A Graycliff Casillero Privada Cigar

I’m in the middle of fall in the Pacific Northwest. Which means that it’s mostly rainy and grey … and my opportunity to get out and smoke a great cigar is pretty slim. Last week and next week are travel weeks for me and that makes it even more difficult. You have to take advantage of any break in the rain this time of year, but if you’re on the road that’s difficult. Fortunately, Saturday was a beautiful fall day in the Northwest. It was cold, but crisp and clear.

The day was so beautiful and the opportunity so prime, that I had to break out a cigar from my the bottom shelf of my humidor. The top shelf, easy to get to and visible through the glass top, has my sort of daily smoking, not so prime cigars. The bottom shelf has the Montecristo Churchills and Oliva Serie V in it. And something very special, as well. I figured today called for the Graycliff Casillero Privada. I bought a mazo of 10 a few months ago. They’ve been in the humidor ever since.

I love Graycliff cigars. And these promised to be special. Casillero Privada, in Spanish, means Private Locker. These are the cigars that the famous Graycliff hotel in Nassau keeps locked away for their VIP guests. But they released a few mazo’s to be sold publicly earlier this year and when they did I grabbed one without hesitating.

All in all, a perfect excuse to light one of these guys up and see if it lives up to expectations.


Bottom line up front in case this post is tl;dr for you …. This is an absolutely fantastic cigar, but may not be approachable for a novice. If you haven’t smoked much, I would recommend choosing something else. But if you are a cigar enthusiast who enjoys robust, complex, premium smokes then this is the cigar for you.

On to the review

Cigar Overview

This is a Graycliff Casillero Privada PG 5×52. At first sight, the cigar is decent sized with a shaggy foot, giving it a rustic “old school” appearance. The wrapper is dark brown, lightly oily and looks like old leather. It had no obvious cracks, bubbles or other blemishes. The seams in the wrapper and cap are very tight, almost invisible and very few veins are apparent. The unlit aroma was of exotic spices, pepper and black tea, with an underlying barnyard odor that I suspected would turn to a very deeply earthy aroma once lit. The cigar is clearly rolled by hand and does not use a form for assistance. It is not as dense and firm as a form rolled, mass manufactured cigar would be.

Initial Impressions

The Cigar

Lighting the cigar, in spite of the shaggy foot, was easy. I use a Bugatti lighter with 3 jets, which allows for a wide, even lighting. Toasting the end of a cigar is easy with the Bugatti.


As I said, it lit easily and very uniformly. The first taste was medium bodied and complex, the smoke was cool, the flavor was peppery with a bit of earthiness. The draw was very easy and smooth. The cigar produces a lot of smoke and burns quite clean. First impression was excellent.

First Impressions

I’m drinking Bulleit Rye and soda and this seems like a good choice to start. The rye, with its spice, fruit and hints of maple syrup sweetness should really compliment the earthy, peppery cigar that I’m anticipating.

Bulleit Rye and soda

During the first 1/4 of the cigar I found that the initial complexity was not a fluke. It kept building, with notes of leather in addition to the spice and earth. It is very robust, definitely not for the faint of heart. Within the first inch all sense of the barnyard is gone, replaced with a very lovely earthiness that I am really enjoying. The cigar burns quite evenly and draws very smoothly.

Middle of the Cigar

Mid Cigar

As I work my way into the cigar I find that I was right, the rye and soda is a great choice and really compliments the dry leathery notes in the cigar. The ash is white and even and one inch of ash is not a problem whatsoever. As I move further into the cigar more becomes apparent. Toasted nuts, leather, earthy, peppery. This cigar is very masculine. At the halfway mark the pepper has built to the point that I am getting spice in my nose.

Moving into the second half of the cigar it still burns cool and even and the draw remains smooth. Hints of oak and vanilla begin to appear and the the leather and pepper build even further. This cigar is really amazing. I have yet to find anything negative about it. This cigar is clearly very special, among the elite of cigars.

Final Impressions

In the last 1/3 of the cigar, if it is possible, this cigar blossoms even more. It becomes very robust and much more complex and full bodied. I can taste earthiness overall, but quite a bit of spice, pepper, toasted nuts, leather and coffee, even a bit of cane sweetness. It is clearly hand rolled. The cigar is light in the hand, almost fragile feeling compared to cigars rolled in forms and made in factories. Clearly it is not a mass made cigar. The head has gotten slightly soggy, but not enough to detract from the overall experience.


Graycliff Casillero Privada

First, the score. This cigar absolutely deserves a 95 or 96 score. Definitely on top of the game. This is a cigar for a smoker that appreciates being challenged. Matching it with the right drink is imperative. A bourbon or rye will be a much better choice than wine or a scotch, where the alcohol will vie with the cigar rather than compliment it. I cannot recommend the Casillero Privada highly enough. It really is among the great cigars I have ever had. I have 9 more in the humidor and will be enjoying them over the coming years, seeing how they age and improve over time.

Avelino Lara

Avelino Lara was one of the greats of the cigar industry. Born in 1921, he was the creator of Cohiba and contributed materially to the Davidoff line of cigars. At one point, Lara was the personal roller for Fidel Castro. After retiring in 1996, he moved to Nassau. There he rolled a few cigars for guests at the Graycliff hotel. This did so well that the Graycliff and Lara joined forces to create the Graycliff line of cigars, which are considered by most to be among the finest in the world. As I understand it, the Casillero Privada was the continuation of the original starting point at Graycliff, where Lara was just rolling cigars here and there for guests. After the Graycliff line was started, Lara’s hand-rolled cigars were kept in a private locker, a casillero privada, for the VIP guests.

So, if you want to smoke a cigar that celebrates the heritage and craft of one the greatest cigar makers of all time, this is the one.

Posted in Alcohol, Cigars | Tagged , , , , , , , | Comments Off on A Graycliff Casillero Privada Cigar


I realized I haven’t been living up to the full name of this site lately. Here’s what’s on the menu for this weekend!

Lagavulin, Graycliff and a Montecristo

Lagavulin, Graycliff and a Montecristo

Posted in Uncategorized | 2 Comments

The Threat & Vulnerability Management Maturity Model Arrives

If you follow my blog, you know the Threat & Vulnerability Management Maturity Model has been in the works for a while now. I’m happy to report the full model has finally been published in Core Security’s latest white paper.

What’s the value?

By moving through this model, organizations will simultaneously 1) reduce risk exposure and the likelihood of a breach 2) gain ongoing visibility into true business risk, improving future decision-making 3) align IT, information security, and the rest of the organization in the direction of strategic business goals and 4) significantly increase operational efficiency. It’s not merely an ideal model from a security perspective; it’s a no-brainer for the business.

So take a look. What do you think? Can you easily identify where your organization stands on the model, and steps for advancing to the next level? Looking forward to your thoughts and feedback!

PS This is free to the security community and completely focused on how security programs improve their ability to reduce the risk of breach. It is not a product, nor are we selling it.

Posted in InfoSec, Security, Vulnerability Management | Tagged , , , , , , | Comments Off on The Threat & Vulnerability Management Maturity Model Arrives

The Burj Khalifa

On Saturday evening I went up to the top of the Burj Khalifa. If you aren’t sure what I mean, the Burj Khalifa is the tallest building in the world. It’s 2772 feet high (830 meters). The observation deck itself is 1483 feet high. It is insanely impressive.

Below the fold are some of the pictures I took while I was up there.

Continue reading

Posted in Life and Times, Travel | Tagged , , | Comments Off on The Burj Khalifa

23 Years is a Long Time

I woke up in the Middle East this morning. In Dubai in the United Arab Emirates, to be precise. This isn’t the first time I have been in the Middle East. I’ve been to Saudi Arabia, Kuwait, Iraq, Egypt and Bahrain. Although there are no stamps in my passport for any of those countries. That’s because I went to those countries in 1990 and 1991 during Operation Desert Shield/Storm.

Continue reading

Posted in Conferences, Travel | Tagged , , , , , , | Comments Off on 23 Years is a Long Time

Another Preventable Breach

Another entry in the “Preventable Breach” and “We could have prevented this” columns. This appears to be all about change and configuration management. An area that really needs some work, clearly.

Brian Krebs announced last night that there has been a huge data leak at MBIA, the nation’s largest bond insurer. On Monday, he notified MBIA Inc. that a misconfiguration in a company Web server had exposed countless customer account numbers, balances and other sensitive data. Much of the information had been indexed by search engines. That includes a page listing administrative credentials that attackers could use to access data that wasn’t accessible via a simple Web search: https://krebsonsecurity.com/2014/10/huge-data-leak-at-largest-u-s-bond-insurer/

Continue reading

Posted in InfoSec, Security, Vulnerability Management | Tagged , , , , | Comments Off on Another Preventable Breach

Year One

It’s the end of Year One at Core Security. Time really flies when you’re having fun. I’ve been here for 12 months now, and a couple days, and I guess I should do the “looking back after the first year” blog post. A year ago I wrote about my new adventure:

Most people in the information security field … know that I am firmly convinced that the bad guys are currently winning the war we are engaged in. This move is, in many ways, because I want to do even more to change the situation. One key area where we can do that is by providing security professionals with tools that allow them to reduce the attack surface they have to worry about. Right now, organizations have to defend everything. CORE Security can help with how to defend what is critical in ways that are meaningful. Frederick the Great said, “he who defends everything defends nothing” … and that applies now in information security as much as it did in the 1700’s during Frederick’s military campaigns.

Continue reading

Posted in Career, Cigars, InfoSec, Security, Vulnerability Management | Comments Off on Year One

The Maturity Model … Matures

We are making good progress with the Vulnerability Management Maturity Model now. We have a very nice looking graphic that aligns activity across each stage of maturity. Next steps include demonstrating the business value of improving maturity, providing an assessment tool, and developing a white paper to fully explain this.

I should also note that we appear to be ahead of most folks in this line of thinking. I read an article on financial services cyber risk today where it appears that someone (the SEC, perhaps) is developing risk management standards that “firms in the industry could better use to spot and block cyber-attacks.” Sounds an awful lot like our Maturity Model. Nice to know we aren’t the only folks thinking about this and glad to see others following where we are already at. 

I thought I’d share the mostly final graphic of the Maturity Model. This is something that anyone is free to use for their security program as long as you provide attribution to Core Security and I for our development of the Model.


Posted in InfoSec, Risk Management, Security, Vulnerability Management | Tagged | Comments Off on The Maturity Model … Matures

Thinking About BlackHat – The Suits vs. The Shorts

One of the interesting things about BlackHat is that hackers and CISOs rub elbows. One of the few places where that happens routinely. It’s kinda funny. The CISOs are trying not to look so much like a “suit”, so they wear khakis and polo shirts. The hackers aren’t worried about that, so they wear shorts and t-shirts, kilts, jeans, camo, etc. And have crazy hair and tattoos. I thought of Suits vs. Shorts all week. 🙂

On Monday, with a little rest and a weekend under my belt, Core’s Communications Manager asked me what I thought about BlackHat and how it was different from the past. A couple folks chimed in, not just me, and there’s a good write up on the Core blog. I thought I’d put my relevant thinking in a quote here and invite you to read the whole thing, as well.

Sure, the conference has become much more mainstream,” noted our VP of Advanced Security and Strategy Eric Cowperthwaite. “Some have started to refer to it as ‘RSA Lite.’ I think that is unfair. This is a conference dealing with the concept that anything and everything can be hacked, broken into, attacked, cracked – that’s an idea that only recently went mainstream in the security industry. You now have CISOs and hackers, big and small companies, all mingling together because the security industry is finally embracing reality.

Seems like a good thing, to me, that the suits (myself included) are finally embracing the reality that BlackHat has presented to the security world for a long time now.

Posted in Conferences, CyberWar, FUD, Security | Tagged | Comments Off on Thinking About BlackHat – The Suits vs. The Shorts

Just A Few Things Left

That’s right, not too much more left here at BlackHat. A couple of meetings with customers, a couple of analysts. And of course, Core’s party at the RX Boiler Room. Which is supposed to be pretty epic.

Then I’m gonna get some sleep, get on a plane tomorrow and head home now that Security Summer Camp is over with.

So far have seen many good friends, like RSnake, Bill Brenner, Alex Hutton, Katie Moussouris, Wendy Nather, Mortman, McKeay, Adam Shostack, Richard Stiennon, Mark Weatherford, Mike Yaffe, MattJay, Michael Farnum, Cindy Valladares, ThatDwayne … hmmmmm, not sure I can catalog everybody. Sorry for those I missed. It’s been great to see you, chat with you, get caught up and generally enjoy summer camp.

Posted in Conferences, Security | Tagged | Comments Off on Just A Few Things Left