Welcome to Heuristic Security

Hello, I am Michael Lines, the founder of Heuristic Security and the creator of the Heuristic Risk Management approach to cybersecurity program development: a simple and effective method for developing a risk-based and business-aligned information security program.

I have been at the forefront of cyber security leadership for global organizations, including FICO, TransUnion, and PricewaterhouseCoopers, for the past 25 years. With extensive experience as a Chief Information Security Officer, I have built security organizations that spanned the globe, all while dealing with the complexities of different cultures, technologies, and regulatory environments. This background has given me a deep understanding of what it takes to develop effective risk-based cybersecurity programs. Today, I leverage that experience to advise boards and C-suite leaders on how to ensure that their security programs are aligned with their business needs and risk appetite.

In today’s ever-evolving threat landscape, strong oversight of your security program is not only essential to protecting your enterprise; it is increasingly a regulatory obligation. Having someone who can provide experienced, practical advice regarding your security program can spell the difference between surviving a cyber security incident with minimal impact or spending millions in fines, lawsuits, and regulatory sanctions.

In addition to advisory services, I also do podcasts, write articles, and present at conferences on cybersecurity and risk topics. Want to know more? You can schedule a free introductory meeting using this link (https://calendly.com/heuristicsecurity), or you can email me at heuristicsecurity@substack.com.

Michael Lines
Be Aware, Get Prepared, Defend Yourself

Subscribe to Heuristic Security Newsletter

A newsletter of articles on cybersecurity risk, governance, and news, for security leaders and teams.


Retired global CISO, currently working as an advisor to Boards and C-Suite Executives on cyber security and cyber risk matters.