CvCISO Podcast

SecurityStudio
CvCISO Podcast

Welcome to "The CvCISO Podcast" - an extension of SecurityStudio's vCISO training program. Designed to keep the conversation alive beyond the confines of traditional training, this podcast is your ongoing resource for all things related to Virtual Chief Information Security Officers (vCISOs). This podcast is a space where vCISOs can continue to explore, discuss, and evolve their understanding of the cybersecurity landscape. Join us as we delve into the experiences, perspectives, and challenges that vCISOs face. From sharing success stories to dissecting tough lessons learned, we cover it all. The goal of the podcast is to build a community where vCISOs can come together to learn from one another. Through engaging discussions and thought-provoking questions from the vCISO community, we keep the conversation dynamic and relevant. This isn't just a podcast - it's a dynamic platform where your voice matters. So, whether you're a seasoned vCISO or just starting, join us on the "CvCISO Podcast" as we continue the journey of learning and growth together. Hosts: Jordon Darling (Vice President, Top Dog PC Services) https://www.linkedin.com/in/jordon-darling/ Evan Francen (Founder and CEO, SecurityStudio) https://www.linkedin.com/in/evanfrancen/ Meg Perron (CvCISO Training Academy Director, SecurityStudio) https://www.linkedin.com/in/meg-perron-mba/ To find out more information about SecurityStudio's CvCISO Training Program visit: www.cvciso.com Follow SecurityStudio on LinkedIn: https://www.linkedin.com/company/11486715 Email cvcisopodcast@securitystudio.com with questions or topics you'd like our hosts to tackle!  

  1. 6 DAYS AGO

    CvCISO Podcast Episode 43 DOGE and Information Security

    Summary   In this episode, Evan and Jordon dive into the controversial topic of Doge, discussing its implications on government efficiency and information security. They explore the emotional responses surrounding political decisions, the role of trust in government, and the privacy concerns that arise from data access. The conversation emphasizes the importance of questioning narratives and understanding the complexities of the system, particularly in relation to social security and data security. In this conversation, Evan Francen and Jordon discuss the inefficiencies and challenges within government systems, particularly focusing on identity recovery and cybersecurity. They explore the emotional manipulation prevalent in politics, the power of language, and the consequences of dehumanization. The discussion also touches on the role of CISA in cybersecurity, the need for accountability in government spending, and the influence of big tech. They emphasize the importance of open dialogue and authenticity in relationships, advocating for transparency and efficiency in government operations.   Takeaways Doge is a controversial topic that raises questions about government efficiency.Emotional responses can cloud judgment in political discussions.It's important to consider multiple perspectives on issues like Doge.Trust in government is a significant factor in public opinion.Privacy concerns are heightened with increased data access.The design of systems like social security is flawed and outdated.Questioning everything is crucial for informed decision-making.Complexity in systems can lead to security vulnerabilities.Transparency in government actions is essential for public trust.Understanding the root causes of issues can lead to better solutions.Reclaiming identity is a complex and painful process.Government systems are often inefficient and poorly designed.Trust in leadership is crucial but often misplaced.Emotional manipulation is a powerful tool in politics.Language can be weaponized to dehumanize individuals.CISA's effectiveness and accountability are in question.Big tech's influence complicates cybersecurity efforts.Transparency in government spending is essential for accountability.Societal manipulation is a pervasive issue.Authenticity in relationships fosters deeper connections.

    52 min

  2. FEB 18

    CvCISO Podcast Episode 42: Breaking Into Cybersecurity - A Guide for Newcomers

    Summary In this episode, the hosts discuss the various pathways into the cybersecurity field, addressing the challenges faced by newcomers and those looking to transition into the industry. They share personal stories of their journeys, the importance of having a clear purpose, and the role of education and certifications in building a successful career in cybersecurity. The conversation emphasizes the need for practical experience and the realities of job expectations in the current market. In this conversation, the speakers discuss the importance of practical experience over formal education in the cybersecurity field. They emphasize the need for candidates to possess intangibles such as integrity and a willingness to learn, alongside technical knowledge and experience. The discussion also touches on the unrealistic salary expectations of job seekers, the dynamics of the job market, and the significance of having a clear purpose in pursuing a career in cybersecurity. Building a portfolio and setting realistic expectations are highlighted as key strategies for success in the industry. TakeawaysThere is no single path to entering cybersecurity.Having a strong purpose can help you persevere in your career.Certifications can provide confidence and connections in the industry.Practical experience is often more valuable than theoretical knowledge.The job market in cybersecurity can be challenging and competitive.Networking is crucial for finding job opportunities.Many hiring managers prioritize specific skills over degrees.Entry-level positions are essential for gaining experience.Understanding the realities of job expectations is important for newcomers.Continuous learning and adaptation are key to success in cybersecurity. A degree shows commitment but doesn't guarantee skill.Practical experience is crucial for success in cybersecurity.Intangibles like integrity are essential for hiring.Setting realistic salary expectations is important.Job descriptions often lack clarity on actual needs.Building a portfolio can set you apart in job applications.Purpose in your career can help combat burnout.Networking can play a significant role in job placement.Understanding your strengths can guide your career path.Continuous learning and adaptation are key in cybersecurity.

    58 min

  3. FEB 7

    CvCISO Podcast Episode 41: Mentorship

    Summary  In this episode, the hosts discuss the significance of mentorship in personal and professional development. They explore the nuances of what mentorship means, the difference between wisdom and education, and how informal mentorship can occur within communities. The conversation emphasizes the importance of experience, the role of mentors in shaping careers, and the reciprocal nature of mentorship relationships. The hosts also touch on the idea that everyone has the potential to be a mentor, regardless of their formal title or position. In this conversation, Evan Francen and Meg discuss the multifaceted nature of mentorship, emphasizing the importance of perspectives, authentic relationships, and the fluidity of mentor-mentee dynamics. They explore how mentorship can be both formal and informal, the value of observational learning, and the necessity of sharing wisdom. The discussion highlights that mentorship is a lifelong journey, where both mentors and mentees can learn from each other, and encourages listeners to reflect on their own mentorship experiences. Takeaways Mentorship is not just about teaching; it's about sharing experiences.A good mentor-mentee relationship is two-way, where both parties learn from each other.Wisdom is gained through experience, not just education.Informal mentorship can happen naturally within communities.Everyone has the potential to be a mentor, regardless of their experience level.Mentorship can take place through various mediums, including books and personal interactions.Creating opportunities for mentorship is essential for growth.Mentors should aim to help their mentees become better than themselves.The best mentors are those who genuinely care about the growth of others.Mentorship is about support, guidance, and sharing wisdom. Perspectives are crucial for making informed decisions.Authenticity in relationships enhances mentorship effectiveness.Mentorship can take many forms, both formal and informal.Observational learning can be a powerful form of mentorship.Sharing wisdom is a key responsibility of mentors.Mentorship is a two-way street; both parties benefit.Seek mentors in unexpected places, including social media.Everyone has the potential to be a mentor or mentee.Reflect on past mentorship experiences to recognize their value.Good leaders empower others rather than seeking to be needed.

    51 min

  4. FEB 4

    CvCISO Podcast Episode 40: AI in the Workplace

    Summary In this episode, the hosts discuss the significance of mentorship in personal and professional development. They explore the nuances of what mentorship means, the difference between wisdom and education, and how informal mentorship can occur within communities. The conversation emphasizes the importance of experience, the role of mentors in shaping careers, and the reciprocal nature of mentorship relationships. The hosts also touch on the idea that everyone has the potential to be a mentor, regardless of their formal title or position. In this conversation, Evan Francen and Meg discuss the multifaceted nature of mentorship, emphasizing the importance of perspectives, authentic relationships, and the fluidity of mentor-mentee dynamics. They explore how mentorship can be both formal and informal, the value of observational learning, and the necessity of sharing wisdom. The discussion highlights that mentorship is a lifelong journey, where both mentors and mentees can learn from each other, and encourages listeners to reflect on their own mentorship experiences. TakeawaysMentorship is not just about teaching; it's about sharing experiences.A good mentor-mentee relationship is two-way, where both parties learn from each other.Wisdom is gained through experience, not just education.Informal mentorship can happen naturally within communities.Everyone has the potential to be a mentor, regardless of their experience level.Mentorship can take place through various mediums, including books and personal interactions.Creating opportunities for mentorship is essential for growth.Mentors should aim to help their mentees become better than themselves.The best mentors are those who genuinely care about the growth of others.Mentorship is about support, guidance, and sharing wisdom. Perspectives are crucial for making informed decisions.Authenticity in relationships enhances mentorship effectiveness.Mentorship can take many forms, both formal and informal.Observational learning can be a powerful form of mentorship.Sharing wisdom is a key responsibility of mentors.Mentorship is a two-way street; both parties benefit.Seek mentors in unexpected places, including social media.Everyone has the potential to be a mentor or mentee.Reflect on past mentorship experiences to recognize their value.Good leaders empower others rather than seeking to be needed.

    56 min

  5. JAN 24

    CvCISO Podcast Episode 39: vCISO Role in BCI and DRP

    Summary In this episode, the hosts and guests delve into the concept of Zero Trust Architecture, discussing its legitimacy, implementation challenges, and the importance of understanding its principles. They explore how Zero Trust can enhance security while also serving as a business strategy that can potentially reduce costs and increase revenue through better risk management and compliance. The conversation highlights the complexities of adopting Zero Trust in large organizations and emphasizes the need for clear definitions and practical steps to implement it effectively. In this conversation, the speakers delve into the critical aspects of security policies, breach notifications, and the implementation of Zero Trust frameworks. They discuss the importance of understanding the business value of security measures, enhancing user experience while maintaining security, and the necessity of situational awareness in cybersecurity. The conversation emphasizes the need for effective communication with stakeholders to ensure that security measures are understood and valued, ultimately leading to better risk management and organizational success.  TakeawaysZero Trust is a legitimate security principle, not just a buzzword.Implementation of Zero Trust is complex and requires careful planning.Default deny is a core principle of Zero Trust.Understanding egress and ingress is crucial for effective security.Zero Trust can help reduce cyber insurance costs.Asset management is essential for Zero Trust implementation.Complex environments pose significant challenges to adopting Zero Trust.Risk management is at the heart of Zero Trust strategies.Business processes should be aligned with security measures.Zero Trust can enhance business credibility and partnerships. Breach notifications should be included in contracts to ensure transparency.Zero Trust can lead to increased efficiency and potential cost savings for businesses.Understanding the business processes is crucial for effective security implementation.User experience must be considered when implementing security measures.Situational awareness is key to making informed security decisions.Risk management is an ongoing process, not a one-time fix.Effective communication about security measures can build trust with stakeholders.Security professionals should be prepared to demonstrate the business value of their initiatives.Zero Trust should be implemented in phases, focusing on critical components first.Frameworks should guide security practices, not dictate them.

    56 min

  6. JAN 17

    CvCISO Podcast Episode 38: Zero Trust: Is it Real?

    In this episode, the hosts and guests delve into the concept of Zero Trust Architecture, discussing its legitimacy, implementation challenges, and the importance of understanding its principles. They explore how Zero Trust can enhance security while also serving as a business strategy that can potentially reduce costs and increase revenue through better risk management and compliance. The conversation highlights the complexities of adopting Zero Trust in large organizations and emphasizes the need for clear definitions and practical steps to implement it effectively. In this conversation, the speakers delve into the critical aspects of security policies, breach notifications, and the implementation of Zero Trust frameworks. They discuss the importance of understanding the business value of security measures, enhancing user experience while maintaining security, and the necessity of situational awareness in cybersecurity. The conversation emphasizes the need for effective communication with stakeholders to ensure that security measures are understood and valued, ultimately leading to better risk management and organizational success. Takeaways Zero Trust is a legitimate security principle, not just a buzzword.Implementation of Zero Trust is complex and requires careful planning.Default deny is a core principle of Zero Trust.Understanding egress and ingress is crucial for effective security.Zero Trust can help reduce cyber insurance costs.Asset management is essential for Zero Trust implementation.Complex environments pose significant challenges to adopting Zero Trust.Risk management is at the heart of Zero Trust strategies.Business processes should be aligned with security measures.Zero Trust can enhance business credibility and partnerships. Breach notifications should be included in contracts to ensure transparency.Zero Trust can lead to increased efficiency and potential cost savings for businesses.Understanding the business processes is crucial for effective security implementation.User experience must be considered when implementing security measures.Situational awareness is key to making informed security decisions.Risk management is an ongoing process, not a one-time fix.Effective communication about security measures can build trust with stakeholders.Security professionals should be prepared to demonstrate the business value of their initiatives.Zero Trust should be implemented in phases, focusing on critical components first.Frameworks should guide security practices, not dictate them.

    57 min

  7. JAN 10

    CvCISO Podcast Episode 37: MN Local Chapter 2024 Year in Review

    In this episode of the CvCISO Podcast, the hosts and guests discuss the Minnesota Local Chapter's progress, focusing on community building, mental health check-ins, and the importance of support structures in the information security field. They share insights on how the chapter has fostered a sense of belonging and collaboration among its members, highlighting accomplishments and future goals for growth and authenticity within the community. In this engaging conversation, the participants explore various themes including the humorous use of iPhone shortcuts, the importance of authenticity in professional relationships, and the value of diverse perspectives in the cybersecurity community. They discuss their vision for the local chapter in 2025, emphasizing community involvement and the role of continuing education in professional growth. The conversation highlights the collaborative spirit of the group and their commitment to supporting one another in their respective journeys. Takeaways The Minnesota Local Chapter has been meeting for seven months.Mental health check-ins are a key part of the meetings.Building a supportive community is essential for personal and professional growth.Members share resources and experiences to help each other.Authenticity and transparency are crucial for a thriving community.Regular attendance has led to a consistent group of participants.The chapter aims to expand and replicate its model in other regions.Food and shared meals enhance the community experience.Members feel comfortable discussing personal and professional challenges.The group values both fun and professional development in their meetings. Authenticity in professional relationships fosters better collaboration.Diverse perspectives enhance understanding and decision-making.Community involvement is crucial for personal and professional growth.Starting a local chapter can be done with just a few people.Continuing education is essential in the cybersecurity field.Networking within the community leads to shared resources and ideas.Humor can be a great icebreaker in professional settings.Encouraging others to start their own groups can expand the community.The local chapter serves as a platform for ongoing learning and support.Building relationships is key to success in any industry.

    52 min

  8. 12/27/2024

    CvCISO Podcast Episode 36: A Year in Review

    Summary   In this episode, the hosts discuss updates on the CvCISO Academy, reflecting on the past year and looking forward to 2025. They emphasize the importance of community engagement, new leadership roles, and the need for standardization in cybersecurity practices. The conversation also touches on personal growth and the value of continuous learning, with lighthearted moments shared among the hosts. In this conversation, the speakers discuss the importance of uplifting relationships, continuous learning, and situational awareness in both personal and professional contexts. They explore how these themes relate to cybersecurity, highlighting key events and trends from 2024, the impact of major data breaches, and the accountability of organizations in protecting sensitive information. The discussion also touches on the role of technology and AI in cybersecurity, emerging trends for 2025, and the value of cyber insurance. Ultimately, the conversation emphasizes the importance of love and support in fostering growth and resilience. Takeaways  The Academy is evolving with new leadership and growth opportunities.Community engagement is crucial for the success of the CvCISO program.Standardization in cybersecurity practices is necessary for better service delivery.Continuous learning is essential in the cybersecurity field.The hosts emphasize the importance of personal growth and self-awareness.Plans for 2025 include more community support and resources.Monthly chats will be introduced to foster community connections.Silly moments can help lighten the mood during stressful times.The commitment to the Academy and its programs remains strong. There are people who uplift you.Continuous learning opens up new opportunities.Situational awareness is crucial in everyday life. It helps identify threats.Key cybersecurity events shape the industry's landscape.Data breaches can have severe consequences for individuals.Accountability for breaches often lies with the board of directors.Technology plays a significant role in cybersecurity effectiveness.AI is both a tool for improvement and a potential threat.Cyber insurance can provide financial benefits if managed correctly.

    58 min
See All (43)

Ratings & Reviews

5
out of 5
2 Ratings

About

Welcome to "The CvCISO Podcast" - an extension of SecurityStudio's vCISO training program. Designed to keep the conversation alive beyond the confines of traditional training, this podcast is your ongoing resource for all things related to Virtual Chief Information Security Officers (vCISOs). This podcast is a space where vCISOs can continue to explore, discuss, and evolve their understanding of the cybersecurity landscape. Join us as we delve into the experiences, perspectives, and challenges that vCISOs face. From sharing success stories to dissecting tough lessons learned, we cover it all. The goal of the podcast is to build a community where vCISOs can come together to learn from one another. Through engaging discussions and thought-provoking questions from the vCISO community, we keep the conversation dynamic and relevant. This isn't just a podcast - it's a dynamic platform where your voice matters. So, whether you're a seasoned vCISO or just starting, join us on the "CvCISO Podcast" as we continue the journey of learning and growth together. Hosts: Jordon Darling (Vice President, Top Dog PC Services) https://www.linkedin.com/in/jordon-darling/ Evan Francen (Founder and CEO, SecurityStudio) https://www.linkedin.com/in/evanfrancen/ Meg Perron (CvCISO Training Academy Director, SecurityStudio) https://www.linkedin.com/in/meg-perron-mba/ To find out more information about SecurityStudio's CvCISO Training Program visit: www.cvciso.com Follow SecurityStudio on LinkedIn: https://www.linkedin.com/company/11486715 Email cvcisopodcast@securitystudio.com with questions or topics you'd like our hosts to tackle!  

Information

  • Creator
    SecurityStudio
  • Years Active
    2024 - 2025
  • Episodes
    43
  • Rating
    Explicit
  • Copyright
    © SecurityStudio
  • Show Website
    CvCISO Podcast

You Might Also Like

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes, and get the latest updates.
Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada