To see the blog post and read the transcript, head over to CISO Series.

We don't celebrate quitting. Maybe we should. When should you do it when you don't have another offer?

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Hadas Cassorla, CISO, M1.

On this episode:

• When a "good" security control is actually bad for business.
• A "how to" engage with a CISO during a presentation meeting.
• Losing your passion for cybersecurity. What next?
• Building a budget for remote team building.

HUGE thanks to our sponsor, Keyavi

Data that protects itself?  Now it does! We made data so smart it can think for itself. Secure itself. Stay continually aware of its surroundings. Control where, when and who is allowed access. And automatically report back to its owner. This changes the entire cybersecurity paradigm. Learn how.

I have talked to vendors who get all excited about Gartner opening up a new category for them. All I can think is uggh, something new to confuse the security marketplace. I know there's a need to label products in categories to simplify sales. But the complexity is driving buyers nuts.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is RJ Friedman, CISO, Buchanan Technologies.

Thanks to our podcast sponsor, Buchanan Technologies

Short staffed and overworked IT groups can be overwhelmed by the massive scope of a comprehensive cybersecurity program. Buchanan Technologies makes the complex simple with our twenty-four by seven, customized, vetted strategies that identify risks, detect threats, implement security controls, and protect the confidentiality, availability, and integrity of your data. Discover more.

In this episode: 

• Do we need another industry-produced acronym?
• How can a vendor better demonstrate they can become a partner?
• With the list of security “minimum requirements” constantly growing, do you believe more and more organizations are falling below the security poverty line?
• And we ask how best to reduce the amount of false positives?
  

All links and images for this episode can be found on CISO Series

Are bad security policies of yesteryear just because we didn't know any better at the time, or were they some bozos idea of legitimate security yet the rest of us knew it was just security theater?

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Dr. Diane M Janosek (@dm_janosek), deputy director of compliance, NSA and senior legal advisor for Women in Cybersecurity.

Thanks to our podcast sponsor, Code42

As the Insider Risk Management leader, Code42 helps security professionals protect corporate data and reduce insider risk while fostering an open and collaborative culture for employees. For security practitioners, it means speed to detection and response. For companies, it means a collaborative workforce that is productive and a business that is secure. Visit http://Code42.com/showme to learn more.

In this episode:

• We highlight obsolete security policies to steer clear of.
• We examine security in space and how can others who are not directly involved in these industries create some type of positive impact?
• And we ask how we can improve inclusion by decrypting the lack of diversity in our industry.

All links and images for this episode can be found on CISO Series

Legacy tech can often be the anchor that prevents an organization from growing. Put the issue of dealing with legacy tech long enough and the problem could get bigger than the business itself.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is TJ Mann (@teejaymann), CISO, Children's Mercy Kansas City.

Thanks to our podcast sponsor, CYREBRO

Ninety percent of post mortems show that the high cost of damage from a cyberattack was avoidable, but no one knew in time to stop it. CYREBRO's SOC Platform is your cybersecurity central command, integrating all your security events with 24/7 strategic monitoring, proactive threat intelligence, and rapid incident response. More from CYREBRO.

In this episode:

• How legacy technology impedes business agility?
• Are we doing anything better to deal with legacy technology
• Is there anything that can be done at the purchase point to understand how you'll sunset equipment and technology
• And we ask whether or not our industry is willing to take the time and effort to hire and train the talent they so desperately want and need.
  

All links and images for this episode can be found on CISO Series

People violate cybersecurity policies at a rate of one out of every 20 job tasks. It's just a matter of time before all your employees are in violation.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Bruce Schneier (@schneierblog), chief of security architecture, Inrupt and fellow and lecturer and Harvard Kennedy School.

Thanks to our podcast sponsor, PlexTrac

PlexTrac is a powerful, yet simple, cybersecurity platform that centralizes all security assessments, pentest reports, audit findings, and vulnerabilities. PlexTrac transforms the risk management lifecycle, allowing security professionals to generate better reports faster, aggregate and visualize analytics, and collaborate on remediation in real-time.

Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs!

In this episode:

• Special tips for new CISOs just starting out and trying to establish their position.
• We examine where there are market forces fighting the most against achieving societal values in the digital space?
• What are signs that we're moving in the right direction of developing a digital social contract?
• And we ask, is "employees violating security policies" the top issue that needs to be resolved?