Brex's CISO Mark Hillick on avoiding tool bloat and learning from high-severity incidents

In this week’s episode of The Future of Security Operations podcast, Thomas is joined by Mark Hillick, CISO at Brex. Mark’s experience in the security industry spans more than two decades. He started out as a security engineer at Allied Irish Banks before advancing through companies like MongoDB to become Director and Head of Security at Riot Games. His book, The Security Path, features over 70 interviews with security professionals on their career journeys.

In this episode:

[02:06] His early career journey - from a mathematics background to building early online banking systems
[03:32] What’s kept Mark excited about security for over two decades
[04:40] The compound benefits of growing within a company over time
[07:20] Mark’s leadership style - defined by transparency, directness, and genuine care for his teammates
[12:45] Communicating the business trade-off between risk and return
[16:45] Reflecting on the team’s response to major incidents at Riot Games
[21:00] The unique challenges of securing gaming platforms
[26:30] How Mark approaches strategy and planning in the fintech space
[28:08] The case for building strong, partnership-driven vendor relationships
[31:13] Creating space for creativity - without spreading the team too thin
[34:35] Empowering his team to speak openly - even if it means calling him out
[36:35] The inspiration behind Mark’s books Digital Safety for Parents and The Security Path
[40:20] Connect with Mark

Where to find Mark:

• LinkedIn

• Brex

Where to find Thomas Kinsella:

• LinkedIn

• Tines

Resources mentioned:

• The Security Path - click here to redeem a free copy for podcast listeners (first come, first serve)

• Digital Safety for Parents - click here to redeem a free copy for podcast listeners (first come, first serve)

• Mark's talk during his time at Riot Games in 2016