Podcasts about security leadership

Title: “These Aren't Soft Skills — They're Human Skills”A Post–Infosecurity Europe 2025 Conversation with Rob Black and Anthony D'AltonGuestsRob BlackUK Cyber Citizen of the Year 2024 | International Keynote Speaker | Master of Ceremonies | Cyber Leaders Challenge | Professor | Community Builder | Facilitator | Cyber Security | Cyber Deceptionhttps://www.linkedin.com/in/rob-black-30440819/Anthony D'AltonProduct marketing | brand | reputation for cybersecurity growthhttps://www.linkedin.com/in/anthonydalton/HostsSean Martin, Co-Founder at ITSPmagazineWebsite: https://www.seanmartin.comMarco Ciappelli, Co-Founder, CMO, and Creative Director at ITSPmagazineWebsite: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ Yes, Infosecurity Europe 2025 may be over, but the most important conversations are just getting started — and they're far from over. In this post-event follow-up, Marco Ciappelli reconnects from Florence with Rob Black and brings in Anthony D'Alton for a deep-dive into something we all talk about but rarely define clearly: so-called soft skills — or, as we prefer to call them… human skills.From storytelling to structured exercises, team communication to burnout prevention, this episode explores how communication, collaboration, and trust aren't just “nice to have” in cybersecurity — they're critical, measurable capabilities. Rob and Anthony share their experience designing real-world training environments where people — not just tools — are the difference-makers in effective incident response and security leadership.Whether you're a CISO, a SOC leader, or just tired of seeing tech get all the credit while humans carry the weight, this is a practical, honest conversation about building better teams — and redefining what really matters in cybersecurity today.If you still think “soft skills” are soft… you haven't been paying attention.⸻Keywords: Cybersecurity, Infosecurity Europe 2025, Soft Skills, Human Skills, Cyber Resilience, Cyber Training, Security Leadership, Incident Response, Teamwork, Storytelling in Cyber, Marco Ciappelli, Rob Black, Anthony Dalton, On Location, ITSPmagazine, Communication Skills, Cyber Crisis Simulation, RangeForce, Trust in Teams, Post Event Podcast, Security Culture___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

In this milestone 100th (and birthday!) episode of Audience 1st Podcast, Dani Woolf is joined by veteran cybersecurity leader David Doyle from DirectDefense for a brutally honest conversation about what's broken in today's security leadership models and how the rise of the vCISO is more than just a stopgap. Together, they unpack the myths, power dynamics, and misaligned expectations that drive burnout, stall progress, and keep companies from building real security maturity. This episode is a blueprint for cybersecurity executives, CISOs, and vCISOs who are serious about designing resilient organizations that can lead through complexity. You'll Learn: 1. The real reason CISOs are burning out and why it's not just about stress 2. How most orgs misunderstand the vCISO role (and end up wasting budget) 3. When to bring in a vCISO and how to avoid hiring the wrong one 4. Why CISOs and vCISOs should be tag-teaming, not competing 5. How to measure progress beyond compliance and build a culture of strategic leadership 6. What makes a good vCISO indispensable, not replaceable Subscribe & Follow: Follow Audience 1st wherever you get your podcasts Connect with Dani Woolf on LinkedIn Learn more about CyberSynapse and qualitative buyer research

In this episode, Mark Ledlow, Bruno Dias, and Matt Talbot discuss the importance of comprehensive threat and risk assessments in corporate and educational environments. They explore the integration of physical security with behavioral threat assessments, emphasizing the crucial role every employee plays in maintaining safety. Additionally, they touch on the psychological aspects of individuals who commit acts of violence, drawing on their own extensive field experiences. Matt shares a powerful story from his time working in a high-risk prison environment, highlighting the importance of building trust and respect with inmates. The episode wraps up with information about their ongoing projects and how listeners can reach out to them for their expert services.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSAdversity Handling: The importance of dealing with adversity and leveraging experiences to stay fearless is emphasized. Comprehensive Security Approach: Incorporating physical security into behavioral threat assessment provides a unique value. Inclusiveness in Safety: Every employee, regardless of their role, should be viewed as part of the safety and security team. Warning Signs: Identifying and acting on warning behaviors and signs is crucial in preventing violent incidents. Human Side of Inmates: Building respectful relationships with inmates can foster mutual respect and potentially prevent violent outcomes. Impactful Storytelling: Personal stories, such as working with high-risk individuals, can convey powerful lessons in security management. Legacy and Education: The importance of leaving a positive legacy and educating the next generation of security professionals.QUOTES"We really need to think about everybody who is positioned to be able to possibly help." "Humans communicate kind of like dogs shed hair, right? It's just a necessity." "Everybody plays a role... there's something good in everybody and my job was to figure that out." "Sometimes it's about just getting to the human side of somebody." "Treating people with validation and making them feel significant can prevent them from committing violent acts." "Our goal is to leave something original, something impacting on this larger community."Get to know more about Dr. Bruno Dias through the link below.https://www.linkedin.com/in/brunodiaspci/Get to know more about Dr. Matt Talbot through the link below.https://www.linkedin.com/in/matt-talbot-phd-lcsw-ccfc-cfmhe-ctm%C2%AE-5a655044To hear more episodes of The Fearless Mindset podcast, you can go to  https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.

In this episode, Mark Ledlow is joined by Robert Guillot, owner and founder of CenterPoint Security Solutions, discuss the evolving landscape of the oil and gas industry in Texas and its impact on security measures with his guest. They delve into Chevron's relocation to Houston, the consolidation of smaller oil companies, and the significant growth in Texas real estate. The conversation also explores the complications of mineral rights, agricultural tax exemptions, and the rising concerns of executive security in a shifting socio-political environment. They emphasize the critical role of threat intelligence and executive protection in current and future business strategies amidst increasing public scrutiny and social media-fueled ideologies. Additionally, Rob discusses his consulting firm, CenterPoint Security Solutions, and its mission to optimize security departments for businesses of all sizes.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSHouston's Role in Oil & Gas: Houston is a critical hub for the oil and gas industry, attracting international business interactions. Corporate Acquisitions: There's a trend of larger oil companies acquiring smaller independent firms to capitalize on efficiencies. Chevron's Move: Chevron's shift from California to Houston signifies a strategic move due to regulatory preferences. Growth in Texas: Texas continues to experience substantial growth, particularly in real estate and population. Executive Protection: Executive protection and travel security are critically important but often underappreciated components of corporate risk management. Social Media Threats: The younger generation's sentiments towards corporate leaders reveal a significant shift in public attitude and increased threats communicated via social media.QUOTES"Understanding the culture, I think, is so important... You could have the greatest ideas ever, but your presentation will just never resonate." "[CEO] think[s] it is an infringement on their privacy to present their life... but the reality is, anybody who wanted to affect oil and gas in Texas knew exactly who our CEOs were." "Regardless of how you feel about insurance companies denying claims... we live in a society where that should not be acceptable, period." "Protective intelligence is so critical in your programs... minimizing your social, internet, and data footprint is big." "Creating a better security strategy is crucial for companies to protect their interests without forming a traditional security department."Get to know more about Robert Guillot through the link below.https://www.linkedin.com/in/robert-guillot/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.

In this episode, I sit down with longtime industry leader and visionary Phil Venables to discuss the evolution of cybersecurity leadership, including Phil's own journey from CISO to Venture Capitalist. We chatted about: A recent interview Phil gave about CISOs transforming into business-critical digital risk leaders and some of the key themes and areas CISOs need to focus on the most when making that transition Some of the key attributes CISOs need to be the most effective in terms of technical, soft skills, financial acumen, and more, leaning on Phil's 30 years of experience in the field and as a multiple-time CISO Phil's transition to Venture Capital with Ballistic Ventures and what drew him to this space from being a security practitioner Some of the product areas and categories Phil is most excited about from an investment perspectiveThe double-edged sword is AI, which is used for security and needs security. Phil's past five years blogging and sharing his practical, hard-earned wisdom at www.philvenables.com, and how that has helped him organize his thinking and contribute to the community.Some specific tactics and strategies Phil finds the most valuable when it comes to maintaining deep domain expertise, but also broader strategic skillsets, and the importance of being in the right environment around the right people to learn and grow

In this episode of Audience 1st Podcast, Dani Woolf sits down with Val Popke to explore the unspoken human dimensions of cybersecurity leadership. Val, a veteran, assurance leader, and self-described “Wandering Cyber Vulva,” challenges the industry's prevailing narratives around hiring, communication, inclusion, and resilience. The discussion goes beyond traditional security frameworks to uncover the cognitive and cultural risks impacting practitioners at all levels. Listeners will walk away with a deeper understanding of why burnout, disconnect, and distrust are systemic, not personal, and how security leaders must evolve to lead in environments of increasing complexity, diversity, and psychological strain. Key Themes: Why psychological safety and cognitive clarity are prerequisites for functional security operations. How the industry's hidden majority is misaligned with traditional corporate norms and what needs to change. The mismatch between capability and visibility in how cyber professionals are evaluated and excluded. A linguistic and philosophical reframe that emphasizes collaborative understanding over performative inclusion. Why many security professionals are forced to protect their organizations from internal dysfunction while defending against external threats. Trust, mission, and why so many veterans find a natural home in cyber until corporate incentives erode that foundation. Subscribe & Follow: Follow Audience 1st wherever you get your podcasts Connect with Dani Woolf on LinkedIn Learn more about CyberSynapse and qualitative buyer research   

In this episode, Mark Ledlow is joined by Robert Guillot, owner and founder of CenterPoint Security Solutions, talks about his extensive career in security and law enforcement. Rob shares his journey, which includes service in the Border Patrol, the ATF, and his role as a Chief Security Officer in the oil and gas industry. They delve into topics like the complexities of border security, the strategic implementations in oil and gas security, and the support from organizations like ASIS. Rob also discusses his transition from law enforcement to the private sector, his recent ventures, and the camaraderie within the security sector. Tune in for insights into the challenges and experiences faced in different facets of the security field.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSGuest Introduction: Rob Guillot, with a rich background in law enforcement and security. Career Journey: Rob transitioned from federal law enforcement to private sector security, ending up in a key role within an oil and gas company. Values Networking: Importance of networking and organizations like ASIS in career growth. Security Challenges: Discusses the complexities and risks in oil and gas security management. Industry Insights: Highlights the critical role of teamwork and the extensive effort required in the oil and gas industry.QUOTES"The security industry, the true professionals, they want to help people." "Stopping the bleeding means reducing the amount of people coming into the country that we have no idea who they are." "The oil and gas industry is fascinating, and I don't think people appreciate how many smart people it takes to figure out where to drill and extract crude." "The totality of everything going on in oil and gas is pretty overwhelming."Get to know more about Robert Guillot through the link below. https://www.linkedin.com/in/robert-guillot/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.

Is your business one cyberattack away from chaos? Most companies don't think about cybersecurity until they're in crisis mode—but by then, the damage is done.In this episode, Jara Rowe talks with Michael Magyar, an experienced virtual Chief Information Security Officer (vCISO). They cover what a vCISO does, why more companies are choosing virtual over full-time, and how to know when it's time to bring one in. Michael shares examples of helping businesses avoid costly mistakes, explains how vCISOs assess risk, and offers advice for small teams trying to do more with less.Key takeaways:Common cybersecurity challenges vCISOs help solveWhat a typical engagement with a vCISO looks likeAdvice for SMBs with limited budgets trying to prioritize cybersecurityEpisode highlights:(00:00) Today's topic: Breaking down the role of a vCISO(05:32) vCISO vs. traditional in-house CISO(07:11) Why small businesses benefit from a vCISO(09:53) Real examples of vCISOs making a difference(13:52) What it's like working with a vCISO(16:00) Key indicators your business needs a vCISO(20:54) How to prioritize cybersecurity on a budgetConnect with the host:Jara Rowe's LinkedIn - @jararoweConnect with the guest:Michael Magyar's LinkedIn - @michael-magyar-cyqualConnect with Trava:Website - www.travasecurity.comBlog - www.travasecurity.com/learn-with-trava/blogLinkedIn - @travasecurityYouTube - @travasecurity

On todays episode Danny is joined by David Mahdi, Chief Identity Officer (CIO) for Transmit Security. David is a globally recognized leader in cybersecurity and digital identity, renowned for his pioneering work in establishing digital trust across complex enterprise ecosystems. With over two decades of experience, he has been instrumental in shaping the fields of identity-first security, cryptography, and machine identity management. As the CIO at Transmit Security and former Chief Strategy Officer and CISO Advisor at Sectigo, David has guided organizations through digital transformation initiatives, including the development of cryptography centers of excellence and the implementation of passwordless authentication systems. His tenure as a top-performing VP Analyst at Gartner solidified his reputation as a trusted advisor to Fortune 500 companies, where he provided insights on cybersecurity, blockchain, PKI, and IoT security. David's thought leadership extends to his contributions to the Forbes Technology Council and the Fast Company Executive Board, where he continues to influence the discourse on digital trust and cybersecurity. His holistic approach, encompassing IT, engineering, business development, and marketing, positions him uniquely to address the multifaceted challenges of today's digital landscape. In this podcast, David shares his insights on the evolving landscape of digital identity, the importance of establishing digital trust, and the future of cybersecurity in an increasingly interconnected world:The most surprising challenge David has faced in leading innovation at scaleSomething David struggles with as a leader in the tech spaceHow to maintain peak performance and keep your team motivatedThe role AI plays in the evolution of digital identity and fraud preventionHow to manage energy and focusWhat excites David most about the future of digital security and identity managementAnd more...Are you getting every episode of Digital Transformation & Leadership in your favourite podcast player? You can find us Apple Podcasts and Spotify to subscribe.

Podcast: Critical Assets PodcastEpisode: From CISO to Startup: OT Security, Leadership, and Lessons from the FieldPub date: 2025-04-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of the Critical Assets Podcast, Patrick Miller interviews Darren Highfill, former CISO of Norfolk Southern, for a candid look behind the curtain of life as a security executive. Darren shares hard-won lessons from building and leading a cybersecurity program in a critical infrastructure environment, including how to gain executive buy-in, scale a team, and align security with business priorities. He reflects on the challenges of translating cyber risk into business risk, managing real-world incidents, and the evolving expectations of the CISO role. Whether you're in the chair now or working toward it, this conversation is packed with practical insights for anyone navigating cybersecurity leadership.Show links:Darren Highfill LinkedIn Profile - https://www.linkedin.com/in/darrenhighfill/NIST Cyber Security Framework (CSF) - https://www.nist.gov/cyberframeworkAnkrd website - https://www.ankrd.com/The podcast and artwork embedded on this page are from Patrick Miller, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Guest: Gary Hayslip, CISO, SoftBank Investment AdvisorsLinkedIn: https://www.linkedin.com/in/ghayslip/Website: cisodrg.com/biographies/gary-hayslip/Host: Dr. Rebecca WynnOn ITSPmagazine  

In this episode of the Fearless Mindset Podcast, we engage with renowned figures in security, business, and entertainment leadership. Discussions include the evolving landscape of security leadership, the importance of mentorship, and being approachable for those new in the industry. Key points include transitioning from a cost center mindset to business acumen in security, assessing value and pricing in high-value problem-solving, and the increasing demand for women in executive protection roles. The conversation extends to challenges, ethical considerations, technology's impact, and the critical role of AI and machine learning in being proactive rather than reactive in security. The episode highlights valuable insights on mentorship, career progression, and the importance of building relationships within the industry.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSAdaptability in Security Leadership: Emphasizes the need for new security leaders to be adaptable, humble, and collaborative to achieve success.Importance of Mentorship: Mentorship seen as invaluable for individuals navigating the security industry.Business Acumen in Security: Critical for security professionals to understand and speak the language of business for better integration within organizations.Respect for Client Privacy: Advises caution with social media to protect client confidentiality.Value of Diverse Skills: Encourages professionals to take on tasks that allow skill development rather than passing them off.Predictive Risk Management: Future advancements in technology, particularly AI and machine learning, will enable security to be more proactive than reactive.QUOTES"One of the biggest lies...is that we're a cost center. We really provide no value here. We're just security.""You have to be cautious with social media... Watch what you post because your clients look at it.""If I'm weak somewhere, I know Tim is strong somewhere... and be humble.""AI without machine learning is just Alexa."To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.

In this week's enterprise security news, we've got 5 acquisitions Tines gets funding new tools and DFIR reports to check out A legal precedent that could hurt AI companies AI garbage is in your code repos the dark side of security leadership HIPAA fines are broken Salt Typhoon is having a great time Don't use ChatGPT for legal advice!!!!! All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-394

In this week's enterprise security news, we've got 5 acquisitions Tines gets funding new tools and DFIR reports to check out A legal precedent that could hurt AI companies AI garbage is in your code repos the dark side of security leadership HIPAA fines are broken Salt Typhoon is having a great time Don't use ChatGPT for legal advice!!!!! All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-394

Please enjoy this encore episode with VP of Information Security at Barracuda Dave Farrow, and how he shares how a teenage surfer fell in love with software development and made his way in the cybersecurity field. Dave chose to study electrical engineering in college because he wanted to learn something that didn't make sense to him. He says he's done things in his career that he said he'd never do: for example, he went into and fell in love with software development. Taking on leadership of a bug bounty program at Barracuda blossomed into the creation of an internal security team. Dave wants to be the guy who enables the business and not the one who prevented it. He hopes all will come to recognize that there are other threats besides cybersecurity threats to business. We thank Dave for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore episode with VP of Information Security at Barracuda Dave Farrow, and how he shares how a teenage surfer fell in love with software development and made his way in the cybersecurity field. Dave chose to study electrical engineering in college because he wanted to learn something that didn't make sense to him. He says he's done things in his career that he said he'd never do: for example, he went into and fell in love with software development. Taking on leadership of a bug bounty program at Barracuda blossomed into the creation of an internal security team. Dave wants to be the guy who enables the business and not the one who prevented it. He hopes all will come to recognize that there are other threats besides cybersecurity threats to business. We thank Dave for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of the Fearless Mindset Podcast, hosted by Mark Ledlow from the Global Security Exchange conference in Orlando, Tim Wenzel shares his journey into the security space, offering advice on career planning, leadership, and the importance of integrity. Additionally, Renee Stringer speaks about her inspiring journey as a woman in executive protection, juggling roles as a mom, wife, and business owner, and emphasizes resilience, continuous learning, and collaboration as keys to success in the industryLearn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSAdversity is an inevitable part of life and career; handling it with a fearless mindset is essential.Success in security and executive protection comes from perseverance, despite facing many challenges and setbacks.Building a career in security often involves unexpected paths and requires adaptability.True leadership in the security industry involves challenging assumptions and embracing change.Networking and collaboration are invaluable for achieving resilience and overcoming obstacles.Personal integrity and staying true to oneself are crucial for long-term success and credibility.Continuous learning, mentoring, and nurturing relationships are pivotal for personal and industry growth.Personal experiences and stories of overcoming adversity can serve as powerful sources of inspiration.QUOTES"Plan your human progression so that you become the person you want to become.""The truly successful people are quite collaborative. They elevate those around them.""You should always be learning, right? You should always be growing yourself.""Be honest with yourself and hand off to somebody that's a better fit for them.""Knowledge is my best weapon.""Respect isn't given, it is earned.""This work requires a thick skin and a strong mindset.""Stay focused, stay driven, and always keep learning."Get to know more about Tim Wenzel.LinkedIn: https://www.linkedin.com/in/relevant-perception/Get to know more about Renee Stringer. LinkedIn: https://www.linkedin.com/in/lionesstactics/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.

Paul Knight Currently serving as VP of Information Technology and CISO at Turntide Technologies, Paul Knight brings 25 years of experience across various IT disciplines. His unique background includes roles in defense, aerospace, and automotive manufacturing, bringing both operational and security expertise to startup environments. Balancing IT and Security Leadership in Startups How do you...

In this episode of the Fearless Mindset podcast, host Mark Ledlow interviews Tim Wenzel, a top 40 life safety and security thought leader, about his journey in the security industry. Tim shares his experiences transitioning from corporate tech to Kroll, the challenges and accomplishments in becoming a recognized leader, and how he overcame initial fears of public speaking. The conversation sheds light on the significance of creating joyful and respectful environments in a field often marked by fear and conformity. Tim also discusses his philosophy of true leadership and the importance of developing strong, cohesive teams. This episode provides valuable insights for anyone interested in leadership and the security industry.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSTransition to Security Industry: Tim Wenzel shares his journey from corporate tech to becoming a recognized leader at Kroll in the security and life safety field.Overcoming Challenges: He highlights overcoming initial fears of public speaking and navigating the challenges of establishing credibility in a new industry.Leadership Philosophy: Tim emphasizes the importance of creating joyful, respectful environments in a field often marked by fear and conformity.Team Development: He advocates for building strong, cohesive teams as a cornerstone of effective leadership.Valuable Insights: The conversation provides actionable advice for aspiring leaders and professionals in the security industry.QUOTES"Usually, they're throwing you under the bus to make themselves look good because the ego is in the way.""It wasn't a ‘how to,' it was a ‘how to think about it.' And this is what you're responsible for, even if you don't think you're responsible for it.""Man, I was nervous. Sweating profusely. But the coolest thing I did was switch to projection mode and started drawing live during the presentation—it entertained and instructed.""We started this thing called the problem-solving mindset and came back to teach it. The response was overwhelming—people kept returning to learn more.""From an introvert who never dreamed of public speaking, to running workshops with 150 people in the room. It's crazy how far it's come.""Man, I was nervous. Sweating profusely. But the coolest thing I did was switch to projection mode and started drawing live during the presentation—it entertained and instructed."Get to know more about Tim Wenzel:LinkedIn: https://www.linkedin.com/in/relevant-perception/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.

In this episode, Mark Ledlow is joined by Martin Culbreth, a former Marine and FBI agent who now holds a leadership role in corporate security at Smithfield Foods. They delve into handling workplace violence and the impact of remote work on security. Martin discusses the decline in workplace incidents due to remote work, transitioning from military and law enforcement to corporate security roles, and the challenges of maintaining security in various industries. The episode also explores the importance of aligning with company culture and the necessity of understanding risk acceptance within the corporate environment. The conversation offers invaluable advice for security professionals and corporate leaders alike.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSThe conversation emphasizes dealing with adversity and maintaining resilience in various sectors, including security, business, and entertainment.The shift to remote work due to COVID-19 has reportedly decreased instances of workplace violence but introduced new challenges and risks.Effective communication and understanding the company's goals and culture are crucial for security professionals transitioning from military or government roles to corporate environments.The necessity of educating the C-suite on the importance of security and the potential risks associated with being complacent.Security experts should be both knowledgeable advisors and effective communicators to influence company policies and decisions.CSOs need to be adaptable, as corporate roles and environments can vastly differ from government or military positions.QUOTES"Don't get enamored with the process. Make sure you're thoughtful about where you're going to land.""We all love being invited to the prom. But then when the limo shows up, you're like, Ooh, is that really who I wanted to go with?""Be the one telling my boss what the risk is. If my boss decides that they're willing to accept that risk, I can't be so married to my project and to my department that I fight with them.""The biggest thing is to continue to try to educate our C-suite away from the idea that it's not going to happen.”Get to know more about Martin Culbreth:LinkedIn: https://www.linkedin.com/in/martin-culbreth-8930034a/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.

Join us as we explore the dynamic shift from reactive to proactive corporate security leadership with Dave Komendat, former Vice President and Chief Security Officer for Boeing. In this episode, Dave shares his insights on building trust with business leaders through proactive risk management and the importance of employee safety in shaping company culture. Discover how integrating advanced tools and strategic leadership can transform your organization's approach to security.Tune in to learn:Strategies for proactive risk management and leadership trust-buildingThe role of employee safety and cultural fit in post-COVID workplace dynamicsThe benefits of the International SOS and Ontic partnership for corporate securitySimilar episodes:Aligning Security with Business Goals: Insights from Scott LindahlThe Evolution of Risk Management with Tristan FlanneryThe Future of Talent in Corporate Security with Kathy Lavinder and Rachel Briggs

In the leadership and communications segment, How to Find the Right CISO, New Security Leadership Style Needed for Stressed Workers, Combatting Human Error: How To Safeguard Your Business Against Costly Data Breaches, and more! Show Notes: https://securityweekly.com/bsw-371

In the leadership and communications segment, How to Find the Right CISO, New Security Leadership Style Needed for Stressed Workers, Combatting Human Error: How To Safeguard Your Business Against Costly Data Breaches, and more! Show Notes: https://securityweekly.com/bsw-371

In this episode, Mark Ledlow is joined by Martin Culbreth, a former Marine and FBI agent who now holds a leadership role in corporate security at Smithfield Foods. From Las Vegas, Mark discusses with Martin his journey into corporate security, focusing on physical security challenges, integration of technology, budget management, and the importance of information in security strategies. Martin shares his experiences transitioning into his role, establishing a security department, and handling budget constraints. The conversation delves into the complexity of proving the value of security measures, the necessity of constant communication with the C-suite, and how to maintain security standards across diverse manufacturing facilities. Martin addresses the impact of inflation on corporate budgeting and highlights proactive measures like collaboration with law enforcement and conducting site surveys to enhance security, even during tight budget cycles.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSEvent Recap: Mark talks about attending a security practitioner event in Las Vegas and introduces Martin Culbreth, former Marine and FBI agent, now in a security leadership role.Martin's Role: Martin outlines his responsibilities in physical security at Smithfield, including information gathering, setting security standards, and collaborating across departments.Technology in Security: Martin discusses integrating technology like Ontic for information gathering and case management, and the challenges of implementing such technology.Building a Security Program: Martin shares his journey from starting a new security department, handling budgets, and developing a comprehensive strategic security plan.Security Challenges: Both speakers discuss challenges like justifying security expenses to the C-suite, comparing security to revenue-generating functions, and educating the corporate world on the importance of security investment.Proving Security's Value: The difficulty of proving security's ROI with hypothetical "prevented incidents" and the need to constantly communicate security's importance.Budget Negotiations: The process of working with finance and other departments to justify security expenditures and prioritize security projects.Economic Impact: The impact of inflation and corporate budgeting constraints on security investments and strategies to adapt during tight financial periods.Coordination with Law Enforcement: Emphasizing the importance of collaborating with law enforcement for emergency preparedness and crisis response training.QUOTES"We have to understand coming into corporate security that it's a sales, right? They expect everything to have a solid and apparent and immediate return on investment.""Our job is to sell products and make as good a profit as we can while still keeping our prices where we should. So I get that.""In the military, the trick was to make sure you spend what you were budgeted for. Otherwise, your budget dropped to that new level.""You have to be almost like the communications guy. Because you're selling the program. All the time and trying to explain why this is important.""In the military, I always remember, okay, it was set, right? And you had your budget. Whereas here, it's almost a fight year over year to almost reestablish that budget."Get to know more about Martin Culbreth:LinkedIn: https://www.linkedin.com/in/martin-culbreth-8930034a/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.

In this episode, Mark Ledlow is joined by Brittany Galli, a leading figure in the security industry with a notable focus on promoting women in security, and a C-Suite Advisor & Strategist at BFG Ventures. They discuss a range of topics essential to security and executive protection. They discuss the role of AI in transforming security operations, including the potential of AI-generated intelligence reports. The dialogue covers the current economic climate, including inflation, corporate layoffs, and the financial strain on middle-class families, and relates these issues back to security concerns. They also touch upon geopolitical threats, such as China's global economic strategy, and the importance of long-term planning for national security. The episode concludes with reflections on upcoming elections, their impact on security, and preparations being made by the executive protection industry. Lastly, Mark highlights the Women in Security gala event in Orlando and encourages listeners to show their support. Enjoy an insightful conversation packed with expert analysis and forward-thinking perspectives.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSAI Implementation in Security: AI has the potential to significantly streamline security operations, enabling faster and more accurate threat assessments.Impact on Jobs: AI will modify the role of intel analysts, making it more strategic rather than simply data-gathering.Human Trafficking Concerns: There's a focus on leveraging technology and global-scale databases to combat and track human trafficking more effectively.Economic Challenges: Inflation and cost of living have put middle and lower-class families under significant financial pressure.Election Preparedness: Companies in the security sector are preparing for the potential chaos surrounding upcoming elections, with emphasis on maintaining operational readiness and budget management.Residential Security Spike: Increased nervousness and referrals have led to a spike in demand for residential security services.Global Economic Strategies: There's a critical need for long-term planning and strategic economic policies in the U.S. to address national debt and future financial stability.Corporate Budget Cuts: Many companies are cutting budgets, including security spending, due to economic pressures and missed earnings.Networking in Security: Emphasized the importance of connections and referrals within the industry for business growth and stability.QUOTES"AI will make us finally catch up technologically where other industries have already excelled for years." - Brittany Galli"Technology creates efficiencies for humans to use, spending less time on data gathering." - Brittany Galli"Security, we can only go up from where we are and we just need to jump generations in software." - Brittany Galli"Human trafficking is not slowing down. It's like a trillion-dollar business." - Mark Ledlow"Chaos is an opportunity, unfortunately." - Mark Ledlow"When large Fortune 100s start missing their earnings, that's when inflation finally caught up." - Brittany GalliGet to know more about Brittany Galli:LinkedIn: https://www.linkedin.com/in/brittanygalli/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.

In this episode, Mark Ledlow is joined by Brittany Galli, a leading figure in the security industry with a notable focus on promoting women in security, and a C-Suite Advisor & Strategist at BFG Ventures. They discuss the importance of diversity, the challenges and strategies for women in the industry, and how AI is revolutionizing security practices. Brittany shares her journey and insights on creating impactful networking opportunities and achieving a balanced representation of genders in leadership roles. They also highlight the upcoming Women in Security Gala at GSX in Florida, which aims to foster community and recognition for women in this field.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSWomen in Security: Brittany Galli's entry into the security industry and her significant contributions to the Women in Security movement. She emphasizes the need for diverse and creative thinking in the field.Leveraging AI: Brittany discusses the future of security jobs, emphasizing the importance of AI and suggesting that new entrants to the field should focus on AI tools and their applications in security.Industry Networking: The inherent value and relational strength of the security industry, which Brittany highlights as being driven by courageous and brave individuals.Engagement at Conferences: Brittany addresses the generational gap in conference participation and suggests enhanced virtual and global networking opportunities.Ongoing Initiatives: Discussion about the upcoming Women in Security Gala, its background, and its importance for networking and recognition within the community.Career Longevity in Security: Insight into challenges faced by young professionals and women in the industry, and the need for initiatives to retain this talent.Consulting in Security: Brittany's personal experience in the security tech startup world and her current consulting role, focusing on C-suite executive strategies and security education.AI and Future Trends: An analysis of AI's growing role in the security sector and its projected impact on the industry, emphasizing education and the integration of AI as a tool rather than a replacement.QUOTES"It's all about selling your ideas with the risk of not doing it or the cost of not doing it.""You need to be the knowledge expert of the top 10 tools that are out there.""It's about catching up with the younger generation and figuring out ways to just deepen the relationships virtually.""The turnover is really high. They just don't see value in the industry that they're in.""I've heard from many mentors: You sell with risk or budget or cost."Get to know more about Brittany Galli:LinkedIn: https://www.linkedin.com/in/brittanygalli/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.

As the busy season kicks off, the team pauses to reflect on two significant industry events they recently attended. They dive into their experiences at the annual Threat Management Conference  (TMC) hosted by the Association of Threat Assessment Professionals (ATAP) and CTG's 8th Annual Physical Cyber Convergence Forum in Phoenix. Both gatherings offered invaluable networking opportunities, thought-provoking discussions, and insightful conversations, proving worth the investment. Also discussed is Presage Global's recent LinkedIn EP Industry Training Survey. Join the discussion and let us know if you attended - protectiontalk@outlook.com

The CiCP team takes time out of their summer travels to discuss recent events, including the attempted assassination of former President Donald Trump, recent global network issues, and revelations about North Korean agents working inside well-known cybersecurity companies. Don't forget to rate us and send us your comments to protectiontalk@outlook.com

NEW! Text Us Direct Here!Joining us is Matthew Rosenquist, a renowned CISO, Cybersecurity leader and strategist, about the role of security leadership, cultural differences on data privacy, importance of choosing trustworthy vendors, and how to stop zero day attacks.Connect with Matthew:Webpage: www.cybersecurityinsights.usLinkedIn: https://www.linkedin.com/in/matthewrosenquist/ Cybersecurity Insights channel: https://www.youtube.com/CybersecurityInsights  Accelerate your CMMC 2.0 compliance and address federal zero-trust requirements with Kiteworks' universal, secure file sharing platform made for every organization, and helpful to defense contractors. Visit kiteworks.com to get started. We're thrilled to introduce Season 5 Cyber Flash Points to show what latest tech news means to online safety with short stories helping spread security awareness and the importance of online privacy protection."Cyber Flash Points" – your go-to source for practical and concise summaries.So, tune in and welcome to "Cyber Flash Points”

Security oversight is a double-edged sword, with many in the industry juggling roles as practitioners and administrators. Even within larger organizations that support distinct leadership functions, those in middle management often find themselves balancing hands-on tasks with supervisory responsibilities. Join the team as they catch up with Eablement Advisors' Ivor Terret. Long overdue, Ivor talks about the plight of management and how he sees the industry moving to support the shifting paradigm towards "at the speed of business." How do you juggle the administrivia with the day-to-day work? Tell us at protectiontalk@outlook.com

Today, Steve is speaking with Erik Avakian, who served as CISO for the Commonwealth of Pennsylvania in the United States for more than twelve years before moving into the private sector, where he currently works as the technical counselor at Info-Tech Research Group. Erik brings his passion and experience to a lively conversation in which he and Steve discuss coping with change through multiple leadership turnovers, practical examples of how security leaders can demonstrate their department's value to an organization beyond theoretical breach prevention, and overcoming challenges in the public and private sectors. Key Takeaways: 1. Embracing change in state/local government requires technical architecture and common architecture. 2. Public sector security faces unique challenges, including political considerations. 3. It's critical for public funds to be used efficiently while also reducing duplication of work and building knowledge sharing across agencies. 4. Security testing and phishing simulations can demonstrate return on security investment, saving time and money in the long run. Tune in to hear more about: 1. Embracing change in security leadership in the public sector (0:00) 2. Building security foundations in public sector organizations (4:45) 3. Funding challenges in security, with tips for effective resource utilization, building strong teams, and collaboration (8:48) 4. Demonstrating security value to business leaders through cost-benefit analysis and service metrics (14:02) 5. Demonstrating security value to non-technical stakeholders through practical examples (18:33) Standout Quotes: 1. One of the reasons I love the industry and I loved the position of CISO is you're constantly trying to just improve, right? You're not trying to rebuild every, all the time. You know that the business might want to rebuild, but you're there to constantly improve that foundation, continuingly building your team, and continually building your capabilities. So regardless of who comes and goes, you have that foundation, and you continue to grow it. - Erik Avakian 2. It's really about enabling the business. How can we say yes, but do things more securely and put a positive spin on it? Whereas, you know, in the past, you know, security is looked at oh, these are the guys that say no. So really, a CISO's a partner to the business, a collaborator building relationships, and really, that's been the change, right? It's gone from less of a technical kind of a thing to being a coach, being a leader, and really working and building those relationships at the business level. - Erik Avakian 3. I look at it as almost like a baseball team. So in the baseball world, you have a catcher, you have a pitcher, you have all these people on the field. And it's identifying what are the strengths of your team, and letting those players — if we look at it from that perspective — letting them thrive, letting them grow in the position that they're passionate about. And then you can just grow in that passion, give them the training, give them extra training, helping them build where they're really good at and what they really like to do. And then the baseball world is that example. We wouldn't necessarily make the pitcher catch — they might not be comfortable with that — or the catcher pitch, and all sorts of other things. Because they do what they do well, that's their position on the field. And what I've found is that if we can do that, we can build our teams and build rock stars out of them in the places where they really are passionate about, then we have retention. I think my retention throughout my tenure was almost 99%, because I looked at people as to what drives them. - Erik Avakian Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Join us for an insightful journey as we delve into the remarkable career path of John Imhoff, from his prestigious service in the FBI to his current role as a leader in global security. Discover the pivotal moments, challenges overcome, and lessons learned. Gain valuable insights and inspiration for your own career aspirations. Don't miss this exclusive interview! Subscribe now and hit the notification bell to stay updated on our latest videos. #fbi #GlobalSecurity #CareerPath #leaderships --- Send in a voice message: https://podcasters.spotify.com/pod/show/roninleadership/message

Get ready for a compelling blend of global affairs and lively conversation! We're thrilled to welcome back Dr. Treston Wheat, the mastermind behind the acclaimed 'Geopolitics and Gin' blog. Dr. Wheat, a security expert and our favorite PhD, will guide us through today's most pressing geopolitical issues, offering insights for protectors and leaders alike.  Join us as we unpack complex challenges and potential solutions while raising a glass (or two) with the good Doctor.  Expect a thought-provoking discussion alongside Dr. Wheat's favorite gin concoctions and other libations. Find Geopolitics and Gin here.  Give us your thoughts at protectiontalk@outlook.com

What qualities do CISOs need in order to be successful leaders in 2024? Today's guest can help us answer that question. We're pleased to Welcome Chris Betz, CISO of AWS to the show. Join us as Chris sits down for a conversation with Clarke Rodgers, Director of AWS Enterprise Strategy, to share his thoughts on everything from establishing a culture of security, to hiring for diversity, to mentoring the next generation of great security leaders.

The ides of March are here, and, accordingly, the CiCP team is taking time to break down some recent news regarding the threatscape. This time, they deep dive into: Threats against healthcare systems, CA Senate bill 553 (or is it 533!?!) Asymmetric threats posed by digital risks such as AI or Deepfakes Using software aimed at other industries (like advertising) can be utilized in the targeting space Network outages and your PACE plan Foreign Agents operating on US soil Significant events - elections, Olympics and much more... It's another full round of shop talk. Join the conversation at protectiontalk@outlook.com    

In this episode, we dive into the world of digital forensics and incident response. Spencer, Mark and Andrew discuss the various roles you might see on a DFIR team, the psychology of IR and the stages of incident response, the challenges of responding to cloud compromises, what comes after after the breach and so much more.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

We say security is the first priority at AWS, but how does that play out in everyday practice? Join us today as Adam Selipsky, CEO of AWS offers his unique perspective on top-down security leadership at AWS. In this conversation with Clarke Rodgers, Director of AWS Enterprise Strategy, Adam discusses his thoughts on company-wide security culture, CEO/CISO communication strategies and mechanisms, and how the CEO can support security initiatives from the top.Resources:Learn more about Amazon Bedrock, the easiest way to build and scale gen AI applications, and Amazon Q, a gen AI-powered assistant that can be tailored to your business.

Episode SummaryExplore the role of consolidated platforms in software development with our guest, John Delmare, Global Application and Cloud Security Lead of Accenture. This episode dives into the growing complexity in the developer space and how these platforms streamline processes and foster collaboration among distributed teams. We discuss balancing application and cloud security, the financial and time-saving benefits of integrated platforms, and the role of best-of-breed technology in an evolving tooling landscape. Tune in for a preview of future secure development practices and practical advice on navigating this dynamic space.Show NotesIn this engaging episode of The Secure Developer, host Simon Maple chats with John Delmare, Managing Director of Accenture and Global Application and Cloud Security Lead, about the movement towards platform consolidation in the field of DevSecOps.They dive into an in-depth exploration of the potential advantages and barriers that emerge from the reduction of tool sprawl. Using his extensive experience and insights, Delmare sheds light on how this development can enhance efficiency for developers and, at the same time, benefit companies by making processes more streamlined, cost-efficient, and effective.Not losing sight of the role of best-of-breed tools, the conversation takes a turn into how such tools fare in the current scenario, whether they still hold relevance, or if the consolidation trend is set to overshadow them. More intriguingly, Delmare and Maple delve into the potential implications of emerging technologies like General Artificial Intelligence (GenAI) on the strategies for security tooling.Further enriching the conversation, they emphasize the critical need for a common ground between security and development teams. Platform consolidation comes into play here by offering shared data views and aligning the teams towards unified goals, making the perfect case for seamless DevSecOps practices.This episode is packed with insights that would cater to developers, security professionals, and decision-makers in the IT industry, offering them a clearer view of the current trends and allowing them to make strategically sound decisions. Tune in to be part of this insightful conversation.LinksAccentureSnyk - The Developer Security CompanyFollow UsOur WebsiteOur LinkedIn

The CiCP team is privileged to have Ivan Ivanovich, a renowned protector who advocates for a proactive, intelligence-driven approach emphasizing prevention and readiness. From his extensive executive protection experience across diverse regions like the Balkans and Latin America, Ivan offers a unique perspective. He argues that the traditional image of bodyguards with armored vehicles and weapons needs to be matured. Our discussion centers on Ivan's book, "Executive Protection in the 21st Century: A New Vision," exploring the shifting threats faced by executives, the role of technology in modern protection, and the significance of cultural awareness in a globalized context. Tune in as we delve into Ivan's insights on proactive risk mitigation and navigating the dynamic landscape of executive protection.  Protectiontalk@outlook.com Ivan's Book: https://www.amazon.com/Executive-Protection-21st-Century-vision/dp/8419808210  

Episode SummaryIn this episode of The Secure Developer, Guy Podjarny and guest Sean Catlett discuss the shift from traditional to engineering-first security practices. They delve into the importance of empathy and understanding business operations for enforcing better security. Catlett emphasizes utilizing AI for generic tasks to focus on crafting customized security strategies.Show NotesIn this episode of The Secure Developer, host Guy Podjarny chats with experienced CISO Sean Catlett about transforming traditional security cultures into a more modern, engineering-first approach. Together, they delve into the intricacies of this paradigm shift and the resulting impact on organizational dynamics and leadership perspectives.Starting with exploring how an empathetic understanding of a business's operational model can significantly strengthen security paradigms, the discussion progresses toward the importance of creating specialized security protocols per unique business needs. They stress that using AI and other technologies for generic tasks can free up teams to concentrate on building tailored security solutions, thereby amplifying their efficiency and impact on the company's growth.In the latter part of the show, Catlett and Podjarny investigate AI's prospective role within modern security teams and lay out some potential challenges. Recognizing the rapid evolutionary pace of such technologies, they believe keeping up with AI advancements is crucial for capitalizing on its benefits and pre-empting potential pain points.AI-curious listeners will find this episode brimming with valuable insights as Catlett and Podjarny demystify the complexities and highlight the opportunities of the current security landscape. Tune in to learn, grow, and transform your security strategy.LinksSlackFedRAMPGitHub CopilotChatGPTSnyk - The Developer Security CompanyFollow UsOur WebsiteOur LinkedIn

Episode SummaryLaura Bell Main, CEO at SafeStack, discusses the two-fold implications of AI for threat modeling in DevSecOps. She highlights challenges in integrating AI systems, the importance of data verifiability, and the potential efficiencies AI tools can introduce. With guidance, she suggests it's possible to manage the complexities and ensure the responsible utilization of AI.Show NotesIn this intriguing episode of The Secure Developer, listen in as Laura Bell Main, CEO at SafeStack, dives into the intricate world of AI and its bearing on threat modeling. Laura provides a comprehensive glimpse into the dynamic landscape of application security, addressing its complexities and the pivotal role of artificial intelligence.Laura elucidates how AI has the potential to analyze vulnerabilities, identify risks, and make repetitive tasks efficient. As she delves deeper, she explores how AI can facilitate processes and significantly enhance security measures within the DevSecOps pipeline. She also highlights a crucial aspect - AI is not just an enabler but should be seen as a partner in achieving your security objectives.However, integrating AI into existing systems is not without its hurdles. Laura illustrates the complexities of utilizing third-party AI models, the vital importance of data verifiability, and the possible pitfalls of over-reliance on an LLM.As the conversation advances, Laura provides insightful advice to tackle these challenges head-on. She underscores the importance of due diligence, the effective management of AI integration, and the necessity of checks and balances. With proactive measures and responsible use, she affirms that AI has the potential to transform threat modeling.Don't miss this episode as Laura provides a thoughtful overview of the intersection of AI and threat modeling, offering important insights for anyone navigating the evolving landscape of DevSecOps. Whether you're a developer, a security enthusiast, or a tech leader, this episode is packed with valuable takeaways.LinksAgile Application SecuritySecurity for EveryoneMicrosoft STRIDEOWASP Top 10 for Large Language Model ApplicationsSnyk - The Developer Security CompanyFollow UsOur WebsiteOur LinkedIn

Metrics are an essential tool for measuring performance, efficiency, and reliability in any organization, big or small. However, getting started with metrics can be daunting. In this episode, the team speaks with Jim McConnell, a seasoned security expert with over 30 years of experience managing security organizations. Jim shares his expertise in defining and using metrics in a security organization. So, grab your pencil and enjoy the conversation! Also, if you're interested in learning more about converged security metrics, be sure to reach out to Jim at jim@askmcconnell.com and mention this podcast for a free PDF copy of top EP metrics from his book, "Converged Security Metrics: A Top 25 Set of Solutions.

Breaking into Cybersecurity w Kyle McIntyreKyle McIntyre on Linkedin https://www.linkedin.com/in/thekylemcintyre/Sponsored by CPF Coaching LLC - http://cpf-coaching.comThe Breaking into Cybersecurity: It's a conversation about what they did before, why did they pivot into cyber, what the process was they went through Breaking Into Cybersecurity, how they keep up, and advice/tips/tricks along the way.The Breaking into Cybersecurity Leadership Series is an additional series focused on cybersecurity leadership and hearing directly from different leaders in cybersecurity (high and low) on what it takes to be a successful leader. We focus on the skills and competencies associated with cybersecurity leadership and tips/tricks/advice from cybersecurity leaders.This podcast runs on listener support and funding. Consider supporting this podcast:https://breaking-into-cybersecurity.captivate.fm/supportCheck out our books: Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://amzn.to/3443AUIHack the Cybersecurity Interview: A complete interview preparation guide for jumpstarting your cybersecurity career https://www.amazon.com/dp/1801816638/_________________________________________About the hosts: Christophe Foulon focuses on helping to secure people and processes with a solid understanding of the technology involved. He has over ten years of experience as an experienced Information Security Manager and Cybersecurity Strategist with a passion for customer service, process improvement, and information security. He has significant experience in optimizing the use of technology while balancing the implications to people, processes, and information security by using a consultative approach.https://www.linkedin.com/in/christophefoulon/Find out more about CPF-Coaching at https://www.cpf-coaching.com- Website: https://www.cyberhubpodcast.com/breakingintocybersecurity- Podcast: https://feeds.captivate.fm/breaking-into-cybersecurity/- YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity- Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/- Twitter: https://twitter.com/BreakintoCyber- Twitch: https://www.twitch.tv/breakingintocybersecurityI host a podcast called Breaking Into Cybersecurity (https://www.youtube.com/c/BreakingIntoCybersecurity) which is usually recorded live, however, I am recording shorter offline spots for Security Leadership. Would you be interested in doing an episode?Its a quick episode recorded offline with a series of different questions on your views on leadership competencies and advice you would want to share with others in cybersecurity an overview of the questions are located in the booking https://calendly.com/christophefoulon/cybersecurity-leadership-callLeadership SeriesFocuses on the skills and competencies associated with cybersecurity leadership, as well as tips/tricks/advice from cybersecurity leaders. Breaking into Cybersecurity #LeadershipWe are doing a slight pivot to the show; we will start with the questions below, then pivot to a conversational style.1. Why did you become a cybersecurity leader vs. staying an individual contributor?2. What are the critical skills for cybersecurity leadership?3. What is your comfort level (1-5) with delegation, collaboration, and communication?4. How important would you consider “influence” as a skill, and why?5. How important would you consider ”networking” as a skill, and why?6. What advice would you give to future cybersecurity...

Happy MMXXIV. After a much-needed break from the action, the team returns with thoughts on immediate risks, opportunities, and issues affecting the protective risk community. The new year comes out of the gate, looking much like the one we just left. What should you be thinking about as we roll into 2024! protectiontalk@outlook.com

Episode SummaryGuy explores AI security challenges with Salesforce's VP of Security, Henrik Smith. They discuss the fine line between authentic and manipulated AI content, stressing the need for strong operational processes and collaborative, proactive security measures to safeguard data and support secure innovation.Show NotesIn this episode, host Guy Podjarny sits down with Henrik Smith, VP of Security at Salesforce, to delve into the intricacies of AI and its impact on security. As the lines between real and artificially generated data become increasingly blurred, they explore the current trends shaping the AI landscape, particularly in voice impersonation and automated decision-making.During the conversation, Smith articulates the pitfalls organizations face as AI grows easier to access and misuse, potentially bypassing security checks in the rush to leverage new capabilities. He urges listeners to consider the importance of established processes and the responsible use of AI, especially regarding sensitive data and upholding data governance policies.The episode also dives into security as a facilitator rather than an inhibitor within the development process. Smith shares his experiences and strategies for fostering cross-departmental collaboration at Salesforce, underscoring the value of shifting left and fixing issues at their source. He highlights how security can and should act as an enabling service within organizations, striving to resolve systemic risks and promoting a culture of secure innovation.Whether an experienced security professional or a tech enthusiast intrigued by AI, this episode promises to offer valuable insights into managing AI's security challenges and harnessing its potential responsibly.LinksSnyk's 2023 AI-Generated Code Security ReportSalesforceSnyk - The Developer Security CompanyFollow UsOur WebsiteOur LinkedIn

Episode SummaryIn this episode of The Secure Developer, our co-hosts Simon Maple and Guy Podjarny discuss the rise of AI in code generation. Drawing from Snyk's 2023 AI Code Security Report, they examine developers' concerns about security and the importance of auditing and automated controls for AI-generated code.Show NotesIn this compelling episode of The Secure Developer, hosts Simon Maple and Guy Podjarny delve into the fascinating and fast-paced world of artificial intelligence (AI) in code generation. Drawing insights from Snyk's 2023 AI Code Security Report, the hosts discuss the exponential rise in the adoption of AI code generation tools and the impact this has on the software development landscape.Simon and Guy reveal alarming statistics showing that most developers believe AI-generated code is inherently more secure than human-written code, but they also express deep-seated concerns about security and data privacy. This dichotomy sets the stage for a stimulating discussion about the potential risks and rewards of integrating AI within the coding process.A significant point of discussion revolves around the need for more stringent auditing for AI-generated code and much tighter automated security controls. The hosts echo the industry's growing sentiment about the importance of verification and quality assurance, regardless of the perceived assurance of AI security.This episode challenges conventional thinking and provides critical insights into software development's rapidly evolving AI realm. It's an insightful listen for anyone interested in understanding the interplay of AI code generation, developer behaviors, and security landscapes.LinksSnyk's 2023 AI-Generated Code Security ReportGitHub CopilotSnyk - The Developer Security CompanyFollow UsOur WebsiteOur LinkedIn

Episode SummaryIn this episode, Tomasz Tunguz of Theory Ventures discusses the intersection of AI, technology, and security. We explore how AI is revolutionizing software development, data management challenges, and security's vital role in this dynamic landscape. Show NotesIn this episode of The Secure Developer, Guy Podjarny engages in a deep and insightful conversation with Tomasz Tunguz, founding partner of Theory Ventures. They delve into the fascinating world of AI security and its burgeoning impact on the software development landscape. Tomasz brings a unique investor's lens to the discussion, shedding light on how early-stage software companies are leveraging AI to revolutionize market strategies.The conversation navigates through the complexities of AI in the realm of security. Tomasz highlights key trends such as data loss prevention, categorization of AI-related companies, and the significant security challenges in this dynamic space. The episode also touches on the critical role of data governance and compliance in the age of AI, exploring how these elements are becoming increasingly intertwined with security concerns.A significant part of the discussion is dedicated to the future of AI-powered software development. Guy and Tomasz ponder the evolution of coding, predicting a shift towards higher levels of abstraction and the potential challenges this may pose for security. They speculate on the profound changes AI could bring, transforming how software is developed and the implications for developers and security professionals.This episode provides a comprehensive look into the intersection of AI, technology, and security. It's a must-listen for anyone interested in understanding AI's current and future landscape in the tech world, especially from a security standpoint. The insights and predictions offered by Tomasz Tunguz make it an engaging and informative session, perfect for professionals and enthusiasts alike who are keen to stay ahead.LinksTheory VenturesOpenAIGitHubAmazon Web Services (AWS)Google CloudMicrosoft AzureMonte CarloGableSnyk - The Developer Security CompanyFollow UsOur WebsiteOur LinkedIn

Interim security leaders head up huge teams, babysit massive budgets and are (for a time) responsible for some of the most well known brands in the world. In this episode we talk to Alex Clixby and Ian Golding experienced interim and fractional CIOs to find out more about the role.  What challenges are unique to an interim? What sort of skills are needed to hold such a crucial role for a short period of time. Is Interim a way to avoid burnout or is it more prone to the issues? 

Episode SummaryIn this episode, Dr. Christina Liaghati discusses incorporating diverse perspectives, early security measures, and continuous risk evaluations in AI system development. She underscores the importance of collaboration and shares resources to help tackle AI-related risks.Show NotesIn this enlightening episode of The Secure Developer, Dr. Christina Liaghati of MITRE offers valuable insights on the necessity of integrating security considerations right from the design phase in AI system development. She underscores the fact that cybersecurity issues can't be fixed solely at the end of the development process; rather, understanding and mitigating vulnerabilities require continual iterative discovery and investigation throughout the system's lifecycle.Dr. Liaghati emphasizes the need for incorporating diverse perspectives into the process, specifically highlighting the value of expertise from fields like psychology and human-centered design to grasp the socio-technical issues associated with AI use fully. She sounds a cautionary note about the inherent risks when AI is applied in critical sectors like healthcare and transportation, which calls for thorough discussions about these deployments.Additionally, she introduces listeners to MITRE's ATLAS project, a community-focused initiative that seeks to holistically address the challenges posed by AI, drawing lessons from past experiences in cybersecurity. She points out the ATLAS project as a resource for learning about adversarial machine learning, particularly useful for those coming from a traditional cybersecurity environment or the traditional AI side.Importantly, she talks about the potential of AI technology as a tool to improve day-to-day activities, exemplified by email management. These discussions underscore the importance of knowledgeable and informed debates about integrating AI into various aspects of our society and industries. The episode serves as a useful guide for anyone venturing into the world of AI security, offering a balanced perspective on the potential challenges and opportunities involved.LinksMITRE ATLAS ProjectArsenal CALDERA Plugin for Adversary EmulationIBM's Adversarial Robustness Toolbox (ART)Microsoft's Counterfit ToolMIT AI 101 Course (free)Women in CyberSecurity (WiCyS)MITRE's Twitter AccountMITRE's LinkedIn PageSnyk - The Developer Security CompanyFollow UsOur WebsiteOur LinkedIn