CISO Series Podcast

Rob Allen, Chief Product Officer at ThreatLocker, dives into the complexities of cybersecurity in a lively discussion. He emphasizes the importance of kindness and effective communication during incident responses. Discover how to assess security incident severity and the challenges of aligning security policies with developer needs. Allen also explores the nuances of the Zero Trust model and its impact on balancing security with business operations. Expect engaging stories from the event and insights on transforming security incidents into learning opportunities.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is Edward Contreras, senior evp and CISO, Frost Bank. In this episode: A gradual language shift Don't reflexively rise and grind Lean into focus Gauging the unmeasurable Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

Mike Wilkes, former CISO of Major League Soccer and board member at the National Jazz Museum, dives into the evolving role of vCISOs and the unique cybersecurity challenges faced by the maritime industry. He discusses the forgotten need for succession planning for CISOs and the implications of AI and quantum computing on cybersecurity. With a blend of humor and insight, the conversation also touches on pressing regulatory changes and the interplay between community engagement and security strategies.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Adam Holland, former CISO, the Wendy's Company, now CISO of Ascension Healthcare. In this episode: The long road to influence The effort to build a bridge Living within limits Motivation for security awareness Thanks to our podcast sponsor, Vanta! Say goodbye to spreadsheets and screenshots. Vanta automates evidence collection needed for audits with over 350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across over 35 frameworks, you'll streamline compliance— and never duplicate your efforts.

Shaun Marion, VP and CSO at Xcel Energy, brings over a decade of cybersecurity expertise to the discussion. He addresses the crucial balance between effective policy implementation and the challenges of change management. Marion emphasizes the art of storytelling in bridging technical cybersecurity details with business relevance. The conversation also explores the value of crisis experience for CISOs and reflects on the limitations of Data Loss Prevention solutions, while highlighting optimism in future data security innovations.

Danny Jenkins, CEO of ThreatLocker, dives into the complexities of cybersecurity, focusing on a zero-trust approach to endpoint security. He discusses the challenges of managing zero-day vulnerabilities and the necessity of phasing out outdated hardware. The conversation highlights the need for clear communication during security tests and explores human psychology's role in effective security measures. Jenkins also debates the importance of tailored user training and the impact of data breaches on organizations.

Join Matt Muller, Field CISO at Tines, as he dives into the intersection of AI and security. He emphasizes the importance of cultivating AI security champions and the varying levels of tool adoption among employees. The discussion highlights the evolving role of SOCs and the necessity of clearer definitions in security operations. Matt also addresses the complexities of data breaches involving third-party vendors and the transformative role of automation in DevOps, advocating for communication strategies that align cybersecurity efforts with business objectives.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Deneen DeFiore, Vice President & Chief Information Security Officer, United Airlines. In this episode: Minding the gap Copilot overreliance Opening up the field Navigating the SMB cyber insurance conundrum Thanks to our podcast sponsor, Vanta! Say goodbye to spreadsheets and screenshots Vanta automates evidence collection needed for audits with over 350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across over 35 frameworks, you'll streamline compliance— and never duplicate your efforts.

Lamont Orange, CISO at Cyera and expert in data security, discusses key themes from a live conference in Dallas. He emphasizes the shift from a zero-incident mindset to building resilience in cybersecurity. The conversation highlights the importance of AI and automation in data security, and addresses the balance between security, integrity, and availability. Lamont also engages in lively debates on integrated platforms versus niche solutions, urging for better integration in response to evolving threats while promoting curiosity and innovation in the field.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is George Finney, CISO, The University of Texas System and author of Project Zero Trust. In this episode: Aligning on privacy Bringing Zero Trust to OT Restores and resilience Focus on what you can control Thanks to our podcast sponsor, Vanta! Say goodbye to spreadsheets and screenshots. Vanta automates evidence collection needed for audits with over 350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across over 35 frameworks, you'll streamline compliance— and never duplicate your efforts.