EMA IT & Data Management Research, Industry Analysis & Consulting

Chris Steffen

Christopher Steffen, CISSP, CISA, is the vice president of research at EMA, covering information security, risk, and compliance management. Before EMA, he served as the CIO for a financial services firm, focusing on FedRAMP compliance and security. He has also served in executive and leadership roles in numerous industry verticals. Steffen has presented at numerous industry conferences and has been interviewed by multiple online and print media sources. Steffen holds over a dozen technical certifications, including CISSP and CISA.

Recent Posts

Token Sprawl: Why Everyone's AI Bill is Suddenly a Surprise

By Chris Steffen on Jul 8, 2026 12:58:58 PM

Continue Reading

Trump's Quantum Executive Orders: What They Mean for Enterprise Security and U.S. Competitiveness

By Chris Steffen on Jun 23, 2026 10:18:09 AM

Continue Reading

The CISO Has Left the Building — and Came Back in a Business Suit

By Chris Steffen on Jun 8, 2026 8:31:36 AM

Continue Reading

Star Wars Day 2026: Cybersecurity Failures in the Star Wars Universe – Revisited

By Chris Steffen on May 3, 2026 6:00:00 AM

Continue Reading

Why Cloudflare’s PQC Roadmap is a Wake-Up Call

By Chris Steffen on Apr 21, 2026 9:48:15 AM

Continue Reading

AI Was Never Really Coming For Your Job – But Your Job Will Be Different

By Chris Steffen on Apr 8, 2026 2:54:42 PM

Continue Reading

Q-Day Just Got Way More Real

By Chris Steffen on Mar 31, 2026 10:20:55 AM

Continue Reading

Key Takeaways from RSAC 2026

By Chris Steffen on Mar 27, 2026 1:23:24 PM

The cybersecurity world descended on San Francisco's Moscone Center this week for RSAC 2026, the 35th annual flagship event – and the numbers alone tell you this is no niche gathering. Around 43,500 attendees, 700 speakers, 600 exhibitors, and 400 members of the media converged on the conference, which spans multiple stages and countless hands-on experiences. That's a lot of people, and a lot of opinions; some of which are ones I hope you are paying attention to, and some that I would prefer you ignore. After spending the week meeting with some of the best vendors at the conference, as well as a few passing conversations in elevators and airplane queues, four themes kept coming up again and again – and if you're serious about your security program, they're worth paying attention to.

Continue Reading

Cybersecurity Trends to Consider in 2026

By Chris Steffen on Jan 2, 2026 12:33:48 PM

As I sit here watching the very soggy Rose Parade, my thoughts drift to the cybersecurity topics and trends we will talk about in 2026 (yes, that is how much of a nerd I actually am).

Continue Reading

Five Things I'm Thankful for in Cybersecurity This Thanksgiving

By Chris Steffen on Nov 26, 2025 5:30:04 PM

Happy Thanksgiving, everyone!

Continue Reading
  • There are no suggestions because the search field is empty.

Lists by Topic

see all

Posts by Topic

see all

Recent Posts