Podcasts about ciso series

Hackers drain millions from Unleash Protocol DarkSpectre campaigns exposed Shai-Hulud attack led Trust Wallet heist Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 atztw.com.

Silver Fox targets Indian users Mustang Panda deploys ToneShell Will prompt injection ever be 'solved'? Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 atztw.com.

Coupang recovers laptop allegedly thrown into river Trust Wallet reports 2k+ wallets drained Sax discloses 2024 data breach Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 atztw.com.

Rainbow Six Siege suffers breach, gamers go shopping Diesel generators and aircraft engines in high demand to power AI LastPass 2022 breach reverberates through crypto world  Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com.  

Link to episode page To end off a tumultuous year, our final Department of Know episode of 2025 features a chat between host Rich Stroffolino and producer Steve Prentice. Join them as they chat about the biggest stories of 2025, the trends we are seeing, and what we can expect in the new year. Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. All links and the video of this episode can be found on CISO Series.com  

Active exploitation of Fortinet VPN bypass utility observed Google possibly allowing users to change default gmail address June Aflac attack resulted in data theft  Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.   Find the stories behind the headlines at CISOseries.com

Coordinated scams target MENA region Pen Test Partners accused of 'blackmail' Hackers steal record $2.7B in crypto in 2025 Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

ServiceNow to acquire cybersecurity startup Armis MacSync Stealer adopts quieter installation Nissan customer data stolen in Red Hat raid Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

Spotify music library scraped DDoS disrupts France's postal and banking services Fake delivery websites hit holiday shoppers Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Jason Taule, CISO, Luminis Health, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. All links and the video of this episode can be found on CISO Series.com

President signs defense bill funding Cyber Command, Pentagon phone security Iranian APT Infy resurfaces with new malware Massive Android botnet Kimwolf launches DDoS attack Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.   Find the stories behind the headlines at CISOseries.com.

Recent Windows updates break RemoteApp connections France arrests threat actors for installing malware on Italian ferry Senate Intel chair urges safeguard against open-source software threats  Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Security training fails when it's generic. Adaptive's platform personalizes training and runs deepfake simulations across email, SMS, voice, and video. And with Adaptive's AI Content Creator, you can drop in a breaking threat or compliance doc and instantly turn it into interactive, multilingual training – no designers, no delays. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.

All links and images can be found on CISO Series. Check out this post by Binoy Koonammavu of Secusy AI for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining them is best-selling cybersecurity author Peter Gregory. His upcoming study guide on AI governance can be pre-ordered here. In this episode: Speaking the language of leadership Beyond translation: the trust factor Making risk tangible When translation isn't enough Huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

All links and images can be found on CISO Series. This week's episode is hosted by David Spark, producer of CISO Series and Brett Conlon, CISO, American Century Investments. Joining them are Ryan Barras, CISO, Mount Sinai Medical Center. In this episode: Nobody understands what we do Someone else should fix this Make the audience care Speaking CEO Huge thanks to our sponsor, Dropzone AI Dropzone AI autonomously investigates every security alert—no playbooks needed. This AI SOC analyst queries your CrowdStrike, Splunk, threat intel feeds, and 60+ other tools to build complete investigations in 5 minutes. Unlike black-box automation, it shows every query, finding, and decision. See it work yourself—explore the self-guided demo at dropzone.ai.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Andy Ellis, Principal, Duha, and Johna Till Johnson, CEO and Founder, Nemertes Research Thanks to our show sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. AI is rewriting the cybersecurity rulebook, because attackers can now scale persuasion as easily as they scale code. The real target isn't just your systems anymore; it's human trust. If you aren't actively testing your organization against AI-driven phishing, vishing, and deepfakes, you're leaving a gap criminals will exploit. Adaptive runs realistic simulations and delivers tailored, engaging training so teams respond correctly when it counts. Learn more at adaptivesecurity.com. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com

16TB MongoDB database exposes nearly 4.3 billion professional records Apple posts updates after discovery of WebKit flaws Coupang data breach traced to ex-employee Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Deepfakes aren't science fiction anymore; they're a daily threat. Quick tip: if your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI-powered social engineering attacks. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.    

All links and images can be found on CISO Series. Check out this post by Nick Nolen of Redpoint Cyber for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap. Joining us is Erika Dean, former CSO, Robinhood. In this episode: Delegation requires accountability The reality of daily decision-making The gap between theory and practice Beyond the advisory role Huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO

All links and images can be found on CISO Series. This week's episode is hosted by David Spark, producer of CISO Series and Mike Johnson, CISO, Rivian. Joining them is their sponsored guest, Danny Jenkins, CEO, ThreatLocker. In this episode: AI for AI's sake Stop selling, start protecting Stop calling everything sophisticated Least privilege, rebranded Huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

Link to episode page This week's Department of Know is hosted by Sarah Lane with guests Jason Shockey, CISO, Cenlar FSB, and Mike Lockhart, CISO, Eagleview Thanks to our show sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. AI is rewriting the cybersecurity rulebook, because attackers can now scale persuasion as easily as they scale code. The real target isn't just your systems anymore; it's human trust. If you aren't actively testing your organization against AI-driven phishing, vishing, and deepfakes, you're leaving a gap criminals will exploit. Adaptive runs realistic simulations and delivers tailored, engaging training so teams respond correctly when it counts. Learn more at adaptivesecurity.com. All links and the video of this episode can be found on CISO Series.com    

New wave of VPN login attempts on Palo Alto portals NATO holds its largest-ever cyberdefense exercise Chinese hackers exploiting React2Shell bug Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Deepfakes aren't science fiction anymore; they're a daily threat. Quick tip: if your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI-powered social engineering attacks. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.

All links and images can be found on CISO Series. Check out this post by Christofer Hoff of Truist for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Caleb Sima, builder, WhiteRabbit. Joining them is Crystal Chatam, vp of cybersecurity, Speedcast. In this episode: Understanding the fundamentals The grift of superficial expertise Hands-on experience matters  A vulnerability at the leadership level Huge thanks to our sponsor, Stellar Cyber By shining a bright light on the darkest corners of security operations, Stellar Cyber empowers organizations to see incoming attacks, know how to fight them, and act decisively – protecting what matters most. Stellar Cyber's award-winning open security operations platform includes AI-driven SIEM, NDR, ITDR, Open XDR, and Multi-Layer AI™ under one unified platform with a single license. With ⅓ of the global top 250 MSSPs and over 14,000 customers worldwide, Stellar Cyber is one of the most trusted leaders in security operations. Learn more at https://stellarcyber.ai/.  

All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is John Barrow, CISO, JB Poindexter & Co. In this episode: Building unicorns, not hunting them Cold War frameworks for modern threats Trading dollars for stories Mirror, mirror on the wall Huge thanks to our sponsor, Vanta Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get back time to focus on strengthening security and scaling your business at vanta.com/ciso

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Mathew Biby, director, cybersecurity, TixTrack, and Derek Fisher, Director of the Cyber Defense and Information Assurance Program, Temple University Thanks to our show sponsor, Vanta This message comes from Vanta. What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Get started at Vanta.com/CISO All links and the video of this episode can be found on CISO Series.com

Japanese brewer Asahi provides details regarding October ransomware attack California law regulating web browsers might impact national data privacy Microsoft to speed up Teams Huge thanks to our episode sponsor, Vanta This message comes from Vanta. What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Get started at Vanta.com/CISO Find the stories behind the headlines at CISOseries.com.

Microsoft to block unauthorized scripts in Entra ID logins with 2026 CSP update New legislation targets scammers that use AI to deceive ASUS firmware patches critical AiCloud vulnerability  Huge thanks to our episode sponsor, KnowBe4 Cybersecurity isn't just a tech problem—it's a human one.   That's why KnowBe4's Human Risk Management platform allows you to measure, quantify and actually reduce human risk across your organization.   With AI-powered risk scoring, automated coaching and reporting, HRM+ helps you surface your highest risk users and reduce the risk of data breaches and cyberattacks proactively. Ready to move from awareness to action? Request a demo of HRM+ today at knowbe4.com.   Find the stories behind the headlines at CISOseries.com.

All links and images can be found on CISO Series. This week's episode is hosted by David Spark, producer of CISO Series and Andy Ellis (@csoandy), principal of Duha. Joining them is Richard Rushing, CISO, Motorola Mobility. In this episode Mindset over tools When hygiene becomes risk Systems for actual humans Conversations over compliance Huge thanks to our sponsor, ThreatLocker ThreatLocker® Defense Against Configurations continuously scans endpoints to uncover misconfigurations, weak firewall rules, and risky settings that weaken defenses. With compliance mapping, daily updates, and actionable remediation in one dashboard, it streamlines hardening, reduces attack surfaces, and strengthens security. Learn more at threatlocker.com.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Keith Townsend, Keith Townsend, host CTO Advisor Podcast, founder of The Advisor Bench, and creator of the Virtual CTO Advisor; and Howard Holton, CEO, GigaOm Thanks to our show sponsor, Knowbe4 Cybersecurity isn't just a tech problem—it's a human one.   That's why KnowBe4's Human Risk Management platform allows you to measure, quantify and actually reduce human risk across your organization.   With AI-powered risk scoring, automated coaching and reporting, HRM+ helps you surface your highest risk users and reduce the risk of data breaches and cyberattacks proactively. Ready to move from awareness to action? Request a demo of HRM+ today at knowbe4.com. All links and the video of this episode can be found on CISO Series.com

CrowdStrike catches insider feeding information to hackers Spanish airline Iberia suffers breach and data leak AI is too risky to insure, say insurers  Huge thanks to our episode sponsor, KnowBe4 Cybersecurity isn't just a tech problem—it's a human one.   That's why KnowBe4's Human Risk Management platform allows you to measure, quantify and actually reduce human risk across your organization.   With AI-powered risk scoring, automated coaching and reporting, HRM+ helps you surface your highest risk users and reduce the risk of data breaches and cyberattacks proactively. Ready to move from awareness to action? Request a demo of HRM+ today at knowbe4.com.   Find the stories behind the headlines at CISOseries.com.

Sturnus Android Trojan captures encrypted chats and hijacks devices Canadian regulators say schools share blame for PowerSchool hack Bill reintroduced to bolster cybersecurity at Securities and Exchange Commission Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything — and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filter—it's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523. Find the stories behind the headlines at CISOseries.com.

All links and images can be found on CISO Series. Check out this post by Ross Haleliuk of Venture in Security for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Davi Ottenheimer, vp, trust and digital ethics, Inrupt. In this episode: Network security isn't dying—it's evolving The observability layer that can't be replaced What's old is new again The innovation gap Huge thanks to our sponsor, HackerOne Discover how AI innovators like Adobe, Anthropic, and Snap are using AI to find and fix vulnerabilities across the software development lifecycle. HackerOne, the global leader in offensive security solutions, reveals all in the CISOs' guide to securing the future of AI. Download it now to see how AI can strengthen your security posture. Learn more at https://www.hackerone.com/  

All links and images can be found on CISO Series. This week's episode is hosted by David Spark, producer of CISO Series and Andy Ellis (@csoandy), principal of Duha. Joining them is our sponsored guest, Nathan Hunstad, director, security, Vanta. In this episode: Metrics that matter Testing for real AI as an assistant Intelligence without context Huge thanks to our sponsor, Vanta Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get back time to focus on strengthening security and scaling your business at vanta.com/ciso

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Robb Dunewood, Host, Daily Tech News Show, and Howard Holton, CEO, GigaOm Thanks to our show sponsor, KnowBe4 Your email gateway isn't catching everything — and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filter—it's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523. All links and the video of this episode can be found on CISO Series.com

Microsoft warns of potential Windows 10 update failure China-backed hackers launch first large-scale autonomous AI cyberattack Feds fumbled Cisco patches requirements, says CISA Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything — and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filter—it's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523. Find the stories behind the headlines at CISOseries.com.

Two key cyber laws are back as president signs bill to end shutdown Microsoft's screen capture prevention for Teams users is finally rolling out FBI calls Akira top five ransomware variant out of 130 targeting U.S. businesses Huge thanks to our sponsor, Vanta What's your 2 AM security worry?   Is it "Do I have the right controls in place?"   Or "Are my vendors secure?"   ....or the really scary one: "how do I get out from under these old tools and manual processes?   Enter Vanta.   Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME. With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep.   Get started at vanta.com/headlines   Find the stories behind the headlines at CISOseries.com.

All links and images can be found on CISO Series. Check out this post by Kevin Paige, CISO at ConductorOne, for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Geoff Belknap. Joining us is our sponsored guest, Rob Allen, chief product officer, ThreatLocker. In this episode: When configuration drift becomes operational reality The garden that never stops growing From detection to cultural shift The maturity gap Huge thanks to our sponsor, ThreatLocker ThreatLocker® Defense Against Configurations continuously scans endpoints to uncover misconfigurations, weak firewall rules, and risky settings that weaken defenses. With compliance mapping, daily updates, and actionable remediation in one dashboard, it streamlines hardening, reduces attack surfaces, and strengthens security. Learn more at https://www.threatlocker.com/

All links and images can be found on CISO Series. This week's episode is hosted by David Spark, producer of CISO Series and Jeff Steadman, deputy CISO, Corning Incorporated. Joining them is Quincey Collins, CSO, Sheppard Mullin. This episode was recorded live at the ISSA LA Summit in Santa Monica, California. In this episode:  The foundational debate Strength over breadth Beyond traditional backgrounds Keeping perspective on risk Huge thanks to our sponsors, Adaptive Security and Dropzone AI AI-powered social engineering threats like deepfake voice calls, GenAI phishing, and vishing attacks are evolving fast. Adaptive helps security leaders get ahead with an AI-native platform that simulates realistic genAI attacks, and delivers expert-vetted security awareness training — all in one unified solution. Learn more at adaptivesecurity.com. Dropzone AI autonomously investigates every security alert—no playbooks needed. This AI SOC analyst queries your CrowdStrike, Splunk, threat intel feeds, and 60+ other tools to build complete investigations in 5 minutes. Unlike black-box automation, it shows every query, finding, and decision. See it work yourself—explore the self-guided demo at dropzone.ai.

runC flaws could allow hackers to escape Docker containers Lost iPhone scam warning Landfall Android spyware targets Samsung Galaxy phones Huge thanks to our sponsor, Vanta What's your 2 AM security worry?   Is it "Do I have the right controls in place?"   Or "Are my vendors secure?"   ....or the really scary one: "how do I get out from under these old tools and manual processes?   Enter Vanta.   Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME. With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep.   Get started at vanta.com/headlines   Find the stories behind the headlines at CISOseries.com.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Jacob Coombs, CISO, Tandem Diabetes Care, and Ross Young, Co-host, CISO Tradecraft Thanks to our show sponsor, Vanta What's your 2 AM security worry?   Is it "Do I have the right controls in place?"   Or "Are my vendors secure?"   ….or the really scary one: "how do I get out from under these old tools and manual processes?   Enter Vanta.   Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME. With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep.   Get started at vanta.com/headlines All links and the video of this episode can be found on CISO Series.com  

Hackers use Windows Hyper-V to evade EDR detection Critical Cisco UCCX flaw lets attackers run commands as root The Louvre's video security password was reportedly Louvre  Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker. Find the stories behind the headlines at CISOseries.com.

All links and images can be found on CISO Series. Check out this post by Kevin Paige, CISO at ConductorOne, for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining them is Julie Tsai, CISO-in-Residence, Ballistic Ventures. In this episode: Is least privilege dead? Modern tactics, timeless principle Implementation over ideology Pragmatism over purity Huge thanks to our sponsor, Cyera AI is moving fast - can your security keep up? Join the leaders shaping the future of data and AI security at DataSecAI Conference 2025, hosted by Cyera, Nov 12–13 in Dallas. Register now at https://datasecai2025.com/did.

All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis (@csoandy), principal of Duha. Joining us is Sara Madden, CISO, Convera. In this episode:  Optimizing for reality, not idealism Engineering governance instead of monitoring compliance When AI finds what humans miss The measurement problem Huge thanks to our sponsor, ThreatLocker Human error remains one of the top cybersecurity threats. Just one wrong click can open the door to ransomware or data loss. With ThreatLocker, unauthorized apps, scripts, and devices are blocked before they can ever run. See how ThreatLocker can help you gain more control over your environment. https://threatlocker.com

Australia warns of BADCANDY attacks exploiting Cisco IOS XE Chinese hackers exploiting Cisco ASA firewalls used by governments worldwide OpenAI's Aardvark GPT-5 agent finds and fixes code flaws automatically Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker. Find the stories behind the headlines at CISOseries.com.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Davi Ottenheimer, vp, digital trust and ethics, Inrupt, and Rob Teel, Field CTO, GigaOm Thanks to our show sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker. All links and the video of this episode can be found on CISO Series.com

LinkedIn users have until Monday to opt out of its AI training program New names surface for NSA leadership Open-source security group pulls out of U.S. grant, citing DEI restrictions Huge thanks to our sponsor, Conveyor Security reviews don't have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or answers. But Conveyor takes all that chaos and turns it into calm. AI fills in the questionnaires, your trust center is always ready, and sales cycles move without stalls. Breathe easier—check out Conveyor at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.

All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining them is their sponsored guest Bobby Ford, chief strategy and experience officer, Doppel. In this episode: Beyond the click High-risk users demand different metrics Building engagement over punishment Creating a security culture through community Huge thanks to our sponsor, Doppel Doppel is protecting the world's digital integrity. Impersonators adapt fast — but so does Doppel. By pairing AI with expert analysis, we don't just detect deception; we dismantle it. Our platform learns from every attack, expands its reach across digital channels, and disrupts threats before they cause harm. The result? Impersonators lose. Businesses become too costly to attack. And trust stays intact. Learn more at https://www.doppel.com/

All links and images can be found on CISO Series. This week's episode is hosted by David Spark, producer of CISO Series and Jerich Beason, CISO, WM. Joining them on stage is Jack Leidecker, CISO, Gong. This episode was recorded live at HOU SEC CON 2025. In this episode: The open source sustainability problem AI levels the geopolitical playing field Cutting through AI vendor hype Why the fundamentals still hurt Thanks to Erik Bloch from Illumio for providing our "What's Worse" scenario. Huge thanks to our sponsor, Vorlon Security SaaS data moves fast—Vorlon gives security teams the context to move faster. Vorlon combines posture and secrets management, data flow visibility, and detection and response —
so you can see the full picture: what's connected, what's at risk,
and what needs immediate action. Learn more at https://vorlon.io/

All links and images can be found on CISO Series. Check out this post by Mike Gallardo for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Geoff Belknap. Joining them is Alex Guilday, BISO, Royal Caribbean Group. In this episode: Timing the approach When persistence becomes harassment Playing the long game The necessity argument Huge thanks to our sponsor, Cyera AI is moving fast - can your security keep up? Join the leaders shaping the future of data and AI security at DataSecAI Conference 2025, hosted by Cyera, Nov 12–13 in Dallas. Register now at https://datasecai2025.com/did. 

All links and images can be found on CISO Series. This week's episode is hosted by David Spark, producer of CISO Series and Dan Walsh, CISO, Datavant. Joining them is our sponsored guest, Rob Allen, chief product officer, ThreatLocker. In this episode: When EDR gets knocked out Red flags in vendor theater Configuration chaos The sticker problem Huge thanks to our sponsor, ThreatLocker ThreatLocker® Defense Against Configurations continuously scans endpoints to uncover misconfigurations, weak firewall rules, and risky settings that weaken defenses. With compliance mapping, daily updates, and actionable remediation in one dashboard, it streamlines hardening, reduces attack surfaces, and strengthens security. Learn more at threatlocker.com.

All links and images can be found on CISO Series. Check out this post by Evgeniy Kharam for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining them is Ryan Dunn, Leader of Product and Supply Chain Technology, Specialized Bicycle Components.  And check out "Architecting Success: The Art of Soft Skills in Technical Sales: Connect to Sell More" by Evgeniy Kharam we referenced in this episode. In this episode: Beyond the technical playbook Influencing without authority Partnering, not just selling The deliberate work of connection Thanks to our sponsor, HackerOne Discover how AI innovators like Adobe, Anthropic, and Snap are using AI to find and fix vulnerabilities across the software development lifecycle. HackerOne, the global leader in offensive security solutions, reveals all in the CISOs' guide to securing the future of AI. Download it now to see how AI can strengthen your security posture. https://www.hackerone.com/report/future-of-ai?utm_medium=Paid-Newsletter&utm_source=cisoseries&utm_campaign=Parent-FY25-AIAwarenessCampaign-GL

All links and images can be found on CISO Series. This week's episode is hosted by David Spark, producer of CISO Series and Andy Ellis, principal of Duha. Joining us is our sponsored guest, Khush Kashyap, senior director, GRC, Vanta. In this episode: Skip the Sermon When to coach versus command Making risk quantification useful Recognizing a distinct discipline   Huge thanks to our sponsor, Vanta Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get back time to focus on strengthening security and scaling your business at https://www.vanta.com/landing/demo-grc?utm_campaign=new-way-grc&utm_source=ciso-series-podcast&utm_medium=podcast&utm_content=banner