About us

CISOCON exists to flip the asymmetry between attack and defense.

We believe it is about time.


Christian Matthies

Christian Matthies

Founder & Managing Director

Christian set the roots for his professional career early in his teens when he was obsessed with books on software engineering and scalability. He eventually transitioned into the security space when he discovered how insecure the internet was as a consequence of how things were taught back in the day.

Since then, has worked 10 years in the field of hacking & exploitation (Google, Apple) and eventually became a security leader in different companies (Zalando, TeamViewer), fascinated by rethinking security defense. Unsatisfied by traditional defense methods, he developed a passion to take the job of the CISO to new levels and founded his own consulting firm XII Beaufort (today CISOCON) in 2016. Since 2018, he works together with Eric.

Eric Berger

Eric Berger

Founder & Managing Director

Eric taught himself how to program software as a teenager and discovered his sales talent and interest in business models early on. Studying economics and computer science was the logical consequence for him.

After several years as a software developer, IT and management consultant, Eric co-founded freenet in Hamburg at the end of the 1990s. In various management positions over 10 years, he helped shape the company’s rapid development and built up numerous successful digital products, services and platforms in various market segments.

Security has always been an important topic he pushed in each of his businesses. When he met Christian in 2017, their shared passion towards innovating the way defense is operationalized sparked many discussions and completely new ideas. Together, they founded CISOCON in 2018 with a big vision to put all of these ideas into practice.

About Our Brand

Creating a Brand for the CISO

The initial idea has always been to create a brand that is tailored around the CISO. Looking at the trajectory of the security industry, we felt that a lot of innovation was happening on the commercial product side but only little focus is placed on the CISO himself as the one responsible.

Given the poor security status quo of most companies, clearly more of the same products is not what is needed. CISOCON stands for solutions, solutions that cut through complexity and focus on what's truly important for CISO's to outsmart and out outmanoeuvre​ attackers.

The CISO Orchestra

We believe that in many ways, the CISO is like the conductor of an orchestra in the concert hall. With sometimes hundreds of musicians having to work together, it's thanks to the person standing on the pedestal between the audience and the orchestra who ensure that the music comes to life. That person’s role is to keep all the musicians working in perfect union for every second of the performance.

Similarly, the CISO orchestrates security dimensions and helps shape the fabric of an organizations defense grid. One of the first artefacts CISOCON has created was the CISO Orchestra chart, attempting to collect and depict those dimensions from the CISO's vantage point. If you haven't guessed it: The "CON" in CISOCON stands for conductor.


We believe that you can't win a game by hitting the ball out of the court.

1. Start with Why
2. Think about How and What
3. Lead By Serving Others
4. Inspire Action
5. Strive for Mastery
6. Create Synergy
7. Demonstrate Integrity