CISO Series Podcast

All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is Anne Marie Zettlemoyer, former vp of security, Activision Blizzard. In this episode SOC automation: Moving beyond alert fatigue The entry-level security talent reality Learning from security incidents without blame Evaluating security vendor viability and partnerships A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

All links and images can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Ryan Bachman, executive vice president and CISO, GM Financial. In this episode Identity consolidation versus simplification Entry-level pathways into cybersecurity Evolution of the CISO role toward business resilience Applying simplification principles to cybersecurity complexity Huge thanks to our sponsor, Doppel Doppel is the first social engineering defense platform built to dismantle deception at the source. It uses AI and infrastructure correlation to detect, link, and disrupt impersonation campaigns before they spread - protecting brands, executives, and employees while turning every threat into action that strengthens defenses across a shared intelligence network.

All links and images can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alex Hall, CISO, Gensler. In this episode: Evaluating secure messaging beyond the app Reframing compliance as a business enabler Incremental security investment vs. crisis response Why culture, not punishment, drives secure behavior Huge thanks to our sponsor, Vanta Automate, centralize, & scale your GRC program with Vanta Vanta’s Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.  

All links and images can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is our sponsored guest, Sam Curry, global vp, CISO at Zscaler. This episode was recorded at a Zscaler event in Boston, MA. In this episode: Guardrails for decision making under fatigue Preparing for quantum threats Strategic use of generative AI Reassessing outdated knowledge Huge thanks to our sponsor, Zscaler Zscaler is a cloud-based cybersecurity company that provides secure internet access and private application access. Its platform replaces traditional network security by delivering Zero Trust architecture, protecting users, data, and applications regardless of location. Zscaler’s scalable services help organizations modernize IT and reduce risk with seamless, cloud-native security solutions.

All images and links can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alexandra Landegger, global head of cyber strategy & transformation, RTX. In this episode: A cybersecurity fast-track? When Ambition Becomes a Liability Giving the CVE Program the Credit It Deserves Elevating human cyber talent with AI Huge thanks to our sponsors, Nudge Security, SecurityScorecard, and Vanta Take control of SaaS security and AI governance with Nudge Security. Start a free trial today and get a full inventory of all SaaS and GenAI accounts in minutes along with risk insights and automation to help you quickly improve your security posture. Get started here: nudgesecurity.com/cisoseries   Third-party risk doesn’t stop at monitoring. SecurityScorecard delivers real-time detection and response across your supply chain—helping you fix vulnerabilities before they become breaches. Empower your team with expert-driven remediation, continuous vendor oversight, and board-ready insights that drive results.   Automate, centralize, & scale your GRC program with Vanta Vanta’s Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

All links and images can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Tim Jacobs, vp, CISO, Commonwealth Care Alliance. In this episode: Starting from zero Prepare for decisive decisions Working back from unacceptable Discovering inefficiencies  A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

All links and images for this episode can be found on CISO Series. I host this week’s episode, David Spark (@dspark), producer of CISO Series and Jesse Whaley, CISO, Amtrak. Joining them is their guest Vaughn Hazen, CISO, CN. In this episode: The classics endure The rules of the rail "Prove It. With data." It's all just software A huge thanks to our sponsor, Doppel Doppel is the first social engineering defense platform built to dismantle deception at the source. It uses AI and infrastructure correlation to detect, link, and disrupt impersonation campaigns before they spread - protecting brands, executives, and employees while turning every threat into action that strengthens defenses across a shared intelligence network. Learn more at https://www.doppel.com/platform

Saket Modi, Co-founder and CEO of SAFE Security, dives deep into the intersection of AI and cybersecurity. He discusses the essential role of AI in managing cyber risks and emphasizes the need for robust human oversight. The conversation highlights the importance of adopting a holistic approach to third-party risk management while navigating the ethical dilemmas of IT management. Modi also shares innovative strategies and tools designed to improve vendor assessments and ensure AI remains a support system rather than an autonomous actor.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series, and Andy Ellis, partner of YL Ventures. Their sponsored guest is Jadee Hanson, CISO of Vanta. In this episode: Find a partner to work with Fixing the root of burnout The limitations of human vigilance Balancing openness and control Thanks to our sponsor, Vanta. Automate, centralize, & scale your GRC program with Vanta Vanta’s Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

Charles Blauner, an operating partner at Crosspoint Capital and cybersecurity expert, discusses the evolving landscape of cybersecurity. He highlights the challenges CISOs face, from managing external scrutiny to navigating complex reporting structures. Blauner emphasizes the need for innovative talent strategies to recruit local talent and improve community security. The conversation also touches on access control risks and the potential of government placements in the private sector, positioning cybersecurity as a dynamic field requiring constant adaptation.