All links and images can be found on CISO Series.

This week’s episode is hosted by me, David Spark, producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is our sponsored guest, Rob Allen, chief product officer, ThreatLocker.

In this episode:

• Large enterprise security demands drive vendor improvements
• Technical expertise becomes leadership liability without delegation
• EDR evolution needs prevention focus
• Career breaks require personal ownership and strategic timing

A huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

All links and images can be found on CISO Series.

This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Peter Clay, CISO, Aireon.

In this episode:

• Purple teaming evolution misses operational realities
• Effective postmortems require systematic failure analysis
• Risk expertise requires business context over methodology
• Compliance and resilience serve different purposes

Huge thanks to our sponsor, Safe Security

SAFE is reinventing Third-Party Risk Management with Agentic AI. Our AI Agents automate onboarding, assessments, and monitoring—giving security teams real-time visibility and zero-effort control across their vendor ecosystem. See why SAFE is the fastest-growing TPRM platform on the market at https://testdrive.safe.security/.

All links and images can be found on CISO Series.

This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis (@csoandy), principal, Duha. Joining us is our sponsored guest, Edward Wu, CEO and founder, Dropzone AI.

In this episode: 

• Building context-aware verification frameworks
• Understanding why UX fails
• Moving beyond AI replacement narratives
• Building for a crisis

A huge thanks to our sponsor, Dropzone AI

Dropzone AI autonomously investigates every security alert—no playbooks needed. This AI SOC analyst queries your CrowdStrike, Splunk, threat intel feeds, and 60+ other tools to build complete investigations in 5 minutes. Unlike black-box automation, it shows every query, finding, and decision. See it work yourself—explore the self-guided demo at dropzone.ai.

All links and images can be found on CISO Series.

This week’s episode is hosted by me, David Spark, producer of CISO Series and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Anthony Candeias, CISO, Weight Watchers.

In this episode:

• AI agents require structured supervision, not autonomy
• Hiring for potential over credentials in cybersecurity
• AppSec training effectiveness depends on organizational relevance
• AI oversight requires purpose-built models, not general solutions

A huge thanks to our sponsor, Vanta

Vanta’s Trust Management Platform helps 10k+ companies—like Atlassian, Quora, and Chili Piper—start and scale their security programs and build trust with buyers. Vanta saves security teams time and improves program visibility by automating 35+ compliance frameworks, such as SOC 2 and ISO 27001, and GRC workflows, like risk management. Get started at Vanta.com/CISO

All links and images can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is Anne Marie Zettlemoyer, former vp of security, Activision Blizzard.

In this episode

• SOC automation: Moving beyond alert fatigue
• The entry-level security talent reality
• Learning from security incidents without blame
• Evaluating security vendor viability and partnerships

A huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

All links and images can be found on CISO Series.

This week’s episode is hosted by me, David Spark, producer of CISO Series and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Ryan Bachman, executive vice president and CISO, GM Financial.

In this episode

• Identity consolidation versus simplification
• Entry-level pathways into cybersecurity
• Evolution of the CISO role toward business resilience
• Applying simplification principles to cybersecurity complexity

Huge thanks to our sponsor, Doppel

Doppel is the first social engineering defense platform built to dismantle deception at the source. It uses AI and infrastructure correlation to detect, link, and disrupt impersonation campaigns before they spread - protecting brands, executives, and employees while turning every threat into action that strengthens defenses across a shared intelligence network.

All links and images can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alex Hall, CISO, Gensler.

In this episode:

• Evaluating secure messaging beyond the app
• Reframing compliance as a business enabler
• Incremental security investment vs. crisis response
• Why culture, not punishment, drives secure behavior

Huge thanks to our sponsor, Vanta

Automate, centralize, & scale your GRC program with Vanta Vanta’s Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

 

All links and images can be found on CISO Series.

This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is our sponsored guest, Sam Curry, global vp, CISO at Zscaler. This episode was recorded at a Zscaler event in Boston, MA.

In this episode:

• Guardrails for decision making under fatigue
• Preparing for quantum threats
• Strategic use of generative AI
• Reassessing outdated knowledge

Huge thanks to our sponsor, Zscaler

Zscaler is a cloud-based cybersecurity company that provides secure internet access and private application access. Its platform replaces traditional network security by delivering Zero Trust architecture, protecting users, data, and applications regardless of location. Zscaler’s scalable services help organizations modernize IT and reduce risk with seamless, cloud-native security solutions.

All images and links can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alexandra Landegger, global head of cyber strategy & transformation, RTX.

In this episode:

• A cybersecurity fast-track?
• When Ambition Becomes a Liability
• Giving the CVE Program the Credit It Deserves
• Elevating human cyber talent with AI

Huge thanks to our sponsors, Nudge Security, SecurityScorecard, and Vanta Take control of SaaS security and AI governance with Nudge Security. Start a free trial today and get a full inventory of all SaaS and GenAI accounts in minutes along with risk insights and automation to help you quickly improve your security posture. Get started here: nudgesecurity.com/cisoseries  

Third-party risk doesn’t stop at monitoring. SecurityScorecard delivers real-time detection and response across your supply chain—helping you fix vulnerabilities before they become breaches. Empower your team with expert-driven remediation, continuous vendor oversight, and board-ready insights that drive results.

 

Automate, centralize, & scale your GRC program with Vanta Vanta’s Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

All links and images can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Tim Jacobs, vp, CISO, Commonwealth Care Alliance.

In this episode:

• Starting from zero
• Prepare for decisive decisions
• Working back from unacceptable
• Discovering inefficiencies 

A huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.