CISO Series Podcast

All links and images for this episode can be found on CISO Series. I host this week’s episode, David Spark (@dspark), producer of CISO Series and Jesse Whaley, CISO, Amtrak. Joining them is their guest Vaughn Hazen, CISO, CN. In this episode: The classics endure The rules of the rail "Prove It. With data." It's all just software A huge thanks to our sponsor, Doppel Doppel is the first social engineering defense platform built to dismantle deception at the source. It uses AI and infrastructure correlation to detect, link, and disrupt impersonation campaigns before they spread - protecting brands, executives, and employees while turning every threat into action that strengthens defenses across a shared intelligence network. Learn more at https://www.doppel.com/platform

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest, Saket Modi, co-founder and CEO, SAFE Security. In this episode: Elevating AI to table stakes Security for the real world Using dynamic models for TPRM The agentic AI augmentation  Huge thanks to our sponsor, SAFE Security SAFE (#1 platform to unify the management of all cyber risks) has reinvented cyber risk management with Agentic AI. We help CISOs, TPRM, and GRC leaders become strategic business partners by automating the understanding, prioritization and management of cyber risk—accelerating AI adoption and digital transformation.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series, and Andy Ellis, partner of YL Ventures. Their sponsored guest is Jadee Hanson, CISO of Vanta. In this episode: Find a partner to work with Fixing the root of burnout The limitations of human vigilance Balancing openness and control Thanks to our sponsor, Vanta. Automate, centralize, & scale your GRC program with Vanta Vanta’s Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is Charles Blauner, formerly of Team8 (at time of recording) and now operating partner, Crosspoint Capital. In this episode: Expanding collective defense Getting talent to the municipal level A mature reporting structure A pill for that cyberailment Huge thanks to our sponsor, Material Security Material Security is purpose-built to protect the entire cloud workspace – email, data, and accounts. With deep integration and powerful automations, Material prevents and detects a wider range of threats, responds to active attacks faster, and secures data and accounts even after a breach. See Material in action today!

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series, and Andy Ellis, partner, YL Ventures. Joining us is Mandy Huth, svp, CISO, Ultra Clean Technology. In this episode: Start with good defaults Building talent bridges Don’t forget the humans Differentiating with privacy Automate, centralize, & scale your GRC program with Vanta Vanta’s Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is Mike D’Arezzo, executive director of infosec and GRC, Wellstar Health Systems. In this episode: The shift left myth Reconsidering CISO evaluations The power of “how” Building bridges Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is our sponsored guest Nathan Hunstad, director, security at Vanta. In this episode: Thinking like AI Building off a solid foundation Start with ownership Following the leader Big thanks to our sponsor, Vanta Automate, centralize, & scale your GRC program with Vanta. Vanta’s Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series and Christina Shannon, CIO, KIK Consumer Products. Joining them is Jim Bowie, CISO, Tampa General Hospital. In this episode: A journey, not a destination The difference between pressure and stress Fighting commodity deepfakes Getting leadership on the same page HUGE thanks to our sponsors, Proofpoint, Cofense, & KnowBe4 With an integrated suite of cloud-based cybersecurity and compliance solutions, Proofpoint helps organizations around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Discover cutting-edge security insights and industry trends from leading experts at Proofpoint Power Series—a monthly virtual event designed to empower the security community. Learn more at proofpoint.com Powered by 35 million trained employee reporters, the exclusive Cofense® PhishMe® Email Security Awareness Training with Risk Validation and Phishing Threat Detection and Response Platforms combine robust training with advanced tools for phishing identification and remediation. Together, our solutions empower organizations to identify, combat, and eliminate phishing threats in real-time. Learn more at cofense.com KnowBe4's PhishER Plus is a lightweight SOAR platform that streamlines threat response for high-volume, potentially malicious emails reported by users. It automatically prioritizes messages, helping InfoSec and Security Operations teams quickly address the most critical threats, reducing inbox clutter and enhancing overall security efficiency. Learn more at knowbe4.com

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series and Trina Ford, CISO, iHeartMedia. Joining us is our sponsored guest Rob Allen, chief product officer, ThreatLocker. This episode was recorded in front of a live audience at Zero Trust World in Orlando, Florida. In this episode: Severity versus impact Breaking the anti-pattern Take the first step to zero trust What are your demands? ThreatLocker® is a Zero Trust endpoint protection platform that provides enterprise-level cybersecurity to organizations globally. With easy onboarding, management, and 24/7/365 support, ThreatLocker makes default deny a reality for businesses. Only allow what you need in your environment and block everything else, including ransomware!

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is Edward Contreras, senior evp and CISO, Frost Bank.  In this episode: A gradual language shift Don’t reflexively rise and grind Lean into focus Gauging the unmeasurable  Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Mike Wilkes, former CISO, Major League Soccer. In this episode: Are we misusing vCISOs? Cybersecurity is out to sea Planning for your exit Building up your quantum reflexes Thanks to our podcast sponsor, Tines Build, run, and monitor your most important workflows with Tines. Tines' smart, secure workflow platform empowers your whole team regardless of their coding abilities, environment complexities, or tech stack. From low code, no code to natural language, anyone can get up and running in minutes – not days or weeks. Learn more at https://tines.com/cisoseries

All links and images for this episode can be found on CISO Series.   This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Adam Holland, former CISO, the Wendy’s Company, now CISO of Ascension Healthcare.   In this episode: The long road to influence The effort to build a bridge Living within limits Motivation for security awareness  Thanks to our podcast sponsor, Vanta! Say goodbye to spreadsheets and screenshots. Vanta automates evidence collection needed for audits with over  350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across over 35 frameworks, you’ll streamline compliance— and never duplicate your efforts.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Shaun Marion, vp, CSO, Xcel Energy. In this episode: Setting policy The hard thing about soft skills Never let a good crisis go to waste Avoiding the tarpit  Thanks to our podcast sponsor, Noma Security! Secure your entire Data & AI Lifecycle—from development to production and classic data engineering to GenAI. Noma’s full-lifecycle platform delivers seamless protection against risks like misconfigured data pipelines, malicious models, and adversarial AI attacks, empowering AppSec teams with complete visibility, security, and compliance—without disrupting data and AI teams’ workflows.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest, Danny Jenkins, CEO, ThreatLocker. In this episode: A zero-day upgrade Don’t let a pentest go bad Improving user training Cybersecurity is made for people Thanks to our podcast sponsor, ThreatLocker! ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Steve Zalewski. Joining us is our sponsored guest, Matt Muller, field CISO, Tines. In this episode: Seeking the early AI adopters Taking the SOC back to basics Changing our automation expectations Communicate risk Thanks to our podcast sponsor, Tines! Build, run, and monitor your most important workflows with Tines. Tines' smart, secure workflow platform empowers your whole team regardless of their coding abilities, environment complexities, or tech stack. From low code, no code to natural language, anyone can get up and running in minutes – not days or weeks. Learn more at Tines.com.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Deneen DeFiore, Vice President & Chief Information Security Officer, United Airlines. In this episode: Minding the gap Copilot overreliance Opening up the field Navigating the SMB cyber insurance conundrum Thanks to our podcast sponsor, Vanta! Say goodbye to spreadsheets and screenshots  Vanta automates evidence collection needed for audits with over  350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across over 35 frameworks, you’ll streamline compliance— and never duplicate your efforts.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Rinki Sethi, vp and CISO, BILL. Joining us is our sponsored guest, Lamont Orange, CISO, Cyera. This episode was recorded in front of a live audience at Cyera’s first DataSec conference (November 2024) in Dallas. Thanks to Adam Holland, CISO, Wendy's, Farray Rahman of Vibrant Emotional Health and 988 Lifeline, and Biji John of USAA for our questions in the episode. In this episode: Shifting from traditional recovery Do you know where your data is? The science of tradeoffs How do you measure security culture? Thanks to our podcast sponsor, Cyera! Cyera’s data security platform discovers your data attack surface, protects sensitive data, governs data access, monitors critical data events, and quickly responds to data risks. Cyera’s agentless design allows us to deploy within minutes across any environment and provide a 95% precision rate through our AI-powered classification engine. Learn more at Cyera.io

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is George Finney, CISO, The University of Texas System and author of Project Zero Trust. In this episode: Aligning on privacy Bringing Zero Trust to OT Restores and resilience Focus on what you can control Thanks to our podcast sponsor, Vanta! Say goodbye to spreadsheets and screenshots. Vanta automates evidence collection needed for audits with over  350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across over 35 frameworks, you’ll streamline compliance— and never duplicate your efforts.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Steve Zalewski. Joining us is our guest, Brett Perry, CISO, Dot Foods. In this episode: A new MDR policy Staying on top of the technical debt cycle Beating retention struggles In the gully of SOAR Thanks to our podcast sponsor, Tines! Build, run, and monitor your most important workflows with Tines. Tines' smart, secure workflow platform empowers your whole team regardless of their coding abilities, environment complexities, or tech stack. From low code, no code to natural language, anyone can get up and running in minutes – not days or weeks. Learn more at Tines.com.

All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Yabing Wang, VP and CISO, Justworks. In this episode: Building a path to action Cracking the EOL conundrum The burning platform question Uncertainty is our only constant Thanks to our podcast sponsor, Entro! Reclaim control of your non-human identities with Entro Security! Our platform securely manages non-human identities and secrets throughout their lifecycle. Detect and prevent unusual activity before it becomes a threat. Trust Entro to safeguard your non-human identities in today’s complex digital ecosystem.