CISO Series Podcast

On this week’s episode of the CISO/Security Vendor Relationship podcast we ask, “What good is a security alert if there’s no actionable item?” As always, the show is hosted by me, David Spark (@dspark), founder, Spark Media Solutions and Mike Johnson, CISO, Lyft. Our guest this week is Wendy Nather (@wendynather), director, advisory CISOs, Duo Security.   On this episode, you’ll learn: Flex your incident response muscles. Does your cybersecurity policy change around high-profile events? What’s the definition of cybersecurity and why do so many people care? How a security vendor helped me a long time ago, but Mike thought about them this week. A couple of vendors submit their pitches for a critique. One is confusing and one is almost perfect. And a couple of “Ask a CISO” questions.   The written content for this podcast was first published on Security Boulevard.

Don’t bother trying to craft a potentially clever, funny and adorable email that you hope will tickle a security practitioner; it’s simply not going to work. When it comes to security pitches, practitioners just want the facts. While humor is appreciated, a cold email pitch is not the time to showcase your creative writing skills. As always, the show is hosted by me, David Spark (@dspark), founder, Spark Media Solutions  and Mike Johnson, CISO, Lyft. Our guest this week is Jeremiah Grossman (@jeremiahg), CEO, Bit Discovery.   On this week’s CISO/Security Vendor Relationship podcast, You’ll discover that InfoSec truism and: 10-second security tip (do you have these security controls in place?). The correct pronunciation of CISO (and whether anyone cares). Consumers and activists issuing lawsuits in the name of GDPR and why that’s a good thing for the future of GDPR. The increasing cost of breaches. A new method to get a security practitioner’s time (Is the idea so crazy it will work? Or do we just need more crazy ideas?). How a security vendor helped me this week.   The written content for this podcast was first published on Security Boulevard.

After tackling some dodgy audio issues, we have released the second episode of the CISO/Security Vendor Relationship podcast with our guest Kip Boyle (@KipBoyle), CEO of Cyber Risk Opportunities. Subscribe to Kip’s podcast. As always, the show is hosted by myself, David Spark (@dspark), Founder, Spark Media Solutions and Mike Johnson, CISO, Lyft.   In this episode, “Security Vendors Buy Their First Pack of Condoms”: 10-second security tip. Amazon Alexa hacked or just a failure of the technology? Does rebooting your router help or is it just security theater? Will automation replace entry-level SOC jobs and if so, how do we bring in new security talent? How security vendors helped me this week. Security vendors padding their pitches. Mitigating new risks or getting back to security basics?   The written content for this podcast was first published on Security Boulevard. Creative Commons photo attribution to Peter Rivera.

I’m proud and excited to announce the launch of the CISO/Security Vendor Relationship Podcast based on the series of articles and videos I produced that examine the relationship between security buyers and sellers. That series was heavily inspired by the writings, posts and insane engagement that Mike Johnson, CISO of Lyft, continues to drive on LinkedIn. And what’s even more awesome, Mike agreed to be my co-host! For our first episode, Mike and I invite Dwayne Melançon (@ThatDwayne), CTO, Innovyze.   In this episode we have: 10-second security tips. Tidal claims “breach” when they’re accused of faking streaming numbers Google Chrome switches its “secured” website alert to one of “not secured” Juro introduces a privacy policy that anyone can read. How security vendors helped me this week How to improve your pitch And ASK a CISO The written content for this podcast was first published on Security Boulevard.