{“lastseen”:”2025-12-19T14:05:12″,”description”:”Lefteris Tzelepis, CISO at Steelmet \/Viohalco Companies, was shaped by cybersecurity.\\n\\nFrom his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a practitioner\u2019s mindset to leadership and incident response.\\n\\nIn this spotlight, he shares how military-grade security thinking influenced his approach, why people management is the hardest part of the job, and what it really takes for security to support the business.\\n\\n## From the Barracks to the Boardroom: Lefteris\u2019 Cybersecurity Journey\\n\\nLefteris says that he never really started in cybersecurity; he was raised by it. As a young man on his military service duty, Lefteris found himself at the Greek Ministry of Defense. While there, he spent 11 months alongside a team of security specialists.\\n\\n\u201cThat\u2019s where I first learned about security,\u201d he said. \u201cI learned how to configure Linux and OpenBSD firewalls, even before understanding routing. Seeing attacks on the ministry’s websites was fascinating, and that started everything.\u201d\\n\\nAccording to Lefteris, this was his first introduction to what was later named as security-by-design principles.\\n\\n\u201cThese guys weren\u2019t trying to conquer every hacker,\u201d he said. \u201cThey were trying to block all the possible ways that someone could find to attack the ministry. I found that fascinating.\u201d\\n\\nAfter his military service, Lefteris started his career as a computer and network engineer, but remained drawn to the security aspects of his work. During this time, he gained valuable experience managing customers and projects at various service provider companies.\\n\\nThe real shift in his career, however, came when he joined the Greek National Lottery.\\n\\n\u201cWhen I joined in 2014, the security officer left shortly after, creating a vacancy,\u201d he said. \u201cAs a Network Security Engineer, I stepped up to lead the IT Security efforts, essentially establishing the role. Suddenly, I found myself project managing and leading internal and client engineering teams.\u201d\\n\\nToday, Lefteris holds a group CISO position, overseeing security for a large number of companies in the industrial sector. But as he worked his way up the corporate ladder, he learned a thing or two about what it means to be a good leader.\\n\\n## Tough Roles Require Soft Skills: People Management and the CISO\\n\\nAccording to Lefteris, people management has been the biggest challenge of his career. As he moved up towards the CISO position, his focus crept away from technical expertise and towards soft skills.\\n\\n\u201cA speaker at a webinar I attended once said that moving up the security ladder into management means losing technical depth. That annoyed me a little,\u201d he said. \u201cBut I realized it’s true: your primary focus does shift to managing people. If you are an Information Security Manager, you are first a manager, then an information security professional. \\”\\n\\nThe hardest part for Lefteris was finding that he couldn\u2019t just \u201cattend a seminar\u201d to gain these skills. You need to learn on the job.\\n\\n\\”To evolve successfully, you must constantly observe your surroundings, paying close attention to people’s mindsets, their capacity and willingness to listen, and their comprehension during good times and bad. I haven’t found the magic recipe for this; it’s an ongoing process,\u201d he said.\\n\\nUltimately, Lefteris wants to inspire and empower his team as a leader, not just a boss.\\n\\n\\”Being a boss is totally different from being a leader. When I look in the mirror, I want to be a leader – I want my people to work with me because they believe in the objective, not just because I asked,\u201d he said.\\n\\n## The Evolving Role of the CISO\\n\\nFor Lefteris, there are three types of CISO: the operational, the tactical, and the strategic.\\n\\n\\”While every organization is different, climbing the ladder in the CISO domain demands two things: you must become strategic, and you must remain closely connected to the business,\u201d he said.\\n\\nHe argues security fundamentally exists to support the wider business. That means CISOs must know where the business is going, and tailor their program to support that path.\\n\\n\\”While we’ve often discussed finding the balance between business and security,\u201d he said. \u201cI now argue that we must actively support the business. This is the only way to achieve a win-win scenario.\\”\\n\\nLefteris also carefully observes trends foreseeing IT functions reporting directly to the CISO.\\n\\n\\”I’ve seen a trend and read studies where the IT function is moving under the CISO role,\\” he explained. \\”This happens because these organizations recognize the importance of cybersecurity hygiene, and a major function of IT is to serve those security requirements.\\”\\n\\nHowever, Lefteris expressed concerns about this model, noting that it might not be sustainable in the long term. \\”I’m not sure I believe in that,\\” he said. \\”Because it means putting more concerns under the CISO umbrella. And there’s already too much under that.\u201d\\n\\nAs the CISO role continues to evolve, Lefteris underscores the importance of carefully considering the scope and structure of the role. He wants to ensure that CISOs are not overburdened with responsibilities that detract from their core mandate: security.\\n\\n## Efficient Incident Response = Strong Security\\n\\nLefteris argues that cultivating a security team capable of responding to security incidents is one of the most crucial tasks for a modern CISO. For him, the Incident Response Leader is the focus of all incident response efforts.\\n\\n\\”When an incident occurs, you need an Incident Response Leader who takes charge. Everyone must stop and gather around them to receive a list of action items. Even if it’s a known playbook, the Leader must be in command,\\” he said.\\n\\nSecurity teams, for Lefteris, must be prepared for reflex reaction during a security incident. Rather than relying on ad-hoc responses, he advocated for establishing clear, well-rehearsed playbooks that the team can execute almost without thinking.\\n\\nAccording to Lefteris, all incidents must be treated with \u201czero tolerance for process bypass.\u201d That builds the muscle memory and automated reflexes needed for critical events.\\n\\n## Visibility and Secure Coding Define API Security\\n\\nAs AI is used more and more even in Operational Technology (OT) settings, since businesses cannot afford to delay AI adoption, APIs have become the machine-to-machine backbone of modern infrastructure. A single misconfiguration can bring down an entire system.\\n\\nTherefore, visibility and discovery are where everything starts.\\n\\n\\”You cannot protect what you don’t know,\\” he stated. \u201cNo attacker will knock on your front door, they\u2019ll go straight for the APIs.So, the number one challenge is to know your factory, know your plant, know your business, know your organization. You must understand how many APIs you have and what data they handle. You need to know everything if you want to do security effectively.\\”\\n\\nLefteris also emphasized the importance of robust API security practices, including secure coding.\\n\\n\\”Secure coding is crucial,\\” he said. \\”This involves training developers, evaluating their work using tools like SAST and DAST, conducting secure code audits, and maintaining a robust launch process with regular assessments.\\”\\n\\nHowever, Lefteris recognized that even with these measures in place, gaps can persist. But he urged organizations not to simply \\”destroy everything and build it all over again.\\” Instead, he advocated for a more measured approach. \u201cConduct pre-production security assessments to identify what needs modification rather than destroying everything and building from the ground up later on.\u201d\\n\\n## Even CISOs Need a Break from Technology\\n\\nLefteris closed by outlining his dream vacation. He wasn\u2019t fussy; he merely wanted to be somewhere without cell phone reception or technology, but with his family.\\n\\nWant to find out how Wallarm\u2019s platform aligns with Lefteris\u2019 view of API security? Take a product tour today.\\n\\nThe post CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate appeared first on Wallarm.”,”published”:”2025-12-19T13:38:18″,”modified”:”2025-12-19T13:38:18″,”type”:”wallarmlab”,”title”:”CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate”,”source”:””,”references”:””,”id”:”WALLARMLAB:A367AAFE4C8C1A31654EF03C8DC7357C”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/lab.wallarm.com\/ciso-spotlight-lefteris-tzelepis-leadership-strategy-modern-security-mandate\/”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-12-19T14:05:12″,”description”:”Lefteris Tzelepis, CISO at Steelmet \/Viohalco Companies, was shaped by cybersecurity.\\n\\nFrom his early exposure to real-world attacks at the Greek Ministry of Defense to building…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,13,33,7,11,5,105],"class_list":["post-32248","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability","tag-wallarmlab"],"yoast_head":"\n