• Once You Show Me Your Diploma, I’ll Explain Why We Don’t Gatekeep
    Nov 19 2024

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Jimmy Benoit, vp, cybersecurity, PBS.

    In this episode:

    • Starting early on security awareness
    • The limits of gamification
    • Technically qualified
    • Understanding your risk tolerance

    Thanks to our podcast sponsor, Bitdefender!

    Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services.

    Show more Show less
    40 mins
  • Wait, We Can Prioritize Data Privacy Before an Incident? (LIVE at Stanford University)
    Nov 12 2024

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Amy-Steagall-Hess, CISO, Stanford University. Joining us is Michael Tran Duff, CISO, data privacy officer, Harvard University.

    In this episode:

    • Turning a mirror on zero trust
    • Is AI coming for our jobs?
    • Responding to skepticism about CISOs
    • A CISO at the crossroads

    Thanks to our podcast sponsor, Vorlon Security and Wiz!

    Vorlon helps organizations take back control of their data by providing continuous visibility of sensitive data shared via API across third-party applications. Know what data goes where, when, and how between third-party apps with external threat intelligence. Reduce the complexity of investigating and responding to third-party security incidents with Vorlon.

    Wiz transforms cloud security for customers – including 40% of the Fortune 100 – by enabling a new operating model. Wiz CNAPP empowers security and development teams to build fast and securely by providing visibility into their cloud environments. With Wiz, organizations can prioritize risk and stay agile.

    Show more Show less
    46 mins
  • Luckily, We Haven’t Had to Adapt to Any New Technologies Before AI
    Nov 5 2024

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest Jadee Hanson, CISO, Vanta.

    In this episode:

    • Embracing BYOAI
    • The changing government contractor landscape
    • Creating better security outcomes
    • Automating supply chain security

    Thanks to our podcast sponsor, Vanta!

    Say goodbye to spreadsheets and screenshots.

    Vanta automates evidence collection needed for audits with over 350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across 30 frameworks, you’ll streamline compliance— and never duplicate your efforts.

    Show more Show less
    41 mins
  • We Need to Hire a Unicorn But We Only Have Budget for a Donkey
    Oct 29 2024

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Jason Shockey, CISO, Cenlar FSB.

    In this episode:

    • Ground the SOC in communication
    • Training and mentoring talent
    • Nailing a first security hire
    • A case for optimism

    Thanks to our podcast sponsor, Bitdefender!

    Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services.

    Show more Show less
    35 mins
  • Who Knows What Evil Lurks in the Heart of Low Code/No Code? (LIVE in Los Angeles)
    Oct 22 2024

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Sasha Pereira, CISO, WASH. Joining us is Cyrus Tibbs, CISO, PennyMac. This episode was recorded live at ISSA-LA.

    In this episode:

    • Building the foundation for data minimization
    • No-code needs to be no problem
    • Seeking alignment in a SOC career
    • MFA is not a cybersecurity panacea

    Thanks to our podcast sponsor, Nudge Security!

    Get a full inventory of all SaaS accounts ever created by anyone in your org, in minutes, along with automated workflows to scale SaaS security and governance. No agents, browser plug-ins or network changes required. Start today with a free 14-day trial.

    Show more Show less
    42 mins
  • Once the Panic Subsides You’ll Appreciate This Phishing Test (LIVE in Houston, TX)
    Oct 15 2024

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Jerich Beason, CISO, WM. Joining us is Teresa Tonthat, vp, associate CIO, Texas Children's Hospital. This episode was recorded live at HOU.SEC.CON.

    In this episode:

    • Connecting with the business
    • Keep the users in mind
    • Ground security in reality
    • Teach, don’t shame

    Thanks to our podcast sponsor, Vorlon Security!

    Vorlon helps organizations take back control of their data by providing continuous visibility of sensitive data shared via API across third-party applications. Know what data goes where, when, and how between third-party apps with external threat intelligence. Reduce the complexity of investigating and responding to third-party security incidents with Vorlon.

    Show more Show less
    43 mins
  • Does Burying Your Head in the Sand Count as a Security Posture? (LIVE in Boca Raton, FL)
    Oct 8 2024

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Eduardo Ortiz, vp, global head of cybersecurity, Techtronic Industries. Joining us is Adam Fletcher, CSO, Blackstone.

    In this episode:

    • Keeping our eyes on new risks
    • The hiring disconnect
    • Mental health in incident response
    • Moving on from CrowdStrike

    Thanks to our podcast sponsors, Fortra, Quadrant Information Security, and Savvy Security!

    Fortra's Data Protection solutions protect sensitive data while keeping users productive. Our interlocking data loss prevention (DLP), data classification, and secure collaboration tools can be SaaS deployed or on-premises, and we offer managed services to extend your team and reduce risk. Visit www.fortra.com/solutions/data-security/data-protection for more information.

    Quadrant Security is bad news for bad dudes. Quadrant’s XDR solution combines the best people, processes, and technology — managing your security so you can manage business operations. For a limited time, our analysts will provide your organization a free dark web report, detailing the data leaving you vulnerable. Learn more: quadrantsec.com/darkweb.

    Despite significant investments in SSO, MFA, IGA, and PAM, organizations still face significant challenges in securing identities, particularly with SaaS apps. Savvy Security augments these tools with full app and identity visibility to discover and remediate shadow and shared accounts, misconfigured authentication, and weak, reused, or compromised credentials. Visit savvy.security/ciso-series to learn more.

    Show more Show less
    46 mins
  • We’re Lowering the Requirement for Entry Level to Just 8 Years of Experience
    Oct 1 2024

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Steve Person, CISO, Cambia Health.

    In this episode:

    • The changing CISO landscape
    • Rethinking the cybersecurity talent shortage
    • Sharpening your CISO skills
    • Do CISOs need to go back to school?

    Thanks to our podcast sponsor, Vanta!

    Whether you’re starting or scaling your security program, Vanta helps you automate compliance across SOC 2, ISO 27001, and more. Streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies use Vanta to manage risk and prove security.

    Show more Show less
    36 mins