Security leadership is often framed around technology stacks and breach headlines, but the reality of the role is far more human. CISO Diaries is a series designed to capture that reality. In each interview, we sit down with security leaders, founders, and practitioners shaping the modern threat landscape to explore how they think, work, and make decisions under pressure. From daily routines and personal security habits to lessons learned the hard way, the series offers a candid look at the mindset behind modern cyber defense, at a time when attackers are moving faster, using new tools, and targeting people as much as systems.
About the Interviewee: Julius Muth
Julius Muth is the co-founder of revel8, a cybersecurity startup focused on helping organizations defend against the growing wave of AI-driven social engineering attacks. As generative AI lowers the barrier for attackers to craft convincing phishing campaigns, clone voices, and automate deception at scale, Julius and his team are building a platform that trains employees to recognize and respond to these threats in realistic environments. Drawing on open-source intelligence and real-world attack patterns, revel8 simulates modern social engineering scenarios across channels such as email, voice, SMS, and social media, helping organizations turn security awareness into instinct.
How do you usually explain what you do to someone outside of cybersecurity?
We help companies protect themselves against the dark side of AI, particularly in the area of cyberattacks. The threat landscape has changed significantly because vast amounts of openly available information are easily accessible, and people share more data online than ever before. At the same time, AI technologies have drastically reduced the effort required by attackers, enabling them to generate flawless emails, translate perfectly, clone voices, and create highly convincing deception at scale. We address this risk by training employees to recognize and defend against these AI-driven criminal use cases.
What does a “routine” workday look like for you, if such a thing exists?
There’s no routine in a cybersecurity startup. One moment I’m discussing OSINT-based attack vectors or deepfake simulation logic with the product team, the next I’m on calls with CISOs dissecting real incidents. A huge focus right now is building a team that can think like attackers while designing for defenders. In this space, speed of learning is a competitive advantage
What part of your role takes the most mental energy right now?
Prioritization. The threat landscape evolves daily, but resources, time, and budget are limited. Deciding what not to do is often harder than deciding what to do, especially when every risk feels urgent.
What’s one security habit or routine you personally never skip?
Threat modeling decisions before making them. Whether it’s adopting a new tool, signing up for a service, or traveling with devices, I instinctively ask: What’s the worst-case scenario and how would I mitigate it?
What does your own personal security setup look like?
High level: hardware-based MFA (Multi-Factor Authentication) everywhere possible, VPN, a password manager with unique credentials for every account, encrypted backups stored both locally and offline, separate devices for high-risk testing, and aggressive patching. I also treat my home network like a small enterprise environment, segmentation, monitoring, and minimal trust by default. I never reply to messages that I don’t know, and I am cautious of unknown numbers.
What book, podcast, or resource has influenced how you think about leadership or security?
The Podcast “Darknet Diaries” has had a real impact on how I think about security. It tells the human stories behind breaches: How attackers think, where organizations misjudge risk, and how small decisions cascade into major incidents.
What’s a lesson you learned the hard way in your career?
If you can’t explain a security issue in business terms, it won’t get fixed. Early on, I focused too much on technical severity and not enough on business impact. Once you translate vulnerabilities into revenue, safety, or operational consequences, alignment happens much faster.
What keeps you up at night right now, from a security perspective?
The asymmetry is increasing. AI lowers the barrier to entry for attackers. Sophisticated campaigns are becoming automated and commoditized. That changes the scale problem for defenders and seeing exploitations of very vulnerable individuals, e.g. the elderly, makes me really angry.
How do you measure whether your security program is actually working?
We measure effectiveness by observing real behavior, not checkbox completion. We track interaction rates with simulated attacks, reporting behavior, response speed, and decision quality. Those signals feed into a continuously evolving awareness score. The goal isn’t to shame individuals, it’s to build what we call organizational swarm intelligence: a workforce that detects and escalates threats collectively, faster than automated attack systems can exploit them. When reporting rates rise and reaction times drop, we know resilience is increasing.
What advice would you give to someone stepping into their first CISO role today?
Listen before you lead. Spend your first weeks understanding the business, its revenue drivers, and its risk tolerance. Technical expertise earns credibility, but business alignment earns influence, and influence is what gets security funded and adopted.
What do you think will matter less in security five to ten years from now?
Tool sprawl. Organizations are realizing that dozens of overlapping tools don’t equal better security. Consolidation, integration, and signal-to-noise reduction will matter more than sheer quantity of products.
Looking ahead 10 years, what do you believe security teams will spend most of their time on that they don’t today?
Security architecture for autonomous systems. As AI-driven processes make decisions independently, teams will shift from protecting systems that people operate to governing systems that operate themselves. The challenge won’t just be stopping breaches; it’ll be ensuring machine-driven actions remain safe, predictable, and aligned with human intent.