Episoder

  • Why Are We Still Struggling to Fix Application Security?

    Why Are We Still Struggling to Fix Application Security?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Eric Gold, chief evangelist, BackSlash.

    In this episode:

    Start with the culture Moving AppSec to a higher level A strategy for security Maturing the basics

    Thanks to our sponsor, Backslash Security

    Backslash offers a new approach to application security by creating a digital twin of your application, modeled into an AI-enabled App Graph. It categorizes security findings by business process, filters “triggerable” vulnerabilities, and simulates the security impact of updates. Backslash dramatically improves AppSec efficiency, eliminating legacy SAST and SCA frustration.

  • What Can Someone with No Experience Do in Cybersecurity?

    What Can Someone with No Experience Do in Cybersecurity?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post from Jerich Beason, CISO at WM, for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Dan Walsh, CISO, Datavant. Joining us is Rinki Sethi, vp and CISO, BILL.

    In this episode:

    You need a solid foundation A lot depends on the role Underappreciated skills Structures and frameworks

    Huge thanks to our sponsor, Recorded Future

    Every day, security teams face an impossible challenge: sorting through millions of threats, each potentially critical. But somewhere in that noise are the signals you can't afford to miss. Recorded Future's gives you the power to outpace AI-driven threats through intelligence tuned specifically to your needs, enabling you to act with precision. Their advanced AI detects patterns human eyes might miss, while their experts provide context that machines alone cannot. Visit recordedfuture.com to learn more about securing what matters to your business.

  • Manglende episoder?

    Klik her for at forny feed.

  • Are New Gartner-Created Categories/Acronyms Helping or Hurting the Cybersecurity Industry?

    Are New Gartner-Created Categories/Acronyms Helping or Hurting the Cybersecurity Industry?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post from Caleb Sima of WhiteRabbit for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap. Joining us is Alex Hutton, CISO, Atlantic Union Bank.

    In this episode:

    The race to differentiate Don’t blame Gartner Simplifying is complicated Seeking connection

    Huge thanks to our sponsor, ThreatLocker

    ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

  • Can AI improve Third-Party Risk Management (TPRM)

    Can AI improve Third-Party Risk Management (TPRM)

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Jason Elrod, CISO, MultiCare Health System. Joining us is our sponsored guest, Nick Muy, CISO, Scrut Automation.

    In this episode:

    Supercharging teams Shifting to proactive A unique opportunity A human in the legal loop

    HUGE thanks to our sponsor, Scrut Automation

    Scrut Automation empowers compliance and risk teams of all sizes to build enterprise-grade security programs effortlessly. With powerful automation, AI-driven efficiencies, and seamless integrations, Scrut eliminates compliance debt and enables proactive risk management—helping your business stay secure as it scales. Visit www.scrut.io to learn more or schedule a demo.

  • Cybersecurity Is NOT an Entry-Level Position

    Cybersecurity Is NOT an Entry-Level Position

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post by Tallis Jordan of the U.S. Army Cyber Command for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is Montez Fitzpatrick, CISO, Navvis.

    In this episode:

    Start with foundations Learning to learn Don’t get hustled Building a pipeline

    HUGE thanks to our sponsor, Scrut Automation

    Scrut Automation empowers compliance and risk teams of all sizes to build enterprise-grade security programs effortlessly. With powerful automation, AI-driven efficiencies, and seamless integrations, Scrut eliminates compliance debt and enables proactive risk management—helping your business stay secure as it scales. Visit www.scrut.io to learn more or schedule a demo.

  • Hey Vendors, What Problem Is Your Product Solving?

    Hey Vendors, What Problem Is Your Product Solving?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post from Yaron Levi for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is Yaron Levi, CISO, Dolby.

    In this episode:

    A knowledge deficit Talk is cheap What’s the difference? Answer the preliminaries

    HUGE thanks to our sponsor, Scrut Automation

    Scrut Automation empowers compliance and risk teams of all sizes to build enterprise-grade security programs effortlessly. With powerful automation, AI-driven efficiencies, and seamless integrations, Scrut eliminates compliance debt and enables proactive risk management—helping your business stay secure as it scales. Visit www.scrut.io to learn more or schedule a demo.
  • We've Been Fooled. There Is No Talent Shortage.

    We've Been Fooled. There Is No Talent Shortage.

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post by Rachel Bicknell of Dell Technologies quoting Mic Merritt of Merritt Collective for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Jimmy Sanders, president, ISSA International. Joining them is Ngozi Eze, CISO, Levi Strauss.

    In this episode:

    Stop the unicorn hunt Job post inflation Structural misalignment We’ve got to do better

    Huge thanks to our sponsor, ThreatLocker

    ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

  • Is There an Increasing Consolidation of Vendors in the SOC?

    Is There an Increasing Consolidation of Vendors in the SOC?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Howard Holton, CTO, GigaOm. Joining us is Francis Odum, founder, Software Analyst Cybersecurity Research.

    In this episode:

    Rebalancing the SOC The case for consolidation It comes down to data Concentric cycles

    Thanks to our podcast sponsor, Palo Alto Networks

    Cortex Cloud, the next generation of Prisma Cloud, merges best-in-class CDR with industry-leading CNAPP for real-time cloud security. Harness the power of AI and automation to prioritize risks with runtime context, enable remediation at scale, and stop attacks as they occur. Bring together your cloud and SOC on the unified Cortex platform to transform end-to-end operations. Experience the future of real-time cloud security at https://www.paloaltonetworks.com/cortex/cloud.

  • Are CISOs Struggling to Get Respect?

    Are CISOs Struggling to Get Respect?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Lee Parrish, CISO, Newell Brands. Joining us is David Tyburski, vp of information security and CISO, Wynn Resorts.

    In this episode:

    CISOs need to stick around

    Culture forward

    CISOs need support

    This isn’t always about budget

    Thanks to our podcast sponsor, Palo Alto Networks!

    Cortex Cloud, the next generation of Prisma Cloud, merges best-in-class CDR with industry-leading CNAPP for real-time cloud security. Harness the power of AI and automation to prioritize risks with runtime context, enable remediation at scale, and stop attacks as they occur. Bring together your cloud and SOC on the unified Cortex platform to transform end-to-end operations. Experience the future of real-time cloud security at https://www.paloaltonetworks.com/cortex/cloud.

  • Is Platformization Vs Best-of-Breed a False Dichotomy?

    Is Platformization Vs Best-of-Breed a False Dichotomy?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Elad Koren, vp, product management, Cortex Cloud, Palo Alto Networks.

    In this episode:

    Context drives the decision A full-spectrum understanding Think practical The long play

    Thanks to our podcast sponsor, Palo Alto Networks

    Cortex Cloud, the next generation of Prisma Cloud, merges best-in-class CDR with industry-leading CNAPP for real-time cloud security. Harness the power of AI and automation to prioritize risks with runtime context, enable remediation at scale, and stop attacks as they occur. Bring together your cloud and SOC on the unified Cortex platform to transform end-to-end operations. Experience the future of real-time cloud security at https://www.paloaltonetworks.com/cortex/cloud.

  • Protecting Your Backups from Ransomware

    Protecting Your Backups from Ransomware

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and DJ Schleen, former distinguished security architect, Yahoo. Joining us is our sponsored guest Heath Renfrow, co-founder, Fenix24.

    In this episode:

    Get creative Shift the focus of backups Failing the test Moving beyond false hope

    Thanks to our podcast sponsor, Fenix24

    You’ve invested in cybersecurity, but can your business recover when it counts? The Securitas Summa program from the Conversant Group combines resistance, managed protection, and rapid recovery to minimize downtime and restore operations faster than anyone else. Resilience isn’t optional. Click to see how it works.

  • Can a Security Program Ever Reach Maintenance Mode?

    Can a Security Program Ever Reach Maintenance Mode?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Andrew Wilder, CISO, Vetcor.

    In this episode:

    It comes down to growth Maintenance mode is anything but simple An asymmetric arrangement Integrating with the business

    Thanks to our podcast sponsor, ThreatLocker

    ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

  • The Hardest Problems in Security Aren't

    The Hardest Problems in Security Aren't "Security Problems"

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us Sneha Parmar, information security officer, Lufthansa Group Digital Hangar.

    In this episode:

    Build the foundation Building at scale Excelling at boring Knowing what you’ve got is half the battle

    Thanks to our podcast sponsor, Fenix24

    You’ve invested in cybersecurity, but can your business recover when it counts? The Securitas Summa program from the Conversant Group combines resistance, managed protection, and rapid recovery to minimize downtime and restore operations faster than anyone else. Resilience isn’t optional. Click to see how it works.

  • If and When Should a CISO Have a Long Term Security Plan?

    If and When Should a CISO Have a Long Term Security Plan?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is Gaurav Kapil, CISO, Bread Financial.

    In this episode:

    It helps to have a vision The benefit of planning It’s never too early to start Don’t make rash decisions

    Thanks to our podcast sponsor, ThreatLocker

    ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

  • Do We Want CISOs Dictating How Salespeople Should Engage?

    Do We Want CISOs Dictating How Salespeople Should Engage?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post by Marc Ashworth, CISO at First Bank for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Shawn Bowen, vp, deputy CISO - Gaming, Microsoft. Joining us is Ken Athanasiou, CISO, VF Corporation.

    In this episode:

    Frustration is a two-way street Sales is data driven Give customers the tools they need Start a conversation

    Thanks to our podcast sponsor, Noma Security

    Secure your entire Data & AI Lifecycle—from development to production and classic data engineering to GenAI. Noma’s full-lifecycle platform delivers seamless protection against risks like misconfigured data pipelines, malicious models, and adversarial AI attacks, empowering AppSec teams with complete visibility, security, and compliance—without disrupting data and AI teams’ workflows.

  • Is AI Benefiting Attackers or Defenders?

    Is AI Benefiting Attackers or Defenders?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is our sponsored guest, Rob Allen, chief product officer, ThreatLocker.

    In this episode:

    The promise and perils of LLMs A boon for defenders Raising the bar Muddying the waters

    Thanks to our podcast sponsor, ThreatLocker

    ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

  • CISOs DO Own the Risk

    CISOs DO Own the Risk

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Ross Young, CISO-in-residence, Team8, and Jeroen Schipper, CISO, Gemeente Den Haag.

    In this episode:

    Creating authority Don’t reinvent the wheel Accountable for quality Make the distinction clear

    Thanks to our podcast sponsor, Fenix24

    You’ve invested in cybersecurity, but can your business recover when it counts? The Securitas Summa program from the Conversant Group combines resistance, managed protection, and rapid recovery to minimize downtime and restore operations faster than anyone else. Resilience isn’t optional. Click to see how it works.

  • How Can We Fix Alert Fatigue?

    How Can We Fix Alert Fatigue?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Itai Tevet, CEO, Intezer.

    In this episode:

    Build for what you can handle Rethinking alerts Building trust into your system Seeing the bigger picture

    Thanks to our podcast sponsor, Intezer

    Intezer’s AI-driven solution automates alert triage and investigations, cutting through the noise to highlight serious threats. By integrating with your security tools, it escalates only 4% of alerts for fast remediation, helping SOC teams focus on what matters. Learn more at intezer.com today!

  • Vulnerability Management ≠ Vulnerability Discovery

    Vulnerability Management ≠ Vulnerability Discovery

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is Yaron Levi, CISO, Dolby.

    In this episode:

    You can’t manage what you don’t know you have Vulnerability management doesn’t have an endpoint This is about tradeoffs A unique approach

    Thanks to our podcast sponsor, Intezer

    Intezer’s AI-driven solution automates alert triage and investigations, cutting through the noise to highlight serious threats. By integrating with your security tools, it escalates only 4% of alerts for fast remediation, helping SOC teams focus on what matters. Learn more at intezer.com today!

  • Are Security Awareness Training Platforms Effective?

    Are Security Awareness Training Platforms Effective?

    · Defense in Depth

    All links and images for this episode can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Dan Walsh, CISO, Paxos. Joining us is Sharon Milz, CISO, Time.

    In this episode:

    A vicious cycle Not all training is created equal Don’t forget the human factor We can still define success

    Thanks to our podcast sponsor, Intezer

    Intezer’s AI-driven solution automates alert triage and investigations, cutting through the noise to highlight serious threats. By integrating with your security tools, it escalates only 4% of alerts for fast remediation, helping SOC teams focus on what matters. Learn more at intezer.com today!

  • Vis mere