Download Transcript (pdf)

Byline: Hosted by Jo Peterson · ClearTech Loop 

Episode Summary: Turning Risk into Business Impact 

This week on ClearTech Loop, Jo Peterson talks with John Carse, Field CISO at SquareX and former CISO at Dyson and Rakuten, about the evolving role of the modern security leader. 

Carse argues that CISOs who frame cyber risk in financial terms — not fear — earn credibility with the board and influence where it matters most: budget and business outcomes. 

From defining risk appetite to protecting data in the browser, Carse’s perspective bridges two worlds — the boardroom and the SOC — showing how pragmatic CISOs translate technical complexity into measurable value. 

Key Takeaways for Security Leaders

• Talk dollars, not FUD. The board doesn’t respond to fear, uncertainty, and doubt. It responds to measurable impact and business language. 
• Two levers drive every decision: risk appetite and budget alignment. The right balance defines whether your strategy scales or stalls. 
• The browser is the new edge. With SaaS dominating IT spend, browser security has become the front line for protecting enterprise data. 
• Measure, don’t assume. Quantify downtime, compliance cost, and reputational risk to make better investment decisions. 
• Security maturity isn’t about more tools — it’s about smarter trade-offs. 

Core Thoughts from John 

“We should be thinking about cyber risk directly related to dollars…
talking dollars, not in, you know, FUD.”

— John Carse

Carse’s message is simple but profound: stop selling fear, start selling value. The CISO’s credibility depends on translating threats into the language of business impact. 

What You’ll Learn from John

• How to define and communicate risk appetite before building your security program 

• Why budget alignment matters more than tool count or coverage percentages 

• How to identify and mitigate browser-based threats as the new data perimeter 

• What makes the Field CISO role unique in today’s hybrid security landscape 

About John Carse

John Carse is a three-time CISO and currently serves as Field CISO at SquareX, helping enterprises defend against browser-based threats and translate security strategy into business impact. His previous roles include CISO positions at Dyson and Rakuten and security leadership at Expedia and JPMorgan Chase. 

What is a Field CISO?

A Field CISO is a translator between customer reality and vendor innovation. Unlike a sales engineer or product evangelist, the Field CISO role brings executive-level security experience to help organizations apply new technology within their own risk models. They don’t just demo products—they contextualize them against governance, compliance, and budget. It’s where technical depth meets board-level strategy. 

Additional Resources

• Security Magazine: John Carse hired as Field CISO at SquareX 
• The CISO Perspective with John Carse Podcast 
• The Browser Blind Spot: Rethinking Enterprise Security  

Closing Thoughts from Jo

Security isn’t about fear anymore — it’s about fluency. 
The best CISOs translate complexity into clarity, aligning with the business through shared language, measurable value, and disciplined trade-offs. 

What I appreciate about John’s perspective is its realism: security doesn’t exist in a vacuum, and perfection isn’t the goal. Alignment is. 
Because when CISOs talk in dollars, not FUD, they don’t just protect systems — they strengthen the business. 

See you in the Loop. 
– Jo 

Listen · Watch · Subscribe 

🎧 Listen to the full episode on the player above
📺 Watch on YouTube
📰 Subscribe to ClearTech Loop for more straight-talk from the CISO front lines