Guardians of the Data

Ward Balcerzak
  • 5.0 (3)
  • TECHNOLOGY

Welcome to Guardians of the Data! Join host, Ward Balcerzak, each week as he dives deep into the passions, expertise, and experiences of CISOs, Chief Data Officers, and more. Guardians of the Data is sponsored by Sentra - AI-powered data security platform that discovers and classifies all your data accurately and automatically to achieve enterprise-scale data protection without the fuss.

  1. Why EQ Matters More Than Tech - Mark Alvarado - Guardians of the Data - Episode #32

    12H AGO

    Why EQ Matters More Than Tech - Mark Alvarado - Guardians of the Data - Episode #32

    Why do so many security leaders struggle to build lasting, effective programs, even as technology keeps getting better? In this episode, Ward sits down with retail CISO Mark Alvarado to unpack one of the biggest misconceptions in cybersecurity leadership: technical expertise alone isn’t enough anymore. With over 20 years of experience across digital risk, IT infrastructure, and data privacy, Mark shares why today’s most successful CISOs must master emotional intelligence, relationship building, and business alignment. The conversation explores what it truly takes to build a resilient, business-aligned security program. Takeaways: Be a Student of Your Business: Deeply understand your company's structure, operations, long-term strategy, and threat landscape to provide relevant security advice and build effective programs tailored to your organization's unique culture.Prioritize EQ and Relationship-Building Over Pure Technical Skills: The most critical CISO skill today is emotional intelligence and the ability to translate complex security concepts into business language that leadership can understand and act upon.Focus Security Efforts on Identity and Network Access: Since all data access requires user IDs and network connectivity, concentrating your resources on authentication management and network security provides the strongest foundation for protecting business data.Document Everything Systematically: Create comprehensive, well-organized documentation of processes, procedures, and configurations to ensure knowledge transfer, program continuity, and operational efficiency when team members change.Accept That You Can't Stop Everything: Rather than trying to prevent all threats, focus on protecting your most critical business data, limiting blast radius when incidents occur, and ensuring rapid recovery capabilities.Invest in Continuous Learning: Stay current with evolving technology, regulations, and threat landscapes through formal education, certifications, peer networking, and industry conferences to remain effective in this rapidly changing field. Quote of the Show: “We can’t really one hundred percent stop cyber crime,… but we can limit the blast radius.” - Mark Alvarado Links: LinkedIn: https://www.linkedin.com/in/mark-alvarado-8715148/ Ways to Tune In: Transistor: https://guardiansofthedata.show/  Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-dataiHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/YouTube: https://www.youtube.com/@GuardiansoftheDataPod

    41 min
  2. Hope Is Not a Strategy: Secure AI the Right Way - Jason Elrod - Guardians of the Data - Episode #31

    FEB 26

    Hope Is Not a Strategy: Secure AI the Right Way - Jason Elrod - Guardians of the Data - Episode #31

    How do you secure AI when you don’t have data inventory, classification, identity controls, and governance frameworks? You can’t. In this episode of Guardians of the Data, Ward sits down with Jason Elrod, Founder of Limitless Cyber and CISO of a multi-billion-dollar healthcare system, to unpack the real risks and realities of AI in today’s enterprise. Jason makes it clear: AI may be the biggest emerging data threat, but the fundamentals haven’t changed. Data inventory, classification, identity controls, and governance frameworks still form the bedrock of security. The problem? Many organizations skipped those steps and are now trying to integrate AI into fragile environments. As cyber threats accelerate, attackers are already leveraging automation and AI. Jason argues that defenders must do the same by using AI to automate, augment, and amplify blue teams rather than replace them.   Takeaways: Don't Give AI Direct Access to Everything: Never connect AI directly to your data lake or core systems. Instead, create a curated "bastion dataset" specifically for AI use cases.Master the Fundamentals First: Data inventory, classification, and context are essential. Make sure you have these mastered before integrating AI into your organization.Pause and Assess Your Current AI Deployments: Prioritize AI use cases that deliver actual ROI vs. just "interest on investment," and stop exploratory AI projects until the fundamentals are in place.Implement AI for Defense: Use AI to automate, augment, and amplify your security team. You must use AI to defend against AI-speed attacks.Career Advice: Out-Frame AI, Don't Outwork It: Focus on skills AI can't replace: discernment, integrity, morality, judgment, and become AI's manager rather than its competitor.Pay the Cost in Discipline Now, Not Anxiety Later: Skipping fundamentals today creates stress you'll carry for years. Make sure to document and do things right from the start. Quote of the Show: “Have a rock-solid data governance plan and framework in place. Then it's easier to have a more stable AI governance in place.” - Jason ElrodLinks: LinkedIn: https://www.linkedin.com/in/thejasonelrod/ Website: https://www.limitlesscyber.com/ YouTube: https://www.youtube.com/@LimitlessCyber Ways to Tune In: Transistor: https://guardiansofthedata.show/  Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-dataiHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/YouTube: https://www.youtube.com/@GuardiansoftheDataPod

    31 min
  3. Why Least Privilege Fails (And How to Fix It) - Sanjeev Kumar - Guardians of the Data - Episode #30

    FEB 19

    Why Least Privilege Fails (And How to Fix It) - Sanjeev Kumar - Guardians of the Data - Episode #30

    What happens when your AI system has more access to your data than your employees (and you don’t even know it)? Sanjeev Kumar, Senior Global AI & Data Protection Lead at Amazon Web Services, joins Ward on the podcast today for a deep dive into the real risks organizations face as AI moves from experimentation to production. With more than 20 years of cybersecurity experience and a career that spans the rise of cloud computing to today’s AI transformation, Sanjeev shares what organizations consistently get wrong about data governance, ownership, least privilege, and AI deployment. This is not a high-level “AI is risky” discussion. It’s a tactical breakdown of what security leaders must implement now to avoid regulatory, reputational, and operational fallout.   Takeaways: Start with Data Classification and Inventory: Understand the types of data you have (sensitive, regulated, or intellectual property) and where they reside before implementing any controls.Establish Clear Data Ownership and Stewardship: Define who owns the data (business leaders), who manages it daily (data stewards), and who maintains the infrastructure (IT custodians). Everyone must understand their responsibilities.Never Let Temporary Become Permanent: When moving data to interim storage solutions, ensure proper controls are in place. Temporary shortcuts often become permanent security gaps.Always Experiment in Isolated Environments: Start with black-box environments using synthetic data first. Never expose experimental AI systems to production or public networks.Implement Dynamic, Behavior-Based Access Controls: Move beyond traditional RBAC to access controls that adapt based on actual behavior patterns, not just historical permissions.Understand Both Financial and Non-Financial Risks: Reputational damage, regulatory scrutiny, and loss of customer trust often outweigh direct financial penalties.Live in the Future: Anticipate what will matter in 4-5 years and start learning it today. Position yourself where the industry is heading, not where it is now. Quote of the Show: “Vendor can be replaced, trust cannot be.” - Sanjeev Kumar Links: LinkedIn: https://www.linkedin.com/in/trusted-ai-ciso/ Website: https://aws.amazon.com/  Ways to Tune In: Transistor: https://guardiansofthedata.show/  Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-dataiHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/YouTube: https://www.youtube.com/@GuardiansoftheDataPod

    53 min
  4. Stop Talking Tech and Start Talking Business - Joshua Copeland - Guardians of the Data - Episode #29

    FEB 12

    Stop Talking Tech and Start Talking Business - Joshua Copeland - Guardians of the Data - Episode #29

    Is leadership the real reason data security keeps breaking down? In this episode of Guardians of the Data, host Ward Balcerzak sits down with Joshua Copeland, Director of Cybersecurity at Crescendo. With more than 25 years of experience across IT, cybersecurity, and government, Joshua brings a refreshingly honest perspective: most security failures don’t come from bad tools; they come from misaligned leadership, misunderstood business risk, and security teams operating in a vacuum. Throughout the conversation, Joshua breaks down why cybersecurity professionals must stop speaking only in technical terms and start translating risk into real business impact, from revenue and operations to productivity and customer trust. The discussion also dives deep into AI and data security, where Joshua argues that AI hasn’t introduced new risk, but simply exposes the risks organizations have ignored for years. From shadow AI and data leakage to prompt engineering and governance, this episode offers practical guidance for security leaders trying to keep up with reality.   Takeaways: Learn to Speak Business, Not Just Tech: Cybersecurity professionals need to translate technical risks into business impact.Build Cross-Functional Relationships Early: Understand how your security decisions impact productivity and workflows. Talk to operations teams before implementing security controls.Avoid Building Solutions in a Vacuum: Don't create security controls based solely on frameworks or "best practices".Network Relentlessly: Attend local B-Sides and regional conferences (cheaper than RSA) and join local cyber clubs and professional chapters.Focus on What Actually Protects Your Business: Prioritize vulnerabilities based on your environment, not just severity scores. Understand your critical business processes and protect those first.Say Yes to New Opportunities: Joshua's career advice: volunteer for things outside your comfort zone. Non-traditional paths often lead to the most interesting opportunities.Quote of the Show: “ We're really, really good at technology. We really suck at business, and that's where we fall flat.” - Joshua CopelandLinks: LinkedIn: https://www.linkedin.com/in/joshuacopeland/ Website: https://www.crescendo.ai/ Ways to Tune In: Transistor: https://guardiansofthedata.show/  Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-dataiHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/YouTube: https://www.youtube.com/@GuardiansoftheDataPod

    41 min
  5. Future-Proofing Cybersecurity Talent - Marlene Dehart - Guardians of the Data - Episode #28

    FEB 5

    Future-Proofing Cybersecurity Talent - Marlene Dehart - Guardians of the Data - Episode #28

    Are we solving the cybersecurity talent problem the wrong way? The cybersecurity industry has no shortage of open roles, yet thousands of capable candidates still can’t land their first job. In this episode of Guardians of the Data, Ward Balcerzak sits down with Marlene DeHart, cybersecurity executive, advisor, and Air Force Reserve veteran, to explore why the problem isn’t a lack of interest or intelligence; it’s how the industry defines experience. Drawing on more than 20 years across enterprise security, internal audit, military cyber operations, and emerging technologies like Web3 and AI, Marlene argues that cybersecurity needs to be treated more like a trade: skills-first, mentor-led, and learned through real-world practice, not just certifications and degrees.   Takeaways: Seek Mentorship Actively: Find experienced professionals who can guide your career development and commit to mentoring others once you gain experience, creating a reciprocal learning ecosystem.Participate in Hands-On Challenges: Join hackathons, capture-the-flag events, and collaborative technical challenges to demonstrate real-world skills beyond what certifications alone can show.Build a Skills Portfolio: Create tangible demonstrations of your work that showcase your abilities to potential employers, moving beyond traditional resumes to include actual project examples and problem-solving evidence.Apply Fundamentals to New Technologies: Bridge your existing cybersecurity knowledge to emerging technologies like AI, blockchain, and Web3 by applying core principles you already understand to new contexts.Establish Reskilling Pathways: Companies should build structured programs to help existing employees transition when business direction or technology stacks change, rather than leaving team members behind.Gamify Learning Experiences: Make skills development engaging through scenario-based training, real-world simulations, and competitive challenges that mirror actual workplace situations. Quote of the Show: “ Once you're skilled, you have to keep reskilling. You have to upskill.” - Marlene DehartLinks: LinkedIn: https://www.linkedin.com/in/marleneveum/ Ways to Tune In: Transistor: https://guardiansofthedata.show/  Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-dataiHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/YouTube: https://www.youtube.com/@GuardiansoftheDataPod

    43 min
  6. Data Security in Critical Infrastructure - Arturo Santos - Guardians of the Data - Episode #27

    JAN 29

    Data Security in Critical Infrastructure - Arturo Santos - Guardians of the Data - Episode #27

    What happens when the systems that move people and power our world aren’t secure? In this episode of Guardians of the Data, host Ward Balcerzak sits down with Arturo Santos, Director of Cybersecurity Architecture at Amtrak, to explore the growing risks facing operational technology (OT), the realities of protecting critical infrastructure, and why data governance, AI, and industry collaboration are no longer optional. With more than 30 years of experience in IT and cybersecurity, Arturo shares real-world insights from the rail industry, discusses why legacy data retention practices are putting organizations at risk, and explains how modern cyber-physical systems are reshaping security priorities across transportation, energy, and other critical sectors. Takeaways: Implement Strict Data Retention Policies: Organizations must establish clear guidelines for data retention and storage. Develop retention schedules based on legal requirements, business needs, and industry best practices, then enforce them rigorously.Treat Employee Data with Equal Priority as Customer Data: Many organizations focus heavily on protecting customer information while overlooking employee data. Your employees deserve the same level of protection you provide to your customers.Adopt a Data Custodianship Mindset: Shift how your organization thinks about personal information. Always remember that the data belongs to the individual, and your organization is merely a temporary steward.Monitor Threats Across Your Entire Supply Chain: Your organization doesn't operate in a vacuum. Stay informed about security incidents, vulnerabilities, and attack patterns across your industry and related sectors.Engage with Industry Standards Development: Participate in the creation and refinement of security standards for your sector. Your expertise and real-world experience can help shape standards that are both effective and practical.Leverage Collaborative Threat Intelligence Sharing: A collaborative approach provides visibility into threats you might never see coming from your own network alone. The key is moving from isolated security operations to participating in a broader intelligence ecosystem.Quote of the Show: “ I started working in cybersecurity because I am passionate about protecting my data. I see it as a consumer .” - Arturo SantosLinks: LinkedIn: https://www.linkedin.com/in/-arturo-santos/ Website: https://www.amtrak.com/home Ways to Tune In: Transistor: https://guardiansofthedata.show/  Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-dataiHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/YouTube: https://www.youtube.com/@GuardiansoftheDataPod

    46 min
  7. Securing Data in the Age of AI - Frank Depaola - Guardians of the Data - Episode #26

    JAN 22

    Securing Data in the Age of AI - Frank Depaola - Guardians of the Data - Episode #26

    Is your data security strategy still focused on where your data lives, or have you evolved to protect it where it flows? Ward sits down with Frank DePaola, Vice President and CISO at EnPro and recipient of the 2025 Top Global CISO award. With over 25 years of experience in cybersecurity, Frank shares a masterclass on navigating the complexities of modern data security, from the "data sprawl" of the AI era to the unique challenges of maintaining security during aggressive M&A cycles.  The conversation dives deep into the realization that "data is the new currency of business," which has led organizations to accumulate petabytes of information that become increasingly difficult to manage. Frank explains why the state of your data directly impacts the success of AI initiatives and why security leaders must transition from a static mindset to one that secures data in motion, especially as it leaves the organization's physical purview through cloud services and subcontractors.   Takeaways: Build Or Update Your Data Retention Policy: Work collaboratively with business units to understand their actual needs and regulatory requirements, not arbitrary timeframes.Leverage Community Expertise: Reach out to industry peers or hire consultants who've implemented programs before; don't reinvent the wheel.Shift From Static to Dynamic Protection: Move beyond securing data only where it resides; focus on securing data in motion and throughout its lifecycle.Consolidate Your Tools: Look for comprehensive platforms that integrate DLP, DSPM, and AI governance rather than managing multiple point solutions.Gather Complete Requirements Upfront: Avoid point solution sprawl by thoroughly vetting all use cases before making technology investments.Build a Risk-Based Roadmap: Connect tactical initiatives directly to organizational strategic objectives, so teams understand how their work impacts the business.Quote of the Show: “Data is the new currency of business.” - Frank DepaolaLinks: LinkedIn: https://www.linkedin.com/in/frankdepaola/ Website: https://www.enpro.com/overview/default.aspx Ways to Tune In: Transistor: https://guardiansofthedata.show/  Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-dataiHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/YouTube: https://www.youtube.com/@GuardiansoftheDataPod

    41 min
  8. Addressing the Data Everywhere and No Map Issue - Antonio Taylor - Guardians of the Data - Ep #25

    JAN 15

    Addressing the Data Everywhere and No Map Issue - Antonio Taylor - Guardians of the Data - Ep #25

    What happens when security leaders stop talking tech and start speaking the language of the business? In this episode, author and VP of IT for Mission Healthcare, Antonio Taylor, reveals why modern security success has less to do with tools and everything to do with building trust, curiosity, and true business partnerships. Antonio brings 25+ years of experience in enterprise IT leadership, data security, and organizational transformation. He’s seen behind the curtain of data sprawl, shadow SaaS, M&A chaos, and the cultural friction that often exists between business units and cybersecurity teams. Antonio shares how security leaders can shift from “the department of no” to trusted business partners by staying curious, building relationships, and speaking the language of the business rather than the language of technology. Takeaways: Become a True Business Partner: Learn how your company makes money and frame security as an accelerator, not a barrier.Build Trust Before You Need It: When business units trust you, they'll involve you in decisions before purchasing tools or implementing solutions.Make Security Part of the Culture: Transform employees into your "biggest firewall" by making them security partners.Offer Alternatives: Instead of blocking tools, find secure alternatives that meet their needs (like suggesting Copilot instead of ChatGPT).Create a "Life Resume": Document all your accomplishments, not just job-related ones, to combat imposter syndrome and recognize your inherent skills.Embrace AI as an Enhancement Tool: Use AI to advance your capabilities, not replace them.Listen for Pain Points: Proactively identify business problems and propose secure solutions before they go rogue. Quote of the Show: “Security, we’re the bad people. We’re the ones who tell you no all the time, and I think that’s a myth that has to be shot down.” - Antonio Taylor Links: LinkedIn: https://www.linkedin.com/in/antoniodtaylor/ Website: https://www.homewithmission.com/ Book: https://a.co/d/127OwCr  Ways to Tune In: Transistor: https://guardiansofthedata.show/  Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-dataiHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/YouTube: https://www.youtube.com/@GuardiansoftheDataPod

    55 min
See All (33)

Trailer

Ratings & Reviews

5
out of 5
3 Ratings

About

Welcome to Guardians of the Data! Join host, Ward Balcerzak, each week as he dives deep into the passions, expertise, and experiences of CISOs, Chief Data Officers, and more. Guardians of the Data is sponsored by Sentra - AI-powered data security platform that discovers and classifies all your data accurately and automatically to achieve enterprise-scale data protection without the fuss.

Information

  • Creator
    Ward Balcerzak
  • Years Active
    2025 - 2026
  • Episodes
    33
  • Rating
    Clean
  • Copyright
    © 2026 Ward Balcerzak
  • Show Website
    Guardians of the Data