Momentum Realized as Companies Reassess Cyber Risk Models Amid AI and Supply Chain Exposure
CIOSO Global, LLC, which launched in December 2024 to democratize Fortune 100-level cybersecurity expertise, marks its first year in operation, reflecting the growing demand for independent risk validation, board-level engagement, and security strategies designed for systemic threats.
Throughout 2025, CIOSO Global advised organizations of all sizes that accelerated AI-enabled attacks, software supply chain vulnerabilities, and geopolitical risks exposed a growing mismatch between cyber risk and how organizations resource leadership to manage it. The company’s team helped organizations reassess whether full-time, fractional, or advisory CISO models best fit their size and risk profile, as demand increased for governance-driven approaches that scale with the business and treat cybersecurity as an enterprise-wide risk function rather than a purely technical role.
Founded by industry veterans Lou DeSorbo and Greg Sullivan, CIOSO Global has quickly established itself as a trusted advisor to organizations navigating increasing cybersecurity complexity, without the internal scale of large enterprises. The company’s approach, transferring Fortune 100 cybersecurity knowledge from the leaders who created it to businesses of any size, has resonated with customers and the broader cybersecurity community.
“What stood out in our first year wasn’t the sophistication of attacks; rather, it was how often organizations believed they had visibility when they didn’t,” said Sullivan, founding partner at CIOSO Global. “Momentum came from helping leaders confront uncomfortable gaps between perceived and actual risk, particularly at the governance and validation level.”
First-Year Momentum Reflects Shifting Cybersecurity Priorities
Throughout 2025, CIOSO Global’s momentum reflected clear patterns in how organizations are reassessing cybersecurity risks, including increased focus on third-party validation, hardware-level controls, and executive accountability. The company’s milestones demonstrated market acceptance and industry influence:
Executive Leadership
Tom Schunk has partnered with CIOSO Global to deliver deep cyber expertise to the team and its customers. An accomplished cybersecurity and technology executive with over 35 years of broad global experience, Tom collaborates closely with the CIOSO Global team and clients to develop security strategies and practical solutions that help organizations mature their cybersecurity practices and build resilient environments.
Also Read: CIO Influence Interview with Duncan Greatwood, CEO at Xage Security
Leadership Development Expansion: In July, Sullivan joined Technology Partners’ executive coaching bench, where he now coaches CIOs, CISOs, and senior technology executives through leadership transitions and cyber-risk challenges. The collaboration strengthens Technology Partners’ ability to support leaders facing today’s complex digital risk landscape.
Industry Engagement: Sullivan participated in senior-level industry forums, including a main-stage panel at Kaseya Connect Global, where discussions centered on third-party software exposure, SBOM adoption challenges, AI accountability, and the widening disconnect between technical controls and executive risk perception. These conversations consistently underscored that many organizations struggle not with tooling, but with translating cyber risk into business-relevant decision frameworks.
Unique Formula for Notable 2025 Acceleration
CIOSO Global’s differentiated approach addresses a critical market need: no organization can afford to assume all attack vectors are identified or that best practices are entirely in place.
The company’s founding partners bring complementary expertise. DeSorbo, with over 25 years of experience in military intelligence, corporate cybersecurity, and risk management, develops advanced operational security strategies to address emerging threats before they escalate. Sullivan, a former Fortune 100 Global CIO, CTO, and CEO, integrates cybersecurity into corporate governance, ensuring risks are addressed at the board level. Together, the firm emphasizes:
-Fortune 100 Global Expertise, Delivered to All: CIOSO Global makes knowledge and practices from the world’s largest enterprises accessible to organizations of any size.
-Proactive Engagement: The company addresses risks before they impact the organization, providing tailored strategies that align with business objectives.
-Third-Party Validation: CIOSO Global emphasizes independent assessment to identify overlooked attack vectors and ensure implementation of cybersecurity best practices.
Sullivan added, “Cybersecurity is too critical to leave to assumptions or outdated practices. Even the most skilled security personnel recognize the need for third-party professional validation to ensure the highest level of protection possible. The momentum we’ve seen validates that approach.”
Catch more CIO Insights: Why Today’s Web Agent Benchmarks Don’t Reflect Real-World Reliability
[To share your insights with us, please write to psen@itechseries.com ]
