Send us a text In this month's installment, Toni De La Fuente shares his journey into cybersecurity, detailing his early experiences with computers and his passion for hacking. He discusses the creation of Prowler , an open-source cloud security tool, and its differences from commercial solutions. The conversation explores cloud security challenges, the importance of open-source solutions, and the dynamics of scaling a startup. Toni also emphasizes the significance of passion in one's career and...
Jul 14, 2025•46 min•Season 5Ep. 6
Send us a text In this episode, Matt interviews Bel Lepe , CEO and co-founder of Cerby, discussing the challenges and opportunities in identity security. They explore the significance of disconnected applications, the impact of shadow IT, and the importance of automation and AI in enhancing security practices. Bel shares insights from his previous experience at Ooyala and the lessons learned in building Cerby, including the recent Series B funding and future plans for the company. Takeaways Disc...
May 29, 2025•34 min•Season 5Ep. 5
Send us a text In this conversation, Tammy Klotz discusses her journey as a leader and author, focusing on her book 'Leading with Empathy and Grace.' She shares insights on the importance of empathy, vulnerability, and authenticity in leadership and the challenges and rewards of writing a book. The discussion highlights the significance of acknowledging personal lives in the workplace and the foundational role of trust in professional relationships. If you are an aspiring leader in Cyber, this e...
Apr 22, 2025•46 min•Season 5Ep. 4
Send us a text In this conversation, MK Palmore shares insights from his diverse leadership journey, spanning the Marine Corps, FBI, and cybersecurity. He emphasizes the importance of a people-centered leadership approach, the balance between technical and leadership skills, and the significance of effective communication. MK reflects on his experiences, the impact of mentorship, and the lessons learned from both successes and failures in leadership roles. MK highlights the challenges in attract...
Mar 23, 2025•43 min•Season 5Ep. 3
Send us a text In this conversation, Lance Spitzner shares his unique journey from a military tank officer to a pioneer in cybersecurity, detailing the evolution of his career and the inception of the Honeynet Project . He emphasizes the importance of understanding the human element in security, advocating for a shift from mere security awareness to fostering a robust security culture within organizations. Spitzner discusses practical steps for security teams to enhance their approach, including...
Feb 23, 2025•46 min•Season 5Ep. 2
Send us a text In this conversation, Dr. Chase Cunningham , aka Dr. Zero Trust, shares his unique journey into the cybersecurity field, emphasizing the importance of purpose and self-care in a high-stress industry. He discusses the challenges of implementing zero trust strategies in organizations, the significance of understanding offensive tactics to enhance defensive measures, and the need for systemic change in national cybersecurity. Dr. Zero Trust also provides valuable advice for aspiring ...
Jan 20, 2025•36 min•Season 5Ep. 1
Send us a text In this conversation, Steve Martano discusses his journey from writing about baseball analytics to becoming a key player in cybersecurity executive search and strategy. He emphasizes the evolving role of CISOs, the importance of aligning with business objectives, and the need for strong leadership skills. The discussion also covers trends in CISO compensation, the mental health challenges faced by security leaders, and the significance of organizational culture in driving satisfac...
Dec 20, 2024•46 min•Season 4Ep. 14
Send us a text Nate Lee discusses his transition from a CISO role to fractional CISO work, emphasizing the importance of variety and exposure in his career. He delves into the rise of AI, particularly large language models (LLMs), and the associated security concerns, including prompt injection risks. Nate highlights the critical role of orchestrators in managing AI interactions and the need for security practitioners to adapt to the evolving landscape. He shares insights from his 20 years in cy...
Nov 20, 2024•47 min•Season 4Ep. 13
Send us a text Summary In this conversation, Chris Hetner discusses the evolving role of boards of directors in cybersecurity, emphasizing the need for improved communication and understanding of cyber risks. He highlights the challenges boards face in adapting to new SEC rules and the importance of leveraging AI responsibly. Hetner also shares insights on tools for quantifying cyber risk and prioritizing investments while advocating for continuous learning and proactive engagement with board me...
Oct 20, 2024•46 min•Season 4Ep. 12
Send us a text Meg Anderson , the CISO at Principal Financial Group , discusses her 17-year tenure as a CISO and the factors contributing to her long-term success. She attributes her longevity to her passion for the job and the opportunities for growth and development at Principal. Meg emphasizes the importance of understanding the business impact of cybersecurity and holding people accountable. She also highlights the significance of focusing on the basics of cybersecurity and not getting caugh...
Sep 22, 2024•43 min•Season 4Ep. 11
Send us a text Purav Desai is a Microsoft 365 incident responder at a large financial institution (name withheld to protect the innocent). He shares his journey and expertise in the field. He explains how his early exposure to Microsoft security solutions and their constant innovation led him to specialize in 365 security and incident response. He discusses the importance of mentors and influential figures in his career, highlighting the lessons he learned from them. He then dives into his popul...
Aug 20, 2024•55 min•Season 4Ep. 10
Send us a text This month, we welcome Eric Gagnon, Team Lead of Adversary Simulation, Purple Teaming, and Tradecraft Development at Desjardins. The conversation covers a wide range of topics related to cybersecurity, including purple teaming, red teaming, blue teaming, and Eric's journey in cybersecurity. Eric shares insights on certifications, threat hunting, cloud security, and the importance of knowledge exchange between red and blue teams. He also discusses the use of AI in cybersecurity and...
Jul 21, 2024•46 min•Season 4Ep. 9
Send us a text This month, we welcome Swathi Joshi, VP of SaaS Cloud Security at Oracle, to discuss key moments and decisions that shaped her career path, including rejections from Google and Twitter. She emphasizes the importance of learning from rejection and seeking feedback to improve. Swathi also shares insights on the role of mentors and advises on finding and working with mentors. In the second part of the conversation, she discusses building a SaaS security program as an enterprise consu...
Jun 23, 2024•51 min•Season 4Ep. 8
Send us a text Episode Summary On this episode, Sandy Bird, CTO and Co-Founder of Sonrai Security, joins the show to discuss identity security in the Cloud. Prior to Sonrai Security, Sandy co-founded Q1 Labs, which was acquired by IBM. He then became the CTO and helped IBM Security grow to $2B in revenue. Today, Sandy talks about his journey in cybersecurity and how to manage and eliminate dormant identities. Why should listeners be concerned about zombie identities? Hear about the permissions a...
Jun 03, 2024•40 min•Season 4Ep. 7
Send us a text Episode Summary Corey Elinburg, a cybersecurity leader, discusses the importance of approaching cybersecurity as a transformational force and empowering the business. He emphasizes the need to avoid draconian controls and adopt a mentality of finding solutions rather than saying no. Corey also shares insights on hiring security leaders and building relationships with vendors. He highlights the value of cloud-based security services in rapidly aligning IT with the business and shar...
May 20, 2024•44 min•Season 4Ep. 6
Send us a text Episode Summary On this episode, Global Head of InfoSec and GRC Strategy at VMWare, Ashish Suri, joins the show to discuss data security and AI. Ashish has over 20 years of experience in business transformation, cybersecurity, data privacy, and enterprise risk management. He has served in numerous roles, including Head for Data Risk, Privacy, and Cybersecurity at Apple, Head of Technology Process and Controls at PayPal, and Senior Director of Finance Internal Controls at Visa. Tod...
May 06, 2024•39 min•Season 4Ep. 5
Send us a text Episode Summary On this episode, CISO at Palo Alto Networks, Niall Browne, joins the show to talk about Security, Cloud, and AI. Before joining Palo Alto Networks, he served as the CSO of Cloud platforms for the past sixteen years, including as the CSO and CTO at Workday. Today, Niall talks about his journey starting in the early days of the Internet, his work during Palo Alto’s shift to Cloud and now AI, and how to keep track of risk with automation. How can teams do more with le...
Apr 22, 2024•51 min•Season 4Ep. 4
Send us a text Episode Summary In this episode, Jerich Beason, CISO at WM, joins the show to discuss becoming a CISO. Before joining WM, Jerich served in various roles at Lockheed Martin, RSA, Capital One, AECOM, and Deloitte. Jerich talks about how he tailored his roles throughout his career, learning communication soft skills and his passion for sharing with others. Hear about how AI affects leadership, how Jerich would change the cybersecurity industry, and the true value of vendors (it's pos...
Mar 20, 2024•43 min•Season 4Ep. 3
Send us a text Episode Summary On this episode, Co-Founder and CTO of Gutsy, John Morello, joins Matt to talk about Process Mining in Cybersecurity. Before co-founding Gutsy, John served as the CTO of Twistlock and VP of Product for Prisma Cloud. John holds multiple cybersecurity patents and is an author of NIST SP 800-190, the Container Security Guide. Before Twistlock, he was the CISO of an S&P 500 global chemical company. Before that, he spent 14 years at Microsoft, working on security te...
Feb 16, 2024•47 min•Season 4Ep. 2
Send us a text Episode Summary On this episode, Best Selling author of Cyber for Builders and blogger Ross Haleliuk joins the show to talk about his writing on the cybersecurity industry. Ross is active in the cybersecurity ecosystem as a startup advisor and angel investor, currently leading the VIS Angel Syndicate. He often writes about cybersecurity, security investment, growth, and building security startups on TechCrunch, in other leading industry media, and in his blog, Venture in Security,...
Jan 20, 2024•46 min•Season 4Ep. 1
Send us a text Episode Summary On this episode, InfoSec veteran, Aaron Turner, joins the show to talk about everything from Cloud to AI. Over the past three decades, Aaron has served as Security Strategist at Microsoft, Co-Founder and CEO of RFinity, Co-Founder and CEO of Terreo, VP of Security Products R&D at Verizon, Founder and CEO of Hotshot Technologies, Founder and CEO of Siriux, Faculty Member of IANS, Board Member at HighSide, President and Board Member of IntegriCell, and most recen...
Dec 20, 2023•52 min•Season 3Ep. 12
Send us a text Episode Summary In this episode, Special Advisor for Cyber Risk at the NACD, Christopher Hetner, returns to the show to discuss the new SEC cybersecurity rules. Chris has over 25 years of experience in cybersecurity, helping protect industries, infrastructures, and economies, serving in roles including as SVP of Information Security at Citi, Senior Cybersecurity Advisor to the Chairman of the US SEC, Executive Member of IANS, the National Board Director of the Society of Hispanic ...
Nov 20, 2023•46 min•Season 3Ep. 11
Send us a text Episode Summary In today’s episode, AI Safety Initiative Chair at Cloud Security Alliance, Caleb Sima, joins Matt to talk about some of the myths surrounding the quickly evolving world of AI. With two decades of experience in the cybersecurity industry, Caleb has held many high-level roles, including VP of Information Security at Databricks, CSO at Robinhood, Managing VP at CapitalOne, and Founder of both SPI Dynamics and Bluebox Security. Today, Caleb talks about his inspiring ca...
Oct 21, 2023•42 min•Season 3Ep. 10
Send us a text Episode Summary On today’s episode, Senior Advisor and Strategist at the Cybersecurity and Infrastructure Security Agency, Allan Friedman, joins Matt to discuss SBOMs. As Senior Advisor and Strategist at CISA, Allan coordinates the global cross-sector community efforts around software bill of materials (SBOM). He was previously the Director of Cybersecurity Initiatives at NTIA, leading pioneering work on vulnerability disclosure, SBOM, and other security topics. Before joining the...
Sep 21, 2023•50 min•Season 3Ep. 9
Send us a text Episode Summary In today’s episode, AppSec CTO at Palo Alto Networks, Daniel Krivelevich, joins Matt to talk about AppSec for the modern engineering ecosystem. Daniel is a Cybersecurity expert and problem solver with a proven track record from working with numerous enterprises across several different industries, with a focus on Application and Cloud Security. He has served in the Intelligence Corps of the IDF, 8200, as a Security Specialist at LivePerson, and as the Cloud & A...
Aug 21, 2023•50 min•Season 3Ep. 8
Send us a text On today’s episode, CSO at the Democratic National Committee, Steve Tran, joins Matt to talk about magic, AI, and cybersecurity. As the CSO for the DNC, Steve leads their IT, physical, and cybersecurity strategy. When not defending against dedicated adversaries, Steve can be found doing “off the cuffs” performances at the World-Famous Magic Castle in Hollywood. Today, Steve talks about how he incorporates magic into cybersecurity, his transition from law enforcement to cybersecuri...
Jul 21, 2023•53 min•Season 3Ep. 7
Send us a text Episode Summary On this episode, the Co-Founder and CEO of Endor Labs, Varun Badhwar, joins Matt to talk about software supply chain security. Varun has a proven track record of building and leading enterprise security companies across Product Strategy, Marketing, Technical Sales, and Customer Success functions. He serves as a Member of the Forbes Technology Council, a Board Member of Cowbell, a Board Advisor of ArmorCode, and the former Founder and CEO of RedLock. Today, Varun ta...
Jun 21, 2023•35 min•Season 3Ep. 6
Send us a text Episode Summary On this episode, AWS Security Practice Manager, Chad Lorenc, joins Matt to talk about Cloud Security. Chad has spent over 20 years building and implementing security programs for numerous organizations, ranging from global Fortune 500 infrastructure teams to billion-dollar financial institutions. He has previously served as Senior Infrastructure Security Architect at Keysight Technologies, President of Montana Chapter, and Information Security and Risk Management I...
May 21, 2023•47 min•Season 3Ep. 5
Send us a text On this episode, the Chief Security Officer of Cloud at Palo Alto Networks, Bob West, joins Matt to discuss Palo Alto Network's latest State of Cloud Native Security Report. Bob joined Palo Alto Networks after more than 20 years in leadership roles with banks, product companies, and professional services organizations. Before joining Palo Alto Networks, Bob served as managing partner at West Strategy Group, managing director in Deloitte’s cyber risk services practice, managing dir...
Apr 21, 2023•44 min•Season 3Ep. 4
Send us a text On this episode, the Founder of CISO Evolution LLC, Matthew Sharp, joins Matt to talk about his book, CISO Evolution. Prior to founding CISO Evolution LLC, Matt served as a strategic advisor to CISOs of Fortune 500 and global institutions. He holds a Bachelor of Science (BS) in Electrical and Computer Engineering from the University of Colorado and a Master of Business Administration (MBA) from Colorado State University. Matt is a co-author of "The CISO Evolution: Business Knowled...
Mar 21, 2023•43 min•Season 3Ep. 3
