Formerly named CISO/Security Vendor Relationship Podcast. Discussions, tips, and debates from security practitioners and vendors on how to work better together to improve security for themselves and everyone else.
Podcast hosts
No host has claimed this podcast yet, if you are the host you can verify ownership by claiming this podcast
© 2018-2022 CISO Series
CISO Series Podcast
Reviews
hehehdhehehey
5 out of 5 stars
One of my favorite podcasts
Entertaining, easy to listen to and probably the most educational podcast for cybersecurity sales reps. Also a great listen for security professionals. I am a big fan!
Allllsouledout
5 out of 5 stars
Great for sales reps to get the CISO perspective
As someone tied to a quota it’s easy to lose focus on the problems we’re all actually trying to solve. Highly recommend!
AloofButFunctional
5 out of 5 stars
Valuable Insights on Security and Group Communication
1. The topics are engaging, relatable. 2. The speakers on the show have a great amount of energy. 3. The added insights on Information Security are a real treat. 4. The importance on working collaboratively - as humans is a big reminder that you don't need to be the biggest most knowledgeable person in the room.
Female Healthtech Leader
5 out of 5 stars
Good advice and fun to listen to
As a leader of a security consulting firm I find this podcast the most useful. While there are other podcasts that keep you up to date on recent hacks and technical tools, this podcast covers the broadest topics in language everyone can understand. Not every buyer of Cybersecurity has deep technical knowledge and this podcast helps get to the core of the issue and discusses prioritization challenges every executive faces. Hosts are engaging and I like the “which is worst” and “10 second security” tip.
roselinevelee
5 out of 5 stars
Value Added
If you aren’t listening to these podcasts what are you even doing with your life. Security professionals add value to your core knowledge with these injections of absolutely vital industry knowledge and trends.
Financialadventure
5 out of 5 stars
Fantastic Show
I really like this show and have been listening to it since it began. Some of the things I enjoy the most is just how approachable the hosts are. If you send them questions they can go on the show. I also enjoy the what’s worse. It’s a great risk management exercise where I get to see some interesting perspectives as I try to grow my understanding to become a valuable CISO Thanks again for all that you do Ross Young CISO, Cat Financial
DH74abc
5 out of 5 stars
The best CISO podcast available today
I thoroughly enjoy listening to these every week. The podcast is carefully segmented and entertaining while educational. The timing length of the shows are great. Keep up the good work, I hope it never finishes!
journeyman2K
5 out of 5 stars
Great format and good content
I always enjoy listening to this podcast when driving to a meeting re-center myself in understanding what’s important to a cyber security professional and what they absolutely despise from reps. Great way to keep yourself in check and bring up topics that are important to them. Thank you David Spark and Mike Johnson!
Dudegggggggganj
5 out of 5 stars
Invaluable
This podcast is a wealth of insight and perspective for both CISOs and vendors. It is an absolute must for anyone who wants to succeed in this industry.
Cybersecurity Philosopher
5 out of 5 stars
Fantastic Resource
You have earn the words of praise as your podcast has helped me better understand how to further my career in cyber security so not to make the same mistake others have made ... Keep it up ... Always get excited when there is a new episode
Sebastian Engstrom
5 out of 5 stars
CISO & Sales Bridge - Love it!
Thanks David and Mike - your podcast has upped my game and sharpened my sword significantly! The struggle is as a seller is getting fed canned marketing messages, media zero days, and buzz words 24/7. Your podcast has helped me see more clearly into what actually matters for security leaders, what they measure, how they prioritize and reason. This prompts better relationships, bridges a gap of sales and security leadership, and helps with consultant focused selling! Love what you do and thank you!
H-Squared-01
5 out of 5 stars
Very engaging
I hope to become a CISO one day and I really appreciate the how the conversations of the show bring different aspects, opinions, and insights of what being a decision maker at that level is all about.
mph15063
5 out of 5 stars
Powerful Podcast
I have been listening to this podcast for about 3 months now. Coming from a non-technical background, it allowed me to immerse myself in the world of cyber security. It’s intriguing to hear from the perspectives of CISOs across a wide variety of industries. Highly recommend the subscribe!
JZR-Varonis
5 out of 5 stars
Must listen for any cyber security professional
See above :)
Bedstuysly
5 out of 5 stars
Informative and actionable information!
Thanks for taking time for creating impactful content.
SeanGRichards
5 out of 5 stars
Excellent Mix of Topics/Relationships
Easy to listen to podcast. Great mix of pertient topics and appreciated feedback back to the vendor side.
mrtruthful920
5 out of 5 stars
Excellent!
My job is to convey our value to Ciso’s and positions alike. This podcast helps me better understand the other side as well as what they’d be looking for from me. It addresses many of the things i would want to ask a Ciso, but do not typically have the ability to do so. My only feedback would be more of an emphasis on what business needs solutions have solved with metrics ect, so i can learn more about how to convey the same value prop. This may be done in later episodes, i am not all the way caught up. Love it!
thunderfxnz
5 out of 5 stars
Changes the way we approach
I am a salesperson for a security vendor and the reason why this podcast has been valuable for me is listening to David and Mike's feedback around what we shouldn't be doing when we reach out to our prospects. We don't know what we're doing wrong until someone tells us, so these real time examples are extremely beneficial for our sales development. Personally I have become better because of it, and it will shift the industry eventually and remove the negative stigma around salespeople, so I'm extremely appreciative for this.
JennRhyu
5 out of 5 stars
A perspective that matters...
I’ve been following Mike Johnson on LinkedIn for awhile now after seeing a post about how he believes vendors should engage with him. I’m an avid listener and talked about this podcast in our security session at our national sales kickoff two weeks ago. Being on the vendor side, it’s so important to understand the perspective of CISOs and how to stay authentic and truly valuable in a landscape that keeps changing. Thank you for providing this kind of dialogue, it’s incredibly valuable for vendors to have this kind of content over regurgitated sales content!
Yaron L.
5 out of 5 stars
MUST Listen for every CISO
Last weekend I figured that I can download podcasts to my old iPod Classic so I downloaded the entire series from iTunes (38 episodes). Now I am in listening marathon every day on my way to work and back. This podcast is AWESOME!!!! It is very well done, the guests are great, and the perspectives are very helpful. While I know and in touch with many of David's guests, listening to them on the podcast make me feel like sitting in a group therapy session. Thank you David for a great podcast. I highly value your work
NickMcN
5 out of 5 stars
CISO Fireside Chats
For all those security vendors like I used to work with that are dying to find out what your target CISOs are thinking and what they are looking for, here's your answer! and for free! An amazing resource in my opinion, candid conversations about the good, bad, and the ugly in the vendor-CISO relationship, one that is more complex than many folks on both sides realize. It's a must listen podcast in my weekly libary.
Jmcnamee
5 out of 5 stars
Glimpse behind the curtain
I’m a vendor for a leading identity governance company. It’s still SO hard to get the attention of the senior leaders, even when you know you have something of value to them. Your show gives a little glimpse behind the curtain of why it’s so hard, and practical tips for trying to make a more meaningful message to them.
Dutch Schwartz
5 out of 5 stars
Make this a part of your weekly routine
David Spark is an enthusiastic interviewer and Mike Johnson offers candid feedback which together makes for a fun and balanced listening experience. Regardless of your role or experience, anyone interested in cybersecurity should listen and participate as it’s extremely valuable.
bousqatx
5 out of 5 stars
Great resource
David and Mike have created a valuable resource for all of us working to make the online world more secure. Every episode includes useful insight you can put to use immediately- whether you are a CISO or vendor.
BlessedDee
5 out of 5 stars
Awesome & Engaging
This podcast is one that should be at the top of many IT professionals list of news feeds and/or information sources to review regularly. I like how the podcast is formal enough in its topics but informal in its format and overall delivery. This makes the podcast discuss REAL IT issues in a very personable and sometimes entertaining way. I am glad this podcast was apart of my a post from someone I follow on LinkedIn.
Zkalman10
5 out of 5 stars
Must listen!
This is a must listen for any sales professional in the information security industry. David and Mike do a great job giving insight into how security professionals make decisions when it comes to vendors as well as bringing together the top minds in the industry for relevant discussions.
CW-ibm
5 out of 5 stars
Awesome podcast
What a great idea. This is exactly the type of insight that sales reps are looking for, delivered in an engaging and interesting podcast. Thank you Mike and David!
Schaefer M
5 out of 5 stars
A MUST for every sales team
Your podcast should be a requirement for all sales teams at every security company regardless of account status. The BDR team as well as the person who manages the “Wal-Mart” account should be listening to your podcast in my opinion. If every security company could force their teams to practice what you and Mike preach, I think the whole industry would change overnight. Hell, CISOs would probably be pinging their IT team to make sure their emails are working since they didn’t wake up to 50 vendor emails, haha.
#4TH
5 out of 5 stars
Great information for everyone
It doesn’t matter if you are CISO or a vendor everyone learns something new every single episode!
Rwmjr
5 out of 5 stars
Great info for current and budding CISOs
A great, quick, and information packed 30 minutes! All relevant information for all current and budding CISOs about the current marketplace, security environment, and business drivers. Definitely a must listen!
BM-secops
5 out of 5 stars
Great insight, particularly for someone new to security selling
I’ve spent a good portion of the last few days listening to David’s podcast and reading his collection of articles. I’ve been in sales for more than 6 years, but in security for only 6 months. With this space being such a different beast, I’ve found a ton of value in David’s strategies and tactics. Looking forward to implementing them in the near future to bring value to my customers and prospects.
Tori J. Eda
5 out of 5 stars
Interesting Perspective in the Process of a CISO
The content provided in this podcast series is invaluable if you are remotely interested in building a solid and trusted vendor relationship with any Executive level persona. I do not often write reviews like this and it's even cliche that I write that, but this podcast and the efforts of David Spark to engage the security community will allow you to be more in touch with top concerns and more fit to handle engagements! This podcast is a MUST.
Javajag
5 out of 5 stars
Structure that sticks!!
The structure that David and Mike J have created for this podcast is awesome!! The repeatability and the variety of topics they cover within this structure is amazing. Any up and coming security professional, aspiring security entrepreneur, this is a must subscribe!!
Gawyn210
5 out of 5 stars
This podcast stands out from the crowd!
I am an avid podcast consumer, with over 25 InfoSec and Privacy related podcast subscriptions. David, Mike and their guests bring a unique and valuable show to help the community. This quickly became my favorite show. I really appreciate the authentic realworld experiences and topics discussed. The show focuses on the term CISO, but the information is relevant to security managers and leaders at all levels. These folks are helping to positively reshape the relationship between security practitioners and security vendors while being a source of great value and insight. Keep it up David and Mike! You guys are having a real world positive impact in my career and by the sounds of in on linkedin, across the security community.
Ken Hyesung Yu
5 out of 5 stars
#1 go-to podcast
Been looking for a podcast like this for powerful insight’s to today’s CISO’s for better understanding on what’s valuable to them. I appreciate David and Mike partnering up to bridge the gap between CISO’s and security vendors!
Happy Burner
5 out of 5 stars
My #1 Podcast as a CISO
This is my go-to podcast. Mike and David are a fantastic team, and they always find interesting guests and topics.
John Haden
5 out of 5 stars
One of the best security podcasts around!
David's podcast is great b/c it pulls together heavy hitters in the Cyber Security industry that really know their stuff and they are always covering great, relative topics!! A must listen!
Byrdman55
5 out of 5 stars
A MUST if you’re in Cyber Security: Helping the Industry
I've caught almost every episode. I'm really glad David started the podcast mainly so other sales reps can get some advice on how to generate new business in a respectful, transparent and professional way. Unfortunately, there is a lot of negativity around prospecting and there are some bad apples (like in every industry) who seem to be making the most noise. Selling, prospecting and communicating isn't rocket science but some are more natural than others. I know David gets it and I appreciate how he challenges both Mike and the other guests from time to time for them to dig a layer deeper in offering up advice. Great podcast, please keep it up!
exoe08
5 out of 5 stars
Regular listener
I have listened to every episode. I get great information, the guests are excellent, and the format is entertaining.
CYBR Matt
5 out of 5 stars
Terrific podcast for the InfoSec and Sales Communities!
I am a regular listener to the podcast and I've also shared it with my team here in SoCal. It's a terrific listen for me as I'm driving to meetings in Los Angeles, and I think David and Mike do a great job of providing a balanced view from both the CISO and sales perspectives.
Passionfix
5 out of 5 stars
Invaluable content
I’ll admit that I’m a newbie in this crowded world of security vendors (ugh, such a hideous term...deserves the 4-letter treatment...vndr, maybe?). Despite having had a long technology sales career, I’ve never seen such clawing & scratching to get a C-level’s attention as I’ve seen in InfoSec. So, a podcast like this that acts as a guide for what to do (and not do) is pure gold! Thank you, David Spark, for having the wherewithal to put this into the world.
Chucstone
5 out of 5 stars
A splash of cold water for vendors
I needed this podcast to remind me to get to the point and dispense with the fluff. Unsurprisingly, CISOs are intellectuals, and are interested in facts. Buzzwords and hyperbole make them run in the opposite direction. There are lots of other useful insights revealed in this novel podcast as I’m finding out bingeing on past episodes. Keep them coming!
RRNumber2
5 out of 5 stars
Learn something every episode
I binge listened to just about every episode on a drive, and have recommended this podcast to everyone I know in the vendor space who is trying to sell security software or services. This would also be good for anyone in security leadership positions who deal with vendors as I've been in the past. There are some novel ways of learning about new tools and technologies that some of the guests share that are definitely worth implementing. The guests are all very senior and high quality, I've learned something in every episode even though I've been kicking around the space for quite a few years. Please keep up the good work!
mattyice242
5 out of 5 stars
Like nothing else!
Always a great listen! For those interested in the security world and those who bring products and services to the market for them, this is your podcast. The strengthening this podcast will do for the security industry and recognition of their products and services helps immensely.
ATLFord
5 out of 5 stars
Must Listen
As a vendor, this has been very helpful for me to assess the challenges that CISOs face in the buying process
Mofoxtrott
5 out of 5 stars
Well Done
Great podcast with interesting speakers and good audio. I should have discovered it before.
Gkevharris
5 out of 5 stars
Great Show and Insights
Really educational and always like to hear how challenges are thought of, how priorities are set, etc. Also enjoy hearing about how relationship between Sales and InfoSec teams can be made more productive.
Nathan Burke (Axonius)
5 out of 5 stars
Great Cybersecurity Podcast
As a CMO at my 3rd cybersecurity startup I've seen a lot of FUD, ludicrous marketing claims about "silver bullet" products, and claims of "buy my thing and you won't get hacked." In this podcast, host David Spark and CISO Mike Johnson give the perspective of the CISO, not as the enemy of the maketer or salesperson, but a human being with a tough job looking to keep their organization secure. It features actionable advice and can help vendors move from academic guesses (CISOs don't read email, so I'll cold message them on LinkedIn) to objective, first-person preferences on how they learn about new products. I look forward to this podcast every week.
Joe Sadoski
5 out of 5 stars
Keep them coming
Has already helped change the way I approach reaching out to CISO’s from a vender perspective. Great forum for CISO community to tell vendors what is top of mind & opposed to the other way around.
Delonte @ Fidelis
5 out of 5 stars
Couldn’t Ask for Better Content
As a hungry, upcoming sales manager...this type of content is liquid gold. The amount of knowledge offered by Mike and David has been a tremendous resource for my career. I’m looking forward to the continued evolution of this podcast and I hope others tune in as well. In Sales, if you’re not learning...you aren’t succeeding. I appreciate that I have learned something new and insightful upon each listen. Keep up the great work!
#Kmele2020
5 out of 5 stars
Valuable resource
Great podcast, highly recommend subscribing and listening to the show. Valuable insight into senior leadership decision-making, and how security leaders manage vendor relationships.
kmw_022
5 out of 5 stars
Indisputably the Best Podcast for Cybersecurity Pro’s
David and Mike give you the best no-nonsense take on the issues plaguing the industry and the tumultuous state of affairs regarding the relationship between CISOs and their sales counterparts; focusing their much-needed efforts, poignantly, on the dogged, noxious efforts of misguided sales professionals employed by cybersecurity vendors. As a sales professional, I want to give you guys a shout to say THANK YOU. This podcast has been extremely beneficial to me, personally, in furthering my career in this industry. As an OG tech groupie, I became a law-school-dropout in pursuit of my true passion: the cybersecurity industry. Motivated not by my sharp-as-a-tack sales background nor my technical genius, but rather the drive to engage in an industry and career I believe in — instead of one that is largely based on the exploitation of the masses by a few knowledgeable professionals— I made the jump to employment with a well-known vendor. It may be naivety to think that any particular industry operates differently than this formula, but I'm optimistic about the future of cyber security with professionals like Mike and David leading the way and illuminating the path for all of us.
njd1117
5 out of 5 stars
One of the best security podcasts
I subscribe to a lot of security podcasts and most are dense and plodding but these guys have found a nice way to hit the high notes and keep it interesting. David and Mike are great and they manage to find guests that complement the show perfectly.
Boomerxx01
5 out of 5 stars
Must listen for sales and security folks!
Sales People - if you want to hear about what life is like on the receiving end of our sales onslaught, what works, and what really pisses people off, then you must listen to this podcast. You will save many hours and help build relationships by following these folks advice. Also, you get to hear about what is on their minds and what buzzwords matter to them most (and which ones they hate, looking at you AI & Blockchain). Security Professionals - there are some great sections about security tips, stories of how vendors have helped them, but also "CISO Mistakes" which is a great section to learn about mistakes others have made and how to avoid them.
mom,s take
5 out of 5 stars
Mom’s take
Not sure a review from your mom increases subscribers but I really learn a lot from your discussions. Sure some goes over my head but the main thrust of each question is interesting and informative. Keep up the good work. Barbara Spark
D_Fun99
5 out of 5 stars
Sales
Brings you into the life of a CISO! There are tons of great tips for vendors but really the most important part is what not to do. It's been a great addition to my morning commute!
Eromeu
5 out of 5 stars
Great content we can all relate!
David and Mike do a great job in keeping both sides happy with the content provided, keep up the good work guys!
KipBoyle
5 out of 5 stars
Great exploration of a crucial relationship
CISOs need vendors in order to achieve their mission. But these two parties often don’t understand each other. This podcast does a fantastic job creating a constructive common ground for them to learn about each other. And it’s fun to listen to!
Just Another Vendor
5 out of 5 stars
A must listen for security vendors
As a rep at a security vendor, this has quickly become one of my favorite podcasts. It is great to hear your reaction to pitches, and I feel that my own pitches have gotten better responses since adhering to your suggestions. Would love to hear more about top concerns for CISO’s, perhaps examples from other companies and what they could have done better, while still keeping them anonymous.
FantasyJoel
5 out of 5 stars
Great to hear reality and current examples
This podcast is extremely valuable for anyone in the security space (organization or vendor). It covers the things we care about in an entertaining and informative way. It is a top podcast I look for new episodes obsessively.
Shahzeb Jiwani
5 out of 5 stars
Great to hear from the leaders
It is great to hear from the leaders in the industry on how they approach vendors within security. As someone who has recently started managing a security program it is great to hear the stories of those that have been in the industry for some time and dealt with vendors from multiple spectrums.
UNLV#1
5 out of 5 stars
Excellent. Anyone selling to IT executives will learn something
How would you like to get real talk advice from CISOs about their issues, thoughts and concerns? How would you also like them to tell you, the sales professional, how best reach them including what NOT to do? If you want that kind of information then look no further. Keep up the great work gents.
Tony quadros
5 out of 5 stars
Love it
Im a sales rep from a vendor and i really enjoy listening and learning. I have a great respect for mike and David seems like a great host!
Dogfolife69
5 out of 5 stars
A quick CISO roundable every episode
I love the approach of making this like a ciso roundtable every episode.
RevTed
5 out of 5 stars
Excellent and Informative!
This is a great podcast - combination of industry info, security issues (in general), how to work with security executives (I work for an industry vendor), and a better understanding of the challenges our customers live with every day. Really appreciate your insights.
Hello512
5 out of 5 stars
Extremely informational
Great content so far. Love the topics and discussion that are being had and great guest. Keep it rollin.
Mohawk and the Balls of Fire
5 out of 5 stars
A Stand-Out—Must Listen
If you enjoy cybersecurity podcasts (even when they take the standard “conversational” format between interviewer and interviewee), then you’ll really enjoy this one! David Spark & Mike Johnson keep the podcast moving by launching 10 sec “security bites” with guests upfront, and then moving (with fun & helpful conga breaks) into CISO-oriented news and genuine candor on contemporary CISO/Vendor relationships—positive and otherwise. Great content that’s thoughtfully planned and skillfully executed. Bravo!
Brandon Afra
5 out of 5 stars
Every Security Vendor And Buyer Should Listen
The CISO / Security Vendor relationship series is an enlightening glimpse into the worldview, challenges, insights, and goals security professionals are dealing with and how security vendors fit into that world. Everyone from security vendors to security buyers would appreciate.
Max#16
5 out of 5 stars
Great podcast w/ real security influencers
David Spark has created an amazing podcast that is brining an access to the great minds of the security industry to the masses. Love his conversation on privacy policy and am looking forward to see what they come out with next!
Ninjasinadojo
5 out of 5 stars
The industry needs more of this!
There are good tools but they are hard to find buried under all this FUD!
Podcast information
- Amount of episodes
- 258
- Subscribers
- 0
- Verified
- No
- Website
- Explicit content
- No
- Episode type
- episodic
- Podcast link
- https://podvine.com/link/..
- Last upload date
- May 30, 2023
- Last fetch date
- June 1, 2023 8:53 AM
- Upload range
- WEEKLY
- Author
- David Spark, Mike Johnson, and Andy Ellis
- Copyright
- 2018-2022 CISO Series
susbcribers
- Failure Is The Likely OptionAll links and images for this episode can be found on CISO Series. When cybersecurity needs to cut budget, first move is to look where you have redundancy. That way you're not actually reducing the security effort. But after that, the CFO needs to know what are the most important areas of the business to protect. Where will they be willing to take on more risk? Because, with less security, the chances of failure increase. This show was recorded in front of a live audience in New Orleans as part of the BSidesNOLA 2023 reboot conference. The episode features me, David Spark ( @dspark), host and producer of CISO Series. My guest co-host is my former co-host, Allan Alford ( @allanalfordintx), CISO for Precedent and host of The Cyber Ranch Podcast. Our guest is Mike Woods, corporate CISO for GE. Thanks to our podcast sponsors: Conveyor, Nightfall AI, Rapid7 Nightfall is the leader in cloud data leak prevention. Integrate in minutes with cloud apps such as Slack and Jira to instantly protect data (PII, PHI, Secrets and Keys, PCI) and prevent breaches. Stay compliant with frameworks such as ISO 27001 and more — all powered by Nightfall's industry-leading ML detection. Rapid7 is the only connected, cloud to on-prem cybersecurity partner with unlimited incident response, unlimited automated workflows, unlimited vulnerability management, unlimited app security, you get the idea. Add it up – with Rapid7’s decades of practitioner-first problem solving – and there’s unlimited opportunity for you. See for yourself at Rapid7.com/ciso-series. In this episode: We always say, “trust but verify,” but how do you actually verify? When it comes to cut budget, make sure you’re already in the mind of the CFO. What’s the difference between a good cybersecurity professional and a great one?0 comments0
- A Fireman? A Princess? How About a CISO?All links and images for this episode can be found on CISO Series. As children, we don't dream of becoming a CISO, but yet we still have them. What is it a security professional can learn or even show, to demonstrate that they're getting ready for the position of a CISO? This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, operating partner, YL Ventures. Our guest is Paul Connelly, former CISO, HCA Healthcare. Thanks to our podcast sponsor, Nightfall Nightfall is the leader in cloud data leak prevention. Integrate in minutes with cloud apps such as Slack and Jira to instantly protect data (PII, PHI, Secrets and Keys, PCI) and prevent breaches. Stay compliant with frameworks such as ISO 27001 and more — all powered by Nightfall's industry-leading ML detection. In this episode: What is it a security professional can learn or even show, to demonstrate that they're getting ready for the position of a CISO? How to tell that you are NOT CISO material? What don't CISOs know about physical security that they should know before they get into big trouble?0 comments0
- CISO Series Podcast May 16 · 40m I’ve Got Plenty of Risk If You Want MoreAll links and images for this episode can be found on CISO Series. It seems anything that's added to a business, like a new app or a third party vendor, just adds more risk. Risk definitely piles up faster than CISOs can reduce it. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Mike Johnson. Our guest is Kurt Sauer ( @kurtsauer), CISO, DocuSign (when we recorded the show, Kurt was the vp of security for Workday). Thanks to our podcast sponsor, Stairwell The standard cybersecurity blueprint is a roadmap for attackers to test and engineer attacks. With Inception, organizations can operate out of sight, out of band, and out of time. Collect, search, and analyze every file in your environment – from malware and supply chain vulnerabilities to unique, low-prevalence files and beyond. Learn about Inception. In this episode: Does it seem like anything that's added to a business, like a new app or a third party vendor, just adds more risk? Does risk pile up faster than CISOs can reduce it? How do you avoid creating new risks when you add new applications, or even just update applications?0 comments0
- What Kind of Challenges Do You Foresee In Firing Me?All links and images for this episode can be found on CISO Series. This show was recorded in front of a live audience in New York City! This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series, and a special guest host, Aaron Zollman, CISO & vp, platform engineering, Cedar. Our guest is Colin Ahern, chief cyber officer for the State of New York. Thanks to our podcast sponsor, OpenVPN, SlashNext & Votiro SlashNext , a leader in SaaS-based Integrated Cloud Messaging Security across email, web, and mobile has the industry’s first artificial intelligence solution, HumanAI, that uses generative AI to defend against advanced business email compromise (BEC), supply chain attacks, executive impersonation, and financial fraud. Request a demo today. No matter what technology or training you provide, humans are still the greatest risk to your security. Votiro’s API-centric product sanitizes every file before it hits the endpoint, so the files that your employees open are safe. This happens in milliseconds, so the business stays safe and never slows down. In this episode: If you hired someone today, how would you know in 3 months time that they were the right fit? Do you have any other questions you've heard from candidates that you think are better? What doesn't the government currently know about cloud providers that they should know?0 comments0
- I Wouldn’t Trust Everything You Read… On My ResumeAll links and images for this episode can be found on CISO Series. Turns out cybersecurity professionals lie on their resumes. They add degrees and certifications they don't have. They omit degrees for fear of looking overqualified. And sometimes, they flat out invent jobs. But given the responses as to why people do it, it's because they're trying to get by the unnecessary barriers of cybersecurity hiring. Does that make the lying justified? This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Mike Johnson. Our sponsored guest is David Nolan, vp, enterprise risk & CISO, Aaron's. Thanks to our podcast sponsor, Varonis Everyday, your employees share thousands of sensitive files with too many people, exposing data to the entire organization – or even the entire internet. Varonis monitors sharing link activity and intelligently eliminates links that aren’t needed – reducing your risk on a continual basis. Discover more at www.varonis.com/cisoseries . In this episode: Do some cybersecurity professionals really lie on their resumes? Is this because they're trying to get by the unnecessary barriers of cybersecurity hiring? Does that make the lying justified?0 comments0
- Can’t You Just Pop Out of Zeus’ Head a Fully Formed Security Professional?All links and images for this episode can be found on CISO Series. Companies want to hire security professionals who know everything. Eager professionals who want all those skills are screaming please hire me and train me. But unlike the military which can turn a teenager into a soldier in 16 weeks, corporations in dire of cybersecurity help have little to no means to train. They're just hoping they'll show up perfect and ready to fight in a digital war. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Andy Ellis ( @csoandy), operating partner, YL Ventures. Our guest is Joe Lowis, CISO, CDC. Thanks to our podcast sponsor, Cyolo Too many critical assets and systems remain exposed because traditional secure access solutions are not able to protect the high-risk access scenarios and legacy applications that keep business operations running. With its trustless zero-trust access solution, Cyolo gives organizations the visibility and access control they need to secure every connection. In this episode: Is it realistic for companies to hire security professionals who know everything? Do companies realize that there are professionals who want all those skills and are eager to learn? Why isn’t there more emphasis on providing training like how the military trains all new recruits?0 comments0
- We’d Secure Our Data If We Knew Where It WasAll links and images for this episode can be found on CISO Series. Given the ease of sharing data, our sensitive information is going more places that we want it. We have means to secure data, but you really can't do that if you don't know where your data actually is. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Andy Ellis ( @csoandy), operating partner, YL Ventures. Our sponsored guest is Brian Vecci ( @BrianTheVecci), field CTO, Varonis. Thanks to our podcast sponsor, Varonis Everyday, your employees share thousands of sensitive files with too many people, exposing data to the entire organization – or even the entire internet. Varonis monitors sharing link activity and intelligently eliminates links that aren’t needed – reducing your risk on a continual basis. Discover more at www.varonis.com/cisoseries . In this episode: What exactly is “dark data”? Are we creating more problems for ourselves by holding onto dark data? What is this generated yet unused data? Is this the same as ROT data or redundant, obsolete, trivial data? How can it be discovered and classified?0 comments0
- Our Security Tool Can Do Everything But Mitigate RiskAll links and images for this episode can be found on CISO Series. No department is immune to budget cuts. When the budget cuts come in, where can security look first to save money? Mike Johnson said, "An expensive tool that doesn't mitigate risk should be at the top of the chopping block." This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Mike Johnson. Our sponsored guest is Almog Apirion ( @almogap), CEO and cofounder, Cyolo. Thanks to our podcast sponsor, Cyolo Too many critical assets and systems remain exposed because traditional secure access solutions are not able to protect the high-risk access scenarios and legacy applications that keep business operations running. With its trustless zero-trust access solution, Cyolo gives organizations the visibility and access control they need to secure every connection. In this episode: When the budget cuts come in, where can security look first to save money? Where has change management gotten easier and more difficult for you over the years? And how do you engage with your team and affected users about making a change that works best for the business?0 comments0
- CISO Series Podcast Apr 4 · 39m No Need for Chaos Engineering Since Our Architecture Is Always FailingAll links and images for this episode can be found on CISO Series. Is chaos engineering the secret sauce to creating a resilient organization? Purposefully disrupt your architecture to allow for early discovery of weak points. Can we take it even further to company environment, beyond even a tabletop exercise? How far can we test our limits while still allowing the business to operate? This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Andy Ellis ( @csoandy), operating partner, YL Ventures. Our sponsored guest is Mike Wiacek, CEO, Stairwell. Thanks to our podcast sponsor, Stairwell The standard cybersecurity blueprint is a roadmap for attackers to test and engineer attacks. With Inception, organizations can operate out of sight, out of band, and out of time. Collect, search, and analyze every file in your environment – from malware and supply chain vulnerabilities to unique, low-prevalence files and beyond. Learn about Inception. In this episode: Is chaos engineering the secret sauce to creating a resilient organization? Purposefully disrupt your architecture to allow for early discovery of weak points. Can we take it even further to company environment, beyond even a tabletop exercise? How far can we test our limits while still allowing the business to operate?0 comments0
- Why Aren’t You On Slack Where I Can Interrupt You?All links and images for this episode can be found on CISO Series. In order to get any work done we try to shut out all possible distractions. That includes messaging apps. But those people who want to connect become annoyed that they can't reach you. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Andy Ellis ( @csoandy), operating partner, YL Ventures. Our guest is Howard Holton, CTO, GigaOm. Thanks to our podcast sponsor, Cyolo Too many critical assets and systems remain exposed because traditional secure access solutions are not able to protect the high-risk access scenarios and legacy applications that keep business operations running. With its trustless zero-trust access solution, Cyolo gives organizations the visibility and access control they need to secure every connection. In this episode: In order to get any work done, why do we try to shut out all possible distractions, including messaging apps? What happens when those people who want to connect become annoyed that they can't reach you? Who are the true innovators in cybersecurity? Is it the attackers or the defenders?0 comments0
- Fast Track Burnout for Your Cyber Team with LayoffsAll links and images for this episode can be found on CISO Series. What happens to your team after the layoffs? Your overextended team now realizes they're going to have to pick up the slack for those who left. How do you shift responsibilities in such a situation? Does anything fall away? Because you can't still operate at the same level. How do you adjust while maintaining morale and not burning out those who are there? This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Dan Walsh, CISO, VillageMD. Our guest is Nick Vigier, CISO, Talend. Thanks to our podcast sponsor, Sentra Sentra’s Data Security Posture Management Solution not only discovers and classifies cloud data, but ensures it always has the proper security posture. No matter where the data is moved or copied, Sentra can identify the type of data, who has access to it, and how it’s meant to be secured. In this episode: What happens to your team after the layoffs? Your overextended team now realizes they're going to have to pick up the slack for those who left. How do you shift responsibilities in such a situation? How do you adjust while maintaining morale and not burning out those who are there?0 comments0
- We Look for Candidates Who Already Know EverythingAll links and images for this episode can be found on CISO Series. Future cybersecurity talent is frustrated. The industry demand for cybersecurity professionals is huge, but the openings for green cyber people eager to get into the field are few. They want professional training, and they want the hiring companies to provide the training. Problem is not enough companies have training programs in place and as a result they can only hire experienced cyber talent, shutting out those who want to get in. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Mike Johnson. Our sponsored guest is Matt Radolec, sr. director incident response and cloud operations, Varonis. Thanks to our podcast sponsor, Varonis Everyday, your employees share thousands of sensitive files with too many people, exposing data to the entire organization – or even the entire internet. Varonis monitors sharing link activity and intelligently eliminates links that aren’t needed – reducing your risk on a continual basis. Discover more at www.varonis.com/cisoseries . In this episode: The industry demand for cybersecurity professionals is huge, so why are the openings for green cyber people eager to get into the field so few? Should more hiring companies provide the training? Is the problem that not enough companies have training programs in place?0 comments0
- We're Experts At Telling You To Fix Your ProblemsAll links and images for this episode can be found on CISO Series. I don't need another vendor to find my problems. Finding my problems has not been the issue. That's the easy part. Fixing them with the staff I have is definitely "the problem." Vulnerability management must include ways to remediate, quickly. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Mike Johnson. Our guest is John C. Underwood, vp, information security, Big 5 Sporting Goods. Thanks to our podcast sponsor, Pentera Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers including their ransomware readiness, unfolding true, current security exposures at any moment, at any scale. In this episode: Do you need another vendor to find your problems when finding your problems has not been the issue? Or is actually fixing them with your staff "the problem"? Do you think vendors are finally moving away from offering "just" visibility and giving proactive advice and some cases automation to fix it?0 comments0
- _Saying_ “We’re 100% Secure” Is Not the ProblemAll links and images for this episode can be found on CISO Series. It's pretty darn easy to just utter the words "we're 100% secure." Pulling that off seems universally impossible, but some organizations are adamant about certain types of safety so they aim for 100%. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Mike Johnson. Our sponsored guest is Yoav Regev ( @yoav_regev), CEO, Sentra. Thanks to our podcast sponsor, Sentra Sentra’s Data Security Posture Management Solution not only discovers and classifies cloud data, but ensures it always has the proper security posture. No matter where the data is moved or copied, Sentra can identify the type of data, who has access to it, and how it’s meant to be secured. In this episode: What does it take to have a successful security program? What are the things to focus on when speaking with executives? How do you stay innovative as a security professional and have new fresh perspectives?0 comments0
- CISO Series Podcast Feb 21 · 34m This Unwanted Cold Call Made Possible Thanks to This Month’s Sales QuotaAll links and images for this episode can be found on CISO Series . A CISO calls on security vendors to stop the spamming and cold calling. Are these annoyances the direct result the way salespeople are measured? Is that what drives the desperation and bad behavior? This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Andy Ellis ( @csoandy), operating partner, YL Ventures. Our guest is Dmitriy Sokolovskiy, CISO, Avid. Thanks to our podcast sponsor, Varonis Everyday, your employees share thousands of sensitive files with too many people, exposing data to the entire organization – or even the entire internet. Varonis monitors sharing link activity and intelligently eliminates links that aren’t needed – reducing your risk on a continual basis. Discover more at www.varonis.com/cisoseries . In this episode: What NEW ways could salespeople be measured that would encourage good behavior with CISOs? There's still this desire to draw a linear path to sales, but how often does it cleanly play out that way? Are integrators, MSSPs, and resellers leveling the playing field for cybersecurity vendors?0 comments0
- Adversaries Beef Up Their Shiny Object Distraction CampaignAll links and images for this episode can be found on CISO Series . We are all very easily distracted, and adversaries know that. So they'll try any little trick to make us not pay attention, look away, or do what we're not supposed to do all in an effort to break our human defenses. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Andy Ellis ( @csoandy), operating partner, YL Ventures. Our guest is Shaun Marion, CISO, McDonald's. Thanks to our podcast sponsor, Sentra Sentra’s Data Security Posture Management Solution not only discovers and classifies cloud data, but ensures it always has the proper security posture. No matter where the data is moved or copied, Sentra can identify the type of data, who has access to it, and how it’s meant to be secured. In this episode: Do you have a “security hive” and what does it do for you? What are the active behaviors you're deploying to reduce the stress in your life as a CISO and how are you doing it for your team, and all staff as well? ? Could volunteering help with burnout and recruitment?0 comments0
- 21 “Dark Side”-Approved Ways to Threaten Your ProspectsAll links and images for this episode can be found on CISO Series. For those security practitioners who leave a job to go work for a security vendor, please stop calling it "going to the dark side." This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Mike Johnson. Our sponsored guest is Jason Mar-Tang, director of sales engineering, Pentera. Thanks to our podcast sponsor, Pentera Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers including their ransomware readiness, unfolding true, current security exposures at any moment, at any scale. In this episode: Why do we call security practitioners who leave a job to go work for a security vendor, "going to the dark side?" Do security professionals say this because once they go work for a vendor their motivation shifts from protecting to sales? Over the years what other small steps have we seen that have made improvements in the vendor/practitioner divide?0 comments0
- Let’s Pretend We’re Getting Hacked. Who Wants to Panic First?All links and images for this episode can be found on CISO Series . Tabletop exercises are critical procedures to learn how everyone will react during an actual attack. Panic is usually the first response, so why don't we do that when we're playing our pretend game of getting our business compromised by a nefarious hacker? This week's episode of CISO Series Podcast was recorded in front of a live audience in Clearwater, Florida for the Convene conference produced by the National Cybersecurity Alliance (AKA StaySafeOnline.org). Joining me on stage for the recording was my guest co-host, Hadas Cassorla, CISO, M1 and our guest, Kathleen Mullin ( @kate944032), CISO, Cancer Treatment Centers of America. Thanks to our podcast sponsors, Cofense, KnowBe4 & Terranova KnowBe4 is the world’s largest integrated Security Awareness Training and Simulated Phishing platform. KnowBe4 helps organizations manage the ongoing problem of social engineering through a comprehensive new-school awareness training approach. Tens of thousands of organizations worldwide use KnowBe4’s platform to mobilize their end users as a last line of defense. Get free phishing benchmarking data to drive effective behavior change and grow your organization's security-aware culture with the latest edition of the Phishing Benchmark Global Report! Taken from this year's Gone Phishing Tournament, this report gives security and risk management leaders the insight they need to strengthen data protection. More at terranovasecurity.com. In this episode: Where do you see tabletops coming apart and being ineffective and what are the core elements that truly make them succeed? Have you ever seen a real incident play out where you can point to the tabletop as the reason you were able to handle the incident? Are people the safety net for your security controls OR should security controls the safety net for your people?0 comments0
- Today’s Agenda: When Will This Meeting End?All links and images for this episode can be found on CISO Series. Everyone's favorite meeting is a short meeting. But does anyone want a fun or entertaining meeting? Or is that a bad idea? This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Mike Johnson. Our guest is Jeremy Embalabala, CISO, HUB International. Thanks to our podcast sponsor, SlashNext With today’s transition to hybrid working, phishing attacks are becoming more prevalent than ever. Mobile phishing and credential harvesting are exploding and affecting business reputations, finances and most importantly, data loss. With new methods of phishing attacks appearing year over year, enterprises need more robust phishing protection to better protect this expanding attack surface and companies’ most valuable assets. Check out the report. In this episode: Everyone's favorite meeting is a short meeting. But does anyone want a fun or entertaining meeting? Or is that a bad idea? How do we make our security teams more productive? The cost of getting and paying for cybersecurity insurance is so darn high. Would it be worth it to just self-insure?0 comments0
- Your Password Is Too Long. Please Shorten It.All links and images for this episode can be found on CISO Series. What happens when you want to adhere to more secure behavior, but the tool you're using forces you to be less secure, solely because they didn't architect in more stringent security when they created the program. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Mike Johnson. Our guest is Terrance Cooley, CISO, Air Force JADC2 R&D Center. Thanks to our podcast sponsor, Varonis Everyday, your employees share thousands of sensitive files with too many people, exposing data to the entire organization – or even the entire internet. Varonis monitors sharing link activity and intelligently eliminates links that aren’t needed – reducing your risk on a continual basis. Discover more at www.varonis.com/cisoseries. In this episode: What is the worst security behavior you've seen from an IT vendor? Are you applying talent-to-value recruiting techniques to reduce corporate risk? What are your predictions for the evolution of cyber threats?0 comments0
- CISO Series Podcast Jan 10 · 39m Stir in a Little Merger and Acquisition, and Voilà, You’re a TargetAll links and images for this episode can be found on CISO Series. There is a lot unknown before, during, and after a merger and that can make employees very susceptible to phishing attacks. But, at the same time, the due diligence that goes into an M&A can often open up signs of previous or active compromise, noted Rich Mason of Critical Infrastructure. What does a proposed merger do to a security program?" This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Andy Ellis ( @csoandy), operating partner, YL Ventures. Our guest is Nicole Ford ( @nicoledgray), global vp and CISO, Rockwell Automation. Thanks to our podcast sponsor, Pentera Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers including their ransomware readiness, unfolding true, current security exposures at any moment, at any scale. In this episode: As a security leader, how does your security posture change when you know given your assets you are a specific target vs. just an opportunity? Could similar critical infrastructure agencies be grouped together and therefore share cybersecurity resources? What does a proposed merger do to a security program?0 comments0
- We’re Here. We’re Highly Unqualified. Get Used To ItAll links and images for this episode can be found on CISO Series. "Does anyone else feel like the security field is attracting a lot of low-quality people and hurting our reputation," asked a redditor on the cybersecurity subreddit who remembers a time when security personnel were seen as highly experienced technologists. But now they believe people view cybersecurity as an easy tech job to break into for easy money. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Andy Ellis ( @csoandy), operating partner, YL Ventures. Our guest is Stephen Cicirelli, CISO, American Bureau of Shipping. Thanks to our podcast sponsor, Stairwell The standard cybersecurity blueprint is a roadmap for attackers to test and engineer attacks. With Inception, organizations can operate out of sight, out of band, and out of time. Collect, search, and analyze every file in your environment – from malware and supply chain vulnerabilities to unique, low-prevalence files and beyond. Learn about Inception. In this episode: Does anyone else feel like the security field is attracting a lot of low-quality people and hurting our reputation? Do people view cybersecurity as an easy tech job to break into for easy money? With all this talk of needing more cyber talent, are we attracting quality or just quantity?0 comments0
- Sound Security Advice That’s Perfect to IgnoreAll links and images for this episode can be found on CISO Series. It appears our security awareness training is working, up to a point. Most people are well aware of the need for secure passwords, but they don't actually create secure passwords. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Andy Ellis ( @csoandy), operating partner, YL Ventures. Our sponsored guest is Patrick Harr, CEO, SlashNext. Thanks to our podcast sponsor, SlashNext With today’s transition to hybrid working, phishing attacks are becoming more prevalent than ever. Mobile phishing and credential harvesting are exploding and affecting business reputations, finances and most importantly, data loss. With new methods of phishing attacks appearing year over year, enterprises need more robust phishing protection to better protect this expanding attack surface and companies’ most valuable assets. Check out the report. In this episode: Why does it seem like our security awareness training is only working up to a certain point? Most people are well aware of the need for secure passwords, but why don't they actually create secure passwords? Is it true that, “people are not the weakest link, they're just the top attack vector?”0 comments0
- They’re Young, Green, and Very HackableAll links and images for this episode can be found on CISO Series . It appears we're not providing security awareness training fast enough. That's because hackers are specifically targeting brand new employees who don't yet know the company's procedures. Illicit hackers are discovering they're far easier to phish. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Mike Johnson. Our guest is Gene Spafford ( @therealspaf), Professor, Purdue University. Gene's book available for pre-order Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us . 25th anniversary of CERIAS Thanks to our podcast sponsor, Lacework Lacework offers the data-driven security platform for the cloud and is the leading cloud-native application protection platform (CNAPP) solution. Only Lacework can collect, analyze, and accurately correlate data — without requiring manually written rules — across an organization’s AWS, Azure, Google Cloud, and Kubernetes environments, and narrow it down to the handful of security events that matter. Security and DevOps teams around the world trust Lacework to secure cloud-native applications across the full lifecycle from code to cloud. Get started at lacework.com/cisoseries. In this episode: Is cybersecurity awareness a long term marketing effort? Where are we making progress with the general populous when it comes to improving the human aspect of cybersecurity? How difficult and how long can it take to discover what a company's crown jewels are, and what needs to be done?0 comments0
- Entry Level Position Available. 15+ Years Experience Required.All links and images for this episode can be found on CISO Series . That headline is not a joke. An actual job listing on LinkedIn requested just that. We're all hoping this was an error. Regardless, the community response to it was truly overwhelming, speaking much to the frustration of green and junior cybersecurity job seekers who are truly looking for entry level jobs. This week’s episode is hosted by me, David Spark ( @dspark), producer of CISO Series and Andy Ellis ( @csoandy), operating partner, YL Ventures. Our guest is Bryan Willett, CISO, Lexmark. Thanks to our podcast sponsor, AuditBoard CrossComply is AuditBoard’s award-winning security compliance solution that allows organizations to build trust and scale their security compliance program with a connected risk platform that unifies SOC 2, ISO 2700x, NIST, CMMC, PCI DSS, and more across your organization. In this episode: Why do some job listing seem to have unrealistic requirements for entry level job-seekers? Who needs 15+ years experience in practically anything? What is the value of security operations if you’re not detecting and dealing with incidents? What do you think cybersecurity awareness month should accomplish?0 comments0
Podcast hosts
No host has claimed this podcast yet, if you are the host you can verify ownership by claiming this podcast
© 2018-2022 CISO Series
