All links and images for this episode can be found on CISO Series

We've heard the question "How secure are we?" many times, and we know what it really means.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Kevin Morrison, CISO, Alaska Air.

Thanks to our podcast sponsor, Enso

Enso, an Application Security Posture Management platform, helps security teams scale and gain control over their AppSec programs. Enso discovers application inventory, ownership and risk to easily build and enforce security policies and transform AppSec into an automated, systematic discipline.

In this episode:

• Red flag-level bad security: run away or offer to help?
• How necessary is it to know patterns of where and how criminals are going to attack?
• How to manage the risk of onboarding entry level cybersecurity personnel who lack prior job experience?
• How do you answer the question, "Are we secure?"

All links and images for this episode can be found on CISO Series

What questions should we be asking of a consultant's referrals to see if they're really worth the money they're trying to overcharge us?

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Ira Winkler (@irawinkler), CISO, Skyline Technology Solutions.

Thanks to our podcast sponsor, Varonis

Varonis will help you get meaningful data security results faster than you thought possible. Protect sensitive data, detect sophisticated threats and streamline privacy and compliance. Visit varonis.com/risk for a demo of Varonis’ leading data security platform.

In this episode:

• Fujifilm refused to pay ransomware demand, restored from backup. Be like Fujifilm.
• What to do with people who ask for your password and sign-on – and those who comply
• Best techniques for interviewing cybersecurity consultant candidates
• The importance of securing inter-organization Slack and Teams channels

All links and images for this episode can be found on CISO Series

You think it's easy carrying around the burden of being so perfect all the time? It's tough to carry that responsibility to tell others what they need to do.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Ed Contreras (@cisoedwardc), CISO, Frost Bank.

Thanks to our podcast sponsor, Varonis

Varonis will help you get meaningful data security results faster than you thought possible. Protect sensitive data, detect sophisticated threats and streamline privacy and compliance. Visit varonis.com/risk for a demo of Varonis’ leading data security platform.

• Does a quality tech stack help with recruitment and retention of talent?
• Should security features be free?
• And should those who charge be shamed?
• Failing phishing tests - is there a limit to how many?

All links and images for this episode can be found on CISO Series

We know we've got to say something about this breach, but geez, the details are really sordid and it would just be easier if we could just wrap it up with one giant "oops." You cool with that?

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our sponsored guest is Matt Radolec, senior director, incident response and cloud operations, Varonis.

Thanks to our podcast sponsor, Varonis

Varonis will help you get meaningful data security results faster than you thought possible. Protect sensitive data, detect sophisticated threats and streamline privacy and compliance. Visit varonis.com/risk for a demo of Varonis’ leading data security platform.

In this episode:

• How have insider threats morphed since the onset of Covid?
• Should paying ransomware be illegal?
• What goes into a good post-breach public incident response?
• Should ransomware focus more on backups?