
100 episodes

Defense in Depth David Spark
-
- Technology
-
-
4.9 • 56 Ratings
-
Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.
-
How to Manage Users' Desires for New Technology
All links and images for this episode can be found on CISO Series.
Large language models and generative AI are today's disruptive technology. This is not the first time companies just want to ban a new technology that everyone loves. Yet, we're doing it all over again. Whether its ChatGPT or BYOD, people are going to use desirable new tech. So if our job isn't to stop it, how do we secure it?
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our special guest, Carla Sweeney, SVP, InfoSec, Red Ventures.
Thanks to our podcast sponsor, Censys
Censys is the leading Internet Intelligence Platform for Threat Hunting and Exposure Management. We provide the most comprehensive, accurate, and up-to-date map of the internet, which scans 45x more services than the nearest competitor across the world’s largest certificate database (>10B). Learn more at www.censys.com.
In this episode:
Whether its ChatGPT or BYOD, people are going to use desirable new tech. So if our job isn't to stop it, how do we secure it? Are tools like ChatGPT so different from what we've seen before that we can't apply lessons already learned? What risks are we solving for with it and where do we go from there? Is this just a security issue? -
Cybersecurity Questions Heard Around the Kitchen Table
All links and images for this episode can be found on CISO Series.
What do the people least in the know about cyber, want to know? What are they asking?
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our special guest, Caitlin Sarian, AKA cybersecuritygirl on TikTok.
Thanks to our podcast sponsor, DataBee from Comcast Technology Solutions
DataBee™, from Comcast Technology Solutions, is a cloud-native security, risk and compliance data fabric platform that transforms your security data chaos into connected outcomes.
Built by security professionals for security professionals, DataBee enables users to examine the past, react to the present, and protect the future of the business.
In this episode:
What do the people least in the know about cyber, want to know? What are they asking? How important is it to understand what concerns the average person? Are these reasonable concerns or do you think they're directed by media pressure? How do regular, everyday people know what is safe and best practices without a clear path or studying cybersecurity in depth? -
How to Prime Your Data Lake
All links and images for this episode can be found on CISO Series.
A security data lake, a data repository of everything you need to analyze and get analyzed sounds wonderful. But priming that lake, and stocking it with the data you want to get the insights you need is a more difficult task than it seems.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our sponsored guest, Matt Tharp, Head of Field Engineering, Comcast DataBee.
Thanks to our podcast sponsor, Comcast Technology Solutions
In this episode:
What exactly is a data lake? How are people thinking about and handling the risks? If you want security data lakes to be successful, what customer problem are you trying to solve? How can you make it both dead simple to use AND highly effective? -
Getting Ahead Of Your Threat Intelligence Program
All links and images for this episode can be found on CISO Series.
A threat intelligence program sounds like a sound effort in any security program. But, can you pull it off? There are so many phases to execute properly. Blow it with any one of them and your threat intelligence effort is moot.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us today is our special guest Jon Oltsik, distinguished analyst and fellow, Enterprise Strategy Group.
Thanks to our podcast sponsor, Comcast
DataBee™, from Comcast Technology Solutions, is a cloud-native security, risk and compliance data fabric platform that transforms your security data chaos into connected outcomes.
Built by security professionals for security professionals, DataBee enables users to examine the past, react to the present, and protect the future of the business.
In this episode:
A threat intelligence program sounds like a sound effort in any security program. But, can you pull it off? Which phase of a threat intelligence program gives you the most trouble, and why? What has been your personal experience, and does it change organization to organization? How do you measure the success of the program to prove the value of the work being done? -
How Security Leaders Deal with Intense Stress
All links and images for this episode can be found on CISO Series.
When you have an incident and you're engulfed by the stress that lasts more than a day, how do you manage and deal with it? And not only how do you manage your stress, but how do you manage everyone else's?
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our special guest, Tim Brown, CISO, Solarwinds.
Thanks to our podcast sponsor, Push Security
Do you have visibility of all the SaaS apps your employees are storing corporate data on? Are employees protecting all their accounts against identity-based attacks?
Discover all the SaaS your employees use - including shadow apps and identities - and secure your data. Find out more at pushsecurity.com.
In this episode:
When you have an incident and you're engulfed by the stress that lasts more than a day, how do you manage and deal with it? And not only how do you manage your stress, but how do you manage everyone else's? During a major incident, which stress is more difficult to manage? Your own, or those around you? How is this everyone's concern? -
How Do We Influence Secure Behavior?
All links and images for this episode can be found on CISO Series.
We all know that our employees need to be more security aware, but what are the methods to get them there? How can we make our employees more security conscious?
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest Jack Chapman, vp, threat intelligence, Egress.
Thanks to our podcast sponsor, Egress
Egress helps organization stop email security risks is by addressing both inbound and outbound threats together,. We recognize that people get hacked, make mistakes, and break the rules. Egress's Intelligent Cloud Email Security suite uses patented self-learning technology to detect sophisticated inbound and outbound threats, and protect against data loss. Learn more at egress.com.
In this episode:
We all know that our employees need to be more security aware, but what are the methods to get them there? How can we make our employees more security conscious? What does it take to get security to "stick" with your coworkers? Why does security remain so darn difficult?