Podcasts about ciso

  • 1,434PODCASTS
  • 12,204EPISODES
  • 36mAVG DURATION
  • 2DAILY NEW EPISODES
  • Jun 26, 2026LATEST

POPULARITY

20192020202120222023202420252026

Categories




Best podcasts about ciso

Show all podcasts related to ciso

Latest podcast episodes about ciso

The CyberWire
Factory reset required.

The CyberWire

Play Episode Listen Later Jun 26, 2026 25:13


Tata Electronics and Bajaj Auto continue recovery from cyberattacks. FCC tightens undersea cable rules to bolster national security. CISA warns of actively exploited PTC vulnerability. Gamaredon expands toolkit, hides behind legitimate services. Iran-linked hackers turn public warning systems into psychological weapons. Threat actors target critical infrastructure across Southeast Asia. DCloud framework behind global scam economy. Polish police disrupt SIM-swapping gang. French statistics agency reports cyberattack affecting nearly 13,000 staff. Our guest is Michael Fanning, CISO at Splunk, discussing how AI doesn't create problems, it exposes them. And an open-book exam for hackers. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Michael Fanning, CISO at Splunk, discussing how AI doesn't create problems, it exposes them. Selected Reading Apple supplier Tata tightens internal controls after data breach, sources say (Reuters)  Bajaj Auto resumes normal operations as cyberattack probe continues (Storyboard18)  FCC passes new cybersecurity rules for emergency systems, undersea cables (CyberScoop) U.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog (SecurityAffairs)  Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances (ESET)  A Cyber-Psychological Operation: Iran-Linked Attackers Target Warning Systems (Claroty)  CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure (Unit 42) From San Pedro to Salinas: How a Chinese Framework “DCloud Uni-App” Powers a Global Scam Economy (Infoblox) Poland busts SIM-swapping gang tied to millions in crypto theft (BleepingComputer) France's statistics department reports cyberattack on staff data (Reuters) UK school's network left wide open for invasion, student found (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Defense in Depth
Is the "Attackers Only Need to Be Right Once" a Misnomer?

Defense in Depth

Play Episode Listen Later Jun 25, 2026 27:40


All links and images can be found on CISO Series Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and George Finney, CISO, University of Texas System. Joining is Sean Walls, CISO, Bob's Discount Furniture. In this episode: Asymmetric accounting Sometimes it really is that easy The spirit of the saying The cheapest way in A huge thanks to our sponsor, Native Security Native is the Cloud Security Control Plane. It helps enterprises enforce secure-by-design architecture across multi-cloud environments by translating security intent into the cloud provider's built-in controls, previewing impact before rollout, and keeping enforcement aligned as the environment changes.

university attackers ciso asymmetric misnomer texas system david spark ciso series
The New CISO
CISO 3.0: The Playbook for Delivering Impact and Influence

The New CISO

Play Episode Listen Later Jun 25, 2026 58:06


What separates a CISO who survives from one who shapes the boardroom? In this episode, Steve Moore sits down with Walt Powell, Lead Field CISO at CDW and author of The CISO 3.0, to unpack the modern CISO playbook—why technical credentials alone no longer cut it, how to build personal eminence, and why most security leaders are still treated as second-class C-suite citizens.Walt traces his path from teaching networking before stateful firewalls existed, to writing CISSP exam questions for ISC2, to running CDW's Global Security Strategy Office. He explains what a field CISO does, why the role is harder than ex-CISOs realize, and how one bad meeting can tarnish a brand built over decades.He and Steve break down the four pillars Walt uses to measure his team—embedded advisory, eminence building, sales enablement, and voice of the customer—and how a karate-style “belt system” maps each consultant's competency. Walt explains why the same skills matrix from The CISO 3.0 works for any CISO trying to spot their own gaps.Walt argues a CISO who is not liked cannot succeed: you are the talent magnet, the culture builder, and the person proving in every board meeting that you belong in the seat. He shares the questions every candidate should ask before accepting the role—from D&O coverage to 10-K disclosure access—and why the 30-60-90 plan should be written before the second interview, not after the offer.The conversation closes with what Walt calls “strategic debt”—the identity and data governance work organizations skipped a decade ago that is now blocking AI adoption. Walt shares lessons from running OpenClaw on a Mac mini, why non-human identity tops every 2026 CISO worry list, and how Deep Research is reshaping senior architects.Key Topics• The modern field CISO role and the four pillars of impact• Why CISOs are still treated as second-class C-suite citizens• Building personal eminence through books, speaking, and writing• The CISO 3.0 skills matrix and self-assessment spider wheel• Two paths to the CISO seat: technical vs. MBA, and the gaps each leaves• Why likability is not optional for a successful CISO• Board readiness and proving you belong in the seat• Interview questions every CISO candidate must ask• Strategic debt: identity and data governance blocking AI adoption• OpenClaw, non-human identity, and the future of senior architectsGuest Bio:Walt Powell is the Lead Field CISO at CDW and a founding member of CDW's Global Security Strategy Office, where he leads a team of former CISOs advising security leaders in the field. A longtime executive coach and ISC2 exam development committee member, Walt is the author of The CISO 3.0: A Guide to Next-Generation Cybersecurity Leadership and Quantum Ready, his book on post-quantum cryptography. Connect with Walt on LinkedIn or at ciso30.com.GET A DEMO:

ITSPmagazine | Technology. Cybersecurity. Society
When You Can't Trust the Face on the Call | A Brand Highlight Conversation with Kevin Surace, CEO of TokenCore

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 24, 2026 6:00


In this Brand Highlight, Kevin Surace, CEO of TokenCore, catches up on a market that has accelerated faster than even his team expected. Biometric-assured identity has gone from the fringes to the core, and the clearest example is the video call: on Zoom or Teams, there is often no reliable way to know whether the person on screen is real, human, or an AI avatar. Surace points to cases where employees wired money because a synthetic version of their boss appeared to ask for it. That risk is pushing the work outward. Beyond using TokenCore internally, the larger banks are asking how to extend biometric assurance to the customers who move wires, because a phone call no longer confirms who is actually on the line. The goal is to know that it is the right person, on the right domain, within a few feet of the device, and not someone operating from another country. For security leaders, Surace offers direct advice: start moving off MFA and authenticator apps now, since those methods are being compromised constantly. He acknowledges the change is hard, often for cultural reasons more than technical ones, and suggests starting with admins and the people who touch real data before expanding over roughly a year. The upside, he notes, is that employees tend to welcome it, going passwordless or even ID-less and logging into tools like Salesforce in under two seconds. This is a Brand Highlight. A Brand Highlight is a ~5 minute conversation that captures a focused idea, update, or perspective from the guest. Learn more: https://www.studioc60.com/creation#highlight GUEST Kevin Surace, Chief Executive Officer, TokenCore LinkedIn: https://www.linkedin.com/in/ksurace/ RESOURCES Learn more about TokenCore: https://www.tokencore.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Kevin Surace, TokenCore, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, biometric assured identity, identity security, deepfake, AI avatar, video call security, MFA, passwordless, FIDO2, CISO, account takeover, wire fraud, Zoom security, identity assurance Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Packet Pushers - Full Podcast Feed
HS136: How AI Is Changing Enterprise Software Development (Sponsored)

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Jun 23, 2026 50:41


AI can generate working code quickly. Building reliable software to run infrastructure platforms is still a multi-year engineering challenge. In this sponsored episode, BlueCat chief strategy officer Andrew Wertkin joins John Burke and Scott Robohn to talk through the difference between code generation and enterprise software development, and the challenges and opportunities of engineering reliability... Read more »

Heavy Strategy
HS136: How AI Is Changing Enterprise Software Development (Sponsored)

Heavy Strategy

Play Episode Listen Later Jun 23, 2026 50:41


AI can generate working code quickly. Building reliable software to run infrastructure platforms is still a multi-year engineering challenge. In this sponsored episode, BlueCat chief strategy officer Andrew Wertkin joins John Burke and Scott Robohn to talk through the difference between code generation and enterprise software development, and the challenges and opportunities of engineering reliability... Read more »

Innovation in Compliance with Tom Fox
Cybersecurity Workforce Design: Reducing Burnout, Clarifying Accountability, and Aligning Incentives with Dan Duffy

Innovation in Compliance with Tom Fox

Play Episode Listen Later Jun 23, 2026 22:31


Innovation comes in many areas, and compliance professionals need to not only be ready for it but also embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom visits Dan Duffy, the Cyber Practice lead at Consulting Solutions and a longtime cybersecurity and executive-search professional. They chat about the paradox of rising security spend alongside increasing burnout and turnover. Duffy argues organizations cannot hire their way out of broken structures: undefined workflows, lack of playbooks, shadow IT, fragmented accountability, and excessive alert volumes cause teams to drown, making burnout a business risk rather than an HR metric. He emphasizes auditing workforce design, mapping workflow needs, and ensuring executive and board-level support, including proper CISO reporting lines and authority. They discuss the emerging demand for an AI compliance officer, the need for AI governance ownership and accountability, and misaligned incentives in which security is treated as a late-stage tax rather than a design principle. Duffy advocates maturity-focused programs, incident-informed leadership, and stronger entry-level pipelines. Key highlights: The Cyber Talent Crisis Burnout as Business Risk AI Governance Accountability Building for Long-Term Success Future Workforce Pipeline Advice for New Entrants Rethinking Workforce Strategy Resources: Connect with Dan Duffy on LinkedIn Consulting Solutions Innovation in Compliance was recently honored as the Number 4 podcast in Risk Management by 1,000,000 Podcasts.

The Ravit Show
Governing AI Agents in a Regulated Industry — Lexitas's Approach with Boomi

The Ravit Show

Play Episode Listen Later Jun 23, 2026 9:46


Quick conversation on The Ravit Show from Boomi World 2026 with John Baker, CIO and CISO at Lexitas. One of the most grounded customer perspectives I have heard this year. Thanks for the amazing insights, John :)John was clear about why Lexitas refused to treat data management and agentic AI as separate projects, what his team stopped wasting time on after Boomi, and why agent governance is the part most enterprises underestimate. Agents are only predictable when the layer beneath them is.My takeaway. The architecture decision is the AI decision.#data #ai #BoomiWorld #theravitshow

Cloud Security Podcast by Google
EP283: How Google Cloud CISO Chris Betz Uses LLMs to Defend Billions of Users from Vulnerablities

Cloud Security Podcast by Google

Play Episode Listen Later Jun 22, 2026 28:36


Serious Privacy
Bonus on AI, Games, and Governance of Emerging Tech

Serious Privacy

Play Episode Listen Later Jun 22, 2026 28:06 Transcription Available


Send us Fan MailWelcome to the Serious Privacy podcast, where Ralph O'Brien , Dr. K Royal, and Paul Breitbarth each provide a summary of the respective conferences they attended. The IAPP AI conference in Dublin, Games Expo, and Governance of Emerging Tech. Enjoy! If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

CISO praat
SPECIAL: Hacker Edwin van Andel over de hack op Trump en de (on)zin van AI voor hackers

CISO praat

Play Episode Listen Later Jun 22, 2026 48:32


CISO's zouden meer met hackers moeten bier drinken. Dat vind OG hacker Edwin van Andel. Je moet als CISO een band krijgen met je security minded IT-ers in de organisatie. Zo krijg je een veel sterkere positie.Ik sprak Edwin in CISO praat om te mogen tappen uit de jarenlange ervaring van deze meesterhacker.Meesterhacker? Absoluut. Edwin hackte samen met zijn vrienden op een congres het X account van Donald Trump. Hij verteld daarnaast in deze aflevering over zijn hack op een "slim hotelslot" (spoiler; dat lukte in seconden!). En over hoe je een automatische deur open krijgt met wiskey (ja, echt!).Hacker zijn is een mindset, maar volgens Edwin kan je hackervaardigheden wel leren. Tegelijkertijd komt hij tegenwoordig jonge hackers tegen die webapplicaties met gemak hacken, maar die zodra hun browser het even niet doet gewoon een nieuwe computer kopen, omdat ze niet in staat zijn hun eigen computerproblemen te troubleshooten.Verder hebben we het over het gebruik van AI en wat dit doet met platforms die bug bounty aanbieden. AI is vooral goed in het volgende woord voorspellen. En omdat AI veel rapporten heeft gelezen en toegang tot tools heeft is het een prima hacker, maar het zal nooit zo goed worden als een menselijke hacker.Ik uit ook nog even mijn decennialange frustraties als voormalig helpdesk medewerker. ☠️ En nog veel meer!

Breaking Into Cybersecurity
IAM & CEO Journey | Archit Lohokare | BIC

Breaking Into Cybersecurity

Play Episode Listen Later Jun 19, 2026 30:23


IAM & CEO Journey | Archit Lohokare | BICDiscover how to break into cybersecurity by mastering foundational technologies like cryptography and scaling your career from engineer to CEO with Archit Lohokare. In this episode, we explore the mindset required to build secure enterprise systems from the ground up.- How building the RSA algorithm from scratch launched Archit's career.- The evolution of Identity and Access Management (IAM) in enterprise environments.- Transitioning from a founding full-stack engineer to a high-level leader.- Why curiosity is the most critical skill for modern security professionals.- Lessons on building secure, scalable systems in a fast-moving startup.Archit Lohokare is an experienced cybersecurity leader and current CEO with over 22 years of industry expertise. He began his journey as a founding engineer at Incentuate, where he developed deep technical proficiency in identity, access management, and hardware-level security.Sponsored by CPF Coaching LLC - http://cpf-coaching.comThe Breaking into Cybersecurity: It's a conversation about what they did before, why they pivoted into cyber, what the process was they went through, how they keep up, and advice/tips/tricks along the way.The Breaking into Cybersecurity Leadership Series is an additional series focused on cybersecurity leadership and hearing directly from different leaders in cybersecurity (high and low) on what it takes to be a successful leader. We focus on the skills and competencies associated with cybersecurity leadership, as well as tips/tricks/advice from cybersecurity leaders.Check out our books:

Cyber Security Headlines
The Department of Know: SearchLeak, Check Point zero-day, and pulling the plug on Fable

Cyber Security Headlines

Play Episode Listen Later Jun 19, 2026 53:54


This week's Department of Know is hosted by Rich Stroffolino, with guests Arif Hameed, CISO, C&R Software; Adam Palmer, CISO, First Hawaiian Bank; Jon Collins, Field CTO, GigaOm; and Jack Leidecker, EVP, CSO, Gainsight. Huge thanks to our sponsor, ThreatLocker Every security leader is being asked the same question right now: How do we enable innovation without creating unnecessary risk?   That's the challenge behind cloud adoption. Behind AI. Behind automation. And behind every major technology decision.   ThreatLocker helps organizations take a Zero Trust approach to that challenge—giving them greater control over what can execute, what can access their environment, and what users and applications are allowed to do.   That's why ThreatLocker is proud to support Cyber Security Headlines. Because security works best when innovation and control move together.

The Pure Report
From Backups to Resilience: The Evolution of Everpure's Cyber Strategy

The Pure Report

Play Episode Listen Later Jun 18, 2026 61:13


The Pure Report welcomes Chad Monteith, Principal Field Solutions Architect to the studio to discuss the critical evolution of cyber resilience. Having joined the company through the StorReduce acquisition in 2018, Chad reflects on his journey from the early days of modern data protection to the current cyber resilience solution area including Everpure Resilience service. We dive into how the industry has fundamentally shifted from simple, reactive backups to proactive, operational resilience—an essential pivot in an era where data availability is a board-level imperative. Our conversation explores the technical and strategic nuances of this shift. Chad explains why the move to as-a-service models is about more than just subscription pricing—it is about leveraging real-time telemetry to reduce resolution times and simplify operational complexity. By integrating flash storage with software-based recovery, Everpure helps customers move beyond binary failover/failback scenarios to flexible, automated recovery zones, clean rooms, and Isolated Recovery Environments (IREs). These tools are designed to make recovery demonstrably provable and fast, allowing organizations to recover entire application stacks in minutes rather than days. Finally, we pivot to looking at the human side of IT and the expanding remit of the CISO, who is increasingly tasked with owning disaster recovery alongside incident response. Chad introduces the Apple Corollary—that people prefer buying systems that work together—and emphasizes that the ultimate goal of any technologist is to combine innovation with tangible business requirement. From his early days as a sysadmin to his current role helping organizations build resilient architectures, Chad underscores that in an age of AI-driven attacks, the most powerful defense is a recovery strategy that is simple, constantly tested, and ready at the push of a button. To learn more, visit: https://www.everpuredata.com/products/cyber-recovery.html Check out the new Everpure digital customer community to join the conversation with peers and Everpure experts: https://purecommunity.purestorage.com/ 00:00 Intro and Cyber Landscape 05:15 Denver Talk 08:05 Career Journey 14:45 Origin of Everpure Resilience service 23:45 Stat of the Episode on CISOs 31:18 Resilience and Isolated Environments 36:18 Everpure Resilience service 50:19 Hot Takes Segment

Serious Privacy
The Glassholes of Privacy (Surveillance)

Serious Privacy

Play Episode Listen Later Jun 18, 2026 31:38 Transcription Available


Send us Fan MailWelcome to the Serious Privacy podcast, where Ralph O'Brien , Dr. K Royal, and Paul Breitbarth discuss surveillance in all of its lovely permutations along with some current news. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

DisruptED
Defending the Digital Economy: The Growing Cyber Threat Landscape and the Race to Develop Skilled Talent

DisruptED

Play Episode Listen Later Jun 18, 2026 27:01


Cybersecurity has moved from a technical safeguard to a core business risk, shaping how organizations protect operations, customers and public trust. As companies rely more heavily on cloud platforms, SaaS tools, mobile systems and AI-enabled workflows, the number of possible entry points for attackers continues to expand. The stakes are no longer limited to data loss or system downtime; cyberattacks can disrupt hospitals, financial institutions, telecommunications networks and the everyday infrastructure people depend on. At the same time, the industry faces a major workforce gap, with hundreds of thousands of cybersecurity roles still unfilled in the United States alone and an even larger shortage globally.That gap raises an urgent question for employers, educators and workers alike: how can we build a cybersecurity workforce quickly enough, and with the skills and adaptability needed, to defend organizations in a world where cyber threats are accelerating?This question sits at the heart of the latest episode of DisruptED. Host Ron J. Stefanski speaks with James Faxon, Managing Director of nuKudo, about the changing nature of cybersecurity threats, the talent shortage facing the industry and why traditional education models may not be moving quickly enough. Their conversation explores the growing role of AI, the importance of deep technical and risk-management skills, and nuKudo's paid-training model for preparing cyber professionals who are ready to contribute from day one.What you'll learn…Cyber threats are becoming more disruptive as businesses rely on interconnected cloud, SaaS and telecommunications systems, making attacks capable of affecting hospitals, banks, communications networks and everyday life.Faxon argues that the cybersecurity talent shortage is not only about headcount; it is also about finding people with the technical depth, risk-management mindset and professional skills to operate effectively in high-pressure environments.NuKudo's model focuses on identifying candidates with the aptitude to learn quickly, hiring them as employees, paying them during training, certifying them and placing them with partner organizations prepared for real cybersecurity work.James Faxon is a cybersecurity and technology executive with more than 20 years of experience leading security strategy, risk governance and technology transformation across energy, retail, aerospace, defense, mining and manufacturing. He has led major enterprise security programs, including $50M+ transformation initiatives, M&A cybersecurity due diligence for transactions up to $10B and teams spanning IT, OT, security and operations. He now works as a fractional CISO, CIO and operating partner, advising leadership teams on cybersecurity strategy, AI governance, operational risk and security program maturity.

Paul's Security Weekly
Enterprise Browers in the Age of AI as CISO Role Changes and Leaders Harness Stress - Arunesh Chandra - BSW #452

Paul's Security Weekly

Play Episode Listen Later Jun 17, 2026 46:47


The browser has become the primary gateway to work, data, and AI. In this episode, Arunesh Chandra, Head of Product, Microsoft Edge for Business at Microsoft Edges for Business, will discuss why security and IT teams are rethinking the role of the browser and what sets Edge for Business apart as a secure, enterprise-ready solution. Arunesh cover how built-in security, native integration with existing IT tools, and centralized management can simplify operations, reduce risk, and support modern work across managed devices, BYOD, and contractors. A must listen for IT pros and security experts navigating browser sprawl and AI adoption. This segment is sponsored by Microsoft Edge for Business. Visit https://securityweekly.com/edgeforbusiness to learn more about them! In the leadership and communications segment, CISO role changes as cyber-risk appetites in the C-suite grow, AI is exposing the biggest weakness in cybersecurity: We never built a health model. Until now!, 6 Ways Leaders Harness Stress, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-452

Bite Size Sales
Winning Cybersecurity Sales Strategies: Insights from a Former Buyer Turned Seller on CISO Engagement - Chris Camacho, Co-founder & COO at Abstract

Bite Size Sales

Play Episode Listen Later Jun 17, 2026 39:50 Transcription Available


Are you struggling to capture the attention of Chief Information Security Officers (CISOs) in a saturated cybersecurity market? Join us in this enlightening episode of The Cyber Go-To-Market Talk podcast for cybersecurity sales and marketing teams, where we unpack the secrets to effective cyber security sales strategies that can elevate your approach and drive revenue growth. Host Andrew Monaghan sits down with Chris Camacho, co-founder and COO of Abstract Security, who brings a wealth of experience from his previous roles as a buyer at financial services companies. Chris shares invaluable insights into the shifting dynamics of selling cybersecurity solutions, particularly to Fortune 500 companies. He emphasizes the critical need for cyber sales teams to either reduce current spending or replace existing vendors to gain traction, making a strong first impression that resonates with decision-makers. This episode dives deep into Chris's unique journey from being a buyer of cybersecurity products to becoming a builder and seller, offering listeners a rare perspective on what works and what doesn't in the realm of cyber security sales. With around 3,900 vendors vying for attention in the cybersecurity space, standing out is no easy feat. Chris discusses the challenges of differentiation and the evolving role of AI in both sales and product development, providing actionable insights that can help your team navigate these complexities. Building and maintaining relationships is key in the cybersecurity landscape, and Chris stresses the importance of leveraging networks effectively to understand clients' specific needs. By creating tailored solutions that demonstrate clear ROI, sales teams can not only meet but exceed client expectations. Listeners will walk away with practical takeaways on sales onboarding, sales coaching, and metrics that matter in insurance, all aimed at accelerating growth in a rapidly changing environment. This episode is packed with cybersecurity marketing insights and go to market strategies for anyone involved in cyber security sales. Whether you're part of a startup or an established company, the lessons shared here will empower you to grow sales and enhance team management capabilities. Tune in to The Cyber Go-To-Market Talk podcast for cybersecurity sales and marketing teams and discover how to navigate team challenges while building trust and scaling sales teams effectively. Don't miss out on this opportunity to get better at marketing and drive predictable revenue growth! About the guest: Chris Camacho spent around ten years on the buy side in financial services, an early adopter of vendors like Crowdstrike and Flashpoint, before crossing over to build and sell security products. He is co-founder and COO of Abstract.Chapters:00:51 — Crossing from the buy side to the "dark side"02:55 — Why he bought CrowdStrike and Flashpoint early11:45 — A market with thousands of vendors, and the spend arms race15:33 — Three ways to fill a regional CISO event18:23 — Relationships, Ninja Jobs, and meeting his co-founder22:20 — What he interviews for (and what he doesn't)26:22 — When an AI lab lands in your category29:59 — What CISOs are telling him about AI32:22 — Reduce or replace: the way in now34:17 — AI for sellers, and his 17-year-old BDR Support the showThe Cyber Go-To-Market Talk is the show for cybersecurity sales leaders, founders, CROs, and go-to-market operators looking to improve cyber sales performance and build more predictable revenue growth. Hosted by Andrew Monaghan, founder of Unstoppable.do, covering cyber sales leadership, revenue leadership, sales onboarding, forecasting, pipeline generation, and cybersecurity go-to-market execution.Follow me on LinkedIn for regular posts about growing your cybersecurity startupWant to grow your revenue faster? Check out my cybersecurity sales consulting and trainingNeed ideas about how to grow your pipeline? Sign up for my newsletter.

Cybersecurity Where You Are
Episode 192: How Leaders Balance Expertise and Communication

Cybersecurity Where You Are

Play Episode Listen Later Jun 17, 2026 31:44


In episode 192 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Marcus Sachs, Senior Vice President and Chief Engineer at the Center for Internet Security® (CIS®). Together, they discuss how leaders, including those in cybersecurity, balance their technical expertise with mastery of communication strategies.Here are some highlights from our episode:00:51. Introductions to Marcus02:04. How Marcus found value in using analogies to communicate complex topics08:40. Coordination with non-technical folks as a sign of leadership maturity14:03. The wisdom in knowing what to say and what not to say when managing up17:31. The need to balance technical skills with team resourcing in a way that's imitable21:07. The challenge of leaders learning by proximity in hybrid and remote environments24:16. "Classic" engineering vs. "new" engineering25:13. Lessons from Boards in applying discipline, rigor, and order to software engineering28:23. The value in leaders continuously learning how businesses workResourcesEpisode 183: The Role of CISO in Supporting Risk TranslationEpisode 187: The Role of a CISO as a Strategic StorytellerEpisode 99: How Cyber-Informed Engineering Builds Resilience7 CIS Experts' 2026 Cybersecurity PredictionsIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

Paul's Security Weekly TV
Enterprise Browers in the Age of AI as CISO Role Changes and Leaders Harness Stress - Arunesh Chandra - BSW #452

Paul's Security Weekly TV

Play Episode Listen Later Jun 17, 2026 46:47


The browser has become the primary gateway to work, data, and AI. In this episode, Arunesh Chandra, Head of Product, Microsoft Edge for Business at Microsoft Edges for Business, will discuss why security and IT teams are rethinking the role of the browser and what sets Edge for Business apart as a secure, enterprise-ready solution. Arunesh cover how built-in security, native integration with existing IT tools, and centralized management can simplify operations, reduce risk, and support modern work across managed devices, BYOD, and contractors. A must listen for IT pros and security experts navigating browser sprawl and AI adoption. This segment is sponsored by Microsoft Edge for Business. Visit https://securityweekly.com/edgeforbusiness to learn more about them! In the leadership and communications segment, CISO role changes as cyber-risk appetites in the C-suite grow, AI is exposing the biggest weakness in cybersecurity: We never built a health model. Until now!, 6 Ways Leaders Harness Stress, and more! Show Notes: https://securityweekly.com/bsw-452

Business Security Weekly (Audio)
Enterprise Browers in the Age of AI as CISO Role Changes and Leaders Harness Stress - Arunesh Chandra - BSW #452

Business Security Weekly (Audio)

Play Episode Listen Later Jun 17, 2026 46:47


The browser has become the primary gateway to work, data, and AI. In this episode, Arunesh Chandra, Head of Product, Microsoft Edge for Business at Microsoft Edges for Business, will discuss why security and IT teams are rethinking the role of the browser and what sets Edge for Business apart as a secure, enterprise-ready solution. Arunesh cover how built-in security, native integration with existing IT tools, and centralized management can simplify operations, reduce risk, and support modern work across managed devices, BYOD, and contractors. A must listen for IT pros and security experts navigating browser sprawl and AI adoption. This segment is sponsored by Microsoft Edge for Business. Visit https://securityweekly.com/edgeforbusiness to learn more about them! In the leadership and communications segment, CISO role changes as cyber-risk appetites in the C-suite grow, AI is exposing the biggest weakness in cybersecurity: We never built a health model. Until now!, 6 Ways Leaders Harness Stress, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-452

Ctrl+Alt+Azure
347 - Microsoft's Security Adoption Model: a map for security modernization

Ctrl+Alt+Azure

Play Episode Listen Later Jun 17, 2026 30:15


In this week's episode, we dig into Microsoft's Security Adoption Model, the attempt to pull a decade of scattered security guidance under one roof. It's a role-aware way to plan security modernization across on-prem and multicloud, built on three layers: the business scenarios that explain why, the nine disciplines that define who's accountable, and the technology pillars that cover the how. We talk through what's genuinely new, the single front door and the disciplines framing, versus what's just been folded in like the MCRA and the CISO workshop. (00:00) - Intro and catching up.(03:48) - Show content starts.Show links- Security Adoption Model overview- Business scenarios- Disciplines overview- Technical solutions- Give us feedback!

Business Security Weekly (Video)
Enterprise Browers in the Age of AI as CISO Role Changes and Leaders Harness Stress - Arunesh Chandra - BSW #452

Business Security Weekly (Video)

Play Episode Listen Later Jun 17, 2026 46:47


The browser has become the primary gateway to work, data, and AI. In this episode, Arunesh Chandra, Head of Product, Microsoft Edge for Business at Microsoft Edges for Business, will discuss why security and IT teams are rethinking the role of the browser and what sets Edge for Business apart as a secure, enterprise-ready solution. Arunesh cover how built-in security, native integration with existing IT tools, and centralized management can simplify operations, reduce risk, and support modern work across managed devices, BYOD, and contractors. A must listen for IT pros and security experts navigating browser sprawl and AI adoption. This segment is sponsored by Microsoft Edge for Business. Visit https://securityweekly.com/edgeforbusiness to learn more about them! In the leadership and communications segment, CISO role changes as cyber-risk appetites in the C-suite grow, AI is exposing the biggest weakness in cybersecurity: We never built a health model. Until now!, 6 Ways Leaders Harness Stress, and more! Show Notes: https://securityweekly.com/bsw-452

Packet Pushers - Full Podcast Feed
HS135: AI Spyware in Chrome Spotlights Attractions of DaaS

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Jun 16, 2026 31:08


VDI (Virtual Desktop Infrastructure) and Desktop as a Service (DaaS) have been arriving “real soon now” for the past couple of decades. Will the advent of vendors' AI spyware (as Google is introducing through Chrome) be the accelerant that finally makes it happen? John and Johna discuss why the challenges in this brave new AI-enabled... Read more »

CISO-Security Vendor Relationship Podcast
Boards Love to Hear Jargon," Says Soon-to-Be-Fired CISO (LIVE in Boston)

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jun 16, 2026 48:22


All links and images can be found on CISO Series This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, principal of Duha. Joining us is Dmitriy Sokolovskiy, senior vice president, information security, Semrush. This episode was recorded in front of a live audience at the offices of Aqueduct Technologies in Canton, MA. See photos from the event. In this episode: A clock on everything The oversight loop Not a better tool, a different one It's not the alerts A huge thanks to our sponsor, Strike48 It's no secret that AI is only as good as the data available to it. Strike48 unifies agentic AI with unmatched log visibility while avoiding the typical hefty price tag. Build and deploy agents for phishing detection, alert triage, threat correlation and more. Queries existing logs where they currently live, so you can keep the technology you already have. Learn more at Strike48.com.   A huge thanks to our sponsor, Dropzone AI Dropzone AI delivers a team of AI agents that investigate alerts, hunt threats, and respond to attacks across your full security stack. No playbooks required. No hidden humans in the critical path. Your analysts stay in control, directing strategy while AI agents handle the investigation workload at machine speed. Learn more at dropzone.ai.

Heavy Strategy
HS135: AI Spyware in Chrome Spotlights Attractions of DaaS

Heavy Strategy

Play Episode Listen Later Jun 16, 2026 31:08


VDI (Virtual Desktop Infrastructure) and Desktop as a Service (DaaS) have been arriving “real soon now” for the past couple of decades. Will the advent of vendors' AI spyware (as Google is introducing through Chrome) be the accelerant that finally makes it happen? John and Johna discuss why the challenges in this brave new AI-enabled... Read more »

Cyber Risk Management Podcast
EP 212: The AI Worked. The Process Didn't.

Cyber Risk Management Podcast

Play Episode Listen Later Jun 16, 2026 47:11


Anthropic, the company that built Claude, just accidentally published the full source code of their most important product. And it was their second data exposure in five days. What does this teach every organization buying AI tools right now? Kip Boyle shares the best takeaways from CRO's AI governance training and explains why the risk of AI isn't the AI itself. Your host is Kip Boyle, CISO with Cyber Risk Opportunities.   Subscribe to Inflection Point -- https://cr-map.com/inflectionpoint/ SecureWorld AI Security PLUS course -- https://www.secureworld.io/events "Gears Don't Guess: The Executive's Practical Guide to Thriving in the Face of AI Hype and Risk" (forthcoming book, Fall 2026) AIR-MAP AI Risk Assessment -- https://air-map.io

The Virtual CISO Moment
S8E23 - Bruno Lecoq on AI, CMMC, and SMB Security

The Virtual CISO Moment

Play Episode Listen Later Jun 16, 2026 32:20


In this episode of The Virtual CISO Moment, Greg Schaffer welcomes Bruno Lecoq, Co-Founder, CEO, and CISO of BEMO, for a wide-ranging conversation on Microsoft's evolving security ecosystem, CMMC compliance, and the realities of securing small and midsized businesses.Drawing on nearly two decades at Microsoft and years leading an award-winning cybersecurity firm, Bruno shares insights on the rapid pace of AI innovation, why SMBs must carefully vet their technology partners, and the hidden risks organizations face when pursuing compliance without truly embracing security. The discussion also explores CMMC requirements, Microsoft security capabilities, and the importance of building trust-based relationships with clients.Bruno also reflects on his remarkable journey from France to Microsoft, the future of AI governance, and how a lifelong passion for football (soccer) helps him stay balanced in an ever-changing industry.A thoughtful conversation packed with practical advice for cybersecurity leaders, MSPs, and business executives alike.

ITSPmagazine | Technology. Cybersecurity. Society
What Burnout Costs the Cybersecurity People Who Keep Us Safe | An Interview with Bronwyn Boyle | An Analog Brain In A Digital Age With Marco Ciappelli | From Infosecurity Europe 2026

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 15, 2026 15:30


PODCAST EPISODE | An Analog Brain In A Digital Age — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli Bronwyn Boyle can talk about software vulnerabilities for hours. Talking about her own — the burnout she didn't recognize until someone named it — turned out to be harder, and more important. We sat down at InfoSecurity Europe to talk about the human cost of guarding the machine, and whether our analog brains were ever built for this.

Simply Solving Cyber
The Vulnerability Playbook

Simply Solving Cyber

Play Episode Listen Later Jun 15, 2026 22:23 Transcription Available


Send us Fan MailA vulnerability backlog can look like a crisis, but sometimes the real crisis is that you're staring at the wrong picture. We're joined by Dave Sims, most recently Staff VP at Elevance Health and a longtime technology leader, to talk through vulnerability risk management in plain terms and why “more findings” doesn't automatically mean “more security.” We get specific about the difference between vulnerability management and patch management, and how confusion between the two creates low-trust handoffs, endless ticket churn, and slow remediation.We also dig into the messy reality of asset inventory. CMDB data goes stale, cloud resources appear and disappear, and scanners can produce a better “what's out there” view without telling you why it matters. Dave explains how metadata tagging and business context turn raw vulnerability data into risk-based prioritization: knowing who owns a system, what it does, why the business depends on it, and which weaknesses truly expose critical services. Along the way, he shares a story of cutting through years of miscommunication with a single no-blame conversation that unlocked progress fast.If you're a CISO, security leader, architect, or practitioner trying to make VRM work at enterprise scale, this is a practical framework: outside-in black box assessment, inside-out discipline, and a people-first approach that values training, process, and continuous improvement over shiny tools. Subscribe, share this with a teammate who owns patching or VRM, and leave a review if it helps. What's the biggest thing keeping your vulnerability program from being truly risk-based?

Cyber Security Headlines
The Department of Know: CISA's quick patch, Miasma attacks, judge finds AI guilty

Cyber Security Headlines

Play Episode Listen Later Jun 12, 2026 38:26


This week's Department of Know is hosted by Rich Stroffolino, with guests Brett Conlon, CISO, American Century Investments, and Jason Thomas, senior director, technology security, governance, and risk, Cystic Fibrosis Foundation. Missed the live show? Check it out on YouTube. The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com. Huge thanks to our episode sponsor, Doppel Cybercriminals don't respect your security silos. They use one connected attack chain to hit your brand externally, infiltrate your inbox, and manipulate your team. Stop playing whack-a-mole with fragmented tools. Doppel unifies Digital Risk Protection, Human Risk Management, and Email Security into one unified platform. One attack chain. Three pillars of defense. Zero blind spots. Secure your enterprise relentlessly at doppel.com.

UBC News World
AI Workflow Guardrails: How to Scale Without Expanding Blast Radius

UBC News World

Play Episode Listen Later Jun 11, 2026 7:53


Attackers reached full data exfiltration in just 72 minutes—four times faster than the year before. Learn the three critical AI workflow guardrails every CISO needs to scale securely without expanding blast radius. ITRADE Innovations City: Fort Lauderdale Address: 501 E Las Olas Blvd Website: https://www.itradeinnovations.com/

Serious Privacy
Simply Irresistable programs (with Ryan Boos)

Serious Privacy

Play Episode Listen Later Jun 10, 2026 36:25 Transcription Available


Send us Fan MailWelcome to the Serious Privacy podcast, where Ralph O'Brien and Dr. K Royal, while Paul Breitbarth is out, meet with Ryan Boos of TrustArc. What's on the mic? Simplification of privacy programs. Ryan comes to this with the experience to back up his knowledge - he has fought in the data trenches and flown through the danger zone! Okay... he has major chops. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

The Cybersecurity Readiness Podcast Series
Episode 106 -- The Invisible Attack Surface: Zero Trust for SAP and ERP Environments

The Cybersecurity Readiness Podcast Series

Play Episode Listen Later Jun 10, 2026 50:09


In Episode 106 of the Cybersecurity Readiness Podcast Series, Dr. Dave Chatterjee is joined by Holger Hügel, Chief Technology Officer of SecurityBridge and a global authority on SAP cybersecurity with over 26 years of experience — to address a governance blind spot that exists inside the security perimeters of even the most mature enterprise organizations: the SAP environment.Opening with the August 2024 ransomware attack on Stoli Group USA — where attackers went straight for the company's SAP enterprise resource planning (ERP) system, disrupting financial operations and contributing directly to a bankruptcy filing within three months — Dr. Chatterjee frames the episode's central challenge: organizations can have zero trust architecture, network segmentation, and identity governance fully deployed across their IT landscape, and still be critically exposed, because most CISOs have never formally claimed accountability for SAP security, and most SAP teams do not think of themselves as part of the security function.Hügel explains the structural gap at the heart of this problem. SAP systems are simultaneously the most business-critical and the least security-governed assets in most large organizations. The C-suite depends on them for financial operations, payroll, procurement, and supply chain continuity, yet SAP teams and security teams speak different languages, operate under different budgets, and rarely collaborate. SAP departments typically define "security" as managing user authorizations and privileges — a narrow interpretation that leaves configuration drift, patch backlogs, and monitoring gaps entirely unaddressed.Analyzed through Dr. Chatterjee's Commitment–Preparedness–Discipline (CPD) framework, the conversation translates SAP cybersecurity from a technical niche into a governance imperative. The Medtronic case study demonstrates what good looks like: a CISO who crossed the organizational divide, sponsored SAP hardening from the cybersecurity budget, built a continuous patch management process, and created the governance structure that allowed the team to respond to an out-of-band vulnerability within hours rather than weeks.The episode's central message is neither technical nor abstract: the organizations that will survive the next ERP-targeted ransomware attack are not those with the most sophisticated tools — they are the ones that have claimed ownership of the problem, built the processes to address it continuously, and created the cross-functional governance structures that SAP and cybersecurity teams cannot build on their own.To access and download the entire podcast summary with discussion highlights - https://www.dchatte.com/episode-106-the-invisible-attack-surface-zero-trust-for-sap-and-erp-environments/Connect with Host Dr. Dave ChatterjeeLinkedIn: https://www.linkedin.com/in/dchatte/ Website: https://dchatte.com/Books PublishedThe DeepFake ConspiracyCybersecurity Readiness: A Holistic and High-Performance ApproachArticles & Cases PublishedChatterjee, D. (2026). Root: Automating the Remediation Gap, Ivey Publishing, Jan 7, 2026.Ramasastry, C. and Chatterjee, D. (2025). Trusona: Recruiting For The Hacker Mindset, Ivey Publishing, Oct 3, 2025.Chatterjee, D. and Leslie, A. (2024). “Ignorance is not bliss: A human-centered whole-of-enterprise approach to cybersecurity preparedness,” Business Horizons, Accepted on Oct 29, 2024.Isik, O., Chatterjee, D., and Lourenco, D.A. (2024). “Getting Cybersecurity Right,” California Management Review — Insights, Accepted for Publication, July 8, 2024. Chatterjee, D. (2023). “Mission critical – How American Cancer Society successfully and securely migrated to the cloud amid the pandemic,” I by IMD, March 13, 2023.Chatterjee, D. (2022). “Preventing security breaches must start at the top,” I by IMD, September 28, 2022, Institute for Management Development, Lausanne, SwitzerlandChatterjee, D. (2022). “Making Cybersecurity Readiness Mainstream,” Executive Blog Post, NETSPI, March 1, 2022Benz, M. and Chatterjee, D. (2020). “Calculated Risk? A Cybersecurity Evaluation Tool for SMEs,” Business Horizons, available online from May 4, 2020Chatterjee, D. (2019). “Should Executives Go To Jail Over Cyber Attacks,” Journal of Organizational Computing and Electronic Commerce, Vol 29, Issue 1, pp. 1-3.Abraham, C., Chatterjee, D., and Sims, R. (2019). “Muddling through cybersecurity: Insights from the U.S. healthcare industry,” Business Horizons, July 2019.

CISO-Security Vendor Relationship Podcast
There's Nothing an LLM Can Screw Up That the Cloud Didn't Do First

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jun 9, 2026 44:25


All links and images can be found on CISO Series This week's episode is hosted by David Spark, producer of CISO Series and Andy Ellis, principal of Duha. Joining is our sponsored guest, Danny Jenkins, CEO, ThreatLocker. In this episode: Permission creep at machine speed The pattern we keep calling a mistake Stop authenticating the human Vibe coded out of existence A huge thanks to our sponsor, ThreatLocker ThreatLocker delivers Zero Trust Network Access and Zero Trust Cloud Access that verifies both user and device before granting access to specific applications. No broad access, nothing exposed, and no reliance on credentials alone. It's a smarter way to control access and reduce risk. Learn more at ThreatLocker.com/CISO.

ceo cloud permission vibe ciso screw up duha andy ellis threatlocker david spark zero trust network access danny jenkins ciso series
We Talk Cyber
How to Manage a Cyber Crisis (without cracking under pressure)

We Talk Cyber

Play Episode Listen Later Jun 9, 2026 18:19


Every cyber crisis has one common thread: it never happens at a “good time.” I've led teams through high-stakes attacks while on vacation, during product launches, and even mid-board meetings. In this video, I'm breaking down 7 hard-earned lessons that every cybersecurity and crisis leader needs to survive (and shine) in a real-world cyber crisis. These aren't theories - they're lived, tested, and battle-proven.You'll learn: the difference between freezing and mobilizing, why fast doesn't mean hasty (and how to know the line), how to keep communication clear under pressure, why pulling the plug can cost millions (and what to do instead), the one thing that will make or break your crisis leadership reputationIf you're a CISO, security lead, or business executive — this video is your playbook to lead when chaos hits.Looking to go from chaos and unpredictability to resilience in the world of AI? Start here with The Predictability Factor newsletter at The Monica Talks Cyber (https://www.monicatalkscyber.com).

Bite Size Sales
Revenue leadership in stealth mode: building sales before the market (or product) is ready - Rob Witmer, VP Sales at Onyx Security

Bite Size Sales

Play Episode Listen Later Jun 9, 2026 35:44 Transcription Available


Most people think revenue leadership begins after product-market fit. Rob Witmer joined Onyx Security before there was a finished product, before the company emerged from stealth, and before the market fully understood the problem they were solving.In this episode, Rob shares what revenue leadership looks like when you're employee number 11 and the first go-to-market hire. We unpack how he approached the first 30, 60, and 90 days, why experienced sales leaders can create leverage long before a company reaches its first million dollars in revenue, and how close alignment between product and go-to-market execution accelerated Onyx's growth.Rob explains how the team validated market demand for AI-agent security, how they handled customer objections when the category was still emerging, and why transparency became a competitive advantage when selling as an early-stage company. He also shares the characteristics he looks for when hiring early-stage sellers, why recruiting is one of the most important responsibilities in revenue leadership, and how speed and low-friction execution became core principles inside Onyx.The conversation also explores the realities of scaling a cybersecurity company in a rapidly changing market, the influence of Israeli startup culture on execution speed, and why outcomes matter more than features when communicating value to customers.The Cyber Go-To-Market Talk is the show for cybersecurity sales leaders, founders, CROs, and go-to-market operators looking to improve cyber sales performance and build more predictable revenue growth. Hosted by Andrew Monaghan, founder of Unstoppable.do, covering cyber sales leadership, revenue leadership, sales onboarding, forecasting, pipeline generation, and cybersecurity go-to-market execution.About the guest: Rob Witmer is in his 26th year in software, roughly 20 of them as an individual contributor before moving into leadership. He was Onyx Security's first go-to-market hire, joining as employee 11 while the company was still in stealth.Notable quotes:"I was the first BDR, the first sales rep, the first operations guy, I was the first product manager.""Microsoft did more for AI agents than anyone else out there.""We want to be known as the easiest company to do business with."Chapters (approx.):00:00 — Joining Onyx as employee 1103:31 — Why early CISO reactions were humbling07:07 — How Microsoft flipped the agent market16:33 — Why hire an experienced sales leader this early22:44 — The three traits to look for28:49 — Differentiating in the noisiest market35:14 — Tim Youngblood and the people process Support the showThe Cyber Go-To-Market Talk is the show for cybersecurity sales leaders, founders, CROs, and go-to-market operators looking to improve cyber sales performance and build more predictable revenue growth. Hosted by Andrew Monaghan, founder of Unstoppable.do, covering cyber sales leadership, revenue leadership, sales onboarding, forecasting, pipeline generation, and cybersecurity go-to-market execution.Follow me on LinkedIn for regular posts about growing your cybersecurity startupWant to grow your revenue faster? Check out my cybersecurity sales consulting and trainingNeed ideas about how to grow your pipeline? Sign up for my newsletter.

Security Unfiltered
The Scary Future of AI-Driven Social Engineering — Are You Ready?

Security Unfiltered

Play Episode Listen Later Jun 8, 2026 58:21 Transcription Available


Send us Fan MailBobby Ford, a seasoned cybersecurity leader and CISO turned strategist, joins us for a powerhouse discussion on how AI is reshaping social engineering threats and what organizations need to do now to stay protected. From militaristic origins to startup innovation, Bobby's insights are both visionary and urgent. This episode is a must-listen for anyone serious about defending against tomorrow's cyber threats.Timestamps:00:00 - Why social engineering AI threats are now more relevant than ever02:12 - The importance of transparency about what you don't know in cybersecurity04:25 - The ‘third why' technique to test real expertise in security conversations06:40 - How a podcast episode led to a future leadership role at Doppel08:08 - Bobby's journey from military cybersecurity to startup strategy09:52 - The early days of Pentagon incident response teams and military innovation11:45 - De-gaussing hard drives in the 1980s and the evolution of data destruction13:09 - The FBI's updated wiping standards and data recovery advances14:16 - The challenge of data forensics and how little data is enough to piece together activity14:53 - How social engineering tests can be made more realistic and effective15:49 - The importance of testing controls, not just user awareness16:46 - Building resilient organizations with layered digital and human defenses18:46 - Why preventing attacks before they land is critical in AI-driven threats19:37 - External versus internal controls and the threat from outside-in protections22:23 - Social engineering as an effort to engineer humans for good or bad23:42 - How generative AI makes it impossible for users to tell real from fake24:17 - The alarming rise in convincing, AI-generated phishing emails and calls25:54 - The necessity of shifting accountability from users to technology27:19 - AI-to-AI attack scenarios and the future of autonomous cyber conflict29:34 - Mirroring military AI strategies in digital cyber warfare31:08 - The role of internet localization and firewalls in a future of AI-enabled conflict33:41 - How security controls will evolve in an AI-powered world36:49 - Why security is a business enabler, not just a gatekeeper41:29 - The history of security's “catch-up” game and embracing digital transformation44:47 - The mindset of a cyber mercenary—focusing on outcomes and results46:45 - The rapid evolution toward zero-day, AI-enabled breaches49:57 - The four pillars of AI-fueled attacks: hyper-personalization, multi-channel, speed, and volume51:13 - How a simple online search can make attack success egregiously easy52:05 - Demonstration of AI-based social engineering at scale, terrifying yet promising defenses56:41 - Bobby's closing thoughts: security as outcome-driven and resilientDoppel:  https://www.doppel.com/LinkedIn: https://www.linkedin.com/in/bobbyjford/Support the showFollow the Podcast on Social Media!Tesla Referral Code: https://ts.la/joseph675128YouTube: https://www.youtube.com/@securityunfilteredpodcastInstagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastAffiliates➡️ OffGrid Faraday Bags: https://offgrid.co/?ref=gabzvajh➡️ OffGrid Coupon Code: JOE➡️ Unplugged Phone: https://unplugged.com/Unplugged's UP Phone - The performance you expect, with the privacy you deserve. Meet the alternative. Use Code UNFILTERED at checkout*See terms and conditions at affiliated webpages. Offers are subject to change. These are affiliated/paid promotions.

CISO Stories Podcast
Critical Infrastructure: The Risk Hiding in Plain Sight - Jason Manar - CSP #225

CISO Stories Podcast

Play Episode Listen Later Jun 8, 2026 31:17


In this episode, former FBI cyber leader Jason Manar joins us to unpack the state of critical infrastructure security and why small and medium-sized businesses are more connected to it than they realize. From power, telecom, healthcare, finance, and supply chains, Jason explains how hidden dependencies can turn "not our problem" into a business-stopping event. With his FBI perspective and CISO experience, Jason shares what organizations should understand about risk, resilience, and protecting the systems we all quietly rely on. Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-225

mnemonic security podcast
Everything Is Being Recorded

mnemonic security podcast

Play Episode Listen Later Jun 8, 2026 38:34


In this episode of the mnemonic security podcast, we're joined by Joe Sullivan - former Chief Security Officer at Uber, Facebook, and Cloudflare, federal cybercrime prosecutor, and one of the most consequential figures in the history of the CISO role. The conversation explores the security implications of AI becoming part of everyday life, from AI note-takers to wearables and humanoid robots. Joe discusses the privacy, legal, and security challenges these technologies introduce, why organisations need clear policies and stronger governance to manage them, and how the role of the CISO is expanding as AI risk moves higher up the boardroom agenda.Send us Fan Mail

The Cybersecurity Defenders Podcast
Building practical blue team skills using AI-assisted SOC training with Bobby Ford/ Defender Fridays [#329]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Jun 5, 2026 30:31


Join us for this week's Defender Fridays as Bobby Ford, Chief Strategy and Experience Officer at Doppel, talks about open-source labs, MITRE ATT&CK, and real-world defender workflows.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.About Our GuestBobby is a globally recognized cybersecurity “geek” with almost three decades of experience, including the last 14 years as a CISO, protecting some of the world's most complex and operationally intensive enterprises. His career began in the military as a founding member of the Pentagon Computer Incident Response Team. Bobby built and led cybersecurity programs in the Aerospace and Defense industry. He was the first CISO at Exelis Inc. and was the architect of ITT's global cybersecurity audit function under DOJ oversight.Transitioning from public to private sector, Bobby served as the first CISO at Abbott Labs, was CISO for Unilever, and most recently was SVP and Chief Security Officer at Hewlett Packard Enterprise (HPE). Known for his collaborative style and empathetic leadership, Bobby fosters an inclusive culture that empowers entire security organizations to excel.Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable.Why LimaCharlie?Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandAccelerate response with agentic AI that acts directly within predefined workflowsTry the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.ioFollow LimaCharlieSign up for free: https://limacharlie.ioLinkedIn: / limacharlieioX: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - Founder at LimaCharlieGuest: Charles Grandjean - CTO and Co-founder at Hexiagon AI

Cyber Security Headlines
The Department of Know: NVD audit, Meta's leaky AI, Microsoft is closer to quantum

Cyber Security Headlines

Play Episode Listen Later Jun 5, 2026 36:56


This week's Department of Know is hosted by Rich Stroffolino, with guests Robb Dunewood, host, Daily Tech News Show, and David Cross, CISO, Atlassian. Get the show notes here. Missed the live show? Check it out on YouTube. The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com. Your team just added its 67th AI tool. And unfortunately, also your 67th security blind spot. The good news: The Vanta Agent works like a GRC engineer in the background, finding every app your team uses, scoring the risk, and drafting fixes for you. Vanta is the platform used by over sixteen thousand fast-moving companies like Ramp, Cursor, and Harvey who are shaping the future with AI, AND staying ahead of AI risk. Get started at vanta.com/headlines. 

Defense in Depth
Has Cybersecurity Become a Cult?

Defense in Depth

Play Episode Listen Later Jun 4, 2026 33:57


All links and images can be found on CISO Series We think of cybersecurity as a discipline. But when do ideas like best practices and NIST frameworks change into a system of belief? Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Davi Ottenheimer, principal, Flying Penguin. Joining is Joshua Copeland, director of security, Crescendo. In this episode: Tools, not religion The case for structured discipline The management problem underneath Fix the damn holes A huge thanks to our sponsor, ThreatLocker ThreatLocker delivers Zero Trust Network Access and Zero Trust Cloud Access that verifies both user and device before granting access to specific applications. No broad access, nothing exposed, and no reliance on credentials alone. It's a smarter way to control access and reduce risk. Learn more at ThreatLocker.com/CISO.

tools cult cybersecurity fix ciso crescendo nist threatlocker david spark zero trust network access davi ottenheimer ciso series
The New CISO
Rogue Agents: The New Era of AI Insider Threats (part 2)

The New CISO

Play Episode Listen Later Jun 4, 2026 43:04


What happens when an AI agent inside your company starts behaving like an insider threat? In part two, Steve Moore picks the thread back up with former FBI operative Eric O'Neill to explore how agentic AI is rewriting cybersecurity, the legal traps that follow a breach, and why the modern CISO must think like a spy hunter.Eric opens with a sobering reality: ransomware victims who decline to pay are re-attacked at staggering rates. He explains why criminals treat cybercrime as a business, invest weeks in reconnaissance—mapping SharePoint, harvesting file trees, and studying access patterns—and why a botched recovery hands them the same door twice.The conversation turns to the new insider threat hiding in plain sight: rogue AI agents. Eric shares a real case in which one executive's casual query exposed the next round of layoffs and triggered coordinated lawsuits. They unpack how agents inherit excessive access, how attackers hijack them once inside, and why organizations are now building insider-threat programs to monitor AI behavior.Eric argues AI is an accelerant on every unresolved problem—weak identity management, entitlement drift, missing asset inventories, and absent data classification. They debate whether IT and security should be unified under the CISO, why the CISO needs a direct line to the board, and the legal landmines that follow a breach, from cyber insurance to the “reasonable steps” standard.The episode closes with Eric's advice for any new CISO: put “spy hunter” on your resume. Counterintelligence, not perimeter defense, is the discipline that wins today. Tune in for part two of a story-driven conversation on why preparation, mindset, and threat hunting beat any single technology.Key Topics• Why ransomware victims who decline to pay get re-attacked• How attackers map SharePoint, file trees, and access patterns• The new insider threat: rogue and hijacked AI agents• A real case of an AI agent exposing an HR layoff list• Shadow IT and the cost of banning AI outright• Permission structures and second-level reviews for agent actions• Why AI exposes gaps in identity, asset, and data classification• Unifying IT and security under the CISO• Why the CISO needs a direct line to the board• Legal traps: cyber insurance, reasonable steps, and missed alerts• The CISO as counterintelligence officer and spy hunterGuest BioEric O'Neill is a former FBI counterintelligence operative, attorney, and bestselling author who helped bring down Robert Hanssen—the most damaging spy in FBI history. He is the founder of NeXasure AI and co-founder of The Georgetown Group, and his undercover work was dramatized in the film Breach. Eric is the author of Gray Day and Spies, Lies, and Cybercrime.Connect with Eric on LinkedIn or at ericoneill.net.GET A DEMO:

Defense & Aerospace Report
Defense & Aerospace Technology Report [Jun 03, 25] CISO Vince Crisler on AI Impact on Cyber Security

Defense & Aerospace Report

Play Episode Listen Later Jun 3, 2026 40:08


On today's Technology Report, Vince Crisler, who was the chief information security officer at the White House during the George W Bush administration who is now the CISO at cyber security firm Celerium and serves as a member of the Pentagon's Defense Industrial Base Cybersecurity Information Sharing Environment, joins Defense & Aerospace Report Editor Vago Muradian to discuss how ever more powerful AI models change cybersecurity; how the government should assess the security implications of new models as President Trump prepares to sign an executive order that would give the government a month to review models before their release; how to improve cybersecurity across the defense industrial base and flaws with the CMMC approach; and his company's “DIB CyberDome.”

Serious Privacy
an Aiyiyi week in privacy with Ralph and K

Serious Privacy

Play Episode Listen Later Jun 3, 2026 36:27 Transcription Available


Send us Fan MailWelcome to the Serious Privacy podcast, where Ralph O'Brien and Dr. K Royal, while Paul Breitbarth is out, discuss some reent events, namely graduation speakers, boos, and AI. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Packet Pushers - Full Podcast Feed
HS134: Dodging the AI Iceberg: Midcourse Corrections

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Jun 2, 2026 32:38


By now most organizations have AI strategies (among their other tech strategies). But how do you know when it's time to make a midcourse correction? Better still: How can you predict when, and what kind of corrections you might need? John and Johna discuss, and tell the story of how a university prepared for technology... Read more »

CISO-Security Vendor Relationship Podcast
Our Data Security Policy Is Transparent in That It Doesn't Exist

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jun 2, 2026 37:52


Our Data Security Policy Is Transparent in That It Doesn't Exist All links and images can be found on CISO Series This week's episode is hosted by David Spark, producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining is Mike Melo, CISO, TMX Group. In this episode: The weight of old controls Data you can actually see 68 vendors and counting Authority you never had to claim A huge thanks to our sponsor, Vanta Still stuck on the quarterly audit treadmill? Meet Calm-pliance. Vanta combines compliance, risk, and proof on one Agentic Trust Platform—and continuously monitors your controls, keeping you audit-ready all year round. Find your Calm-pliance here.

The CyberWire
AI joins the chain of command.

The CyberWire

Play Episode Listen Later Jun 1, 2026 29:48


Battlefield AI sparks debate. Election cyber threats rise. A critical Windows flaw is under active attack. CISA weighs new reporting rules. Russian targets face a stealthy hacking campaign. A 19-year-old Linux bug gets its day in the sun. Today's business update. Our guest is Heather Ceylan,  CISO at Box, discussing how governed AI starts with solving the unstructured data problem. Microsoft hits refresh on research relations.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices we are joined by Heather Ceylan,  CISO at Box, discussing how governed AI starts with solving the unstructured data problem. If you enjoyed this conversation, you can catch the full interview here. Selected Reading As the Pentagon Pushes for Battlefield AI, Some Military Leaders Urge Caution (SecurityWeek) Why a surge of election-related websites could spell rising cyber threats for the midterms (PBS News) Election threats are focused on campaign systems, not voting machines (CyberScoop) Critical Windows Netlogon RCE flaw now exploited in attacks (Bleeping Computer) U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog (Security Affairs) CISA Town Halls Set Final Stage for CIRCIA Debate (BankInfo Security) Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years (The Record) 19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access (SecurityWeek) Indian Exam Board Admits to Cybersecurity Holes Found by Teen (Bloomberg) Zscaler intends to acquire identity mapping company Symmetry Systems. (N2K Pro Business Briefing) Microsoft says it will not pursue security researchers after zero-day backlash (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices