In this episode, Jeffrey Wheatman sits down with Paul Guckian , former BISO at Lloyd’s of London and author of Systemic Cyber Resilience: Why CISOs Can’t Fix Cybersecurity . They unpack why the traditional security model is broken, how systemic risk is the real enemy, and why putting the weight of an entire ecosystem on a single CISO sets everyone up for failure. From resilient thinking to lessons from fire safety and finance, Paul brings an academic lens—and a pragmatic mindset—to a critical co...
Jun 04, 2025•43 min•Ep. 91
Jeffrey Wheatman sits down with Cary Johnson, founder of Phishbusters Audit and Consulting, to expose the failures of traditional phishing simulations. They discuss why standard metrics fall short, how self-assessment distorts results, and what it really takes to track — and influence — behavioral change in security awareness programs.
May 28, 2025•32 min•Ep. 90
In this episode of Risk & Reels , Jeffrey Wheatman sits down with RJ Friedman, CEO of Dayone Cyber, to talk frameworks, risk, and leadership. RJ shares how his start in sales shaped his approach as a CISO, why CIS 18 remains his go-to, and how mapping frameworks to business goals makes all the difference. It's a sharp, honest look at what makes cybersecurity leadership actually work.
May 21, 2025•36 min•Ep. 89
In this episode of Risk & Reels , Jeffrey Wheatman sits down with Craig Taylor, CEO of CyberHoot, to talk about how small businesses are navigating the evolving world of cybersecurity compliance—especially the demanding standards of CMMC. From Apollo 13-style ingenuity to the unintended consequences of regulation, Craig shares a 30-year perspective rooted in psychology, education, and operational realism. Tune in for a conversation that covers limited resources, positive reinforcement, and w...
May 07, 2025•33 min•Ep. 88
In this episode, Jeffrey Wheatman sits down with Carter Schoenberg, Chief Security Officer at Soundway Consulting and author of Why Cybersecurity Fails in America . From his unexpected transition from homicide detective to cybersecurity leader, Carter shares hard-earned insights into the failures of our current cyber risk models—and how to fix them. They dive into cybercriminal collaboration, the stagnation of HR and hiring practices, and why security leaders need to learn to “speak CFO.”...
Apr 23, 2025•35 min•Ep. 87
Richie Lampani—self-proclaimed Chief Recruiter Dude—joins Jeffrey Wheatman to talk about the real state of hiring today. From music industry war stories to navigating post-pandemic expectations, Richie drops insights on transparency, mentorship, and why the “perfect candidate” is a myth. Candid, sharp, and unexpectedly hilarious.
Apr 16, 2025•36 min•Ep. 86
Jayson Street, Chief Adversarial Officer at Secure Yeti, returns to Risk and Reels for a no-holds-barred conversation on hacking human nature, creating teachable moments, and why kindness matters in cybersecurity. From robbing banks during celestial events to sneaky USB exploits involving hearing aids, Jayson shares stories that are as outrageous as they are enlightening. Plus: the power of the pause, avoiding blame culture, and how code words like “rutabaga” can save your family from scams....
Apr 09, 2025•42 min•Ep. 85
In this episode of Risk & Reels , host Jeffrey Wheatman sits down with Ed Gaudet, CEO and founder of Censinet, for an insightful conversation about entrepreneurship, product innovation, and the evolution of cybersecurity in healthcare. Ed shares the winding path that led him to founding Censinet, why listening to customers is a game-changer, and how authentic leadership and human connection have shaped his journey. The two also geek out over company origin stories in film—think Tucker , Blac...
Apr 02, 2025•32 min•Ep. 84
In this episode of Risk and Reels , host Jeffrey Wheatman welcomes security veteran and former NSA executive Don Boian for a wide-ranging conversation on intelligence, cybersecurity, and life on both sides of the public-private divide. Don reflects on his 30-year NSA career, shares myths about intelligence agencies, and explains how AI is shifting the balance for defenders. He also dives into his work as an expert witness, his boardroom insights, and how introverts can thrive in public speaking ...
Mar 26, 2025•34 min•Ep. 83
In this episode of Risk and Reels , host Jeffrey Wheatman sits down with seasoned cybersecurity leader Kimberly Trapani to discuss the evolving role of the CISO. With over 30 years in security, Kimberly shares insights from her career, emphasizing the importance of bridging the gap between business and technology. Drawing inspiration from Apollo 13 , likening a CISO’s role to mission control, she highlights navigating unexpected challenges with agility and confidence and shifting from a complian...
Mar 19, 2025•30 min•Ep. 82
In this episode of Risk and Reels , Jeffrey Wheatman (interviewing himself!) dives into the concept of the 'silent breach'—cybersecurity exposures that organizations don’t realize exist until it’s too late. He explores real-world examples of major supply chain vulnerabilities and the challenges of visibility in today’s digital ecosystem. Wheatman also discusses how organizations can improve risk assessment and response strategies to mitigate the cascading effects of hidden threats....
Mar 12, 2025•13 min•Ep. 81
In this episode (throwback to Black Hat 2024), Jeffrey talks to Munish Walther-Puri, Adjunct Fellow at NYU Center for Global Affairs. Jeffrey and Munish discuss exploring real-life challenges through fantasy and science fiction movies, allowing us to think through the more "uncomfortable" topics in a comfortable space. Have you heard of a "pirate unicorn?" Doubtful. Listen to episode 80 to find out.
Feb 26, 2025•27 min•Ep. 80
In this episode, Jeffrey talks to Dr. David Bray , PhD, who shares his extensive background in cybersecurity, national security and technology in the public sector. The conversation explores the accurate portrayal of cybersecurity in movies, the challenges of supply chain security, and the importance of deep hardware interrogation to ensure the integrity of technology. Dr. Bray emphasizes the need for proactive measures in cybersecurity and the significance of understanding the perception of rea...
Feb 19, 2025•36 min•Ep. 79
In this episode, Jeffrey talks to Steven Teppler , a partner at Mandelbaum Barrett and the lead of the firm's Privacy and Cybersecurity practice group. Steve is an ISACA-certified Certified Data Privacy Solutions Engineer (CDPSE) and the firm's chief cybersecurity legal officer. They discuss sci-fi movies and the intersection of cybersecurity and law — focusing on the evolving role of Chief Information Security Officers (CISOs) and the legal implications they face. They also explore the increasi...
Feb 12, 2025•32 min•Ep. 78
In this episode, Jeffrey talks to Lisa Plaggemier , Executive Director of the National Cybersecurity Alliance . They discuss their favorite movie-based educators, the importance of cybersecurity awareness, the challenges in measuring its effectiveness and the need for engaging educational content.
Feb 05, 2025•26 min•Ep. 77
Cybersecurity veterans see the industry through the lens of experience. But how do those visions align with the outlooks of up-and-coming cybersecurity pros? In this episode, Jeffrey talks to Nick Crabb , a senior at Florida Gulf Coast University majoring in computer information systems, focusing on cybersecurity. They discuss their favorite college movies, Nick's educational journey, the challenges of entering the field and AI's impact on future job prospects....
Jan 29, 2025•25 min•Ep. 76
In this episode, Jeffrey talks to Merritt Baer , CISO and advisory board member for Reco . Merritt also advises private businesses like Expanso , Andesite , Enkrypt AI and Level 6 Cybersecurity . She has a background in cybersecurity within the U.S. government and spent five years at AWS. Jeffrey and Merritt discuss their favorite fictitious world leaders, how the Trump administration may impact cybersecurity and the importance of public/private partnerships....
Jan 22, 2025•37 min•Ep. 75
In this episode, Jeffrey talks to Jessica Dapelo , a zero trust expert and founder of Jessica Dapelo Enterprises , a consulting firm specializing in cybersecurity guidance for public sector organizations and agencies. They discuss movies about the convergence of two worlds, the importance of understanding zero trust as a proactive cybersecurity methodology, the implications of ethical AI on data privacy and the need for organizations to be aware of their data storage and access permissions....
Jan 15, 2025•26 min•Ep. 74
In this episode, Jeffrey speaks with cybersecurity marketing extraordinaire Dani Woolf , co-founder of CyberSynapse and CEO/host of the Audience 1st podcast . They discuss movies where the main character rocks the status quo, the unique challenges of marketing in the cybersecurity space, the shortcomings of traditional analyst models and the importance of direct customer engagement. The conversation also touches on the necessity of collaboration within the cybersecurity community and the common ...
Jan 08, 2025•32 min•Ep. 73
In this episode, Jeffrey talks to Robert “RSnake” Hansen, Managing Director at Grossman Ventures. He’s also a computer hacker, executive and entrepreneur. He’s most well-known for his security research and disclosures such as Slowloris, Clickjacking, Fierce DNS enumeration tool and others. RSnake produces a wide range of security content including The RSnake Report newsletter, a podcast called The RSnake Show and a book entitled AI’s Best Friend . Jeffrey and Robert discuss movies where a main c...
Dec 18, 2024•46 min•Ep. 71
In this episode, Jeffrey Wheatman talks to Sandra Saliba , TPP Governance Manager at APS Bank. Jeffrey and Sandra dig into the Digital Operational Resilience Act (DORA), the implications of DORA for financial institutions, and the importance of managing third-party risk in the face of increasing cyber threats.
Dec 11, 2024•33 min•Ep. 70
In this episode, Jeffrey talks with Dave Ruiz — aka “CyberDAve” — cybersecurity leader for the Public Works Commission in Fayetteville, North Carolina. Dave is an Army veteran with over 20 years of experience in information assurance and security, governance risk and compliance and IT/OT Security. And he plays a mean guitar. Jeffrey and Dave discuss movies in which a mentor/mentee relationship is critical to the plot, how gatekeeping is detrimental to the future of cybersecurity and why genuine ...
Dec 04, 2024•32 min•Ep. 69
In this episode, Jeffrey talks to Edgar Jones , co-founder of Luminated in Thought — aka L.I.T. — an organization specializing in individual and group coaching for professionals. Edgar uses his background and lessons learned as a former NFL player to help professionals take on overwhelming situations and determine a clear path to breaking through complexity. He and Jeffrey discuss movies where a character exhibits leadership traits, navigating conflict via communication skills and how the best l...
Nov 27, 2024•32 min•Ep. 68
In this episode, Jeffrey talks to Dr. Dustin Sachs , Chief Technologist and Sr. Director of Programs at the CyberRisk Collaborative . They discuss movies in which a main character’s misunderstanding of a situation creates chaos, then dive into Dustin’s extensive scholarly research on bias and explore its impact on making sound cybersecurity decisions....
Nov 20, 2024•33 min•Ep. 67
In this episode, Jeffrey talks to Rock Lambros , founder and CEO of RockCyber . Along with coaching CISOs and serving as a vCISO, Rock is also a published thought leader, co-authoring the book, “ The CISO Evolution: Business Knowledge for Cybersecurity Executives .” Rock and Jeffrey talk about “little fish in a big pond” movies, the evolving landscape of cybersecurity for SMBs, transitioning from management to leadership in cybersecurity and the need for effective communication and collaboration...
Nov 13, 2024•30 min•Ep. 66
In this episode, Jeffrey talks to Mel Reyes , CEO of Elite Technical Concierge . Mel’s background is deep, with expertise in helping organizations build successful security programs with limited resources. He also heads a nonprofit organization, Fellowship of Digital Guardians that seeks to elevate awareness of IT, cybersecurity and compliance domains among individuals and organizations. Jeffrey and Mel discuss movies with unlikely heroes, the need for speed and agility in defense strategies and...
Nov 06, 2024•33 min•Ep. 65
In this episode, Jeffrey talks to Cindy Seipert , an InfoSec GRC analyst at Health Catalyst. They discuss movies that challenge our identity, Cindy’s unique career path from the military to the tech industry and her experiences as a woman in cybersecurity.
Oct 30, 2024•31 min•Ep. 64
In this episode, Jeffrey talks with Keren de Via , Go-to-Market Director at Cyturus Technologies. Keren has a deep cybersecurity background and was the first female Combat Communications and Cyber Defense Officer in the Israel Defense Forces. They discuss movies where a character experiences a perspective-shifting transformation, Keren’s transition from military to civilian life and the importance of overcoming imposter syndrome.
Oct 23, 2024•30 min•Ep. 63
In this episode, Jeffrey talks to Tanara Burke-Lloyd, SOC Analyst at Littler, the largest global employment and labor law practice. They discuss “fish out of water” movies, her inspiring journey into cybersecurity and the importance of mentorship, documentation and understanding the actual problems in cybersecurity.
Oct 16, 2024•28 min•Ep. 62
In this episode, Jeffrey talks to entrepreneur and four-time CISO Demetrios Lazarikos — aka Laz. Laz is the founder and IT security consultant of Blue Lava Consulting. They discuss why security salespeople should look for ways to solve problems instead of focusing solely on closing and how CISOs can better communicate to a wider audience.
Oct 09, 2024•27 min•Ep. 61
