In this episode of The New CISO, host Steve Moore speaks with Dr. Timo Wandhöfer, Group CISO and Head of Information Security & Business Continuity Management at Klöckner & Co, about the evolving responsibilities of modern CISOs and why influencing—not just convincing—stakeholders is essential for success.

From his early career as a researcher in computer science to leading global security and resiliency efforts in the steel industry, Timo shares how critical thinking, skepticism, and cross-functional collaboration shaped his leadership style. He reflects on the dangers of overconfidence in detection, the risks of over-relying on tools, and the lessons learned from merging information security with business continuity. Timo also explores how AI can both accelerate remediation and introduce new risks, and why resilience planning and transparent communication are at the core of effective leadership.

Key Topics Covered:

• The evolving role of the CISO: from protection to resilience and adaptability
• How research skills translate into critical thinking and cross-functional collaboration
• Why overconfidence and lack of visibility remain major pitfalls in security programs
• The importance of transparency, maturity, and asset inventory for strong defenses
• Resiliency planning: ransomware recovery, crisis management, and operating models
• Insider threat investigations and the role of HR, Legal, and IT in response
• The shift from convincing to influencing stakeholders through dialogue
• The promise and risks of AI and automation in remediation and decision-making
• Why today’s CISO must be a communicator, storyteller, and business leader

Timo’s journey highlights how resilience, adaptability, and influence define the “new CISO.” His insights provide a roadmap for leaders who want to strengthen security programs, build trust with stakeholders, and guide their organizations with both technical and business acumen.