The CISO Crucible A Novel of Security Leadership Under Fire

Andy Dyrcz — cybersecurity executive, OWASP contributor, and author of The CISO Crucible

About Andy Dyrcz

Andy Dyrcz is a cybersecurity and risk executive based in Copenhagen, Denmark, with nearly a decade of dedicated security leadership experience built on over 20 years in technology, infrastructure, and DevOps.

He has spent his career helping high-growth B2B SaaS companies design and scale security, privacy, and compliance programs — aligning security strategy with business objectives and navigating global regulatory landscapes including GDPR, SOC 2, and the EU AI Act. He is a trusted advisor to executive teams and boards on risk, resilience, and emerging threats, and is known for driving security as a growth enabler rather than a gatekeeper.

Andy currently serves as Information Security & Data Protection Officer at Dreamdata.io in Copenhagen, where he built the company’s global information security and privacy program from the ground up, achieving SOC 2 Type 2 compliance and reducing sales cycle friction by 30% through transparent security practices. Previously, he was Head of Security & Compliance at Linkfire, where he built their first formal security program, led GDPR readiness, and implemented the NIST Cybersecurity Framework and CSA controls.

Before moving to Denmark, Andy held cloud architecture and security roles across major US organizations including Express (where he migrated their eCommerce platform to AWS, saving $2.4M in infrastructure costs) and Sears, where he built and led the 24/7 eCommerce System Operations Center supporting infrastructure, applications, and incident response.

OWASP & AI Security Research

Since 2023, Andy has been an active AI Security Researcher and Contributor with the OWASP Foundation, collaborating with global leaders in cybersecurity and data ethics to define emerging standards for secure and responsible AI adoption. He contributed to the development of the OWASP Top 10 for Machine Learning and the OWASP Top 10 for Large Language Models, establishing foundational risk frameworks that are now referenced across the industry.

He has also published original research on AI agent credentialing, including the Agent Definition Schema (ADS) — an open-source standard for describing and verifying AI agent capabilities, published at agent-manifest.org.

Speaking & Community

Andy is an active speaker and organizer in the security and DevOps communities:

Nordic Cyber Summit — Featured Speaker
B-Sides Chicago — Organizer & Speaker
DevOpsDays (Global) — Speaker & Community Organizer
THOTCon — Security Conference Speaker
AWS Meetup Speaker (Copenhagen, Chicago)
DevOps Meetup Organizer (Chicago, Columbus, Copenhagen)
Recognized in CBUS 30 Under 30 for Tech Innovation

Published Courses

Andy is the author of multiple courses on Pluralsight and Udemy, focused on cloud infrastructure and security:

Pluralsight Author Page — AWS CloudFront, Elastic Load Balancer, and cloud security courses
Udemy Courses — Cloud and infrastructure training

Education & Certifications

CISSP (In Progress)
Red Hat Certified Engineer (RHCE)
Bachelor of Science in Entrepreneurship — University of Illinois at Chicago
Associate Degree in Business Administration — City Colleges of Chicago

Why He Wrote The CISO Crucible

The CISO Crucible grew out of a simple realization: most security guidance tells leaders what they should do, but rarely shows what it feels like to do it while everything is on fire. The gap between textbook security strategy and the reality of walking into a new CISO role — with inherited crises, burned-out teams, and a board that doesn’t trust you yet — is enormous. This book bridges that gap through story.