From Chef to CISO: An Empathy-First Approach to Cybersecurity Leadership

TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTogether, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.Myke Lyons, CISO at data-processing SaaS company Cribl, shares how he cooked up an unconventional journey from culinary school to cybersecurity leadership.October 28, 2025Welcome to Dark Reading's "Heard it From a CISO" video series, showcasing advice on breaking into and advancing within the cybersecurity field from those who have been there.In our latest installment, Dark Reading associate editor Kristina Beek interviews Myke Lyons, chief information security officer (CISO) at Cribl, who shares his unique background of working in the culinary world as a chef prior to pivoting to cybersecurity. His journey from culinary school graduate with dreams of becoming a food critic to leading cybersecurity at a major IT and security data pipeline company gave him a unique sense of discipline (mise en place, recipes, service culture), and shaped his approach to security strategy and crisis response.Rather than focusing solely on technical credentials or a formal cybersecurity education, Lyons prioritizes curiosity and hunger for learning as the most critical qualities in potential hires. His approach emphasizes empathy as a cornerstone of security culture, encouraging his team to view security incidents not as failures to be punished, but as opportunities to coach and educate colleagues.Lyons also ladled up a pragmatic perspective on the future of the industry. He acknowledges that artificial intelligence will fundamentally change both offensive and defensive cybersecurity operations, requiring professionals to be more thoughtful about technology adoption while maintaining focus on measurable outcomes. His advice to newcomers remains consistent with his values: perfect your craft, work for organizations you believe in, and never stop learning.Related:From Power Users to Protective Stewards: How to Tune Security Training for Specialized EmployeesAlso, check out our other installments in this series: "Fastly CISO: Using Major Incidents as Career Catalysts" with Marshall Erwin, CISO at Fastly; "From FBI to CISO: Unconventional Paths to Cybersecurity Success" with Kaseya CISO Jason Manar; "Cyber Career Opportunities: Weighing Certifications vs. Degrees" with longtime CISO Melina Scotto; and "Male-Dominated Cyber Industry Still Holds Space for Women With Resilience" with Weave Communications CISO Jessica Sica.This transcript has been edited for clarity.Kristina Beek: Hi, everyone. My name is Kristina Beek, and I'm an associate editor with Dark Reading. I'm here for another episode of "Heard it From a CISO," and today I'm joined by Myke Lyons, CISO at Cribl. Thanks so much for being here, Myke.Myke Lyons: Nice to meet you, Kristina. I'm glad we're gonna have this conversation today.KB: Awesome. So, let's just start from the beginning. Why don't you tell us about your current role as CISO and what Cribl does?Related:NIST Enhances Security Controls for Improved PatchingML: Fantastic. So, I'm the CISO here at Cribl. At Cribl, we are the IT and security data pipeline and telemetry solution. We are really aware what's important to IT and security folks is trying to learn and manage and deal with the volume of data that is coming out of their systems and their software and their SaaS technologies and trying to help ensure that the right data goes to the right place as quickly as possible to ensure that you're applying the right dollar amounts to the right places, but also getting insight and context around the various threats and disruptions that we see across various businesses, both in IT and security.KB: Awesome. So CISO is kind of sort of like viewed as like a top cybersecurity leadership position. And for some people it takes, you know, it's a long road to get there. What does your education and just career background look like and how did you first get involved in cybersecurity, and I know this is a bit unique for you since you have a background of being a chef.ML: I do. I thought it was so regular. Everybody went to culinary school and they end up being a CISO. I thought that was the path we all took. I guess it is a bit unique. I wanted to be a chef and then I wanted to be a food writer and then I wanted to be a food critic. And so, I went to culinary school. I was fully in the culinary world. I went and got a summer job moving printers for a family company or a friend of family company and I was pretty good at picking things up and putting them down. The woman who I was partnered with was the tech side, and she was smaller than most of these printers that we were moving around at that time. So, I was her muscle and she was the brains of the operation, and probably still is the brains of the operation. Frankly, she taught me how to do things like copy and paste. My wife was actually way more savvy or is way more savvy with technology than I am now, and so I kinda learned how to use a computer by learning how to break them in many ways. So, I would get computers sort of out of the bin or they were getting deprecated and I would start to build little labs and things like this to really get under the hood. Learn about IP and learn about OSI models and application deployment, how automation and workflows worked, how data was moving and was important to us. And so interestingly enough, my first security job was actually in logging and in telemetry. And so that was back a long time ago, like 2003, and now I'm sort of full circle back in a full-time security role, but at a company that does telemetry and deals with logs and traces and metrics and things like that.Related:When One Hospital Gets Ransomware, Others Feel the PainKB: Awesome. Would you say, so you talk about how you were fully in the chef culinary world before transitioning into cyber. Once you were in cyber, would you say that becoming a CISO was like a goal of yours or did it sort of just happen along the way?ML: I don't even know that there were any CISOs in 2003, 2004. Maybe there was, but it would have been like the earliest. So, it was very IT oriented job. So, CIO was sort of the pinnacle of the career for a technologist. I really wanted to be like an architect. I always wanted to be that super technical person and diving in. And then I kind of hit a point at which I started doing some people management for a few years and I realized that there was a broader opportunity within just technology as a market and as a group of people to help others sort of uplift themselves from whatever they were thinking they were doing, a conventional role that they were maybe going after, like doctor, lawyer, plumber, electrician, those types of things. And there was this other really budding space, which was like technology was changing so quickly and there was just a gap. And I think the background of the individual or their experience or what they did was less critical. And what was really important was their sort of eagerness to learn and to take those sort of learnings that they had had about how to learn and run with them. And so, as the CISO, I started to realize that there was a way to tap into others and sort of curate that or grow that or fertilize that or whatever analogy you'd like to use to just get them excited about these things. Or if they were excited about learning, maybe this was an area that was super interesting to them. And so even to this day, I don't necessarily hire people based on where they were or what education that they have. Not that I don't think those things are important, but I think it's the personalities and that eagerness that is the most critical for anyone trying to get into cyber.KB: Awesome. So, in terms of you, you brought up hiring people. How would you say is the best way for someone to enter this field, whether it be like what kind of roles to apply to or what kind of background to have, whether it be like a formal cyber-related, you know, four-year degree or maybe different certificates that they could get. Like what would you advise?ML: I don't know that there's any school out there that has functional practitioners that are teaching all of the subjects. So, I would anticipate that take the learnings that you've had from university, whether it's a cyber learning or just some other learning, could even be a chef's learning or culinary or knife skills or something like that. What I would really start to think about is, is there a better way to do what you're seeing? Like if you're a person who's getting phishing messages, cause you probably are, everybody gets them, whether they're LinkedIn or WhatsApp or Instagram phishing messages, like they're coming. I get text messages from random numbers on a regular basis. Are you curious about that? Like, is that something that would be interesting to you to find out how those things happen, where they come from? Like, what's the etymology of that particular text message that you've received? And then the next thing is we're coming up against arguably the most interesting time in technology, and that is this adoption of AI capability. Which who knows what the limits are there? I don't, and I don't know that anybody does. I think the upside is just so amazing. So, if you're coming out of school, I've met with some more parents of these graduates rather than the graduates themselves that are like, well, they know they graduated and their job that they were going to go for is going to be replaced by AI. It's not. It's not that we're going to hire someone who comes in with these learnings or how to understand how to use thes