CISO Dojo Podcast-logo

CISO Dojo Podcast

News & Politics Podcasts

The CISO Dojo podcast looks at various security leader topics and guests discuss their paths in information security that lead them to where they are at today.

The CISO Dojo podcast looks at various security leader topics and guests discuss their paths in information security that lead them to where they are at today.

Location:

United States

Description:

The CISO Dojo podcast looks at various security leader topics and guests discuss their paths in information security that lead them to where they are at today.

Twitter:

@cisodojo

Language:

English

Contact:

4057720224


Episodes

Dealing with Burn Out and GPEN Versus OSCP

7/25/2021
In this episode I talk about an approach to deal with burn out on your team. This is based on a study located here. I also look at the GPEN versus the OSCP certification in this episode.

Duration:00:09:51

Meet Paul Tucker CISO of Bank of Oklahoma

7/12/2021
Paul Tucker CISO of Bank of Oklahoma joins us for this episode of the CISO Dojo Podcast. Paul Tucker is Senior Vice President and Chief Information Security and Privacy Officer at BOK Financial. In this role Tucker leads the cybersecurity team responsible for the banks efforts to protect information important to the banks operation, while ensuring the overall cyber resiliency and privacy of the bank.

Duration:00:43:13

Cloud Security, Casinos, Supply Chain Attacks, INFOSEC Bikini, and Haters of Pants

7/7/2021
Joe Sullivan and Stacy Dunn wrap up the the third part of their cloud security series. The episode extends into current events with casino ransomware attacks, supply chain attacks, and why casinos should not be getting breached. We also talk about Social Media happenings like INFOSEC Bikini, the negative element on Twitter, and haters of pants.

Duration:00:43:29

Attack Surface Management & Threat Intelligence with Alex Tarter

6/28/2021
Alex Tarter joins us on the podcast to discuss attack surface management and threat intelligence. Alex is one of the founding members of TurgenSec which has recently had an interesting string of responsible disclosures related to: Check out Alex at: www.turgensec.comsecurity@turgensec.com

Duration:01:00:02

Stacy Dunn on Diversity, Equity, and Inclusivity | Part 3

6/14/2021
Part 3: Action items and actionable information; Give insights into how to support marginalized people and adopt better hiring practices. Sources: https://www.thisishowyoucan.com/post/__wheel_of_power_and_privilege https://www.forumone.com/ideas/why-and-how-to-prioritize-dei-at-your-organization/ http://greenlining.org/wp-content/uploads/2018/03/DEI-Framework.pdf ...

Duration:00:17:24

Meet CISO Chad Kliewer

6/7/2021
Chad Kliewer, CISO of Pioneer Telephone shares his journey in information security where he overcame nearly insurmountable challenges. Chad has faced broad use of credential sharing, placing the mouse on the monitor, because this is how it's supposed to work right? Chad has survived Sox audits and even the SolarWinds attack. There's so much to learn from this episode from a CISO and information security perspective! Connect with Chad on Twitter @ChadKliewer

Duration:01:03:12

CISO Dojo Ransomware Special Edition

6/4/2021
The White House just release a special document to the private sector about responsibility and steps to prevent ransomware. Quoting directly from the document: Companies that view ransomware as a threat to their core business operations rather than a simple risk of data theft will react and recover more effectively. The document goes on to talk about best practices such as: These are all basic activities organization need to start implementing now. The ransomware threat is escalating,...

Duration:00:15:52

Stacy Dunn on Diversity, Equity, and Inclusivity | Part 2

5/31/2021
Part of being an effective security leader is understanding and including people from all types of backgrounds. Usually, it’s talk tech, security, and strategy, but for these episodes, it’s time to discuss the 8th layer and how acceptance is not just 1’s and 0’s. In this short solo three-parter, Stacy will take you through the who, what, when, and why of Diversity, Equity, and Inclusivity. (DEI) Sources for Part 2: https://www.hrc.org/resources/hate-crimes-timeline ...

Duration:00:20:48

Stacy Dunn on Diversity, Equity, and Inclusivity | Part 1

5/24/2021
In this episode Stacy Dunn talks about Diversity, Equity, and Inclusivity and how we can get better at improving the culture of the information security workplaces and community. Part of being an effective security leader is understanding and including people from all types of backgrounds. Usually, it’s talk tech, security, and strategy, but for these episodes, it’s time to discuss the 8th layer and how acceptance is not just 1’s and 0’s. In this short solo three-parter, Stacy will take you...

Duration:00:23:42

Hiring Pen Testers, Hacking Holidays, and Hand Grenades

5/17/2021
Chris Elgee is a senior security analyst and Core NetWars Tournament design lead for Counter Hack, and commander of the Army National Guard's 126th Cyber Protection Battalion. At Counter Hack, Chris is responsible for the design and implementation of NetWars challenges and has created some of the player-favorite challenges throughout NetWars and the Holiday Hack Challenge. Chris also teaches SEC560 for the SANS Institute. Read more about Chris Elgee at:...

Duration:00:36:36

From Reverse Engineering Malware to CISO

5/10/2021
Lenny is the CISO at Axonius, which is a cybersecurity tech company. Lenny has also helped build anti-malware software at an innovative startup and oversaw security services at a Fortune 500 technology company. He has also lead the consulting practice at a leading cloud services provider. Lenny is also a Fellow Instructor at SANS and is the primary author of FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques. Lennny maintains a popular malware analysis tool kit...

Duration:00:50:37

Cloud Security Part 2

5/3/2021
In this episode we discuss concerns with security in the cloud that organizations need to be aware of. Moving to the cloud doesn't automatically mean it's more secure. We'll take a look at the CIS Controls and how you can implement them in a cloud environment to better secure your networks and data. The topics discussed in this episode are:

Duration:00:37:06

Cloud Security

4/27/2021
In this episode we discuss concerns with security in the cloud that organizations need to be aware of. Moving to the cloud doesn't automatically mean it's more secure. We'll take a look at the CIS Controls and how you can implement them in a cloud environment to better secure your networks and data.

Duration:00:33:06

Cyberstalking

4/20/2021
Stalking- What is it, exactly? And, more importantly, what do you do if it happens to you? What are the steps you can take and how can you understand ways to better protect yourself? What are the avenues for reporting stalking? How has technology impacted stalking and what can we do, as a society, to keep these behaviors from perpetuating? National...

Duration:00:39:59

Data Governance

4/12/2021
Data governance is a huge undertaking when you don't build it in at the start. In this episode Stacy and Joe discuss data governance programs, the NIST Privacy Framework, and how to build a successful data governance program.

Duration:00:35:41

The Birth Of a CISO

4/5/2021
This week's episode acts as a follow up to provide answers to your burning questions following the interview of our special guest, Gordon Rudd of Stone Creek Coaching, who trains and coaches aspiring and current CISO's. But, how do you know if you want to be a CISO. Heck- What is a CISO? It's in the name, right? How do we know exactly what a Chief Information Security Officer is? Does the definition change between organizations? Are the expectations the same? Listen as Joe and Stacy...

Duration:00:22:16

From Fortran to CISO to Executive Coaching

3/29/2021
Gordon Rudd joins us for this week's episode of the podcast. Gordon Rudd is a former CISO, executive coach, author, keynote speaker, and teacher with Stone Creek Coaching. Gordon founded the CISO Mentoring Project in 2012 and is an engaged mentor to many aspiring and active CISOs around the world. He founded Stone Creek Coaching in 2019 to help create world-class, cybersecurity leaders. Gordon is a regular instructor with (ISC)2 an international, nonprofit association for information...

Duration:01:09:20

My Path in Information Security: Stacy Dunn

3/22/2021
In this episode of CISO Dojo, Stacy outlines how she broke through into the field of Information Technology, and, subsequently, Cyber Security. How does one connect the dots from being a Retail Store Manager with an Associate's in Fine Arts to becoming an aspiring Security Engineer with one of the world's largest security companies? Stained shirts and socks with sandals, that's how! What...? Wait just a minute...? Yeah, that's right! But, what does that have to do with...

Duration:00:23:46

My Path in Information Security

3/15/2021
This episode starts a new series about non traditional paths to information security. This series will post every Monday when we don't have a guest on the show. In this series we will look at ways to get into information security and how to progress in your career. This pilot starts out with my own path in information security from auto technician, to CISO, to consultant.

Duration:00:12:37

Risk Assessments, Frameworks, and Approaches

3/8/2021
Risk Assessments, Frameworks, and Approaches Risk Assessments are the topic for this episode of the CISO Dojo Podcast. What is a risk assessment: The identification, evaluation, and estimation of the levels of risks involved in a situation, with comparisons against benchmarks or standards, and determination of an acceptable level of risk. There are two types of risk assessments we discuss in this episode: Quantitative Risk Assessment:Qualitative Risk Assessment: Risk Assessment...

Duration:01:20:35