Episoder
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Dennis Pickett, vp, CISO, Westat.
In this episode:
Not all education requires tests Understand your users Building reflexes An ounce of preventionThanks to our podcast sponsor, Concentric AI
Concentric AI’s DSPM solution automates data security, protecting sensitive data in real-time. Our AI-driven solution identifies, classifies, and secures on-premises and cloud data to reduce risk across your enterprise. Seamlessly integrated with tools like Microsoft Copilot, Concentric AI empowers your team to innovate securely and maintain compliance all while eliminating manual data protection tasks.
Ready to put RegEx and trainable classifiers in the rear view mirror? Contact Concentric AI today!
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Russell Spitler, CEO and co-founder, Nudge Security.
In this episode:
Defining responsibilities Understanding the problem A different role for security Focus on the dataThanks to our podcast sponsor, Nudge Security
Get a full inventory of all SaaS accounts ever created by anyone in your org, in minutes, along with automated workflows to scale SaaS security and governance. No agents, browser plug-ins or network changes required. Start today with a free 14-day trial.
-
Manglende episoder?
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our guest, Adam Arellano, vp, enterprise cybersecurity, PayPal.
In this episode:
Accounting for mindset The importance of ethics A matter of incentives Understanding what is teachableThanks to our podcast sponsor, ThreatLocker
ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Nick Muy, CISO, Scrut Automation.
In this episode:
Segment and testFocus on you
Embrace the risk lifecycle
Not all vendors are the sameThanks to our podcast sponsor, Scrut Automation
Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Our best-in-class features like process automation, AI, and 75+ native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit www.scrut.io to learn more or schedule a demo.
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining me is our guest, Sherron Burgess, CISO, BCD Travel.
In this episode:
Disingenuous claims rub everyone the wrong way.Don’t put the CISO behind the 8-ball
The sales hustle
They didn’t understand the assignmentThanks to our podcast sponsor, Scrut Automation
Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Our best-in-class features like process automation, AI, and 75+ native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit www.scrut.io to learn more or schedule a demo.
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and John Underwood, vp, information security, Big 5 Sporting Goods. Joining us is our guest, Mike Lockhart, CISO, EagleView.
In this episode:
Marketing versus strategy A distinction without a difference? Terminology follows function Security convergenceThanks to our podcast sponsor, Scrut Automation
Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Our best-in-class features like process automation, AI, and 75+ native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit www.scrut.io to learn more or schedule a demo.
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is our sponsored guest Rob Allen, chief product officer, ThreatLocker.
In this episode:
Can you retrofit zero trust? The business case for deny by default Seizing an opportunity Zero trust doesn’t stand aloneThanks to our podcast sponsor, ThreatLocker
ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Bil Harmer, operating partner and CISO, Craft Ventures.
In this episode:
A time and a place for Field CISOs This isn’t a new role Consulting the Field CISO Words mean thingsThanks to our podcast sponsor, Cyera
Cyera’s AI-powered data security platform gives companies visibility over their sensitive data, context over the risk it represents, and actionable, prioritized remediation guidance. As a cloud-native, agentless platform, Cyera provides holistic data security coverage across SaaS, PaaS, IaaS and On-premise environments. Visit www.cyera.io to learn more.
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Jim Bowie, CISO, Tampa General Hospital.
In this episode:
The goal is to connect to the business The hard truth about soft skills Balancing risk Looking beyond communicationThanks to our podcast sponsor, SeeMetrics
SeeMetrics automates cybersecurity metrics programs, continuously measuring and helping prioritize risks based on context. SeeMetrics unifies siloed data from your security stack and offers hundreds of ready-to-use metrics. Once connected with SeeMetrics, security teams reduce risk, minimize exposure and optimize performance while eliminating tedious repetitive manual work.
Ready to automate your security programs? start connecting your environment at seemetrics.co -
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Christina Shannon, CIO, KIK Consumer Products. Joining us is Andrew Cannata, CISO, Primo Water.
In this episode:
The lure of an IPO is debatable Does an IPO make you a target or just more vulnerable? M&A changes your context Ambiguity creates riskThanks to our podcast sponsor, Cyera
Cyera’s AI-powered data security platform gives companies visibility over their sensitive data, context over the risk it represents, and actionable, prioritized remediation guidance. As a cloud-native, agentless platform, Cyera provides holistic data security coverage across SaaS, PaaS, IaaS and On-premise environments. Visit www.cyera.io to learn more.
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Shirley Salzman, CEO and co-founder, SeeMetrics.
In this episode:
Finding the purpose in metrics Using metrics to answer business questions Speaking to your audience Communication is a two-way streetThanks to our podcast sponsor, SeeMetrics
SeeMetrics automates cybersecurity metrics programs, continuously measuring and helping prioritize risks based on context. SeeMetrics unifies siloed data from your security stack and offers hundreds of ready-to-use metrics. Once connected with SeeMetrics, security teams reduce risk, minimize exposure and optimize performance while eliminating tedious repetitive manual work.
Ready to automate your security programs? start connecting your environment at seemetrics.co.
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is our sponsored guest, Adam Bateman, CEO, Push Security.
The SaaS attacks matrix community resource mentioned by Adam in the episode can be found here.
Editorial note: Geoff Belknap is an advisor to Push Security.
In this episode:
Where are we going wrong
Finding the missing pieces
Protecting an expanding border
It starts with understanding risk
Thanks to our podcast sponsor, Push Security
Prevent, detect and respond to identity attacks using Push Security’s browser agent. Enable Push’s out-of-the-box controls or integrate Push with your SIEM, XDR and SOAR.
Block phishing attacks, detect session hijacking and stop SSO passwords being exposed. Find out what else the Push browser agent can do at pushsecurity.com. -
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Lamont Orange, CISO, Cyera.
In this episode:
The data security check has come due
Putting data security at the heart of defense in depth
Automation is key
You need to know what you’re protecting
Thanks to our podcast sponsor, Cyera
Cyera’s AI-powered data security platform gives companies visibility over their sensitive data, context over the risk it represents, and actionable, prioritized remediation guidance. As a cloud-native, agentless platform, Cyera provides holistic data security coverage across SaaS, PaaS, IaaS and On-premise environments. Visit www.cyera.io to learn more.
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Christina Shannon, CIO, KIK Consumer Products. Joining us is our guest, Tomer Gershoni, CSO, Zoominfo.
In this episode:
Moving beyond technology
The art of a CISO
CISOs always operate in context
Elevating the CISO conversation
Thanks to our podcast sponsor, SeeMetrics
SeeMetrics automates cybersecurity metrics programs, continuously measuring and helping prioritize risks based on context. SeeMetrics unifies siloed data from your security stack and offers hundreds of ready-to-use metrics. Once connected with SeeMetrics, security teams reduce risk, minimize exposure and optimize performance while eliminating tedious repetitive manual work.
Ready to automate your security programs? start connecting your environment at seemetrics.co
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Yaron Levi, CISO, Dolby. Joining us is our guest, Neil Watkins, svp technology and cybersecurity services, i3 Verticals.
In this episode:
Visibility doesn’t matter without context
Not all visibility is created equal
Don’t forget to bring people into the loop
Remediation doesn’t scale with more visibility
Thanks to our podcast sponsor, GitGuardian
GitGuardian is a Code Security Platform that caters to the needs of the DevOps generation. It provides a wide range of code security solutions, including Secrets Detection, Infra as Code Security, and Honeytoken, all in one place. A leader in the market of secrets detection and remediation, its solutions are already used by hundreds of thousands of developers in all industries. Try now gitguardian.com
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our guest, Sasha Pereira, vp of infrastructure and CISO, WASH.
In this episode:
Is working the help desk a great place to get entry level cyber security skills?
So why is it so often overlooked or even looked down upon?
What kind of experience do you need?
What is the ideal path to break into the cybersecurity industry?
Thanks to our podcast sponsor, Push Security!
Prevent, detect and respond to identity attacks using Push Security’s browser agent. Enable Push’s out-of-the-box controls or integrate Push with your SIEM, XDR and SOAR.
Block phishing attacks, detect session hijacking and stop SSO passwords being exposed. Find out what else the Push browser agent can do at pushsecurity.com.
-
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our guest, Russ Ayers, svp of cyber & deputy CISO, Equifax.
In this episode:
Are we seeing AI and LLM rapidly push into what was science fiction into production?
What happens as our ability to generate realistic sound, video, and images opens the obvious door for indistinguishable fakes from the real thing?
How do we keep up as security professionals?
What are the security implications for this tech hitting the consumer market?
Thanks to our podcast sponsor, Sonrai Security
A one-click solution that removes excessive permissions and unused services, quarantines unused identities, and restricts specific regions within the cloud. Later, maintain this level of security by automatically enforcing policies as new accounts, roles, permissions, and services are added to your environment.
Start a free trial today! sonrai.co/ciso -
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Vivek Ramachandran, founder, SquareX.
In this episode:
Are secure web gateways still an effective tool in the enterprise?
As the browser has changed a lot in the last decade, are Secure Web Gateways - SWGs still keeping up?
Why is this a problem?
Does anyone have a better solution?
Thanks to our podcast sponsor, SquareX
SquareX helps organizations detect, mitigate and threat-hunt web attacks happening against their users in real-time, including but not limited to malicious sites, files, scripts, and networks.
Find out more at sqrx.com. -
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our guest Richard Stiennon, chief research analyst, IT-Harvest.
In this episode:
In this episode:
Why do so many vendors claim to offer zero-trust solutions?
Is that framework even applicable to some product categories?
Do your eyes roll when you hear "zero trust solution"?
What do most people think it is, and what’s the reality?
Thanks to our podcast sponsor, SquareX
SquareX helps organizations detect, mitigate and threat-hunt web attacks happening against their users in real-time, including but not limited to malicious sites, files, scripts, and networks.
Find out more at sqrx.com. -
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our sponsored guest, Sandy Bird, co-founder and CTO, Sonrai Security.
In this episode:
Why does scaling least privilege in the cloud remain challenging?
Is throwing more people at the problem feasible?
How are you managing it?
What aspects haven’t been considered?
Thanks to our podcast sponsor, Sonrai Security
A one-click solution that removes excessive permissions and unused services, quarantines unused identities, and restricts specific regions within the cloud. Later, maintain this level of security by automatically enforcing policies as new accounts, roles, permissions, and services are added to your environment.
Start a free trial today! sonrai.co/ciso - Vis mere
