CISO Series Podcast

Shawn Bowen, Svp and CISO, World Kinect Corporation, discusses the paradox of CISOs experiencing higher stress levels while job satisfaction increases. The podcast dives into the challenges faced by cybersecurity professionals, the importance of prioritizing practical risk decisions, analyzing cyber attack scenarios, the role of AI in cybersecurity, and integrating AI technology in application security testing.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our sponsored guest, Nadav Lotan, product management team leader, Cisco. In this episode: How can security teams do their jobs without seeming like an impediment to developers? Why can this relationship seem oppositional? How can both sides work together to better secure software without seeming like a road block? Thanks to our podcast sponsor, Panoptica, Cisco's Cloud Application Security Platform Panoptica, Cisco's Cloud Application Security solution, provides end-to-end lifecycle protection for cloud native application environments. It empowers organizations to safeguard their APIs, serverless functions, containers, and Kubernetes environments. Panoptica ensures comprehensive cloud security, compliance, and monitoring at scale, offering deep visibility, contextual risk assessments, and actionable remediation insights for all your cloud assets.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our guest, Jamil Farshchi, evp and CISO, Equifax. In this episode: Data leaks are hard enough to deal with when caused by threat actors, but how bad is a self-inflicted data leak? Why do these types of incidents happen? How should an organization assess the risk it introduced? Thanks to our podcast sponsor, Varonis Ready to reduce your risk without taking any? Try Varonis' free data risk assessment. It takes minutes to set up and in 24 hours you'll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today.

Exploring the challenges of API security, discussing data leaks caused by failures, and the struggle organizations face in securing APIs. The podcast emphasizes the importance of transparency, integrity, and continuous updates in software development for enhancing security measures.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining me is our sponsored guest, Jay Trinckes, director of compliance, Thoropass. In this episode: Why do credential stuffing attacks put organizations in such a tricky spot? Why is blaming the victim rarely the right move? What kind of reasonable expectations can companies have about how much users will do to protect themselves? Thanks to our podcast sponsor, Thoropass Still spending time collecting evidence and worrying about breaking free of an infinite audit loop? Relax! We fixed audits. Thoropass provides complete infosec compliance management, continuous monitoring, and security audits through AI-infused software and expert guidance – allowing you to do business with confidence. Learn more at www.thoropass.com.

Topics discussed include transitioning talent from other fields into cybersecurity, frameworks for diverse talent recruitment, vendors going over CISOs to the CEO, and the importance of involving the board in vendor communications. The podcast also highlights Panoptica, Cisco's Cloud Application Security Platform, for comprehensive cloud security solutions.

Grant Anthony, CISO of Orion Health, discusses the importance of buy-in to security awareness programs, the challenges organizations face, and building trust. The podcast also covers vulnerability management, threat informed defense, and sharing best practices for performance improvement.

Mical Solomon, CISO at Port Authority of NY and NJ, discusses the challenges of securing generative AI tools and how they compare to SaaS and shadow IT. The episode delves into strategies to prevent falling victim to AI scam calls and the importance of analyzing successful phishing emails. The hosts also discuss serious IT failings, cybersecurity predictions, and the changes being made to policies and security concerns.

Guest Shyama Rose, CISO and head of IT, Affirm, discusses the impact of burnout on security teams and how stress can endanger security missions. They explore the importance of incident response, navigating different cases, and managing stress levels within the team.

Trina Ford, CISO at iHeartMedia, discusses the challenges and demands faced by CISOs, including negotiating for demands and the impact of imposter syndrome. The episode also tackles the importance of educating business partners about cybersecurity threats and risks, as well as setting boundaries for work-life balance.