All links and images for this episode can be found on CISO Series . It seems anything that's added to a business, like a new app or a third party vendor, just adds more risk. Risk definitely piles up faster than CISOs can reduce it. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Mike Johnson . Our guest is Kurt Sauer ( @kurtsauer ), CISO, DocuSign (when we recorded the show, Kurt was the vp of security for Workday). Thanks to our podcast sponsor, Stairw...
May 16, 2023•41 min
All links and images for this episode can be found on CISO Series . This show was recorded in front of a live audience in New York City! This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series, and a special guest host, Aaron Zollman , CISO & vp, platform engineering, Cedar . Our guest is Colin Ahern , chief cyber officer for the State of New York . Thanks to our podcast sponsor, OpenVPN, SlashNext & Votiro Take the cost and complexity out of secure networking with ...
May 09, 2023•46 min
All links and images for this episode can be found on CISO Series . Turns out cybersecurity professionals lie on their resumes . They add degrees and certifications they don't have. They omit degrees for fear of looking overqualified. And sometimes, they flat out invent jobs. But given the responses as to why people do it, it's because they're trying to get by the unnecessary barriers of cybersecurity hiring. Does that make the lying justified? This week’s episode is hosted by me, David Spark ( ...
May 02, 2023•38 min
All links and images for this episode can be found on CISO Series . Companies want to hire security professionals who know everything. Eager professionals who want all those skills are screaming please hire me and train me. But unlike the military which can turn a teenager into a soldier in 16 weeks, corporations in dire of cybersecurity help have little to no means to train. They're just hoping they'll show up perfect and ready to fight in a digital war. This week’s episode is hosted by me, Dav...
Apr 25, 2023•38 min
All links and images for this episode can be found on CISO Series . Given the ease of sharing data, our sensitive information is going more places that we want it. We have means to secure data, but you really can't do that if you don't know where your data actually is. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Andy Ellis ( @csoandy ), operating partner, YL Ventures . Our sponsored guest is Brian Vecci ( @BrianTheVecci ), field CTO, Varonis . Thanks...
Apr 18, 2023•37 min
All links and images for this episode can be found on CISO Series . No department is immune to budget cuts. When the budget cuts come in, where can security look first to save money? Mike Johnson said, "An expensive tool that doesn't mitigate risk should be at the top of the chopping block." This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Mike Johnson . Our sponsored guest is Almog Apirion ( @almogap ), CEO and cofounder, Cyolo . Thanks to our podcast sp...
Apr 11, 2023•35 min
All links and images for this episode can be found on CISO Series . Is chaos engineering the secret sauce to creating a resilient organization? Purposefully disrupt your architecture to allow for early discovery of weak points. Can we take it even further to company environment, beyond even a tabletop exercise? How far can we test our limits while still allowing the business to operate? This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Andy Ellis ( @csoand...
Apr 04, 2023•39 min
All links and images for this episode can be found on CISO Series . In order to get any work done we try to shut out all possible distractions. That includes messaging apps. But those people who want to connect become annoyed that they can't reach you. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Andy Ellis ( @csoandy ), operating partner, YL Ventures . Our guest is Howard Holton , CTO, GigaOm . Thanks to our podcast sponsor, Cyolo Too many critical a...
Mar 28, 2023•37 min
All links and images for this episode can be found on CISO Series . What happens to your team after the layoffs? Your overextended team now realizes they're going to have to pick up the slack for those who left. How do you shift responsibilities in such a situation? Does anything fall away? Because you can't still operate at the same level. How do you adjust while maintaining morale and not burning out those who are there? This week’s episode is hosted by me, David Spark ( @dspark ), producer of...
Mar 21, 2023•34 min
All links and images for this episode can be found on CISO Series . Future cybersecurity talent is frustrated. The industry demand for cybersecurity professionals is huge, but the openings for green cyber people eager to get into the field are few. They want professional training, and they want the hiring companies to provide the training. Problem is not enough companies have training programs in place and as a result they can only hire experienced cyber talent, shutting out those who want to ge...
Mar 14, 2023•39 min
All links and images for this episode can be found on CISO Series . I don't need another vendor to find my problems. Finding my problems has not been the issue. That's the easy part. Fixing them with the staff I have is definitely "the problem." Vulnerability management must include ways to remediate, quickly. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Mike Johnson . Our guest is John C. Underwood , vp, information security, Big 5 Sporting Goods . T...
Mar 07, 2023•37 min
All links and images for this episode can be found on CISO Series . It's pretty darn easy to just utter the words "we're 100% secure." Pulling that off seems universally impossible, but some organizations are adamant about certain types of safety so they aim for 100%. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Mike Johnson . Our sponsored guest is Yoav Regev ( @yoav_regev ), CEO, Sentra . Thanks to our podcast sponsor, Sentra Sentra’s Data Security ...
Feb 28, 2023•38 min
All links and images for this episode can be found on CISO Series . A CISO calls on security vendors to stop the spamming and cold calling. Are these annoyances the direct result the way salespeople are measured? Is that what drives the desperation and bad behavior? This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Andy Ellis ( @csoandy ), operating partner, YL Ventures . Our guest is Dmitriy Sokolovskiy , CISO, Avid . Thanks to our podcast sponsor, Varoni...
Feb 21, 2023•34 min
All links and images for this episode can be found on CISO Series . We are all very easily distracted, and adversaries know that. So they'll try any little trick to make us not pay attention, look away, or do what we're not supposed to do all in an effort to break our human defenses. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Andy Ellis ( @csoandy ), operating partner, YL Ventures . Our guest is Shaun Marion , CISO, McDonald's . Thanks to our podcas...
Feb 14, 2023•40 min
All links and images for this episode can be found on CISO Series . For those security practitioners who leave a job to go work for a security vendor, please stop calling it "going to the dark side." This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Mike Johnson . Our sponsored guest is Jason Mar-Tang , director of sales engineering, Pentera . Thanks to our podcast sponsor, Pentera Pentera is the category leader for Automated Security Validation, allowing ...
Feb 07, 2023•37 min
All links and images for this episode can be found on CISO Series . Tabletop exercises are critical procedures to learn how everyone will react during an actual attack. Panic is usually the first response, so why don't we do that when we're playing our pretend game of getting our business compromised by a nefarious hacker? This week's episode of CISO Series Podcast was recorded in front of a live audience in Clearwater, Florida for the Convene conference produced by the National Cybersecurity Al...
Jan 31, 2023•45 min
All links and images for this episode can be found on CISO Series . Everyone's favorite meeting is a short meeting. But does anyone want a fun or entertaining meeting? Or is that a bad idea? This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Mike Johnson. Our guest is Jeremy Embalabala , CISO, HUB International . Thanks to our podcast sponsor, SlashNext With today’s transition to hybrid working, phishing attacks are becoming more prevalent than ever. Mobile...
Jan 24, 2023•34 min
All links and images for this episode can be found on CISO Series . What happens when you want to adhere to more secure behavior, but the tool you're using forces you to be less secure, solely because they didn't architect in more stringent security when they created the program. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Mike Johnson . Our guest is Terrance Cooley , CISO, Air Force JADC2 R&D Center. Thanks to our podcast sponsor, Varonis Everyday, ...
Jan 17, 2023•34 min
All links and images for this episode can be found on CISO Series . There is a lot unknown before, during, and after a merger and that can make employees very susceptible to phishing attacks. But, at the same time, the due diligence that goes into an M&A can often open up signs of previous or active compromise, noted Rich Mason of Critical Infrastructure. What does a proposed merger do to a security program?" This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series a...
Jan 10, 2023•39 min
All links and images for this episode can be found on CISO Series . "Does anyone else feel like the security field is attracting a lot of low-quality people and hurting our reputation," asked a redditor on the cybersecurity subreddit who remembers a time when security personnel were seen as highly experienced technologists. But now they believe people view cybersecurity as an easy tech job to break into for easy money. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CIS...
Jan 03, 2023•40 min
All links and images for this episode can be found on CISO Series . It appears our security awareness training is working, up to a point. Most people are well aware of the need for secure passwords, but they don't actually create secure passwords. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Andy Ellis ( @csoandy ), operating partner, YL Ventures . Our sponsored guest is Patrick Harr , CEO, SlashNext . Thanks to our podcast sponsor, SlashNext With tod...
Dec 13, 2022•38 min
All links and images for this episode can be found on CISO Series . It appears we're not providing security awareness training fast enough. That's because hackers are specifically targeting brand new employees who don't yet know the company's procedures. Illicit hackers are discovering they're far easier to phish. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Mike Johnson . Our guest is Gene Spafford ( @therealspaf ), Professor, Purdue University . Gen...
Dec 06, 2022•39 min
All links and images for this episode can be found on CISO Series . That headline is not a joke. An actual job listing on LinkedIn requested just that. We're all hoping this was an error. Regardless, the community response to it was truly overwhelming, speaking much to the frustration of green and junior cybersecurity job seekers who are truly looking for entry level jobs. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Andy Ellis ( @csoandy ), operating...
Nov 29, 2022•39 min
All links and images for this episode can be found on CISO Series . CISOs and other security leaders have a lot of stress. But so do other C-level employees. Why does a CISO's stress seem that much more powerful? Is it that their job is still in constant development, or is the "C" in their name just in title, but not authority? This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Andy Ellis ( @csoandy ), operating partner, YL Ventures . Our guest is Aman Siro...
Nov 22, 2022•36 min
All links and images for this episode can be found on CISO Series . "The biggest threat to national security is that many of the most vital systems on the planet CURRENTLY run on outdated and insecure software," said Robert Slaughter of Defense Unicorns on LinkedIn. That's at the core of the third-party security issue. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Andy Ellis ( @csoandy ), operating partner, YL Ventures . Our sponsored guest is Richard ...
Nov 15, 2022•37 min
All links and images for this episode can be found on CISO Series Security leaders will often ask challenging or potentially gotcha questions as barometers to see if you can handle a specific job. They're looking not necessarily for a specific answer, but rather a kind of answer and they're also looking to make sure you don't answer the question a specific way. Don't get caught in the trap. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Andy Ellis ( @cs...
Nov 08, 2022•38 min
All links and images for this episode can be found on CISO Series If you know a difficult concept very well and you're incapable of explaining it simply to others who don't understand it, it's known as the "curse of knowledge." It is for this reason far too many talented cybersecurity professionals struggle to educate others. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Mike Johnson . Our guest is Okey Obudulu ( @okeyobudulu ), CISO, Skillsoft . Thank...
Nov 01, 2022•34 min
All links and images for this episode can be found on CISO Series CISOs say stress and burnout are their top personal risks. Breaches, increased regulations, and the tech talent shortage are all contributors to the stress. Sure would be nice for the CISO and the rest of the team to look at a chart that showed the CISO's stress level in real time. This week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and special guest co-host Shawn Bowen ( @SMbowen ), CISO, W...
Oct 25, 2022•42 min
All links and images for this episode can be found on CISO Series For some reason, the ABCs of sales ("Always Be Closing") in the world of cybersecurity sales has translated into "Always Be Creepy." Eagerness to make just a connection, forget closing, has turned into extremely forward approaches that would make anyone feel uncomfortable. This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and my guests will be Steve Tran, CSO, Democratic National Committee and M...
Oct 18, 2022•43 min
All links and images for this episode can be found on CISO Series After every breach, you hear the same mantra from the attacked company: "We take security and privacy seriously." It's lost all its meaning. But what if you truly ARE serious about how you handle security and privacy? Should you say "seriously" twice? This week’s episode is hosted by me, David Spark ( @dspark ), producer of CISO Series and Mike Johnson . Our guest is Geoff Belknap ( @geoffbelknap ), CISO, LinkedIn and co-host of D...
Oct 11, 2022•46 min
