It’s hard to get CISOs to speak in public about their security programs. They can’t admit what they did wrong or reveal what they did right. It’s time for true confessions. This presentation will speak for the voiceless in response to annoying questions like, “Why can’t I have a long password?” “Why does it take a year to fix this security flaw?” and “Can you really fly a plane sideways?”