WELCOME TO MY WORLD

I'm Evan

I'm a Christian*, a husband, a father, a grandfather, a friend, a business leader, a CISO (that's Chief Information Security Officer to the layman), a hacker, a Certified (SCUBA) Rescue Diver, a biker (Harleys mostly), a welder (not professionally), an American Mexican (like a Mexican trapped in an American body), a cancer survivor, a recovered alcoholic, a harsh self-critic, a problem solver, a problem creator, and LOTS of other things.

 

My world, like yours, is far from perfect. My world, like yours, is pretty f@cked up sometimes.

 

Regardless of my imperfections, and despite myself (I'm always my own worst enemy), my world is REAL and my world is f@cking AWESOME! The truth is, SO IS YOURS!

 

Welcome to my world.

*DISCLAIMER: The words "Christian" and "religion" or "religous" are often misunderstood and misused. I'm a Christian, but I mostly despise religion. I call myself "a dirty Christian". A future blog post here.

32 Years

Experience

1000s of Projects

Completed

ADHD

Superpowers

Mission

Before Money

ABOUT ME

I've done a lot of sh*t

Hi, I’m Evan Francen—a straight-talking, 30+ year veteran of the information security industry on a mission to fix this broken industry. I’m not here to sugarcoat things or dance around tough conversations. I call it like I see it, and I believe that’s exactly what the world of cybersecurity needs right now.

 

As the co-founder and CEO of FRSecure and SecurityStudio, I’ve spent decades helping organizations—from Fortune 500 companies to small businesses—navigate the ever-evolving landscape of information security. I’ve developed tools like the S2Score to measure risk, created the first-ever CvCISO® certification program, developed Project Broken Mirror, and founded the free CISSP® Mentor Program, which has reached over 100,000 students in 120+ countries.

NOTE: This is what ADHD does to you (maybe)

 

I’ve been privileged to serve as an expert witness in high-profile cases, advise boards and legal teams during massive breaches, and write extensively about security challenges. But my favorite role? Being the guy who says what others won’t and gets the job done.

 

When I’m not buried in cybersecurity work, you’ll find me tinkering, scuba diving, or spending time with my family—I’m a proud dad of five and grandpa to eight. Whether I’m diving into code or the ocean, I always bring curiosity and drive to the table.

 

Let’s fix this broken industry together. Join me on the journey—no BS, just results.

Social With Me :

Miscellaneous

01

The Mission

Fix the broken industry.

 

02

Projects

Yeah, I'm ALWAYS working on "projects"! Maybe you'd like to help me?

03

Squirrels

ADHD is my superpower. You read that right!

MY BIO

Real Solutions Experience

Imagine taking a guy with ADHD and giving him a mission (purpose). Now, take this same guy and somehow give him 30+ years doing what he was built to do.

1984 - 1992

Early Days

Hacking?

OK, I guess.

I did a lot of things that I guess you’d call “illegal” in today’s world. Everything was driven by curiousity and showing off to friends. Using things beyond their intent or whatever boundaries there were. Thank God for the Statute of Limitations!

2008 - Present

FRSecure

Founder

and various other titles

I know I’m biased, but this is the BEST information security consulting company on the planet. It’s the best because the PEOPLE who work here are the best!

100+ employees ALL devoted to the MISSION.

2010 - Present

CISSP Mentor Program

Founder

And Instructor

I was told we have a shortage of talent in the information security industry. So, I decided to offer free training to anyone/everyone.

In the first year, we had six students. Last year, we had 21,000+ students from 150+ countries! This has been an AMAZING ride so far.

1993 - 2008

Pre-FRSecure

You Can get paid for this?!

Coming of age

There was a chapter of life before FRSecure, filled with crazy information security adventures! Working for companies like Jasc Software (makers of PaintShop Pro), US Bank, United Health, Wells Fargo, MGI Pharma, etc.

2017 - Present

SecurityStudio

Founder

And Various Other Titles

A SaaS platform to serve partners, customers, and underserved markets with proven solutions that we’ve learned from serving 1000s of customers over the years.

We made cool things here like the S2Score, S2Org, S2School, S2Vendor, S2PCI, S2Team, S2Me, and others.

2013 - 2014

Target Special Litigation Committee (SLC)

Legal Team Consultant

The Target Breach of 2013 was arguably the most widely recognized breach in history. Somehow I got hired by a group of high-powered, highly-skilled lawyers investigating the claims in derivative litigation.

It was a wild 21 months! If you want to read the SLC’s motion to dismiss, you can read it here.

A lot more to add...

Work in progress I suppose.

THINGS PEOPLE SAY

Opinions

Most people say good things, but some are afraid to say anything. Telling the truth without beating around the bush is appreciated by some and offensive to others. If you know me, you know that I appreciate EVERYONE'S perspective.

Patrick Joyce

Vice President, CSO Medtronic

“You are extremely transparent, honest and candid. And Yes, thats a good thing! And that’s what we all love about you as this pioneer and godfather of cybersecurity that you are!”

Roger Grimes

Data-Driven Defense Evangelist, KnowBe4 and renowned author

“I don’t think I’ve met a more successful guy in this industry with less bullshit”

Subscribe

I don’t do spam. I don’t eat it and I don’t send it. Not to mention, it’s also illegal!

I’ll write a privacy policy soon (that you won’t read).