What is this place?
Return on Security is a place for me to write about my original ideas on career advancement, cybersecurity trends, and a look behind the business that runs the industry.
This site is information I've experienced and gathered first-hand throughout my career in the field.
Return on Security aims to be one of the most unique resources for cybersecurity professionals worldwide. To have fresh content that people actively engage with and learn from is key.
Return on Security gives situational awareness, inside context, and insights about working in or around the cybersecurity field.
It dives deep into the thinking and mindset of someone who has been a career operator as a cybersecurity person.
Why "Return on Security"?
Return on Security is a play on "Return on Security Investment (ROSI)."
For the uninitiated, Return on Security Investment (ROSI) is a way for organizations to figure out if their cybersecurity measures are really worth the time, money, and resources they are putting in.
When it comes to cybersecurity, ROSI helps companies weigh the financial perks of putting money into things like security tools, tech, and people. Companies want to see if these investments are paying off by cutting down cyber threats and reducing the damage from security incidents.
Think of ROSI as a cousin of the more familiar term "Return on Investment" (ROI), which looks at how well an investment performs compared to its cost.
My investments come from spending my time creating and sharing contributions to the field through this site.
Who are you?
I'm Mike Privette.
I've been in the cybersecurity industry my entire career, from analyst to CISO to entrepreneur and back again.
I've bought (and lived with) 10's of millions of dollars worth of cybersecurity software over the years and worked in many companies growing and building cybersecurity teams. As a result, I have lots of opinions on the business inner workings of cybersecurity from a practitioner’s point of view.
I spend all my time living in the cybersecurity world, leading security teams, talking to founders, advising VCs, and learning from other cybersecurity practitioners while collecting data and studying trends.
I'm really excited that you're here, and I can't wait to share more with you!