7 Fractional CISO Lessons From a Former NASA Security Officer

7 Fractional CISO Lessons From a Former NASA Security Officer

Fractional CISO Pierre Dickson on the impact of AI in cybersecurity, working at NASA, the CIO vs CISO debate, and building a fractional career.

Share on TwitterLast Updated
June 25th, 2026

Pierre Dickson has spent more than two decades protecting organizations where the stakes couldn't be higher. His cybersecurity career began at NASA's Goddard Space Flight Center before expanding into leadership roles across defense contractors and federal agencies, including the U.S. Department of Commerce and U.S. Office of Personnel Management.

"I was an enterprise services manager on one of the largest contracts on the [NASA] base at the time," Dickson said. "NASA wanted a cybersecurity engineering team and they asked me to be the manager of that team. And that's how I got my start in cybersecurity."

Today, Dickson serves as a fractional Chief Information Security Officer (CISO), helping private law firms and professional services organizations build defensible security programs without hiring a full-time executive.

"I really enjoy the leadership part of being a CISO and remaining engaged in helping businesses align with the security compliance," he said.

We sat down with Dickson to discuss the evolution of cybersecurity leadership, the growing impact of AI on businesses, and what it takes to build a successful fractional career.

1. Learn the Technology Before You Focus on Compliance

If you're wondering how to start a cybersecurity career, start by learning the tools first. Then you can earn compliance certifications and build governance frameworks.

"You need to understand what you're protecting in order to protect it," Dickson said. "Focus on understanding networking, systems, and protocols, and then move over into compliance. Once you get the compliance work done, then it's easier to move into the C-level management leadership because now you understand both sides."

Dickson also believes CISOs who skip the technical foundation often struggle to engage effectively with engineering teams. The strongest security have been in the technological trenches and earned their credibility.

Explore fractional CISO benchmarks, including average hourly rates, pay range percentiles, and market demand signals.

2. Compliance Isn't Bureaucracy, It's a Competitive Advantage

Dickson credits much of his success to the rigor of working in federal environments. At organizations like NASA, frameworks such as NIST and FISMA aren't recommendations; they're requirements. That discipline has proven valuable in the private sector, where clients increasingly expect mature governance, risk management, and compliance programs.

As Dickson said, "Having that mindset of pushing compliance and assuring best practices are in place helped me move into the private sector with a stronger foundation than most people would have."

Today, when he works with law firms and professional services organizations, he's able to map controls across frameworks like NIST 800-153 and ISO 27001 while building security programs that satisfy both regulators and clients.

3. The CISO Role Is More About Business Management Than Firewalls

Forget the image of a CISO staring at threat dashboards in a dark room. At the leadership level, they're conducting performance reviews, managing budgets, and making hard trade-off decisions. Dickson, for example, has managed teams of 50+ people spanning help desk, engineers, exchange admins, and network specialists.

One of his toughest challenges was balancing a budget that needed to be cut by 10%. That required evaluating vendors, weighing technology investments, and keeping people happy at the same time. 

Ultimately, the CISO role is as much about people and dollars as it is about firewalls.

4. CISOs and CIOs Should Be Peers

Here's a take that might ruffle some org charts: the CISO and CIO should sit at the same level, not in a hierarchical relationship.

"The CIO's job is to oversee technology for the entire company and the CISO's job is to enforce cybersecurity for the company," Dickson said. "So if the CIO is not on the same page with the CISO, there could be issues."

In Dickson's experience, organizations that work best are the ones where both leaders are aligned and working towards a joint goal: protecting the business.

5. Every Organization Needs AI Guardrails

Many companies Dickson encounters still don't have an AI policy, and that's a problem. AI is already baked into the tools people use every day, whether that's Microsoft Copilot, security platforms, or productivity software.

So his approach with every client starts the same way: establish guardrails. What tools are allowed? What's the firm's position on AI use? How are employees expected to interact with AI tools? 

Dickson draws a parallel to the early days of antivirus software, when it was free and nobody worried about it---until viruses outpaced the protections and the whole model had to change. AI is following the same arc. The technology is outpacing the policies, and businesses can't afford to skip the compliance step.

6. Fractional Security Leadership Is a Viable Career

Dickson entered the fractional world after repeated encouragement from vendors and peers in the legal industry. Six years later, he's fully embracing this new chapter. 

"Fractional work, for me, opened up a second career because it allows me to pick and choose the clients I would like to work with," Dickson said. "And I can define the number of hours I'm going to give this particular client for a month."

Rather than supporting a single organization, he now works across multiple clients while maintaining more control over his schedule and workload. To keep it all organized, Dickson manages six calendars through CalendarBridge and tracks his professional relationships with Folk, a CRM that syncs with LinkedIn. On the security side, his go-to stack includes Rapid7, SentinelOne, Carbon Black, Mandiant, and Arctic Wolf.

Building your fractional business? Explore the 2026 State of Fractional Work Report for real-time benchmark data about the fractional market and actionable career insights.

7. Great CISOs Translate Risk Into Business Decisions

For Dickson, every new fractional engagement follows a similar pattern: a law firm has a director or CIO but nobody driving cybersecurity. He comes in to assess the environment, identify gaps, build a roadmap, and, most importantly, explain his work to non-technical leadership in terms they actually understand.

That ability to justify the spend is where most CISOs fall short. It's one thing to know the gaps exist. It's another to walk into a boardroom and make a compelling case for why the organization needs to invest in closing them---especially now with AI accelerating the threat landscape.

Dickson has been doing this communication work with organizations from the federal government level down to small law firms, and he says it's the single most important skill a CISO can develop.

Build Your Fractional Cybersecurity Career

Interested in applying your cybersecurity expertise across multiple organizations?

Go Fractional helps experienced leaders connect with companies seeking fractional, interim, and contract-to-hire cybersecurity talent. Apply to become a member, build your professional profile, and access resources designed specifically for fractional executives.

You can also explore the Fractional Job Board---updated daily---to discover high-impact opportunities across cybersecurity, technology, operations, and executive leadership.

Frequently Asked Questions - CISO


Related Fractional Jobs

Fractional CTO

AI Engineering Research Company

Remote
HIPAAData SecurityHIPAAData SecurityLarge Language Models

Growth Marketer

Consumer Marketing Platform Company

Remote$95-$175/hr
CMOZero to OneEmail MarketingEmail MarketingChief Marketing OfficerPerformance MarketingZero-to-One

Fractional Chief Compliance Officer

Legal Investment Advisory Firm

Remote
Chief Compliance Officer

Related Articles