All links and images for this episode can be found on CISO Series

Yikes, this security hole one concerned student found in the school's network is going to require one heck of a pep rally to fix.

This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Dave Stirling, CISO, Zions Bancorporation.

Thanks to our podcast sponsor, Varonis

On average, an employee can access 17 million files on day one. Varonis will show you where critical data is vulnerable, detect anomalies, and automatically right-size privileges to get you to "Zero Trust." Their data security platform can test your ransomware readiness and show you where you stack up. Learn more at www.varonis.com/cisoseries.

In this episode:

• Should the CISO position be seen as an organization in itself?
• Is the current data loss prevention (DLP) model outdated?
• How can an MSSP show its value?
• What should a high school student do if they see that their school has horrible security practices?