The Security Collective Podcast Claire Pales

Today we are recapping some of the great episodes from season 11 'In Case You Missed' them!
We have put together a snippet of the best parts from each guest for you, and if you like what you hear, click below to listen to the full episode, or head to wherever you enjoy our podcast, and check out the full back catalogue.
Links:
Marc Bown
Stephen Kennedy
Craig Ford
Naveen Chilamkurti
Paul McCarty
Yvette Lejins
Jamie Newman
Paul Wenham
Samm MacLeod
For the full episode, transcript please visit our website

It’s our last episode for the season, and we are joined by a very good friend of Claire’s and of the podcast, Samm MacLeod. Samm and Claire discuss what's been happening since we caught up with her 12 months ago in season eight, when Samm generously shared her CISO journey through burnout and recent sabbatical. She's now back CISO-ing, and this time they covered digital transformations and security transformations.
Samm MacLeod is an experienced Information Security Executive with experience across multiple industry verticals including tech, financial services, and critical infrastructure. Having led several cybersecurity transformation programs, Samm helps organisations imbed effective security practices through cyber security strategy, security operating models, and risk management frameworks.  Samm’s experience with boards, audit & risk committees, and executives allows her to bring a unique set of experiences and perspective to the management of technology and cyber risk and the delivery of security best practice. She is currently an appointed Netskope Security Board Advisor and has previously held non-executive positions on a critical infrastructure board (AEMO Cybersecurity Board), securitisation & financial services board (MEPM) and Information Security education and research board  (Deakin Executive Board). Based on the Bellarine Peninsula, Samm is an industry speaker and writer, and an advocate for diversity in cyber.
Links:
Samm LinkedIn
For the full episode transcript, please visit our website.
The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager.

Jamie Newman has a refreshing take on security and joins Claire as they chat about understanding the security posture in diverse organisations, they discuss about third party contracts, how much money you should be spending on compliance and what meaningful metrics might look like.
Jamie is an experienced IT Leader with more than 20 years experience in applications and infrastructure transformation in varying national and regional roles. His career started in HR, but then quickly moved into a technology path in the late 90's and has worked predominantly in Manufacturing, Retail and B2B environments, working in Singapore, Japan and the Middle East. Jamie moved into senior management in 2008, and has been in C level roles for the last 10 years.
Links:
Jamie LinkedIn
Jamie Twitter
Episode 68
For the full episode transcript please visit our website
The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager.

Paul Wenham joined Claire to talk about the what, how, and why he started Assurance Lab. They also cover the value of auditing, how compliance can be the foundation stone for startups and his new book, which he is making open source for others to contribute to; and talked about the fact that Assurance Lab is a B Corp, and why that is so important to Paul and his team.
Paul has worked in cybersecurity audits and compliance for over 11 years. His past roles have spanned professional services at PwC, leading the cybersecurity and compliance program for a global software company Qstream, and governance over third-party cyber standards at Westpac and Mercer.
Paul founded Assurance Lab in 2018, a Regtech software and audit services firm now working with over 150 cloud software companies across 12 countries. AssuranceLab supports their security and compliance programs to meet global standards (SOC 1, SOC 2, ISO 27001, HIPAA, Consumer Data Right, CSA STAR, GDPR, CCPA, and ESG reporting). Assurance Lab has a broad network of partners in the cybersecurity industry, leveraging the natural synergies of AssuranceLab's independence as an audit firm.
Links:
Website
Assurance Lab Linkedin
Paul LinkedIn
Episode 102. Cyber in Local Government with Paul Barrett
For the full episode transcript, please visit our website.
The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager.

Paul McCarty is a DevSecOps evangelist, and his recent chat with Claire was so great, we had to split it into 2 parts. In part 2 they discuss minimum viable security product, the Software Bill Of Materials (SBOMs) and making governance material consumable for senior audiences, no matter how unsexy policies might be.
Paul is the founder of SecureStack, the world's first DevSecOps Maturity Platform. Paul has been helping organisations build more secure applications for almost 30 years. He’s worked for large organisations like NASA, Boeing, Blue Cross/Blue Shield, John Deere, the US military, but he’s also worked with several startups going back to the mid nineties. Paul is a frequent contributor to open source and Linux projects and is a co-organiser of several community group meetups here in Australia.
Links:
Website
LinkedIn
Twitter
GitHub
For the full episode transcript, please visit our website
The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager.

Paul McCarty is a DevSecOps evangelist, and his recent chat with Claire was so great, we had to split it into 2-parts. In part 1 they talk about his DevSecOps Playbook, the challenges of security and engineering teams working together harmoniously, and how to apply the Essential 8 to the software development lifecycle. You can hear Claire really enjoyed chatting to Paul about some of the more technical aspects of security and hearing his views on application security best practice.
Paul is the founder of SecureStack, the world's first DevSecOps Maturity Platform. Paul has been helping organisations build more secure applications for almost 30 years. He’s worked for large organisations like NASA, Boeing, Blue Cross/Blue Shield, John Deere, the US military, but he’s also worked with several startups going back to the mid nineties. Paul is a frequent contributor to open source and Linux projects and is a co-organiser of several community group meetups here in Australia.
Links:
Website
LinkedIn
Twitter
GitHub
For the full episode transcript, please visit our website.
The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager.