Podcasts about ciso

Are you ready to transform security from a roadblock to a strategic advantage? In this podcast hosted by Cassio Sampaio, Rippling Chief Information Security Officer Duncan Godfrey will be speaking on building secure products in the B2B SaaS world. Duncan shares insider insights on embedding security into product development, managing vulnerabilities, and creating a collaborative partnership between product and security teams that accelerates innovation without compromising protection.

Iranian-backed spearphishing campaign seeks out cybersecurity experts Microsoft fixes Outlook bug causing crashes when opening emails Glasgow City Council suffers cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bil Harmer, operating partner and CISO, Craft Ventures. Check out Bil's page, KillSwitchAdvisory. Thanks to our show sponsor, ThreatLocker Alert fatigue, false positives, analyst burnout—you know the drill. What if you could stop threats before they run? ThreatLocker gives CISOs what they've been asking for: real control at the execution layer. Only approved apps, scripts, and executables run. Period. Known-good is enforced. Everything else? Denied by default. Ringfencing and storage control keep even trusted tools in their lane—so PowerShell doesn't become a weapon. And yes—it works at scale. Granular policies. Fast rollout. Built for modern infrastructure. You don't need more alerts. You need fewer chances for malware to make a move. ThreatLocker helps you flip the model—from detect-and-respond… to deny-and-verify. Go to ThreatLocker.com/CISO to schedule your free demo and close the last gap in your Zero Trust strategy, before it's exploited. All links and the video of this episode can be found on CISO Series.com  

Charlamos con José Antonio Gómez Hernández, PhD, Responsable de Seguridad de la Información (CISO) de la Universidad de Granada. En esta entrevista, hablamos sobre la ciberseguridad en el ámbito universitario, explorando los desafíos a los que se enfrenta la comunidad universitaria en un entorno cada vez más digitalizado. Además, nos cuenta detalles de una reciente campaña de simulación de phishing que puso a prueba nuestra conciencia digital. Descubre qué medidas tomar para proteger tu información personal, cómo identificar correos sospechosos y qué pasos seguir si caemos en una trampa digital. ¡No te lo pierdas!--------------------------Radiolab, la radio universitaria de la Universidad de Granada, es un espacio de participación de la comunidad universitaria abierto a la ciudadanía. Nuestra universidad, como institución de aprendizaje está abierta al conocimiento y al debate. Desde su autonomía proporciona espacio para un debate libre y crítico, abierto a la pluralidad de voces y a la demandas de la sociedad dentro del marco de los derechos humanos y de los valores de nuestra institución. De este modo, constatamos que las opiniones vertidas en nuestros programas son exclusiva responsabilidad de quienes las emiten, sin representar un posicionamiento de la institución como tal. Defendemos la libertad de expresión y la comunicación en el espacio público como una forma de hacer ciudadanía y avanzar en el conocimiento. 

All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining is Hanan Szwarcbord, vp, CSO and head of infrastructure, Micron Technology. In this episode Embracing growth An urgent need for creativity Get the business context Embrace your inner theater kid Huge thanks to our sponsor, Query.ai Query is a Federated Search and Analytics platform that builds a security data mesh, giving security teams real-time context from all connected sources. Analysts move faster and make better decisions with AI agents and copilots that handle the grunt work and guide each step. Learn more at query.ai

In this episode of Security Matters, host David Puner sits down with Deepak Taneja, co-founder of Zilla Security and General Manager of Identity Governance at CyberArk, to explore why 2025 marks a pivotal moment for identity security. From the explosion of machine identities—now outnumbering human identities 80 to 1—to the convergence of IGA, PAM, and AI-driven automation, Deepak shares insights from his decades-long career at the forefront of identity innovation.Listeners will learn:Why legacy identity governance models are breaking under cloud scaleHow AI agents are reshaping entitlement management and threat detectionWhat organizations must do to secure non-human identities and interlinked dependenciesWhy time-to-value and outcome-driven metrics are essential for modern IGA successWhether you're a CISO, identity architect, or security strategist, this episode delivers actionable guidance for navigating the evolving identity security landscape.

Send us a textOn this week of Serious Privacy, Paul Breitbarth, Ralph O'Brien of Reinbo Consulting, and Dr. K Royal connect on a week in privacy - almost too much to cover, so it's a little long. Mainly we talk about the UK Data Use and Access Bill, the third extension of TikTok's required sale, Meta deploying ads to Whatsapp, and noyb suing two data protection authorities over delayed investigation and enforcement. Lastly, big shoutout to Alexander White in his new appointment as Queensland's new privacy commissioner. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

You're living in a time where science fiction is quickly becoming your reality. In this high-impact episode of Life of a CISO, Dr. Eric Cole breaks down the current state of cybersecurity—from nation-state attacks and massive password breaches to the hidden threats living on your mobile device. You'll hear Dr. Cole's unfiltered take on a breach that exposed billions of credentials, why changing your password isn't enough, and how an old app could be your biggest risk. Dr. Cole challenges you to see yourself not just as a security expert, but as a business leader with the power to make lives better. That mindset shift is everything. From the practical impact of multi-factor authentication to his radical but simple “delete an app a day” campaign, Dr. Cole shares tools you can implement right now. This episode isn't just about defense—it's about stepping up, thinking strategically, and leading the way forward.

NHS confirms patient death linked to ransomware attack BreachForums busted again Thousands of SaaS apps still vulnerable to nOAuth Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

Barbara O'Neill is the Global Chief Information Security Officer (CISO) at EY. In this episode, she joins host Kris Lovejoy, Global Security and Resilience Practice Leader at Kyndryl, to discuss what it means to be a CISO today, including key lessons learned for security leaders, how roles change as the threat landscape evolves, and more. As the global leader in IT infrastructure services, Kyndryl advances the mission-critical technology systems the world depends on every day. Collaborating with a vast network of partners and thousands of customers worldwide, Kyndryl's team of highly skilled experts develops innovative solutions that empower enterprises to achieve their digital transformation goals. Learn more about our sponsor at https://kyndryl.com.

In this episode of Re-Imagining Cyber, Rob Aragao (Chief Security Strategist, OpenText) revisits the impactful role of AI and AI governance in cybersecurity. Highlighting findings from a recent survey indicating that only 25% of CISOs believe their organizations have strong AI risk frameworks, Rob discusses the significance of AI in enhancing operational efficiency, security measures, and compliance efforts. Key themes include the strategic positioning of security practices, collaboration between security teams and product development, and the automation of threat detection and response. Rob also underscores the importance of trust and transparency in AI applications, along with the competitive advantages of efficient AI deployment. The episode aims to shed light on the early yet promising developments in AI governance and its potential business outcomes.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

Hackers target over 70 Microsoft Exchange servers to steal credentials via keyloggers Apple, Netflix, Microsoft sites ‘hacked' for tech support scams The 2022 initiative by Cloudflare, CrowdStrike and Ping Identity provided cybersecurity support to critical infrastructure sectors seen as potential targets of Russia-linked attacks Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

As cyber threats grow more sophisticated, federal agencies need security that can think on its feet.    This week on Feds At The Edge, we explore how agencies are evolving toward Zero Trust by implementing dynamic security—a flexible approach that adjusts access and authentication in real time based on context and behavior.      Justin Chin, Director of the Government Solutions Segment at Ping Identity, opens with a relatable example: when your bank flags suspicious login activity and adds a second layer of authentication. That adaptive friction is dynamic security in action.    Federal agencies face unique challenges based on their IT architectures. Paul Blahusch, CISO at Dept of Labor, explains how a centralized system allows broad, consistent policy enforcement. In contrast, Elizabeth Schweinsberg, Sr. Technical Advisor for CMS, shares how her agency's federated model requires a more tailored approach to dynamic security.    Tune in on your favorite podcast platform today for insights into the different paths agencies are taking, why enterprise structure matters, and how collaboration is key to building secure, adaptive systems that support the Zero Trust journey.          =  

Today, we'll talk about Azure Landing Zones, with insights from Microsoft's Jack Tracey. What are landing zones, to be more exact? We touch topics on application and platform landing zones, networking, architectures, infrastructure as code, and many others.(00:00) - Intro and catching up.(02:30) - Show content starts.Show links- Azure Landing Zones | Cloud Adoption Framework- Azure Landing Zone Accelerator- Azure Landing Zone Brownfield- Development environments- Give us feedback!

All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Ryan Bachman, executive vice president and CISO, GM Financial. In this episode Identity consolidation versus simplification Entry-level pathways into cybersecurity Evolution of the CISO role toward business resilience Applying simplification principles to cybersecurity complexity Huge thanks to our sponsor, Doppel Doppel is the first social engineering defense platform built to dismantle deception at the source. It uses AI and infrastructure correlation to detect, link, and disrupt impersonation campaigns before they spread - protecting brands, executives, and employees while turning every threat into action that strengthens defenses across a shared intelligence network.

Welcome to a special episode covering everything happening at the RSAC 2025. Meet Sameer Ahirrao, Founder & CEO of Ardent Privacy, with 25+ years of experience working with global giants like Deloitte, Lockheed Martin, and Symantec. Joining him is Nick Salian, CISO at Cantor Fitzgeraldic, and an AI regulation expert who's played key roles at Wipro and Palo Alto Networks. In this episode, we dive deep into how AI is transforming the cybersecurity landscape, the biggest trends at RSA 2025, and why AI governance solutions are the next big thing. We also break down the concept of Data Bill of Materials and how Ardent Privacy helps organizations protect critical data infrastructures—whether you're launching new software or safeguarding legacy IT. Sameer's reference in the interview • "AI Ethics by Design Is the Way Ahead to P...

Myke Lyons, CISO at Cribl, discusses cybersecurity in retail, especially in relation to the recent string of attacks against the sector.

DHS warns of retaliatory Iranian cyberattacks Steel giant Nucor confirms breach Ransomware hits healthcare system again Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

In this episode of Data Security Decoded, Allison Wikoff, a 20-year cybersecurity veteran and threat intelligence expert, cuts through the noise and identifies some unique threats within today's security landscape. From the surprising shift toward exploiting old vulnerabilities to the reality of AI-powered attacks, discover why the fundamentals of cybersecurity matter more than ever. Whether you're a CISO navigating supply chain risks or a security analyst trying to separate hype from reality, this episode delivers practical intelligence from someone who tracks threats for a living. • Understand why known vulnerabilities have become the dominant attack vector (even for criminal groups) • Learn to identify and manage third-party risks before they become ransomware nightmares • Discover the truth about AI attacks and why they're not as revolutionary as headlines suggest • Get actionable steps to strengthen your security posture without massive budget increases

How secure is your supply chain? With the recent swathe of supply chain cyber attacks on big name brands, now more than ever it's important to protect your supply chain. On this edition of Explain IT, we're talking about recent breaches and how that is affecting customers. We're also delving into the question of 'who are these threat actors?', and the impact on career goals. This episode is hosted by Ashleigh Baker, team leader in Softcat's Architecture Services and is joined by Softcat colleague Kieron Newsham, Cyber Security Chief Technologist. They welcome Jason Steer, CISO at Recorded Future to talk around various aspects of Supply Chain Breaches to talk over this complicated topic. Softcat's Explain IT podcast is the place where we discuss, debate and demystify tech in simple jargon free language.For more information visit softcat.comThis podcast is produced by The Podcast Coach. Hosted on Acast. See acast.com/privacy for more information.

Send us a textIn episode 242 of The Data Diva Talks Privacy Podcast, host Debbie Reynolds, “The Data Diva,” welcomes Karina Klever, CEO and CISO at Klever Compliance. Karina shares her extensive career journey through IT operations, project management, and compliance leadership to demystify what effective governance really means. She challenges the outdated practice of blindly following frameworks and checklists that do not reflect a company's actual business model or operational maturity. Karina introduces her pragmatic “Now, Next, Near, Never” methodology—a practical framework for prioritizing GRC (governance, risk, compliance) efforts based on relevance, applicability, and timing. She and Debbie unpack why so many organizations suffer from “compliance theater,” implementing policies they do not actually follow or understand. Karina explains the risks of orphaned controls, vague role descriptions, and overreliance on vendor templates that are misaligned with internal realities. She also stresses the importance of documentation, clarity in control language, and having a feedback loop for maturing compliance over time. This episode is a must-listen for organizations looking to move beyond checkbox audits and build scalable, operationally aligned governance structures that support real risk mitigation and long-term accountability.Support the show

Artificial intelligence has firmly established itself at the forefront of the cybersecurity agenda, creating both unprecedented opportunities and complex challenges for security leaders. In this eye-opening conversation with cybersecurity veteran Tim Sewell, we dive deep into the realities of implementing effective AI governance and security practices in today's rapidly evolving threat landscape.Tim shares invaluable insights on how AI has fundamentally transformed the cybersecurity domain, comparing this shift to the rise of desktop computing or cloud adoption. He cautions against the "wild west" approach to AI governance that many organizations have inadvertently embraced, where tools are deployed without proper oversight or awareness. Most concerning is his observation that AI is increasingly being integrated into existing business processes by vendors or partners without explicit notification, creating dangerous blind spots in security programs.The discussion reveals surprising developments in third-party risk management, where AI tools now handle everything from vendor questionnaires to SOC 2 report analysis. We explore the troubling reality of "AI sending questionnaires to AI that is responding to questionnaires," raising critical questions about trust and verification in our increasingly automated security ecosystem. Tim provides practical guidance for security teams on transparency in AI usage, particularly when making decisions that may later require justification in legal proceedings.Despite the focus on advanced AI capabilities, Tim emphasizes the continued importance of security fundamentals. He notes that sophisticated nation-state actors are increasingly targeting basic vulnerabilities like buffer overflows and cross-site scripting, especially in critical infrastructure with legacy technologies. For new security leaders, his advice is refreshingly straightforward: identify what you're protecting, assess existing controls, and practice your incident response.Listen now for essential insights on navigating the AI security landscape, from governance frameworks to practical implementation strategies that balance innovation with risk management. Whether you're a CISO looking to update your program or a security professional wanting to stay ahead of emerging threats, this episode delivers actionable knowledge for securing your organization in the age of artificial intelligence.

CMC officially points finger at Scattered Spider for Marks & Spencer and Co-op attacks Aflac investigating suspicious activity on its U.S. network Russian dairy producers suffer cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Please enjoy this encore of Career Notes. Jadee Hanson, CIO and CISO at Code 42, started her technology journey thanks to the help of a teacher in high school. She began college studying computer science and ended with a degree in computer information systems as it had more of the business side. Working in the private sector for companies such as Deloitte, Target and Code 42, Jadee gained experience and specialized in insider risk. She notes "utopia for me and my team is to get to a spot where the team is just firing on all cylinders and being really proactive about what's coming and what's changing." Jadee mentions she tries hard to do things that might scare her every day. For those interested in the field, especially young women, Jadee recommends they get involved and then stay curious. We thank Jadee for sharing her story with us.   Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Career Notes. Jadee Hanson, CIO and CISO at Code 42, started her technology journey thanks to the help of a teacher in high school. She began college studying computer science and ended with a degree in computer information systems as it had more of the business side. Working in the private sector for companies such as Deloitte, Target and Code 42, Jadee gained experience and specialized in insider risk. She notes "utopia for me and my team is to get to a spot where the team is just firing on all cylinders and being really proactive about what's coming and what's changing." Jadee mentions she tries hard to do things that might scare her every day. For those interested in the field, especially young women, Jadee recommends they get involved and then stay curious. We thank Jadee for sharing her story with us.   Learn more about your ad choices. Visit megaphone.fm/adchoices

Brian Haugli, CEO of SideChannel, discusses the critical distinction between security debt and technical debt, emphasizing that while technical debt is a common challenge for CIOs, security debt is a more specific issue that often arises in startups. He explains that startups frequently prioritize speed to market over security, leading to vulnerabilities that accumulate as they defer compliance and security measures. This accumulation of security debt can hinder their growth and create significant risks, as they may lack the necessary security practices and awareness when they eventually need to address these issues.Haugli highlights the role of managed service providers (MSPs) in helping their clients navigate these challenges. He argues that MSPs should not only provide technical support but also act as trusted advisors, guiding clients to understand the business implications of cybersecurity. By framing security as a means to unlock revenue and reduce friction in sales cycles, MSPs can help clients see the value in investing in cybersecurity measures. This approach positions MSPs as heroes in the eyes of their clients, as they provide essential business advice that can lead to increased revenue.The conversation also touches on the evolving role of virtual Chief Information Security Officers (vCISOs) in the cybersecurity landscape. Haugli asserts that the demand for vCISOs is growing, particularly as regulations increasingly require organizations to have dedicated cybersecurity leadership. He emphasizes that vCISOs offer a cost-effective solution for smaller businesses that cannot afford a full-time CISO, providing them with strategic guidance and expertise to build robust security programs.Finally, Haugli discusses the need for a national cybersecurity standard in the U.S. to address the patchwork of existing regulations. He argues that without enforceable standards, organizations will continue to struggle with compliance and security, leading to increased costs and confusion. By drawing parallels to other regulated industries, he advocates for greater accountability among software vendors and emphasizes the importance of compartmentalization in cybersecurity practices, which can help organizations mitigate risks and protect sensitive information. All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

S2E9: Building Your Personal CISO Brand Host: Frank Cutitta Guest: Lisa Gallagher, Cybersecurity Advisor, CHIME To stream our Station live 24/7 visit www.HealthcareNOWRadio.com or ask your Smart Device to “….Play Healthcare NOW Radio”. Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen

In this episode of The Cyber Threat Perspective, we break down the 7 critical questions every security leader should ask after a penetration test. A pentest isn't just about checking a box, it's an opportunity to assess your defenses, measure progress, and refine your strategy. We discuss how to go beyond the report, extract real value from the assessment, and ensure findings lead to meaningful action across your organization. Whether you're a CISO, IT director, or team lead, this episode will help you make every pentest count.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/mylinks Work with Us: https://securit360.com

People consistently overestimate their ability to predict whether a new product or feature will be a success. Instead of blithely going forward with a project that takes up lots of resources and yields minimal results, today’s guest says we should get our ideas into contact with external reality as quickly as possible, and maybe do... Read more »

This is part 1 of a 6-part series. Randy and I were recently invited to podcast on the floor of the CXO Forum Detroit 2025 Event at the beautiful Madison Loft. My guest host of the day was board member and CTO of Cabinetworks Group and host of the Great Security Debate, Erik Wille. We had a blast interviewing and having conversations with people like Martin Bally, CISO of The Campbell's Company, Galina Antova, Co-Founder of Kai, while taking tech from companies such as Black Kite, Prophet Security, Torq, and many others. We talked about the future of AI in security, what automation is heading toward, the vendor landscape in security, bad salespeople, and overall had an absolute blast. We ended the day talking with Tom Doane, who had a fascinating story about some projects has been involved with that is worth the listen alone. Enjoy the listen, and THANK YOU to CXO Forum for partnering with us to podcast at your event!

This is part 3 of a 6-part series. Randy and I were recently invited to podcast on the floor of the CXO Forum Detroit 2025 Event at the beautiful Madison Loft. My guest host of the day was board member and CTO of Cabinetworks Group and host of the Great Security Debate, Erik Wille. We had a blast interviewing and having conversations with people like Martin Bally, CISO of The Campbell's Company, Galina Antova, Co-Founder of Kai, while taking tech from companies such as Black Kite, Prophet Security, Torq, and many others. We talked about the future of AI in security, what automation is heading toward, the vendor landscape in security, bad salespeople, and overall had an absolute blast. We ended the day talking with Tom Doane, who had a fascinating story about some projects has been involved with that is worth the listen alone. Enjoy the listen, and THANK YOU to CXO Forum for partnering with us to podcast at your event!

This is part 4 of a 6-part series. Randy and I were recently invited to podcast on the floor of the CXO Forum Detroit 2025 Event at the beautiful Madison Loft. My guest host of the day was board member and CTO of Cabinetworks Group and host of the Great Security Debate, Erik Wille. We had a blast interviewing and having conversations with people like Martin Bally, CISO of The Campbell's Company, Galina Antova, Co-Founder of Kai, while taking tech from companies such as Black Kite, Prophet Security, Torq, and many others. We talked about the future of AI in security, what automation is heading toward, the vendor landscape in security, bad salespeople, and overall had an absolute blast. We ended the day talking with Tom Doane, who had a fascinating story about some projects has been involved with that is worth the listen alone. Enjoy the listen, and THANK YOU to CXO Forum for partnering with us to podcast at your event!

This is part 5 of a 6-part series. Randy and I were recently invited to podcast on the floor of the CXO Forum Detroit 2025 Event at the beautiful Madison Loft. My guest host of the day was board member and CTO of Cabinetworks Group and host of the Great Security Debate, Erik Wille. We had a blast interviewing and having conversations with people like Martin Bally, CISO of The Campbell's Company, Galina Antova, Co-Founder of Kai, while taking tech from companies such as Black Kite, Prophet Security, Torq, and many others. We talked about the future of AI in security, what automation is heading toward, the vendor landscape in security, bad salespeople, and overall had an absolute blast. We ended the day talking with Tom Doane, who had a fascinating story about some projects has been involved with that is worth the listen alone. Enjoy the listen, and THANK YOU to CXO Forum for partnering with us to podcast at your event!

This is part 6 of a 6-part series. Randy and I were recently invited to podcast on the floor of the CXO Forum Detroit 2025 Event at the beautiful Madison Loft. My guest host of the day was board member and CTO of Cabinetworks Group and host of the Great Security Debate, Erik Wille. We had a blast interviewing and having conversations with people like Martin Bally, CISO of The Campbell's Company, Galina Antova, Co-Founder of Kai, while taking tech from companies such as Black Kite, Prophet Security, Torq, and many others. We talked about the future of AI in security, what automation is heading toward, the vendor landscape in security, bad salespeople, and overall had an absolute blast. We ended the day talking with Tom Doane, who had a fascinating story about some projects has been involved with that is worth the listen alone. Enjoy the listen, and THANK YOU to CXO Forum for partnering with us to podcast at your event!

This is part 2 of a 6-part series. Randy and I were recently invited to podcast on the floor of the CXO Forum Detroit 2025 Event at the beautiful Madison Loft. My guest host of the day was board member and CTO of Cabinetworks Group and host of the Great Security Debate, Erik Wille. We had a blast interviewing and having conversations with people like Martin Bally, CISO of The Campbell's Company, Galina Antova, Co-Founder of Kai, while taking tech from companies such as Black Kite, Prophet Security, Torq, and many others. We talked about the future of AI in security, what automation is heading toward, the vendor landscape in security, bad salespeople, and overall had an absolute blast. We ended the day talking with Tom Doane, who had a fascinating story about some projects has been involved with that is worth the listen alone. Enjoy the listen, and THANK YOU to CXO Forum for partnering with us to podcast at your event!

People consistently overestimate their ability to predict whether a new product or feature will be a success. Instead of blithely going forward with a project that takes up lots of resources and yields minimal results, today’s guest says we should get our ideas into contact with external reality as quickly as possible, and maybe do... Read more »

Title: “These Aren't Soft Skills — They're Human Skills”A Post–Infosecurity Europe 2025 Conversation with Rob Black and Anthony D'AltonGuestsRob BlackUK Cyber Citizen of the Year 2024 | International Keynote Speaker | Master of Ceremonies | Cyber Leaders Challenge | Professor | Community Builder | Facilitator | Cyber Security | Cyber Deceptionhttps://www.linkedin.com/in/rob-black-30440819/Anthony D'AltonProduct marketing | brand | reputation for cybersecurity growthhttps://www.linkedin.com/in/anthonydalton/HostsSean Martin, Co-Founder at ITSPmagazineWebsite: https://www.seanmartin.comMarco Ciappelli, Co-Founder, CMO, and Creative Director at ITSPmagazineWebsite: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ Yes, Infosecurity Europe 2025 may be over, but the most important conversations are just getting started — and they're far from over. In this post-event follow-up, Marco Ciappelli reconnects from Florence with Rob Black and brings in Anthony D'Alton for a deep-dive into something we all talk about but rarely define clearly: so-called soft skills — or, as we prefer to call them… human skills.From storytelling to structured exercises, team communication to burnout prevention, this episode explores how communication, collaboration, and trust aren't just “nice to have” in cybersecurity — they're critical, measurable capabilities. Rob and Anthony share their experience designing real-world training environments where people — not just tools — are the difference-makers in effective incident response and security leadership.Whether you're a CISO, a SOC leader, or just tired of seeing tech get all the credit while humans carry the weight, this is a practical, honest conversation about building better teams — and redefining what really matters in cybersecurity today.If you still think “soft skills” are soft… you haven't been paying attention.⸻Keywords: Cybersecurity, Infosecurity Europe 2025, Soft Skills, Human Skills, Cyber Resilience, Cyber Training, Security Leadership, Incident Response, Teamwork, Storytelling in Cyber, Marco Ciappelli, Rob Black, Anthony Dalton, On Location, ITSPmagazine, Communication Skills, Cyber Crisis Simulation, RangeForce, Trust in Teams, Post Event Podcast, Security Culture___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

In the AI era, trust is everything and it's under attack. How do you build digital trust when AI is changing the rules and attackers are getting smarter? Discover how today's CISOs are stepping up, adapting to AI risks, and learning from history to protect our digital future. In this episode of the Fit4Privacy Podcast, host Punit Bhatia is joined by Nick Shevelyov, a cybersecurity expert with extensive experience as a CISO and Chief Privacy Officer, and author of Cyber War and Peace. The discussion focuses on the evolving challenges for Chief Information Security Officers (CISOs) in the age of AI, highlighting risks such as deep fakes and hyper-targeted attacks. Nick emphasizes the importance of translating technical risks into business risks for board members and discusses the implications of new AI legislation, particularly California's SB 468.  Tune in to gain insights into managing digital trust, safeguarding personal data, and the strategic initiatives needed to combat emerging cybersecurity threats.  KEY CONVERSION POINT 00:01:50 How would you define the concept of trust 00:05:26 How do you place trust? How are they shifting? What kind of swans? 00:09:06 How are CISO coping with the change of AI era? 00:20:01 Insights in CISO Perspective for US/California direction in law of terms 00:23:06 About “Cyber War…and Peace: Building Digital Trust Today, with History as our Guide” book 00:27:50 How to get in touch with Nick   ABOUT GUEST Nick Shevelyov helps build next-gen tech companies from the ideation stage. His work includes StackRox (Kubernetes security, acquired by Red Hat for $400M), Kodem (software composition analysis, Greylock Series A), Bedrock Security (data-loss prevention, Greylock Series A), and Laminar (shadow data discovery, Insight Ventures Series A).He advises founders and CEOs on product and go-to-market strategy, boosting time-to-value for companies like Pixee.ai, Quokka.io, Boostsecurity.io, and ETZ. He works across all stages, from seed to IPO.Nick consults with Insight Partners (also an LP) and FTV Capital, and serves on advisory boards for ForgePoint Capital, Mayfield Fund, Evolution Equity Partners, NightDragon, YL Ventures, and Glynn Capital.He is on the boards of Cofense | Phishme and the Bay Area CSO Council (BACC), an invite-only group of CISOs from leading Bay Area companies. A former CIO, he is also an honorary member of the Blumberg Technology Council.Nick authored Cyber War…and Peace and brings historical and behavioral insights to tech and risk management. He holds an Executive MBA from USF and certifications from Stanford, Harvard, plus CISSP, CISM, and CIPPE.ABOUT HOST Punit Bhatia is one of the leading privacy experts who works independently and has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organization culture with high privacy awareness and compliance as a business priority. Selectively, Punit is open to mentor and coach professionals.Punit is the author of books “Be Ready for GDPR” which was rated as the best GDPR Book, “AI & Privacy – How to Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured amongst top GDPR and privacy podcasts.As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one's value to have joy in life. He has developed the philosophy named ‘ABC for joy of life' which passionately shares. Punit is based out of Belgium, the heart of Europe.  RESOURCES Websites: www.fit4privacy.com,www.punitbhatia.com,https://www.linkedin.com/in/nicholasshevelyov/, https://vcso.ai/   Podcast https://www.fit4privacy.com/podcast Blog https://www.fit4privacy.com/blog YouTube http://youtube.com/fit4privacy   

In this episode, Amir sits down with Aaron Painter, CEO of Nametag, to explore how deepfakes and generative AI are reshaping identity security in the workplace. They discuss real-world attacks, such as the MGM breach, and how enterprises are responding with new technologies—from cryptographic identity verification to re-verification protocols. Aaron shares what companies are doing right, where they're vulnerable, and the role of identity in the future of enterprise security.

In this episode of Life of a CISO, Dr. Eric Cole welcomes a true cybersecurity trailblazer: Dan Lohrmann. With a career that spans the NSA, Lockheed Martin, the State of Michigan, and now Presidio, Dan brings a rare depth of experience in both government and the private sector. As the first Chief Security Officer for an entire U.S. state and now a Field CISO advising public sector clients across the country, Dan shares practical wisdom and compelling stories about navigating the evolving CISO landscape. Together, Dr. Cole and Dan explore what it takes to build lasting trust as a security leader, the importance of strengthening your personal brand, and how to overcome barriers when leadership resists public visibility. Dan emphasizes the power of public speaking, blogging, and storytelling—not just to elevate your own profile, but to position cybersecurity as a strategic business enabler. They also dive into the value of setting clear non-negotiables when evaluating job opportunities, the role of culture and leadership alignment in long-term success, and tactical advice for those trying to land their first CISO role. Whether you're in government, the private sector, or somewhere in between, this episode is a masterclass in influence, resilience, and leadership at the highest level.  

Segment description coming soon! This month BeyondTrust released it's 12th annual edition of the Microsoft Vulnerabilities Report. The report reveals a record-breaking year for Microsoft vulnerabilities, and helps organizations understand, identify, and address the risks within their Microsoft ecosystems. Segment Resources: Insights Security Assessment Tool: https://www.beyondtrust.com/products/identity-security-insights/assessment For a copy of the Microsoft Vulnerabilities Threat Report: https://www.beyondtrust.com/resources/whitepapers/microsoft-vulnerability-report Blog re: Report: https://www.beyondtrust.com/blog/entry/microsoft-vulnerabilities-report Stephan will discuss OpenText Core Threat Detection and Response, a new AI-powered solution designed to quickly spot and neutralize threats across an organization's attack surface without the need to overhaul existing security stacks. He will also provide insights into the most dangerous threats facing enterprises today along with practical steps to mitigate them. https://www.opentext.com/products/core-threat-detection-and-response https://www.prnewswire.com/news-releases/opentext-launches-next-generation-opentext-cybersecurity-cloud-with-ai-powered-threat-detection-and-response-capabilities-302381481.html This segment is sponsored by OpenText. Visit https://securityweekly.com/opentextrsac to learn more about them! This segment is sponsored by BeyondTrust. Visit https://securityweekly.com/beyondtrustrsac to for a copy of the Microsoft Vulnerabilities Threat Report! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-400

What if everything we've been doing in cybersecurity awareness training is not just outdated — but harmful?In this episode of Reimagining Cyber, Rob Aragao, Chief Security Strategist at OpenText, talks with Craig Taylor, co-founder and CISO at CyberHoot,  who makes a bold claim: punishment-based training is not only ineffective — it's counterproductive. Drawing from his background in psychology and years of cybersecurity leadership, Craig explains why we need to ditch outdated tactics and embrace positive reinforcement to reduce human risk.From the failure of fake phishing tests to real-world results from forward-thinking organizations, Craig reveals a smarter, more human-centered way to train. If you're tired of scare tactics and want a strategy that actually builds cyber resilience, this episode is your wake-up call.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

Segment description coming soon! This month BeyondTrust released it's 12th annual edition of the Microsoft Vulnerabilities Report. The report reveals a record-breaking year for Microsoft vulnerabilities, and helps organizations understand, identify, and address the risks within their Microsoft ecosystems. Segment Resources: Insights Security Assessment Tool: https://www.beyondtrust.com/products/identity-security-insights/assessment For a copy of the Microsoft Vulnerabilities Threat Report: https://www.beyondtrust.com/resources/whitepapers/microsoft-vulnerability-report Blog re: Report: https://www.beyondtrust.com/blog/entry/microsoft-vulnerabilities-report Stephan will discuss OpenText Core Threat Detection and Response, a new AI-powered solution designed to quickly spot and neutralize threats across an organization's attack surface without the need to overhaul existing security stacks. He will also provide insights into the most dangerous threats facing enterprises today along with practical steps to mitigate them. https://www.opentext.com/products/core-threat-detection-and-response https://www.prnewswire.com/news-releases/opentext-launches-next-generation-opentext-cybersecurity-cloud-with-ai-powered-threat-detection-and-response-capabilities-302381481.html This segment is sponsored by OpenText. Visit https://securityweekly.com/opentextrsac to learn more about them! This segment is sponsored by BeyondTrust. Visit https://securityweekly.com/beyondtrustrsac to for a copy of the Microsoft Vulnerabilities Threat Report! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-400

IT teams deal with technology lifecycle issues all the time–including Y2K, which enterprises across the world grappled with for years. The Epochalypse, or Year 2038 Problem, is similar. Specifically, some Linux systems' date-time counters will go from positive to negative at a specific date in 2038, potentially wreaking havoc on embedded systems and any other... Read more »

All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alex Hall, CISO, Gensler. In this episode: Evaluating secure messaging beyond the app Reframing compliance as a business enabler Incremental security investment vs. crisis response Why culture, not punishment, drives secure behavior Huge thanks to our sponsor, Vanta Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.  

Can you land a CISO role without the title, the connections, or the years of "required" experience? Yes and I did it in 90 days. This isn't luck. It's strategy. In today's episode, I walk you through the exact roadmap I used to go from rejected applications and zero C-level experience to signing my first CISO contract. In this episode, you'll learn why applying to 100 jobs won't get you the one you want, the mindset shift that separates leaders from job seekers, how to position your existing experience for the role you want, the resume tweak that landed me interviews (and eventually, the role), how to tell your story so hiring managers see you as leadership material, and the real reason who knows you matters more than what you know. If you're in cybersecurity, mid-career, and wondering how to make the leap to leadership, this video is your blueprint.Looking to become an influential and effective security leader? Don't know where to start or how to go about it? Follow Monica Verma (LinkedIn) and Monica Talks Cyber (Youtube) for more content on cybersecurity, technology, leadership and innovation, and 10x your career. Subscribe to The Monica Talks Cyber newsletter at https://www.monicatalkscyber.com.

Welcome back to Forcepoint's To the Point Cybersecurity podcast! In this episode, co-host Jonathan Knepher sits down with Petko Stoyanov—cybersecurity expert and former Forcepoint host—for a thought-provoking discussion about the evolving landscape of AI in cybersecurity. Together, they unpack the shifting trends seen at this year's RSA conference, exploring how artificial intelligence is moving from marketing buzzword to mission-critical security feature. Petko dives deep into the real-world impact of generative AI models, the increasing sophistication of both attackers and defenders, and the pressing need for “security by design” in today's fast-moving digital world. They discuss the new questions CISOs and CIOs should be asking about AI—like where models are hosted, what data they process, and how to manage risks in regulated industries. Petko shares eye-opening anecdotes about the potential for AI to accidentally leak sensitive data, the rise of targeted phishing in new languages powered by generative models, and why the CISO role is broader and more challenging than ever. The conversation also touches on the future of automation, the risk of deepfakes and disinformation, and how organizations can stay resilient in an era where the line between attacker and defender is increasingly blurred. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e337

IT teams deal with technology lifecycle issues all the time–including Y2K, which enterprises across the world grappled with for years. The Epochalypse, or Year 2038 Problem, is similar. Specifically, some Linux systems' date-time counters will go from positive to negative at a specific date in 2038, potentially wreaking havoc on embedded systems and any other... Read more »

SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the implications of JP Morgan's open letter to SaaS vendors, emphasizing the need for improved security practices in the software industry. They explore the challenges posed by the SaaS model, the importance of collaboration among security practitioners, and Microsoft's initiatives to enhance security. The conversation also highlights a new partnership between Microsoft and CrowdStrike aimed at standardizing threat intelligence naming conventions, showcasing the importance of teamwork in cybersecurity.----------------------------------------------------YouTube Video Link: https://youtu.be/EL0OfDiyQg0----------------------------------------------------Documentation:https://www.jpmorgan.com/technology/technology-blog/open-letter-to-our-suppliershttps://www.microsoft.com/en-us/security/blog/2025/06/02/announcing-a-new-strategic-collaboration-to-bring-clarity-to-threat-actor-naming/----------------------------------------------------Contact Us:Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpodYouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠----------------------------------------------------Adam BrewerTwitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewerLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss data encryption and how the process can help organizations across the globe. • For more on cybersecurity, visit us at https://cybersecurityventures.com