Tarah Wheeler on Cybersecurity, Policy, and the Human Side of Security
Tarah Wheeler, now CISO at TPO Group, has taken an unusual path into cybersecurity. The firm, whose name stands for technology, policy and operations, advises organizations in high-risk sectors, inclu...
Tarah Wheeler, now CISO at TPO Group, has taken an unusual path into cybersecurity. The firm, whose name stands for technology, policy and operations, advises organizations in high-risk sectors, including critical infrastructure and federal agencies. Wheeler says she did not set out to work in security, but developed an interest in the field after realizing it offered a way to study how people behave under pressure and in environments where observation, trust, and conflict all matter.
A career shaped by multiple disciplines
Wheeler describes herself as a social scientist and writer as much as a security executive. Over time, she has worked across red team, purple team, security operations, physical security, digital security, and social engineering-related domains. That broad background, she says, has helped her move into risk and compliance work, where security decisions affect large groups of people and organizational behavior at scale.
Her career has included roles at Microsoft, Silent Circle, Symantec, and Splunk, as well as continuing leadership positions at Red Queen Technologies and TPO Group. She has also written extensively on technology and policy, including a Foreign Policy article on cyberwar, a book on women in technology, and policy papers for organizations such as the Council on Foreign Relations and Harvard’s Belfer Center.
Wheeler’s work has also extended into public policy and advocacy. In 2024, she testified before the U.S. Senate Committee on Homeland Security and Governmental Affairs during a hearing on the Cyber Safety Review Board, which she described as a major milestone. Her policy interests have included foreign relations, homeland security, extremism, drones, and the cybersecurity implications of state conflict.
She has held fellowships and senior fellow positions focused on global cyber policy and regional security issues, and she serves on the board of directors of the Electronic Frontier Foundation. She also founded and hosts the annual EFF Benefit Poker Tournament at DEF CON, combining her interest in digital rights with an ongoing enthusiasm for poker.
Wheeler argues that the term “hacker” should not be treated as synonymous with crime. In her view, hacking refers to a set of skills and a way of seeing systems clearly, with the ethical choice being whether those skills are used to protect people or to exploit them.
