CISO Series Podcast-logo

CISO Series Podcast

Technology Podcasts

Formerly named CISO/Security Vendor Relationship Podcast. Discussions, tips, and debates from security practitioners and vendors on how to work better together to improve security for themselves and everyone else.

Formerly named CISO/Security Vendor Relationship Podcast. Discussions, tips, and debates from security practitioners and vendors on how to work better together to improve security for themselves and everyone else.

Location:

United States

Description:

Formerly named CISO/Security Vendor Relationship Podcast. Discussions, tips, and debates from security practitioners and vendors on how to work better together to improve security for themselves and everyone else.

Language:

English


Episodes

Gartner Creates Another Category for Everyone to Ignore

5/24/2022
All links and images for this episode can be found on CISO Series I have talked to vendors who get all excited about Gartner opening up a new category for them. All I can think is uggh, something new to confuse the security marketplace. I know there's a need to label products in categories to simplify sales. But the complexity is driving buyers nuts. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL...

Duration:00:32:35

A Look Back at Foolish Security Policies of Past and Present

5/17/2022
All links and images for this episode can be found on CISO Series Are bad security policies of yesteryear just because we didn't know any better at the time, or were they some bozos idea of legitimate security yet the rest of us knew it was just security theater? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Dr. Diane M Janosek (@dm_janosek), deputy director of compliance, NSA and senior legal advisor for Women in...

Duration:00:39:53

Decommission Our Legacy Tech or Just Shut Down the Business?

5/10/2022
All links and images for this episode can be found on CISO Series Legacy tech can often be the anchor that prevents an organization from growing. Put the issue of dealing with legacy tech long enough and the problem could get bigger than the business itself. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is TJ Mann (@teejaymann), CISO, Children's Mercy Kansas City. Thanks to our...

Duration:00:37:16

Life’s Certainties: Death, Taxes, and Violating Security Policies

5/3/2022
All links and images for this episode can be found on CISO Series People violate cybersecurity policies at a rate of one out of every 20 job tasks. It's just a matter of time before all your employees are in violation. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Bruce Schneier (@schneierblog), chief of security architecture, Inrupt and fellow and lecturer and Harvard Kennedy...

Duration:00:33:16

Is It a Promotion or a Red Flag Telling You To Get Out?

4/26/2022
All links and images for this episode can be found on CISO Series A young woman is killing it in her first cybersecurity job out of college. Management is so thrilled with her that they want to give her a promotion. Problem is the promotion reveals a lot of other innerworkings that don't speak well of the company's culture. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Davi Ottenheimer (@daviottenheimer), vp trust and digital ethics,...

Duration:00:39:39

It’s a Great Job, But I’m Alone and Terrified

4/19/2022
All links and images for this episode can be found on CISO Series First job out of college and you get the cybersecurity job of your dreams... and nightmares. It's just too much, and you definitely don't have the experience to handle it all. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Rick Doten (@rick_doten), CISO, Carolina Complete Health. Check out Rick's Youtube channel with the CIS Critical Security Control...

Duration:00:36:43

Instead of Increased Cybersecurity, Could We Just Order Less Risk?

4/12/2022
All links and images for this episode can be found on CISO Series "No business wants more security, they want less risk," said a redditor on the cybersecurity subreddit. Executives seem to not care about cybersecurity because they're not talking in those terms. They talk in terms of managing risk. It's the InfoSec professional's job to do the translation. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Tom Doughty, vp and...

Duration:00:35:41

Why CISOs Avoid the Dreaded “Request a Demo” Button

4/5/2022
All links and images for this episode can be found on CISO Series A CISO hears about your company's product from some other CISOs. Eager to find more information like a video demo they could watch on their own, they visit your site. They can't find anything except a prominently placed "Request a Demo" button. Fearing the marketing and salespeople who will hound them if they fill out the information, they just bail. This week’s episode is hosted by me, David Spark (@dspark), producer of...

Duration:00:39:04

What’s Next in Cybersecurity? Look at Last Year and Expect More

3/29/2022
All links and images for this episode can be found on CISO Series The web is awash with sites claiming they know what the security trends will be for 2022. All of them were filled with quotes from security experts at different vendors who "surprise" we're saying the big trend is what their product can fix. One publication, eWEEK, had probably the only logical set of trends and they look a lot like what happened in 2021. This week’s episode is hosted by me, David Spark (@dspark), producer...

Duration:00:33:13

Are You Attending the “What to Worry About Next” Security Conference?

3/22/2022
All links and images for this episode can be found on CISO Series Are security conferences really helpful in advising you on making your business more secure, or are they just adding more worries to your plate that aren't actually going to be threats your business is going to have to face? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Jason Witty, CSO, USAA. Thanks to our podcast...

Duration:00:35:53

It's BAAAACK! The Return of “We Could Have Stopped That Breach”

3/15/2022
All links and images for this episode can be found on CISO Series Our entire network launched because of the irritation CISOs had with vendors could have stopped some breach that happened to another company. Then the chest pounding subsided, and we thought we were making an impact, until Log4j appeared... This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Tim Rohrbaugh, CISO, JetBlue. Thanks to our sponsor, CyCognito By...

Duration:00:34:28

How to Be So Awesome CISOs Can’t Ignore You

3/8/2022
All links and images for this episode can be found on CISO Series The trick to getting the attention of CISOs is to create an awesome company. Focus on that and the attention will follow. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Katie Stebbins (@ktlgs), board president, Global Epic. Thanks to our podcast sponsor, Kenna Security Kenna Security, now part of Cisco, is the...

Duration:00:32:32

Attract the Best Candidates with Crappy Benefits and Low Pay

3/1/2022
All links and images for this episode can be found on CISO Series If you're up against Google, Facebook, or Apple for hiring talent, chances are pretty good that your company is not going to match their pay and benefits. So if they're the bar for salary and benefits, your business' offerings will inevitably be subpar. So how do you build your employer brand to contend in areas where you're deficient in areas you can't compete? This week’s episode is hosted by me, David Spark (@dspark),...

Duration:00:32:27

If the Network Is Up, Somebody Is Violating Our Acceptable Use Policy

2/22/2022
All links and images for this episode can be found on CISO Series Every organization has an Acceptable Use Policy (AUP) for their computers and network. Nobody reads it and everybody violates it. How the heck do you enforce or discipline people who violate your company's AUP? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Matt Radolec, senior director, incident response...

Duration:00:35:22

What We Lack In Security We'll Make Up in School Spirit

2/15/2022
All links and images for this episode can be found on CISO Series Yikes, this security hole one concerned student found in the school's network is going to require one heck of a pep rally to fix. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Dave Stirling, CISO, Zions Bancorporation. Thanks to our podcast sponsor, Varonis On average, an employee can access 17 million files on...

Duration:00:32:56

What's the Least Annoying Way to Follow Up with a CISO?

2/8/2022
All links and images for this episode can be found on CISO Series If we had such a great conversation at the conference, why don't you want to respond to my emails? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Julie Tsai (@446688), cybersecurity leader. Thanks to our podcast sponsor, Varonis What is your ransomware blast radius? The average user can access 17 million files. Varonis reduces your blast radius in days,...

Duration:00:34:12

Why Ignoring Most of Your Vulnerabilities Is the Best Strategy

2/1/2022
All links and images for this episode can be found on CISO Series Winning at vulnerability management is not a numbers game. It's a tactical exercise of what matters most in your environment. Surprisingly, experts tell us close to two thirds of your vulnerabilities can and should be ignored. Why and which ones are those? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Ed...

Duration:00:34:15

Why We Quickly Reject 95% of All Applicants

1/25/2022
All links and images for this episode can be found on CISO Series If you're asking what certification you should go after to get the perfect cybersecurity job, you're asking the wrong question. Most hiring managers are inundated with resumes so they're looking for ways to get rid of yours. Don't be fooled thinking you're going to be seen because you have the "perfect" resume. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is...

Duration:00:36:51

Security So Good Your Users Won't Use It

1/18/2022
All links and images for this episode can be found on CISO Series CISOs agree that multi-factor authentication is the one security control that once deployed has the greatest impact to reduce security issues. Yet with all that agreement, it’s still so darn hard to get users to actually use it. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Arvind Raman (@arvind78), CISO, Mitel. Huge thanks to our sponsor,...

Duration:00:35:34

We've Never Taken On So Much Risk

1/11/2022
All links and images for this episode can be found on CISO Series It's all risk, all show, for the entire show. It's just the kind of risk we like to take. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our sponsored guest is Derek Vadala (@derekvadala), chief risk officer, BitSight. Thanks to our podcast sponsor, BitSight These are challenging times for security professionals. From managing third party supply chain risk, to...

Duration:00:35:23