The Downforce — the debut novel is out now
Cybersecurity leadership concept art

Author · Four-time CISO

Frontline Lessons in
Security Leadership

Assaf Keren — four-time CISO (PayPal, Qualtrics) and author of two books, writing about the human side of leading security.

Assaf Keren at Qualtrics

About Assaf

25 Years on the
Frontlines of Cybersecurity

Assaf Keren is a four-time CISO whose security leadership roles include Qualtrics and PayPal, where he protected one of the world's largest financial platforms.

Assaf served in military and government roles and went on to found and sell two cybersecurity companies. He holds three security patents and is a member of the Wall Street Journal Technology Council.

His book Lessons from the Frontlines, published by Wiley, distills two decades of experience into an honest, people-first guide for security leaders, covering everything from crisis response to building teams that perform without burning out. His novel, The Downforce, brings the same operating model to life through story.

Today he writes about the human side of security leadership — the essays, frameworks, and hard-won lessons collected here.

Get new posts in your inbox

Frameworks and frontline lessons for security leaders. No spam, unsubscribe anytime.

Praise

What Leaders Are Saying

As both a former CISO and current CEO, I wish I'd had this book early in my career. Keren cuts through the noise to deliver what security leadership actually requires: practical frameworks forged through real failures and hard-won successes. This isn't theory, it's battle-tested wisdom that will make you more effective from day one.

Guy Bejerano, CEO, SafeBreach

I've known and admired Assaf for years. What makes this book so powerful is that it's not theory – it's hard-won lessons from someone who has built, rebuilt, and led security at the very top. Any current or aspiring security leader will walk away with practical insights they can apply immediately.

Sid Trivedi, Partner, Foundation Capital

Building and sustaining security in major enterprises is much more than a technical discipline. Rather, it's an intense leadership challenge balancing influence, grit and team building. Assaf's personal journey revealed in this book contains lessons for all security professionals - whether you are starting out or an established leader you will love this.

Phil Venables, Former CISO, Goldman Sachs / Google Cloud

Having worked alongside Assaf and navigated the high-stakes chaos of massive incident response under his leadership, I can say with certainty that this book captures the raw reality of cybersecurity at scale. The Downforce isn't a playbook or a manual; it's a gripping story that reflects the high-pressure act of managing technical crises while protecting business trust. The chaotic energy, the split-second decisions, and the stress of executive communication are incredibly authentic to what we experienced. Assaf distilled years of real-world, high-consequence battle scars into an invaluable, highly engaging masterclass.

Renana Friedlich-Barsky, CISO, LPL Financial

Finally, there's a book that absolutely nails the high-stakes reality of running security at a fast-paced tech company. The story perfectly captures the tension of vendor breaches, regulators, and the immense personal toll the job takes on a leader. Highly recommended for any security professional or executive, or really anyone who wants a fresh perspective on high-stakes roles.

Dimitry Shvartsman, CPO & Co-Founder, Prime Security
As both a former CISO and current CEO, I wish I'd had this book early in my career. Keren cuts through the noise to deliver what security leadership actually requires: practical frameworks forged through real failures and hard-won successes. This isn't theory, it's battle-tested wisdom that will make you more effective from day one.

Guy Bejerano

CEO, SafeBreach