CISO Stories Podcast (Audio)

By SC Media

Listen to a podcast, please open Podcast Republic app. Available on Google Play Store and Apple App Store.

Image by SC Media

Category: Technology

Open in Apple Podcasts


Open RSS feed


Open Website


Rate for this podcast
    

Subscribers: 13
Reviews: 0
Episodes: 215

Description

SC Media and Snyk are proud to present this month’s CISO Stories program, where CISOs share tales from the trenches and unpack leadership lessons learned along the way. Hosted by Jessica Hoffman.

Episode Date
From Diagram to Cloud: Rethinking Cloud Security in an Age of Uncertainty - Yogita Parulekar - CSP #214
Jul 14, 2025
Empowering Developers: Fostering a Culture of Security in AppSec - Danielle Ruderman - CSP #213
Jun 09, 2025
Mapping the Modern Attack Surface: Fintech’s Evolving Risk Frontier - Erika Dean - CSP #212
May 12, 2025
Maximizing Cyber Liability Insurance: Risk, Relationships & Renewal Strategies - Mandy Andress - CSP #211
Apr 14, 2025
Breach by the Dozen: Incident Response Lessons from the Field - Mike Miller - CSP #210
Mar 10, 2025
AI Governance: Navigating Risks, Frameworks, and the Future - Rock Lambros - CSP #209
Feb 10, 2025
Privacy Under Siege: Navigating Data Theft and the BadBox Threat - Gavin Reid - CSP #208
Jan 13, 2025
Cloud Security in Higher Education: Balancing Trust and Risk - Sheena Thomas - CSP #207
Dec 31, 2024
Cybersecurity in the Cloud: Lessons for Businesses and Beyond - Melina Scotto - CSP #206
Dec 24, 2024
Cloud Security for SMBs: Strategies, Risks, and Resources - Adam John - CSP #205
Dec 17, 2024
Cloud Security at Risk: Tackling Misconfigurations Head-On - Nadia Mazzarolo - CSP #204
Dec 10, 2024
Cloud Security: Lessons Learned and Applied to Emerging Tech - Bertrum Carroll - CSP #203
Dec 03, 2024
Identity Challenges in Manufacturing - Tammy Klotz - CSP #202
Nov 26, 2024
Identity Security: Navigating the New Normal with Dr. Sean Murphy - Sean Murphy - CSP #201
Nov 19, 2024
Identity Security Training: How important is it? - Eric Belardo - CSP #200
Nov 12, 2024
Have you ever had a pen tester own your network? - Julian Austin - CSP #199
Nov 05, 2024
How important is your relationship with your tool vendors? - Jacob Lorz - CSP #198
Oct 29, 2024
What level of tool rationalization does your company do and why? - LaLisha Hurt - CSP #197
Oct 22, 2024
Have you consider your team’s cognitive biases when selecting tools? - Dustin Sachs - CSP #196
Oct 15, 2024
Tokyo DriftSec: Who is going First? Who is going Smooth? - Lisa Landau - CSP #195
Oct 08, 2024
What are your pet peeves when it comes to tool selection? - Timothy Ball - CSP #194
Oct 01, 2024
Tried and True. Going back to basics with Incident Response - Levone Campbell - CSP #193
Sep 24, 2024
The vCISO’s role in Incident Response Accountability - William Klusovsky - CSP #192
Sep 17, 2024
CISO & Legal: Partnerships Needed - Joe Sullivan - CSP #191
Sep 10, 2024
Todd’s Moving On after 185+ Episodes - Future CISO Vision - Todd Fitzgerald - CSP #190
Sep 03, 2024
Vulnerability Management: Tips and Techniques - John Kellerhals - CSP #189
Aug 27, 2024
Are You Vulnerable to Deep Fakes? Controlling the Risk - Paul Neff - CSP #188
Aug 20, 2024
Focus, Breadth, or Depth: Reduce Vulnerabilities with Less $ - Julian Mihai - CSP #187
Aug 13, 2024
No One Succeeds Alone! Why You Must Have an Informal Network - Gene Scriven - CSP #186
Aug 06, 2024
Driving the Business of Infosec Through the GRC Program - Greg Bee - CSP #185
Jul 30, 2024
Evolving from Security to Trust, more than Just Compliance - Mike Towers - CSP #184
Jul 23, 2024
CISO Risk Reduction: Adopting Emerging Technologies - Timothy McKnight - CSP #183
Jul 16, 2024
Deep Dive in GRC: Know Your Sources - Jonathan Ruf - CSP #182
Jul 09, 2024
Governing Cyber Humanely: Leveraging Wellness Techniques - Jothi Dugar - CSP #181
Jul 02, 2024
CISOs Advising Cybersecurity Companies, Get on Board! - Bob West - CSP #180
Jun 25, 2024
As We Implement Zero Trust, Let's Not Forget About Metrics - George Finney - CSP #179
Jun 18, 2024
CISO and the Board: Demonstrating value and relevant metrics - Max Shier - CSP #178
Jun 11, 2024
Point Vs. Platform: Improving TCO Cost/Benefit - Patrick Benoit - CSP #177
Jun 04, 2024
Data Governance is Critical to Info Security and Privacy - Michael Redmond - CSP #176
May 28, 2024
The Riddle of Data Governance - Steven Fox - CSP #175
May 21, 2024
That Data Sprawl is Here! What Should We Do About it? - Nick Ritter - CSP #174
May 14, 2024
Why CISO’s Fail: Some Practical Lessons for the Future - Barak Engel - CSP #173
May 07, 2024
Air Gapped! The Myth of Securing OT - Thomas Johnson - CSP #172
Apr 30, 2024
The Challenges of Managing Security in an IT/OT Environment - John Germain - CSP #171
Apr 23, 2024
The Importance of OT Security: The Evolving Threat Landscape - Ken Townsend - CSP #170
Apr 16, 2024
Tips for a Successful Cyber Resilience Program - Olusegun Opeyemi-Ajayi - CSP #169
Apr 09, 2024
Operational Technology (OT) and the Art of War - Glenn Kapetansky - CSP #168
Apr 02, 2024
Third-Party Risk Management - BEC Compromises and the Cloud - Michael Swinarski - CSP #167
Mar 26, 2024
52,000 Suppliers:Third-Party Supply Chain CyberRisk Approach - Cassie Crossley - CSP #166
Mar 19, 2024
Securing Connections: 3rd Party Risk Mgmt Expert Insights - Charles Spence - CSP #165
Mar 12, 2024
A Printout on Secure by Design When Utilizing 3rd Parties - Bryan Willett - CSP #164
Mar 05, 2024
Intelligent Generative AI Handling - Aaron Weismann - CSP #163
Feb 27, 2024
Responsible Use and Vetting of AI Solutions - Jon Washburn - CSP #162
Feb 20, 2024
The Business Side of AI - Edward Contreras - CSP #161
Feb 13, 2024
Generative AI and Corporate Security – Getting it Right - Bill Franks - CSP #160
Feb 06, 2024
Better CISO Health in the New Year: From Burnout to Balance - Steve Shelton - CSP #159
Jan 30, 2024
Cloud Security Staffing in a Hybrid World – It Can Be Done! - Larry Lidz - CSP #158
Jan 23, 2024
You want the CISO Title & Pay? Responsibility Comes Also! - Malcolm Harkins - CSP #157
Jan 16, 2024
Reimagining Risk in the Emerging Cloud: A GRC Perspective - Solomon Ugah - CSP #156
Jan 09, 2024
Why Don’t We Care About Identity Security? - Don Baham - CSP #155
Jan 02, 2024
High Consequences Cyber: Make or Break the CISO’s Reputation - Andy Jaquith - CSP #154
Dec 26, 2023
Four Pieces of Transitional Advice: Incoming CISOs - Sean Zadig - CSP #153
Dec 19, 2023
Is there really an Information Security Jobs Crisis? - Ben Rothke - CSP #152
Dec 12, 2023
Prioritizing Identity and Getting the Fundamentals Right - Bezawit Sumner - CSP #151
Dec 05, 2023
Do You Really Want to Be a CISO? - Spencer Mott - CSP #150
Nov 28, 2023
All in One CISO: There Is Nothing We Can't Do - Jessica Hoffman - CSP #149
Nov 21, 2023
Building a People-Centric Security Program - Cathy Olsen - CSP #148
Nov 14, 2023
Veterans Impacting Cybersecurity - David Cross - CSP #147
Nov 07, 2023
Should We Be Relying on Our Cybersecurity Risk Matrices? - Doug Hubbard - CSP #146
Oct 31, 2023
OT Is Not IT But Security Can Handle Both - Mea Clift - CSP #145
Oct 24, 2023
Effective Communication is Critical for CISO Success - Wes Knight - CSP #144
Oct 17, 2023
Terminology Matters: Changing 'Cybersecurity' to Data Care - Cyndi Gula, Ron Gula - CSP #143
Oct 10, 2023
NextGen Security Tooling: Investments in Intelligence - Mike Coogan - CSP #142
Oct 03, 2023
Uber CISO Trial Learnings for CISOs: In the CISO's Own Words - Joe Sullivan - CSP #141
Sep 26, 2023
Managing CyberRisk in a Mid-Cap Company - Walter Lefmann - CSP #140
Sep 19, 2023
Collective Defense: The Importance of Partnerships in Cybersecurity - Jamil Farshchi - CSP #139
Sep 12, 2023
Teams are Built around Key Players Performing Great Functions - Ralston Simmons - CSP #138
Sep 05, 2023
Championship Results: No Bank Breaking or Boat Rocking! - Steve Hunt - CSP #137
Aug 29, 2023
Supply Side Security: How to Maintain a Talent Pipeline - Helen Patton - CSP #136
Aug 22, 2023
Deploying Zero Trust Without Destroying End User Trust - Mike Zachman, Colin Chisholm - CSP #135
Aug 15, 2023
Security Musings from a Psychotherapeutic Perspective - Mark Eggleston - CSP #134
Aug 08, 2023
Cyber Risk Governance: The Hype, Hope, & Harsh Reality - John Sapp - CSP #133
Aug 01, 2023
The Tactics of Being Strategic in Cybersecurity - Jason Elrod - CSP #132
Jul 25, 2023
Protecting the Nation’s Most Sensitive Information & 800-171 Update - Ron Ross - CSP #131
Jul 18, 2023
The Evolution & Portability of the CISO Role - Sheldon Cuffie - CSP #130
Jul 11, 2023
Being a CISO in Higher Education - Lorna Koppel - CSP #129
Jul 04, 2023
Being a CISO in Higher Education - Lorna Koppel - CSP #129
Jul 04, 2023
Building High Performing Security, RM, & Resilience Teams - Darin Hurd - CSP #128
Jun 27, 2023
Deliver High Impact Global Security Programs with Low Ego - Rajesh David - CSP #127
Jun 20, 2023
Security @ Scale: Building Trust, Starting with Cybersecurity - Rob Duhart Jr. - CSP #126
Jun 13, 2023
The Company’s Lawyer is Not Your Lawyer – Legal Self Defense - Larry Dietz - CSP #125
Jun 06, 2023
Are We Thinking in the Right Way as CISOs? - Sajan Gautam - CSP #124
May 30, 2023
Using Data to Estimate Cyber Risk Financial Implications - Paul Sand - CSP #123
May 23, 2023
SEC Cybersecurity Risk Governance Requirements - Christopher Hetner - CSP #122
May 16, 2023
Cyber-Local: City of Chicago Cybersecurity Mission - Bruce Coffing - CSP #121
May 09, 2023
Establishing and Enrolling Others in a Cybersecurity Vision - Joey Johnson - CSP #120
May 02, 2023
Leadership Lessons Learned and Preparing your CISO Successor - Dave Estlick - CSP #119
Apr 25, 2023
From Nothing to Something: Overcoming Hurdles - Larry Whiteside Jr - CSP #118
Apr 18, 2023
20 Years of GRC: What Have we Learned? What is Next? - Michael Rasmussen - CSP #117
Apr 11, 2023
County Government Cyber: Don’t Let the Roadblocks Stop You ft. Michael Dent & Richard Greenberg- CSP #116
Apr 04, 2023
Connecting with Higher Education: New Talent at the Source - Fred Kwong - CSP #115
Mar 28, 2023
Security vs. Operations – Balancing the Risk - Ross Leo - CSP #114
Mar 27, 2023
The Rise of the Chief Product Security Officer - Jason Christman - CSP #113
Mar 14, 2023
Leading Cybersecurity with Purpose - Nicole Darden Ford - CSP #112
Mar 07, 2023
Business Ethics and the CISO - Troy Stairwalt - CSP #111
Feb 28, 2023
100 CISO STORIES Podcasts, What Did we Learn? - CSP #110
Feb 21, 2023
2023 CISO Cybersecurity Priorities - CSP #109
Feb 14, 2023
2023 NFL Superbowl: Year-Long Cybersecurity Preparation - Tomás Maldonado - CSP #108
Feb 07, 2023
The Trends & Future with Cloud (PaaS & IaaS) - Erik Hart - CSP #107
Jan 31, 2023
Cybersecurity in a 5G World - Timothy Youngblood - CSP #106
Jan 24, 2023
Dear Auditor: Why is this a high risk finding? Can we talk? - CSP #105
Jan 17, 2023
Inclusive Leadership for CISOs Now! - CSP #104
Jan 10, 2023
The Future is Here – Now What? - Patti Titus - CSP #103
Jan 03, 2023
CISO Soft Skills Will Make or Break You! - Robert Wood - CSP #102
Dec 27, 2022
Security Top of Mind: Key Learnings from 2022 & Thoughts on 2023 - Ryan Kazanciyan - CSP #101
Dec 20, 2022
Cybersecurity Myths & Misconceptions: Avoiding the Pitfalls - Eugene Spafford - CSP #100
Dec 13, 2022
Build a Cybersecurity Vision and Strategy They Can Visualize - Jason Clark - CSP #99
Dec 06, 2022
What is a vCISO? What Do They Do? Does Having One Make Sense? - Michael Phillips & Matthew DeChant - CSP #98
Nov 29, 2022
SMB vs Large Infosec: Different Approaches Required! - Dane Sandersen - CSP #97
Nov 22, 2022
How the CISO can Make the Biggest Impact for the Company - Tim Callahan - CSP #96
Nov 15, 2022
The Value of Cyber Defense Competitions in Building a Strong SOC - Brian Wickenhauser - CSP #95
Nov 08, 2022
Surviving and Thriving in the CISO Role for the Long Run - Jim Cameli - CSP #94
Nov 01, 2022
Approaching Cloud Security from a Cloud-Native Perspective - Josh Dreyfuss - CSP #93
Oct 25, 2022
NIST Privacy Framework 101 - Dylan Gilbert - CSP #92
Oct 18, 2022
Cybersecurity Leadership Through Adversity - Marc Varner - CSP #91
Oct 11, 2022
2022 DBIR Trends: Ransomware, Remote Work, Threat Actors...Oh My! - Chris Novak - CSP #90
Oct 04, 2022
Are CISOs Experiencing a Mental Health Crisis? - Shamla Naidoo - CSP #89
Sep 27, 2022
The NIST Cybersecurity Framework Explained - From Its Leader - Matthew Smith - CSP #88
Sep 20, 2022
Should we be Concerned About Quantum Computing and Cybersecurity Now? - Richard Rushing - CSP #87
Sep 13, 2022
Are Cryptocurrencies to Blame for the Increase in Ransomware Attacks? - Bob Seeman - CSP #86
Sep 06, 2022
Cyberinsurance & the CISO: What You Need to Know - Bryan E. Hurd - CSP #85
Aug 30, 2022
The Positive Power of Community Engagement - Ron Hale - CSP #84
Aug 23, 2022
The CEO Won’t Wear a Security Badge? Try This! - John Ceraolo - CSP #83
Aug 19, 2022
Have we Forgotten About the Basics? - Benjamin Corll - CSP #82
Aug 09, 2022
Using MindMaps to Strengthen Cybersecurity - Michael Wilcox - CSP #81
Aug 02, 2022
How to Talk With Your Lawyer - Mark Daryl Rasch - CSP #80
Jul 26, 2022
Insider's View of the CISO Search - Joyce Brocaglia - CSP #79
Jul 19, 2022
Solarwinds From the Inside: The Breach and the Aftermath - Tim Brown - CSP #78
Jul 12, 2022
Protecting Your Intellectual Property - Michael Boucher - CSP #77
Jul 05, 2022
Achieving a Competitive Advantage Through Privacy By Design - Ann Cavoukian - CSP #76
Jun 28, 2022
Attracting Talent Using The Nice Framework - Greg Witte - CSP #75
Jun 21, 2022
Where Should the CISO Report? Guess Again! - Stephen Fried - CSP #74
Jun 14, 2022
Educating Senior Management in Cybersecurity - Edward Amoroso - CSP #73
Jun 07, 2022
Moving From a Techie to a CISO - Shaun Cavanaugh - CSP #72
May 31, 2022
Women in Leadership - Stacy Mill - CSP #71
May 24, 2022
Establishing and Selling The Cost of Cybersecurity - Devon Bryan - CSP #70
May 17, 2022
Deliver Your Board Message with Context and Confidence! - Jason Witty - CSP #69
May 10, 2022
Using Security Metrics as a Shared Goal With Developers - Caroline Wong - CSP #68
May 03, 2022
Keeping Up with the Jones when Your Neighbors Are Bad Actors - Jason Taule - CSP #67
Apr 26, 2022
Get Ready: 4 Generations Are Returning to The Office! - Caitlin McGaw - CSP #66
Apr 19, 2022
Control Frameworks Are There For A Reason - Philip Agcaoili - CSP #65
Apr 12, 2022
Change Controls Are More Necessary Than Ever - Rebecca Herold - CSP #64
Apr 05, 2022
Determining Cyber Risk Appetite With the Board - Adel Melek - CSP #63
Mar 29, 2022
CISO Priorities 2022 - CSP #62
Mar 22, 2022
Why Are We Still Failing at Security? - Wayman Cummings - CSP #61
Mar 15, 2022
The CISO Six Minute Rule - Renee Stark - CSP #60
Mar 08, 2022
Lessons Learned from Building an ISAC - Grant Sewell - CSP #59
Mar 01, 2022
Getting the Board on Board With Security - Richard Clarke - CSP #58
Feb 22, 2022
Understanding and Preparing for the Next Log4j - Benny Lakunishok - CSP #57
Feb 15, 2022
A Cost-Effective Approach to Security Risk Management - Jack Jones - CSP #56
Feb 08, 2022
Creating Security Budgets Where There is No Budget - Kevin Richards - CSP #55
Feb 01, 2022
When Should You Just Do It Internally or Hire a Consultant? - John Iatonna - CSP #54
Jan 25, 2022
Designing a Shared Vision with IT and the Business - Scott King - CSP #53
Jan 18, 2022
Moving to the Cloud? Don't Forget Hardware Security! - Steve Orrin - CSP #52
Jan 11, 2022
Privacy Hunger Games: Change The Rules - Samantha Thomas - CSP #51
Jan 04, 2022
Server Room to War Room: Enterprise Incident Response - Dawn-Marie Hutchinson - CSP #50
Dec 28, 2021
CISO Shortlist: Key Issues to Cover for Todays CISOs - Leon Ravenna - CSP #49
Dec 21, 2021
The Future Is Now: Model-Driven Security Using Data Science - Jim Routh - CSP #48
Dec 14, 2021
CISOs Need Training Too! - Candy Alexander - CSP #47
Dec 07, 2021
No Senior Management Buy-in, No Success - Chris Apgar - CSP #46
Nov 30, 2021
Skills I Needed to be a First-Time CISO - Richard Kaufmann - CSP #45
Nov 23, 2021
Which Approach Wins: Compliance or Risk? - Mark Burnette - CSP #44
Nov 16, 2021
Who Is Your SOC Really For? - Ricardo Lafosse - CSP #43
Nov 09, 2021
Do You Know where Your Data Is? - William Miaoulis - CSP #42
Nov 02, 2021
The Nexus of Security, Privacy and Trust - Allison Miller - CSP #41
Oct 26, 2021
5 Pitfalls Issuing Information Security & Privacy Policies - Charles Cresson Wood - CSP #40
Oct 19, 2021
45 Minutes and 10,000 Servers Encrypted (NotPetya) - Todd Inskeep - CSP #39
Oct 12, 2021
Security Awareness That Works! - Steven Lentz - CSP #38
Oct 05, 2021
Extending Detection and Response to the Cloud - Kathy Wang - CSP #37
Sep 28, 2021
Security from Scratch: Incident Response on a Shoestring Budget - Sam Monasteri - CSP #36
Sep 21, 2021
Fiscally Responsible Ways to Train/Build Community - Kevin Novak - CSP #35
Sep 14, 2021
Communications Before, During and After the Breach - Melanie Ensign - CSP #34
Sep 07, 2021
The Unpatchable Vulnerability That Is Human Nature - Rachel Tobac - CSP #33
Aug 31, 2021
Did You Ask For (and Get!) Too Much Security Money! - James Christiansen - CSP #32
Aug 24, 2021
Practical Considerations for Managing Your MSSP - Johnathan Nguyen-Duy - CSP #31
Aug 17, 2021
Achieving Security Buy-in: Change Approach, Not Culture - David Nolan - CSP #30
Aug 10, 2021
Hacking Into Cybersecurity - Kerissa Varma - CSP #29
Aug 03, 2021
CISO Roundtable: Ransomware Attacks and the True Cost to Business - CSP #28
Jul 30, 2021
10 Min for a Call? Managing the Security Product Salesperson - Kevin Morrison - CSP #27
Jul 27, 2021
Developing Secure Agile Code Quickly is Very Achievable! - Glenn Kapetansky - CSP #26
Jul 20, 2021
Protecting the "Crown Jewels" - Steve Durbin - CSP #25
Jul 13, 2021
CISOs: Always be a Student, Always be Learning - Phil Attfield - CSP #24
Jul 06, 2021
CISO Business Enablement: Getting to 'Yes' as a CISO - Dan Lohrmann - CSP #23
Jun 29, 2021
Want to Elevate CyberSecurity? Relationships Matter! - Mark Weatherford - CSP #22
Jun 22, 2021
Fixing the Talent Shortage: CyberSecurity Talent Initiative - Alexander Niejelow - CSP #21
Jun 15, 2021
So You Want to be a Cyber Spy? - Ira Winkler - CSP #20
Jun 08, 2021
No Insider Cybersecurity Risk? Guess Again! - Dawn Cappelli - CSP #19
Jun 01, 2021
CISOs Cross the Bridge to the Cloud - Jim Reavis - CSP #18
May 25, 2021
Just Fix It: 5 Critical Elements to Protect the Right Assets - Roland Cloutier - CSP #17
May 18, 2021
Passion for Solving Problems is Key to Security - Will Lin - CSP #16
May 11, 2021
Effective Health Care Security is More Than HIPAA!! - Erik Decker - CSP #15
May 04, 2021
Stop Reporting Useless Security Metrics!! - Edward Marchewka - CSP #14
Apr 27, 2021
Necessity is the Mother of Security - Tatu Ylonen - CSP #13
Apr 20, 2021
He Fought the FTC Over a Breach & Won - Michael Daugherty - CSP #12
Apr 13, 2021
Is There a Magic Security Control List? - Tony Sager - CSP #11
Apr 06, 2021
Doing Security Before Security Was a Career Path - Petri Kuivala - CSP #10
Mar 30, 2021
The Colonoscopy of CyberSecurity - Lee Parrish - CSP #9
Mar 23, 2021
Going All-in on a Career in Security - Mauro Israel - CSP #8
Mar 16, 2021
Is CyberSecurity ROI Necessary? - Paul Hypki - CSP #7
Mar 09, 2021
Your Job is to Make CyberSecurity Simple! - Steve Katz - CSP #6
Mar 02, 2021
...and Other Useless Security Constructs - Robert Bigman - CSP #5
Feb 23, 2021
Without Building CISO EQ, You May be on Your Own! - Marci McCarthy - CSP #4
Feb 16, 2021
Doing Privacy Right vs. Doing Privacy Rights - Valerie Lyons - CSP #3
Feb 11, 2021
Sled Security: Pandemics, Policies, & Penny-Pinching - Ari Schwartz - CSP #2
Feb 10, 2021
Telling Scary Stories to the Board? Stop. Here’s Why. – Mischel Kwon - CSP #1
Feb 09, 2021