エピソード

  • Once You Show Me Your Diploma, I’ll Explain Why We Don’t Gatekeep
    2024/11/19

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Jimmy Benoit, vp, cybersecurity, PBS.

    In this episode:

    • Starting early on security awareness
    • The limits of gamification
    • Technically qualified
    • Understanding your risk tolerance

    Thanks to our podcast sponsor, Bitdefender!

    Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services.

    続きを読む 一部表示
    40 分
  • Wait, We Can Prioritize Data Privacy Before an Incident? (LIVE at Stanford University)
    2024/11/12

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Amy-Steagall-Hess, CISO, Stanford University. Joining us is Michael Tran Duff, CISO, data privacy officer, Harvard University.

    In this episode:

    • Turning a mirror on zero trust
    • Is AI coming for our jobs?
    • Responding to skepticism about CISOs
    • A CISO at the crossroads

    Thanks to our podcast sponsor, Vorlon Security and Wiz!

    Vorlon helps organizations take back control of their data by providing continuous visibility of sensitive data shared via API across third-party applications. Know what data goes where, when, and how between third-party apps with external threat intelligence. Reduce the complexity of investigating and responding to third-party security incidents with Vorlon.

    Wiz transforms cloud security for customers – including 40% of the Fortune 100 – by enabling a new operating model. Wiz CNAPP empowers security and development teams to build fast and securely by providing visibility into their cloud environments. With Wiz, organizations can prioritize risk and stay agile.

    続きを読む 一部表示
    46 分
  • Luckily, We Haven’t Had to Adapt to Any New Technologies Before AI
    2024/11/05

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest Jadee Hanson, CISO, Vanta.

    In this episode:

    • Embracing BYOAI
    • The changing government contractor landscape
    • Creating better security outcomes
    • Automating supply chain security

    Thanks to our podcast sponsor, Vanta!

    Say goodbye to spreadsheets and screenshots.

    Vanta automates evidence collection needed for audits with over 350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across 30 frameworks, you’ll streamline compliance— and never duplicate your efforts.

    続きを読む 一部表示
    41 分
  • We Need to Hire a Unicorn But We Only Have Budget for a Donkey
    2024/10/29

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Jason Shockey, CISO, Cenlar FSB.

    In this episode:

    • Ground the SOC in communication
    • Training and mentoring talent
    • Nailing a first security hire
    • A case for optimism

    Thanks to our podcast sponsor, Bitdefender!

    Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services.

    続きを読む 一部表示
    35 分
  • Who Knows What Evil Lurks in the Heart of Low Code/No Code? (LIVE in Los Angeles)
    2024/10/22

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Sasha Pereira, CISO, WASH. Joining us is Cyrus Tibbs, CISO, PennyMac. This episode was recorded live at ISSA-LA.

    In this episode:

    • Building the foundation for data minimization
    • No-code needs to be no problem
    • Seeking alignment in a SOC career
    • MFA is not a cybersecurity panacea

    Thanks to our podcast sponsor, Nudge Security!

    Get a full inventory of all SaaS accounts ever created by anyone in your org, in minutes, along with automated workflows to scale SaaS security and governance. No agents, browser plug-ins or network changes required. Start today with a free 14-day trial.

    続きを読む 一部表示
    42 分
  • Once the Panic Subsides You’ll Appreciate This Phishing Test (LIVE in Houston, TX)
    2024/10/15

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Jerich Beason, CISO, WM. Joining us is Teresa Tonthat, vp, associate CIO, Texas Children's Hospital. This episode was recorded live at HOU.SEC.CON.

    In this episode:

    • Connecting with the business
    • Keep the users in mind
    • Ground security in reality
    • Teach, don’t shame

    Thanks to our podcast sponsor, Vorlon Security!

    Vorlon helps organizations take back control of their data by providing continuous visibility of sensitive data shared via API across third-party applications. Know what data goes where, when, and how between third-party apps with external threat intelligence. Reduce the complexity of investigating and responding to third-party security incidents with Vorlon.

    続きを読む 一部表示
    43 分
  • Does Burying Your Head in the Sand Count as a Security Posture? (LIVE in Boca Raton, FL)
    2024/10/08

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Eduardo Ortiz, vp, global head of cybersecurity, Techtronic Industries. Joining us is Adam Fletcher, CSO, Blackstone.

    In this episode:

    • Keeping our eyes on new risks
    • The hiring disconnect
    • Mental health in incident response
    • Moving on from CrowdStrike

    Thanks to our podcast sponsors, Fortra, Quadrant Information Security, and Savvy Security!

    Fortra's Data Protection solutions protect sensitive data while keeping users productive. Our interlocking data loss prevention (DLP), data classification, and secure collaboration tools can be SaaS deployed or on-premises, and we offer managed services to extend your team and reduce risk. Visit www.fortra.com/solutions/data-security/data-protection for more information.

    Quadrant Security is bad news for bad dudes. Quadrant’s XDR solution combines the best people, processes, and technology — managing your security so you can manage business operations. For a limited time, our analysts will provide your organization a free dark web report, detailing the data leaving you vulnerable. Learn more: quadrantsec.com/darkweb.

    Despite significant investments in SSO, MFA, IGA, and PAM, organizations still face significant challenges in securing identities, particularly with SaaS apps. Savvy Security augments these tools with full app and identity visibility to discover and remediate shadow and shared accounts, misconfigured authentication, and weak, reused, or compromised credentials. Visit savvy.security/ciso-series to learn more.

    続きを読む 一部表示
    46 分
  • We’re Lowering the Requirement for Entry Level to Just 8 Years of Experience
    2024/10/01

    All links and images for this episode can be found on CISO Series.

    This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Steve Person, CISO, Cambia Health.

    In this episode:

    • The changing CISO landscape
    • Rethinking the cybersecurity talent shortage
    • Sharpening your CISO skills
    • Do CISOs need to go back to school?

    Thanks to our podcast sponsor, Vanta!

    Whether you’re starting or scaling your security program, Vanta helps you automate compliance across SOC 2, ISO 27001, and more. Streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies use Vanta to manage risk and prove security.

    続きを読む 一部表示
    36 分