All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is my guest, Thom Langford, CISO, Velonetic.

In this episode:

• Why do lots of businesses pledge to never pay ransomware demands?

• And why do their priorities quickly change when they need to get the business back to normal after an attack occurs?

• What good is a pledge like that without the infrastructure and organizational commitment to make it possible?

Thanks to our podcast sponsor, CyberMaxx

CyberMaxx offers MaxxMDR, our next-generation managed detection and response (MDR) solution that helps customers assess, monitor, and manage their cyber risks. MaxxMDR fuels defensive capabilities with insights from offensive security, DFIR, and threat hunting, on top of a technology-agnostic deployment model. We think like an adversary but defend like a guardian.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our sponsored guest, Matt Radolec, vp, incident response and cloud operations, Varonis.

In this episode:

• Why is retaining cyber talent so hard?

• How can organizations keep an employee from going elsewhere?

• Why do organizations often not prioritize the factors to keep key employees?

Thanks to our podcast sponsor, Varonis

Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest, Joshua Brown, vp and global CISO, H&R Block.

In this episode:

• Why is retaining cyber talent so hard?

• How can organizations keep an employee from going elsewhere?

• Why do organizations often not prioritize the factors to keep key employees?

Thanks to our podcast sponsor, CyberMaxx

CyberMaxx offers MaxxMDR, our next-generation managed detection and response (MDR) solution that helps customers assess, monitor, and manage their cyber risks. MaxxMDR fuels defensive capabilities with insights from offensive security, DFIR, and threat hunting, on top of a technology-agnostic deployment model. We think like an adversary but defend like a guardian.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Alex Green, CISO, Delta Dental.

In this episode:

• Is it true that employees cause as many significant cybersecurity incidents as outside threat actors?

• Does this come down to a lack of awareness or poorly designed security implementation?

• And what can we do to improve this situation?

Thanks to our podcast sponsor, Silk Security

Silk makes it easy for security teams to resolve more critical cyber risks in a fraction of the time. Instead of toiling over spreadsheets, and watching alert backlog graphs go up, Silk helps security teams contextualize, prioritize and collaborate with stakeholders in IT to regain control over their risk posture.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest, Shawn Bowen, svp and CISO, World Kinect Corporation.

In this episode:

• Is it true that CISOs feel their jobs are harder than ever with higher levels of stress?

• Yet why does research also show that CISO job satisfaction increasing?

• How do we make sense of this contradiction?

Thanks to our podcast sponsor, Silk Security

Silk makes it easy for security teams to resolve more critical cyber risks in a fraction of the time. Instead of toiling over spreadsheets, and watching alert backlog graphs go up, Silk helps security teams contextualize, prioritize and collaborate with stakeholders in IT to regain control over their risk posture.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our sponsored guest, Nadav Lotan, product management team leader, Cisco.

In this episode:

• How can security teams do their jobs without seeming like an impediment to developers?

• Why can this relationship seem oppositional?

• How can both sides work together to better secure software without seeming like a road block?

Thanks to our podcast sponsor, Panoptica, Cisco’s Cloud Application Security Platform

Panoptica, Cisco’s Cloud Application Security solution, provides end-to-end lifecycle protection for cloud native application environments. It empowers organizations to safeguard their APIs, serverless functions, containers, and Kubernetes environments. Panoptica ensures comprehensive cloud security, compliance, and monitoring at scale, offering deep visibility, contextual risk assessments, and actionable remediation insights for all your cloud assets.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our guest, Jamil Farshchi, evp and CISO, Equifax.

In this episode:

• Data leaks are hard enough to deal with when caused by threat actors, but how bad is a self-inflicted data leak?

• Why do these types of incidents happen?

• How should an organization assess the risk it introduced?

Thanks to our podcast sponsor, Varonis

Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our sponsored guest, Yoav Nathaniel, co-founder and CEO, Silk Security.

In this episode:

• Why does it seem like securing APIs is so hard? Is it just a matter of complexity? 

• Why does it seem like we can’t go a week without hearing reports of a data leak caused by a failure in API security?

• Why do organizations struggle with API security?

Thanks to our podcast sponsor, Silk

Silk makes it easy for security teams to resolve more critical cyber risks in a fraction of the time. Instead of toiling over spreadsheets, and watching alert backlog graphs go up, Silk helps security teams contextualize, prioritize and collaborate with stakeholders in IT to regain control over their risk posture.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our sponsored guest, Jay Trinckes, director of compliance, Thoropass.

In this episode:

• Why do credential stuffing attacks put organizations in such a tricky spot?

• Why is blaming the victim rarely the right move?

• What kind of reasonable expectations can companies have about how much users will do to protect themselves?

Thanks to our podcast sponsor, Thoropass

Still spending time collecting evidence and worrying about breaking free of an infinite audit loop? Relax! We fixed audits. Thoropass provides complete infosec compliance management, continuous monitoring, and security audits through AI-infused software and expert guidance – allowing you to do business with confidence. Learn more at www.thoropass.com.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our guest Kelly Haydu, vp, infosec, technology, and enterprise applications, CarGurus.

In this episode:

• What other career fields are rife with talent that could successfully transition into our industry?

• What kind of framework do we need to surface a more diverse array of talent?

• Also, what happens when a vendor goes over your head to the CEO?

Thanks to our podcast sponsor, Panoptica, Cisco’s Cloud Application Security Platform

Panoptica, Cisco’s Cloud Application Security solution, provides end-to-end lifecycle protection for cloud native application environments. It empowers organizations to safeguard their APIs, serverless functions, containers, and Kubernetes environments. Panoptica ensures comprehensive cloud security, compliance, and monitoring at scale, offering deep visibility, contextual risk assessments, and actionable remediation insights for all your cloud assets.

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Grant Anthony, CISO, Orion Health.

In this episode:

• Why getting buy-in to your security awareness program is so critical?

• Why do so many organizations get it so wrong?

• What framework can we apply to actually build trust with security awareness?

Thanks to our podcast sponsors, Varonis

Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment. It takes minutes to set up and in 24 hours you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today.