Podcasts about yl ventures

  • 28PODCASTS
  • 110EPISODES
  • 35mAVG DURATION
  • 1EPISODE EVERY OTHER WEEK
  • Jun 19, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about yl ventures

Latest podcast episodes about yl ventures

The FIT4PRIVACY Podcast - For those who care about privacy
CISO Role In Age of AI with Nick Shevelyov and Punit Bhatia in the FIT4PRIVACY Podcast E141 S06

The FIT4PRIVACY Podcast - For those who care about privacy

Play Episode Listen Later Jun 19, 2025 30:23


In the AI era, trust is everything and it's under attack. How do you build digital trust when AI is changing the rules and attackers are getting smarter? Discover how today's CISOs are stepping up, adapting to AI risks, and learning from history to protect our digital future. In this episode of the Fit4Privacy Podcast, host Punit Bhatia is joined by Nick Shevelyov, a cybersecurity expert with extensive experience as a CISO and Chief Privacy Officer, and author of Cyber War and Peace. The discussion focuses on the evolving challenges for Chief Information Security Officers (CISOs) in the age of AI, highlighting risks such as deep fakes and hyper-targeted attacks. Nick emphasizes the importance of translating technical risks into business risks for board members and discusses the implications of new AI legislation, particularly California's SB 468.  Tune in to gain insights into managing digital trust, safeguarding personal data, and the strategic initiatives needed to combat emerging cybersecurity threats.  KEY CONVERSION POINT 00:01:50 How would you define the concept of trust 00:05:26 How do you place trust? How are they shifting? What kind of swans? 00:09:06 How are CISO coping with the change of AI era? 00:20:01 Insights in CISO Perspective for US/California direction in law of terms 00:23:06 About “Cyber War…and Peace: Building Digital Trust Today, with History as our Guide” book 00:27:50 How to get in touch with Nick   ABOUT GUEST Nick Shevelyov helps build next-gen tech companies from the ideation stage. His work includes StackRox (Kubernetes security, acquired by Red Hat for $400M), Kodem (software composition analysis, Greylock Series A), Bedrock Security (data-loss prevention, Greylock Series A), and Laminar (shadow data discovery, Insight Ventures Series A).He advises founders and CEOs on product and go-to-market strategy, boosting time-to-value for companies like Pixee.ai, Quokka.io, Boostsecurity.io, and ETZ. He works across all stages, from seed to IPO.Nick consults with Insight Partners (also an LP) and FTV Capital, and serves on advisory boards for ForgePoint Capital, Mayfield Fund, Evolution Equity Partners, NightDragon, YL Ventures, and Glynn Capital.He is on the boards of Cofense | Phishme and the Bay Area CSO Council (BACC), an invite-only group of CISOs from leading Bay Area companies. A former CIO, he is also an honorary member of the Blumberg Technology Council.Nick authored Cyber War…and Peace and brings historical and behavioral insights to tech and risk management. He holds an Executive MBA from USF and certifications from Stanford, Harvard, plus CISSP, CISM, and CIPPE.ABOUT HOST Punit Bhatia is one of the leading privacy experts who works independently and has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organization culture with high privacy awareness and compliance as a business priority. Selectively, Punit is open to mentor and coach professionals.Punit is the author of books “Be Ready for GDPR” which was rated as the best GDPR Book, “AI & Privacy – How to Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured amongst top GDPR and privacy podcasts.As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one's value to have joy in life. He has developed the philosophy named ‘ABC for joy of life' which passionately shares. Punit is based out of Belgium, the heart of Europe.  RESOURCES Websites: www.fit4privacy.com,www.punitbhatia.com,https://www.linkedin.com/in/nicholasshevelyov/, https://vcso.ai/   Podcast https://www.fit4privacy.com/podcast Blog https://www.fit4privacy.com/blog YouTube http://youtube.com/fit4privacy   

CISO-Security Vendor Relationship Podcast
We Checked the “Yes” Box for Cybersecurity. What Else Do We Have to Do?

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jun 17, 2025 41:24


All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alex Hall, CISO, Gensler. In this episode: Evaluating secure messaging beyond the app Reframing compliance as a business enabler Incremental security investment vs. crisis response Why culture, not punishment, drives secure behavior Huge thanks to our sponsor, Vanta Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.  

CISO-Security Vendor Relationship Podcast
Aside From Text, Images, and Videos, GenAI Can't Fool Me (Live in Boston)

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jun 10, 2025 46:53


All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is our sponsored guest, Sam Curry, global vp, CISO at Zscaler. This episode was recorded at a Zscaler event in Boston, MA. In this episode: Guardrails for decision making under fatigue Preparing for quantum threats Strategic use of generative AI Reassessing outdated knowledge Huge thanks to our sponsor, Zscaler Zscaler is a cloud-based cybersecurity company that provides secure internet access and private application access. Its platform replaces traditional network security by delivering Zero Trust architecture, protecting users, data, and applications regardless of location. Zscaler's scalable services help organizations modernize IT and reduce risk with seamless, cloud-native security solutions.

CISO-Security Vendor Relationship Podcast
AI Isn't Going to Take Your Job, It's Going to Eliminate It! (LIVE at BSidesSF)

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jun 3, 2025 44:44


All images and links can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alexandra Landegger, global head of cyber strategy & transformation, RTX. In this episode: A cybersecurity fast-track? When Ambition Becomes a Liability Giving the CVE Program the Credit It Deserves Elevating human cyber talent with AI Huge thanks to our sponsors, Nudge Security, SecurityScorecard, and Vanta Take control of SaaS security and AI governance with Nudge Security. Start a free trial today and get a full inventory of all SaaS and GenAI accounts in minutes along with risk insights and automation to help you quickly improve your security posture. Get started here: nudgesecurity.com/cisoseries   Third-party risk doesn't stop at monitoring. SecurityScorecard delivers real-time detection and response across your supply chain—helping you fix vulnerabilities before they become breaches. Empower your team with expert-driven remediation, continuous vendor oversight, and board-ready insights that drive results.   Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

CISO-Security Vendor Relationship Podcast
I Can't Choose. I Love All My Assets Equally.

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later May 27, 2025 34:18


All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Tim Jacobs, vp, CISO, Commonwealth Care Alliance. In this episode: Starting from zero Prepare for decisive decisions Working back from unacceptable Discovering inefficiencies  A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.  

CISO-Security Vendor Relationship Podcast
I'm Not Looking Down at You, I'm Looking Down at What You're Doing

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later May 13, 2025 41:40


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest, Saket Modi, co-founder and CEO, SAFE Security. In this episode: Elevating AI to table stakes Security for the real world Using dynamic models for TPRM The agentic AI augmentation  Huge thanks to our sponsor, SAFE Security SAFE (#1 platform to unify the management of all cyber risks) has reinvented cyber risk management with Agentic AI. We help CISOs, TPRM, and GRC leaders become strategic business partners by automating the understanding, prioritization and management of cyber risk—accelerating AI adoption and digital transformation.

CISO-Security Vendor Relationship Podcast
They're Not AI Mistakes, They're Happy Little Incidents

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later May 6, 2025 45:35


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series, and Andy Ellis, partner of YL Ventures. Their sponsored guest is Jadee Hanson, CISO of Vanta. In this episode: Find a partner to work with Fixing the root of burnout The limitations of human vigilance Balancing openness and control Thanks to our sponsor, Vanta. Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

CISO-Security Vendor Relationship Podcast
Data Minimization Means We Don't Tell You What We're Collecting

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Apr 22, 2025 41:53


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series, and Andy Ellis, partner, YL Ventures. Joining us is Mandy Huth, svp, CISO, Ultra Clean Technology. In this episode: Start with good defaults Building talent bridges Don't forget the humans Differentiating with privacy Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

CISO-Security Vendor Relationship Podcast
Welcome to Cybersecurity: Where Everything Is Made Up and the Points Don't Matter

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Apr 15, 2025 40:53


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is Mike D'Arezzo, executive director of infosec and GRC, Wellstar Health Systems. In this episode: The shift left myth Reconsidering CISO evaluations The power of “how” Building bridges Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

CISO-Security Vendor Relationship Podcast
With AI, Don't Think Like a Hacker, Think Like the Whole of Society

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Apr 8, 2025 39:04


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is our sponsored guest Nathan Hunstad, director, security at Vanta. In this episode: Thinking like AI Building off a solid foundation Start with ownership Following the leader Big thanks to our sponsor, Vanta Automate, centralize, & scale your GRC program with Vanta. Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

CISO-Security Vendor Relationship Podcast
How to Best Maintain a Healthy Work-Work Balance in Cybersecurity

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Mar 18, 2025 40:56


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is Edward Contreras, senior evp and CISO, Frost Bank.  In this episode: A gradual language shift Don't reflexively rise and grind Lean into focus Gauging the unmeasurable  Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

CISO-Security Vendor Relationship Podcast
Our CISO Might Be Virtual, But the Lack of Respect Is Genuine

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Mar 11, 2025 34:16


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Mike Wilkes, former CISO, Major League Soccer. In this episode: Are we misusing vCISOs? Cybersecurity is out to sea Planning for your exit Building up your quantum reflexes Thanks to our podcast sponsor, Tines Build, run, and monitor your most important workflows with Tines. Tines' smart, secure workflow platform empowers your whole team regardless of their coding abilities, environment complexities, or tech stack. From low code, no code to natural language, anyone can get up and running in minutes – not days or weeks. Learn more at https://tines.com/cisoseries

CISO-Security Vendor Relationship Podcast
All Cybersecurity Problems Are Easy to Fix… With Unlimited Time and Budget

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Mar 4, 2025 39:09


All links and images for this episode can be found on CISO Series.   This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Adam Holland, former CISO, the Wendy's Company, now CISO of Ascension Healthcare.   In this episode: The long road to influence The effort to build a bridge Living within limits Motivation for security awareness  Thanks to our podcast sponsor, Vanta! Say goodbye to spreadsheets and screenshots. Vanta automates evidence collection needed for audits with over  350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across over 35 frameworks, you'll streamline compliance— and never duplicate your efforts.

CISO-Security Vendor Relationship Podcast
Every Failed Startup Starts as a Dream for a Single Pane of Glass

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Feb 25, 2025 37:11


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Shaun Marion, vp, CSO, Xcel Energy. In this episode: Setting policy The hard thing about soft skills Never let a good crisis go to waste Avoiding the tarpit  Thanks to our podcast sponsor, Noma Security! Secure your entire Data & AI Lifecycle—from development to production and classic data engineering to GenAI. Noma's full-lifecycle platform delivers seamless protection against risks like misconfigured data pipelines, malicious models, and adversarial AI attacks, empowering AppSec teams with complete visibility, security, and compliance—without disrupting data and AI teams' workflows.

CISO-Security Vendor Relationship Podcast
Fix it? Let's Just Get Rid of It.

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Feb 18, 2025 36:47


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest, Danny Jenkins, CEO, ThreatLocker. In this episode: A zero-day upgrade Don't let a pentest go bad Improving user training Cybersecurity is made for people Thanks to our podcast sponsor, ThreatLocker! ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

CISO-Security Vendor Relationship Podcast
Our Developers' New Motto is “LLM Take the Wheel”

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Feb 4, 2025 37:09


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Deneen DeFiore, Vice President & Chief Information Security Officer, United Airlines. In this episode: Minding the gap Copilot overreliance Opening up the field Navigating the SMB cyber insurance conundrum Thanks to our podcast sponsor, Vanta! Say goodbye to spreadsheets and screenshots  Vanta automates evidence collection needed for audits with over  350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across over 35 frameworks, you'll streamline compliance— and never duplicate your efforts.

Fund/Build/Scale
2025 Cybersecurity Trends, Insights and Storytelling Advice from YL Ventures' Andy Ellis

Fund/Build/Scale

Play Episode Listen Later Jan 9, 2025 44:15


In this episode of Fund/Build/Scale, I talked with YL Ventures Partner Andy Ellis (a former CISO) about his approach to storytelling, tactics for founder-led sales and marketing, and why he thinks the cybersecurity hiring challenge isn't a talent shortage, but a market misunderstanding. We also discussed refining product-market fit, customer discovery methods and pitfalls like believing in one's own narrative too strongly. The conversation also touched on hiring strategies, managing design partnerships, and maintaining humility as a founder. “The basic entry level skill of reading the room is knowing when somebody already agrees with you,” said Andy. RUNTIME 44:15 EPISODE BREAKDOWN (1:44) Andy describes his day-to-day work at YL Ventures with founders. (4:08)  "It's like you now have an infant, and your only job as a parent is to create a competent adult.” (6:33) How he prefers to be pitched. (7:52)  ”The art of storytelling is taking a message and putting it in a narrative vehicle.” (14:38) The biggest storytelling mistakes early-stage founders make. (17:08) “ The basic entry level skill of reading the room is knowing when somebody already agrees with you.” (18:50) “ Fear is a hard, hard sale… It's so transparent and CISOs do this every day.” (19:36) Common cybersecurity GTM missteps. (21:40)  ”The moment that you can sell the same product to two different companies, you should have a sales rep.” (23:45) How Andy helps founders read the room when they're trying to make a sale. (27:20) “ You're hiring really out of a very different pool when you're in the cybersecurity space.” (29:08) “ Stealth is sort of a misnomer, but we're still sort of stuck in it.” (30:54) What to say if you want someone to quit their cushy job and join your risky startup. (32:46)  Rock-star hires are “fantastic if they stumble into your lap, but you can't go look for them.” (35:08) “ That first marketer you hire needs to be able to do a lot of things.” (39:05) “People with massive egos have a lot of humility.” (41:20) Trends in cybersecurity and AI he's excited about in 2025. LINKS Andy Ellis 1% Leadership: Master the Small, Daily Improvements that Set Great Leaders Apart csoandy.com YL Ventures YL Ventures' The State of the Cyber Nation 2024 (PDF) SUBSCRIBE TO FUND/BUILD/SCALE LinkedIn Substack Instagram Thanks for listening! – Walter.

CISO-Security Vendor Relationship Podcast
Ewww! How Long Has This Router Been in the Fridge?

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jan 7, 2025 38:52


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Yabing Wang, VP and CISO, Justworks. In this episode: Building a path to action Cracking the EOL conundrum The burning platform question Uncertainty is our only constant Thanks to our podcast sponsor, Entro! Reclaim control of your non-human identities with Entro Security! Our platform securely manages non-human identities and secrets throughout their lifecycle. Detect and prevent unusual activity before it becomes a threat. Trust Entro to safeguard your non-human identities in today's complex digital ecosystem.

CISO-Security Vendor Relationship Podcast
Once You Show Me Your Diploma, I'll Explain Why We Don't Gatekeep

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Nov 19, 2024 39:47


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Jimmy Benoit, vp, cybersecurity, PBS. In this episode: Starting early on security awareness The limits of gamification Technically qualified Understanding your risk tolerance Thanks to our podcast sponsor, Bitdefender! Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services.

CISO-Security Vendor Relationship Podcast
Luckily, We Haven't Had to Adapt to Any New Technologies Before AI

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Nov 5, 2024 40:40


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest Jadee Hanson, CISO, Vanta. In this episode: Embracing BYOAI The changing government contractor landscape Creating better security outcomes Automating supply chain security Thanks to our podcast sponsor, Vanta! Say goodbye to spreadsheets and screenshots. Vanta automates evidence collection needed for audits with over  350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across 30 frameworks, you'll streamline compliance— and never duplicate your efforts.

CISO-Security Vendor Relationship Podcast
We Need to Hire a Unicorn But We Only Have Budget for a Donkey

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Oct 29, 2024 35:16


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Jason Shockey, CISO, Cenlar FSB. In this episode: Ground the SOC in communication Training and mentoring talent Nailing a first security hire A case for optimism Thanks to our podcast sponsor, Bitdefender! Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services.

CISO-Security Vendor Relationship Podcast
We're Lowering the Requirement for Entry Level to Just 8 Years of Experience

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Oct 1, 2024 36:10


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Steve Person, CISO, Cambia Health. In this episode: The changing CISO landscape Rethinking the cybersecurity talent shortage Sharpening your CISO skills Do CISOs need to go back to school? Thanks to our podcast sponsor, Vanta! Whether you're starting or scaling your security program, Vanta helps you automate compliance across SOC 2, ISO 27001, and more. Streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies use Vanta to manage risk and prove security.

CISO-Security Vendor Relationship Podcast
Our Cybersecurity Journey Starts With a Single Overworked Staffer

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Sep 10, 2024 41:18


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is Kush Sharma, Director Municipal Modernization & Partnerships, Municipal Information Systems Association, Ontario (MISA Ontario). In this episode: Your first security hire Moving beyond the basics with critical infrastructure Untangling the Gordian Knot of municipal cybersecurity Starting from square one Thanks to our podcast sponsor, Material Security! Material Security is a multi-layered email threat detection & response toolkit designed to stop attacks and reduce the threat surface across all of Microsoft 365 and Google Workspace. Learn more at material.security.

CISO-Security Vendor Relationship Podcast
Red Flag? My Vendor Just Asked for My Mother's Maiden Name

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Sep 3, 2024 37:50


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is Bethany De Lude, CISO, the Carlyle Group. In this episode: CISOs as storytellers Grinding a CISO's gears An evolving role Earning trust with vendors Thanks to our podcast sponsor, Scrut Automation! Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Our best-in-class features like process automation, AI, and 75+ native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit www.scrut.io to learn more or schedule a demo.

CISO-Security Vendor Relationship Podcast
Well, I Think My Relationship With the CIO Improved When I Took Their Job

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Aug 27, 2024 37:21


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is Ty Sbano, CISO, Vercel. In this episode: Perception is the reality for insider threats Coaching rather than shaming Working to make DevOps redundant Fixing a strained relationship Thanks to our podcast sponsor, Backslash! Backslash Security is your modern AppSec solution, focusing on what truly matters—real risks. Gain clear visibility into your applications and fix only the code and open-source software that's actually in use, making your AppSec smarter and more efficient. Learn more at https://www.backslash.security/.

CISO-Security Vendor Relationship Podcast
I Said I Was Technically a CISO, Not a Technical CISO

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Aug 20, 2024 42:14


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is Fredrick Lee (Flee), CISO, Reddit. In this episode: The case for the technical CISO Making Recall safe for business The aches and pains of cybersecurity hiring Leveling up municipal cybersecurity Thanks to our podcast sponsor, ThreatLocker! ThreatLocker® is a global leader in Zero Trust endpoint security offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

CISO-Security Vendor Relationship Podcast
Why Are Fortune 500 Companies Swiping Right on 3-Person Startups?

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Aug 13, 2024 39:13


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is Justin Somaini, partner, YL Ventures. In this episode: The startup balancing act Giving back is its own reward When to pen test Getting ahead with generative AI policy Thanks to our podcast sponsor, Vanta! Whether you're starting or scaling your security program, Vanta helps you automate compliance across SOC 2, ISO 27001, and more. Streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies use Vanta to manage risk and prove security.

CISO-Security Vendor Relationship Podcast
We Make Threat Actors Read Our Resiliency Policy Before Attacking Us

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Aug 6, 2024 37:39


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is Patti Titus, CISO, Booking Holdings. In this episode: Defense vs. Resilience Communication is on par with mitigation Preparing like its post-quantum The challenges and opportunities of diversity Thanks to our podcast sponsor, Cyera! Cyera's AI-powered data security platform gives companies visibility over their sensitive data, context over the risk it represents, and actionable, prioritized remediation guidance.
 As a cloud-native, agentless platform, Cyera provides holistic data security coverage across SaaS, PaaS, IaaS and on-premise environments. Visit www.cyera.io to learn more.

The Conference Room with Simon Lader
Ep. 145 - Startup to Seed: The Story of an Early Stage Founder

The Conference Room with Simon Lader

Play Episode Listen Later Jul 29, 2024 41:40


In this week's episode of The Conference Room, host Simon Lader sits down with Daniel Shechter, Co-founder and CEO of Miggo Security, to share his journey from serving in the Israeli Defense Forces to becoming a cybersecurity entrepreneur. Daniel delves into his experiences in the IDF's intelligence units, his time at McKinsey, and the inception of Miggo Security, discussing the challenges and triumphs along the way.      00:00 Introduction to the episode and guest, Daniel Shechter  01:28 Transition from the IDF to McKinsey and eventually co-founding Migo Security.  03:08 Collaboration with co-founder Tzahi and their project at Unit 8200.  05:19 Daniel's entrepreneurial journey and passion for building innovative solutions.  07:32 Miggo Security to protect organizations from application layer attacks.  11:13 Turning the concept into reality and gaining initial seed funding.  13:22 Building the initial team and partnership with YL Ventures.  16:35 The primary challenges of entrepreneurship and the value of customer   19:11 The significance of building trust and resilience in the cybersecurity industry.  21:48 Reflections on the unexpected ease of certain aspects of the journey  23:16 Daniel discusses the initial challenges of managing marketing   26:03 Daniel explains the challenge of staying focused on solving the core problems 29:24 The importance of building trusted relationships with early adopters  31:02 Daniel explores why Israel has a high success rate in creating startups  34:10 Daniel shares his top three tips for aspiring tech entrepreneurs  37:39 Daniel talks about Miggo's mission to stop application attacks and breaches  39:23 Daniel discusses the importance of partnerships and invites listeners  40:34 Daniel Shechter emphasizes the importance of thinking about inclusivity         To learn more about Daniel Shechter please visit his Linkedin Profile  To learn more about Miggo Security please visit their website                YOUR HOST - SIMON LADER            Simon Lader is the host of The Conference Room, Co-Founder of global executive search firm Salisi Human Capital, and lead generation consultancy Flow and Scale. Since 1997, Simon has helped cybersecurity vendors to build highly effective teams, and since 2022 he has helped people create consistent revenue through consistent lead generation.                Get to know more about Simon at:            Website: https://simonlader.com/    Twitter: https://twitter.com/simonlader    LinkedIn: https://www.linkedin.com/in/headhuntersimonlader/            The Conference Room is available on    Spotify Apple podcasts Amazon Music IHeartRadio                 

CISO-Security Vendor Relationship Podcast
I Don't Want Insider Risk. You Take It.

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jul 16, 2024 34:15


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our sponsored guest, Abhishek Agrawal, CEO and co-founder, Material Security. In this episode: What does defense in depth look like in the cloud? Collaborating on insider risk Email is a vector and a target Understand risk during an IPO Thanks to our podcast sponsor, Material Security! Material Security is a multi-layered email threat detection & response toolkit designed to stop attacks and reduce the threat surface across all of Microsoft 365 and Google Workspace. Learn more at material.security.

The Conference Room with Simon Lader
Ep. 143 - The Role of Venture Capital in the Cybersecurity Sector

The Conference Room with Simon Lader

Play Episode Listen Later Jul 15, 2024 46:47


In this week's episode of The Conference Room, host Simon Lader sits down with Justin Somaini, a veteran in the cybersecurity industry and a partner at Wild Ventures. Justin  Somaini shares his journey from military bases in Germany to becoming a career CSO and advisor to early-stage cyber vendors. He delves into the intricacies of cybersecurity, the evolving landscape, and the challenges that remain constant over the decades. Join us as we explore his experiences, insights, and the fascinating world of cybersecurity.      03:46 - Defining the role and responsibilities of a CSO.  05:18 - Importance of understanding material problems in cybersecurity.  07:18 - Nature of cybersecurity and the constant arms race between attackers and defenders.  10:10 - Challenges in vulnerability management and the impact of procedural issues on security.  16:16 - The significance of social engineering and the importance of employee education in preventing breaches.  21:20 - The lag in security implementation for new technologies and the role of startups in filling these gaps.  22:53 - Security challenges and the emergence of new security vendors   23:22 - Justin discusses the complexities of portfolio construction and the high-risk nature of VC investments.  25:06 - The unpredictability of market trends and the importance of solving material problems.  26:44 - The role of founders in navigating challenges and pivoting when necessary.  28:11 - Emerging issues in cybersecurity, including the need to secure new technologies   34:01 - The complexities of using open-source code and continuous development.  37:03 - Practical tips for individuals to add value to their security teams and the importance of automation.  42:18 - Justin Somaini shares his excitement about the future of the VC ecosystem         To learn more about Justin Somaini please visit his Linkedin Profile   To learn more about YL Ventures please visit their website                 YOUR HOST - SIMON LADER            Simon Lader is the host of The Conference Room, Co-Founder of global executive search firm Salisi Human Capital, and lead generation consultancy Flow and Scale. Since 1997, Simon has helped cybersecurity vendors to build highly effective teams, and since 2022 he has helped people create consistent revenue through consistent lead generation.                Get to know more about Simon at:            Website: https://simonlader.com/    Twitter: https://twitter.com/simonlader    LinkedIn: https://www.linkedin.com/in/headhuntersimonlader/            The Conference Room is available on    Spotify Apple podcasts Amazon Music IHeartRadio   

CISO-Security Vendor Relationship Podcast
How About This? Only Attack the Endpoints We Configured

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jun 25, 2024 40:19


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest and winner of Season 2 of Capture the CISO, Russell Spitler, CEO and co-founder, Nudge Security. In this episode: The Gordian knot of EDR Can we keep up with patching? Making AI practical Standardization or granularity? Thanks to our podcast sponsor, ThreatLocker! ThreatLocker® is a global leader in Zero Trust endpoint security offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

CISO-Security Vendor Relationship Podcast
Who You Gonna Call? LEGAL COUNSEL!

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jun 11, 2024 37:53


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest, Ryan Bachman, evp and global CISO, GM Financial. In this episode: A changing of the executive guard? Playing nice with cyber insurance What does leadership want out of a CISO? Who does a CISO call first? Thanks to our podcast sponsor, Vanta Whether you're starting or scaling your security program, Vanta helps you automate compliance across SOC 2, ISO 27001, and more. Streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies use Vanta to manage risk and prove security.

CISO-Security Vendor Relationship Podcast
I'm Rewarding Your Successful Use of the Security Budget by Giving You Less of It

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jun 4, 2024 37:25


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is my guest, Aamir Niazi, executive director and CISO, SMBC Capital Markets. In this episode: Communicating security accomplishments Spotting red flags in an interview What does offensive security look like today? Where Gen AI is fitting into cybersecurity Thanks to our podcast sponsor, Cyera Cyera's AI-powered data security platform gives companies visibility over their sensitive data, context over the risk it represents, and actionable, prioritized remediation guidance.
 As a cloud-native, agentless platform, Cyera provides holistic data security coverage across SaaS, PaaS, IaaS and On-premise environments. Visit www.cyera.io to learn more.

CISO-Security Vendor Relationship Podcast
You Can't Leak What You Don't Collect

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later May 21, 2024 34:30


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our sponsored guest, Jeremiah Roe, advisory CISO, OffSec. In this episode: What happens as data minimization in the US changes from a potential policy goal to a regulatory imperative? How does this impact the rest of the industry? How do CISOs start getting ready for compliance? Thanks to our podcast sponsor, OffSec OffSec helps companies like Cisco, Google, and Salesforce upskill cybersecurity talent through comprehensive training and resources. With programs ranging from red team and blue team training and more, your team will be ready to face real-world threats. Request a free trial for your team to explore OffSec's learning library and cyber range.

CISO-Security Vendor Relationship Podcast
Our Help Desk Plaque Reads “Over 100,000 Threat Actors Served”

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later May 14, 2024 35:48


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest, Martin Mazor, vp and CISO, onsemi. In this episode: Has the shine worn off the cybersecurity promise of MFA? Why are threat actors increasingly finding ways to get around it? Given the high profile attacks we've seen getting around MFA, how much security stock should we put into it going forward? Thanks to our podcast sponsor, Material Security Material Security is a multi-layered email threat detection & response toolkit designed to stop attacks and reduce the threat surface across all of Microsoft 365 and Google Workspace. Learn more at material.security.

CISO-Security Vendor Relationship Podcast
We'll Invest in Resilience as Soon as the Ransom Payment Clears

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Apr 23, 2024 35:35


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is my guest, Thom Langford, CISO, Velonetic. In this episode: Why do lots of businesses pledge to never pay ransomware demands? And why do their priorities quickly change when they need to get the business back to normal after an attack occurs? What good is a pledge like that without the infrastructure and organizational commitment to make it possible? Thanks to our podcast sponsor, CyberMaxx CyberMaxx offers MaxxMDR, our next-generation managed detection and response (MDR) solution that helps customers assess, monitor, and manage their cyber risks. MaxxMDR fuels defensive capabilities with insights from offensive security, DFIR, and threat hunting, on top of a technology-agnostic deployment model. We think like an adversary but defend like a guardian.

CISO-Security Vendor Relationship Podcast
Our Benefits Include Medical, Dental, and Burnout

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Apr 9, 2024 43:14


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest, Joshua Brown, vp and global CISO, H&R Block. In this episode: Why is retaining cyber talent so hard? How can organizations keep an employee from going elsewhere? Why do organizations often not prioritize the factors to keep key employees? Thanks to our podcast sponsor, CyberMaxx CyberMaxx offers MaxxMDR, our next-generation managed detection and response (MDR) solution that helps customers assess, monitor, and manage their cyber risks. MaxxMDR fuels defensive capabilities with insights from offensive security, DFIR, and threat hunting, on top of a technology-agnostic deployment model. We think like an adversary but defend like a guardian.

CISO-Security Vendor Relationship Podcast
Your Biggest Threats Don't Get a Ransom Payment, They Get a Paycheck

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Apr 2, 2024 36:21


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Alex Green, CISO, Delta Dental. In this episode: Is it true that employees cause as many significant cybersecurity incidents as outside threat actors? Does this come down to a lack of awareness or poorly designed security implementation? And what can we do to improve this situation? Thanks to our podcast sponsor, Silk Security Silk makes it easy for security teams to resolve more critical cyber risks in a fraction of the time. Instead of toiling over spreadsheets, and watching alert backlog graphs go up, Silk helps security teams contextualize, prioritize and collaborate with stakeholders in IT to regain control over their risk posture.

CISO-Security Vendor Relationship Podcast
A Stressed CISO Is a Happy CISO

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Mar 26, 2024 38:32


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest, Shawn Bowen, svp and CISO, World Kinect Corporation. In this episode: Is it true that CISOs feel their jobs are harder than ever with higher levels of stress? Yet why does research also show that CISO job satisfaction increasing? How do we make sense of this contradiction? Thanks to our podcast sponsor, Silk Security Silk makes it easy for security teams to resolve more critical cyber risks in a fraction of the time. Instead of toiling over spreadsheets, and watching alert backlog graphs go up, Silk helps security teams contextualize, prioritize and collaborate with stakeholders in IT to regain control over their risk posture.

CISO-Security Vendor Relationship Podcast
We Can't Fail at API Security If We Never Even Try

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Mar 5, 2024 35:23


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our sponsored guest, Yoav Nathaniel, co-founder and CEO, Silk Security. In this episode: Why does it seem like securing APIs is so hard? Is it just a matter of complexity?  Why does it seem like we can't go a week without hearing reports of a data leak caused by a failure in API security? Why do organizations struggle with API security? Thanks to our podcast sponsor, Silk Silk makes it easy for security teams to resolve more critical cyber risks in a fraction of the time. Instead of toiling over spreadsheets, and watching alert backlog graphs go up, Silk helps security teams contextualize, prioritize and collaborate with stakeholders in IT to regain control over their risk posture.

CISO-Security Vendor Relationship Podcast
I'm Stuffed, I Just Couldn't Take Another Credential

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Feb 27, 2024 38:41


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our sponsored guest, Jay Trinckes, director of compliance, Thoropass. In this episode: Why do credential stuffing attacks put organizations in such a tricky spot? Why is blaming the victim rarely the right move? What kind of reasonable expectations can companies have about how much users will do to protect themselves? Thanks to our podcast sponsor, Thoropass Still spending time collecting evidence and worrying about breaking free of an infinite audit loop? Relax! We fixed audits. Thoropass provides complete infosec compliance management, continuous monitoring, and security audits through AI-infused software and expert guidance – allowing you to do business with confidence. Learn more at www.thoropass.com.

CISO-Security Vendor Relationship Podcast
It's Like a Trust Fall, But We Know You'll Hit the Floor

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Feb 13, 2024 34:42


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Grant Anthony, CISO, Orion Health. In this episode: Why getting buy-in to your security awareness program is so critical? Why do so many organizations get it so wrong? What framework can we apply to actually build trust with security awareness? Thanks to our podcast sponsors, Varonis Ready to reduce your risk without taking any? Try Varonis' free data risk assessment. It takes minutes to set up and in 24 hours you'll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today.

CISO-Security Vendor Relationship Podcast
For CISOs, It's Less of a Golden Parachute and More a Pair of Brown Pants

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jan 23, 2024 44:48


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Trina Ford, CISO, iHeartMedia. In this episode: Why has the landscape for CISOs seemed particularly perilous in the past year? Does there  seem to be more responsibilities with very real legal consequences attached to the role? There is a lot of guidance out there for CISO candidates negotiating for a new position, but what can a current CISO do once they are already in the role? Thanks to our podcast sponsors, Thoropass Still spending time collecting evidence and worrying about breaking free of an infinite audit loop? Relax! We fixed audits. Thoropass provides complete infosec compliance management, continuous monitoring, and security audits through AI-infused software and expert guidance – allowing you to do business with confidence. Learn more at www.thoropass.com.

CISO-Security Vendor Relationship Podcast
Elvis Is Alive and He's Reusing Your Passwords

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jan 16, 2024 37:57


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Bob Schuetter, CISO, Ashland. In this episode: What should a company do when their name is in the press, but they didn't actually suffer a security incident? How much difference is there in responding to a fake data breach versus a real one? How would you handle responding to a fake breach claim? Thanks to our podcast sponsors, Thoropass Still spending time collecting evidence and worrying about breaking free of an infinite audit loop? Relax! We fixed audits. Thoropass provides complete infosec compliance management, continuous monitoring, and security audits through AI-infused software and expert guidance – allowing you to do business with confidence. Learn more at www.thoropass.com.

CISO-Security Vendor Relationship Podcast
This Security Crisis Is the Perfect Time to Tell You I Was Right

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Jan 2, 2024 42:42


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures.  Joining me is our guest this week, Mike Kelley, CISO, EW Scrips. In this episode: Why do a lot of security professionals feel unheard? Does this frustration lead to some turning into scolds during a security incident, quick to say "I told you so"? How do you manage these security pros when they don't feel heard, both before and during a crisis? Thanks to our podcast sponsors, Praetorian Praetorian helps companies adopt a prevention-first cybersecurity strategy by actively uncovering vulnerabilities and minimizing potential weaknesses before attackers can exploit them.

CISO-Security Vendor Relationship Podcast
We're Not Home. Please Leave Your Company's Data After the Beep

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Nov 14, 2023 43:31


All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Arvin Bansal, former CISO for Nissan Americas. In this episode: Why are so many companies unprepared for phone-based social engineering? Why do many orgs not give this attack surface the attention it deserves? Are we doing enough to support whistleblowers in cybersecurity? Thanks to our podcast sponsor, Palo Alto Networks As cloud attacks increase, how should AppSec respond? Hear from Daniel Krivelevich, CTO of AppSec at Palo Alto Networks, as he dives into modern application security strategies that can help teams defend their engineering ecosystems from modern attacks. Watch now to level up your AppSec program.

CISO-Security Vendor Relationship Podcast
I Taught DeNiro Security Theater, I Can Teach You.

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Oct 31, 2023 39:12


All links and images for this episode can be found on CISO Series. In principle, we can generally all agree that security theater is a waste of time for security teams. But the reality is that these are things that look good, so it can be hard to justify to non-technical leadership why you're eliminating something they see as secure. So how can we positively identify actual security theater practices and how do we communicate that to the rest of the organization? This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Davi Ottenheimer, vp of trust and digital ethics, Inrupt. Thanks to our podcast sponsor, Sysdig For businesses innovating in the cloud, every second counts. Sysdig strengthens cyber resilience by reducing the attack surface, detecting threats in real time, and accelerating incident response. Our platform correlates signals across cloud workloads, identities, and services to enable businesses to prioritize risks and act decisively. Sysdig. Secure every second. In this episode: Is security theater a waste of time for security teams? Why can it be hard to justify to non-technical leadership why you're eliminating something they see as secure? How can we positively identify actual security theater practices and how do we communicate that to the rest of the organization?

CISO-Security Vendor Relationship Podcast
Threats In SaaS Are Closer Than They Appear

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Oct 10, 2023 36:53


All links and images for this episode can be found on CISO Series. Organizations know that securing SaaS is vital. But polls consistently show they also know their current security isn't cutting it. With security teams acting more as SaaS supervisors than app owners, how can we reduce the glaring gaps in our SaaS defenses? This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our sponsored guest, Rohan Sathe, co-founder and CTO, Nightfall AI. Thanks to our podcast sponsor, Nightfall Nightfall is the leader in cloud data leak prevention. Integrate in minutes with cloud apps such as Slack and Jira to instantly protect data (PII, PHI, Secrets and Keys, PCI) and prevent breaches. Stay compliant with frameworks such as ISO 27001 and more — all powered by Nightfall's industry-leading ML detection. In this episode: With security teams acting more as SaaS supervisors than app owners, how can we reduce the glaring gaps in our SaaS defenses? How can we secure new technology without creating new risks? If security no longer owns SaaS security, then how can they go about closing these gaps?

CISO-Security Vendor Relationship Podcast
We Can Name 50 CISOs. Let's Give Them an Award!

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Oct 3, 2023 38:01


All links and images for this episode can be found on CISO Series. If you search online, you'll find no dearth of lists claiming to rank the top security leaders. The question is, how do these actually get created? Most of the time, these lists include CISOs from the biggest companies, or the ones with the best name recognition. But is that any kind of objective criteria? These lists generally serve the interest of boosting the credibility of the publisher, rather than being based on any kind of rigor. Is there any way to make these lists anything but fluff? This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest, Janet Heins, CISO, iHeartMedia. Thanks to our podcast sponsor, LimaCharlie Whether you're looking for endpoint security, an observability pipeline, detection and response rules, or other underlying security capabilities, LimaCharlie's SecOps Cloud Platform helps you build a flexible and scalable security program that can evolve as fast as threat actors. Move your SecOps into the modern era. Learn more at limacharlie.io. In this episode: If you search online, you'll find no dearth of lists claiming to rank the top security leaders. The question is, how do these actually get created? Is there any kind of objective criteria? Is there any way to make these lists anything but fluff?