CISO Series Podcast

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Jimmy Benoit, vp, cybersecurity, PBS.

In this episode:

• Starting early on security awareness
• The limits of gamification
• Technically qualified
• Understanding your risk tolerance

Thanks to our podcast sponsor, Bitdefender!

Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Amy-Steagall-Hess, CISO, Stanford University. Joining us is Michael Tran Duff, CISO, data privacy officer, Harvard University.

In this episode:

• Turning a mirror on zero trust
• Is AI coming for our jobs?
• Responding to skepticism about CISOs
• A CISO at the crossroads 

Thanks to our podcast sponsor, Vorlon Security and Wiz!

Vorlon helps organizations take back control of their data by providing continuous visibility of sensitive data shared via API across third-party applications. Know what data goes where, when, and how between third-party apps with external threat intelligence. Reduce the complexity of investigating and responding to third-party security incidents with Vorlon.

Wiz transforms cloud security for customers – including 40% of the Fortune 100 – by enabling a new operating model. Wiz CNAPP empowers security and development teams to build fast and securely by providing visibility into their cloud environments. With Wiz, organizations can prioritize risk and stay agile.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest Jadee Hanson, CISO, Vanta.

In this episode:

• Embracing BYOAI
• The changing government contractor landscape
• Creating better security outcomes
• Automating supply chain security

Thanks to our podcast sponsor, Vanta!

Say goodbye to spreadsheets and screenshots.

Vanta automates evidence collection needed for audits with over  350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across 30 frameworks, you’ll streamline compliance— and never duplicate your efforts.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Jason Shockey, CISO, Cenlar FSB.

In this episode:

• Ground the SOC in communication
• Training and mentoring talent
• Nailing a first security hire
• A case for optimism

Thanks to our podcast sponsor, Bitdefender!

Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Sasha Pereira, CISO, WASH. Joining us is Cyrus Tibbs, CISO, PennyMac. This episode was recorded live at ISSA-LA.

In this episode:

• Building the foundation for data minimization
• No-code needs to be no problem
• Seeking alignment in a SOC career
• MFA is not a cybersecurity panacea 

Thanks to our podcast sponsor, Nudge Security!

Get a full inventory of all SaaS accounts ever created by anyone in your org, in minutes, along with automated workflows to scale SaaS security and governance. No agents, browser plug-ins or network changes required. Start today with a free 14-day trial.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Jerich Beason, CISO, WM. Joining us is Teresa Tonthat, vp, associate CIO, Texas Children's Hospital. This episode was recorded live at HOU.SEC.CON.

In this episode:

• Connecting with the business  
• Keep the users in mind
• Ground security in reality
• Teach, don’t shame

Thanks to our podcast sponsor, Vorlon Security!

Vorlon helps organizations take back control of their data by providing continuous visibility of sensitive data shared via API across third-party applications. Know what data goes where, when, and how between third-party apps with external threat intelligence. Reduce the complexity of investigating and responding to third-party security incidents with Vorlon.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Eduardo Ortiz, vp, global head of cybersecurity, Techtronic Industries. Joining us is Adam Fletcher, CSO, Blackstone.

In this episode:

• Keeping our eyes on new risks
• The hiring disconnect
• Mental health in incident response
• Moving on from CrowdStrike

Thanks to our podcast sponsors, Fortra, Quadrant Information Security, and Savvy Security!

Fortra's Data Protection solutions protect sensitive data while keeping users productive. Our interlocking data loss prevention (DLP), data classification, and secure collaboration tools can be SaaS deployed or on-premises, and we offer managed services to extend your team and reduce risk. Visit www.fortra.com/solutions/data-security/data-protection for more information.

Quadrant Security is bad news for bad dudes. Quadrant’s XDR solution combines the best people, processes, and technology — managing your security so you can manage business operations. For a limited time, our analysts will provide your organization a free dark web report, detailing the data leaving you vulnerable. Learn more: quadrantsec.com/darkweb.

Despite significant investments in SSO, MFA, IGA, and PAM, organizations still face significant challenges in securing identities, particularly with SaaS apps. Savvy Security augments these tools with full app and identity visibility to discover and remediate shadow and shared accounts, misconfigured authentication, and weak, reused, or compromised credentials. Visit savvy.security/ciso-series to learn more.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Steve Person, CISO, Cambia Health.

In this episode:

• The changing CISO landscape
• Rethinking the cybersecurity talent shortage
• Sharpening your CISO skills
• Do CISOs need to go back to school?

Thanks to our podcast sponsor, Vanta!

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across SOC 2, ISO 27001, and more. Streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies use Vanta to manage risk and prove security.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is Stephen Harrison, CISO, MGM Resorts International.

In this episode:

• Understanding the AI attack surface
• Low code, low security?
• Chief information storytelling officer
• Finding the right partners

Thanks to our podcast sponsor, Vectra AI!

Vectra AI is the only extended detection and response (XDR) with AI-driven Attack Signal Intelligence. Vectra AI’s attack signal intelligence platform uses AI to find attacks on networks, identities, clouds and GenAI tools. Learn more at vectra.ai/showme.

All links and images for this episode can be found on CISO Series.

This week’s episode was recorded in front of a live audience in Seattle as part of the National Cybersecurity Alliance’s event Convene. Recording is hosted by me, David Spark (@dspark), producer of CISO Series and Nicole Ford, SVP and CISO, Nordstrom. Joining us is guest, Varsha Agrawal, head of information security, Prosper Marketplace.

In this episode:

• Who guards the AI guardrails?
• What should security awareness training look like?
• The authentication point of failure
• Uncommon sense

Thanks to our podcast sponsors, KnowBe4, Proofpoint, and Vanta!

KnowBe4's PhishER Plus is a lightweight SOAR platform that streamlines threat response for high-volume, potentially malicious emails reported by users. It automatically prioritizes messages, helping InfoSec and Security Operations teams quickly address the most critical threats, reducing inbox clutter and enhancing overall security efficiency.

Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber-attacks.

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across SOC 2, ISO 27001, and more. Streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies use Vanta to manage risk and prove security.