Podcasts about cisos

All links and images can be found on CISO Series. This week's episode is hosted by David Spark, producer of CISO Series and Andy Ellis, principal of Duha. Joining them is Sara Madden, CISO, Convera. In this episode: Hold developers accountable Credibility through candor Be strategic with AI deployment Resources don't guarantee security Huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Jen Easterly to helm RSAC Windows January update causes login problems UK police blame Copilot for intelligence mistake Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com.  

In this episode of Life of a CISO, Dr. Eric Cole sits down with cybersecurity leader Matthew Webster to explore what it really takes to succeed in the modern CISO role. Matthew shares his journey from IT into federal and commercial cybersecurity, the lessons that shaped his leadership approach, and why technical skills alone aren't enough at the executive level. Together, they discuss the importance of communication, influence, and business alignment, how CISOs can navigate compliance and legal challenges, and why building strong relationships with executives and legal teams is critical. This conversation offers practical insights for current and aspiring CISOs on translating cyber risk into business value, earning a seat at the table, and leading with clarity in an increasingly complex security landscape.  

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

A world renowned cybersecurity expert with more than 30 years of network security experience, Dr. Eric Cole – founder and CEO of Secure Anchor – helps organizations curtail the risk of cyber threats. He has worked with a variety of clients ranging from Fortune 50 companies, to top international banks, to the CIA, for which he was a professional hacker. In this episode, Dr. Cole and host Scott Schober discuss what CISOs must prepare for as we take on the next 5 years. To learn more about our sponsor, visit https://drericcole.org

U.S. weighs private companies' cyberwarfare roles China: stop using US and Israeli cybersecurity software DeadLock uses smart contracts to hide work Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.  

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

GoBruteforcer targets blockchain projects Android accessibility issue just a bug Verizon to stop automatic phone unlocks Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.  

A ransomware attack doesn't always announce itself with flashing warnings and locked screens. Sometimes it starts with a quiet system outage, a few unavailable servers, and a sinking realization days later that the threat actors were already inside. This conversation pulls back the curtain on what really happens when an organization believes it's dealing with routine failures only to discover it's facing a full-scale cyber extortion event. My guest today is Zachary Lewis, CIO and CISO for a Midwest university, a 40 Under 40 Business Leader, and a former Nonprofit CISO of the Year. Zachary shares the inside story of a LockBit ransomware attack that unfolded while his team was still building foundational security controls, forcing real-time decisions about recovery, disclosure, negotiations, and whether paying a ransom was even an option. We talk about the shame that keeps many cyber incidents hidden, the emotional weight leaders carry during these moments, and the practical realities that don't show up in tabletop exercises from buying bitcoin to restoring systems when password managers are encrypted. It's an honest, grounded discussion about resilience, preparedness, and why sharing these stories openly may be one of the most important defenses organizations have. Show Notes: [04:05] Zachary Lewis explains why the absence of an immediate ransom note delayed suspicion of an attack. [06:00] The first technical indicators suggest something more serious is unfolding. [07:45] Discovering encrypted hypervisors and realizing recovery won't be straightforward. [09:30] Zachary outlines when data exfiltration became a real concern. [11:05] Receiving the LockBit ransomware note confirms the organization has been compromised. [12:55] The 4:30 a.m. phone call pushes leadership into full crisis mode. [14:40] Zachary reflects on managing fear, responsibility, and decision fatigue mid-incident. [16:20] Executive expectations collide with technical realities during the breach. [18:05] Why "doing most things right" still doesn't guarantee protection. [19:55] Cyber insurance begins shaping early response decisions. [21:35] Bringing in incident response teams and legal counsel under tight timelines. [23:20] Zachary describes working with the FBI and understanding jurisdictional limits. [25:10] What law enforcement can and cannot realistically provide during ransomware events. [26:50] Opening communication channels with the threat actors. [28:35] The psychological pressure behind ransomware negotiations. [30:10] Attacker-imposed timelines force rapid, high-stakes decisions. [31:55] Zachary walks through the practical challenges of acquiring cryptocurrency. [33:40] Why encrypted password managers created unexpected recovery barriers. [35:15] Determining which systems could be restored first—and which could not. [37:00] Lessons learned about backup integrity and offline recovery. [38:45] The importance of clear internal communication during uncertainty. [40:25] Balancing transparency with legal and reputational concerns. [42:10] How staff reactions differed from executive responses. [43:55] Zachary discusses the stigma that keeps many ransomware incidents quiet. [45:40] Why sharing breach stories can strengthen collective defenses. [47:20] MFA gaps and configuration issues exposed by the attack. [49:05] Why tabletop exercises fall short of real-world incidents. [50:50] Long-term security changes made after recovery. [52:30] Zachary offers advice for CISOs facing their first major incident. [54:10] What preparedness really means beyond compliance checklists. [56:00] Why resilience and recovery deserve equal priority. [58:30] Final reflections on leadership, accountability, and learning in public. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Zachary Lewis - The Homesteading CISO Zach Lewis - LinkedIn

All links and images can be found on CISO Series. This week's episode is hosted by David Spark, producer of CISO Series and Matthew Southworth, CSO, Priceline. Joining them is sponsored guest, Saket Modi, CEO, Safe Security. This episode was recorded live at FAIRCON25 in NYC. In this episode: AI won't stay broken Identity before intelligence People decide risk appetite Automate with oversight Huge thanks to our sponsor, Safe Security SAFE is the leader in Cyber Risk Quantification and the first company to deliver 100% autonomous Third-Party Risk Management. Powered by Agentic AI and built on FAIRtm, SAFE empowers CISOs, cybersecurity, and TPRM leaders to continuously quantify, prioritize, and mitigate cyber risks across their entire attack surface – enabling digital growth and organizational resilience. Learn more at testdrive.safe.security/

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Instagram denies breach post-data leak Sweden detains consultant suspected of spying n8n supply chain attack steals OAuth tokens Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.  

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Johna Till Johnson, CEO and Founder, Nemertes (check out the Nemertes substack) and Jason Shockey, CISO, Cenlar FSB. Jason will be speaking at MBA Servicing Solution26 in Texas in late February. Details here. Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. All links and the video of this episode can be found on CISO Series.com 

BreachForums hacking forum database leaked exposing 324,000 accounts Instagram breach exposes user data, creates password reset panic UK government exempts self from flagship cyber law Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com.    

What if the difference between AI mediocrity and breakthrough isn't the tool—it's how you architect your approach? Carter Jensen from The Uncommon Business joins the crew to reveal why most people are stuck "button pushing" while others are unlocking 3X productivity gains. This isn't theory; it's the frontline reality of businesses transforming workflows with the right AI architecture. If you're tired of surface-level AI hype and ready for actionable intelligence on integrating AI into security, compliance, and everyday business operations, this episode delivers. Whether you're Blockbuster or Netflix is up to you.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Microsoft to enforce MFA for Microsoft 365 admin center sign-ins Cisco patches ISE security vulnerability after PoC release Illinois state agency breaches itself Huge thanks to our sponsor, Hoxhunt A small tip for CISOs: if you're unsure whether your security training is actually reducing phishing risk, check out what Qualcomm achieved with Hoxhunt. They took their 1,000 highest-risk users from consistent under-performers to outperforming the rest of the company, driving measurable human risk reduction and earning a CSO50 Award. See the Qualcomm case at hoxhunt.com/qualcomm Find the stories behind the headlines at CISOseries.com.

In this episode of DisrupTV, we tackle one of the most urgent leadership challenges of our time: navigating AI-driven cybersecurity threats, geopolitical uncertainty, and converging risk. Hosts Ray Wang and Vala Afshar are joined by: Andre Pienaar, CEO & Founder of C5 Capital Dr. David Bray, Distinguished Chair at the Stimson Center & CEO of LDA Ventures Ken Banta, leadership expert and advisor Together, they explore why AI and cybersecurity budgets must rise together, how human–AI collaboration is reshaping cyber defense, and what leaders must do now to prepare for quantum disruption, AI-enabled attacks, and regulatory fragmentation. The conversation also dives into the human side of leadership—from self-awareness and trust to the evolving role of General Counsel as the conscience of the organization. This is a must-listen for boards, CEOs, CISOs, General Counsel, and leaders navigating risk in the Age of Intelligence.

All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Ejona Preci, group CISO, LINDAL Group. In this episode:  Consequence, not controls The credibility gap Defining the undefined Expanding the mandate A huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

In this Brand Highlight, we talk with Denny LeCompte, CEO and Co-Founder of Portnox, about how identity and access control are changing as AI-driven agents and synthetic identities become active participants inside enterprise environments.Passwords still sit at the root of many security failures, which is why the conversation starts with the fundamentals: controlling who can access data, from where, and under what device and policy conditions. Certificate-based authentication emerges as a practical way to reduce password dependency while keeping enforcement tied to managed devices and policy compliance.The discussion then shifts to what is changing for security leaders. CISOs may feel more confident managing traditional cyber threats, but uncertainty rises quickly when AI-generated and non-human identities enter the picture. Agentic AI turns automation into an entity that touches networks and applications, making access control a first-order requirement rather than an afterthought.A clear theme emerges throughout the conversation: synthetic identities are not hypothetical. They appear anywhere autonomous agents require permissions to act, from software development to workflow automation. Applying the same discipline used for human identities, including least privilege, scope limitation, and policy enforcement, becomes essential to maintaining control as AI adoption accelerates.Note: This story contains promotional content. Learn more.GuestDenny LeCompte, CEO and Co-Founder of Portnoxhttps://www.linkedin.com/in/dennylecompte/ResourcesLearn more about Portnox: https://www.portnox.com/Are you interested in telling your story?Full Length Brand Story: https://www.studioc60.com/content-creation#fullBrand Spotlight Story: https://www.studioc60.com/content-creation#spotlightBrand Highlight Story: https://www.studioc60.com/content-creation#highlightKeywords: sean martin, denny lecompte, portnox, identity, access, zero trust, passwordless, certificates, agentic ai, synthetic identities, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode of The New CISO, host Steve Moore speaks with Alex Rice, Founder, CTO, and CISO at HackerOne, about challenging one of cybersecurity's most deeply held beliefs—that security should be the top priority. Drawing from his journey building security programs at Facebook and founding HackerOne, Alex introduces the "safety third" philosophy and explains why accepting that security is never first can actually make you more effective as a leader.Alex shares his unconventional path into cybersecurity, starting as a 14-year-old programmer in rural Florida and eventually leading product security at Facebook during its explosive growth. He reveals how Facebook ran 70+ penetration tests annually with top-tier vendors and still wasn't finding enough vulnerabilities—until they opened the doors to the hacker community and received over 300 valid findings in a single weekend. This experience became the foundation for HackerOne's bug bounty platform.The conversation tackles critical leadership challenges facing modern CISOs, including the toxic tendency toward victim blaming when breaches occur, why security teams struggle with customer-centric design, and how to avoid becoming the team everyone knows only for blocking work and sending phishing tests. Alex argues that security professionals must stop drinking their own Kool-Aid and recognize that usability and business outcomes will always take precedence over security controls.In the episode's second half, Alex addresses AI's role in security operations with refreshing pragmatism. Rather than chasing grandiose AI visions, he advocates for starting with narrow, well-defined tasks where agents can replace security toil—like automated CVSS scoring or vulnerability triage—building trust and expertise before tackling more ambitious projects. He warns against the current trend of AI tools that find more problems when security teams desperately need help fixing the mountain of issues they already know about.Alex also challenges CISOs to stop over-owning problems like asset inventory management that rightfully belong to other executives, emphasizing the importance of cross-functional collaboration over building security-owned solutions that ultimately fail. Throughout the discussion, he champions a philosophy of empathy, customer-centricity, and accepting hard truths about security's actual place in business priorities—a mindset shift that paradoxically makes security leaders far more effective.Key Topics Discussed:Why "safety third" should be every CISO's operating philosophyThe problem with victim blaming in cybersecurity incidentsBuilding customer-centric security programs that enable rather than blockLessons from scaling Facebook's security program with 70 pen tests per yearThe origin story of HackerOne and crowdsourced security testingHow to avoid becoming the security team everyone resentsPractical AI implementation: Starting with toil elimination, not transformationWhy CISOs over-own asset management and other problemsThe importance of process mapping before deploying AI agentsAligning security teams closely with AI and software...

In this episode of Life of a CISO, Dr. Eric Cole explains why intellectual property is becoming the most important cybersecurity priority for organizations as artificial intelligence accelerates innovation and imitation. As AI makes products, services, and content easier to replicate, traditional approaches to data security are no longer enough. Dr. Cole breaks down why trademarks, copyrights, patents, and trade secrets are now the true differentiators in the market and how failing to protect them directly impacts company valuation and competitiveness. Looking toward 2030 and beyond, this episode challenges outdated security models and shows how cybersecurity, AI, cloud, and IT must align around protecting intellectual property as a unified strategy. Dr. Cole shares practical guidance on identifying an organization's most valuable IP, closing gaps between legal policy and technical controls, and using AI defensively to stay ahead of competitors and emerging threats. This episode is essential listening for CISOs, executives, and board leaders focused on long term growth, security, and business value.  

Grant Asplund is a cybersecurity evangelist with over 25 years of experience helping organizations defend against sophisticated cyber threats. He travels globally, speaking at major conferences like RSA, engaging with analysts, partners, and media to advance security across cloud, mobile, and infrastructure. Grant has held leadership roles across sales, marketing, and executive management at companies including Dome9, Blue Coat, Neustar, and Altor Networks, and previously led MetaInfo through its acquisition by Neustar. He also hosts the CISO Secrets and Talking Cloud podcasts, where he explores cloud security trends and real-world leadership insights.00:00 intro03:00 Our Guest05:13 Start with a Helpdesk role10:00 Ai taking over roles13:35 AI first mindset35:10 The future of AI tools45:07 CISOs report to the board  49:05 More about Grant

#SecurityConfidential #DarkRhiinoSecurityGrant Asplund is a cybersecurity evangelist with over 25 years of experience helping organizations defend against sophisticated cyber threats. He travels globally, speaking at major conferences like RSA, engaging with analysts, partners, and media to advance security across cloud, mobile, and infrastructure. Grant has held leadership roles across sales, marketing, and executive management at companies including Dome9, Blue Coat, Neustar, and Altor Networks, and previously led MetaInfo through its acquisition by Neustar. He also hosts the CISO Secrets and Talking Cloud podcasts, where he explores cloud security trends and real-world leadership insights.00:00 intro03:00 Our Guest05:13 Start with a Helpdesk role10:00 Ai taking over roles13:35 AI first mindset35:10 The future of AI tools45:07 CISOs report to the board 49:05 More about Grant----------------------------------------------------------------------To learn more about Grant visit https://www.linkedin.com/in/grantasplund/To learn more about Dark Rhiino Security visit https://www.darkrhiinosecurity.com----------------------------------------------------------------------

A world renowned cybersecurity expert with more than 30 years of network security experience, Dr. Eric Cole – founder and CEO of Secure Anchor – helps organizations curtail the risk of cyber threats. He has worked with a variety of clients ranging from Fortune 50 companies, to top international banks, to the CIA, for which he was a professional hacker. In this episode, Dr. Cole and host Scott Schober discuss what CISOs need to know as we settle into 2026. To learn more about our sponsor, visit https://drericcole.org

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Cyber threats and cyber criminals indiscriminately target the old as well as young regardless of race, creed or origin. Teens and young adults must realize that on the Internet nobody knows you're a rat. How do we keep kids and young adults safe in an era of AI-driven attacks? Tom Arnold, Adjunct Professor, Digital Evidence & Forensics, Cybersecurity Graduate Program at the University of Nevada Las Vegas, joins Business Security Weekly to discuss his new book: The Digital Detective: First Intervention. We examine how technologies like deepfakes, voice cloning, and hyper-personalized scams are being used to target younger audiences, and what parents, educators, communities, and CISOs can do to build awareness, resilience, and smart digital habits. Learn how today's highly organized operations, powered by automation and advanced AI, power the bad actors' tools, techniques, and procedures—making them more effective than ever. Understanding the past helps us prepare for the future—and protect the next generation online, including our employees. Segment Resources: https://www.idigitaldetective.com/blog https://www.idigitaldetective.com/ https://www.unlv.edu/degree/ms-cybersecurity In the leadership and communications segment, Executives say cybersecurity has outgrown the IT department, The Most Dangerous Leadership Mistake Isn't a Wrong Answer. It's a Wrong Question, Building cyber talent through competition, residency, and real-world immersion, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-429

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The UK hits reset on cybersecurity No MFA, Know Problems US may have coordinated cyberattacks with Maduro's arrest Huge thanks to our sponsor, Hoxhunt A small tip for CISOs: if you're unsure whether your security training is actually reducing phishing risk, check out what Qualcomm achieved with Hoxhunt. They took their 1,000 highest-risk users from consistent under-performers to outperforming the rest of the company, driving measurable human risk reduction and earning a CSO50 Award. See the Qualcomm case at hoxhunt.com/qualcomm

Cyber threats and cyber criminals indiscriminately target the old as well as young regardless of race, creed or origin. Teens and young adults must realize that on the Internet nobody knows you're a rat. How do we keep kids and young adults safe in an era of AI-driven attacks? Tom Arnold, Adjunct Professor, Digital Evidence & Forensics, Cybersecurity Graduate Program at the University of Nevada Las Vegas, joins Business Security Weekly to discuss his new book: The Digital Detective: First Intervention. We examine how technologies like deepfakes, voice cloning, and hyper-personalized scams are being used to target younger audiences, and what parents, educators, communities, and CISOs can do to build awareness, resilience, and smart digital habits. Learn how today's highly organized operations, powered by automation and advanced AI, power the bad actors' tools, techniques, and procedures—making them more effective than ever. Understanding the past helps us prepare for the future—and protect the next generation online, including our employees. Segment Resources: https://www.idigitaldetective.com/blog https://www.idigitaldetective.com/ https://www.unlv.edu/degree/ms-cybersecurity In the leadership and communications segment, Executives say cybersecurity has outgrown the IT department, The Most Dangerous Leadership Mistake Isn't a Wrong Answer. It's a Wrong Question, Building cyber talent through competition, residency, and real-world immersion, and more! Show Notes: https://securityweekly.com/bsw-429

Cyber threats and cyber criminals indiscriminately target the old as well as young regardless of race, creed or origin. Teens and young adults must realize that on the Internet nobody knows you're a rat. How do we keep kids and young adults safe in an era of AI-driven attacks? Tom Arnold, Adjunct Professor, Digital Evidence & Forensics, Cybersecurity Graduate Program at the University of Nevada Las Vegas, joins Business Security Weekly to discuss his new book: The Digital Detective: First Intervention. We examine how technologies like deepfakes, voice cloning, and hyper-personalized scams are being used to target younger audiences, and what parents, educators, communities, and CISOs can do to build awareness, resilience, and smart digital habits. Learn how today's highly organized operations, powered by automation and advanced AI, power the bad actors' tools, techniques, and procedures—making them more effective than ever. Understanding the past helps us prepare for the future—and protect the next generation online, including our employees. Segment Resources: https://www.idigitaldetective.com/blog https://www.idigitaldetective.com/ https://www.unlv.edu/degree/ms-cybersecurity In the leadership and communications segment, Executives say cybersecurity has outgrown the IT department, The Most Dangerous Leadership Mistake Isn't a Wrong Answer. It's a Wrong Question, Building cyber talent through competition, residency, and real-world immersion, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-429

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Peter Clay, CISO, Aireon, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, HoxHunt A small tip for CISOs: if you're unsure whether your security training is actually reducing phishing risk, check out what Qualcomm achieved with Hoxhunt. They took their 1,000 highest-risk users from consistent under-performers to outperforming the rest of the company, driving measurable human risk reduction and earning a CSO50 Award. See the Qualcomm case at hoxhunt.com/qualcomm All links and the video of this episode can be found on CISO Series.com  

Guest: Chris Sistrunk, Technical Leader, OT Consulting, Mandiant Topics: When we hear "attacks on Operational Technology (OT)" some think of Stuxnet targeting PLCs or even backdoored pipeline control software plot in the 1980s. Is this space always so spectacular or are there less "kaboom" style attacks we are more concerned about in practice? Given the old "air-gapped" mindset of many OT environments, what are the most common security gaps or blind spots you see when organizations start to integrate cloud services for things like data analytics or remote monitoring? How is the shift to cloud connectivity - for things like data analytics, centralized management, and remote access -  changing the security posture of these systems? What's a real-world example of a positive security outcome you've seen as a direct result of this cloud adoption? How do the Tactics, Techniques, and Procedures outlined in the MITRE ATT&CK for ICS framework change or evolve when attackers can leverage cloud-based reconnaissance and command-and-control infrastructure to target OT networks? Can you provide an example? OT environments are generating vast amounts of operational data. What is interesting for OT Detection and Response (D&R)? Resources: Video version Cybersecurity Forecast 2026 report by Google Complex, hybrid manufacturing needs strong security. Here's how CISOs can get it done blog "Security Guidance for Cloud-Enabled Hybrid Operational Technology Networks" paper by Google Cloud Office of the CISO DEF CON 23 - Chris Sistrunk - NSM 101 for ICS  MITRE ATT&CK for ICS  

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Palo Alto Networks boss calls AI agents biggest insider threat Hackers claim Resecurity hack, firm says it was a honeypot Thousands of ColdFusion exploit attempts spotted during Christmas holiday  Huge thanks to our sponsor, Hoxhunt A small tip for CISOs: if you're unsure whether your security training is actually reducing phishing risk, check out what Qualcomm achieved with Hoxhunt. They took their 1,000 highest-risk users from consistent under-performers to outperforming the rest of the company, driving measurable human risk reduction and earning a CSO50 Award. See the Qualcomm case at hoxhunt.com/qualcomm Find the stories behind the headlines at CISOseries.com.

Across dozens of conversations centered on the CISO experience, one reality keeps surfacing: the role no longer exists to protect systems in isolation. It exists to protect the business itself.Today's CISO operates at the intersection of operational risk, executive decision-making, and organizational trust. The responsibility is not just to identify threats, but to help leadership understand which risks matter, when they matter, and why they deserve attention. This shift changes what success looks like. It also changes how pressure is felt.During the early years of this transition, CISOs carry accountability without authority. They are expected to influence outcomes without always having control over budgets, priorities, or timelines. That tension forces a new skill set to the forefront. Technical knowledge is assumed. The differentiator becomes communication, translation, and relationship-building across the business.As organizations mature, the conversation evolves again. Security stops being framed around individual threats and starts being framed as an operational discipline. CISOs focus on prioritization, tradeoffs, and clarity rather than coverage for everything. This requires judgment more than tooling.The role also becomes deeply human. Fear shows up quietly. Fear of pushing too hard. Fear of slowing the business. Fear of being seen as the blocker. CISOs who succeed do not eliminate that fear. They learn how to manage it while building credibility with executive peers.AI enters the picture not as a replacement, but as a force multiplier. Automation supports scale, but judgment remains human. Security programs increasingly deny by default and permit intentionally, which demands a deep understanding of how the business actually works. That understanding cannot be automated.What emerges is a clearer definition of modern security leadership. The CISO is no longer a gatekeeper. This is a risk advisor, a translator, and a strategist who helps the organization focus its limited resources where they matter most.The role has not become easier. It has become more meaningful.Read the full article: TBA________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn: https://itspm.ag/future-of-cybersecuritySincerely, Sean Martin and TAPE9________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of the On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Would you like Sean to work with you on a topic/series to help you tell your story? Visit his services page to learn more: https://www.seanmartin.com/servicesWant to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.Keywords: sean martin, marco ciappelli, steve katz, tim brown, jessica robinson, rob allen, rohit ghai, rich seiersen, steven j speer, chris pierson, mark lambert, jim manico, robin bylenga, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast, ciso, risk, leadership, ai, resilience, strategy Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What happens to patient care when hospital systems suddenly go dark and clinicians are forced back to pen and paper in the middle of a crisis? In this episode of the Tech Talks Daily Podcast, I speak with Chao Cheng-Shorland, Co-founder and CEO of ShelterZoom, about a problem that many healthcare leaders still underestimate until it is too late. As ransomware attacks, cloud outages, and system failures become more frequent, electronic health record downtime has shifted from a rare incident to a recurring operational risk with real consequences for patient safety, staff wellbeing, and hospital finances. Chao explains why traditional disaster recovery plans fall short in live clinical environments and why returning to paper workflows is no longer viable for modern healthcare teams. We discuss how EHR downtime can stretch from hours into weeks, how reimbursement delays and cash flow pressure compound the damage, and why younger clinicians are often unprepared for manual processes they were never trained to use. The conversation also explores the mindset shift now taking place among CIOs and CISOs, as resilience moves from a compliance checkbox to a survival requirement. At the heart of the discussion is ShelterZoom's SpareTire platform and the thinking behind treating uninterrupted access to clinical data as a baseline rather than a backup. Chao shares how the idea emerged directly from hospital conversations, why an external, always-available system is essential during cyber incidents, and how ShelterZoom's tokenization roots shaped a design focused on security without disruption. We also look at how rising AI adoption is changing the threat landscape and why many healthcare organizations are reordering priorities to secure continuity before rolling out new AI initiatives. As we look toward 2026, this episode offers a grounded view of how healthcare organizations must rethink downtime tolerance, data governance, and operational readiness in a world where digital outages can quickly become clinical emergencies. If downtime is now inevitable rather than hypothetical, what does real resilience look like for hospitals, and are healthcare leaders moving fast enough to protect patients when systems fail? Useful Links Connect with Chao Cheng-Shorland Learn more about ShelterZoom Tech Talks Daily is Sponsored by Denodo

NYC mayoral inauguration bans Flipper Zero and Raspberry Pi devices Crypto must now share account details with UK tax officials Finland seizes suspected cable sabotage ship  Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com.  

In this New Year's episode of Life of a CISO, Dr. Eric Cole reflects on the challenges of 2025 and delivers a powerful reset framework for CISOs entering 2026. Drawing from real-world coaching, executive leadership principles, and personal experience, Dr. Cole challenges security leaders to stop thinking like technologists and start acting like true chief officers. This episode breaks down three essential pillars every world-class CISO must define: who you need to become, your single top priority, and your North Star. Dr. Cole explains why consistency, discipline, and executive alignment matter more than tools, why most CISOs struggle with focus, and how habits, planning, and accountability can rapidly transform your impact and credibility. From redefining the CISO role as a future CEO pipeline, to practical strategies like executive one-on-ones, time blocking, and choosing a guiding North Star such as Zero Trust or data protection, this episode provides a clear roadmap to leadership growth. If you want to reset your mindset, elevate your influence, and lead cybersecurity as a business function in 2026, this episode is a must-listen.  

Hackers drain millions from Unleash Protocol DarkSpectre campaigns exposed Shai-Hulud attack led Trust Wallet heist Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 atztw.com.

While our team is out on winter break, please enjoy this episode of Afternoon Cyber Tea with Ann Johnson from our partners at Microsoft Security. Dr. Lorrie Cranor, Director of the CyLab Security and Privacy Institute at Carnegie Mellon University joins Ann Johnson, Corporate Vice President, Microsoft, on this week's episode of Afternoon Cyber Tea to discuss the critical gap between security design and real-world usability. They explore why security tools often fail users, the ongoing challenges with passwords and password less authentication, and how privacy expectations have evolved in an era of constant data collection. Dr. Cranor emphasizes the importance of user-centered design, practical research, behavioral insights, and simpler, more transparent systems to help CISOs build security programs that truly work for people.    Resources:   View Lorrie Cranor on LinkedIn             View Ann Johnson on LinkedIn       Related Microsoft Podcasts:   Microsoft Threat Intelligence Podcast   The BlueHat Podcast    Uncovering Hidden Risks   Discover and follow other Microsoft podcasts at microsoft.com/podcasts      Afternoon Cyber Tea with Ann Johnson is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.  Learn more about your ad choices. Visit megaphone.fm/adchoices

CISO pressures are on the rise - board expectations, executive alignment, AI, and personal liability - and that's all on top of your normal security pressures. With all these pressures, CISO burnout is on the rise. How do we detect it and help prevent it? Easier said than done. In this Say Easy, Do Hard segment, we tackle the health and wellness of the CISO. In part 1, we discuss the increased pressures CISOs face. We all know them, but how are they impacting our daily lives, both at work and at home. In part 2, we discuss detection and prevention techniques to help avoid burnout, including: Detecting the signs of stress Acknowledging there is a problem Asking for help Techniques to deal with stress Industry and community support This is a serious problem in our industry and one we want to continue to focus on as we head into another stressful 2026. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-428

Silver Fox targets Indian users Mustang Panda deploys ToneShell Will prompt injection ever be 'solved'? Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 atztw.com.

In the season finale of CSO Perspectives, Ethan Cook and Kim Jones reflect on a season of conversations exploring what it means to lead security in a rapidly evolving “brave new world.” From the realities behind AI hype and the slow-burn impact of quantum computing to the business forces shaping cybersecurity innovation, they revisit key lessons and lingering challenges facing today's CISOs. The episode closes with an optimistic—but candid—look at why fundamentals, critical thinking, and leadership still matter as the industry moves forward. Want more CISO Perspectives? Check out companion ⁠⁠blog post⁠⁠s by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements episodes throughout the season. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this CISOP episode of CSO Perspectives, Host Kim Jones sits down with John Funge, venture capitalist at DataTribe, to explore how investors view the cybersecurity landscape. Kim reflects on the tension between innovation, profit motives, and the real needs of security practitioners—raising questions about whether the industry prioritizes mitigation over true solutions. John offers a candid look inside the VC decision-making process, breaking down how teams, market fit, and long-term defensibility shape investment choices. Together, they examine how founders, investors, and CISOs can better align to drive meaningful, effective security innovation. Want more CISO Perspectives? Check out a companion ⁠⁠blog post⁠⁠ by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. Learn more about your ad choices. Visit megaphone.fm/adchoices