The CISO Stories Podcast
SubscribeCloud Security: Lessons Learned and Applied to Emerging Tech – Bertrum Carroll – CSP #203
Bertrum Carroll dives into the evolution of cloud service adoption, comparing early concerns—like data storage, access, and usage—to current apprehensions about AI. We explore how leadership can empower teams with the right training to harness technology effectively. Learn why understanding the shared responsibilities between providers and customers is critical for cloud security success.
This segment is sponsored by Fortinet Cloud Security. Visit https://cisostoriespodcast.com/fortinet to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Segments
Identity Challenges in Manufacturing – Tammy Klotz – CSP #202
In this episode, we’re joined by Tammy Klotz, a 3x CISO in the manufacturing industry, to explore identity security challenges in manufacturing environments. Tammy discusses the differences in access management for frontline workers versus knowledge workers, touching on the unique devices and role-based training requirements. Tune in to learn how tailored security solutions are key to managing access across diverse user groups in industrial settings.
This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Segments
Identity Security: Navigating the New Normal with Dr. Sean Murphy – Sean Murphy – CSP #201
In this episode of CSP, we sit down with Dr. Sean Murphy, the CISO of BECU, one of Seattle’s largest credit unions, to discuss the shifts in identity security brought on by the COVID-19 pandemic. Dr. Murphy highlights how Zero Trust architecture became crucial for verifying internal users, especially as remote work became the norm. He shares insights on the unique challenges of securing a remote workforce in the banking sector and underscores the importance of a robust identity security framework in protecting both members and employees in today’s evolving threat landscape. This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Segments
Identity Security Training: How important is it? – Eric Belardo – CSP #200
Let’s talk about what CISOs look for when hiring identity and access management team members. What training and experience is most attractive for the business and team.
This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Segments
Have you ever had a pen tester own your network? – Julian Austin – CSP #199
Guessing the answer is yes. Well, let's talk about some of the simple ways you can avoid account compromises by strengthening your identity security through MFA, least privilege, account reviews, and all the things!
This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them!
This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo!
This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them!
Visit https://cisostoriespodcast.com for all the latest episodes!
Segments
How important is your relationship with your tool vendors? – Jacob Lorz – CSP #198
Let's talk about how important having a customer success manager, or equivalent, to assist you with your tool integration can make the difference between resource fatigue and success. On top of having solid relationships with our tool vendors, long time CISO Jake Lorz, shares with us how important tool interoperability is, proper governance reviews, and looking at your organization's security strategy when planning for current and future tool selection.
Visit https://cisostoriespodcast.com for all the latest episodes!
Segments
What level of tool rationalization does your company do and why? – LaLisha Hurt – CSP #197
Let's talk to cybersecurity expert, Lalisha Hurt, about her approach to selecting the right tools for your organization by using proven methods such as referencing the Gartner Magic Quadrant, thinking about the entire IT portfolio as part of your selection process, and what a successful 'Vendor Day' can do!
Visit https://cisostoriespodcast.com for all the latest episodes!
Segments
Have you considered your team’s cognitive biases when selecting tools? – Dustin Sachs – CSP #196
What if there was more to making those impactful decisions that you haven’t considered?
Let’s talk about how being open minded can directly impact the success of tool selection and optimization in your company. Is a SOC report enough or are there other criteria needed to make that risk based decision? Let’s discuss cognitive biases in tool selection with researcher Dr. Dustin about why it benefits your organization to be eyes open.
Visit https://cisostoriespodcast.com for all the latest episodes!
Segments
Tokyo DriftSec: Who is going First? Who is going Smooth? – Lisa Landau – CSP #195
Let’s talk to our favorite Tokyo security leader about how she has experienced tool selection across the world. To be risk adverse or not to be risk adverse. What a question!
Segment Resources: https://www.youtube.com/watch?v=BdFzJxSemKo
Visit https://cisostoriespodcast.com for all the latest episodes!
Segments
What are your pet peeves when it comes to tool selection? – Timothy Ball – CSP #194
Hear from expert TimBall, CISO for NGO-ISAC, on his experiences in the industry and how he advises his members on finding the right tool. Especially when it comes to making sure the tool isn’t a ‘shiny object’ purchase but actually addressing your organizations underlying issues and bringing value! Bonus, let’s talk about election security!
Segment Resources: https://www.ngoisac.org/
Visit https://cisostoriespodcast.com for all the latest episodes!