Defense in Depth David Spark

All links and images for this episode can be found on CISO Series.
How do you make the argument that your company needs a CISO, and that YOU should be that leader? What do you need to demonstrate to prove you can be that person?
Check out this post and this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. We welcome our sponsored guest Radley Meyers (@radleymeyers), Partner, SPMB Executive Search.
Thanks to our podcast sponsor, SPMB

SPMB connects top executive talent to the world’s best and fastest growing innovators across the country. A key area we bring extensive knowledge and expertise to is our dedicated Security Practice, leading both functional searches (CISO and VP’s defining security strategy) and building out executive teams at top security software companies.
In this episode: 
How do you make the argument that your company needs a CISO, and that YOU should be that leader? What do you need to demonstrate to prove you can be that person? Do you have a sound understanding of the WHY behind the organization's existence and how value is added or taken away? How do you lay out a plan to win in whatever industry you are in because of security NOT despite it?

All links and images for this episode can be found on CISO Series.
How do you become a CISO? It doesn't follow a linear pattern as many other professions. There are many different paths and there are many different entry points.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Our guest is Yabing Wang, CISO, Justworks.
Thanks to our podcast sponsor, SPMB

SPMB connects top executive talent to the world’s best and fastest growing innovators across the country. A key area we bring extensive knowledge and expertise to is our dedicated Security Practice, leading both functional searches (CISO and VP’s defining security strategy) and building out executive teams at top security software companies.
In this episode:
How do you become a CISO? Why doesn't it follow a linear pattern as many other professions? Why are there so many different paths and entry points? Why is it valuable to know how others did it and how you can glean that knowledge and apply it to your situation?

All links and images for this episode can be found on CISO Series.
What would it take to build your entire security program on open source software, tools, and intelligence?
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. We welcome guest DJ Schleen (@djschleen), distinguished security architect, Yahoo Paranoids.
Thanks to our podcast sponsor, SPMB

SPMB connects top executive talent to the world’s best and fastest growing innovators across the country. A key area we bring extensive knowledge and expertise to is our dedicated Security Practice, leading both functional searches (CISO and VP’s defining security strategy) and building out executive teams at top security software companies.
In this episode:
What would it take to build your entire security program on open source software, tools, and intelligence? Is it possible/feasible/practical to run a security program entirely based upon free and open source software, open source tools, and open source intelligence? Is it true that the more open source you use the more people you need? Do commercial software systems, tools, and intelligence have value above what can be found in open source?

All links and images for this episode can be found on CISO Series.
Businesses grow based on trust, but they have to operate in a world of risk. Even cybersecurity operates this way, but when it comes to third party analysis, what if we leaned on trust more than trying to calculate risk?
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and our guest co-host is Yaron Levi (@0xL3v1), CISO, Dolby. Yaron and I welcome Dan Walsh, CISO, VillageMD.
Thanks to our podcast sponsor, TrustCloud

TrustCloud is the all-in-one platform to accelerate sales and security reviews, automate compliance efforts, and map contractual liability across your business. Connect with us to learn how you can transform security from a cost center into a profit driver with TrustCloud’s programmatic risk and compliance verification tools.
In this episode: 
When it comes to third party analysis, what if we leaned on trust more than trying to calculate risk? Should we have a “glass half empty” or a “glass half full” attitude towards third party risk? Wouldn't it be better to measure the level of how much we can TRUST the 3rd party? Is it vitally important to assess how resilient the organization is to failure caused by each third party?

All links and images for this episode can be found on CISO Series
The cybersecurity sales process is so terribly inefficient. And everyone, the targets and cybersecurity leaders, are losing valuable time because of that inefficiency. Where can we start making improvements?
Check out this post for the discussion that's the basis for this podcast episode. This week's Defense in Depth is hosted by me, David Spark (@dspark), producer, CISO Series. Our guest co-host is John Overbaugh, CISO, ASG. John and I welcome our guest, Jerich Beason (@blanketsec), commercial CISO, Capital One.
Thanks to our podcast sponsor, Compyl

GRC solutions often cause process roadblocks within organizations. They are either antiquated and lack the functionality needed or so stripped down they can’t fix the problems you set to solve. That's why the team over at Compyl created the all-in-one security and compliance automation platform. Compyl quickly integrates with the tools you use, and automates 85% of the day-to-day tasks, all while providing complete transparency and comprehensive reporting along the way. Start your free trial with Compyl today and see all the efficiency gains you can expect from a leading solution. Learn about Compyl today at www.compyl.com/getstarted.
In this episode: 
Why is the cybersecurity sales process so terribly inefficient?
Where can we start making improvements?
What could be done to improve the efficiency?
What is the solution to removing wasted effort and time?

All links and images for this episode can be found on CISO Series.
When you think about building a plan (and budget!) for your security program, do you lead with risk, maturity, or something else?
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Our guest is Ngozi Eze, CISO, Levi Strauss.
Thanks to our podcast sponsor, runZero

runZero is the cyber asset management solution that helps you find and identify every managed and unmanaged asset connected to your network and in the cloud. Get the data and context needed to effectively manage and secure your environment. Try runZero for free at runzero.com.
In this episode:
When you think about building a plan (and budget!) for your security program, do you lead with risk, maturity, or something else? What's the overall theme you lead with when you're building a security program? Why is it an important question to answer before you build your program? How greatly can it vary?