About | Office of the CISO

By

 

About the Author


I’m Erich Horst. A battle-tested cybersecurity leader with more than 30 years of hands-on experience in technology and security.

My journey began on a help desk. From there, I worked through desktop support, servers, networks, infrastructure engineering, and architecting resilient systems. That deep foundation in building and running real infrastructure gave me a practical understanding of how systems actually work under pressure.

This experience allowed me to organically transition into cybersecurity. I’ve carried the same tenacity and operational mindset into the security world, helping organizations assess and improve their Infosec maturity and strategy. I’ve led security initiatives across complex environments, including healthcare, and now operate as a fractional vCISO, providing strategic security leadership to organizations in South Central Kentucky and the Nashville Metro area.

I hold the following certifications:
  • CISSP
  • CISM
  • SSCP
  • AAISM
I also earned a Master’s in Business Management & Leadership and a Bachelor’s in Cybersecurity & Information Assurance from Western Governors University.

I am deeply committed to continuous learning; the cybersecurity landscape evolves too quickly to ever stop growing. I stay current through ongoing education, research, and real-world application, and I actively seek opportunities to mentor the next generation of security professionals, sharing hard-earned lessons from the trenches.

Why This Blog Exists

The Office of CISO Intelligence was created because the cybersecurity industry is full of hype, vendor promises, and recycled advice that often doesn’t align with the realities leaders face in the trenches.

Here I share unfiltered, practical insights drawn from real operations — the kind that come from someone who started at helpdesk and has spent decades building, breaking, and defending systems. 
You’ll find honest discussions on:
  • Why flawed leadership is one of the biggest drivers behind the talent shortage
  • How the human factor continues to outweigh technology in most breaches
  • Practical lessons from DMARC deployments and other foundational controls
  • The real challenges of building resilient security programs
  • Hidden truths that most security leaders won’t say out loud
No fluff. No buzzwords. Just straightforward strategies that reduce risk and help leaders make better decisions.

If you’re a CISO, security director, or practitioner who values experience over theory, welcome. This is a space for honest conversation about what actually works in the field.
Opinions expressed here are my own and do not constitute formal consulting advice.
I’d welcome your thoughts — feel free to leave comments on the posts or reach out directly.

Erich Horst
Office of CISO Intelligence
Bowling Green, Kentucky

Comments

Post a Comment