Security You Should Know

CISO Series

What if you could get a no-nonsense look at security solutions in just 15 minutes? Security You Should Know, the latest podcast from the CISO Series, does just that. Hosted by Rich Stroffolino, each episode brings together one security vendor and two security leaders to break down a real-world problem and the solution trying to fix it. Expect straight answers on: How to explain the issue to your CEO What the solution actually does (and doesn’t do) How the pricing model works Then, our security leaders ask the tough questions to see what sets this vendor apart. Subscribe now and and stay ahead of the latest security solutions. Visit CISOseries.com for more details. Security You Should Know: Connecting security solutions with security leaders.

  1. 3 DAYS AGO

    Navigating Your Meeting Shadow Data with FORA

    All links and images can be found on CISO Series. Organizations excel at generating massive volumes of unstructured data through recorded meetings. The struggle lies in extracting value from it. The reality is that most of this data is never touch again after its created. The temporal nature of voice communication creates unique challenges. These conversations capture real-time insights and concerns that are highly valuable for immediate decision-making. But traditional data management approaches fail to surface actionable intelligence before it becomes stale. In this episode, Joe Essenfeld, CEO and co-founder at FORA, explains how their platform addresses these challenges by automatically processing recorded meetings to generate personalized, contextual summaries while maintaining strict data privacy controls. Joining him are Howard Holton, CEO at GigaOm, and Derek Fisher, Director of Cyber Defense at Temple University. The conversation explores how FORA’s AI-powered personalization engine creates individualized meeting cards based on organizational context and project involvement. The platform implements sophisticated filtering to remove personal banter and protects sensitive information through automated labeling systems that can detect IP discussions, HR-sensitive content, and accidental recordings. Huge thanks to our sponsor, FORA   Recorded meetings are the fastest-growing source of shadow data. FORA gives enterprises unified visibility and control—enforcing retention, access, and compliance across platforms. Security teams eliminate blind spots while employees gain powerful insights. With FORA, you know exactly what recorded data exists, where it’s stored, and who can access it.

    17 min

  2. 22 SEPT

    Exploring Storage Control with ThreatLocker

    All links and images can be found on CISO Series. In this episode, Rob Allen, chief product officer at ThreatLocker, explains how their Storage Control solution addresses these challenges by implementing program-level access restrictions that work alongside traditional user permissions. Joining him are Jonathan Waldrop, CISO-at-large, and Nick Ryan, former CISO at RSM. The conversation explores how ThreatLocker's endpoint-focused approach applies default-deny principles not just to what programs can run, but to what data they can access. This allows users to work normally while preventing unauthorized programs from reaching sensitive information. This streamlined block-request-approve process can resolve access needs within 60 seconds. Huge thanks to our sponsor, ThreatLocker Human error remains one of the top cybersecurity threats. Just one wrong click can open the door to ransomware or data loss. With ThreatLocker, unauthorized apps, scripts, and devices are blocked before they can ever run. See how ThreatLocker can help you gain more control over your environment.  Threatlocker.com/CISO

    17 min

  3. 15 SEPT

    Transforming Asset Visibility with Trend Micro

    All links and images can be found on CISO Series. Asset visibility remains a persistent challenges in cybersecurity. Despite working on this challenge for decades, CISOs continue to struggle with knowing what assets exist in their environments, where they’re located, and what risks they present. The problem has only intensified with dynamic cloud resources spinning up and down in seconds, APIs proliferating across environments, and third-party integrations creating complex dependency chain. Traditional scanning tools simply can’t keep pace. In this episode, Franz Fiorim, Field CTO at Trend Micro, explains how their Cyber Risk Exposure Management (CREME) solution addresses these challenges through continuous asset discovery and risk prioritization across the entire attack surface. Joining him are Krista Arndt, Associate CISO at St. Luke’s University Health Network, and Brett Conlon, CISO at American Century Investments. They discuss how CREME consolidates external attack surface management, cloud security posture management, and vulnerability remediation into a unified platform that discovers hidden assets through multiple methods including agentless cloud integrations, network discovery sensors, and third-party API connections. Huge thanks to our sponsor, Trend Micro Reduce cost, complexity, and tool sprawl by consolidating critical security and risk disciplines like External Attack Surface Management (EASM), Cloud Security Posture Management (CSPM), Vulnerability Risk Management (VRM), Identity Security Posture, Security Awareness and more into one cyber risk exposure management solution. CREM simplifies security and business operations to enable faster, more strategic risk reduction by replacing fragmented point solutions across these domains.

    17 min

  4. 8 SEPT

    Harnessing AI-Native PAM with Formal

    All links and images can be found on CISO Series. Most data breaches don't happen because attackers are geniuses. They happen because organizations give too much access to too many people for far too long. Despite decades of security frameworks and best practices, enforcing least privilege remains one of cybersecurity's most persistent challenges. The culprit isn't technology: it's politics. In this episode, Mokhtar Bacha, CEO of Formal, discusses how their granular privilege access management solution operates at the packet level to enforce least privilege across databases and APIs. Joining him are Howard Holton, COO and industry analyst at GigaOm, and Arvin Bansal, a Fortune 100 veteran CSO. The conversation tackles the truth about why access management fails, explores how AI agents are exploding the identity landscape, and examines whether automated policy enforcement can finally solve the political friction that has plagued privilege management for years. Huge thanks to our sponsor, Formal Formal secures humans, AI agent’s access to MCP servers, infrastructure, and data stores by monitoring and controlling data flows in real time. Using a protocol-aware reverse proxy, Formal enforces least-privilege access to sensitive data and APIs, ensuring AI behavior stays predictable and secure. Visit joinformal.com to learn more or schedule a demo.

    19 min

  5. 25 AUG

    Enhancing Humans in Your SOC with RedCarbon

    All links and images can be found on CISO Series. In this episode, Simone Rapizzi, CSO at RedCarbon, explains how their AI-powered platform uses specialized models to automate threat detection and response while learning from each customer's unique environment. Joining him are Jonathan Waldrop, former CISO, and John Scrimsher, CISO at Kontoor Brands. Huge thanks to our sponsor, RedCarbon RedCarbon platform enables AI SOC: automates threat detection, incident analysis, and intelligence monitoring across SOCs. Operating 24/7, our AI Agents reduce analyst fatigue and accelerate response times. Seamlessly integrating with SIEM, EDR, and XDR platforms, RedCarbon enables scalable, cost-effective security, adding infinite AI Agents.

    15 min

  6. 18 AUG

    Proving Trust with Drata

    In this episode, Matt Hillary, CISO at Drata, explains how their AI-native trust management platform addresses these challenges by automating evidence collection from integrated systems and reducing manual effort by over 90%. Joining him are Mike Lockhart, CISO at EagleView, and Johna Till Johnson, CEO at Nemertes. We talk about how Drata’s platform bridges the policy-execution gap through hundreds of out-of-the-box integrations, AI-assisted questionnaire responses that handle 90% of vendor due diligence automatically, and real-time control monitoring that enables GRC teams to operate more like security operations centers, responding quickly to control failures rather than simply passing audits. Huge thanks to our sponsor, Drata  AI at Drata is embedded across every layer, transforming GRC from a defensive necessity into a proactive business driver. With new Agentic AI innovations, MCP releases, and a long-term vision for AI-native trust management, Drata empowers security teams to work faster, reduce manual tasks, and deliver meaningful, scalable business impact. Learn more at Drata.com

    20 min

  7. 11 AUG

    Reducing SIEM Costs with Scanner

    SIEM costs are spiraling out of control for organizations. Increasing log volumes, longer compliance-driven retention requirements, and the habit of collecting everything "just in case," the list goes on. Traditional SIEM architecture forces painful choices between cost control and security visibility, with teams constantly fighting to keep log volumes down while still maintaining adequate coverage for investigations. In this episode, Cliff Crosland, co-founder and CEO of Scanner, explains how their data lake approach can reduce SIEM costs by 80-90% while giving organizations full custody of their data in their own cloud storage. Joining him are Nick Espinosa, host of the Deep Dive Radio Show, and Howard Holton, COO and industry analyst at GigaOm. In this episode: Data retention policies The fundamental challenge of managing growing log volumes over time How AI copilots are bridging the gap between security analysts and software engineers in detection workflows. Huge thanks to our sponsor, Scanner Traditional SIEMs are a tax on your security team—bloated, brittle, and budget-killing. Scanner.dev fixes this. Use it as your SIEM, or to supercharge the one you already have. Our AI co-pilot summarizes alerts, suggests next steps, and reduces noise—making analysts faster and smarter. See it in action at Scanner.dev.

    13 min

  8. 4 AUG

    Evolving Security Awareness with Adaptive Security

    All links and images can be found on CISO Series Security awareness is critical to cultivate in your organization. But security awareness training can often miss the mark. Traditional training is slow and reactive. As deepfakes and LLM-enhanced attacks become common, organizations need training solutions that can adapt and provide relevant training. In this episode, Brian Long, CEO of Adaptive Security, explains how their platform provides engaging training that can be customized in a matter of minutes. Joining him are Janet Heins, CISO at ChenMed, and Gary Chan, CISO at SSM Health. Huge thanks to our sponsor, Adaptive Security AI-powered social engineering threats like deepfake voice calls, GenAI phishing, and vishing attacks are evolving fast. Adaptive helps security leaders get ahead with an AI-native platform that simulates realistic genAI attacks, and delivers expert-vetted security awareness training — all in one unified solution. And now, with Adaptive’s new AI Content Creator, security teams can instantly transform breaking threat intel or updated policy docs into interactive, multilingual training — no instructional design needed. That means faster compliance, better engagement, and less risk. Trusted by Fortune 500s and backed by Andreessen Horowitz and the OpenAI Startup Fund, Adaptive is helping security teams prepare for the next generation of cyber threats. Learn more at adaptivesecurity.com.

    17 min
See All (33)

About

What if you could get a no-nonsense look at security solutions in just 15 minutes? Security You Should Know, the latest podcast from the CISO Series, does just that. Hosted by Rich Stroffolino, each episode brings together one security vendor and two security leaders to break down a real-world problem and the solution trying to fix it. Expect straight answers on: How to explain the issue to your CEO What the solution actually does (and doesn’t do) How the pricing model works Then, our security leaders ask the tough questions to see what sets this vendor apart. Subscribe now and and stay ahead of the latest security solutions. Visit CISOseries.com for more details. Security You Should Know: Connecting security solutions with security leaders.

Information

  • Creator
    CISO Series
  • Years Active
    2K
  • Episodes
    33
  • Rating
    Clean
  • Copyright
    © 2018-2025 CISO Series
  • Show Website
    Security You Should Know

You Might Also Like