Defense in Depth

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Yaron Levi, CISO, Dolby. Joining us is Joey Rachid, CISO, Xerox. In this episode: It's a balancing act Choose to leave the kids' table Your team is essential Don't change CISOs midstream Huge thanks to our sponsor, Blackslash Backslash offers a new approach to application security by creating a digital twin of your application, modeled into an AI-enabled App Graph. It categorizes security findings by business process, filters “triggerable” vulnerabilities, and simulates the security impact of updates. Backslash dramatically improves AppSec efficiency, eliminating legacy SAST and SCA frustration. Learn more at https://www.backslash.security/

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Howard Holton, COO, Gigaom. Joining us is our sponsored guest, Rob Allen, chief product officer at ThreatLocker. In this episode:  Reinforcing zero trust Focus on effectiveness Understanding zero trust limitations What's next Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is Jay Jay Davey, vp of cyber security operations, Planet.  In this episode: Aligning incentives The realities of the job Delivering ROI Holistic cybersecurity Thanks to our sponsor, Backslash Security Backslash offers a new approach to application security by creating a digital twin of your application, modeled into an AI-enabled App Graph. It categorizes security findings by business process, filters “triggerable” vulnerabilities, and simulates the security impact of updates. Backslash dramatically improves AppSec efficiency, eliminating legacy SAST and SCA frustration. Learn more at www.backslash.security.

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Eric Gold, chief evangelist, BackSlash. In this episode: Start with the culture Moving AppSec to a higher level A strategy for security Maturing the basics Thanks to our sponsor, Backslash Security Backslash offers a new approach to application security by creating a digital twin of your application, modeled into an AI-enabled App Graph. It categorizes security findings by business process, filters “triggerable” vulnerabilities, and simulates the security impact of updates. Backslash dramatically improves AppSec efficiency, eliminating legacy SAST and SCA frustration.  

All links and images for this episode can be found on CISO Series. Check out this post from Jerich Beason, CISO at WM, for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Dan Walsh, CISO, Datavant. Joining us is Rinki Sethi, vp and CISO, BILL. In this episode: You need a solid foundation A lot depends on the role Underappreciated skills Structures and frameworks Huge thanks to our sponsor, Recorded Future Every day, security teams face an impossible challenge: sorting through millions of threats, each potentially critical. But somewhere in that noise are the signals you can't afford to miss. Recorded Future's gives you the power to outpace AI-driven threats through intelligence tuned specifically to your needs, enabling you to act with precision. Their advanced AI detects patterns human eyes might miss, while their experts provide context that machines alone cannot. Visit recordedfuture.com to learn more about securing what matters to your business.

Alex Hutton, CISO at Atlantic Union Bank, shares his expertise as a security executive and startup founder. He discusses the confusion created by Gartner's cybersecurity acronyms and how they complicate choices for professionals. Highlights include the challenges startups face when differentiating themselves and the importance of clear communication in vendor relationships. The conversation also delves into leveraging frameworks like Wardley Maps to navigate technology trends, underscoring the need for trust between vendors and clients in the ever-evolving cybersecurity landscape.

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Jason Elrod, CISO, MultiCare Health System. Joining us is our sponsored guest, Nick Muy, CISO, Scrut Automation. In this episode: Supercharging teams Shifting to proactive A unique opportunity A human in the legal loop HUGE thanks to our sponsor, Scrut Automation Scrut Automation empowers compliance and risk teams of all sizes to build enterprise-grade security programs effortlessly. With powerful automation, AI-driven efficiencies, and seamless integrations, Scrut eliminates compliance debt and enables proactive risk management—helping your business stay secure as it scales. Visit www.scrut.io to learn more or schedule a demo.

All links and images for this episode can be found on CISO Series. Check out this post by Tallis Jordan of the U.S. Army Cyber Command for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is Montez Fitzpatrick, CISO, Navvis. In this episode: Start with foundations Learning to learn Don’t get hustled Building a pipeline HUGE thanks to our sponsor, Scrut Automation Scrut Automation empowers compliance and risk teams of all sizes to build enterprise-grade security programs effortlessly. With powerful automation, AI-driven efficiencies, and seamless integrations, Scrut eliminates compliance debt and enables proactive risk management—helping your business stay secure as it scales. Visit www.scrut.io to learn more or schedule a demo.

All links and images for this episode can be found on CISO Series. Check out this post from Yaron Levi for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is Yaron Levi, CISO, Dolby. In this episode: A knowledge deficit Talk is cheap What’s the difference? Answer the preliminaries HUGE thanks to our sponsor, Scrut Automation Scrut Automation empowers compliance and risk teams of all sizes to build enterprise-grade security programs effortlessly. With powerful automation, AI-driven efficiencies, and seamless integrations, Scrut eliminates compliance debt and enables proactive risk management—helping your business stay secure as it scales. Visit www.scrut.io to learn more or schedule a demo.

In this conversation, Ngozi Eze, the CISO at Levi Strauss, unpacks the illusion of a cybersecurity talent shortage, attributing it to inflated job posts and outdated compensation practices. She discusses salary trends revealing significant increases for roles like CISOs, challenging the narrative of companies' unwillingness to pay. Eze also highlights the need for cultural fit and transparent recruitment to attract top talent, while addressing the complexities of the job market and the importance of realistic job expectations.