CISO Series Podcast
Formerly named CISO/Security Vendor Relationship Podcast. Discussions, tips, and debates from security practitioners and vendors on how to work better together to improve security for themselves and everyone else.

Just like so many security products are infused with artificial intelligence, we've also got plenty of meaningless modifiers to describe this podcast.

On this episode we've got:

  • First 90 Days of a CISO. How do you assess talent already there, and how do you prioritize the new hires you need?
  • Please, Enough! No, More! We delve into the overexposure of AI (artificial intelligence) and machine learning. Are they the same thing? And what do CISOs actually want to hear more about on both of these topics?
  • "What's Worse?!" This is a brand new game where I ask the CISOs to determine which of two really bad security practices is worse.
  • What Do You Think of This Pitch? We've got another vendor pitch that the CISOs critique.
  • Ask a CISO. How are CISOs involved in purchase decisions that are not security related (e.g., cloud, networking, infrastructure).

Special thanks to Signal Sciences for sponsoring this episode. If you're using web application firewalls (WAFs), make sure you read "Three Ways Legacy WAFs Fail" by their head of research, James Wickett.

As always, the show is hosted by me, David Spark (@dspark), founder, Spark Media Solutions and Mike Johnson, CISO, Lyft. Our guest this week is Dennis Leber (@dennisleber), CISO, Cabinet for Health and Family Services, Commonwealth of Kentucky and the self proclaimed "Most Interesting Man in Information Security."

We Want More of "What's Worse?!"

In this episode, I introduced a new segment, a game called "What's Worse?!" where I introduce two comparably bad security practices and ask the CISOs to debate on which is worse, and why. Fortunately in this episode the CISOs disagreed on both comparisons posed. I'm eager to challenge CISOs with more "What's Worse?!" questions. So if you've got a good one, please contact me here or on LinkedIn.

I'm also interested in:

  • “Ask a CISO” questions.
  • A vendor pitch you want us to critique.
  • A hot security discussion (please provide a link).
  • A quick security tip.
  • A big industry story and what it means to security professionals.

In all cases, we can mention you and your company name or keep you anonymous. Just let me know which you prefer.

Listen and Subscribe to the CISO/Security Vendor Relationship Podcast

So many ways to connect and listen to the podcast.

Sponsor the Podcast

If your company would like to sponsor this podcast, please contact David Spark at Spark Media Solutions.

Direct download: CISO_Vendor_07-29-18_FINAL.mp3
Category:podcast -- posted at: 5:32am PDT