Security Advisor Alliance Podcast

On Tuesday April 12th, The Identity Defined Security Alliance is sponsoring their second annual Identity Management Day. Julie Smith, Executive Director of the IDSA and Ravi Erukulla, Chairman of Identity Management Day join the Alliance Podcast on our "First Monday" series to talk about what the day entails and how professionals and students can engage in the conversation and talks. Identity Management Day, held the second Tuesday of April, is a global day of awareness to educate business leaders, IT decision makers, and the general public about the importance of managing and securing digital identities. A strategic partner of the Security Advisor Alliance, the IDSA is promoting best practices in Identity Management, and lessons for the next generation of "Identity Smart" professionals. https://www.idsalliance.org/identity-management-day-2022-overview-2/  

Daniel Desantis, Pam Lindemoan and Bruce Brody of Cisco Advisors join Alliance Executive Director Gary Latham and Program Director AJ Eads to discuss our new partnership. Cisco is working with the Alliance in 2021 and 2022 on challenges in workforce development and we are elated to bring on a partner with the experience and visibility of Cisco Secure. In this episode, we dive deeper into why the Alliance made sense for Cisco to partner with, each of the advisors backgrounds and some of the challenges we hope to solve in the coming years together.

Dan weeks, Chief Evangelist for Fullstack Academy joins Alliance Executive Director Gary Latham and Director of Programs AJ Eads for a conversation about our new partnership with Fullstack and the Advisory Board of Alliance members that will be guiding their curriculum development moving forward. Fullstack academy provides technical bootcamps for coding and cybersecurity.

Julie Smith, the Executive Director of the Identity Defined Security Alliance and Paul Lanzi, Co-Founder and COO of Remediant Security join Alliance Executive Director Gary Latham and host AJ Eads on the podcast to discuss Identity Management Day, on April 13, 2021. The Security Advisor Alliance believes in the mission of the IDSA, its various working groups and its commitment to helping the entire industry. Julie and Paul discuss what makes Identity Management so important in today's security organizations and across the business/government landscape. We also chat about the events on April 13, 2021 and how to get involved/promote the day.

Lukas Burzynski is one of those high school students that just wows you from the very start.  Lukas is a 4.65 student, a tutor, a volunteer and it seems, and all around good person. Lukas found out about cybersecurity through a Career Advanced Program Studies program and recently participated in a nationwide CTF with some United States Air Force Cyber officers. We speak with Lukas, Matt Evans and Devon Overstreet and we had a great conversation.  This young man will be a great recruit for many of our members. The Alliance is always looking for ways to welcome new talent into the industry and we would like to thank George Sconyers for his efforts in tackling the #talentgap. Thank you as well to CyberUp, the cyber non profit that helped organize the event!

Jitender Arora (Jit) is the Chief Information Security Officer for the UK in Deloitte.  The Alliance is elated that Jitender has accepted an offer to join our advisory board and in this conversation, we discuss Jit’s career path, his approach to building strong teams and his passion for giving back to the industry.   Jit is living the Alliance Mission every year by speaking at primary, secondary and university level schools to encourage others to pursue the career path.

Roger Hale, Chief Security Officer for BigID and long time supporter of the Alliance joins the podcast to preview an upcoming webinar, “Justifying Your Security Budget During Uncertain Times” Roger has great insight on what security organizations and enterprises should be thinking about during a wildly unpredictable time. We really enjoyed this conversation and we know you will to.

The Security Advisor Alliance is excited to announce the release of it's Cyber Futures Program, a virtual mentorship mobile app aimed at expanding the reach of our Converge Tour Program.    

Ann Johsnon, CVP of Cybersecurity Solutions Group at Microsoft and Ron Green, EVP and CSO at Mastercard join the Alliance Podcast to discuss the Cyber Talent Initiative.   This program brings together the private and public sectors of the United States and creates a direct pathway to employment in the information security industry. We discuss the #talentgap, its impact on both private and public sector jobs, who qualifies for the program, what kind of assistance is provided and much more. Ron and Ann both serve on the Alliance Board of Directors and prove just why global organizations like Microsoft and Mastercard chose them as leaders.

Brian Johnson is the CEO and co-founder at Divvycloud.  Brian chats with host AJ Eads about his career in cybersecurity, including his pathway into the industry though gaming.   We also talk about why Brian started Divvycloud, their core service offering and how they help companies innovate by better leveraging the cloud. This is a short conversation from the 2019 Executive Leadership Summit but a good one for business leaders who are struggling to understand security's role in innovation and competitive advantage.

Rick Howard is the Chief Security Officer for Palo Alto Networks.  He's a graduate of West Point Military Academy, a former Chief of the Army's Computer Emergency Response Team and a current member of the Alliance Board of Directors. Rick has been one of the most impactful members of the Alliance over the last two years, bringing invaluable advice, resources and talent to our efforts to close the #talentgap and grow executive development. We have a great conversation about Rick's job, how they help customers and why he's involved in the Alliance. Palo Alto Networks is our Title Sponsor at the 2019 Executive Leadership Summit and Rick will be speaking on "The State Of The Network Defender Community"

Neil Thacker, CISO for Netskope Cloud Security EMEA, and Mike Spain, Executive Director for NeuroCyberUK join the podcast for a conversation around our first Converge Tour event held in the UK, and how we can better understand neurodiversity advantages in our organizations.    

Dustin Wilcox, one of our favorite CISOs of all time, sits down to share the story of his career and some of his most valuable lessons learned along the way.   Dustin's career has spanned from the financial sector, the department of defense, smart grid energy and healthcare.   We talk through many of the evolutions of the industry and where Dustin thinks the future is going. Worth every minute!

Ryan Frillman, Director of Information Security and Compliance for Spire Energy Group, a major energy provider with locations all over the United States sits down with us to discus his career in cybersecurity and many of the resources he uses to develop his team, and protect our infrastructure. Ryan serves as the St. Louis Chapter President for the Alliance as well as an advisory board member, and the technology lead on our virtual capture the flag platform. This is a great interview with some incredible advice on protecting ones own personal networks and working with your kids to create safe learning environments.

Joey Smith, CISO for Schnuck Markets and host AJ Eads (Director of Communications, Alliance) talk about Joey's career pathway from entry level position through the ranks to his current CISO role. Joey provides some great insight into how his team works across business lines to train & motivate their nearly 15,000 employees across several states.   As a contributing member of our St. Louis chapter, Joey has attended multiple Cyber Security Converge Tour events and was kind enough to invite Schnuck Markets Chief Legal Council to our annual summit as a keynote.   I had a great time speaking with such a centered leader, this episode is definitely worth a listen.

Brandon Dunlap, Global CISO for Black & Veatch Joins Alliance Executive Director to discuss the talent gap in the information security industry and how to address it. Show Notes at https://www.securityadvisoralliance.org/category/podcast  

In Episode 34 of the Alliance Podcast, Mary Dickerson and John Godfrey of the University of Houston and Kansas University Medical Center weigh in on the challenges of educating the next generation of cyber security professionals. What is currently being done? What are the barriers preventing more students from entering the field? What are the biggest challenges Universities face with regards to Information Security? Join Host AJ Eads, Director of Communications for the Alliance along with two incredible guests to learn more about this fascinating topic and how two of our executive members are making an incredible difference.

Lewie Dunsworth of Optiv Security and former Director of Information Security at H&R Block joins Alliance Executive Director Clayton Pummill to discuss how he made the transition from IT to Security and the steps necessary to build a successful security program from the ground up. Lewie addresses how to find/create a security budget, how to communicate with LOB leaders to understand what assets need protection and some resources that new and established security leaders can access to further their expertise. Join the Alliance at www.securityadvisoralliance.org/join and check out recent updates and news at https://www.securityadvisoralliance.org/category/podcast/  The Security Advisor Alliance is a non profit founded and run by industry leading information security professionals with the missions of aligning our leaders, growing the space and giving back to local communities.  If you'd like more information on how to engage with us, follow the Alliance on LinkedIn at https://www.linkedin.com/company/security-advisor-alliance and follow us on twitter @saasecure  

Experts in the Information Security field chime in on the uses for Email tagging in their organizations and some best practices for implementation & adoption.  Episode #32 Topic: Email Tag Host: Clayton Pummill Guests: James Robinson - Director, Risk & Threat Management             Michael - Healthcare Information Security Leader  

CIO.com recently released their 2016 Trends that will dominate cyber security.  Two Alliance Members, Neil Thacker of ForcePoint and Raf Los from the Office of the CISO at Optiv Security weigh in on each topic. Neil Thacker - Information Security and Strategy Officer Raf Los - Managing Director, Solutions R&D 2016 Trends According to CIO.com The Unintended Consequences of State Intervention Big Data Leads to Big Problems Mobile Applications and the IOT Cyber Crime Causes the Perfect Threat Storm Skills Gap Becomes an Abyss for Information Security Also Mentioned in this episode: The Hard Things About the Hard Things - Ben Horowitz www.sans.org Cleaning Up After a Breach Post-Breach Impact: A Cost Compendium ENISA - Threat Landscape Full CIO Article Discussed in this Podcast Visit The Alliance for Past Episodes and More information at: www.securityadvisoralliance.org

The Alliance has been incredibly active following our 2015 Leadership Summit in Dallas Texas.   Our leadership team, along side our advisory board has been building and planning for 2016 and beyond.  The most exciting projects of note that we discuss in this episode are: New Website and Branded Collateral. Communications Platform RSA - We'll be onsite all week! 2016 Alliance Leadership Summit Date Released. The episode concludes with a short discussion on leadership and self improvement.   Host:  Clayton Pummill - Executive Director, Security Advisor Alliance Guest: A.J. - Director of Communications, Security Advisor Alliance

Episode 29 - Visibility.  The SAA podcast is guest hosted by Raf Los.  Raf is joined by SAA members Renee Guttmann (VP Information Risk @ Optiv), Dustin Wilcox (CISO @ Centene) and Arian Evans (VP Product Strategy @ RiskIQ).

Episode 28 - Insider Threat management.  The SAA is joined by Chris Ray (CISO @ Epsilon) and Neil Thacker (CISO @ Raytheon|Websense) to discuss key wins to manage Insider Threat in the US and EU.

Episode 27 - The OPM breach.  The SAA podcast is hosted by Clayton Pummill and joined by Robert Bigman (President @ 2BSecure and ex-CISO for CIA), Chris Ray (ex-CISO @ Epsilon) and Neil Thacker (CISO @ Raytheon|Websense) to discuss findings of OPM breach.

Episode 26 - Legislation, Privacy & Regulation.  The SAA podcast is hosted by Mr Clayton Pummill and joined by Dustin Wilcox (CISO @ Centene) and Daniel Farris (Shareholder @ Polsinelli) to discuss Legislation, Privacy & Regulatory landscapes.

Episode 25 - Skills shortage.  The SAA podcast is hosted by Mr Raf Los.  Raf is joined by Brian Wrozek (CSO @ Alliance Data) to discuss the current skills shortage and wins the InfoSec community can take on to help new recruits join the industry.

Episode 24 - 3rd-party Risk.  The SAA podcast is hosted by Mr Raf los.  Raf is joined by David Fairman (CISO @ Royal Bank of Canada) for a deep discussion on 3rd party business engagement, risk management and risk ranking when dealing with 3rd parties.

Episode 23 - KPIs and Metrics.  The SAA podcast is guest hosted by Mr Raf Los.  Raf is joined by SAA regular James Robinson, Ed Pagett (Board of Advisors @ eGRC.com) and Robb Reck (CISO @ Pulte Group) to discuss all things KPI and metrics.

Episode 22 - A review of IoT security.  The SAA is joined by Renee Guttmann (CSO @ Accuvant), Russ Dietz (CSO & GM @ GE Software) and Charlie Isaacs (CTO for customer connection @ Salesforce.com).

Episode 21 - A Security Program Essentials special hosted by Brian Engle.  Brian is joined by Phillip Beyer, Brian Wrozek and Joseph Krull.  Brian and guests discuss their roles within the Texas CISO Council and the Security Program Essentials scheme.

Episode 20 - A review of SCADA and ICS security.  The SAA is joined by Chris Sawall (Director Cyber @ Monsanto), Larry Whiteside (CISO @ LCRA) and Parrish Gunnels (CISO @ Celanese)

Episode 19 - A review of the fundamentals of InfoSec that some organisations continue to miss.  The SAA podcast team (James Christiansen and Jason Clark) are joined by Dustin Wilcox (CISO at Centene) and Mike Eisenberg (VP @ Accuvant) to discuss the

Episode 18 - part 2 - The evolution of the CSO role.  A review of the current role and how CEOs are looking to hire the right CSO for their company.  Feedback from SAA founders Brian Engle, John Johnson, Jason Clark and James Robinson.

Episode 18 - A great discussion on the recent news with NSS vs PAN, choosing technology from continuous requirements and a SAA update.  SAA is joined by Brian Engle (CISO for state of Texas), John Johnson (Global Security Strategist @ John Deere).

Episode 17 - SAA update.  A short podcast covering updates on the activity of the SAA founders one year on including the introduction of an SAA VIP Mary Quayle and an update on the recent SAA founders meeting in St. Louis with our missions explained.

Episode 16 - Healthcare special.  The SAA is joined again by Connie Barrera, Rob Winter and Tom August to discuss InfoSec in Healthcare including a discussion on HITECH/HIPAA, clinical risk, insider threat and education for employees.

Episode 15 - Healthcare special.  The SAA is joined by Connie Barrera, Rob Winter and Tom August to discuss InfoSec in Healthcare including a discussion on HITECH/HIPAA, clinical risk, insider threat and education for employees.

Episode 14 - Threat intel special.  The SAA is joined by Rick Holland and Stu Solomon to discuss all things threat intel.  The fundamentals alongside common fails and successes with using rich threat intel to help apply context to threats relevant to you.

Episode 13 - Threat intel special.  The SAA is joined by Rick Holland and Stu Solomon to discuss all things threat intel.  The fundamentals alongside common fails and successes with using rich threat intel to help apply context to threats relevant to you.

Episode 12 - Special guest is Randy Trzeciak, CERT Technical Manager at Carnegie Mellon University.  Randy offers some great insight into insider threat characteristics, mitigation advice and future research areas that CMU CERT are working towards.

Episode 11 - Special guest is Bruce Schneier.  A recap on incident response with bells.  An introduction to Co3 systems and the value of automation during the IR process.  Bruce also offers insight into his new book arriving in 2015.

Episode 10 - Special guest is Claus Houmann.  NSS Labs vs. FireEye in a BDS shootout, concern on XP armageddon, data protection legislation is a boardroom discussion and recommendations on incident response/recovery in 2014.

Episode 9 - RSA conference special.  Guests include Lamont Orange and Rick Holland.  A review of RSAC, the keynotes, important takeaways and expert insight from inside the innovation sandbox.

Episode 8 - NIST framework special.  Special guest includes Phil Agcaoili who is a security guru and key contributor to the newly released and very awesome NIST framework for improving critical infrastructure cybersecurity.

Episode 7 - We are back for 2014.  Special guests include James Christiansen (Accuvant) and John Johnson (John Deere).  We discuss the big Target data breach in detail and also our plans for RSA 2014.

Episode 6 - A 2014 prediction shake up special with our long awaited Q&A section. Mr Elliott Franklin joins us for a review of the predictions of 2014 alongside a response to questions from the SAA members.

Episode 5 - % of employees who would sell company data, are Security leaders leaving the enterprise and a zero-trust and threat intelligence extravaganza from Mr Rick Holland.

Episode 4 - Ransomware again hits headlines, price of data in the underground economy, review of pragmatic network security management and is cyber insurance hot...or not.

Episode 3 - A review of another Microsoft vuln, John McAfee for MS CEO, Cryptolocker becoming widespread.  Topics include micro-virtualisation effectiveness and why we all need a data scientist.

Episode 2 - Can't see the wood for the trees.  A review of the recent php.net compromise, critique of the new IBM CISO study and views on the proposed NIST framework.  James summarises threat modelling and why all orgs should do it.

Episode 1 - Introducing a new alliance.  The first in a series of podcasts aimed at security professionals.  Introducing the Alliance, news stories covering the Adobe breach and arrest of Paunch, Kotters 8 step plan for change and the Sourcefire aquisition.