Episoder

  • How Are New SEC Rules Impacting CISOs?

    How Are New SEC Rules Impacting CISOs?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out these posts for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is Allan Cockriel, group CISO, Shell.

    In this episode:

    Striking a balance Will we see a talent exodus? Playing by the same rules This is an organizational responsibility

    Thanks to our podcast sponsor, SpyCloud

    Cybercrime doesn’t take breaks. Protect your organization from ransomware, account takeover, and online fraud with SpyCloud. SpyCloud recaptures stolen identity data from breaches, infostealer malware, and phishing attacks that put your business at risk. Teams use SpyCloud’s advanced analytics and powerful automation to stay ahead of attackers. Visit spycloud.com for your free risk report and start disrupting cybercrime today.

  • Managing the Risk of GenAI Tools

    Managing the Risk of GenAI Tools

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest Karthik Krishnan, founder and CEO, Concentric AI.

    In this episode:

    Meet the new risk, same as the old risk Understanding where your risks are coming from Identifying best practices Know what you’re getting into

    Thanks to our podcast sponsor, Concentric AI

    Concentric AI’s DSPM solution automates data security, protecting sensitive data in real-time. Our AI-driven solution identifies, classifies, and secures on-premises and cloud data to reduce risk across your enterprise. Seamlessly integrated with tools like Microsoft Copilot, Concentric AI empowers your team to innovate securely and maintain compliance all while eliminating manual data protection tasks.

    Ready to put RegEx and trainable classifiers in the rear view mirror? Contact Concentric AI today!

  • Manglende episoder?

    Klik her for at forny feed.

  • Defending Against What Criminals Know About You

    Defending Against What Criminals Know About You

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Damon Fleury, chief product officer, SpyCloud.

    In this episode:

    A holistic view Adding sophistication to identity Your employees can help Cracking the code

    Thanks to our podcast sponsor, SpyCloud

    Cybercrime doesn’t take breaks. Protect your organization from ransomware, account takeover, and online fraud with SpyCloud. SpyCloud recaptures stolen identity data from breaches, infostealer malware, and phishing attacks that put your business at risk. Teams use SpyCloud’s advanced analytics and powerful automation to stay ahead of attackers. Visit spycloud.com for your free risk report and start disrupting cybercrime today.

  • Will We Ever Go Back From Work From Home?

    Will We Ever Go Back From Work From Home?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Joe Lewis, CISO, CDC.

    In this episode:

    Don’t underestimate the quality of life benefits We’re still learning What is the case for return-to-office? Moving past gimmicks

    Thanks to our podcast sponsor, SpyCloud

    Cybercrime doesn’t take breaks. Protect your organization from ransomware, account takeover, and online fraud with SpyCloud. SpyCloud recaptures stolen identity data from breaches, infostealer malware, and phishing attacks that put your business at risk. Teams use SpyCloud’s advanced analytics and powerful automation to stay ahead of attackers. Visit spycloud.com for your free risk report and start disrupting cybercrime today.

  • The Lurking Dangers of Neglected Security Tools

    The Lurking Dangers of Neglected Security Tools

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Shawn Bowen, VP and deputy CISO - Gaming, Microsoft. Joining us is Adam Fletcher, CSO, Blackstone.

    In this episode:

    Neglected tools drain resources Who’s to blame? Technology is the last step Buying tools to solve business problems

    Thanks to our podcast sponsor, ThreatLocker

    ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

  • When You Just Can't Take It Anymore in Cyber

    When You Just Can't Take It Anymore in Cyber

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Shawn Bowen, VP, Deputy CISO - Gaming, Microsoft. Joining us is Patty Ryan, senior director, CISO, QuidelOrtho.

    In this episode:

    Recognizing humanity Death by a thousand meetings What are we looking for? Find your value

    Thanks to our podcast sponsor, GitGuardian

    GitGuardian is a Code Security Platform that caters to the needs of the DevOps generation. It provides a wide range of code security solutions, including Secrets Detection, Infra as Code Security, and Honeytoken, all in one place. A leader in the market of secrets detection and remediation, its solutions are already used by hundreds of thousands of developers in all industries. Try now gitguardian.com.

  • Is It Possible to Inject Integrity Into AI?

    Is It Possible to Inject Integrity Into AI?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Davi Ottenheimer, vp, trust and digital ethics, Inrupt. Sir Tim Berners-Lee co-founded Inrupt to provide enterprise-grade software and services for the Solid Protocol. You can find their open positions here.

    In this episode:

    LLMs lack integrity controls A valid criticism Doubts in self-policing AI New tech, familiar problems

    Thanks to our podcast sponsor, Concentric AI

    Concentric AI’s DSPM solution automates data security, protecting sensitive data in real-time. Our AI-driven solution identifies, classifies, and secures on-premises and cloud data to reduce risk across your enterprise. Seamlessly integrated with tools like Microsoft Copilot, Concentric AI empowers your team to innovate securely and maintain compliance all while eliminating manual data protection tasks.

    Ready to put RegEx and trainable classifiers in the rear view mirror? Contact Concentric AI today!

  • Are Phishing Tests Helping or Hurting Our Security Program?

    Are Phishing Tests Helping or Hurting Our Security Program?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Dennis Pickett, vp, CISO, Westat.

    In this episode:

    Not all education requires tests Understand your users Building reflexes An ounce of prevention

    Thanks to our podcast sponsor, Concentric AI

    Concentric AI’s DSPM solution automates data security, protecting sensitive data in real-time. Our AI-driven solution identifies, classifies, and secures on-premises and cloud data to reduce risk across your enterprise. Seamlessly integrated with tools like Microsoft Copilot, Concentric AI empowers your team to innovate securely and maintain compliance all while eliminating manual data protection tasks.

    Ready to put RegEx and trainable classifiers in the rear view mirror? Contact Concentric AI today!

  • ​​Who Is Responsible for Securing SaaS Tools?

    ​​Who Is Responsible for Securing SaaS Tools?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Russell Spitler, CEO and co-founder, Nudge Security.

    In this episode:

    Defining responsibilities Understanding the problem A different role for security Focus on the data

    Thanks to our podcast sponsor, Nudge Security

    Get a full inventory of all SaaS accounts ever created by anyone in your org, in minutes, along with automated workflows to scale SaaS security and governance. No agents, browser plug-ins or network changes required. Start today with a free 14-day trial.

  • Hiring Cyber Teenagers with Criminal Records

    Hiring Cyber Teenagers with Criminal Records

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our guest, Adam Arellano, vp, enterprise cybersecurity, PayPal.

    In this episode:

    Accounting for mindset The importance of ethics A matter of incentives Understanding what is teachable

    Thanks to our podcast sponsor, ThreatLocker

    ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

  • What's Working With Third-Party Risk Management?

    What's Working With Third-Party Risk Management?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Nick Muy, CISO, Scrut Automation.

    In this episode:

    Segment and test

    Focus on you

    Embrace the risk lifecycle

    Not all vendors are the same

    Thanks to our podcast sponsor, Scrut Automation

    Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Our best-in-class features like process automation, AI, and 75+ native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit www.scrut.io to learn more or schedule a demo.

  • What Triggers a CISO?

    What Triggers a CISO?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining me is our guest, Sherron Burgess, CISO, BCD Travel.

    In this episode:

    Disingenuous claims rub everyone the wrong way.

    Don’t put the CISO behind the 8-ball

    The sales hustle

    They didn’t understand the assignment

    Thanks to our podcast sponsor, Scrut Automation

    Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Our best-in-class features like process automation, AI, and 75+ native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit www.scrut.io to learn more or schedule a demo.

  • Information Security vs. Cybersecurity

    Information Security vs. Cybersecurity

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and John Underwood, vp, information security, Big 5 Sporting Goods. Joining us is our guest, Mike Lockhart, CISO, EagleView.

    In this episode:

    Marketing versus strategy A distinction without a difference? Terminology follows function Security convergence

    Thanks to our podcast sponsor, Scrut Automation

    Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Our best-in-class features like process automation, AI, and 75+ native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit www.scrut.io to learn more or schedule a demo.

  • Should Deny By Default Be the Cornerstone of Zero Trust?

    Should Deny By Default Be the Cornerstone of Zero Trust?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is our sponsored guest Rob Allen, chief product officer, ThreatLocker.

    In this episode:

    Can you retrofit zero trust? The business case for deny by default Seizing an opportunity Zero trust doesn’t stand alone

    Thanks to our podcast sponsor, ThreatLocker

    ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

  • What Is a Field CISO?

    What Is a Field CISO?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Bil Harmer, operating partner and CISO, Craft Ventures.

    In this episode:

    A time and a place for Field CISOs This isn’t a new role Consulting the Field CISO Words mean things

    Thanks to our podcast sponsor, Cyera

    Cyera’s AI-powered data security platform gives companies visibility over their sensitive data, context over the risk it represents, and actionable, prioritized remediation guidance.
 As a cloud-native, agentless platform, Cyera provides holistic data security coverage across SaaS, PaaS, IaaS and On-premise environments. Visit www.cyera.io to learn more.

  • Cybersecurity Is a Communications Problem

    Cybersecurity Is a Communications Problem

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Jim Bowie, CISO, Tampa General Hospital.

    In this episode:

    The goal is to connect to the business The hard truth about soft skills Balancing risk Looking beyond communication

    Thanks to our podcast sponsor, SeeMetrics

    SeeMetrics automates cybersecurity metrics programs, continuously measuring and helping prioritize risks based on context. SeeMetrics unifies siloed data from your security stack and offers hundreds of ready-to-use metrics. Once connected with SeeMetrics, security teams reduce risk, minimize exposure and optimize performance while eliminating tedious repetitive manual work.


    Ready to automate your security programs? start connecting your environment at seemetrics.co

  • Do Companies Undergoing a Merger or Acquisition Get Targeted for Attacks?

    Do Companies Undergoing a Merger or Acquisition Get Targeted for Attacks?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Christina Shannon, CIO, KIK Consumer Products. Joining us is Andrew Cannata, CISO, Primo Water.

    In this episode:

    The lure of an IPO is debatable Does an IPO make you a target or just more vulnerable? M&A changes your context Ambiguity creates risk

    Thanks to our podcast sponsor, Cyera

    Cyera’s AI-powered data security platform gives companies visibility over their sensitive data, context over the risk it represents, and actionable, prioritized remediation guidance.
 As a cloud-native, agentless platform, Cyera provides holistic data security coverage across SaaS, PaaS, IaaS and On-premise environments. Visit www.cyera.io to learn more.

  • Telling Stories with Security Metrics

    Telling Stories with Security Metrics

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Shirley Salzman, CEO and co-founder, SeeMetrics.

    In this episode:

    Finding the purpose in metrics Using metrics to answer business questions Speaking to your audience Communication is a two-way street

    Thanks to our podcast sponsor, SeeMetrics

    SeeMetrics automates cybersecurity metrics programs, continuously measuring and helping prioritize risks based on context. SeeMetrics unifies siloed data from your security stack and offers hundreds of ready-to-use metrics. Once connected with SeeMetrics, security teams reduce risk, minimize exposure and optimize performance while eliminating tedious repetitive manual work.

    Ready to automate your security programs? start connecting your environment at seemetrics.co.

  • Securing Identities in the Cloud

    Securing Identities in the Cloud

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is our sponsored guest, Adam Bateman, CEO, Push Security.

    The SaaS attacks matrix community resource mentioned by Adam in the episode can be found here.

    Editorial note: Geoff Belknap is an advisor to Push Security.

    In this episode:

    Where are we going wrong

    Finding the missing pieces

    Protecting an expanding border

    It starts with understanding risk

    Thanks to our podcast sponsor, Push Security

    Prevent, detect and respond to identity attacks using Push Security’s browser agent. Enable Push’s out-of-the-box controls or integrate Push with your SIEM, XDR and SOAR.

    Block phishing attacks, detect session hijacking and stop SSO passwords being exposed. Find out what else the Push browser agent can do at pushsecurity.com.

  • How AI Is Making Data Security Possible

    How AI Is Making Data Security Possible

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Lamont Orange, CISO, Cyera.

    In this episode:

    The data security check has come due

    Putting data security at the heart of defense in depth

    Automation is key

    You need to know what you’re protecting

    Thanks to our podcast sponsor, Cyera

    Cyera’s AI-powered data security platform gives companies visibility over their sensitive data, context over the risk it represents, and actionable, prioritized remediation guidance.
 As a cloud-native, agentless platform, Cyera provides holistic data security coverage across SaaS, PaaS, IaaS and On-premise environments. Visit www.cyera.io to learn more.

  • Vis mere