting application security. Additionally, explore compliance and regulatory updates, with discussions on the evolving landscape of compliance and regulations impacting application security, including CISA Directives, GDPR, CCPA, and HIPAA. Learn how CISOs can navigate these requirements effectively. Featuring conversations with CISOs, security experts, and thought leaders, this podcast is your go-to source for high-level and strategic communication of risk.
CyberOXtales
Building a Risk Narrative: Gary Hayslip’s Cybersecurity Playbook for Executives
Building a Risk Narrative: Gary Hayslip’s Cybersecurity Playbook for Executives
In this episode of CyberOXtales, host Neatsun Ziv, CEO of OX Security, sits down with Gary Hayslip, CISO at SoftBank Investment Advisors, to explore how CISOs can build risk narratives that influence business decisions. Gary shares lessons from his experience in five CISO roles and emphasizes why cybersecurity leaders must act as business executives first. He outlines how to align strategy with operations, engage with boards through compelling storytelling, and maintain peer-driven situational awareness in a fast-moving threat landscape.
About Our Guest:
Gary Hayslip is the Chief Information Security Officer at SoftBank Investment Advisors (the Vision Fund). With a career spanning more than two decades, including roles in both government and private sectors, Gary has led security teams at Webroot, the City of San Diego, and more. He’s a systems thinker with a strong operational background rooted in his military service and is known for his strategic approach to cybersecurity leadership.
Connect with Gary: LinkedIn
Key Takeaways:
- CISOs are Business Executives First – Gary emphasizes that cybersecurity leadership today is about managing risk, enabling operations, and supporting business goals.
- Build a Tailored Risk Narrative – A one-size-fits-all story doesn’t work. Risk narratives must reflect the unique needs, operations, and regulatory context of the business.
- Storytelling Drives Strategy – Gary uses risk/threat matrices, control frameworks like NIST CSF, and ongoing assessments to communicate a clear story to executive teams.
- Peer Networks are Essential – Active engagement with fellow CISOs helps benchmark strategy and adds credibility in boardroom discussions.
- Balance Ops and Strategy – Mornings are for operational awareness; the rest of the day is for strategic collaboration, reporting, and forward-looking planning.
Listen to this episode of CyberOXtales to learn how Gary Hayslip builds risk narratives that resonate—from the boardroom to the security operations center.