All links and images for this episode can be found on CISO Series . Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geoffbelknap ), CISO, LinkedIn . Joining us is our guest, Jerich Beason , CISO, WM . In this episode: Does generative AI come with a new set of risks? How can we address these risks to take advantage of its benefits? How do we approach a m...
Nov 30, 2023•33 min
All links and images for this episode can be found on CISO Series . Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geoffbelknap ), CISO, LinkedIn . Joining us is our sponsored guest, Himaja Motheram , Censys . In this episode: How can one create a security program around unknown problems? Don’t we know a lot of the things we lack visibility into that c...
Nov 16, 2023•30 min
All links and images for this episode can be found on CISO Series . Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Steve Zalewski . Joining us is our sponsored guest, Russell Spitler, CEO and co-founder, Nudge Security . In this episode: Are businesses walking a tightrope with generative AI? How can organizations implement generative AI responsibly? What can we learn f...
Nov 09, 2023•33 min
All links and images for this episode can be found on CISO Series . In increasingly complex technical defenses, threat actors frequently target the human element. This makes them a top attack vectors, but are they actually the weak leak in your defenses? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geoffbelknap ), CISO, LinkedIn . Joining us is our g...
Nov 02, 2023•31 min
All links and images for this episode can be found on CISO Series . We often talk about the contradiction of seemingly entry-level security jobs requiring years of experience. But maybe that's because entry-level jobs don't actually exist. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geoffbelknap ), CISO, LinkedIn . Joining us this week is our guest ...
Oct 26, 2023•31 min
All links and images for this episode can be found on CISO Series . The Securities and Exchange Commission issued new cyber rules. What do these new rules mean for CISOs and will they ultimately improve our cybersecurity posture? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Steve Zalewski . Joining us is our guest, Jamil Farshchi , CISO, Equifax . Thanks to our podca...
Oct 19, 2023•36 min
All links and images for this episode can be found on CISO Series . Are trade shows like RSA getting so big that there's not enough economic value for a CISO to attend? Or do these events have enough industry gravity to justify the spend? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geoffbelknap ), CISO, LinkedIn . Joining us is our special guest Lee...
Oct 12, 2023•30 min
All links and images for this episode can be found on CISO Series . Work from home flourished during the pandemic. Many workers love it and don't want to go back. Some organizations are pushing for a return to the office. Is in-office work necessary to improve productivity and cybersecurity posture? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geoffb...
Oct 05, 2023•31 min
All links and images for this episode can be found on CISO Series . Large language models and generative AI are today's disruptive technology. This is not the first time companies just want to ban a new technology that everyone loves. Yet, we're doing it all over again. Whether its ChatGPT or BYOD, people are going to use desirable new tech. So if our job isn't to stop it, how do we secure it? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-...
Sep 28, 2023•24 min
All links and images for this episode can be found on CISO Series . What do the people least in the know about cyber, want to know? What are they asking? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geoffbelknap ), CISO, LinkedIn . Joining us is our special guest, Caitlin Sarian , AKA cybersecuritygirl on TikTok. Thanks to our podcast sponsor, DataBe...
Sep 21, 2023•30 min
All links and images for this episode can be found on CISO Series . A security data lake, a data repository of everything you need to analyze and get analyzed sounds wonderful. But priming that lake, and stocking it with the data you want to get the insights you need is a more difficult task than it seems. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( ...
Sep 14, 2023•27 min
All links and images for this episode can be found on CISO Series . A threat intelligence program sounds like a sound effort in any security program. But, can you pull it off? There are so many phases to execute properly. Blow it with any one of them and your threat intelligence effort is moot. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Steve Zalewski . Joining us ...
Sep 07, 2023•34 min
All links and images for this episode can be found on CISO Series . When you have an incident and you're engulfed by the stress that lasts more than a day, how do you manage and deal with it? And not only how do you manage your stress, but how do you manage everyone else's? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geoffbelknap ), CISO, LinkedIn ....
Aug 31, 2023•41 min
All links and images for this episode can be found on CISO Series . We all know that our employees need to be more security aware, but what are the methods to get them there? How can we make our employees more security conscious? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Steve Zalewski . Joining us is our sponsored guest Jack Chapman , vp, threat intelligence, Egr...
Aug 24, 2023•32 min
All links and images for this episode can be found on CISO Series . Users have tried to upload sensitive company information and PII, personally identifiable information, into ChatGPT. Those who are successful getting the data in, have now made that data free to all. Will people's misuse of these generative AI programs be our greatest downfall to security and privacy? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ...
Aug 17, 2023•29 min
All links and images for this episode can be found on CISO Series . The demand for cybertalent is sky high. It's very competitive to get those people with skills. What if you were to train your staff and give them the skills you want? Essentially, what if you were to grow your own unicorn? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geoffbelknap ), ...
Aug 10, 2023•32 min
All links and images for this episode can be found on CISO Series . What are we doing to improve access management? Make it too loose and it's the number one way organizations get breached. Put on too many controls and now you've got irritated users just trying to do their job. How does each organization find their sweet spot? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series ,...
Aug 03, 2023•28 min
All links and images for this episode can be found on CISO Series . With the growth of business-led IT, does SaaS security need to be a specific focus in a CISO’s architectural strategy? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geoffbelknap ), CISO, LinkedIn . Our guest is Steve Zalewski who also hosts Defense in Depth . Thanks to our podcast spo...
Jul 27, 2023•31 min
All links and images for this episode can be found on CISO Series . When it comes to data, compliance, and reducing risk, where are we gaining control? Where are we losing control? And what are we doing about that? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Steve Zalewski . We welcome our sponsored guest Amer Deeba , CEO and Co-founder, Normalyze . Thanks to our po...
Jul 20, 2023•30 min
All links and images for this episode can be found on CISO Series . If you're struggling to get your first job in security or you're trying to get back into the industry after being laid off, you need to lean on your security community. But like networking, you should find it before you need it. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Steve Zalewski . Thanks to ...
Jul 13, 2023•30 min
All links and images for this episode can be found on CISO Series . What should a cyber job description require, and what shouldn't it? What's reasonable and not reasonable? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geoffbelknap ), CISO, LinkedIn . Our guest is Rob Duhart ( @robduhart ), deputy CISO, Walmart . Thanks to our podcast sponsor, Normal...
Jul 06, 2023•30 min
All links and images for this episode can be found on CISO Series . Since so much technology today is not launched by the IT department, but by business units themselves. How do security professionals engage with business and application owners and have a conversation about security policy and procedures? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @...
Jun 29, 2023•31 min
All links and images for this episode can be found on CISO Series . There are millions of cybersecurity jobs open. Over time, that number has just been growing. What we're doing now does not seem to be working. So what's it going to take to fill all these jobs quickly? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Steve Zalewski . Our guest is Rich Gautier , former CI...
Jun 22, 2023•30 min
All links and images for this episode can be found on CISO Series . How do you create a positive security culture? It's rarely the first concept anyone wants to embrace, yet it's important everyone understands their responsibility. So what do you do, and how do you overcome inevitable roadblocks? Check out this post and this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belkna...
Jun 15, 2023•31 min
All links and images for this episode can be found on CISO Series . All experienced security professionals were at one time very green. Entry level status means risk to your organization. That's if you give them too much access. What can you trust an entry level security professional to do that won't impose unnecessary risk? And how can those green professionals build trust to allow them to do more? Check out this post for the discussion that is the basis of our conversation on this week’s episo...
Jun 08, 2023•31 min
All links and images for this episode can be found on CISO Series . What do we need to do to fix our processes to truly reduce risk and vulnerabilities? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Steve Zalewski . Our sponsored guest is Amad Fida ( @brinqa ), CEO, Brinqa . Thanks to our podcast sponsor, Brinqa Understand your cyber assets, prioritize vulnerabilities...
Jun 01, 2023•29 min
All links and images for this episode can be found on CISO Series . Security professionals talk a lot about the reputational damage from breaches. And it seems logical, but major companies still do get breached and their reputation seems spared. What's the reality of what breaches can do to a company's reputation? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Be...
May 25, 2023•31 min
All links and images for this episode can be found on CISO Series . Do RFPs or request for proposals work as intended? It seems they're loaded with flaws yet for some organizations who must follow processes, they become necessary evils for both buyers and sellers. What can we do to improve the process? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Geoff Belknap ( @geo...
May 18, 2023•28 min
All links and images for this episode can be found on CISO Series . What are the moves we should be making in cloud to improve our security? What constitutes a good cloud security posture? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @dspark ), the producer of CISO Series , and Andy Ellis , operating partner, YL Ventures . We welcome our sponsored guest Yoav Alon , CTO, Orca Security . Thanks to our podcast spo...
May 11, 2023•31 min
All links and images for this episode can be found on CISO Series . One CISO has had enough of the security vendor marketing emails and cold sales calls. He's blocking them all. But it's not a call to avoid all salespeople. He just doesn't have the time to be a target anymore. So how should vendors engage with such a CISO? And does CISO represent most CISOs today? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark ( @d...
May 04, 2023•37 min
