Podcasts about cisos

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

All links and images can be found on CISO Series. Check out this post by Ross Haleliuk of Venture in Security for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Davi Ottenheimer, vp, trust and digital ethics, Inrupt. In this episode: Network security isn't dying—it's evolving The observability layer that can't be replaced What's old is new again The innovation gap Huge thanks to our sponsor, HackerOne Discover how AI innovators like Adobe, Anthropic, and Snap are using AI to find and fix vulnerabilities across the software development lifecycle. HackerOne, the global leader in offensive security solutions, reveals all in the CISOs' guide to securing the future of AI. Download it now to see how AI can strengthen your security posture. Learn more at https://www.hackerone.com/  

In this episode of Life of a CISO, Dr. Eric Cole explains the top priorities every CISO must focus on as we move into 2026. He begins by highlighting the importance of personal health and why nutrition, hydration, and daily habits directly impact your ability to lead and make smart decisions in cybersecurity. After facing his own health challenges and losing friends in the industry, he shares why health must be the starting point for any world-class CISO. Dr. Cole also breaks down what it means to operate as a true chief officer. He covers why CISOs need to work in person with other executives, ask better questions, and always be prepared with the three slides that guide clear risk decisions. He also discusses the lessons learned from recent cloud outages and why understanding risk posture and critical data is essential for 2026. The episode encourages listeners to begin planning now, build their CISO roadmap, reduce noise, and strengthen their executive mindset.   Access Dr. Cole's $299 course deal here: https://ar407.infusionsoft.app/app/storeFront/showProductDetail?productId=135  

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

It's a topic we discuss often on Business Security Weekly: CISO Burnout. It's real, but how should you manage it? Dr. Yonesy Núñez, Global Cybersecurity Executive at Chain Bridge Bank and former Managing Director, Chief Cybersecurity Risk Officer, and Chief Information Security Officer at The Depository Trust & Clearing Corporation (DTCC), joins Business Security Weekly to share his personal insights. An advocate of CISO Health and Wellness, Yonesy will discuss how we can "Optimize the Operator" by creating harmony with mind and spirit. Segment Resources: https://councils.forbes.com/profile/Yonesy-Nunez-Global-Cybersecurity-Executive-Chain-Bridge-Bank/e79e72a5-4b18-48b1-b5ab-8a0afd47d782 In the leadership and communications segment, CISOs are cracking under pressure, How BISOs enable CISOs to scale security across the business, Great Leaders Empower Strategic Decision-Making Across the Organization, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-422

⬥EPISODE NOTES⬥Understanding Beg Bounties and Their Growing ImpactThis episode examines an issue that many organizations have begun to notice, yet often do not know how to interpret. Sean Martin is joined by Casey Ellis, Founder of Bugcrowd and Co-Founder of disclose.io, to break down what a “beg bounty” is, why it is increasing, and how security leaders should think about it in the context of responsible vulnerability handling.Bug Bounty vs. Beg BountyCasey explains the core principles of a traditional bug bounty program. At its core, a bug bounty is a structured engagement in which an organization invites security researchers to identify vulnerabilities and pays rewards based on severity and impact. It is scoped, governed, and linked to an established policy. The process is predictable, defensible, and aligned with responsible disclosure norms.A beg bounty is something entirely different. It occurs when an unsolicited researcher claims to have found a vulnerability and immediately asks whether the organization offers incentives or rewards. In many cases, the claim is vague or unsupported and is often based on automated scanner output rather than meaningful research. Casey notes that these interactions can feel like unsolicited street windshield washing, where the person provides an unrequested service and then asks for payment.Why It Matters for CISOs and Security TeamsSecurity leaders face a difficult challenge. These messages appear serious on the surface, yet most offer no actionable details. Responding to each one triggers incident response workflows, consumes time, and raises unnecessary internal concern. Casey warns that these interactions can create confusion about legality, expectations, and even the risk of extortion.At the same time, ignoring every inbound message is not a realistic long-term strategy. Some communications may contain legitimate findings from well-intentioned researchers who lack guidance. Casey emphasizes the importance of process, clarity, and policy.How Organizations Can PrepareAccording to Casey, the most effective approach is to establish a clear vulnerability disclosure policy. This becomes a lightning rod for inbound security information. By directing researchers to a defined path, organizations reduce noise, set boundaries, and reinforce safe communication practices.The episode highlights the need for community norms, internal readiness, and a shared understanding between researchers and defenders. Casey stresses that good-faith researchers should never introduce payment into the first contact. Organizations should likewise be prepared to distinguish between noise and meaningful security input.This conversation offers valuable context for CISOs, security leaders, and business owners navigating the growing wave of unsolicited bug claims and seeking practical ways to address them.⬥GUEST⬥Casey Ellis, Founder and Advisor at Bugcrowd | On LinkedIn: https://www.linkedin.com/in/caseyjohnellis/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/caseyjohnellis_im-thinking-we-should-start-charging-bug-activity-7383974061464453120-caEWDisclose.io: https://disclose.io/⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

In this episode of Great Women in Compliance, co-host Dr. Hemma Lomax welcomes Shannon Ralich, Vice President of Compliance and Chief Privacy Officer at Machinify, to discuss the evolving landscape of data privacy, cybersecurity, and responsible AI. Shannon shares her remarkable journey from a curious child taking apart electronics to a seasoned leader blending technology, law, and strategy. She offers insight into how curiosity and creativity can fuel governance excellence and explains what it means to design systems that anticipate risk and enable responsible innovation. Together, Hemma and Shannon explore: How privacy and cybersecurity intersect in today's fast-evolving AI environment The most pressing compliance challenges around data governance and global regulation Lessons from the SolarWinds and Uber cases and the growing conversation around individual accountability for CISOs and compliance leaders Practical steps for staying agile—through reliable news sources, cross-functional camaraderie, and professional networks How to translate corporate compliance skills into meaningful community impact through nonprofit leadership and animal rescue advocacy Shannon's message is a powerful reminder that the best leaders bring their full selves to the work: technical precision, ethical clarity, and human compassion. Biography: Shannon Ralich is the Vice President of Compliance and Chief Privacy Officer at Machinify, a healthcare intelligence company applying AI to improve the efficiency and integrity of healthcare payments. With more than 20 years of experience across legal, compliance, privacy, and cybersecurity roles, Shannon specializes in aligning governance frameworks with business innovation. She also serves on the Advisory Board of the Privacy Bar Section of the IAPP (International Association of Privacy Professionals). She is widely respected for her strategic, forward-thinking approach to data protection and responsible AI governance. Beyond her professional expertise, Shannon is a passionate advocate for animal welfare. She sits on the Board of Directors for the Neuse River Golden Retriever Rescue, where she leverages her operational and technological skills to strengthen fundraising, improve systems, and support global rescue missions. A lifelong learner and self-described “builder,” Shannon finds creativity and grounding through woodworking, outdoor adventures with her family, and contributing to causes that make both workplaces and communities more humane. Note: The views expressed in this podcast are our own and do not represent the views of our employers, nor should they be taken as legal advice in any circumstances. 

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

It's a topic we discuss often on Business Security Weekly: CISO Burnout. It's real, but how should you manage it? Dr. Yonesy Núñez, Global Cybersecurity Executive at Chain Bridge Bank and former Managing Director, Chief Cybersecurity Risk Officer, and Chief Information Security Officer at The Depository Trust & Clearing Corporation (DTCC), joins Business Security Weekly to share his personal insights. An advocate of CISO Health and Wellness, Yonesy will discuss how we can "Optimize the Operator" by creating harmony with mind and spirit. Segment Resources: https://councils.forbes.com/profile/Yonesy-Nunez-Global-Cybersecurity-Executive-Chain-Bridge-Bank/e79e72a5-4b18-48b1-b5ab-8a0afd47d782 In the leadership and communications segment, CISOs are cracking under pressure, How BISOs enable CISOs to scale security across the business, Great Leaders Empower Strategic Decision-Making Across the Organization, and more! Show Notes: https://securityweekly.com/bsw-422

It's a topic we discuss often on Business Security Weekly: CISO Burnout. It's real, but how should you manage it? Dr. Yonesy Núñez, Global Cybersecurity Executive at Chain Bridge Bank and former Managing Director, Chief Cybersecurity Risk Officer, and Chief Information Security Officer at The Depository Trust & Clearing Corporation (DTCC), joins Business Security Weekly to share his personal insights. An advocate of CISO Health and Wellness, Yonesy will discuss how we can "Optimize the Operator" by creating harmony with mind and spirit. Segment Resources: https://councils.forbes.com/profile/Yonesy-Nunez-Global-Cybersecurity-Executive-Chain-Bridge-Bank/e79e72a5-4b18-48b1-b5ab-8a0afd47d782 In the leadership and communications segment, CISOs are cracking under pressure, How BISOs enable CISOs to scale security across the business, Great Leaders Empower Strategic Decision-Making Across the Organization, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-422

⬥EPISODE NOTES⬥Understanding Beg Bounties and Their Growing ImpactThis episode examines an issue that many organizations have begun to notice, yet often do not know how to interpret. Sean Martin is joined by Casey Ellis, Founder of Bugcrowd and Co-Founder of disclose.io, to break down what a “beg bounty” is, why it is increasing, and how security leaders should think about it in the context of responsible vulnerability handling.Bug Bounty vs. Beg BountyCasey explains the core principles of a traditional bug bounty program. At its core, a bug bounty is a structured engagement in which an organization invites security researchers to identify vulnerabilities and pays rewards based on severity and impact. It is scoped, governed, and linked to an established policy. The process is predictable, defensible, and aligned with responsible disclosure norms.A beg bounty is something entirely different. It occurs when an unsolicited researcher claims to have found a vulnerability and immediately asks whether the organization offers incentives or rewards. In many cases, the claim is vague or unsupported and is often based on automated scanner output rather than meaningful research. Casey notes that these interactions can feel like unsolicited street windshield washing, where the person provides an unrequested service and then asks for payment.Why It Matters for CISOs and Security TeamsSecurity leaders face a difficult challenge. These messages appear serious on the surface, yet most offer no actionable details. Responding to each one triggers incident response workflows, consumes time, and raises unnecessary internal concern. Casey warns that these interactions can create confusion about legality, expectations, and even the risk of extortion.At the same time, ignoring every inbound message is not a realistic long-term strategy. Some communications may contain legitimate findings from well-intentioned researchers who lack guidance. Casey emphasizes the importance of process, clarity, and policy.How Organizations Can PrepareAccording to Casey, the most effective approach is to establish a clear vulnerability disclosure policy. This becomes a lightning rod for inbound security information. By directing researchers to a defined path, organizations reduce noise, set boundaries, and reinforce safe communication practices.The episode highlights the need for community norms, internal readiness, and a shared understanding between researchers and defenders. Casey stresses that good-faith researchers should never introduce payment into the first contact. Organizations should likewise be prepared to distinguish between noise and meaningful security input.This conversation offers valuable context for CISOs, security leaders, and business owners navigating the growing wave of unsolicited bug claims and seeking practical ways to address them.⬥GUEST⬥Casey Ellis, Founder and Advisor at Bugcrowd | On LinkedIn: https://www.linkedin.com/in/caseyjohnellis/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/caseyjohnellis_im-thinking-we-should-start-charging-bug-activity-7383974061464453120-caEWDisclose.io: https://disclose.io/⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

It's a topic we discuss often on Business Security Weekly: CISO Burnout. It's real, but how should you manage it? Dr. Yonesy Núñez, Global Cybersecurity Executive at Chain Bridge Bank and former Managing Director, Chief Cybersecurity Risk Officer, and Chief Information Security Officer at The Depository Trust & Clearing Corporation (DTCC), joins Business Security Weekly to share his personal insights. An advocate of CISO Health and Wellness, Yonesy will discuss how we can "Optimize the Operator" by creating harmony with mind and spirit. Segment Resources: https://councils.forbes.com/profile/Yonesy-Nunez-Global-Cybersecurity-Executive-Chain-Bridge-Bank/e79e72a5-4b18-48b1-b5ab-8a0afd47d782 In the leadership and communications segment, CISOs are cracking under pressure, How BISOs enable CISOs to scale security across the business, Great Leaders Empower Strategic Decision-Making Across the Organization, and more! Show Notes: https://securityweekly.com/bsw-422

Welcome to To the Point Cybersecurity podcast, brought to you by Forcepoint! This week, hosts Rachael Lyon and Jonathan Knepher are joined by Dr. Christian Dameff, the nation's very first Medical Director of Cybersecurity at UC San Diego Health. Dr. Dameff brings a unique perspective to the evolving intersection of healthcare, patient safety, and cybersecurity—combining his experience as an emergency physician, clinical informaticist, and self-proclaimed lifelong hacker. In this episode, we dive into the critical challenges faced by healthcare organizations, from bridging the gap between CISOs and clinical staff to the urgent realities of cyberattacks that threaten patient outcomes. Dr. Dameff shares real-world stories and research about the very tangible impact of ransomware on hospitals and patient care, emphasizing the need for interdisciplinary collaboration and evidence-based solutions. Whether you're a cybersecurity professional, a healthcare provider, or just interested in how digital threats are reshaping medicine, this episode promises insights into the balancing act between innovation, security, and saving lives. Hit play, subscribe, and join us as we get to the point—where cybersecurity meets patient care! For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e359

SHOW NOTES:In this episode, Matt Zaun sits down with Rob Black, Founder & CEO of Fractional CISO, to demystify cybersecurity for growing companies—without the fear-mongering. Rob explains how his team operates as a virtual CISO (security leader) to strengthen programs, enable enterprise sales, and translate “security-speak” into clear business outcomes.Rob shares why security shouldn't be priority #1 (sales and delivery come first), how to size up the risk when incidents are low-probability but high-impact, and why humor can drive far more adoption than dry policy memos.In this episode, they cover:✅ Prioritization reality: why cybersecurity should be priority 4–5—not 100✅ Humor that converts: skits, wigs, and why fun content outperforms stoic lectures✅ LinkedIn as referral fuel: staying top-of-mind vs. hard selling (and why neighbors all know what Rob does)…and much more.BIOS:Rob Black is the founder of Fractional CISO, where he and his team serve as virtual CISOs for companies. A veteran security leader with an MBA from Kellogg, Rob blends operator pragmatism with clear business storytelling, often using humor to drive adoption of best practices.Matt Zaun is an award-winning speaker and strategic storytelling expert who helps leaders inspire action and drive results through the power of story. He's the author of The StoryBank, a practical playbook for using narrative to build culture, boost sales, strengthen marketing, and become a dynamic public speaker.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Robb Dunewood, Host, Daily Tech News Show, and Howard Holton, CEO, GigaOm Thanks to our show sponsor, KnowBe4 Your email gateway isn't catching everything — and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filter—it's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523. All links and the video of this episode can be found on CISO Series.com

Guests Phil Buck, VP, Workforce Identity Management Business Unit and Darwin Rivera, Manager, Sales Engineering, are hosted by Matthew Lewis, Director of Product Marketing - all of HID GlobalIn this episode, we dive deep into the evolving role of CISOs in shaping holistic security strategies that bridge the gap between physical and cyber domains. Join host Matthew Lewis and leaders Phil Buck and Dr. Darwin Rivera as they unpack the growing influence of identity and access management (IAM), the critical importance of data governance, and the rising challenges posed by third-party risk and agentic AI.From regulatory shifts to real-world breaches, this conversation explores the pressing concerns facing security leaders today—and why the convergence of technologies and responsibilities demands a fresh playbook. Whether you're a seasoned CISO or simply security-curious, this episode offers insights that will reshape how you think about risk, compliance, and the future of enterprise protection.Chapters:0:00 -- Introductions3:21 -- The Role of Data in the Top 5 Concerns CISOs Face Today5:40 -- Data and Risk of Suppliers8:05 -- AI & PIAM Considerations *with Security Breach Example13:18 -- Key Takeaways

Guests Don Campbell, Sr. Director, Product Management and Brent Vernon, Sr. Director, Technology & Product Management, are hosted by Matthew Lewis, Director of Product Marketing - all of HID GlobalIn this episode, we explore the evolving priorities of CISOs in a world where the boundaries between physical and logical security are changing. Host Matthew Lewis is joined by HID's product leaders Don Campbell and Brent Vernon for a candid conversation on the vulnerabilities that persist in modern enterprise environments—and the strategies that forward-thinking security leaders are using to address them.From the risks of credential harvesting and the push toward passwordless authentication, to the overlooked threat posed by contractors and third-party vendors, this discussion reveals why a holistic, always-on approach to identity and access management is no longer optional. Tune in to hear how convergence, collaboration, and smarter tooling are reshaping the security landscape—and what it means for your organization.Chapters:0:00 -- Introductions1:50 -- Data Considerations for CISOs11:00 -- Data Security and Risk That Come with Contractor Workforces14:25 -- Actionable Takeaways

In this episode of the Identity at the Center podcast, hosts Jeff and Jim broadcast from InfoSec World 2025, sharing lively discussions on identity management, AI security, and identity's evolving role in information security. They are joined by Ross Young and G Mark Hardy, co-hosts of the CISO Tradecraft podcast, who share their journeys into cybersecurity, illuminating how identity intersects with cybersecurity topics like deep fakes, AI implications, and non-human identities. The conversation also covers practical advice for securing budget approvals for identity projects and speculations on the role of AI in cybersecurity's future. The episode wraps up with each guest sharing personal ideas for potential new podcast ventures.The CISO Tradecraft podcast: CISOTradecraft.comConnect with Ross: https://www.linkedin.com/in/mrrossyoung/Connect with G Mark: https://www.linkedin.com/in/gmarkhardy/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapters00:00 Introduction and Welcome00:16 Live from InfoSec World 202500:52 Shoutouts and Day Jobs01:37 Meeting Ross and G Mark from the CISO Tradecraft podcast02:22 Ross's Journey into Cybersecurity04:24 G Mark's Cybersecurity Career Path07:44 Top Concerns for CISOs Today09:53 The Role of Identity in Cybersecurity16:18 Challenges and Trends in Identity Management24:33 Pitching Identity Projects to CISOs32:21 The Role of AI in Automating SOC Operations33:23 AI's Impact on Developer Efficiency35:48 The Future of AI-Assisted Coding37:42 Challenges and Opportunities in AI and Cybersecurity39:46 The Importance of Human Expertise in AI Development48:17 The Role of Identity in Information Security49:44 Introduction to CISO Tradecraft Podcast55:24 Podcasting Tips and Personal Interests01:00:48 Conclusion and Final ThoughtsKeywords:Identity at the Center, IDAC, CISO Tradecraft, InfoSec World 2025, cybersecurity leadership, identity security, IAM, AI security, Jeff Steadman, Jim McDonald, Ross Young, G. Mark Hardy, InfoSec, CISOs, cyber career development, non-human identity, deepfakes, security automation

Join host G Mark Hardy in an exciting episode of CISO Tradecraft where we delve into the cutting-edge world of Human AI Security Operation Centers (SOCs). With special guests Brian Carbaugh and William McMillan, former CIA operatives and leading figures in cybersecurity innovation, we explore how AI is transforming the landscape of security operations. Discover the unparalleled efficiency, accuracy, and proactive threat detection offered by AI-driven SOCs compared to traditional platforms. Learn from real-world examples, such as condensing hundreds of investigative hours into just 90 seconds, and understand the critical role of contextual data in modern threat detection. Perfect for CISOs ready to elevate their security strategies, this episode provides actionable insights and expert advice on navigating AI SOC adoption and integration. Don't miss this informative and forward-thinking discussion! Big thanks to our sponsorBig thanks to our sponsor Forcepoint Check out their The Practical Guide to Mastering Data Compliance: https://www.forcepoint.com/resources/ebooks/practical-guide-mastering-data-compliance?utm_source=&sf_src_cmpid=701a600000exxd7AAA&utm_medium=display&utm_content=AW_NC_LinkedInAds_October25_ban&utm_campaign=LinkedInAds_October25William MacMillan - https://www.linkedin.com/in/william-andesite/Brian Carbaugh- https://www.linkedin.com/in/brian-carbaugh-38b339243/

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Wultra provides post-quantum authentication for banks, fintechs, and governments—protecting digital identities from emerging quantum computing threats. In this episode, Peter Dvorak shares how he broke into the notoriously closed banking ecosystem by leveraging his early experience in mobile banking development. From navigating multi-stakeholder enterprise sales to positioning quantum-safe cryptography when the threat timeline remains uncertain (consensus: 2035, but could accelerate), Peter reveals the specific strategies required to sell mission-critical security infrastructure to regulated financial institutions. Topics Discussed How post-quantum cryptography runs on classical computers while protecting against quantum threats Why European banking regulation drives global authentication standards The multi-stakeholder sales process: quantum threat teams, CISOs, CTOs, and digital product owners Conference strategy and analyst relationships (Gartner, KuppingerCole) for category positioning Banking budget cycles and why June/July approaches fail Breaking the "who else is using this?" barrier with banking-specific proof points Positioning as the only post-quantum cryptography provider for digital identity in banking GTM Lessons For B2B Founders Layer future-proofing onto immediate ROI: Post-quantum cryptography doesn't require quantum computers to function—it runs on classical infrastructure while providing superior security. Peter sells banks on moving from SMS OTP to mobile app authentication (tangible, immediate benefit) while positioning quantum resistance as migration insurance: "You won't have to rip-and-replace in three years." For emerging tech, anchor value in today's operational wins, not future scenarios. Give struggling departments concrete wins: Large banks have quantum threat teams tasked with replacing every piece of software by 2030-2035. Peter gives them measurable progress: "We move you from 5% to 10% completion on authentication and digital identity." These teams need defensible projects to justify their existence. Identify which internal groups are fighting for relevance and deliver projects they can report upward. Banking references are binary gatekeepers: Every bank asks "who else is using this?" Non-banking customers (telcos, gaming, lottery) don't count—banking regulation and systems are fundamentally different. The first banking customer is the hardest barrier. Once cleared, subsequent conversations become tractable. Budget aggressively to land that first bank, even at unfavorable terms. Respect the annual budget cycle: Banks allocate resources 12 months ahead. Approaching in Q2/Q3 means budgets are locked—even free POCs fail because internal resources are committed. Peter's pipeline strategy: build relationships and maintain visibility throughout the year, then activate when budget windows open. Don't confuse market education with active pipeline. Map and sequence multi-stakeholder buys: Authentication purchases require alignment across quantum threat teams (if they exist), cybersecurity/compliance, CTO/CIO (infrastructure acceptance), and digital product owners (UX concerns affecting their KPIs). Start at director level—board executives are too removed from technical details. Research each bank's org structure before engaging, then tailor sequencing. EU regulatory leadership creates expansion vectors: European regulations like PSD2 and strong authentication requirements get replicated in Southeast Asia, MENA, and other regions. Peter benefits from solving EU compliance first, then riding regulatory diffusion. The US remains fragmented with smaller regional banks still using username/password. Founders should analyze which geographies lead regulatory adoption in their category. Maintain composure through 18+ month cycles: Peter's regret: losing his temper during negotiations cost him time. Banking doesn't buy impulsively—sales require patience through lengthy security reviews, compliance checks, and committee approvals. Incremental progress and rational positioning matter more than aggressive closing. Emotional control is operational discipline. // Sponsors:  Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership. www.FrontLines.io The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co // Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role.  Subscribe here: https://open.spotify.com/show/53yCHlPfLSMFimtv0riPyM

In this episode of the Cyber Uncut podcast, David Hollingworth catches up with Proofpoint's chief strategy officer, Ryan Kalember, and vice president of systems engineering for the APJ region, Adrian Covich, while attending the Proofpoint Protect Tour in Melbourne. The three talk about the high-level trends and concerns they're seeing from CISOs both in Australia and abroad and the very real challenges of dealing with a fast-paced and ever-evolving threat landscape. Enjoy the episode, The Cyber Uncut team

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this captivating episode of CISO Tradecraft, hosted by G. Mark Hardy, we delve into the incredible life journey of Jeri Ellsworth—a renowned inventor and tech entrepreneur. From her early fascination with electronics in rural Oregon to her innovative ventures in Silicon Valley, Jeri shares her unique experiences and hard-earned wisdom. Discover the highs and lows of her career, including her time at Valve Software, navigating significant security breaches, and her foray into the world of crowdfunding and startups. This episode is packed with invaluable lessons for CISOs, cybersecurity professionals, and aspiring entrepreneurs alike. Tune in now and get inspired by Jeri's story of resilience, innovation, and leadership. Jerri Ellsworth - https://www.linkedin.com/in/jeriellsworth/

Ask Me Anything: vCISO Strategy, IR, and Cyber Leadership | DailyCyber 279 ~ Watch Now ~In this AMA edition of DailyCyber, we go deep on what's actually happening in cybersecurity leadership today.From emotional regulation in the SOC to unapproved AI tools in the workplace, this episode unpacks the real conversations CISOs and vCISOs are having behind closed doors.

In this urgent and eye-opening episode of Life of a CISO, Dr. Eric Cole dives into one of the most consequential moments in U.S. cybersecurity history: the expiration of the Information Sharing Act of 2015, which quietly lapsed the same day the government shut down. Dr. Cole explains how this coincidence has effectively cut off the flow of critical cyber threat intelligence between the U.S. government and private sector, leaving organizations blind to emerging attacks and operating at a major disadvantage. He breaks down the data-driven realities every CISO must communicate to their executive teams: The collapse of formal information sharing protections and the resulting liability risks for companies. The severe reduction of federal cybersecurity capacity, with 65% of CISA furloughed. The surge in cyberattacks from foreign adversaries exploiting U.S. vulnerability. Practical strategies for regaining the upper hand—reducing attack surfaces, deploying AI-based threat detection, and reassessing over-reliance on cloud providers following suspicious AWS and Microsoft outages. Dr. Cole urges CISOs to lead with data, not emotion, and to act decisively in this new era of "cyber wartime." Whether you're an executive or a security professional, this episode delivers the critical insights and strategic playbook you need to safeguard your organization when the nation's early warning system has gone dark.  

What's the biggest attack vector for breaches besides all of the human related ones (i.e., social engineering, phishing, compromised credentials, etc.)? You might think vulnerabilities, but it's actually misconfiguration. The top breach attack vectors are stolen or compromised credentials, phishing, and misconfigurations, which often work together. So why is it so hard to properly configure your systems? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss Defense Against Configurations and how ThreatLocker can automatically identify misconfigurations and map them to your environment's compliance and security requirements. Rob will discuss how ThreatLocker Defense Against Configurations dashboard can: Identify misconfigurations before they become exploited vulnerabilities Monitor configuration compliance with major frameworks Receive clear, actionable remediation guidance and more! This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, Cybersecurity management for boards: Metrics that matter, The Emotional Architecture of Leadership: Why Energy, Not Strategy, Builds Great Teams, Your Transformation Can't Succeed Without a Talent Strategy, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-420

Former FBI operative and cybersecurity strategist Eric O'Neill returns to Reimagining Cyber to discuss his new book Spies, Lies, and Cybercrime. Eric introduces his D.I.C.E.D. model—a spy-inspired framework for understanding how deception and espionage fuel today's cyberattacks. He and host Rob Aragao dive into how AI is transforming impersonation scams, what the coming quantum era means for encryption and digital trust, and how CISOs can prepare for the evolving threat landscape.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

What's the biggest attack vector for breaches besides all of the human related ones (i.e., social engineering, phishing, compromised credentials, etc.)? You might think vulnerabilities, but it's actually misconfiguration. The top breach attack vectors are stolen or compromised credentials, phishing, and misconfigurations, which often work together. So why is it so hard to properly configure your systems? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss Defense Against Configurations and how ThreatLocker can automatically identify misconfigurations and map them to your environment's compliance and security requirements. Rob will discuss how ThreatLocker Defense Against Configurations dashboard can: Identify misconfigurations before they become exploited vulnerabilities Monitor configuration compliance with major frameworks Receive clear, actionable remediation guidance and more! This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, Cybersecurity management for boards: Metrics that matter, The Emotional Architecture of Leadership: Why Energy, Not Strategy, Builds Great Teams, Your Transformation Can't Succeed Without a Talent Strategy, and more! Show Notes: https://securityweekly.com/bsw-420

What's the biggest attack vector for breaches besides all of the human related ones (i.e., social engineering, phishing, compromised credentials, etc.)? You might think vulnerabilities, but it's actually misconfiguration. The top breach attack vectors are stolen or compromised credentials, phishing, and misconfigurations, which often work together. So why is it so hard to properly configure your systems? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss Defense Against Configurations and how ThreatLocker can automatically identify misconfigurations and map them to your environment's compliance and security requirements. Rob will discuss how ThreatLocker Defense Against Configurations dashboard can: Identify misconfigurations before they become exploited vulnerabilities Monitor configuration compliance with major frameworks Receive clear, actionable remediation guidance and more! This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, Cybersecurity management for boards: Metrics that matter, The Emotional Architecture of Leadership: Why Energy, Not Strategy, Builds Great Teams, Your Transformation Can't Succeed Without a Talent Strategy, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-420

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode, Dr. Dave Chatterjee sits down with Pam Lindemoen, Chief Security Officer and Vice President of Strategy at the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC), to explore the CISO's evolving role in global nonprofit organizations. Moving beyond traditional corporate metrics of cost and compliance, Lindemoen reveals how cybersecurity leadership in the nonprofit sector is ultimately about preserving trust, protecting donor data, and sustaining mission-driven operations. Drawing on three decades of experience across healthcare, finance, and retail, Lindemoen shares how RH-ISAC has become a collaborative force multiplier, enabling member companies to detect, respond, and adapt collectively to cyber threats. Through the Commitment–Preparedness–Discipline (CPD) framework, Dr. Chatterjee and Lindemoen illustrate how leadership, empathy, and shared intelligence drive resilience across the nonprofit ecosystem.Time Stamps• 00:49 — Dave introduces the topic and Pam Lindemoen's professional journey.• 02:49 — Career reflections: from IT foundations to cybersecurity leadership.• 04:23 — Inside RH-ISAC: a trusted model for cross-industry collaboration.• 07:06 — Navigating dual responsibilities—defending RH-ISAC and empowering members.• 09:09 — Governance, trust, and relationship management in a global community.• 12:27 — RH-ISAC's differentiation and member-driven value.• 14:00 — Leadership through listening and connection.• 20:50 — Advice for CISOs exploring nonprofit leadership paths.• 24:26 — Real-world example: supply chain attack mitigation through shared intelligence.• 27:55 — Final reflections on collective trust, collaboration, and resilience.To access and download the entire podcast summary with discussion highlights - https://www.dchatte.com/episode-94-guardians-of-trust-the-cisos-strategic-role-in-global-non-profits/Connect with Host Dr. Dave Chatterjee LinkedIn: https://www.linkedin.com/in/dchatte/ Website: https://dchatte.com/Books PublishedThe DeepFake ConspiracyCybersecurity Readiness: A Holistic and High-Performance ApproachArticles PublishedRamasastry, C. and Chatterjee, D. (2025). Trusona: Recruiting For The Hacker Mindset, Ivey Publishing, Oct 3, 2025.Chatterjee, D. and Leslie, A. (2024). “Ignorance is not bliss: A human-centered whole-of-enterprise approach to cybersecurity preparedness,” Business Horizons, Accepted on Oct 29, 2024.Isik, O., Chatterjee, D., and Lourenco, D.A. (2024). “Getting Cybersecurity Right,” California Management Review — Insights, Accepted for Publication, July 8, 2024.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Podcast: Industrial Cybersecurity InsiderEpisode: Dispelling IT/OT Convergence Challenges and MythsPub date: 2025-10-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Craig and Dino tackle IT/OT convergence, operational technology security, and manufacturing cybersecurity challenges head-on. They challenge the notion of OT being a "shadow IT group" and explore the fundamental differences between IT and OT operations in industrial environments. The discussion emphasizes that OT focuses on safety and physical outcomes, while IT prioritizes data security. They stress the importance of collaboration between IT and OT teams, highlighting how system integrators, OEMs, and plant operators must work together to improve cybersecurity posture. The conversation covers practical issues like Overall Equipment Effectiveness (OEE), incident response, and the need for proper funding and governance. Both advocate for CISOs and CIOs to actively engage with OT teams and system integrators, visit manufacturing facilities, and understand the unique challenges of industrial control systems to achieve true convergence and protect manufacturing plants and critical infrastructure.Chapters:00:00:00 - Opening Shot: Who's Really in Charge—CIOs or the Plant Floor?00:00:57 - Collision Course: IT and OT Can't Keep Dodging Each Other00:01:52 - Two Worlds, One Mission: Why OT Isn't Just “IT in a Hard Hat”00:04:07 - When Convergence Fails: What's Missing in the Middle00:05:54 - Breaking Silos: Why Cybersecurity Demands True Collaboration00:08:22 - Real Talk: What Cyber Protection Looks Like on the Plant Floor00:10:46 - OT's Tipping Point: Will the Next Move Come from IT, or the Shop Floor?00:17:32 - Your Move: What Leaders Must Do Next (Before It's Too Late)Links And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Organizations that successfully earn and keep the trust of their customers, employees, and partners experience better business outcomes, more engagement, and competitive differentiation. But what does that trust look like and who's responsible for building and maintaining that trust? Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research, joins Business Security Weekly to discuss the emergence of the Chief Trust Officer. For organizations that refuse to leave trust to chance, chief trust officers have emerged as the role responsible for shaping their firm's destiny. Jeff will explain why the role has emerged and details its responsibilities, organizational structures, and measures for success. In the leadership and communications segment, Why must CISOs slay a cyber dragon to earn business respect?, Simon Sinek says the most successful people in the world ‘hit zero' or came close to it: Failure is ‘the gift', The Remote Leadership Paradox: Why Your Team Feels Micromanaged AND Abandoned (And How to Fix It), and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-419

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Organizations that successfully earn and keep the trust of their customers, employees, and partners experience better business outcomes, more engagement, and competitive differentiation. But what does that trust look like and who's responsible for building and maintaining that trust? Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research, joins Business Security Weekly to discuss the emergence of the Chief Trust Officer. For organizations that refuse to leave trust to chance, chief trust officers have emerged as the role responsible for shaping their firm's destiny. Jeff will explain why the role has emerged and details its responsibilities, organizational structures, and measures for success. In the leadership and communications segment, Why must CISOs slay a cyber dragon to earn business respect?, Simon Sinek says the most successful people in the world 'hit zero' or came close to it: Failure is 'the gift', The Remote Leadership Paradox: Why Your Team Feels Micromanaged AND Abandoned (And How to Fix It), and more! Show Notes: https://securityweekly.com/bsw-419

Organizations that successfully earn and keep the trust of their customers, employees, and partners experience better business outcomes, more engagement, and competitive differentiation. But what does that trust look like and who's responsible for building and maintaining that trust? Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research, joins Business Security Weekly to discuss the emergence of the Chief Trust Officer. For organizations that refuse to leave trust to chance, chief trust officers have emerged as the role responsible for shaping their firm's destiny. Jeff will explain why the role has emerged and details its responsibilities, organizational structures, and measures for success. In the leadership and communications segment, Why must CISOs slay a cyber dragon to earn business respect?, Simon Sinek says the most successful people in the world 'hit zero' or came close to it: Failure is 'the gift', The Remote Leadership Paradox: Why Your Team Feels Micromanaged AND Abandoned (And How to Fix It), and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-419

Amit Zavery, President, Chief Product Officer, and Chief Operating Officer at ServiceNow, sits down to talk with Bob Evans in this special episode of Cloud Wars Live. They dive deep into how ServiceNow's AI Experience is transforming enterprise workflows through automation, governance, and personalization. Zavery outlines a bold vision for delivering real ROI and trusted AI at scale.Reimagining Workflow with AI Experience The Big Themes:ServiceNow's AI Experience Is About Unified, Actionable Intelligence: Amit Zavery describes ServiceNow's AI Experience as more than a conversational interface, it's an orchestrated, end-to-end workflow platform that integrates voice, text, image recognition, agents, and enterprise systems. It's designed to eliminate the “spare part world” of fragmented tools and disconnected apps. By delivering one multimodal, multilingual interface, ServiceNow enables users to not just find information, but actually complete tasks and workflows.AI Governance and Control Are Built In, Not Bolted On: The AI Control Tower is ServiceNow's answer to one of the biggest enterprise challenges: AI governance. With this feature, companies can discover, monitor, and manage all AI usage, not only from ServiceNow but across third-party systems, too. CIOs and CISOs gain the ability to track who is using what AI systems, what agents are doing, and what data is being accessed.Industry-Specific Use Cases Drive Real-World AI Value: Enterprise AI Zavery says must be contextual, curated, and tightly integrated with business processes. ServiceNow is collaborating with customers like AstraZeneca (pharma), BT (telecom), and Rossmann (retail) to deploy agentic AI that delivers real value in vertical-specific environments. These aren't generic AI chatbots; they're intelligent agents embedded in workflows that help store managers order inventory, researchers manage supply chains, and employees navigate complex rules.The Big Quote: “I call it the spare part world we are in right now, and it's a very difficult thing for a lot of the leaders to really keep up with it. One to know, what are you using? How are you using it? What is the ROI on it? What are the costs associated with that?” Visit Cloud Wars for more.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode of The New CISO (Episode 136), host Steve Moore speaks with Carl Cahill, CISO, about a deliberate, methodical approach to career growth—and why every leader must “pick their pain” to progress.From combat arms in the U.S. Army to Active Directory engineering and large-enterprise incident response, Carl shares the pivotal choices that shaped his leadership. He opens up about moving from certifications to business fluency, using a personal gap analysis to chart his path to the C-suite, and how feedback like being called a “propeller head” pushed him to translate geek speak into the language of finance, law, and strategy. Carl also explains his five-phase 100-day plan, why IR readiness comes first, and how “radical collaboration” defines the modern CISO.Key Topics Covered:Early career pivots: Army leadership, perseverance, and precision → IT foundationsCertifications as a fast track (then) vs. blended learning and passion projects (now)The “pick your pain” decision: staying comfortable vs. returning to school to advanceBuilding a CISO gap analysis from job reqs and targeting stretch assignmentsUpgrading the lexicon: finance, legal, and general management (e.g., Wharton GMP)Turning tough feedback into growth: from geek speak to boardroom dialogueConsulting variety vs. ownership: when to switch for long-term impactThe 100-day plan: assess → plan → act → measure → adjust (with IR first)Stakeholder mapping, team SWOTs, and making strategy stick beyond 90 daysMetrics as a “health language” and why today's CISO must be a radical collaboratorCarl's story shows how intentional trade-offs—education, language, and leadership style—compound into career momentum. His roadmap helps CISOs and aspiring leaders navigate transitions with discipline, communicate across the business, and build resilient teams that lead with clarity.