CISO Series Podcast

Saket Modi, Co-founder and CEO of SAFE Security, dives deep into the intersection of AI and cybersecurity. He discusses the essential role of AI in managing cyber risks and emphasizes the need for robust human oversight. The conversation highlights the importance of adopting a holistic approach to third-party risk management while navigating the ethical dilemmas of IT management. Modi also shares innovative strategies and tools designed to improve vendor assessments and ensure AI remains a support system rather than an autonomous actor.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series, and Andy Ellis, partner of YL Ventures. Their sponsored guest is Jadee Hanson, CISO of Vanta. In this episode: Find a partner to work with Fixing the root of burnout The limitations of human vigilance Balancing openness and control Thanks to our sponsor, Vanta. Automate, centralize, & scale your GRC program with Vanta Vanta’s Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

Charles Blauner, an operating partner at Crosspoint Capital and cybersecurity expert, discusses the evolving landscape of cybersecurity. He highlights the challenges CISOs face, from managing external scrutiny to navigating complex reporting structures. Blauner emphasizes the need for innovative talent strategies to recruit local talent and improve community security. The conversation also touches on access control risks and the potential of government placements in the private sector, positioning cybersecurity as a dynamic field requiring constant adaptation.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series, and Andy Ellis, partner, YL Ventures. Joining us is Mandy Huth, svp, CISO, Ultra Clean Technology. In this episode: Start with good defaults Building talent bridges Don’t forget the humans Differentiating with privacy Automate, centralize, & scale your GRC program with Vanta Vanta’s Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is Mike D’Arezzo, executive director of infosec and GRC, Wellstar Health Systems. In this episode: The shift left myth Reconsidering CISO evaluations The power of “how” Building bridges Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

Nathan Hunstad, Director of Security at Vanta, shares insights on navigating the complex landscape of AI and security. He emphasizes the need to rethink adversaries, including everyday users, to enhance AI deployment. Discussions delve into the importance of SOC 2 compliance for startups while treating generative AI like any other application. Hunstad also highlights building a robust security foundation beyond mere certifications and the necessity of strong leadership and teamwork in tackling vulnerability management.

Christina Shannon, CIO of KIK Consumer Products, and Jim Bowie, CISO of Tampa General Hospital, discuss vital cybersecurity strategies. They highlight the need for continuous security awareness training over traditional compliance sessions. The duo explores the balance between high-pressure environments and team well-being. As they dissect the vulnerabilities of weak passwords versus phishing, they also share humorous incidents from training, emphasizing a collaborative and engaging approach to fostering a strong security culture.

Rob Allen, Chief Product Officer at ThreatLocker, dives into the complexities of cybersecurity in a lively discussion. He emphasizes the importance of kindness and effective communication during incident responses. Discover how to assess security incident severity and the challenges of aligning security policies with developer needs. Allen also explores the nuances of the Zero Trust model and its impact on balancing security with business operations. Expect engaging stories from the event and insights on transforming security incidents into learning opportunities.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is Edward Contreras, senior evp and CISO, Frost Bank.  In this episode: A gradual language shift Don’t reflexively rise and grind Lean into focus Gauging the unmeasurable  Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

Mike Wilkes, former CISO of Major League Soccer and board member at the National Jazz Museum, dives into the evolving role of vCISOs and the unique cybersecurity challenges faced by the maritime industry. He discusses the forgotten need for succession planning for CISOs and the implications of AI and quantum computing on cybersecurity. With a blend of humor and insight, the conversation also touches on pressing regulatory changes and the interplay between community engagement and security strategies.