Podcasts about ciso series

  • 16PODCASTS
  • 1,573EPISODES
  • 20mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • May 29, 2025LATEST

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about ciso series

Latest podcast episodes about ciso series

Defense in Depth
Why Cybersecurity Professionals Lie on Their Resumes

Defense in Depth

Play Episode Listen Later May 29, 2025 32:19


All images and links can be found on CISO Series. Check out this post by Gautam ‘Gotham' Sharma of AccessCyber for the discussion that is the basis of our conversation on this week's episode, co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is Krista Arndt, associate CISO, St. Luke's University Health Network. In this episode: Verify then trust Dishonesty on all sides A lack of flexibility What about integrity? Huge thanks to our sponsor, Formal Formal secures humans, AI agent's access to MCP servers, infrastructure, and data stores by monitoring and controlling data flows in real time. Using a protocol-aware reverse proxy, Formal enforces least-privilege access to sensitive data and APIs, ensuring AI behavior stays predictable and secure. Visit joinformal.com to learn more or schedule a demo.

CISO-Security Vendor Relationship Podcast
I Can't Choose. I Love All My Assets Equally.

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later May 27, 2025 34:18


All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Tim Jacobs, vp, CISO, Commonwealth Care Alliance. In this episode: Starting from zero Prepare for decisive decisions Working back from unacceptable Discovering inefficiencies  A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.  

Cyber Security Headlines
Malicious npm codes, Nova Scotia cyberattack, ChatGPT refuses shutdown command

Cyber Security Headlines

Play Episode Listen Later May 27, 2025 7:19


Malicious npm and VS Code packages stealing data Nova Scotia Power confirms ransomware attack Researchers claim ChatGPT o3 bypassed shutdown in controlled test Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.  

Cyber Security Headlines
CISA's Commvault warning, updated Killnet returns, fake VPN malware

Cyber Security Headlines

Play Episode Listen Later May 26, 2025 9:13


CISA warns Commvault clients of campaign targeting cloud applications Russian hacker group Killnet returns with slightly adjusted mandate Fake VPN and browser NSIS installers used to deliver Winos 4.0 malware Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
Signal shutters Recall, Windows Server vulnerability, pathology lab breach

Cyber Security Headlines

Play Episode Listen Later May 23, 2025 8:33


Signal adds Recall blocker Critical Windows Server 2025 dMSA vulnerability warning Pathology lab suffers data breach Huge thanks to our sponsor, Conveyor Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires? Conveyor's AI doesn't need hand-holding and gets you accurate answers every time with limited knowledge base maintenance. It reads directly from your connected sources—documents, wikis, websites, Confluence, Google drive, and even your Conveyor trust center. You don't maintain a knowledge base. You connect to one. And our AI does the rest for you. See what real auto-fill magic looks like at www.conveyor.com Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
Week in Review: Disabling Microsoft Defender, corrupted power inverters, bipartisan training bill

Cyber Security Headlines

Play Episode Listen Later May 23, 2025 24:49


Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest George Finney, CISO, The University of Texas System – check out George's new book plus all his other achievements at his website, WellAwareSecurity. Thanks to our show sponsor, Conveyor Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires? Conveyor's AI doesn't need hand-holding and gets you accurate answers every time with limited knowledge base maintenance. It reads directly from your connected sources—documents, wikis, websites, Confluence, Google drive, and even your Conveyor trust center. You don't maintain a knowledge base. You connect to one. And our AI does the rest for you. See what real auto-fill magic looks like at www.conveyor.com All links and the video of this episode can be found on CISO Series.com      

Defense in Depth
What Should Be in a CISO Job Description?

Defense in Depth

Play Episode Listen Later May 22, 2025 30:17


All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Dennis Pickett, vp, CISO, Westat. In this episode: Stop siloing cybersecurity Leading the charge A culture of ownership Preparing for resilience A huge thanks to our sponsor, Recorded Future Every day, security teams face an impossible challenge: sorting through millions of threats, each potentially critical. But somewhere in that noise are the signals you can't afford to miss. Recorded Future's gives you the power to outpace AI-driven threats through intelligence tuned specifically to your needs, enabling you to act with precision. Their advanced AI detects patterns human eyes might miss, while their experts provide context that machines alone cannot. Visit recordedfuture.com to learn more about securing what matters to your business.

CISO-Security Vendor Relationship Podcast
Why Learn Security Fundamentals When We Could Just Chase Our Tails?

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later May 20, 2025 34:01


All links and images for this episode can be found on CISO Series. I host this week's episode, David Spark (@dspark), producer of CISO Series and Jesse Whaley, CISO, Amtrak. Joining them is their guest Vaughn Hazen, CISO, CN. In this episode: The classics endure The rules of the rail "Prove It. With data." It's all just software A huge thanks to our sponsor, Doppel Doppel is the first social engineering defense platform built to dismantle deception at the source. It uses AI and infrastructure correlation to detect, link, and disrupt impersonation campaigns before they spread - protecting brands, executives, and employees while turning every threat into action that strengthens defenses across a shared intelligence network. Learn more at https://www.doppel.com/platform

Cyber Security Headlines
UK retailer update, Microsoft Defender disabler, deepfakes target officials

Cyber Security Headlines

Play Episode Listen Later May 19, 2025 8:10


Scattered Spider facilitates UK retail hacks and is moving to the U.S. Defendnot tool can disable Microsoft Defender FBI warns government officials about new waves of deepfakes Huge thanks to our sponsor, Conveyor Are you dealing with security questionnaire chaos this week? If so, get Conveyor's AI to knock them out for you. Connect Conveyor to any source, easily upload any format of questionnaire or use the browser extension for portals and their AI handles the rest—from parsing the questions to generating answers and auto-tagging collaborators. Let Conveyor do the work for you. Learn more at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
Week in Review: Hackers pump stocks, Microsoft stops screenshots, AI encrypts cybersecurity

Cyber Security Headlines

Play Episode Listen Later May 16, 2025 29:05


Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Nick Espinosa, host, The Deep Dive Radio Show. Here's where you can find him: Daily Podcast on SoundCloud | YouTube | Forbes | Twitter/X | Facebook | BlueSky | Mastodon Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. All links and the video of this episode can be found on CISO Series.com      

Defense in Depth
The CISO's Job Is Impossible

Defense in Depth

Play Episode Listen Later May 15, 2025 33:10


All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Yaron Levi, CISO, Dolby. Joining us is Joey Rachid, CISO, Xerox. In this episode: It's a balancing act Choose to leave the kids' table Your team is essential Don't change CISOs midstream Huge thanks to our sponsor, Blackslash Backslash offers a new approach to application security by creating a digital twin of your application, modeled into an AI-enabled App Graph. It categorizes security findings by business process, filters “triggerable” vulnerabilities, and simulates the security impact of updates. Backslash dramatically improves AppSec efficiency, eliminating legacy SAST and SCA frustration. Learn more at https://www.backslash.security/  

Cyber Security Headlines
Radware clarifies patch, retailer data stolen, Alabama suffers cyberattack

Cyber Security Headlines

Play Episode Listen Later May 14, 2025 8:49


Radware says recently WAF bypasses were patched in 2023 Marks & Spencer confirms data stolen in ransomware attack Alabama suffers cybersecurity event  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com

CISO-Security Vendor Relationship Podcast
I'm Not Looking Down at You, I'm Looking Down at What You're Doing

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later May 13, 2025 41:40


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest, Saket Modi, co-founder and CEO, SAFE Security. In this episode: Elevating AI to table stakes Security for the real world Using dynamic models for TPRM The agentic AI augmentation  Huge thanks to our sponsor, SAFE Security SAFE (#1 platform to unify the management of all cyber risks) has reinvented cyber risk management with Agentic AI. We help CISOs, TPRM, and GRC leaders become strategic business partners by automating the understanding, prioritization and management of cyber risk—accelerating AI adoption and digital transformation.

Cyber Security Headlines
Japan finance hacks, Pearson suffers cyberattack, Teams blocks screen captures

Cyber Security Headlines

Play Episode Listen Later May 12, 2025 8:28


Hackers hijack Japanese financial accounts to conduct billions in trades Education giant Pearson hit by cyberattack exposing customer data Microsoft Teams will soon block screen capture during meetings  Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.  

Cyber Security Headlines
Cisco IOS XE vulnerability, Pentagon CIO nomination, new SonicWall vulnerability

Cyber Security Headlines

Play Episode Listen Later May 9, 2025 8:45


Cisco patches a level 10 vulnerability in IOS XE President nominates former Unilever CISO to be Pentagon CIO SonicWall patches a new zero-day vulnerability Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
Week in Review: Agriculture ransomware increase, Congress challenges CISA cuts, Disney's slacker hacker

Cyber Security Headlines

Play Episode Listen Later May 9, 2025 29:37


Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Dan Holden, CISO, BigCommerce Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com        

Cyber Security Headlines
Europol shuts down DDoS-for-hire services, CrowdStrike lays off 500 workers, GOV.UK embraces passkeys

Cyber Security Headlines

Play Episode Listen Later May 8, 2025 7:28


Europol shuts down six DDoS-for-hire services used in global attacks CrowdStrike says it will lay off 500 workers Passkeys set to protect GOV.UK accounts against cyber-attacks Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
Congress challenges CISA cuts, Texas school breached, NSO pays WhatsApp

Cyber Security Headlines

Play Episode Listen Later May 7, 2025 8:32


Congress challenges Noem over proposed CISA cuts Texas school district breach impacts over 47,000 people NSO Group to pay WhatsApp $167 million in damages Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.  

CISO-Security Vendor Relationship Podcast
They're Not AI Mistakes, They're Happy Little Incidents

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later May 6, 2025 45:35


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series, and Andy Ellis, partner of YL Ventures. Their sponsored guest is Jadee Hanson, CISO of Vanta. In this episode: Find a partner to work with Fixing the root of burnout The limitations of human vigilance Balancing openness and control Thanks to our sponsor, Vanta. Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

Cyber Security Headlines
Signal clones, easyjson warning, UK retail hacker

Cyber Security Headlines

Play Episode Listen Later May 6, 2025 7:37


Signal clone gets hacked Sounding the alarm on easyjson Ransomware group takes credit for UK retail attacks Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
Microsoft Authenticator passkeys, StealC malware upgraded, CISA budget slashed

Cyber Security Headlines

Play Episode Listen Later May 5, 2025 8:02


Microsoft ends Authenticator password autofill in favor of Edge StealC malware enhanced with stealth upgrades and data theft White House proposes cutting $491M from CISA budget Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
UK's Co-op cyberattack, LabHost domains released, NSO WhatsApp damages

Cyber Security Headlines

Play Episode Listen Later May 2, 2025 7:55


UK retailer Co-Op suffers cyberattack FBI shares list of 42,000 LabHost phishing domains NSO group looking at hefty damages in WhatsApp case Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
Week in Review: Cybersecurity CEO busted, Cloudflare's DDoS increase, FBI's help request

Cyber Security Headlines

Play Episode Listen Later May 2, 2025 31:36


Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest DJ Schleen, Head of Security, Boats Group Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com  

Defense in Depth
How Much Should Salespeople Know About Their Product?

Defense in Depth

Play Episode Listen Later May 1, 2025 27:18


All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is Jay Jay Davey, vp of cyber security operations, Planet.  In this episode: Aligning incentives The realities of the job Delivering ROI Holistic cybersecurity Thanks to our sponsor, Backslash Security Backslash offers a new approach to application security by creating a digital twin of your application, modeled into an AI-enabled App Graph. It categorizes security findings by business process, filters “triggerable” vulnerabilities, and simulates the security impact of updates. Backslash dramatically improves AppSec efficiency, eliminating legacy SAST and SCA frustration. Learn more at www.backslash.security.

Cyber Security Headlines
Scattered Spider extradition, Telecom hack warnings, Impersonation scammer takedown

Cyber Security Headlines

Play Episode Listen Later May 1, 2025 9:10


Alleged ‘Scattered Spider' member extradited to U.S. Experts see little progress after major Chinese telecom hack Polish police take down impersonation scammers Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. For the stories behind the headlines, visit CISOseries.com.

CISO-Security Vendor Relationship Podcast
Get ALL the Challenges of Cybersecurity AND Fewer Resources

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Apr 29, 2025 40:22


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is Charles Blauner, formerly of Team8 (at time of recording) and now operating partner, Crosspoint Capital. In this episode: Expanding collective defense Getting talent to the municipal level A mature reporting structure A pill for that cyberailment Huge thanks to our sponsor, Material Security Material Security is purpose-built to protect the entire cloud workspace – email, data, and accounts. With deep integration and powerful automations, Material prevents and detects a wider range of threats, responds to active attacks faster, and secures data and accounts even after a breach. See Material in action today!

Cyber Security Headlines
SAP zero-day active, another OAuth exploit, cybersecurity CEO arrested

Cyber Security Headlines

Play Episode Listen Later Apr 28, 2025 7:21


SAP zero-day vulnerability under widespread active exploitation Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts Cybersecurity firm CEO charged with installing malware on hospital systems Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
Russian army map malware, edge tech attack report, Commvault flaw

Cyber Security Headlines

Play Episode Listen Later Apr 25, 2025 8:12


Russian army targeted by Android malware hidden in mapping app Attackers hit security device defects hard in 2024 Critical Commvault Command Center flaw warning Huge thanks to our sponsor, Dropzone AI Alert investigation is eating up your security team's day—30 to 40 minutes per alert adds up fast. Dropzone AI's SOC Analyst transforms this reality by investigating every alert with expert-level thoroughness at machine speed. Our AI SOC Analyst gathers evidence, connects the dots across your security tools, and delivers clear reports with recommended actions—all in minutes. No playbooks to build, no code to write. Just consistent, high-quality investigations that free your team to focus on what matters: stopping actual threats. Meet us at RSA Booth ESE-60. Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
Week in Review: Secure by Design departure, Microsoft's security report, LLMs outrace vulnerabilities

Cyber Security Headlines

Play Episode Listen Later Apr 25, 2025 30:25


Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bethany De Lude, CISO emeritus, The Carlyle Group Thanks to our show sponsor, Dropzone AI Alert investigation is eating up your security team's day—30 to 40 minutes per alert adds up fast. Dropzone AI‘s SOC Analyst transforms this reality by investigating every alert with expert-level thoroughness at machine speed. Our AI SOC Analyst gathers evidence, connects the dots across your security tools, and delivers clear reports with recommended actions—all in minutes. No playbooks to build, no code to write. Just consistent, high-quality investigations that free your team to focus on what matters: stopping actual threats. Meet us at RSA Booth ESE-60. All links and the video of this episode can be found on CISO Series.com

Defense in Depth
Why Are We Still Struggling to Fix Application Security?

Defense in Depth

Play Episode Listen Later Apr 24, 2025 28:14


All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Eric Gold, chief evangelist, BackSlash. In this episode: Start with the culture Moving AppSec to a higher level A strategy for security Maturing the basics Thanks to our sponsor, Backslash Security Backslash offers a new approach to application security by creating a digital twin of your application, modeled into an AI-enabled App Graph. It categorizes security findings by business process, filters “triggerable” vulnerabilities, and simulates the security impact of updates. Backslash dramatically improves AppSec efficiency, eliminating legacy SAST and SCA frustration.  

Cyber Security Headlines
Blue Shield of California shared private data,FBI IC3 report, Ex-Army sergeant jailed

Cyber Security Headlines

Play Episode Listen Later Apr 24, 2025 9:43


Blue Shield of California shared private health data of millions with Google The FBI issues its 2024 IC3 report Ex-Army sergeant jailed for selling military secrets Huge thanks to our sponsor, Dropzone AI Security analysts need practical experience to build investigation skills, but getting expert guidance for every alert is impossible. That's why Dropzone AI created COACH—a free Chrome extension that serves as an AI security mentor for SOC analysts at any level. COACH reads alerts across all major security platforms, explains their context, provides alternative hypotheses, and guides analysts through industry-standard investigation methodologies. Unlike our AI SOC Analyst product, COACH doesn't do the work for you—it teaches you how to think through investigations yourself. It supplements human mentoring with always-available guidance that respects your data with zero retention. Develop your security team's skills at Dropzone.ai/coach. For the stories behind the headlines, head to CISOseries.com.

CISO-Security Vendor Relationship Podcast
Data Minimization Means We Don't Tell You What We're Collecting

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Apr 22, 2025 41:53


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series, and Andy Ellis, partner, YL Ventures. Joining us is Mandy Huth, svp, CISO, Ultra Clean Technology. In this episode: Start with good defaults Building talent bridges Don't forget the humans Differentiating with privacy Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

Cyber Security Headlines
Microsoft Entra lockouts, wine tasting malware, job scam solution

Cyber Security Headlines

Play Episode Listen Later Apr 21, 2025 8:23


Widespread Microsoft Entra lockouts cause by new security feature rollout Malware delivered through diplomatic wine-tasting invites British companies told to hold in-person interviews to thwart North Korea job scammers Huge thanks to our sponsor, Dropzone AI Growing your MSSP client roster while your alerts are multiplying? Dropzone AI works alongside your team, investigating alerts just like your best human analysts would. Our AI SOC Analyst cuts investigation time from an hour to minutes while handling five times more alerts per analyst. Unlike complex SOAR solutions, Dropzone deploys quickly and adapts to your environment without the need for playbooks or coding. Eliminate backlogs, reduce false positives, and deliver the detailed investigations your clients expect. Ready to scale your MSSP without scaling your team? Meet us at booth ESE-60 at RSA. Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
Week in Review: CISA workforce cuts, AI slopsquatting risk, CVE funding saga

Cyber Security Headlines

Play Episode Listen Later Apr 18, 2025 26:16


Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by David Spark with guest Trina Ford, CISO, iHeartMedia Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. All links and the video of this episode can be found on CISO Series.com

Cyber Security Headlines
Cyberthreat sharing law renewal, APTs love ClickFix, GoDaddy mutes Zoom

Cyber Security Headlines

Play Episode Listen Later Apr 18, 2025 8:54


Bipartisan push for renewal of cyberthreat information sharing law ClickFix becoming a favorite amongst state-sponsored hackers GoDaddy puts Zoom on mute for about 90 minutes Thanks to this week's episode sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, And helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com  

Defense in Depth
What Can Someone with No Experience Do in Cybersecurity?

Defense in Depth

Play Episode Listen Later Apr 17, 2025 26:25


All links and images for this episode can be found on CISO Series. Check out this post from Jerich Beason, CISO at WM, for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Dan Walsh, CISO, Datavant. Joining us is Rinki Sethi, vp and CISO, BILL. In this episode: You need a solid foundation A lot depends on the role Underappreciated skills Structures and frameworks Huge thanks to our sponsor, Recorded Future Every day, security teams face an impossible challenge: sorting through millions of threats, each potentially critical. But somewhere in that noise are the signals you can't afford to miss. Recorded Future's gives you the power to outpace AI-driven threats through intelligence tuned specifically to your needs, enabling you to act with precision. Their advanced AI detects patterns human eyes might miss, while their experts provide context that machines alone cannot. Visit recordedfuture.com to learn more about securing what matters to your business.

Cyber Security Headlines
MITRE bailout, Krebs exits SentinelOne, Apple fixes zero-days

Cyber Security Headlines

Play Episode Listen Later Apr 17, 2025 8:09


MITRE gets last-minute bailout from CISA Krebs exits SentinelOne after security clearance pulled Apple fixes two zero-days exploited in targeted iPhone attacks Thanks to this week's episode sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. For the stories behind the headlines, visit CISOseries.com. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, And helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.  

CISO-Security Vendor Relationship Podcast
Welcome to Cybersecurity: Where Everything Is Made Up and the Points Don't Matter

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Apr 15, 2025 40:53


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is Mike D'Arezzo, executive director of infosec and GRC, Wellstar Health Systems. In this episode: The shift left myth Reconsidering CISO evaluations The power of “how” Building bridges Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

Cyber Security Headlines
CISA cuts planned, Windows ‘inetpub' warning, health lab breach

Cyber Security Headlines

Play Episode Listen Later Apr 14, 2025 7:28


Major workforce cuts planned for CISA Microsoft warns Windows users not to delete ‘inetpub' folder Data breach at testing lab affects 1.6 million people Thanks to this week's episode sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, And helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.  

Cyber Security Headlines
Krebs probed, Nissan Leaf hack, Typhoon tariff warning

Cyber Security Headlines

Play Episode Listen Later Apr 11, 2025 8:27


President orders probe of former CISA Director Chris Krebs Nissan Leaf cars can be hacked for remote spying and physical takeover Infosec experts warn of China Typhoon retaliation against tariffs Thanks to our episode sponsor, Nudge Security Are you struggling to secure your exploding SaaS footprint? With Nudge Security, you can discover all SaaS apps and accounts, manage access, ensure secure configurations, vet unfamiliar tools, and automate daily identity security tasks. Start a free 14-day trial Find the stories behind the headlines at CISOseries.com.

Cyber Security Headlines
Week in Review: Fake ChatGPT passport, Apple appeals UK encryption, Oracle's obsolete servers

Cyber Security Headlines

Play Episode Listen Later Apr 11, 2025 22:36


Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Carla Sweeney, SVP, InfoSec, Red Ventures Thanks to our show sponsor, Nudge Security Are you struggling to secure your exploding SaaS footprint? With Nudge Security, you can discover all SaaS apps and accounts, manage access, ensure secure configurations, vet unfamiliar tools, and automate daily identity security tasks. Start a free 14-day trial All links and the video of this episode can be found on CISO Series.com  

Defense in Depth
Are New Gartner-Created Categories/Acronyms Helping or Hurting the Cybersecurity Industry?

Defense in Depth

Play Episode Listen Later Apr 10, 2025 26:47


All links and images for this episode can be found on CISO Series. Check out this post from Caleb Sima of WhiteRabbit for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap. Joining us is Alex Hutton, CISO, Atlantic Union Bank. In this episode: The race to differentiate  Don't blame Gartner Simplifying is complicated Seeking connection Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.  

Cyber Security Headlines
OCC major incident, Oracle confirms hack, Smokeloader servers seized

Cyber Security Headlines

Play Episode Listen Later Apr 10, 2025 8:23


U.S. Comptroller suffers ‘major incident' Oracle confirms "obsolete servers" hacked Police seize Smokeloader malware servers and detain customers Thanks to our episode sponsor, Nudge Security Nudge Security is the only solution for SaaS security and governance that can discover up to two years of historical SaaS spend along with usage insights so you can uncover wasted spend and sources of unnecessary risk. Start a free 14-day trial today For the stories behind the headlines, visit CISOseries.com.

CISO-Security Vendor Relationship Podcast
With AI, Don't Think Like a Hacker, Think Like the Whole of Society

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Apr 8, 2025 39:04


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is our sponsored guest Nathan Hunstad, director, security at Vanta. In this episode: Thinking like AI Building off a solid foundation Start with ownership Following the leader Big thanks to our sponsor, Vanta Automate, centralize, & scale your GRC program with Vanta. Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

Cyber Security Headlines
NSA Haugh fired, New WinRAR flaw, ChatGPT fake passport

Cyber Security Headlines

Play Episode Listen Later Apr 7, 2025 7:24


Haugh fired from leadership of NSA and Cyber Command WinRAR flaw bypasses Windows Mark of the Web security alerts Researcher creates fake passport using ChatGPT Thanks to our episode sponsor, Nudge Security Nudge Security helps you mitigate security risks stemming from SaaS sprawl by discovering every SaaS account ever created by anyone in your org within minutes of starting a free trial. And, you can automate on-going governance tasks like security posture checks, user access reviews, employee offboarding, and more. Start a free 14-day trial Find the stories behind the headlines at CISOseries.com.  

Cyber Security Headlines
Google patches Quick Share, ChatGPT temporary outage, UK Mail breach

Cyber Security Headlines

Play Episode Listen Later Apr 4, 2025 8:58


Google patches Quick Share vulnerability ChatGPT suffered brief outage Wednesday UK's Royal Mail investigates data leak claims Thanks to today's episode sponsor, Qualys "Overwhelmed by noise in your cybersecurity processes? Cut through the clutter with Qualys Enterprise TruRisk Management. Quantify your cyber risk in clear financial terms and focus on what matters most. Actionable insights help you prioritize critical threats, streamline remediation, and accelerate risk reduction— while effectively communicating impact to stakeholders. Empower your cybersecurity strategy with tools that drive faster, smarter, and more efficient risk management. Your secure future starts today with Qualys Enterprise TruRisk Management. Visit qualys.com/etm for more information." Find the stories behind the headlines at CISOseries.com.    

Defense in Depth
Can AI improve Third-Party Risk Management (TPRM)

Defense in Depth

Play Episode Listen Later Apr 3, 2025 29:00


All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Jason Elrod, CISO, MultiCare Health System. Joining us is our sponsored guest, Nick Muy, CISO, Scrut Automation. In this episode: Supercharging teams Shifting to proactive A unique opportunity A human in the legal loop HUGE thanks to our sponsor, Scrut Automation Scrut Automation empowers compliance and risk teams of all sizes to build enterprise-grade security programs effortlessly. With powerful automation, AI-driven efficiencies, and seamless integrations, Scrut eliminates compliance debt and enables proactive risk management—helping your business stay secure as it scales. Visit www.scrut.io to learn more or schedule a demo.

CISO-Security Vendor Relationship Podcast
This Security Control Is So Good We Don't Even Have to Turn It On (LIVE in Clearwater, FL)

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Apr 1, 2025 45:00


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Christina Shannon, CIO, KIK Consumer Products. Joining them is Jim Bowie, CISO, Tampa General Hospital. In this episode: A journey, not a destination The difference between pressure and stress Fighting commodity deepfakes Getting leadership on the same page HUGE thanks to our sponsors, Proofpoint, Cofense, & KnowBe4 With an integrated suite of cloud-based cybersecurity and compliance solutions, Proofpoint helps organizations around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Discover cutting-edge security insights and industry trends from leading experts at Proofpoint Power Series—a monthly virtual event designed to empower the security community. Learn more at proofpoint.com Powered by 35 million trained employee reporters, the exclusive Cofense® PhishMe® Email Security Awareness Training with Risk Validation and Phishing Threat Detection and Response Platforms combine robust training with advanced tools for phishing identification and remediation. Together, our solutions empower organizations to identify, combat, and eliminate phishing threats in real-time. Learn more at cofense.com KnowBe4's PhishER Plus is a lightweight SOAR platform that streamlines threat response for high-volume, potentially malicious emails reported by users. It automatically prioritizes messages, helping InfoSec and Security Operations teams quickly address the most critical threats, reducing inbox clutter and enhancing overall security efficiency. Learn more at knowbe4.com

Defense in Depth
Cybersecurity Is NOT an Entry-Level Position

Defense in Depth

Play Episode Listen Later Mar 27, 2025 31:46


All links and images for this episode can be found on CISO Series. Check out this post by Tallis Jordan of the U.S. Army Cyber Command for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is Montez Fitzpatrick, CISO, Navvis. In this episode: Start with foundations Learning to learn Don't get hustled Building a pipeline HUGE thanks to our sponsor, Scrut Automation Scrut Automation empowers compliance and risk teams of all sizes to build enterprise-grade security programs effortlessly. With powerful automation, AI-driven efficiencies, and seamless integrations, Scrut eliminates compliance debt and enables proactive risk management—helping your business stay secure as it scales. Visit www.scrut.io to learn more or schedule a demo.

CISO-Security Vendor Relationship Podcast
The Security Incident Has Been Upgraded From “Ouch” to “Boiiiing” (LIVE in Orlando, FL)

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Mar 25, 2025 42:01


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Trina Ford, CISO, iHeartMedia. Joining us is our sponsored guest Rob Allen, chief product officer, ThreatLocker. This episode was recorded in front of a live audience at Zero Trust World in Orlando, Florida. In this episode: Severity versus impact Breaking the anti-pattern Take the first step to zero trust What are your demands? ThreatLocker® is a Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. With easy onboarding, management, and 24/7/365 support, ThreatLocker makes default deny a reality for businesses. Only allow what you need in your environment and block everything else, including ransomware!