Craig Taylor
Cybersecurity Expert & Thought Leader — CyberHoot
- Hampton, NH, USA — Eastern Time (EST)
- Flexible Availability
“Craig Taylor is a Certified Information Systems Security Professional (CISSP) and 30-year cybersecurity veteran who co-founded CyberHoot, a security awareness training company now serving over 100,000 end users worldwide. Craig’s core belief is that the hardest cybersecurity problems are never technical — they’re human.”
350+
MSP Partners
50+
vCISO Clients
“Craig Taylor is a Certified Information Systems Security Professional (CISSP) and 30-year cybersecurity veteran who co-founded CyberHoot, a security awareness training company now serving over 100,000 end users worldwide. He has led security teams at JP Morgan Chase, Vistaprint, and CSC, and delivered vCISO services to more than 50 organizations. Craig’s core belief is that the hardest cybersecurity problems are never technical — they’re human.”
Craig Taylor is a Certified Information Systems Security Professional (CISSP) since 2001 and a 30-year veteran of cybersecurity. In 2014, he co-founded CyberHoot, a cybersecurity awareness training company built on a simple but powerful premise: people learn better through positive reinforcement than through fear. CyberHoot serves more than 350 MSP partners, 100 direct customers, and over 100,000 end users worldwide. Craig also leads a cybersecurity consultancy that has delivered virtual Chief Information Security Officer (vCISO) services to more than 50 companies across a wide range of industries and sizes.
Throughout his career, Craig has led cybersecurity organizations at the intersection of high stakes and high complexity. He built and led security teams in web hosting at CSC, financial services at JP Morgan Chase, and manufacturing at Vistaprint, each environment demanding a different approach to culture, risk tolerance, and human behavior. Those experiences taught him that the hardest cybersecurity problems are rarely technical. They are organizational. Getting people to change behavior, make better decisions under pressure, and take ownership of their role in security requires the same skills as any leadership challenge: trust, clear communication, and a culture where doing the right thing is rewarded rather than punished. That insight is the foundation CyberHoot was built on.
Beyond the business, Craig brings a lifelong commitment to service and personal development. He is a Toastmaster, a Rotarian in Portsmouth, NH, and a 12-year Pan-Mass Challenge rider who has raised more than $150,000 for Dana-Farber Cancer Institute, covering 192 miles every August in support of cancer research.
Craig has ridden 192 miles every August for 12+ years as part of the Pan-Mass Challenge, raising over $150,000 for Dana-Farber Cancer Institute — and he’s only ever missed the COVID cancellation year.
- People learn better through positive reinforcement than through fear — and the data backs it up.
- Every employee is part of the security team, whether they know it or not. Culture is the strongest firewall.
- SMBs don't need enterprise budgets to build real cybersecurity resilience — they need the right frameworks.
CyberHoot is built on positive reinforcement rather than fear — what made you choose that approach, and what results have you seen?
After 30 years in cybersecurity across JP Morgan Chase, Vistaprint, and CSC, what's the single biggest lesson you've learned about why security programs succeed or fail?
You've delivered vCISO services to 50+ companies — what are the most common cybersecurity blind spots SMBs and MSPs overlook?
AI is transforming cybersecurity threats — how should business leaders be thinking about AI-powered attacks versus AI-powered defenses right now?
What practical first steps can a non-technical business owner take today to meaningfully reduce their cybersecurity risk?
- What your audience will gain from this episode:
- Learn why the most dangerous cybersecurity vulnerabilities are never technical — they're people and culture, and how to fix them.
- Understand why fear-based phishing tests fail and what positive reinforcement-based training delivers instead.
- Practical frameworks SMBs and MSPs can implement today — from MFA to incident response — without enterprise budgets.
- Cut through the noise and understand how AI is actually changing the threat landscape and what leaders should do about it.
- CISSP Since 2001 — Certified Information Systems Security Professional
- Goldman Sachs 10,000 Leadership Program — Intensive 8-week executive leadership program for founders
- Ascending Leaders in Technology — Inaugural Cohort, NH Tech Alliance
- Leadership Seacoast 2017 — Peer-selected to deliver the final class speech
- Rotary Youth Leadership Award at age 17 — Win-Win thinking and Rotary's Four-Way Test
- Toastmasters Competent Toastmaster designation
- Rotarian since 1997 (Rochester, MN → Portsmouth, NH) — active member today
Free for podcast hosts. We handle the introduction.
We never charge podcast hosts.
Brand
CyberHoot
Location
Hampton, NH — Eastern Time (EST)
Reach
100K+ end users protected
Availability
Flexible — Eastern Time
website
cyberhoot.com
No direct scheduling link — contact us to arrange a recording with Craig at no cost to you.