Category: CISO Series

  • After a Breach, Security and Privacy Are Very Important to Us

    After a Breach, Security and Privacy Are Very Important to Us

    Why does it seem that the only time we hear about a company’s concern about security and privacy is after they’re compromised. It is only at that moment they feel compelled to let us know that they’re taking this situation very seriously because as we’ve ll heard before “security and privacy are very important to…

  • Can’t You Just Pop Out of Zeus’ Head a Fully Formed Security Professional?

    Can’t You Just Pop Out of Zeus’ Head a Fully Formed Security Professional?

    https://cisoseries.com/cant-you-just-pop-out-of-zeus-head-a-fully-formed-security-professional/ This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Joe Lewis, CISO, CDC. Full transcript [Voiceover] What I love about cybersecurity. Go! [Joseph Lewis] It really is a place for everybody. As an industry, we attract people like boxers and nurses and people from IT Ops and Audit and…

  • No Need for Chaos Engineering Since Our Architecture Is Always Failing

    No Need for Chaos Engineering Since Our Architecture Is Always Failing

    https://cisoseries.com/no-need-for-chaos-engineering-since-our-architecture-is-always-failing/ This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Mike Wiacek, CEO, Stairwell. Full transcript [Voiceover] What I love about cybersecurity. Go! [Mike Wiacek] I love the game, that cybersecurity is almost adversarial by design. Whatever we do as defenders to try and protect systems that we’re responsible…

  • Why Aren’t You On Slack Where I Can Interrupt You?

    Why Aren’t You On Slack Where I Can Interrupt You?

    https://cisoseries.com/why-arent-you-on-slack-where-i-can-interrupt-you/ This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Howard Holton, CTO, GigaOm. Full transcript [Voiceover] Best advice I ever got in security. Go! [Howard Holton] Keep it simple. You’re likely overcomplicating it. The reality is we spend a lot of time as technologists kind of buried in technology…

  • This Unwanted Cold Call Made Possible Thanks to This Month’s Sales Quota

    This Unwanted Cold Call Made Possible Thanks to This Month’s Sales Quota

    https://cisoseries.com/this-unwanted-cold-call-made-possible-thanks-to-this-months-sales-quota/ A CISO calls on security vendors to stop the spamming and cold calling. Are these annoyances the direct result the way salespeople are measured? Is that what drives the desperation and bad behavior? This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Dmitriy Sokolovskiy, CISO, Avid. Full…

  • Adversaries Beef Up Their Shiny Object Distraction Campaign

    Adversaries Beef Up Their Shiny Object Distraction Campaign

    https://cisoseries.com/adversaries-beef-up-their-shiny-object-distraction-campaign/ We are all very easily distracted, and adversaries know that. So they’ll try any little trick to make us not pay attention, look away, or do what we’re not supposed to do all in an effort to break our human defenses. This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy),…

  • Stir in a Little Merger and Acquisition, and Voilà, You’re a Target

    Stir in a Little Merger and Acquisition, and Voilà, You’re a Target

    https://cisoseries.com/stir-in-a-little-merger-and-acquisition-and-voila-youre-a-target/ There is a lot unknown before, during, and after a merger and that can make employees very susceptible to phishing attacks. But, at the same time, the due diligence that goes into an M&A can often open up signs of previous or active compromise, noted Rich Mason of Critical Infrastructure.What does a proposed merger…

  • We’re Here. We’re Highly Unqualified. Get Used To It.

    We’re Here. We’re Highly Unqualified. Get Used To It.

    https://cisoseries.com/were-here-were-highly-unqualified-get-used-to-it/ “Does anyone else feel like the security field is attracting a lot of low-quality people and hurting our reputation,” asked a redditor on the cybersecurity subreddit who remembers a time when security personnel were seen as highly experienced technologists. But now they believe people view cybersecurity as an easy tech job to break into…

  • Sound Security Advice That’s Perfect to Ignore

    Sound Security Advice That’s Perfect to Ignore

    https://cisoseries.com/sound-security-advice-thats-perfect-to-ignore/ It appears our security awareness training is falling short at the point of taking any type of real action. While most people are aware of the need for secure passwords, they don’t create secure passwords. They are taking the easier way out rather than the secure path which isn’t that far from the easy…

  • Entry Level Position Available. 15+ Years Experience Required.

    Entry Level Position Available. 15+ Years Experience Required.

    https://cisoseries.com/entry-level-position-available-15-years-experience-required/ That headline is not a joke. An actual job listing on LinkedIn requested just that. We’re all hoping this was an error. Regardless, the community response to it was truly overwhelming, speaking much to the frustration of green and junior cybersecurity job seekers who are truly looking for entry level jobs.This week’s episode is hosted by David…