POPULARITY
Categories
All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining them is their sponsored guest, Matt Eberhart, CEO, Query. In this episode: Quality over quantity in AI decision-making Process before technology The connectivity challenge The context complexity paradox Huge thanks to our sponsor, Query Query is a Federated Search and Analytics platform that builds a security data mesh, giving security teams real-time context from all connected sources. Analysts move faster and make better decisions with AI agents and copilots that handle the grunt work and guide each step. Learn more at query.ai
All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is our sponsored guest, Rob Allen, chief product officer, ThreatLocker. In this episode: Large enterprise security demands drive vendor improvements Technical expertise becomes leadership liability without delegation EDR evolution needs prevention focus Career breaks require personal ownership and strategic timing A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
NASCAR announces data breach following March cyberattack Plankey appears to be on track to lead CISA Microsoft investigates another outage affecting 365 admin center Huge thanks to our sponsor, Dropzone AI Today's sponsor is Dropzone AI, the leader in AI-powered SOC automation. Major companies like Zapier and UiPath are using Dropzone to give their security teams superpowers. Imagine your analysts focusing on real threats while AI handles every routine investigation—in minutes, not hours. If you're heading to BlackHat, stop by their booth in Startup City. But you don't have to wait—check out their self-guided demo at dropzone.ai and see why Fortune 500s are making the switch. Find the stories behind the headlines at CISOseries.com.
SonicWall announces SMA 100 patches FBI warns about The Com Compromised Amazon Q extension deletes everything Huge thanks to our sponsor, Nudge Security Nudge Security discovers new apps, accounts, and data-sharing in real-time and helps guide employees toward secure behaviors. Instead of trying to control everything, we give IT and security teams the visibility and automation they need to secure the Workforce Edge. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Nick Espinosa, host, The Deep Dive Radio Show Thanks to our show sponsor, Nudge Security Nudge Security discovers new apps, accounts, and data-sharing in real-time and helps guide employees toward secure behaviors. Instead of trying to control everything, we give IT and security teams the visibility and automation they need to secure the Workforce Edge. All links and the video of this episode can be found on CISO Series.com
All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is Jason Thomas, senior director, technology security, governance, and risk, Cystic Fibrosis Foundation. In this episode: The trust deficit Defending the non-technical roles The business accountability gap The communication imperative Huge thanks to our sponsor, Query.ai Query is a Federated Search and Analytics platform that builds a security data mesh, giving security teams real-time context from all connected sources. Analysts move faster and make better decisions with AI agents and copilots that handle the grunt work and guide each step. Learn more at query.ai
All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Peter Clay, CISO, Aireon. In this episode: Purple teaming evolution misses operational realities Effective postmortems require systematic failure analysis Risk expertise requires business context over methodology Compliance and resilience serve different purposes Huge thanks to our sponsor, Safe Security SAFE is reinventing Third-Party Risk Management with Agentic AI. Our AI Agents automate onboarding, assessments, and monitoring—giving security teams real-time visibility and zero-effort control across their vendor ecosystem. See why SAFE is the fastest-growing TPRM platform on the market at https://testdrive.safe.security/.
Hewlett Packard warns of hardcoded passwords in Aruba access points SharePoint zero-day exploited via RCE, no patch available Russian vodka producer suffers ransomware attack Huge thanks to our sponsor, Nudge Security Discover every SaaS account ever created by anyone in your org within minutes of starting a free trial. Harden configs, enforce MFA, revoke risky app-to-app access, and more. Learn more at NudgeSecurity.com Find the stories behind the headlines at CISOseries.com.
Chinese hackers use Cobalt Strike on Taiwan's semiconductor sector Salt Typhoon breaches National Guard and steals network configurations Congress considers Stuxnet to manage OT threats Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Cyrus Tibbs, CISO, PennyMac Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com
All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode, co-hosted by me, David Spark, the producer of CISO Series, and Dan Walsh, CISO, Datavant. Joining them is Sneha Parmar, former information security officer, Lufthansa Group Digital. In this episode: Shifting left, broadening out The insurance wake-up call Building trust into the system Security's identity crisis A huge thanks to our sponsor, Doppel Doppel is the first social engineering defense platform built to dismantle deception at the source. It uses AI and infrastructure correlation to detect, link, and disrupt impersonation campaigns before they spread - protecting brands, executives, and employees while turning every threat into action that strengthens defenses across a shared intelligence network. Learn more at https://www.doppel.com/platform
All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis (@csoandy), principal, Duha. Joining us is our sponsored guest, Edward Wu, CEO and founder, Dropzone AI. In this episode: Building context-aware verification frameworks Understanding why UX fails Moving beyond AI replacement narratives Building for a crisis A huge thanks to our sponsor, Dropzone AI Dropzone AI autonomously investigates every security alert—no playbooks needed. This AI SOC analyst queries your CrowdStrike, Splunk, threat intel feeds, and 60+ other tools to build complete investigations in 5 minutes. Unlike black-box automation, it shows every query, finding, and decision. See it work yourself—explore the self-guided demo at dropzone.ai.
CISA gives one day for Citrix Bleed 2 fix Google Gemini flaw hijacks email summaries for phishing Louis Vuitton says UK customer data stolen in cyber-attack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Look Out! Another Outlook Outage Iranian APTs increased activity against U.S. industries in late spring Russian basketball player arrested in France over alleged ransomware ties Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Jim Bowie, vp, CISO, Tampa General Hospital Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines All links and the video of this episode can be found on CISO Series.com
All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is David Cross, CISO, Atlassian. In this episode: The experience prerequisite The bootcamp reality check The compensation conundrum The domain expertise imperative A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Anthony Candeias, CISO, Weight Watchers. In this episode: AI agents require structured supervision, not autonomy Hiring for potential over credentials in cybersecurity AppSec training effectiveness depends on organizational relevance AI oversight requires purpose-built models, not general solutions A huge thanks to our sponsor, Vanta Vanta's Trust Management Platform helps 10k+ companies—like Atlassian, Quora, and Chili Piper—start and scale their security programs and build trust with buyers. Vanta saves security teams time and improves program visibility by automating 35+ compliance frameworks, such as SOC 2 and ISO 27001, and GRC workflows, like risk management. Get started at Vanta.com/CISO
Ingram Micro suffers ransomware attack Hacker leaks Telefónica data allegedly from new breach ChatGPT prone to recommending wrong URLs, creating a new phishing opportunity Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.
Undetectable Android spyware leaks user logins Hunters ransomware group shuts doors Medical device company Surmodics reports cyberattack Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response Find the stories behind the headlines at CISOseries.com.
All posts and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap. Joining us is Steve Knight, former CISO, Hyundai Capital America. In this episode: Streamlining vendor evaluations Moving beyond compliance theater The scorecard skeptics Finding the right balance Thanks to our sponsor, Formal Formal secures humans, AI agent's access to MCP servers, infrastructure, and data stores by monitoring and controlling data flows in real time. Using a protocol-aware reverse proxy, Formal enforces least-privilege access to sensitive data and APIs, ensuring AI behavior stays predictable and secure. Visit joinformal.com to learn more or schedule a demo.
All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is Anne Marie Zettlemoyer, former vp of security, Activision Blizzard. In this episode SOC automation: Moving beyond alert fatigue The entry-level security talent reality Learning from security incidents without blame Evaluating security vendor viability and partnerships A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
Hawaiian Airlines suffers cyberattack United Natural Foods says cyber incident will impact quarterly income Russia throttles Cloudflare making sites inaccessible Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response Find the stories behind the headlines at CISOseries.com.
Iranian-backed spearphishing campaign seeks out cybersecurity experts Microsoft fixes Outlook bug causing crashes when opening emails Glasgow City Council suffers cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bil Harmer, operating partner and CISO, Craft Ventures. Check out Bil's page, KillSwitchAdvisory. Thanks to our show sponsor, ThreatLocker Alert fatigue, false positives, analyst burnout—you know the drill. What if you could stop threats before they run? ThreatLocker gives CISOs what they've been asking for: real control at the execution layer. Only approved apps, scripts, and executables run. Period. Known-good is enforced. Everything else? Denied by default. Ringfencing and storage control keep even trusted tools in their lane—so PowerShell doesn't become a weapon. And yes—it works at scale. Granular policies. Fast rollout. Built for modern infrastructure. You don't need more alerts. You need fewer chances for malware to make a move. ThreatLocker helps you flip the model—from detect-and-respond… to deny-and-verify. Go to ThreatLocker.com/CISO to schedule your free demo and close the last gap in your Zero Trust strategy, before it's exploited. All links and the video of this episode can be found on CISO Series.com
All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining is Hanan Szwarcbord, vp, CSO and head of infrastructure, Micron Technology. In this episode Embracing growth An urgent need for creativity Get the business context Embrace your inner theater kid Huge thanks to our sponsor, Query.ai Query is a Federated Search and Analytics platform that builds a security data mesh, giving security teams real-time context from all connected sources. Analysts move faster and make better decisions with AI agents and copilots that handle the grunt work and guide each step. Learn more at query.ai
All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Ryan Bachman, executive vice president and CISO, GM Financial. In this episode Identity consolidation versus simplification Entry-level pathways into cybersecurity Evolution of the CISO role toward business resilience Applying simplification principles to cybersecurity complexity Huge thanks to our sponsor, Doppel Doppel is the first social engineering defense platform built to dismantle deception at the source. It uses AI and infrastructure correlation to detect, link, and disrupt impersonation campaigns before they spread - protecting brands, executives, and employees while turning every threat into action that strengthens defenses across a shared intelligence network.
CMC officially points finger at Scattered Spider for Marks & Spencer and Co-op attacks Aflac investigating suspicious activity on its U.S. network Russian dairy producers suffer cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Howard Holton, COO and industry analyst, GigaOm Thanks to our show sponsor, Adaptive Security As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com
Cisco, Atlassian fix high-severity vulnerabilities Alleged Ryuk ransomware gang member arrested and extradited Telecom company Viasat attacked by Salt Typhoon Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.
All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alex Hall, CISO, Gensler. In this episode: Evaluating secure messaging beyond the app Reframing compliance as a business enabler Incremental security investment vs. crisis response Why culture, not punishment, drives secure behavior Huge thanks to our sponsor, Vanta Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.
Washington Post investigates hacking incident on journalists' emails Canadian airline WestJet is containing a cyberattack Crash records stolen from Texas DOT Huge thanks to our sponsor, Adaptive Security — OpenAI's first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new AI Content Creator turns threat intel and policy updates into interactive, multilingual training — instantly. Trusted by Fortune 500s and backed by Andreessen Horowitz and OpenAI, Adaptive helps you stay ahead of AI-driven threats. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.
Hackers attacks target Microsoft Entra ID accounts using pentesting tool Google Cloud and Cloudflare outages reported House Homeland Chairman Mark Green announces his departure Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Christina Shannon, CIO, KIK Consumer Products Thanks to our show sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines. All links and the video of this episode can be found on CISO Series.com
All links and images can be found on CISO Series. Check out this post by Justin Pagano at Klaviyo for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap. Joining us is Jesse Webb, CISO and svp information systems, Avalon Healthcare Solutions. In this episode: Align the incentives The feature and enforcement disconnect Putting the right people in the right place A need for transparency Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is our sponsored guest, Sam Curry, global vp, CISO at Zscaler. This episode was recorded at a Zscaler event in Boston, MA. In this episode: Guardrails for decision making under fatigue Preparing for quantum threats Strategic use of generative AI Reassessing outdated knowledge Huge thanks to our sponsor, Zscaler Zscaler is a cloud-based cybersecurity company that provides secure internet access and private application access. Its platform replaces traditional network security by delivering Zero Trust architecture, protecting users, data, and applications regardless of location. Zscaler's scalable services help organizations modernize IT and reduce risk with seamless, cloud-native security solutions.
Presidential cyber executive order signed Neuberger warns of U.S. infrastructure's cyberattack weakness Mirai botnet infects TBK DVR devices Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines - Week in Review is hosted by Rich Stroffolino with guest Rusty Waldron, chief business security officer, ADP Thanks to our show sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks you don't have time for are close behind. What are you going to do? Here's a better question: what would Sue do? Sue is Conveyor's new AI Agent for Customer Trust. She handles the entire security review process like answering every customer request from sales, completing every questionnaire or executing every communications and coordination task in-between. No more manual work. Just a quick review when she's done. Ready to let Sue take the reins? Learn more at www.conveyor.com. All links and the video of this episode can be found on CISO Series.com
Stolen Kettering Health data published Reddit sues Anthropic for scraping North Face website customer accounts breached Huge thanks to our sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks you don't have time for are close behind. What are you going to do? Here's a better question: what would Sue do? Sue is Conveyor's new AI Agent for Customer Trust. She handles the entire security review process like answering every customer request from sales, completing every questionnaire or executing every communications and coordination task in-between. No more manual work. Just a quick review when she's done. Ready to let Sue take the reins? Learn more at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.
All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest Jason Steer, CISO, Recorded Future. In this episode We don't need more indicators Creating more work Generating actionable intelligence Design for what you can do Huge thanks to our sponsor, Recorded Future Every day, security teams face an impossible challenge: sorting through millions of threats, each potentially critical. But somewhere in that noise are the signals you can't afford to miss. Recorded Future's gives you the power to outpace AI-driven threats through intelligence tuned specifically to your needs, enabling you to act with precision. Their advanced AI detects patterns human eyes might miss, while their experts provide context that machines alone cannot. Visit recordedfuture.com to learn more about securing what matters to your business.
All images and links can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alexandra Landegger, global head of cyber strategy & transformation, RTX. In this episode: A cybersecurity fast-track? When Ambition Becomes a Liability Giving the CVE Program the Credit It Deserves Elevating human cyber talent with AI Huge thanks to our sponsors, Nudge Security, SecurityScorecard, and Vanta Take control of SaaS security and AI governance with Nudge Security. Start a free trial today and get a full inventory of all SaaS and GenAI accounts in minutes along with risk insights and automation to help you quickly improve your security posture. Get started here: nudgesecurity.com/cisoseries Third-party risk doesn't stop at monitoring. SecurityScorecard delivers real-time detection and response across your supply chain—helping you fix vulnerabilities before they become breaches. Empower your team with expert-driven remediation, continuous vendor oversight, and board-ready insights that drive results. Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.
Exploit for maximum severity Cisco IOS XE flaw now public Senators as for reinstatement of cyber review board to work on Salt Typhoon investigation Australian ransomware victims now must report their payments Huge thanks to our sponsor, Conveyor Conveyor launched the first AI Agent for Customer Trust. So wtf does that mean? It means the AI agent goes beyond just sharing NDA-gated documents like a SOC 2 with customers or answering security questionnaires. Conveyor's AI Agent, Sue, handles the entire security review process from start to finish. She answers every customer request from sales, completes every questionnaire and executes every communications and coordination task in-between. It's perfect for B2B infosec teams sick of manual security review work. Check it out at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.
Windows 11 might fail to start after installing KB5058405, says Microsoft Victoria's Secret website goes offline following cyberattack Billions of stolen cookies available, worrying security experts Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Knight, former CISO, Hyundai Capital America Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com
All images and links can be found on CISO Series. Check out this post by Gautam ‘Gotham' Sharma of AccessCyber for the discussion that is the basis of our conversation on this week's episode, co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is Krista Arndt, associate CISO, St. Luke's University Health Network. In this episode: Verify then trust Dishonesty on all sides A lack of flexibility What about integrity? Huge thanks to our sponsor, Formal Formal secures humans, AI agent's access to MCP servers, infrastructure, and data stores by monitoring and controlling data flows in real time. Using a protocol-aware reverse proxy, Formal enforces least-privilege access to sensitive data and APIs, ensuring AI behavior stays predictable and secure. Visit joinformal.com to learn more or schedule a demo.
All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Tim Jacobs, vp, CISO, Commonwealth Care Alliance. In this episode: Starting from zero Prepare for decisive decisions Working back from unacceptable Discovering inefficiencies A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
Malicious npm and VS Code packages stealing data Nova Scotia Power confirms ransomware attack Researchers claim ChatGPT o3 bypassed shutdown in controlled test Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Dennis Pickett, vp, CISO, Westat. In this episode: Stop siloing cybersecurity Leading the charge A culture of ownership Preparing for resilience A huge thanks to our sponsor, Recorded Future Every day, security teams face an impossible challenge: sorting through millions of threats, each potentially critical. But somewhere in that noise are the signals you can't afford to miss. Recorded Future's gives you the power to outpace AI-driven threats through intelligence tuned specifically to your needs, enabling you to act with precision. Their advanced AI detects patterns human eyes might miss, while their experts provide context that machines alone cannot. Visit recordedfuture.com to learn more about securing what matters to your business.
All links and images for this episode can be found on CISO Series. I host this week's episode, David Spark (@dspark), producer of CISO Series and Jesse Whaley, CISO, Amtrak. Joining them is their guest Vaughn Hazen, CISO, CN. In this episode: The classics endure The rules of the rail "Prove It. With data." It's all just software A huge thanks to our sponsor, Doppel Doppel is the first social engineering defense platform built to dismantle deception at the source. It uses AI and infrastructure correlation to detect, link, and disrupt impersonation campaigns before they spread - protecting brands, executives, and employees while turning every threat into action that strengthens defenses across a shared intelligence network. Learn more at https://www.doppel.com/platform
All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Yaron Levi, CISO, Dolby. Joining us is Joey Rachid, CISO, Xerox. In this episode: It's a balancing act Choose to leave the kids' table Your team is essential Don't change CISOs midstream Huge thanks to our sponsor, Blackslash Backslash offers a new approach to application security by creating a digital twin of your application, modeled into an AI-enabled App Graph. It categorizes security findings by business process, filters “triggerable” vulnerabilities, and simulates the security impact of updates. Backslash dramatically improves AppSec efficiency, eliminating legacy SAST and SCA frustration. Learn more at https://www.backslash.security/
All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest, Saket Modi, co-founder and CEO, SAFE Security. In this episode: Elevating AI to table stakes Security for the real world Using dynamic models for TPRM The agentic AI augmentation Huge thanks to our sponsor, SAFE Security SAFE (#1 platform to unify the management of all cyber risks) has reinvented cyber risk management with Agentic AI. We help CISOs, TPRM, and GRC leaders become strategic business partners by automating the understanding, prioritization and management of cyber risk—accelerating AI adoption and digital transformation.