エピソード

  • Luckily, We Haven’t Had to Adapt to Any New Technologies Before AI
    2024/11/05

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest Jadee Hanson, CISO, Vanta.

    In this episode:

    • Embracing BYOAI
    • The changing government contractor landscape
    • Creating better security outcomes
    • Automating supply chain security

    Thanks to our podcast sponsor, Vanta!

    Say goodbye to spreadsheets and screenshots.

    Vanta automates evidence collection needed for audits with over 350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across 30 frameworks, you’ll streamline compliance— and never duplicate your efforts.

    続きを読む 一部表示
    41 分
  • We Need to Hire a Unicorn But We Only Have Budget for a Donkey
    2024/10/29

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Jason Shockey, CISO, Cenlar FSB.

    In this episode:

    • Ground the SOC in communication
    • Training and mentoring talent
    • Nailing a first security hire
    • A case for optimism

    Thanks to our podcast sponsor, Bitdefender!

    Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services.

    続きを読む 一部表示
    35 分
  • Who Knows What Evil Lurks in the Heart of Low Code/No Code? (LIVE in Los Angeles)
    2024/10/22

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Sasha Pereira, CISO, WASH. Joining us is Cyrus Tibbs, CISO, PennyMac. This episode was recorded live at ISSA-LA.

    In this episode:

    • Building the foundation for data minimization
    • No-code needs to be no problem
    • Seeking alignment in a SOC career
    • MFA is not a cybersecurity panacea

    Thanks to our podcast sponsor, Nudge Security!

    Get a full inventory of all SaaS accounts ever created by anyone in your org, in minutes, along with automated workflows to scale SaaS security and governance. No agents, browser plug-ins or network changes required. Start today with a free 14-day trial.

    続きを読む 一部表示
    42 分
  • Once the Panic Subsides You’ll Appreciate This Phishing Test (LIVE in Houston, TX)
    2024/10/15

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Jerich Beason, CISO, WM. Joining us is Teresa Tonthat, vp, associate CIO, Texas Children's Hospital. This episode was recorded live at HOU.SEC.CON.

    In this episode:

    • Connecting with the business
    • Keep the users in mind
    • Ground security in reality
    • Teach, don’t shame

    Thanks to our podcast sponsor, Vorlon Security!

    Vorlon helps organizations take back control of their data by providing continuous visibility of sensitive data shared via API across third-party applications. Know what data goes where, when, and how between third-party apps with external threat intelligence. Reduce the complexity of investigating and responding to third-party security incidents with Vorlon.

    続きを読む 一部表示
    43 分
  • Does Burying Your Head in the Sand Count as a Security Posture? (LIVE in Boca Raton, FL)
    2024/10/08

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Eduardo Ortiz, vp, global head of cybersecurity, Techtronic Industries. Joining us is Adam Fletcher, CSO, Blackstone.

    In this episode:

    • Keeping our eyes on new risks
    • The hiring disconnect
    • Mental health in incident response
    • Moving on from CrowdStrike

    Thanks to our podcast sponsors, Fortra, Quadrant Information Security, and Savvy Security!

    Fortra's Data Protection solutions protect sensitive data while keeping users productive. Our interlocking data loss prevention (DLP), data classification, and secure collaboration tools can be SaaS deployed or on-premises, and we offer managed services to extend your team and reduce risk. Visit www.fortra.com/solutions/data-security/data-protection for more information.

    Quadrant Security is bad news for bad dudes. Quadrant’s XDR solution combines the best people, processes, and technology — managing your security so you can manage business operations. For a limited time, our analysts will provide your organization a free dark web report, detailing the data leaving you vulnerable. Learn more: quadrantsec.com/darkweb.

    Despite significant investments in SSO, MFA, IGA, and PAM, organizations still face significant challenges in securing identities, particularly with SaaS apps. Savvy Security augments these tools with full app and identity visibility to discover and remediate shadow and shared accounts, misconfigured authentication, and weak, reused, or compromised credentials. Visit savvy.security/ciso-series to learn more.

    続きを読む 一部表示
    46 分
  • We’re Lowering the Requirement for Entry Level to Just 8 Years of Experience
    2024/10/01

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Steve Person, CISO, Cambia Health.

    In this episode:

    • The changing CISO landscape
    • Rethinking the cybersecurity talent shortage
    • Sharpening your CISO skills
    • Do CISOs need to go back to school?

    Thanks to our podcast sponsor, Vanta!

    Whether you’re starting or scaling your security program, Vanta helps you automate compliance across SOC 2, ISO 27001, and more. Streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies use Vanta to manage risk and prove security.

    続きを読む 一部表示
    36 分
  • … And the Business Listened to the CISO and Everyone Lived Happily Ever After
    2024/09/24

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is Stephen Harrison, CISO, MGM Resorts International.

    In this episode:

    • Understanding the AI attack surface
    • Low code, low security?
    • Chief information storytelling officer
    • Finding the right partners

    Thanks to our podcast sponsor, Vectra AI!

    Vectra AI is the only extended detection and response (XDR) with AI-driven Attack Signal Intelligence. Vectra AI’s attack signal intelligence platform uses AI to find attacks on networks, identities, clouds and GenAI tools. Learn more at vectra.ai/showme.

    続きを読む 一部表示
    37 分
  • Our Guardrails Only Fail When You Try To Go Around Them (LIVE in Seattle)
    2024/09/17

    All links and images for this episode can be found on CISO Series.

    This week’s episode was recorded in front of a live audience in Seattle as part of the National Cybersecurity Alliance’s event Convene. Recording is hosted by me, David Spark (@dspark), producer of CISO Series and Nicole Ford, SVP and CISO, Nordstrom. Joining us is guest, Varsha Agrawal, head of information security, Prosper Marketplace.

    In this episode:

    • Who guards the AI guardrails?
    • What should security awareness training look like?
    • The authentication point of failure
    • Uncommon sense

    Thanks to our podcast sponsors, KnowBe4, Proofpoint, and Vanta!

    KnowBe4's PhishER Plus is a lightweight SOAR platform that streamlines threat response for high-volume, potentially malicious emails reported by users. It automatically prioritizes messages, helping InfoSec and Security Operations teams quickly address the most critical threats, reducing inbox clutter and enhancing overall security efficiency.

    Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber-attacks.

    Whether you’re starting or scaling your security program, Vanta helps you automate compliance across SOC 2, ISO 27001, and more. Streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies use Vanta to manage risk and prove security.

    続きを読む 一部表示
    45 分