As a CISO, my job is to protect corporate information assets while ensuring security obligations are met for the business. My job is to ensure shareholders, investors, employees, our customers and their interests are protected. My job is to provide the appropriate level of security for data and data transactions in preventing, detecting and responding to breaches. Regulations have brought information security issues to the forefront expanding funding for technologies, staffing and training. More and more we see exposure of data and leakage of sensitive information. Do corporate boards and the C-Level management staff really understand what it takes to secure customer information? Are they more concerned with perceptions than resolving issues? Being a security professional is a formidable career choice. Security professionals do in fact live by a code of ethics, an ethos that demands we do what is right. To do it right you must take an oath of allegiance to your craft that is not welcome in the corporate world that ultimately employs you. The very credentials that make you marketable are, in the end, the very thing that can put you in the job market, again, and again. Taking ethical stands to live up to the code of the CISSP and the CISM takes courage, tenacity, thick skin and the willingness to walk away from an employer. What do you do when placed in a potentially compromising position? What do you do when ethical behavior, integrity, corporate due diligence and attorney client privilege collide in a cacophony of opinion and negligence? How do you survive when you find yourself in the absolute middle of this vortex? These are true stories of sex, threats of physical harm, impersonation, legal quandaries, embezzlement and lying.How do you keep your job and maintain personal and professional integrity? Should someone go to jail? Do you violate your own ethical canons to protect yourself? Are you wanted for conspiracy for trying to commit security?