All links and images for this episode can be found on CISO Series

What can you do when your data keeps passing through different third party applications? Your data is being accessed and manipulated by more people, more applications, and more security policies that may not be aligned with your security policies. It seems once it leaves your environment, it's out of your control.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Elliot Lewis (@ElliotDLewis), CEO, Keyavi.

Thanks to our podcast sponsor, Keyavi

Myth: Data can’t protect itself. Fact: Now it does! You control where your data goes in the world, who can access it and when. On any device. Anytime. Anywhere. FOREVER. Learn more at Keyavi.com.

In this episode:

• Can the US government, through regulation, shift the tide of never-ending cybersecurity failures?
  
• Your network was just hit with ransomware. What do you do in your environment?
  
• What should we be discussing more of when it comes to protecting data in the supply chain?
  
• What's the biggest security flaw you've seen in every environment you've ever worked?
  

All links and images for this episode can be found on CISO Series

If they can find flaws, security professionals are quick to label it as bad security behavior. But often, what is marked as "bad" may have problems, but when looked at from a reducing risk perspective it's actually a very good security behavior.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Carla Sweeney, vp information security, Red Ventures.

Thanks to our podcast sponsor, Protegrity

Protegrity empowers intelligence-driven organizations to use data to drive innovation with secure analytics and artificial intelligence, without fear of violating compliance or jeopardizing privacy. To make this vision a reality, we protect sensitive data anywhere and everywhere to create secure data agility that aligns with the speed of modern business.

In this episode:

• Is a CISO really an architect of choices, for themselves and the other business leaders?
  
• Why and how can controls impose friction or drag on business velocity?
  
• What are the types of questions you ask when you're referencing a resume and what are some examples of really impressive responses?
  
• What are some things that get a bad rap, but are actually quite secure?
  

All links and images for this episode can be found on CISO Series

Getting someone to purchase gift cards is a popular vector for theft. Given that the gift card theft technique is so well known, many online sites have put up additional barriers to purchasing gift cards. Trying to buy them legitimately has become increasingly difficult.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Ariel Weintrab (@securitymermaid), CISO, MassMutual.

Thanks to our podcast sponsor, PlexTrac

PlexTrac is a powerful, yet simple, cybersecurity platform that centralizes all security assessments, pentest reports, audit findings, and vulnerabilities. PlexTrac transforms the risk management lifecycle, allowing security professionals to generate better reports faster, aggregate and visualize analytics, and collaborate on remediation in real-time.

Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs!

In this episode:

• What areas should we focus on improving the security user experience for non-security people?
  
• Does it get easier at the top? What factors do you think result in the workload being tougher or easier for a CISO?
  
• How can radical transparency help and where can it backfire?
  
• What can we do to avoid poisoned systems and how can we tell if our systems have been poisoned?
  

All links and images for this episode can be found on CISO Series

Should you monitor your staff? I mean reallymonitor them. Some bosses are installing screen grabbing and click tracking software to monitor employees and by most estimates employees hate it so much that half of them would quit if their supervisors installed monitoring software on their computers. But in some cases an employee's behavior may lend themselves to being monitored.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our sponsored guest is Ian Hassard (@ihassard), director of product management, Okta.

Thanks to our podcast sponsor, Okta

Auth0 is the leading provider of customer identity solutions. Watch Jameeka Aaaron, CISO for Auth0, explain how to balance security with friction to create a safe authentication experience without compromising on privacy.

In this episode:

• What are the real world positive impacts that result on the business in terms of risk reduction, product development, and prevention?
  
• What are some alternatives to address the authentication problem?
  
• What have you heard enough about with authentication, and what would you like to hear a lot more about?
  
• To what level should you and shouldn't you monitor your staff? What cases do you feel you would have to install monitoring software?