Steve Winterfeld

Steve Winterfeld is Akamai’s Advisory CISO. He has strong background in building operational security programs that are compliant with industry regulations. Before joining the team, he served as CISO for Nordstrom Bank, Managing Director of Incident Response and Threat Intelligence at Charles Schwab and Senior Technical Director Cybersecurity & Group CTO at Northrop Grumman. Steve focuses on collaborating with Akamai’s customers to make sure they are successful in defending themselves and their customers. He also helps determine where Akamai should be focusing its security platform’s capabilities. Steve has published a book on Cyber Warfare and holds CISSP, ITIL and PMP certifications.

healthcare, information, health care cybersecurity ransomware

How Hospitals’ Use of GenAI is Putting Patients at Risk Without Realizing It

Steve Winterfeld | February 4, 2026 | AI Governance, AI Security, generative AI, healthcare cybersecurity

Hospitals are adopting Gen AI across EHR workflows, but hallucinations, bias, and weak governance pose real patient safety risks ... Read More

Security Boulevard

InfoSec, programs, cyber agile, risk management, third-party

Cyber Agility Mandate – Transforming InfoSec Programs to Meet Evolving Markets

Steve Winterfeld | December 3, 2024 | cyber agility, Infosec, transformation

Five steps to take that will allow the infosec team to reduce the risk of trailing the latest transformation changes ... Read More

Security Boulevard

API Transformation Cyber Risks and Survival Tactics

Steve Winterfeld | July 16, 2024 | API Abuse, APIs, risk, Vulnerabilities

As you think about how to ensure your APIs are within your risk tolerance, ensure that you have a sound understanding of your inventory and the data associated with them ... Read More

Security Boulevard

Using Scary but Fun Stories to Aid Cybersecurity Training

Steve Winterfeld | May 28, 2024 | Cybersecurity Training, examples, Humor

Need to get your audience’s attention so they listen to your cybersecurity lessons? Share these true stories to engage their attention and, perhaps, make them laugh ... Read More

Security Boulevard

Getting Ahead of Cybersecurity Materiality Mayhem

Steve Winterfeld | February 27, 2024 | Breach, Cybersecurity, Disclosure, Incident Response, materiality, SEC

Cybersecurity leaders must differentiate between strategic (material) and tactical threats in a cross-functional manner and determine 'materiality.' ... Read More

Security Boulevard

disclosure, WAFs, compliance, GRC automation, platforms, compliance, risks, security, GhangorCloud AML regulatory Security GDPR Compliance

A Wake-Up Call for Emerging Cybersecurity Compliance Changes

Steve Winterfeld | January 31, 2024 | CISOs, Compliance, criminal liability, Cyberlaw, Cybersecurity, regulations, risk, security

As the year kicks off, now is a good time to think through what updates to your compliance program might be needed ... Read More

Security Boulevard

AI technology, security, AI security, visibility, insights, security platform, Arctic Wolf, zero-trust encrypted AI Trend Micro cybersecurity poverty line, data-centric, SUSE cloud Wiz Torq AirTag Skyhawk SASE security cloud security visibility PwC Survey Finds C-Level Execs Now View Cybersecurity as Biggest Risk

The Cybersecurity Horizon: AI, Resilience and Collaboration in 2024

Steve Winterfeld | January 25, 2024 | AI, Cybersecurity, horizon, Insights, machine learning, people, processes, Tech

As we peer into the future, it is imperative to acknowledge the profound impact that artificial intelligence (AI) is having on the cybersecurity arena ... Read More

Security Boulevard

CISO, CISOs, solarwinds, security, CISO corporate security

Different Types of CISOs, Diverse Missions

Steve Winterfeld | November 30, 2023 | Akamai, Board of Directors, career, CISO, executive, Talent

There are a range of distinct roles/missions that hold the CISO title. Their ultimate goals are similar, but how they are positioned to do that varies ... Read More

Security Boulevard

wargames cybersecurity ransomware strategy breach prevention strategy cybersecurity

Leveraging Wargaming Principles for Cyberdefense Exercises

Steve Winterfeld | September 18, 2023 | blue team, cyberdefense, pentesting, purple team, Red Team, wargames

Wargames are an excellent way to ensure your cyberdefense plans are solid and your processes are current ... Read More

Security Boulevard

human, risk, error, open source security

Lessons Learned on Finding a Cybersecurity Job After a Layoff

Steve Winterfeld | August 8, 2023 | Careers, Cybersecurity, jobs, layoffs, skills gap

Steve Winterfeld from Akamai shares his advice and thoughts on searching for a new cybersecurity job after a layoff ... Read More

Security Boulevard

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On