All links and images for this episode can be found on CISO Series

If they can find flaws, security professionals are quick to label it as bad security behavior. But often, what is marked as "bad" may have problems, but when looked at from a reducing risk perspective it's actually a very good security behavior.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Carla Sweeney, vp information security, Red Ventures.

Thanks to our podcast sponsor, Protegrity

Protegrity empowers intelligence-driven organizations to use data to drive innovation with secure analytics and artificial intelligence, without fear of violating compliance or jeopardizing privacy. To make this vision a reality, we protect sensitive data anywhere and everywhere to create secure data agility that aligns with the speed of modern business.

In this episode:

• Is a CISO really an architect of choices, for themselves and the other business leaders?
• Why and how can controls impose friction or drag on business velocity?
• What are the types of questions you ask when you're referencing a resume and what are some examples of really impressive responses?
• What are some things that get a bad rap, but are actually quite secure?