Formerly named CISO/Security Vendor Relationship Podcast. Discussions, tips, and debates from security practitioners and vendors on how to work better together to improve security for themselves and everyone else.
…
continue reading
Microsoft’s Chief Information Security Officer (CISO), Bret Arsenault, chats with his CISO peers and industry leaders about the biggest challenges in cybersecurity today, plus practical guidance for security practitioners. Be sure to listen in and follow us!Security Unlocked: CISO Series with Bret Arsenault is produced by Microsoft and distributed as part of The CyberWire Network. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
1
How About This? Only Attack the Endpoints We Configured
40:19
40:19
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
40:19
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest and winner of Season 2 of Capture the CISO, Russell Spitler, CEO and co-founder, Nudge Security. In this episode: Th…
…
continue reading
1
The Post-it Note Clearly Says “Don’t Share” Right Under My Password
37:19
37:19
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
37:19
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is our sponsored guest, Allan Alford, CISO, Eclypsium. In this episode: Evolving public-private partnerships New technology, but not a new challenge Securin…
…
continue reading
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest, Ryan Bachman, evp and global CISO, GM Financial. In this episode: A changing of the executive guard? Playing nice w…
…
continue reading
1
I’m Rewarding Your Successful Use of the Security Budget by Giving You Less of It
37:25
37:25
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
37:25
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is my guest, Aamir Niazi, executive director and CISO, SMBC Capital Markets. In this episode: Communicating security accomplishme…
…
continue reading
1
Ransomware? Why’d It Have to Be Ransomware? (Live in San Francisco)
44:03
44:03
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
44:03
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is Steve Zalewski, co-host, Defense in Depth. Recorded live at BSidesSF. In this episode: Are companies taking the air out of the open source balloon? What’…
…
continue reading
1
You Can’t Leak What You Don’t Collect
34:30
34:30
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
34:30
…
continue reading
1
Our Help Desk Plaque Reads “Over 100,000 Threat Actors Served”
35:48
35:48
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
35:48
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest, Martin Mazor, vp and CISO, onsemi. In this episode: Has the shine worn off the cybersecurity promise of MFA? Why ar…
…
continue reading
1
Can’t Talk, I’m Onboarding My Kids To Their First Soccer Practice (Live in Mountain View, CA)
44:55
44:55
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
44:55
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is our guest, TC Niedzialkowski, CISO, Nextdoor. In this episode: Has the line between work and personal devices blurred? Why are we seeing signs that that …
…
continue reading
1
I Really Shouldn’t Have Agreed to Variable Rate Technical Debt
35:54
35:54
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
35:54
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our sponsored guest, Aaron Shaha, CISO, CyberMaxx. In this episode: Is technical debt an inevitability in any organization? How do you go about "paying i…
…
continue reading
1
We’ll Invest in Resilience as Soon as the Ransom Payment Clears
35:35
35:35
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
35:35
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is my guest, Thom Langford, CISO, Velonetic. In this episode: Why do lots of businesses pledge to never pay ransomware demands? A…
…
continue reading
1
We Could Lower Risk If We Shrunk Our Business
38:19
38:19
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
38:19
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our sponsored guest, Matt Radolec, vp, incident response and cloud operations, Varonis. In this episode: Why is retaining cyber talent so hard? How can o…
…
continue reading
1
Our Benefits Include Medical, Dental, and Burnout
43:14
43:14
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
43:14
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest, Joshua Brown, vp and global CISO, H&R Block. In this episode: Why is retaining cyber talent so hard? How can organi…
…
continue reading
1
Your Biggest Threats Don’t Get a Ransom Payment, They Get a Paycheck
36:21
36:21
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
36:21
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Alex Green, CISO, Delta Dental. In this episode: Is it true that employees cause as many significant cybersecurity …
…
continue reading
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our guest, Shawn Bowen, svp and CISO, World Kinect Corporation. In this episode: Is it true that CISOs feel their jobs are har…
…
continue reading
1
BREAKING: “Department of No” Upgraded to “Department of Slow”
36:47
36:47
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
36:47
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our sponsored guest, Nadav Lotan, product management team leader, Cisco. In this episode: How can security teams do their jobs without seeming like an im…
…
continue reading
1
A Threat Actor Just “Liked” My Dashboard Screenshot
35:21
35:21
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
35:21
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our guest, Jamil Farshchi, evp and CISO, Equifax. In this episode: Data leaks are hard enough to deal with when caused by threat actors, but how bad is a…
…
continue reading
1
We Can’t Fail at API Security If We Never Even Try
35:23
35:23
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
35:23
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our sponsored guest, Yoav Nathaniel, co-founder and CEO, Silk Security. In this episode: Why does it seem like securing APIs i…
…
continue reading
1
I’m Stuffed, I Just Couldn’t Take Another Credential
38:41
38:41
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
38:41
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our sponsored guest, Jay Trinckes, director of compliance, Thoropass. In this episode: Why do credential stuffing attacks put …
…
continue reading
1
Is There a Konami Code For Cyber Talent?
38:30
38:30
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
38:30
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our guest Kelly Haydu, vp, infosec, technology, and enterprise applications, CarGurus. In this episode: What other career fields are rife with talent tha…
…
continue reading
1
It’s Like a Trust Fall, But We Know You’ll Hit the Floor
34:42
34:42
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
34:42
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Grant Anthony, CISO, Orion Health. In this episode: Why getting buy-in to your security awareness program is so cri…
…
continue reading
1
How Can We Apply Our Shadow IT Failings to Botch Our AI Policy? (LIVE in Clearwater)
42:26
42:26
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
42:26
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Brett Conlon, CISO, American Century Investments. Joining me is our guest, Mical Solomon, CISO, Port Authority of NY and NJ. In this episode: Does the hype around generative AI tools make it seem…
…
continue reading
1
Maybe If You Worked Harder Your Burnout Wouldn’t Be Such a Liability
33:47
33:47
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
33:47
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our guest, Shyama Rose, CISO and head of IT, Affirm. In this episode: What is the impact of burnout to your security team directly? Does burnout directly…
…
continue reading
1
For CISOs, It’s Less of a Golden Parachute and More a Pair of Brown Pants
44:48
44:48
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
44:48
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Trina Ford, CISO, iHeartMedia. In this episode: Why has the landscape for CISOs seemed particularly perilous in the…
…
continue reading
1
Elvis Is Alive and He’s Reusing Your Passwords
37:57
37:57
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
37:57
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Bob Schuetter, CISO, Ashland. In this episode: What should a company do when their name is in the press, but they d…
…
continue reading
1
SSO No You Didn't (LIVE in La Jolla, CA)
42:36
42:36
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
42:36
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Billy Norwood, CISO, FFF Enterprises. Joining us is our guest, Joshua Barons, head of information security at San Diego Zoo Wildlife Alliance. In this episode: Wasn't single sign-on supposed to s…
…
continue reading
1
This Security Crisis Is the Perfect Time to Tell You I Was Right
42:42
42:42
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
42:42
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest this week, Mike Kelley, CISO, EW Scrips. In this episode: Why do a lot of security professionals feel unheard? Does …
…
continue reading
1
You’re Not Leaving This House Until You Cover Up That LLM
40:36
40:36
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
40:36
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Richard Ford, CTO, Praetorian. In this episode: Why do many CISOs think adopting new LLM-based tools will make brea…
…
continue reading
1
We Got This Far Without Hiring a Prompt Engineer
45:27
45:27
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
45:27
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our guest, Suresh Vasudevan, CEO, Sysdig. In this episode: What will the employment landscape look like with Generative AI becoming the next big thing? W…
…
continue reading
1
Ugh, Lawyers Take All the Fun Out of Surviving a Cyberattack (LIVE in Las Vegas)
44:03
44:03
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
44:03
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and sponsored co-host Jason Sabin, CTO, DigiCert. Joining us is our guest, Alexandra Landegger, executive director of security, Collins Aerospace. In this episode: Are CISOs prepared for the legal su…
…
continue reading
1
Dear Abby: Should I Sell to a CISO During a Cyberattack? (LIVE in Mountain View)
44:44
44:44
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
44:44
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our guest, Kurt Sauer, CISO, Docusign. We recorded in front of a live audience at Microsoft’s offices in Mountain View, CA as part of the ISSA-Silicon Va…
…
continue reading
1
We’re Not Home. Please Leave Your Company’s Data After the Beep
43:31
43:31
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
43:31
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our guest, Arvin Bansal, former CISO for Nissan Americas. In this episode: Why are so many companies unprepared for phone-base…
…
continue reading
1
Hey, Let’s Merge Our Technical Debt With Your Understaffed Security Team! (LIVE in Miami)
44:08
44:08
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
44:08
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Adam Zoller, svp, CISO at Providence. Joining me is our guest Sam Jacques, vp of clinical engineering, McLaren Health Care. In this episode: When should cybersecurity be brought into the discussi…
…
continue reading
1
I Taught DeNiro Security Theater, I Can Teach You.
39:12
39:12
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
39:12
All links and images for this episode can be found on CISO Series. In principle, we can generally all agree that security theater is a waste of time for security teams. But the reality is that these are things that look good, so it can be hard to justify to non-technical leadership why you’re eliminating something they see as secure. So how can we …
…
continue reading
1
A CEO’s Guide To Ignoring Your Security Program (LIVE in Santa Monica)
44:09
44:09
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
44:09
All links and images for this episode can be found on CISO Series. Usually the buck stops with the CEO. But for a CISO, what do you do when a CEO wants to exempt themselves from your security program? Whether it's granting privileged network access or just ignoring protocols, it can put a CISO in a tough spot. So how do you deal with a leader that …
…
continue reading
1
Security Awareness Lifecycle: Turn On, Tune In, Drop Out
38:02
38:02
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
38:02
All links and images for this episode can be found on CISO Series. When it comes to security awareness, the advice generally doesn't change. There are a set of best practices that have proven to be effective. So we know what we want to tell people. Communicate it consistently. So how do we relay that information without sounding like a broken recor…
…
continue reading
1
Threats In SaaS Are Closer Than They Appear
36:53
36:53
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
36:53
All links and images for this episode can be found on CISO Series. Organizations know that securing SaaS is vital. But polls consistently show they also know their current security isn’t cutting it. With security teams acting more as SaaS supervisors than app owners, how can we reduce the glaring gaps in our SaaS defenses? This week’s episode is ho…
…
continue reading
1
We Can Name 50 CISOs. Let’s Give Them an Award!
38:01
38:01
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
38:01
All links and images for this episode can be found on CISO Series. If you search online, you'll find no dearth of lists claiming to rank the top security leaders. The question is, how do these actually get created? Most of the time, these lists include CISOs from the biggest companies, or the ones with the best name recognition. But is that any kin…
…
continue reading
1
C is for C-Suite, Except If You’re a CISO
43:27
43:27
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
43:27
All links and images for this episode can be found on CISO Series. CISOs are common among the Fortune 500. But it remains rare to see them listed in executive leadership. Given that every company says security is of prime importance, why aren’t CISOs named within the top company echelons? This week’s episode is hosted by me, David Spark (@dspark), …
…
continue reading
1
Part Man. Part Machine. All CISO. (Live in D.C.)
42:24
42:24
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
42:24
All links and images for this episode can be found on CISO Series. We’ve heard a lot of talk about the security risks with emerging AI technologies. A lot of these center around employees using large language models. But what about the potential benefits of this technology for cybersecurity? Could we eventually see a de facto AI CISO on the job? Th…
…
continue reading
1
Is This Just Bad Or “Call The Feds” Bad?
38:33
38:33
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
38:33
All links and images for this episode can be found on CISO Series. In everyday life, it's often clear when to call in the authorities. Someone egging your house might not rise to the occasion, but a break-in gets a call to the cops. It's less clear when it comes to a cyberattack. What constitutes a significant attack and what are the regulatory req…
…
continue reading
1
Giving Slack Slack Will Lead Your Teams to Discord
37:32
37:32
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
37:32
All links and images for this episode can be found on CISO Series. Even before the pandemic, we've been increasingly living in online collaboration apps. So why are organizations still making basic security mistakes with them? Is this a case of shadow IT or do these apps present unique challenges? This week’s episode is hosted by me, David Spark (@…
…
continue reading
1
Please Take Some Pens and Our Company Data On Your Way Out
40:12
40:12
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
40:12
All links and images for this episode can be found on CISO Series. Every company deals with off-boarding employees. Yet it feels like many organizations make basic security mistakes in this process. Is it just a case of HR and IT being out of sync, or is this an inevitably leaky process? This week’s episode is hosted by me, David Spark (@dspark), p…
…
continue reading
1
If You Care About Security, Maybe This Guilt Tactic Will Work
39:27
39:27
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
39:27
All links and images for this episode can be found on CISO Series. Security vendors want to engage with CISOs. Yet many choose tactics that seem blatantly insulting. It might seem obvious that asking a CISO if they care about security does nothing to ingratiate yourself, but we still have inboxes full of these types of messages. So what can a vendo…
…
continue reading
1
5 Years Required to Write a Better Job Description
44:59
44:59
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
44:59
All links and images for this episode can be found on CISO Series. We're seeing increasing recognition that cybersecurity jobs should focus on competency rather than years of experience. But how do you create job posts to encourage that? And how do applicants even show that on a resume? This week’s episode is hosted by me, David Spark (@dspark), pr…
…
continue reading
1
When Do I Fix the Toilet Myself or Call the Plumber?
42:05
42:05
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
42:05
All links and images for this episode can be found on CISO Series. For some security problems, it can be tough to know when to try to fix the problem yourself or turn to a vendor. Deciding this shouldn't start with talking to someone that wants to sell you something. But how do you determine when it's time to call in a vendor? This week’s episode i…
…
continue reading
1
Cyber Advice So Generic, You’ll Assume It Came from ChatGPT
36:04
36:04
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
36:04
All links and images for this episode can be found on CISO Series. Shifting Left is so five years ago. Advice and best practices are great, but context is king. Is there a mixture of best practices AND doing what's right for your business that's actually practical? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series …
…
continue reading
1
Vendors Are From Mars. Their Security Is From Venus.
39:20
39:20
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
39:20
All links and images for this episode can be found on CISO Series. There are so many third party vendors we want to work with, but uggh, their security and privacy is so troublesome. Is it only the security department's job to vet these partners or should everyone have a responsibility of keeping tabs on third party security? This week’s episode is…
…
continue reading
1
We're So Special Gartner Hasn't Even Thought Of Our Category Yet
41:59
41:59
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
41:59
All links and images for this episode can be found on CISO Series. Do you know what security categories were created this year? I have no idea. Do you know which ones were deleted? I don't think any. Is category growth designed to make more money for the industry? Does it help customers build a better security strategy? It seems like a necessary ev…
…
continue reading
1
Who’s in Charge of Stopping Stupid Ideas? (LIVE in Tel Aviv)
42:00
42:00
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
42:00
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and guest co-host Jesse Whaley, CISO, Amtrak. Our guest was Paul Branley, CISO, TSB Bank. We recorded this episode in front of a live audience in Tel Aviv as part of Team8’s CISO Summit 2023. CISO Se…
…
continue reading
1
Password Rules Make Us Feel More Secure
38:10
38:10
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
38:10
All links and images for this episode can be found on CISO Series. Troy Hunt's new site, "Dumb Password Rules," demonstrates yet another slice of security theater. Rules designed to make the creator believe they're making the business more secure, but appear to do nothing more than create unnecessary roadblocks and confusion. This week’s episode is…
…
continue reading