The city of San Diego is a $4 billion business and it doesn’t shut down. As you’ll hear in this discussion between Gary Hayslip, the city’s CISO, and David Cass, Global CISO IBM Cloud and SaaS, San Diego is a smart city which is continuously rolling out new technologies to facilitate 'the business' while bolstering its security.

In this podcast, recorded during the RSA Conference, Hayslip talks about joining the city as its first CISO some three years ago and how he established a five-year-plan which leveraged established frameworks like the National Institute of Standards and Technology (NIST) to increase the security of the city and its 24 networks and 40 departments. The two also discuss ‘cloud first’ initiatives, resilient networks and the role of the CISO, which Hayslip provides practical guidance on with his book “A CISO Desk Reference Guide: A Practical Guide for CISOs.”

There has been an exponential adoption of Internet of Things (IoT) with experts predicting billions of IoT devices coming into use. And with the strategy more often than not being go to market and secure it later, enterprises are increasingly exposed to a variety of attacks.

As you’ll hear in this podcast with David Cass, Global CISO IBM Cloud and SaaS, and Len Rosenberg, ForeScout’s Commercial CTO and VP of Systems Engineering, the IoT is here to stay and security needs to be by design and not an afterthought. They also discuss what CISOs can do today to mitigate their exposure and what they should demand from IoT manufacturers.

With RSA around the corner and more security vendors than you can count, if you are a new CISO at the conference what should your game plan be? As you’ll hear in this podcast, the sheer number of interesting technologies at RSA can potentially overwhelm new CISOs.

David Cass, Global CISO IBM Cloud and SaaS, and Dr. Anton Chuvakin, research VP at Gartner’s Technical Professionals (GTP) Security and Risk Management Strategies team and a speaker at the RSA conference leading sessions on threat intelligence, discuss how RSA is a great place to talk to the vendors and their top product executives and see solutions up close. They also stress that people and process gaps and not a “particular box” are what needs to be addressed first.

Chuvakin first addresses today’s malware, box fatigue, and critical challenges and ways to think about threat vectors in 2017.

Tokenization is helping render data theft obsolete. Jason Witty, US Bancorp EVP and CISO, is in the midst of completing a multi-year tokenization integration project, for which his team won the recent ISE North America Project of the Year Award in the Financial Services category.

He discussed the many benefits of tokenization with David Cass, Global CISO IBM Cloud & SaaS, including fraud prevention and the reduction of risk and the attack surface. They discuss how it is a complex process, which is “simple” to implement but difficult to adopt. Witty also touches on the many unintended business benefits.

What specific things should companies look at when it comes to security monitoring in 2017? As you’ll hear in this podcast, a lot of the security problems facing organizations from the late 1990s and early 2000s have yet to be solved. David Cass, Global CISO IBM Cloud and SaaS, and Dr. Anton Chuvakin, research VP at Gartner’s Technical Professionals (GTP) Security and Risk Management Strategies team, discuss how security executives are still operationally challenged.

Chuvakin discusses how the technology landscape is changing but a lot of the challenges with the people themselves actually haven’t changed and the “old problems” haven’t been solved. In this podcast, he talks to Cass about the essential things organizations should be looking at, including newer technology like User Behavior Analytics (UBA) as well as Data Loss Prevention (DLP) solutions.

As you’ll hear in part two of the conversation between David Cass, Global CISO IBM Cloud and SaaS, and Chris Roberts, Acalvio Chief Security Architect, threat detection technology is allowing enterprises to identify intruders quickly. In this sponsored podcast you’ll hear how this burgeoning field of cybersecurity is helping enterprises protect their perimeters and internal infrastructure while shortening the time to discovery. ​

Ensuring continuous compliance while reducing complexity is essential to bolstering security for many organizations, in particular, those that process credit card data.

In this Tufin-sponsored podcast, IBM’s David Cass talks with Monext’s Laurent Klefstad, Leader for Systems, Network and Telecom, about automated security policy orchestration and how it allows the French company to save time and money by reducing the complexity of its networks and firewalls.

Klefstad explains how Monext’s implementation of the Tufin solution provided Monext continuous compliance and the ability to reduce its firewall rules, of which there were about 3,000, by upwards of 20 percent. He also talks ROI, staffing implications and business enablement.

It’s becoming an old adage: it isn’t a matter of if an attacker will infiltrate your network but when.” With that being the case and with research showing that attackers often reside on an enterprise’s network for many months doing reconnaissance and exfiltrating data before being identified, what are and can enterprises do? The use of autonomous threat deception technologies to identify an intruder once inside the network is being adopted by enterprises seeking preventive and proactive to technologies.

As you’ll hear in this conversation with David Cass, Global CISO IBM Cloud and SaaS CISO, and Chris Roberts, Acalvio Chief Security Architect there has been a significant evolution in threat detection technology to allow enterprises to identify intruders quickly. In this sponsored podcast you’ll hear how a new dynamic and smart approach to traditional honeypots is helping enterprises by allowing them to immediately detect lateral movement, shortening the time to discovery.

In this interview Matt Hollcraft, Maxim Integrated CISO, discusses common threat vectors – what is old and what is new – with Dan Schiappa, SVP & GM, Sophos Enduser Security Group. They talk about ransomware, the mobile workforce, Internet of things and hacking as a business.

In this sponsored podcast, you’ll also hear about approaches that enterprises can take to reduce threats, which are increasingly sophisticated and continuous.

In this conversation with Security Current podcast host David Cass, Global CISO IBM Cloud & SaaS, David Mahon, CenturyLink CSO, talks about the evolution of the CISO role.

A seasoned security executive, with experience reporting to boards-of-directors, Mahon also provides guidance on how to present to a board. He also gives recommendations to current and aspiring CISOs on how to advance their careers.