Podcasts about cisos

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode, I sit down with longtime industry leader and visionary Phil Venables to discuss the evolution of cybersecurity leadership, including Phil's own journey from CISO to Venture Capitalist. We chatted about: A recent interview Phil gave about CISOs transforming into business-critical digital risk leaders and some of the key themes and areas CISOs need to focus on the most when making that transition Some of the key attributes CISOs need to be the most effective in terms of technical, soft skills, financial acumen, and more, leaning on Phil's 30 years of experience in the field and as a multiple-time CISO Phil's transition to Venture Capital with Ballistic Ventures and what drew him to this space from being a security practitioner Some of the product areas and categories Phil is most excited about from an investment perspectiveThe double-edged sword is AI, which is used for security and needs security. Phil's past five years blogging and sharing his practical, hard-earned wisdom at www.philvenables.com, and how that has helped him organize his thinking and contribute to the community.Some specific tactics and strategies Phil finds the most valuable when it comes to maintaining deep domain expertise, but also broader strategic skillsets, and the importance of being in the right environment around the right people to learn and grow

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode of The New CISO, host Steve Moore speaks with Ben, Director of Group Security and Architecture at Bilfinger, about the role of self-awareness, confidence, and communication in effective cybersecurity leadership.Ben shares his unconventional path to becoming a CISO, how he applies the “done is better than perfect” philosophy, and why embracing vulnerability, curiosity, and creativity is key to building strong teams. From baking sourdough to producing his own podcast, Ben highlights how personal passions can shape professional growth.Key Topics Covered:Why done is better than perfect can be a strength—not a flaw—in cybersecurityThe surprising connection between baking sourdough and fostering security cultureHow Ben's podcast, Infosec Theater, educates non-technical audiences using humor and storytellingThe creative interview question he uses to gauge mindset: “If cybersecurity were an animal, what would it be?”Why hiring for attitude and resilience beats hiring for experience aloneHow podcasting sharpened his ability to listen, simplify, and leadBen also emphasizes the importance of recognizing your own strengths and surrounding yourself with people who balance them out. His perspective offers actionable takeaways for CISOs and security professionals seeking to grow into thoughtful, human-centered leaders.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Step inside AWS's cutting-edge approach to network protection with AWS VP and Distinguished Engineer Tom Scholl. In this eye-opening conversation, discover how threat detection tools like MadPot are helping AWS identify and disrupt DDoS-as-a-service providers who sell attack capabilities on the dark web. Scholl reveals how AWS's massive network scale provides unique insights into emerging threats, enabling proactive security measures and even the take down of criminal organizations like Anonymous Sudan. He also discusses AWS's approach to seamless security integration and the importance of implementing strong "front door" security measures to reinforce potential entry points in your network. This conversation is a must-watch for CISOs and security leaders looking to enhance their cloud security posture in 2025 and beyond.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Julie Chatman. Julie is a distinguished cybersecurity executive with nearly two decades of experience in cybersecurity strategy, risk management, and AI governance.   She began her career in the U.S. Navy, serving on active duty as a Hospital Corpsman specializing in Medical Laboratory Science & Technology. Her transition into cybersecurity began at the FBI, where strong mentorship shaped her approach to leadership, problem solving, and talent development.   She currently serves as the Deputy Chief Information Security Officer for Finance at the Virginia Information Technologies Agency (VITA), where she is focused on driving risk reduction across state agencies. The role is part of a strategic engagement through her company, ResilientTech Advisors.   Julie leads CyberPath Coaching, where she draws on her experience as an active CISO to mentor cybersecurity professionals, accelerate their growth, and prepare them for executive roles. She works with individuals breaking into the field, mid-career professionals, aspiring CISOs, and cybersecurity entrepreneurs. [May 19, 2025]   00:00 - Intro 00:53 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                02:03 - Julie Chatman Intro 03:14 - A Hungry Brain 04:25 - We Are Mushroomed 05:54 - Being an Enabler 10:13 - Speak Their Language 13:33 - Assigning Responsibility 16:05 - A Tool, Not a Replacement 20:35 - Career Challenges 22:40 - Strategic Empathy 23:46 - Setting Boundaries 24:15 - Narrative Control 25:38 - Staying Positive 29:39 - The Target is the Same 32:09 - Book Recommendations -          World War Z  - Max Brooks 33:20 - Mentors -          MB Kinder -          Martha Williams 35:14 - Find Julie Chatman Online -          Website: cyberpathcoaching.net -          LinkedIn: linkedin.com/in/julie-chatman-mba-infosec 35:54     Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Yaron Levi, CISO, Dolby. Joining us is Joey Rachid, CISO, Xerox. In this episode: It's a balancing act Choose to leave the kids' table Your team is essential Don't change CISOs midstream Huge thanks to our sponsor, Blackslash Backslash offers a new approach to application security by creating a digital twin of your application, modeled into an AI-enabled App Graph. It categorizes security findings by business process, filters “triggerable” vulnerabilities, and simulates the security impact of updates. Backslash dramatically improves AppSec efficiency, eliminating legacy SAST and SCA frustration. Learn more at https://www.backslash.security/  

In this episode of Life of a CISO, Dr. Eric Cole shines a spotlight on a critical blind spot that many Chief Information Security Officers overlook: legal liability. While CISOs are often highly skilled and technically knowledgeable, it's what they don't know—particularly about their legal exposure—that can put them at serious risk. Dr. Cole explains that many CISOs hold the title of “chief” without realizing they may not officially be corporate officers, and that distinction matters. If you are considered a true officer of the company, you may be personally liable for failures or breaches, even if you weren't the root cause. He urges CISOs to ask the right questions during negotiations, ensure they understand their official role, and protect themselves with legal counsel and proper insurance coverage. He goes on to emphasize the importance of understanding how communication becomes evidence at the executive level. In today's digital world, emails and text messages are no longer just conversations—they are legal records that can be used for or against you. Dr. Cole discusses how even a lack of written documentation can lead to lawsuits or termination if it's perceived that a CISO failed to inform the board about a critical risk. However, over-documenting can also backfire by making colleagues uncomfortable or wary. This delicate balance between transparency and discretion is a key leadership skill every CISO must develop. Ultimately, this episode is a wake-up call to every cybersecurity leader: the higher you rise, the more you must be aware of the legal and personal implications of your role.  

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Send us a textSecurity regulations are changing dramatically in response to major breaches, and the implications for cybersecurity professionals are profound. Sean Gerber kicks off this episode with a career announcement, sharing his transition to independent consulting after 13 years with his previous employer—a move that highlights the evolving opportunities in the cybersecurity field.The heart of this episode examines the recent UnitedHealthcare breach, where attackers targeted Change Healthcare, a critical system processing 15 billion healthcare transactions annually. The February ransomware attack led to a $22 million ransom payment and disrupted approximately half of all pharmacy operations across the United States. This incident serves as a perfect case study in critical infrastructure vulnerability and has triggered a significant regulatory response from the Biden administration, which is now promising "tough, mandatory cybersecurity standards" for the healthcare industry.What does this mean for security professionals? Potentially stricter oversight, increased financial penalties, and perhaps most concerning—explicit executive liability for security failures. As Sean notes, these developments create an increasingly complex landscape where CISOs must navigate not just technical challenges but also regulatory expectations that might lack technical nuance.The episode transitions into a comprehensive examination of CISSP exam questions covering Domain 3.6, focusing on message integrity, digital signatures, and cryptographic hashing functions. Through fifteen detailed questions and answers, Sean breaks down essential concepts like the difference between checksums and hashing functions, the evolution from SHA-1 to more secure algorithms, and the role of certificate authorities in public key infrastructure. These technical foundations aren't just academic—they're the building blocks of systems that, when implemented correctly, prevent exactly the kind of breach that hit UnitedHealthcare.Ready to deepen your understanding of message integrity and prepare for the CISSP exam? Visit CISSP Cyber Training for videos, transcripts, and additional practice questions to help you master these critical concepts and advance your cybersecurity career.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Cybercrime Magazine was in attendance at the 2025 RSA Conference, where we caught up with some of the top minds in cybersecurity, including board members, industry leaders, and of course, CISOs. Tune in to this 2-minute episode and hear directly from Adam Keown, CISO at Eastman. • For more on cybersecurity, visit us at https://cybersecurityventures.com

In this episode of Reimagining Cyber, Rob Aragao welcomes Matt Gorham, former Assistant Director of the FBI's Cyber Division and current leader of PwC's Cyber and Risk Innovation Institute. Gorham shares critical insights from his 25-year FBI career and discusses the evolution of ransomware—especially the rise of ransomware-as-a-service models and the business-like operations of Eastern European cybercriminal syndicates. He emphasizes the importance of cyber hygiene, incident response planning, and executive-level tabletop exercises. The discussion also covers the often-misunderstood relationship between private companies and law enforcement, as well as the implications of AI, onshoring manufacturing, and the shifting geopolitical cybersecurity landscape. A must-listen for CISOs, board members, and security leaders looking to turn preparation into resilience.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest, Saket Modi, co-founder and CEO, SAFE Security. In this episode: Elevating AI to table stakes Security for the real world Using dynamic models for TPRM The agentic AI augmentation  Huge thanks to our sponsor, SAFE Security SAFE (#1 platform to unify the management of all cyber risks) has reinvented cyber risk management with Agentic AI. We help CISOs, TPRM, and GRC leaders become strategic business partners by automating the understanding, prioritization and management of cyber risk—accelerating AI adoption and digital transformation.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In today's episode of Tech Talks Daily, I reconnect with Abnormal AI's CIO, Mike Britton, to explore one of the most pressing topics in the tech world—AI regulation and cybersecurity.  Speaking from his base near Dallas, Mike brings a pragmatic perspective shaped by decades of experience at the intersection of enterprise technology and security. As the debate around artificial intelligence evolves, we examine the growing divide between the United States and Europe on regulatory approaches and what business leaders can learn from each side. While Europe takes a more cohesive, application-based approach, the US remains fragmented, relying on state-by-state policies and sector-specific laws. Mike unpacks why this patchwork complicates global alignment and what an effective risk-based, standardized framework might look like. He argues that regulation must focus on how AI is applied, not just its scale, especially as the technology becomes embedded in everything from healthcare to email automation. We also touch on the unintended consequences of overregulation, including the risk of pushing innovation into regions with fewer safeguards. As Abnormal Security works with some of the world's largest brands, Mike offers a frontline view into how threat actors are already leveraging AI to outpace traditional defenses. His insights reinforce the need for transparency, human oversight, and "kill switches" to ensure AI remains a tool for good, not a liability. From real-world examples to strategic recommendations, Mike outlines what CIOs and CISOs need to know now. His advice is clear, grounded, and actionable, whether embracing regulatory sandboxes, staying alert to geopolitical nuances in AI models, or maintaining continuous learning in a fast-moving space. So, how do we keep innovation ethical and secure in a world where AI is moving faster than ever? And what steps should technology leaders take to avoid falling behind or losing control of the tools meant to drive progress?

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode of Cyber Talks, we speak with Craig Peppard, CISO at Ivari Canada, about why people and processes - not just technology - are the real frontline in cybersecurity. The conversation unpacks the limitations of traditional security awareness training, explores how to move beyond blame to address systemic process failures, and highlights the growing importance of soft skills like empathy and storytelling in security leadership. They also dive into the evolving role of the CISO, the rise of embedded security roles like CISOs, and why mentoring and inclusive hiring practices are essential for building future-ready security teams.--Have a question for us? Reach out: hello@esentire.com---About Cyber TalksFrom ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges.About eSentireeSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

In this episode of Life of a CISO, Dr. Eric Cole dives deep into the dominating force of 2025: artificial intelligence. While AI is everywhere—embedded in nearly every conversation and technology—the real concern, he explains, isn't just about its capabilities but the risks it brings, especially in cybersecurity and data privacy. Dr. Cole breaks AI down into its two primary types: machine learning, which relies on data sets, and expert systems, which mimic expert decision-making through logical rules. He shares how AI isn't new, recounting his own early work building simple expert systems back in college, but warns that today's AI is only as good—or as dangerous—as the data it consumes. Dr. Cole emphasizes that data is the real power behind AI, not the algorithms. Using TikTok as an example, he highlights how data collected over years can predict behaviors and influence markets, creating national security and privacy concerns. He also discusses why big players like Amazon might seek access to such rich behavioral data to maintain dominance in e-commerce. Drawing attention to the eerie accuracy of modern predictive systems, Dr. Cole calls on CISOs and security professionals to take responsibility: every interaction with AI is feeding it data, and that data needs to be protected. He urges leaders to ask tough questions about where their data goes, how it's used, and whether they are unknowingly contributing to systems that could expose sensitive information.  

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (like EDR, MDR, and XDR) effectively handle threats within an organization, but leave a gap regarding third-party risk. SecurityScorecard created the Supply Chain Detection and Response category to empower organizations to shift from being reactive and uncertain to confidently and proactively protecting their entire supply chain. What is Supply Chain Detection and Response (SCDR)?: https://securityscorecard.com/blog/what-is-supply-chain-detection-and-response/ Learn more about continuous supply chain cyber risk detection and response: https://securityscorecard.com/why-securityscorecard/supply-chain-detection-response/ Claim Your Free SCDR Assessment: https://securityscorecard.com/get-started-scdr/#form This segment is sponsored by Security Scorecard. Visit https://securityweekly.com/securityscorecardrsac for more information on how SecurityScorecard MAX and Supply Chain Detection and Response can help your organization identify and resolve supply chain risks. In this interview, Axonius CISO Lenny Zeltser shares the vision behind Axonius Exposures, the company's latest innovation in unified risk management. Launched ahead of RSA Conference 2025, Exposures tackles one of the most persistent challenges in cybersecurity today: making sense of fragmented risk signals to drive confident, actionable decision-making. Lenny will discuss how Exposures unifies security findings, asset intelligence, and business context in a single platform — giving security teams the clarity and automation they need to prioritize what truly matters. He'll also explore what this launch means for Axonius' mission, the evolution of cyber asset management, and how organizations can move from reactive security postures to proactive, risk-based strategies. Want to see how Axonius Exposures gives you the clarity to take action on your most critical risks? Visit https://securityweekly.com/axoniusrsac to learn more and schedule a personalized demo. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-394

In this episode of On Location at RSAC Conference 2025, Phillip Miller—Chief Information Security Officer and founder of Corporal—offers a candid and practical look at the current realities of cybersecurity leadership, innovation ecosystems, and the business-first mindset required to drive effective security outcomes.With a unique background that blends enterprise cybersecurity leadership and hands-on work on his Virginia farm, Miller brings a grounded perspective to the CISO role. Over the past 18 months, he stepped away from a traditional enterprise seat to work directly with startups through his company, advising them on how to align their offerings with the real needs of security teams. His return to a full-time CISO position follows that immersive experience, giving him a renewed sense of what enterprise security leaders are missing when they close themselves off from emerging technology vendors.Shifting the Buying ConversationOne of Miller's strongest messages is that buying decisions should start with the security team—not just the CISO. Too often, tools are purchased at the top and handed down without enough input from those who will actually use them. Miller stresses that founders who are selling into the enterprise need to solve real problems with real people—and CISOs should invite that dialogue rather than block it.He also encourages CISOs to think beyond the big names. While legacy providers are often the default, marketplace ecosystems (like AWS or GCP) and accelerator programs (such as those run by CrowdStrike) offer curated, credible entry points to newer solutions. These platforms can streamline the validation process while introducing fresh capabilities that legacy tools may lack.Lead With the Business, Not the TechFor Miller, the CISO's most valuable contribution is helping business leaders understand their own risks—especially the ones they don't associate with cybersecurity. By starting with “What are your biggest non-cyber risks?” Miller helps organizations connect the dots between core operations and digital exposure.Whether working in manufacturing, retail, or financial services, his approach remains consistent: understand how the business creates value, then align security programs and tooling accordingly. The tech, he reminds us, comes second.Catch the full conversation to hear more on third-party risk, building high-functioning teams, and why peer conversations at conferences like RSAC are essential to the health of the cybersecurity community.___________Guest: Phillip Miller, CISO and founder of Qurple | https://www.linkedin.com/in/pemiller/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Organizations are demanding more from their IT management platforms—not just toolsets, but tailored systems that meet specific business and security objectives. Vivin Sathyan, Senior Technology Evangelist at ManageEngine, shares how the company is responding with an integrated approach that connects IT, security, and business outcomes.ManageEngine, a division of Zoho Corporation, now offers a suite of over 60 products that span identity and access management, SIEM, endpoint protection, service management, and analytics. These components don't just coexist—they interact contextually. Vivin outlines a real-world example from the healthcare sector, where a SIM tool detects abnormal login behavior, triggers an identity system to challenge access, and then logs the incident for IT service resolution. This integrated chain reflects a philosophy where response is not just fast, but connected and accountable.At the heart of the platform's effectiveness is contextual intelligence—layered between artificial intelligence and business insights—to power decision-making that aligns with enterprise risk and compliance needs. Whether it's SOC analysts triaging events, CIS admins handling system hygiene, or CISOs aligning actions with corporate goals, the tools are tailored to fit roles, not just generic functions. According to Vivin, this role-based approach is critical to eliminating silos and ensuring teams speak the same operational and risk language.AI continues to play a role in enhancing that coordination, but ManageEngine is cautious not to follow hype for its own sake. The company has invested in its own AI and ML capabilities since 2012, and recently launched an agent studio—but only after evaluating how new models can meaningfully add value. Vivin points out that enterprise use cases often benefit more from small, purpose-built language models than from massive general-purpose ones.Perhaps most compelling is ManageEngine's global-first strategy. With operations in nearly 190 countries and 18+ of its own data centers, the company prioritizes proximity to customers—not just for technical support, but for cultural understanding and local compliance. That closeness informs both product design and customer trust, especially as regulations around data sovereignty intensify.This episode challenges listeners to consider whether their tools are merely present—or actually connected. Are you enabling collaboration through context, or just stitching systems together and calling it a platform?Learn more about ManageEngine: https://itspm.ag/manageen-631623Note: This story contains promotional content. Learn more.Guest: Vivin Sathyan, Senior Technology Evangelist, ManageEngine | https://www.linkedin.com/in/vivin-sathyan/ResourcesLearn more and catch more stories from ManageEngine: https://www.itspmagazine.com/directory/manageengineLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, vivin sathyan, cybersecurity, ai, siem, identity, analytics, integration, platform, risk, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (like EDR, MDR, and XDR) effectively handle threats within an organization, but leave a gap regarding third-party risk. SecurityScorecard created the Supply Chain Detection and Response category to empower organizations to shift from being reactive and uncertain to confidently and proactively protecting their entire supply chain. What is Supply Chain Detection and Response (SCDR)?: https://securityscorecard.com/blog/what-is-supply-chain-detection-and-response/ Learn more about continuous supply chain cyber risk detection and response: https://securityscorecard.com/why-securityscorecard/supply-chain-detection-response/ Claim Your Free SCDR Assessment: https://securityscorecard.com/get-started-scdr/#form This segment is sponsored by Security Scorecard. Visit https://securityweekly.com/securityscorecardrsac for more information on how SecurityScorecard MAX and Supply Chain Detection and Response can help your organization identify and resolve supply chain risks. In this interview, Axonius CISO Lenny Zeltser shares the vision behind Axonius Exposures, the company's latest innovation in unified risk management. Launched ahead of RSA Conference 2025, Exposures tackles one of the most persistent challenges in cybersecurity today: making sense of fragmented risk signals to drive confident, actionable decision-making. Lenny will discuss how Exposures unifies security findings, asset intelligence, and business context in a single platform — giving security teams the clarity and automation they need to prioritize what truly matters. He'll also explore what this launch means for Axonius' mission, the evolution of cyber asset management, and how organizations can move from reactive security postures to proactive, risk-based strategies. Want to see how Axonius Exposures gives you the clarity to take action on your most critical risks? Visit https://securityweekly.com/axoniusrsac to learn more and schedule a personalized demo. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-394

Charles Henderson, who leads the cybersecurity services division at Coalfire, shares how the company is reimagining offensive and defensive operations through a programmatic lens that prioritizes outcomes over checkboxes. His team, made up of practitioners with deep experience and creative drive, brings offensive testing and exposure management together with defensive services and managed offerings to address full-spectrum cybersecurity needs. The focus isn't on commoditized services—it's on what actually makes a difference.At the heart of the conversation is the idea that cybersecurity is a team sport. Henderson draws parallels between the improvisation of music and the tactics of both attackers and defenders. Both require rhythm, creativity, and cohesion. The myth of the lone hero doesn't hold up anymore—effective cybersecurity programs are driven by collaboration across specialties and by combining services in ways that amplify their value.Coalfire's evolution reflects this shift. It's not just about running a penetration test or red team operation in isolation. It's about integrating those efforts into a broader mission-focused program, tailored to real threats and measured against what matters most. Henderson emphasizes that CISOs are no longer content with piecemeal assessments; they're seeking simplified, strategic programs with measurable outcomes.The conversation also touches on the importance of storytelling in cybersecurity reporting. Henderson underscores the need for findings to be communicated in ways that resonate with technical teams, security leaders, and the board. It's about enabling CISOs to own the narrative, armed with context, clarity, and confidence.Henderson's reflections on the early days of hacker culture—when gatherings like HoCon and early Def Cons were more about curiosity and camaraderie than business—bring a human dimension to the discussion. That same passion still fuels many practitioners today, and Coalfire is committed to nurturing it through talent development and internships, helping the next generation find their voice, their challenge, and yes, even their hacker handle.This episode offers a look at how to build programs, teams, and mindsets that are ready to lead—not follow—on the cybersecurity front.Learn more about Coalfire: https://itspm.ag/coalfire-yj4wNote: This story contains promotional content. Learn more.Guest: Charles Henderson, Executive Vice President of Cyber Security Services, Coalfire | https://www.linkedin.com/in/angustx/ResourcesLearn more and catch more stories from Coalfire: https://www.itspmagazine.com/directory/coalfireLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:charles henderson, sean martin, coalfire, red teaming, penetration testing, cybersecurity services, exposure management, ciso, threat intelligence, hacker culture, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

In this episode, Sean Martin speaks with Richard Seiersen, Chief Risk Technology Officer at Qualys, about a new way to think about cybersecurity—one that puts value and business resilience at the center, not just threats.Richard shares the thinking behind Qualys' Risk Operations Center, a new approach that responds directly to a common pain point: organizations struggling to manage vast amounts of telemetry from dozens of security tools without clear direction on how to act. Instead of forcing companies to build and maintain massive internal platforms just to piece together asset, vulnerability, and threat data, Qualys is creating a system to operationalize risk as a real-time, measurable business function.With a background that includes serving as Chief Risk Officer at a cyber insurance firm and co-authoring foundational books like How to Measure Anything in Cybersecurity Risk and The Metrics Manifesto, Richard frames the conversation in practical business terms. He emphasizes that success is not just about detecting threats, but about understanding where value exists in the business, and how to protect it efficiently.From Security Operations to Risk OperationsWhile a traditional SOC focuses on attack surface and compromise detection, the Risk Operations Center is designed to understand, prioritize, and mitigate value at risk. Richard describes how this involves normalizing data across environments, connecting asset identities—including ephemeral and composite digital assets—and aligning technical activity to business impact.The Risk Operations Center enables teams to think in terms of risk surface, not just threat surface, by giving security leaders visibility into what matters most—and the tools to act accordingly. And importantly, it does so without increasing headcount.A CISO's Role in the Business of RiskRichard challenges security leaders to break away from purely tactical work and lean into business alignment. He argues that boards want CISOs who think strategically—who can talk about capital reserves, residual risk, and how mitigation and transfer can be measured against business outcomes. In his words, “A successful business is in the business of exposing more value to more people… security must understand and support that mission.”This episode is packed with ideas worth listening to and sharing. What would your version of a Risk Operations Center look like?Learn more about Qualys: https://itspm.ag/qualys-908446Note: This story contains promotional content. Learn more.Guest: Rich Seiersen, Chief Risk Technology Officer, Qualys | https://www.linkedin.com/in/richardseiersen/ResourcesLearn more and catch more stories from Qualys: https://www.itspmagazine.com/directory/qualysLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, richard seiersen, risk, cybersecurity, data, resilience, telemetry, automation, ciso, soc, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

At RSAC Conference 2025, Rupesh Chokshi, Senior Vice President and General Manager of the Application Security Group at Akamai, joined ITSPmagazine to share critical insights into the dual role AI is playing in cybersecurity today—and what Akamai is doing about it.Chokshi lays out the landscape with clarity: while AI is unlocking powerful new capabilities for defenders, it's also accelerating innovation for attackers. From bot mitigation and behavioral DDoS to adaptive security engines, Akamai has used machine learning for over a decade to enhance protection, but the scale and complexity of threats have entered a new era.The API and Web Application Threat SurgeReferencing Akamai's latest State of the Internet report, Chokshi cites a 33% year-over-year rise in web application and API attacks—topping 311 billion threats. More than 150 billion of these were API-related. The reason is simple: APIs are the backbone of modern applications, yet many organizations lack visibility into how many they have or where they're exposed. Shadow and zombie APIs are quietly expanding attack surfaces without sufficient monitoring or defense.Chokshi shares that in early customer discovery sessions, organizations often uncover tens of thousands of APIs they weren't actively tracking—making them easy targets for business logic abuse, credential theft, and data exfiltration.Introducing Akamai's Firewall for AIAkamai is addressing another critical gap with the launch of its new Firewall for AI. Designed for both internal and customer-facing generative AI applications, this solution focuses on securing runtime environments. It detects and blocks issues like prompt injection, PII leakage, and toxic language using scalable, automated analysis at the edge—reducing friction for deployment while enhancing visibility and governance.In early testing, Akamai found that 6% of traffic to a single LLM-based customer chatbot involved suspicious activity. That volume—within just 100,000 requests—highlights the urgency of runtime protections for AI workloads.Enabling Security LeadershipChokshi emphasizes that modern security teams must engage collaboratively with business and data teams. As AI adoption outpaces security budgets, CISOs are looking for trusted, easy-to-deploy solutions that enable—not hinder—innovation. Akamai's goal: deliver scalable protections with minimal disruption, while helping security leaders shoulder the growing burden of AI risk.Learn more about Akamai: https://itspm.ag/akamailbwcNote: This story contains promotional content. Learn more.Guest: Rupesh Chokshi, SVP & General Manager, Application Security, Akamai | https://www.linkedin.com/in/rupeshchokshi/ResourcesLearn more and catch more stories from Akamai: https://www.itspmagazine.com/directory/akamaiLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, rupesh chokshi, akamai, rsac, ai, security, cisos, api, firewall, llm, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Chris and Hector break down the 2025 Mandiant threat report, expose rising cyberattack trends, rant about bad CISOs, and discuss a wild case of a cybersecurity CEO caught installing malware in a hospital. Join our new Patreon! ⁠https://www.patreon.com/c/hackerandthefed⁠ Send HATF your questions at ⁠questions@hackerandthefed.com

When it comes to cybersecurity, corporate executives are often the most targeted individuals—but their greatest vulnerabilities may lie beyond the office walls. In this episode recorded live at RSAC Conference 2025, Dr. Chris Pierson, Founder and CEO of BlackCloak, joins hosts Sean Martin and Marco Ciappelli to unpack why digital executive protection is now a business necessity, not a luxury.Dr. Pierson—a former two-time CISO, DHS cybersecurity advisor, and chief privacy officer—explains how BlackCloak addresses a long-ignored problem: the personal digital exposure of high-profile individuals and their families. From compromised home networks and identity theft to impersonation scams powered by deepfake technology, today's cyber threats easily bypass corporate defenses by exploiting softer targets at home.Digital Protection That Mirrors Physical SecurityJust as companies rely on third-party providers for health insurance or physical executive protection, Dr. Pierson advocates for a dedicated, privacy-conscious solution for securing personal digital lives. BlackCloak functions as a concierge-style service, guiding individuals through essential steps like securing high-risk accounts, managing privacy settings, shrinking their attack surface, and implementing a modern, multifactor verification system to prevent impersonation attacks.A Framework for ActionAt RSAC, Dr. Pierson unveiled BlackCloak's Digital Executive Protection Framework—a practical tool that includes 14 tenets and over 100 specific actions to assess and improve personal digital security maturity. The goal: help organizations prioritize what matters most. Instead of trying to secure every account or device equally, the framework focuses attention on high-value targets like banking credentials, communication platforms, and personal data exposed via data brokers.From Deepfakes to Real-World ConsequencesPierson also highlights the alarming growth of AI-powered impersonation attacks. With 42% of surveyed CISOs reporting executive-targeted deepfake incidents, and financial losses climbing, companies must think differently. It's not just about technology—it's about trust, relationships, and verification at every level of communication.This episode sheds light on how executive protection is evolving—and why your organization should consider extending its security strategy beyond the boardroom. To see how BlackCloak is redefining protection for the C-suite and their families, listen to the full episode.Learn more about BlackCloak: https://itspm.ag/itspbcwebNote: This story contains promotional content. Learn more.Guest: Chris Pierson, Founder & CEO, BlackCloak | https://www.linkedin.com/in/drchristopherpierson/ ResourcesLearn more and catch more stories from BlackCloak: https://www.itspmagazine.com/directory/blackcloakLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, marco ciappelli, chris pierson, cybersecurity, privacy, deepfakes, identity, executives, framework, protection, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

In this powerful episode of Life of a CISO, Dr. Eric Cole opens by highlighting a key success principle: even the world's top performers — whether in sports, business, or entertainment — rely on coaches to help them spot their blind spots. Drawing from his deep experience coaching CISOs, Dr. Cole shares that cybersecurity leaders are no different. They often miss critical areas simply because they're too focused on day-to-day operations. He emphasizes that one of the most common blind spots for CISOs is the unrealistic pursuit of 100% security, which simply doesn't exist. As Dr. Cole reminds us, every added functionality in a business decreases security — and breaches are not a question of if but when. The episode dives deep into the mindset shift every CISO must make: embracing the breach. This doesn't mean accepting failure, but rather committing to early detection, fast response, and minimizing business impact when an incident occurs. Dr. Cole stresses that a CISO's survival depends on aligning with executives early, clearly communicating that breaches are inevitable, and setting realistic expectations. Without that alignment, companies often fire the CISO after a breach — not because of the breach itself, but because of failed communication. To prevent this, Dr. Cole recommends that CISOs regularly update executives with simple, non-technical risk reports that show the likelihood, potential cost, and status of key security threats. By turning security into a transparent business conversation, CISOs can transform from scapegoats to trusted advisors — even in the face of attacks.  

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this closing conversation from Day One at RSAC Conference 2025, ITSPmagazine co-founders Sean Martin and Marco Ciappelli reflect on what they're hearing in the halls, on the show floor, and in conversations with attendees—and the picture they're painting may surprise you.Sean Martin raises a recurring theme that's come up in multiple off-camera discussions: the increasing hesitancy among CISOs to engage with new vendors or consider new technologies unless they come from familiar sources. The concern isn't about the technology itself—it's about time, trust, and the overwhelming volume of noise. In many cases, CISOs prefer to rely on their peer network rather than explore unknown options, potentially limiting their exposure to different ways of thinking about risk and security.But this isn't just a “vendor fatigue” issue. It's a structural one.Martin points to a conversation with Philip Miller, who emphasized the need for vendors to connect with the security team—not just the CISO. That shift could unlock a healthier, more scalable way to evaluate solutions without overloading leadership. When security teams are empowered to explore, test, and validate, it changes the decision-making dynamic and may lead to more open-minded program development—especially as AI begins reshaping how data and security interact.Meanwhile, Marco Ciappelli looks at this cultural tension from a societal perspective. He draws parallels between the speed of technological progress and the slower-moving nature of regulation, governance, and even human behavior. If security programs are stuck in reactive modes—bound by risk aversion, budget constraints, or outdated expectations—how can they support the innovation their businesses (and society) demand?The two hosts conclude that change isn't just needed—it's already underway, albeit unevenly. The key may lie in empowering the broader security ecosystem, from frontline analysts to policy makers, to think and act with more agility.For those wrestling with how security can lead rather than lag, this conversation offers a timely reflection—and a few provocations worth sitting with.What does a future-ready security program really look like?Learn more and catch more stories from RSAC Conference 2025 coverage: https://www.itspmagazine.com/rsac25___________Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________ResourcesCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this Chats on the Road to RSAC 2025, , Sean Martin and Marco Ciappelli connect with Tim Brown, Chief Information Security Officer at SolarWinds, to unpack the critical issues facing CISOs today—and why the role remains worth pursuing.Brown is participating in multiple sessions at RSAC Conference 2025, including the CISO Bootcamp and Cyber Leaders Forum. Both are closed-door conversations designed to surface real concerns in a confidential, supportive setting. These aren't theoretical discussions—they're rooted in hard-earned experience. Brown, who has faced high-profile scrutiny and legal fallout from a past incident at SolarWinds, brings a uniquely personal perspective to these sessions.He points out that fear and hesitation are keeping many deputy CISOs from stepping up into the top role. His message to them: don't be afraid of the position. Despite the weight of responsibility, the role offers real influence, the ability to shape enterprise architecture, and the opportunity to drive meaningful business decisions. Brown emphasizes the importance of community support and collective growth, noting that the cybersecurity industry—still relatively young—is maturing and finding its footing when it comes to accountability and resilience.Beyond leadership development, mental health and stress management are key themes in the Cyber Leaders Forum. Brown acknowledges the toll the job can take, even sharing that his own health suffered despite thinking he was managing stress well. This honest reflection opens the door for deeper conversations about personal well-being in high-pressure roles.He's also appearing at the Cloud Security Alliance Summit with Chris Hoff, Chief Security Officer at LastPass, where they'll discuss incident response and field questions from the audience. On Wednesday, Brown joins a breakfast session with Tactic and Hyperwise, guiding attendees through a crisis simulation based on lessons from the Sunburst attack. His focus? Helping others avoid being unprepared in a moment of chaos.From insider threat modeling to supply chain transparency and the challenges of monitoring runtime behavior, Brown is clear-eyed about where CISOs need to focus next.This episode isn't just a preview of conference sessions—it's a call to future security leaders to lean in, not back.___________Guest: Tim Brown, CISO, Solarwinds | On LinkedIn: https://www.linkedin.com/in/tim-brown-ciso/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________ResourcesRSAC Session: CLF Ask Me Anything Session with Tim Brown, CISO, SolarWinds: https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739404173721001x1MHRSAC Session: CISO Boot Camp Exclusive Fireside Chat with Tim Brown, CISO, SolarWinds: https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739403254724001isXhCSA Summit at RSAC 2025: Fireside Chat with Tim Brown and Chris Hoff: https://www.csasummitrsac.com/event/5b3547c2-c652-4f77-97de-5b094e746626/agenda?session=1452408b-c822-4664-87b8-38ce1276247bLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

AI Governance, the next frontier for AI Security. But what framework should you use? ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organizations. It is designed for entities providing or utilizing AI-based products or services, ensuring responsible development and use of AI systems. But how do you get certified? What's the process look like? Martin Tschammer, Head of Security at Synthesia, joins Business Security Weekly to share his ISO 42001 certification journey. From corporate culture to the witness audit, Martin walks us through the certification process and the benefits they have gained from the certification. If you're considering ISO 42001 certification, this interview is a must see. In the leadership and communications section, Are 2 CEOs Better Than 1? Here Are The Benefits and Drawbacks You Must Consider, CISOs rethink hiring to emphasize skills over degrees and experience, Why Clear Executive Communication Is a Silent Driver of Organizational Success, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-392