The Candid CISO

The Candid CISO

Home
Notes
Chat
Membership
Archive
About

About Us

Elevating the next generation of cybersecurity leaders.

At Candid CISO, we know there’s no blueprint for leading security in today’s world. Cyber leadership is forged under pressure—through risk, regulation, burnout, and board meetings.

We support current and future CISOs by sharing unfiltered stories and practical strategies from those who’ve led through complexity. Our platform offers a growing library of CISO insights, playbooks, and frameworks—sourced directly from experienced leaders across sectors.

Candid CISO explores the reality of modern security leadership through deep-dive conversations, first-hand lessons, and actionable content, including:

  • Podcast: No-fluff conversations with CISOs, vCISOs, and executive security leaders on the real challenges behind the title—and what it takes to lead through them.

  • Playbooks: From AI governance and identity strategy to board reporting and incident response, each guide breaks down what strategic CISOs are doing differently.

  • Lessons Learned: Raw, personal accounts from cybersecurity leaders—what worked, what didn’t, and what they wish they’d known sooner.

  • Live Events: Join us for live recordings, executive roundtables, and off-the-record dialogues tackling the most urgent issues in security, trust, and leadership.

Who We Are

Steve Tout is the producer and co-host of The Candid CISO, a podcast for cybersecurity leaders who are tired of the noise and ready for the truth. A longtime strategist and founder of Identient, Steve created the show to pull back the curtain on what it really takes to lead in a system that was never built for CISOs to succeed. With a background spanning Fortune 500s, high-growth tech, and public sector transformation, Steve brings a sharp, business-first lens to every episode—balancing hard-earned insight with real talk from the front lines.

John Donovan is the co-founder and co-host of The Candid CISO, and is an active member of the cyber-security community in the San Francisco Bay Area and beyond. He is an investor and advisor to security technology companies and is a founding member of SVCI. John has been a speaker and participant in webinars, private events, and conferences such as RSA Conference, Defcon, BSides, FWD:cloudsec, Identity World, and Cornerstones of Trust.

John is passionate about developing the next generation of cyber-security engineers and leaders. He has partnered with businesses, non-profits, and educational institutions to bring content and opportunities to students and people looking to break into cybersecurity. He is a founding board member of ISLF and is a Shepard for the Wall of Sheep and the Packet Hacking Village at DEFCON. John is past president and director-at-large for the Silicon Valley chapter of ISSA.

The Candid CISO is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

User's avatar

Subscribe to The Candid CISO

No BS insights, guidance, and best practices from experienced CISOs for CISOs to help organizations improve their cybersecurity posture and business outcomes.

People

Steve Tout

@stevetout
Steve Tout's avatar
Founder, advisor, podcaster, runner
© 2025 Steve Tout
PrivacyTermsCollection notice
Start writingGet the app
Substack is the home for great culture