POPULARITY
Gaydos and Monica Lindstrom (in for Chad) talk about why the Delta variant is being mentioned in the same breath as chicken pox, small pox and Ebola? See omnystudio.com/listener for privacy information.
Which is worse a lie or a secret, our listeners where pretty split down the middle.
Tre and Sam get into being a black comic in Houston. Also, welcome aboard our newest sponsor, VaultsOfLore.com
In today's podcast we talk about what's worse than not making money. To answer that question, I say losing it! Sometimes we can become so focused on making money that we move in a way that causes us to lose it. Let's Talk! --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app Support this podcast: https://anchor.fm/brittneybundles/support
Patti Lovett-Reid and Toonie Tuesday can be heard every Tuesday morning at 8:20 on The Andrew Carter Morning Show.
Anna shares her recent struggles with the HOA and neighbors who are the WORST, Boyer then tells us just what he thinks about women who drive around with "Baby On Board" decals and fires the ladies up!
It's National Running Day! Most of us strongly dislike running here at the Andie Summers Show. In today's Shower Thoughts segment, Andie Dave and Donnie discuss what they believe is worse than running. Listeners take to our Facebook and Instagram to share what activities they despise. See omnystudio.com/listener for privacy information.
This is the first time Jay couldn't pick an answer during Cross Exam!
Finishing Above Spurs But... UEFA Conference League | What's Worse? | #TGTPodcast Tom - Main Writer at 101 Great Goals: https://101greatgoals.com/author/tcan... SoundCloud: https://soundcloud.com/the-gooner-talk Spotify: https://open.spotify.com/show/1dThyaK... iTunes: https://podcasts.apple.com/gb/podcast... Please leave us a nice review! Contact: DM open @TomCantonMedia Thanks to our sponsor Football Prizes: https://footballprizes.co.uk/competit... Become a member, help support the channel and get access to exclusive content and logos. https://youtube.com/channel/UChxMBYdQ... Follow us on: Twitter: https://twitter.com/TheGoonerTalkTv Instagram: https://instagram.com/thegoonertalk?i https://fantasy.premierleague.com/lea... League Code: vfeqfo
... Lies, misleading statements, or obfuscation of the truth? See omnystudio.com/listener for privacy information.
... Lies, misleading statements, or obfuscation of the truth? See omnystudio.com/listener for privacy information.
Michael Berry takes a look at Congressman Charlie Crist's bid for Governor of Florida, and his flip-flopping history; Steve Milloy, author, joins the show to discuss his recent article "Biden's Climate Road To Nowhere"; John Schweppe, Director of Policy and Government Affairs at the American Principles Project, makes an appearance to talk about a bill in Florida to protect women's sports against transgender athletes.
Invisible Asia Ep 5: ‘What's worse than the job is the humiliation we face' 11:56 min Synopsis: The Invisible Asia Podcast is a special edition series in which The Straits Times casts the spotlight on people and communities living in the shadows of their societies where they exist largely unseen and unheard of. Do follow all nine episodes of Invisible Asia over the next two months on The Straits Times podcast channel on Apple podcasts, Spotify or Google podcasts. The Straits Times' India correspondent Rohini Mohan shines the spotlight on India's sewer cleaners. As many as a million Dalits - the lowest of the low in India's caste-ridden society - still ply the dangerous trade despite it having been outlawed for years. And they are powerless to escape it. In a country plagued with millions of choked toilets and drains, these indispensable workers go about their jobs daily without professional equipment, risking death from toxic fumes or drowning in liquid human waste, all to eke a living. Our series' narrator is Tan Jia Ning: Pedanna speaks of clearing out human waste in the streets, homes and offices, and of the abuse he faces daily for being a sewer cleaner (0:55) The Indian government's efforts to outlaw the dehumanising practice of manual scavenging has served only to force these workers underground (3:24) Few police complaints are ever filed when a sewer cleaner dies at work, and the workers are often powerless to fight for compensation (5:54) Senior sewer cleaner Munisamy shares how he copes with the daily disgust and humiliation he faces on the job (9:03) Munisamy's 17-year-old granddaughter Chandana is among a new generation of Dalits who refuse to be silenced (9:50) Read the full story by Rohini Mohan: https://www.straitstimes.com/asia/whats-worse-than-the-job-is-the-humiliation-we-face Produced by: Magdalene Fung, Tan Jia Ning, Sazali Abdul Aziz, Rohit Brijnath, Penelope Lee, Ernest Luis & Adam Azlee Edited by: Adam Azlee Discover Invisible Asia Podcast playlist: https://omny.fm/shows/st-bt/playlists/invisible-asia Discover Invisible Asia Video playlist: https://www.youtube.com/playlist?list=PLnK3VE4BKduNKeEL19yhXFVHxGB8X315b Discover ST & BT podcasts: Channel: https://str.sg/JWVR Spotify: https://spoti.fi/2PwZCYU Apple Podcasts: https://apple.co/2Lu4rPP Google podcasts: http://str.sg/googlestbt Websites: http://str.sg/stbtpodcasts https://bt.sg/moneyhacks Feedback to: podcast@sph.com.sg --- Discover more niche podcast series by ST and BT below: Follow BT Money Hacks Podcast on: http://bt.sg/btmoneyhacks Follow BT Mark To Market Podcast on: http://bt.sg/btmark2mkt Follow Health Check Podcast on: https://str.sg/JWaN Follow Green Pulse Podcast on: https://str.sg/JWaf Follow Asian Insider Podcast on: https://str.sg/JWa7 Follow Lunch With Sumiko Podcast on: https://str.sg/J6hQ Follow #PopVultures Podcast on: https://str.sg/JWad Follow Life Weekend Picks Podcast on: https://str.sg/JWa2 Follow #GameOfTwoHalves Podcast on: https://str.sg/JWRE Follow Bookmark This! Podcast on: https://str.sg/JWas Follow our shows then, if you like short, practical podcasts! #InvisibleAsia See omnystudio.com/listener for privacy information.
This week we talked about Rumors and Gossip. From the ones that plagued our personal life, to the ones that have infiltrated the lives of Celebrities and public figures...we well gossiped. We discussed the #KimYe breakup....again, the #Saweetie and #Quavo breakup, #PrinceAndrew gossip, #Arod and #JLo rumors, #Verzuz battles and even #sports. YepYeahYes we were well rounded this week. In addition our own personal stories of gossip drew a couple of laughs from one another. Stay until the end of the episode to hear #TamiekasThoughts about #ThisIsNotAmerica. . . . Make sure to #download and #subscribe to the show and watch the full video on Youtube via https://www.youtube.com/channel/UCiVNvoQYG05Yz2Jf2pouHNw You can also donate to the show via #cashapp and #venmo at YepYeahYes. Help us pay for microphones, headphones and other digital equipment that will make us look and sound like we live in 2021. Thanks to those of you that already donated. . . . . . #family #yourvillage #WAP #Politics #Media #Podcast #Podcasters #WomenWhoPodcast
I Was a Communist for the FBI starring Dana Andrews, originally broadcast February 18, 1953, 68 years ago, The Black Gospel. Cvetic battles a group of insane nihilists.
Replacing your inner story using the Word of God, will strengthen your belief. This increases your faith which promotes permanent change and Kingdom Living.
Reviewing watching the where are they now toddler and tiaras episodes. Who's wrong the kids or parents??? --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app
Airs LIVE Wednesdays 8 pm EST with co-hosts The Honorable Deacon Alowishus 4 Everlove and Christopher Tracy. Post on the show's Facebook page 'Lonely Hearts' Cafe' or tweet @lonelyheartscaf #lhc to join the conversation or call in: 334-505-1940. Pour a drink and join the fellas!
En route to the Cocytus River, the New Kids run into a strange group of Frog Beings called Troglodytes. They offer the heroes a deal...which they have trouble stomaching and decide to head for the Cocytus RIver on their own! Check us out on twitch at Twitch.tv/fandomencounters to see us play live on Thursday at 7:30 pm EST, and find us on Instagram @fandom.enocunters for art of NPCs and PCs alike! --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app
WELCOME BACK TO ANOTHER EPISODE!!!!!!! No Life Chronicles this week so we slid straight into our RQOTD: "How did you meet your first love?" (6:26) Hot Topics: Proud Boys, 21 Savage is hilarious, and etc (16:21). Let's Speak On It "What's Worse?" (1:03:50). RATE, SUBSCRIBE, AND TELL A FRIEND OR TWO If you have anything you want to be discussed on the show hit up @speakmannyspeakpod on Instagram or email us at speakmannyspeak@gmail.com Manny: IG & Twitter @manny2n1ce Smilez: IG @smilez2tz Su: IG @simply_su Jas: IG & Twitter @muted_emotions --- Send in a voice message: https://anchor.fm/speakmannyspeak/message Support this podcast: https://anchor.fm/speakmannyspeak/support
The Jubal Show calls posing as the post office, to let Natalie know her package was destroyed. They keep passing her to the next person with really bad wait music using the WORST Christmas songs of all time! Let us know what you think on social!Follow us at: @thejubalshow @jubalfresh @thatdreas @evanontheradio
It's the real debate today!
MLB has an opportunity to have one of two catastrophes happen in the upcoming World Series... They can have either the Rays or the Astros make it!! which is worse? Kravitz weighs in!
See omnystudio.com/listener for privacy information.
Arguably, the only thing worse than an empty fridge is one filled with spoiled, mouldy foods. Ben Malouf joins John Stanley for ‘Food and Wine’, discussing everything from food storage tips to keep food fresher, the ideal gin concoction and Australia’s potential coffee snob culture. Looking for something a little juicer? Join them with mocktail in hand as they test ‘Box Mixers’, 100% Australian cocktail cordials and speak to the ongoing Big Mac vs. Big Jack burger battle. See omnystudio.com/policies/listener for privacy information.
See omnystudio.com/policies/listener for privacy information.
It's a Not For Me Monday with Puck & Slick! Puck and Slick discuss if Shaquil Griffin was beaten by D.K. Metcalf in a drill, which leads to the discussion, "what's worse than Seahawks Twitter, Weekend Recap & more!
eMarketer analyst Ross Benes, senior analyst Audrey Schomer and vice president of content studio at Insider Intelligence Paul Verna discuss the full release of NBCUniversal's new video streaming service, Peacock, and where it slots in to a crowded market. Then eMarketer principal analyst Mark Dolliver and vice president of research Jennifer Pearson discuss some new and interesting findings about young people's use of screens.
Recorded 7/27 - 7/29/2020 Are online buy/sell listings a "buyer" or "seller" beware when it comes to OBO (Or Best Offer) ? Jon and Tadiwa from the Puzzled Minds podcast joins the show and shares their show origin while discussing tacos and eggs with Jhae. Wes Tankersley of Shaping Success podcast joins for the builders corner segment and Jhae goes toe to toe with a 2020 premium mid size SUV. Show outline: O.B.O. Puzzled Minds Builders Corner (installing nerf bars) Rental Car of the Week Social Media Q&A Guests: Puzzled Minds Podcast Shaping Success with Wes Tankersley Get in Touch with the Podcast Instagram: na2nsx / jhae_travels YouTube: Hard Parking Media Facebook: HardParkingMedia Twitter: HardParkingPod Show Merchandise: Shop now at Teespring Support the show: Support This Podcast Email: HardParkingPodcast@gmail.com --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/hardparkingpodcast/message
Holmberg's Morning Sickness - The Entertainment Drill - Thursday July 30, 2020
All links and images for this episode can be found on CISO Series (https://cisoseries.com/how-will-the-candidate-respond-to-whats-worse/) A potential candidate's response to a "What's Worse?!" question will show how they can handle risk decisions. This episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our sponsored guest this week is Elliot Lewis (@elliotdlewis), CEO, Keyavi Data. Thanks to this week's podcast sponsor, Keyavi Data (formerly Encryptics) Now you can share data without ever losing control of it. Our advanced architecture makes data self-protecting, intelligent and self-aware – wherever it goes, no matter who has it. Our .SAFE patented multi-key technology enables data to evaluate its own safety conditions, including geo-sensing, recipient authentication, and policy changes from its owner. Contact Keyavi Data today and see for yourself. On this week's episode Why is everybody talking about this now If we could change one thing about the cybersecurity industry, what would it be? Rilhouse on reddit brought this post by Naomi Buckwalter of Energage to my attention. What you can change are processes and behavior currently in the industry. Is this the best solution? Both Mike and Elliot hire cybersecurity talent. Here's a question from bubblehack3r on reddit who asked during our AMA. "What are your different methods and tools you use to verify and test the professionally of a new hire in the cyber security domain?" "What's Worse?!" The shortest ever "What's Worse?!" question. Please, Enough. No, More. Encryption. We've had it around for decades, but people and companies still don't use it. What have you heard enough about regarding encryption and what would you like to hear a lot more? It’s time for “Ask a CISO” What have Mike and Elliot learned from a product deployment that they didn't realize until after they deployed it.
All links and images for this episode can be found on CISO Series (https://cisoseries.com/nytimes-critic-called-our-security-theater-unconvincing/) We tried to pull off the Hamilton of security theater and we fell short. This episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest this week is Shawn Bowen (@smbowen), CISO, Restaurant Brands International which handles restaurants such as Burger King, Popeye's, Tim Hortons, and Louisiana Kitchen. Thanks to this week's podcast sponsor GitGuardian. GitGuardian empowers organizations to secure their secrets - such as API keys and other credentials - from being exposed in compromised places or leaked publicly. GitGuardian offers a threat intelligence solution focused on detecting secrets leaked on public GitHub and an automated secrets detection solution which tightly integrates with your DevOps pipeline. On this week's episode How CISOs are digesting the latest security news We recorded this episode on June 24th, just a five days after Trump's first rally in Oklahoma where purportedly TikTok fans en masse were able to register for Trump's rally and fool his entire staff into believing that 1 million people had registered and were planning to attend his rally. In the end, the arena was less than half full. We are all well aware that some cyber protests can cause serious damage, but does this one? Is this the kind of peaceful cyber protests that we should encourage or not encourage? Dan Lohrmann at Security Mentor posted this discussion and said no matter what political affiliation you're on this is a call for more cybersecurity because this will happen again. But is this the fault of Trump's cyber team or his social media team for not keeping an eye on TikTok? Why is everybody talking about this now? On AskNetSec on reddit, NoInterestingGuy, a college student starting his first internship at a security firm, posted he likes to participate in "extracurricular activities". He then asked, "If I were to get caught with a crime related to cyber security, would that impact my chances significantly of getting hired in the future for a security company?" The community almost resoundingly said, "Stop," but has Mike and our guest ever hired someone with a cybercrime past or caught an employee engaging in cybercrime? How did they handled it. Is there an "it depends" meter? We all do stupid stuff in college. What's Worse?! Is the unknowing always the worst? It's security awareness training time On CSO Online, J.M. Porup wrote a piece about five examples of security theater and how to spot them. Security theater refers to the practice having a show of implementing security where its effectiveness is in question. Some examples are purposefully complex passwords, checkbox compliance, and bad security awareness training. How do we spot security theater? Is there any value to security theater? What's the antidote? If it's in place, how do we eradicate it? What Is It and Why Do I Care? We played this game before and like the "What's Worse?!" game, the title pretty much explains it. I have three pitches from three different vendors who are all in the same category, Security Awareness Training. I have asked the reps to first, in 25 words or less, just explain their category. That’s the “What Is It?” and then for the “Why Do I Care?” I asked them to explain what differentiates their product or makes them unique also in 25 words or less. It is up to Mike and Shawn pick their favorite of each and explain why. I only reveal the winning contestants and their companies.
All links and images for this episode can be found on CISO Series (https://cisoseries.com/why-am-i-working-harder-during-this-pandemic/) Is it the increased work or the pandemic itself that's causing us all to work more than we've ever worked before? This episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest this week is Christopher Zell, vp, head of information security, The Wendy’s Company. Thanks to this week's podcast sponsor GitGuardian. GitGuardian empowers organizations to secure their secrets - such as API keys and other credentials - from being exposed in compromised places or leaked publicly. GitGuardian offers a threat intelligence solution focused on detecting secrets leaked on public GitHub and an automated secrets detection solution which tightly integrates with your DevOps pipeline. On this week's episode Why is everybody talking about this now? On TechRepublic, Scott Matteson wrote an article about cybersecurity pros working harder than ever during the pandemic. Stuart Mitchell of Stott and May posted the article to LinkedIn and asked if anyone has taken a day off since COVID-19 started, and the general consensus is no. I see a multitude of factors affecting this: increased surface area to protect, compliance is more difficult, I also have to deal with my family, and where the heck is anyone going to go for vacation? I guess I'll just work. Close your eyes and visualize the perfect engagement On LinkedIn, our guest Chris Zell asked others to be more welcoming when you see someone post "aspiring cybersecurity professional." We discussed the approach and what the community could teach us. What's Worse?! Three options of how to talk to the board. There’s got to be a better way to handle this On CSO Online, Mary Pratt has a guide for CISOs on securely laying people off. What are critical technical considerations during layoff time, and as a manager how do you manage security for those people who are still there. Have either of you made a massive security mistake during a layoff that was a great learning experience for you? What Is It and Why Do I Care? We played this game before and like the "What's Worse?!" game, the title pretty much explains it. I have three pitches from three different vendors who are all in the same category of governance, risk and compliance or GRC. I have asked the reps to first, in 25 words or less, just explain their category. That’s the “What Is It?” and then for the “Why Do I Care?” I asked them to explain what differentiates their product or makes them unique also in 25 words or less. It is up to Mike and Chris to pick their favorite of each and explain why. I only reveal the winning contestants and their companies. Ready to play?
Dom and Yoda wonder what's worse these days for the future of theaters: Covid or Wokeness? Contactus@lastmovieoutpost.com if you want to drop us a line! Come to our youtube channel: https://www.youtube.com/channel/UCAIS6XD5XFyG6g-KPAmSDHg Official site: https://lastmovieoutpost.com Twitter: https://twitter.com/DrunkenYoda1/ or https://twitter.com/MovieOutpost Facebook: https://www.facebook.com/lastmovieoutpost
All links and images for this episode can be found on CISO Series (https://cisoseries.com/i-have-the-perfect-job-for-you-but-probably-not/) You put those qualifications on your resume, and I queried. So don't blame me for getting your hopes up. This episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest this week Brandon Greenwood, vp, security, Overstock.com. Thanks to this week's podcast sponsor Trend Micro. Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks, and endpoints. For more information, visit www.trendmicro.com. On this week's episode How CISOs are digesting the latest security news Paul Martini of iboss asks, "What network weaknesses has the current pandemic revealed?" Close your eyes and visualize the perfect engagement As evidenced by a previous episode, security recruiters have a hard time getting some respect. Let's discuss this issue from the viewpoint of the candidate. On Peerlyst, David Froud of Concept Security felt that the recruiter approach of saying I have a perfect job for you was misguided. Mike and our guest talk about their early security careers and how welcome they were to approaches from security recruiters. What's Worse?! Crappy tools or crappy team? What's worse? I tell ya, CISOs get no respect On CSO Online, Neal Weinberg has a story about hard truths security professionals have to deal with. One item was the outright lack of respect, being misunderstood and underappreciated, from the board and your coworkers. I know the generic response is communications and listen, but I want to know what are ways to command leadership so those do pay attention to you and you do get that respect. We discuss specific turning points in security leadership careers that allowed Mike and our guest to do this. Vendors have questions. Our CISOs have answers Dennis Underwood of Cyber Crucible asks if you can you be a threat hunter if you have to sign NDAs. Are NDAs the cover up so companies don't have to reveal information about their failed defenses? And are NDAs a common occurrence in bug bounties?
All links and images for this episode can be found on CISO Series (https://cisoseries.com/we-compensate-our-low-paying-ciso-jobs-with-high-stress/) On this week's episode we're seeking candidates for unrealistically low-paying CISO positions. This episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest this week is Nir Rothenberg, CISO, Rapyd. Thanks to this week's podcast sponsor Trend Micro. Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks, and endpoints. For more information, visit www.trendmicro.com. On this week's episode Why is everyone talking about this now? On LinkedIn, Farhan Khan, a recruiter at CyberApt Recruitment, told a tale of getting a call asking if he could help his company recruit a seasoned CISO for their 300+ person company. He was excited until he found out the salary they were offering the CISO was in the range of $90-$105K. We've talked before about unrealistic CISO salaries before, but this is actually below the rate of entry level cyber positions in the Bay Area. How do CISOs or heck any cybersecurity professional handle someone's unrealistic expectations? Do you say something or just say, "No thank you"? Also, Davi Ottenheimer of Inrupt, brought this story to my attention and argued that high CISO salaries are just attracting fraudsters. Does our panel agree, and if so, what would a company have to be wary of? Mike's Confused. Let’s help him out On previous shows Mike has admitted he would not want to (not confused although that may be part of it) run the IT department. Nir mentioned that he feels that getting out of one's comfort zone is critical, no matter what department you're in. What are the pros and cons of other departments not just being security aware, but taking on cybersecurity responsibilities? And vice versa, cybersecurity taking on other department responsibilities? How far can/should it go? What's Worse?! Too much flexibility or too many restrictions? We’ve got listeners and they’ve got questions Anya Shpilman of Swiss Gulf Partners sent recorded this question: "I'm a recruiter and I specialize in cybersecurity recruitment. At the end of the show everyone says they're hiring. But I have a hard time getting traction from CISOs. So what would you like to see/hear in those initial emails or LinkedIn messages." Go here to record a question to be played on one of our shows. Umm, Is this good idea? I recently published an article on CISO Series entitled "25 API Security Tips You're Probably Not Considering”. The very first tip, from Gary Hayslip, CISO, Softbank Investment Advisers, is K.I.S.S. or Keep It Simple Stupid. I then went on to provide 24 more tips from experts which if you were to deploy them all would in no way be simple. KISS sounds great in theory, but how the heck do you pull it off in practice. Can you point to an example of how you took something that was complicated and simplified it?
Our fear of failure is often what holds us back from doing the things we want to do. However, there is something far worse than failure and that is never trying. Listen to this episode to learn how to fail better. To get more info on Inner Compass: The Course: https://www.wholehearted-coaching.com/innercompass If you want to check out this week's Mindset Monday get on Shirin's email list: https://forms.aweber.com/form/26/1798524926.htm Or head to: https://www.instagram.com/wholeheartedcoaching
All links and images for this episode can be found on CISO Series (https://cisoseries.com/keep-pouring-ill-tell-you-when-ive-had-enough-security/) When do we hit the diminishing returns of too much cybersecurity? How will we know? Will a bell go off? Will our cup runneth over? This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest is Tony Sager, svp, chief evangelist, Center for Internet Security. Thanks to this week's podcast sponsor, AppOmni. AppOmni is the leading provider of SaaS security and management platform for the enterprise. AppOmni provides unprecedented data access visibility, management and security of SaaS, enabling organizations to secure mission-critical and sensitive data. With AppOmni, organizations can automatically and continuously enforce rules for data access, data sharing and third-party applications. On this week's episode Looking down the security roadmap Dean Webb of ForeScout asked this great question on Peerlyst. "What are the things that are the hardest to fix that leave organizations the most vulnerable?" These are not the quick security fixes or low hanging fruit, but rather the big projects that nobody wants that often never get finished. What are they and is there any way to make them not so painful? It’s time for “Ask a CISO” sitdownson on reddit's AskNetSec asked, "How and when did you decide to specialize?" Sultan_of_Ping answered, "For most people it's not a decision, the specialization comes to them." Do you get a taste of everything and then determine which one you're passionate about? Do you read market demands (e.g. cloud security) and go in that route? What have you seen your colleagues do? What's Worse?! A "What's Worse?!" first - FOUR scenarios. Which one is worst? Here's some surprising research We're revisiting the Verizon Data Breach Investigations Report. Tony's organization, Center for Internet Security had a hand in the report and specifically at the end where you map the CIS top 20 to the breach findings. In particular, the report notes that there are 171 safeguards that are grouped based on the resources and risks the organizations are facing. Has anything shifted significantly in this most recent report? What’s the return on investment? Tip of the hat to Norman Hunt, Deputy CISO, GEICO, who sent this article from HelpNet Security about a study on CEOs and CISOs approaches to "When is security enough security?" There seems to be a disparity with CEOs being more confident with the security that CISOs. I have to assume that mature understanding of risk is the biggest contributor, and the nature of the job of a CISO who sees more threats than the CEO, but only in a cyber context. A CEO sees all the other risks. What causes such swings in opinions?
All links and images for this episode can be found on CISO Series (https://cisoseries.com/facebook-personality-quiz-asks-whats-your-favorite-password/) What's your favorite combination of letters, numbers, and symbols you like to use to log onto your favorite app or financial institution? Let us know and we'll see if it matches any of your friends! This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest this week is Lakshmi Hanspal (@lakshmihanspal), CISO, Box. Thanks to this week's podcast sponsor, CyberArk. At CyberArk, we believe that sharing insights and guidance across the CISO community will help strengthen security strategies and lead to better-protected organizations. CyberArk is committed to the continued exploration of topics that matter most to CISOs related to improving and integrating privileged access controls. On this week's episode Why is everybody talking about this now? On AskNetSec on reddit, user u/L7nx asks, "How do you handle alert fatigue?" Many vendors out there listening want to scream, "We've got a single pane of glass solution!" On reddit, Kamwind commented that it's not so much managing the output, but rather the input and false positives. "What are you doing to tune those rules and IOCs (indicators of compromise) to reflect your network vs accepting them from whatever vendor you're getting them from." Is alert fatigue a real thing and what can be done to manage input and output? It's security awareness training time There's a meme resurfacing that pokes fun at Facebook personality quizzes that ask seemingly innocuous questions such as "What's Your Favorite Band?" and "What's Your Favorite Teacher's Name?" In the meme, the answers to each question are just one word of the sentence, "Stop giving people your personal info to guess your passwords and security questions." We've talked about training programs that rely on fear. Humor seems rather effective here, but heck, I don't know. Does humor in security training work? Does fear? What tone have you seen actually foster behavioral change? What's Worse?! Do you likeable or useful vendors? Sometimes they're not both. Here's some surprising research The Verizon DBIR is out. Mike's favorite. There's a ton to unpack as there always is, but for this segment I just want to visit one item in this report and that's configuration errors. From a quote by Larry Dignan on ZDNet: "Errors definitely win the award for best supporting action this year. They are now equally as common as social breaches and more common than malware... hacking remains higher, and that is due to credential theft and use." I get the sense that second to black hat hackers, we're our own worst enemy. One argument for the increase in cloud breaches is because security researchers and others are discovering exposed storage in the cloud. Could it be just poor training of cloud security? Or poorly maintained cloud providers? Vendors have questions. Our CISOs have answers Landon Winkelvoss of Nisos asks, "What do your good vendors do on an ongoing basis (quarterly, monthly, weekly, etc) that make renewals easier around budget season? How often should they do it? What metrics and impacts to the business should they document and present that make this relatable to people outside of security such as the CFO?"
Special announcement! A new series is being released over on YouTube @celestial_fit where you can hear minisodes related to making peace with food, your body and your goals directly from me. I will be sharing direct and immediately implementable knowledge around mindset, personal development, psychology, and other introspective topics for you to apply to your life. In this announcement episode, I share the first one which provides insight into improving your relationship with food & overcoming that all or nothing mentality by shifting your perspective. It was actually the exact shift I personally needed to help begin developing a healthier relationship with food. This series is consistent of short and sweet audio clips. Some will be dispersed on this podcast in the form of random minisodes as well as IGTV videos. But make sure you are subscribed on YouTube so you don't miss them as they'll always be released their first... To get access to a few now visit my YouTube Channel: https://www.youtube.com/c/celestialfit MINISODES LIVE ON YOUTUBE: 1: "What's Worse? 1 Now or 10 Later?"; The Shift I Needed to Begin Mending My Relationship with Food. 2: The Motivating Question You Haven't Asked Yet but Need to Know the Answer to 3: 4 Journal Prompts for Strengthening Trust in Yourself to Get the Results You Want Enjoy! and don't forget to tag me as you listen :) @celestial_fit
All links and images for this episode can be found on CISO Series (https://cisoseries.com/great-security-program-too-bad-we-cant-implement-it/) Security theory only goes so far. If you want your security program to work, everyone has to do their part. This week’s episode of CISO/Security Vendor Relationship Podcast features me, David Spark (@dspark), producer of CISO Series, and co-host Mike Johnson. Our sponsored guest is Scott McCormick, CISO, Reciprocity. Thanks to this week's podcast sponsor, Reciprocity. ZenGRC by Reciprocity is a cloud-based GRC software that automates and simplifies compliance and risk management, solving critical problems at scale while customizing to your business needs. Adhering to the majority of regulations is a snap with pre-built templates and a unified system of record. Learn more at reciprocitylabs.com. On this week's episode How CISOs are digesting the latest security news The Wall Street Journal has a story about cybersecurity budgets during the COVID-19 crisis. Many companies are dealing with budget cuts across the board. One issue mentioned was that the first items to go from the cybersecurity budget would probably be big projects that require a lot of integration. So as to avoid getting left on the cutting room floor, what would be your advice to vendors on how better to situate themselves, prepare, and prove to potential buyers that they can help with the ease of that integration? Also, for those security leaders, how do they best show compassion to the rest of the business and don't just fight for their slice of the budget pie? It’s time for “Ask a CISO” On reddit, countvonruckus states and then asks, "It's great to see CISOs giving back through mentorship. As a younger professional looking to become a CISO someday, it can be difficult to get a minute of a senior leader's time even for critical work decisions. How should someone looking to find a mentor or to benefit from the mentorship of a particular leader go about asking in a respectful but effective way? Is there anything a mentee can do to provide value in exchange that will make it more worthwhile for mentors?" It's time to play, "What's Worse?!" Two "What's Worse?!" scenarios nobody likes but many have faced especially now. Please, Enough. No, More. Operationalizing GRC. What have you heard enough about operationalizing GRC, and what would you like to hear a lot more? Looking down the security roadmap On Quora, the question was asked, "Do cloud providers implement governance, risk management and compliance (GRC) well?" I didn't know how one would define "well" and what we should expect from cloud providers to help with GRC efforts. This harkens back to our last segment, because we would hope that cloud providers could actually help us operationalize GRC. What are cloud providers doing to help in GRC efforts?
All links and images for this episode can be found on CISO Series (https://cisoseries.com/we-promoted-the-competition-and-still-won/) If you're having a problem getting people to discover your space, then maybe you have to do a better job promoting the space even when it involves the competition. This week’s episode of CISO/Security Vendor Relationship Podcast features me, David Spark (@dspark), producer of CISO Series, and co-host Mike Johnson. Our guest is Zohar Rozenberg, former head of cyber department in the Israel Defense Force, and current CSO of Elron Electronic Industries. Thanks to this week's podcast sponsor, Reciprocity. ZenGRC by Reciprocity is a cloud-based GRC software that automates and simplifies compliance and risk management, solving critical problems at scale while customizing to your business needs. Adhering to the majority of regulations is a snap with pre-built templates and a unified system of record. Learn more at reciprocitylabs.com. On this week's episode Why is everybody talking about this now? On this podcast we have sponsored guest episodes in which we dedicate a segment of the show for the sponsor to talk about their category. I was just given the heads up by a listener that a competitor of one of our sponsored guests, actually promoted that episode via an email marketing campaign. I asked the community why they thought that happened. Did the company know they were promoting a direct competitor's solution, or were they of the philosophy of let's promote the space. The more people who know about this problem that benefits the entire industry and in turn that helps our competitor and us. Most people on LinkedIn agreed with the latter and actually thought it was a savvy marketing move possibly demonstrating that the competitor was confident with their product. It’s time for “Ask a CISO” Tip of the hat to Sounil Yu, CISO in residence at YL Ventures for bringing up Mike's comment in a Slack channel of your frustration with cybersecurity startups who end up having an "us too" attitude towards creating the next cybersecurity solution. It seemed their only credentials was a successful exit, but not presenting a unique solution to an actual problem. You claimed a criteria that you would only meet with a founder who had a committed idea to a product. But how do you differentiate between an "also ran" and a unique solution? What's Worse?! One of our most challenging debates ever Close your eyes. Breathe in. It’s time for a little security philosophy On our CISO Series Video Chat, Bob Henderson of Intelligence Services Group asked, "Has measuring risk itself become a risk? Since risk is primarily arbitrary depending on who defines the risk wouldn’t the solutions be arbitrary and thus add complexity and uncertainty. Which are contributors to risk." Let's dig a little deeper What are the intrinsic training elements of Israel's elite 8200 that results in so many of the graduates going on to become cybersecurity entrepreneurs? What if anything can other organizations, military units or schools learn from this?
All links and images for this episode can be found on CISO Series (https://cisoseries.com/three-years-experience-required-for-sub-entry-level-positions/) Our motto for hiring: We never give up on our unreasonable expectations. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our sponsored guest is Brandon Traffanstedt, global director of systems engineering, CyberArk. Thanks to this week's podcast sponsor, CyberArk. At CyberArk, we believe that sharing insights and guidance across the CISO community will help strengthen security strategies and lead to better-protected organizations. CyberArk is committed to the continued exploration of topics that matter most to CISOs related to improving and integrating privileged access controls. Are we making the situation better or worse? On LinkedIn, Gabriel Friedlander of Wizer asked, "Should we be doing home risk assessments?" Could we create bigger problems if we do that? Gabriel's post generated a debate on what actions can significantly reduce risk. Is there value in a home risk assessment and if so, what's it going to reveal? It’s time for “Ask a CISO” On reddit, crossfire14 asks, "Why are helpdesk roles requiring 2-3 years experience? I thought they were entry level friendly? Im trying to start at lower positions to work my way into infosec yet I cant seem to qualify for any helpdesk roles because of exp?" I looked and actually these entry level positions are often asking for 3-5 years experience. Is this required? If not, what IS required for an entry level help desk role and what's the best way to show that? "What's Worse?!" Two horrible company debilitating options that have happened in real life. How would you survive either one? Please, Enough. No, More Our topic is Privileged Access Management, or PAM. What have Mike and Brandon heard enough about with PAM, and what would they like to hear a lot more? The great CISO challenge Outsider attacks, insider attacks, your assets, networks, people, and controls - what DOESN'T always change in security? If we assume that consistency is synonymous with simplicity, is it always an uphill battle to try to keep security simple especially if we're expanding into new services and cloud environments? Could this be why the foundations are still a struggle for everyone?
All links and images for this episode can be found on CISO Series (https://cisoseries.com/look-freshmen-cisos-get-ready-to-pounce/) What could possibly be a better way to welcome newly hired CISOs to the security community than with a shiny new sales pitch? This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest is Wayne Reynolds, CISO, Toyota Financial Savings Bank. Thanks to this week's podcast sponsor, AppOmni. AppOmni is the leading provider of SaaS security and management platform for the enterprise. AppOmni provides unprecedented data access visibility, management and security of SaaS, enabling organizations to secure mission-critical and sensitive data. With AppOmni, organizations can automatically and continuously enforce rules for data access, data sharing and third-party applications. On this week's episode Why is everyone talking about this now? Our guest, Wayne Reynolds posted the good news about his new CISO role. While he got the expected kudos, he also got lots of sales emails. In the short conversation we had in preparation for this episode, six pitches came in. He counted 731 vendor pitches in just five days. Given the situation, we have all seen an uptick in pitches, across all industries, not just cybersecurity. Vendors want to make some type of connection. If they weren't pitching, what would be a more acceptable outreach? It’s time for “Ask a CISO” What can security startups do to prepare for and prove to prospects that their solution won't slow down operations? Thanks to John Prokap, CISO, HarperCollins for pointing me to this great article on CIO.com by Yoav Leitersdorf of YL Ventures on mistakes security startups make. One concern was on the issue of startups losing this specific focus. From the article, Peter Bodine, AllegisCyber Capital said, "I cannot stress how much of a difference productivity makes to the CISOs we consult with. So, as an investor, our attention is immediately piqued when we learn that a POC took fewer resources than a regular POC, because it often means that they developed their process early enough with a customer satisfaction person. We really don't see that very often, but when we have, we've written a check almost right on the spot, just because they take so much sand out of the gears and make it so much easier for a yes decision to occur.” "What's Worse?!" Do you want to be the one to reveal the cybersecurity incident or do you want somebody else to reveal it? What's a CISO to do? In the world of DevOps I'm constantly seeing the desire for developers to be security aware. But the point of DevOps is to be aggressively competitive. That's something I often don't see security people understanding or literally being aware of. Nicolas Valcarcel of NextRoll gave me heads up on a post by Mike Sherma of Square about having dev champions on the security team to advocate for the software engineering experience and design principles. Is this a good idea, and if so how would it be rolled out and what would be the benefits? How to become a CISO Prior to the unfortunate COVID-19 crisis we at the CISO Series were planning on hosting our very own one-day event to train security leaders. That event will happen eventually, but right now it's on hold. The whole idea is we were going to have a group of CISOs training a group of wannabe CISOs to be CISOs. Wayne is a strident mentor for wannabe CISO. At any time he's got 4 or 5 security professionals you're mentoring. We discuss the core skills security professionals are lacking to become CISOs, and what mentorship does to help you get those skills.
A new segment where Dukes declares an answer on a hard topic and the great Joe Fortenbaugh of the Bay Area to discuss the Trent trade.
All links and images for this episode can be found on CISO Series (https://cisoseries.com/cleaning-those-tough-to-reach-digital-identity-stains/) We're trying to erase our past and it's becoming harder and harder to clean that history. This week’s episode of CISO/Security Vendor Relationship Podcast features me, David Spark (@dspark), producer of CISO Series, and co-host Mike Johnson. Our guest is Davi Ottenheimer (@daviottenheimer), vp of trust and digital ethics, Inrupt. Thanks to this week's podcast sponsor, Reciprocity. ZenGRC by Reciprocity is a cloud-based GRC software that automates and simplifies compliance and risk management, solving critical problems at scale while customizing to your business needs. Adhering to the majority of regulations is a snap with pre-built templates and a unified system of record. Learn more at reciprocitylabs.com. On this week's episode Why is everybody talking about this now? On Quora, the question was asked, "What are some ways to protect identities on the Internet?" Mike and Davi offer their advice. It's time for "Ask a CISO" The Three As: Authentication, Authorization, and Auditing or Accounting. How do they interrelate? What's the order? And have we been doing it wrong? It's time to play, "What's Worse?!" How are you going to handle having a very well known exploit? Close your eyes, breathe in. It's time for a little security philosophy. On Quora, the question was asked, "What should I do to completely erase my digital identity for good?" It seems impossible, and probably is, but how what steps would one need to get rid of our online identities? It's time to play, "What Is It and Why Do I Care?" We're introducing a brand new game today called "What Is It and Why Do I Care?" Here's how the game is played. I have three pitches from three different vendors who are all in the same category, application security. I have asked the reps to first, in 25 words or less, just explain their category. So give me a simple explanation of application security. That's the "What Is It?" and then for the "Why Do I Care?" I asked them to explain what differentiates them or makes them unique also in 25 words or less. It is up to Mike and Davi to pick your favorite of each and explain why. I only reveal the winning contestants and their companies. If you would like to be a contestant for "What Is It and Why Do I Care?" just go here and fill out the simple SurveyMonkey form.
Dukes talks to a guy reporting on the Redskins and holding a baby.