Andrew Storms, VP of Security at Replicated, has spent three decades on the frontlines of cybersecurity. From building Unix systems in the early ‘90s to leading incident response and AI security strategies today, he has seen the CISO role evolve from back-office function to boardroom mainstay. In this spotlight, he shares the lessons that shaped his thinking, why storytelling is a critical CISO skill, and how API security is no longer optional. From Reactive Defense to Strategic Inspiration Andrew’s career began in quality assurance at Broderbund Software, testing classic video games like Carmen Sandiego. But then, a spontaneous invitation to join a fledgling Unix team sent his career hurtling in another direction. “We were tasked with getting the company online and building out security,” Andrew recalls. “We’d roleplay packet inspection like a game of chess. That changed how I thought about security – it was baked into everything IT touched.” That early experience inspired Andrew to shift his focus from reactive defense to strategic inspiration – and inspired a lifelong passion for cybersecurity. Transform Cybersecurity from Blocker to Enabler Like many early security professionals, Andrew once saw his role as the “sheriff,” the enforcer of controls. But that mindset, he admits, was flawed. “The turning point came when someone asked, ‘Who are your customers?’ I said, ‘The people who buy our products. ‘They said,” No. It’s the business. The employees. You're here to…Read More