100 episodes

Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.

Defense in Depth David Spark

    • Technology
    • 4.9 • 55 Ratings

Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.

    Reputational Damage from Breaches

    Reputational Damage from Breaches

    All links and images for this episode can be found on CISO Series.
    Security professionals talk a lot about the reputational damage from breaches. And it seems logical, but major companies still do get breached and their reputation seems spared. What's the reality of what breaches can do to a company's reputation?
    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. We welcome our guest Cecil Pineda, CISO, R1.
    Thanks to our podcast sponsor, Brinqa

    Understand your cyber assets, prioritize vulnerabilities, automate remediation, and continuously monitor cyber hygiene across the entire attack surface — infrastructure, applications and cloud — with Brinqa. See how at brinqa.com.
    In this episode:
    Security professionals talk a lot about the reputational damage from breaches, so why do companies still get breached? What's the reality of what breaches can do to a company's reputation? Does a breach really result in lasting reputation damage? Are we more accepting of breaches now?

    • 30 min
    Do RFPs Work?

    Do RFPs Work?

    All links and images for this episode can be found on CISO Series.
    Do RFPs or request for proposals work as intended? It seems they're loaded with flaws yet for some organizations who must follow processes, they become necessary evils for both buyers and sellers. What can we do to improve the process?
    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. We welcome our guest Keith McCartney (@kmflgator), vp, security and IT, DNAnexus.
    Thanks to our podcast sponsor, TrustCloud

    TrustCloud is the all-in-one platform to accelerate sales and security reviews, automate compliance efforts, and map contractual liability across your business. Connect with us to learn how you can transform security from a cost center into a profit driver with TrustCloud’s programmatic risk and compliance verification tools.
    In this episode: 
    Do RFPs or request for proposals work as intended? Does it seem they're loaded with flaws? Have they become necessary evils for both buyers and sellers? What can we do to improve the process?

    • 27 min
    Successful Cloud Security

    Successful Cloud Security

    All links and images for this episode can be found on CISO Series.
    What are the moves we should be making in cloud to improve our security? What constitutes a good cloud security posture?
    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Andy Ellis, operating partner, YL Ventures. We welcome our sponsored guest Yoav Alon, CTO, Orca Security.
    Thanks to our podcast sponsor, Orca Security

    Orca Security is the pioneer of agentless cloud security that is trusted by hundreds of enterprises globally. With continuous first-to-market innovations and expertise, the Orca Platform ensures security teams quickly identify and remediate risks to keep their businesses secure. Connect your first account in minutes by visiting www.orca.security.
    In this episode:
    What does successful cloud security look like? What are the moves we should be making in the cloud to improve our security? What constitutes a good cloud security posture? What should we be measuring when it comes to cloud security?

    • 31 min
    How Should Security Vendors Engage With CISOs?

    How Should Security Vendors Engage With CISOs?

    All links and images for this episode can be found on CISO Series.
    One CISO has had enough of the security vendor marketing emails and cold sales calls. He's blocking them all. But it's not a call to avoid all salespeople. He just doesn't have the time to be a target anymore. So how should vendors engage with such a CISO? And does CISO represent most CISOs today?
    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. We welcome our sponsored guest Joy Forsythe, VP, Security, Thrive Global.
    Thanks to our podcast sponsor, Code42

    Code42 is focused on delivering solutions built with the modern-day collaborative culture in mind. Code42 Incydr tracks activity across computers, USB, email, file link sharing, Airdrop, the cloud and more, our SaaS-based solution surfaces and prioritizes file exposure and data exfiltration events. Learn more at Code42.com.
    In this episode:
    How should vendors engage with CISOs who are tired of being targeted? How can vendors reach CISOs who have had enough of the security vendor marketing emails and cold sales calls? Does CISO represent most CISOs today? Is the sales "system" essentially broken?

    • 37 min
    Gartner Created Product Categories

    Gartner Created Product Categories

    All links and images for this episode can be found on CISO Series.
    Do we really need more categories of security products? Every new Gartner magic quadrant complicates the marketplace but at the same time helps us understand the other vectors we need to protect. Do new categories of security products help or hurt the industry?
    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Our guest is Corey Elinburg (@celinburg), CISO, CommonSpirit Health.
    Thanks to our podcast sponsor, Egress

    In this episode:
    Do we really need more categories of security products? Does it seem like every new Gartner magic quadrant complicates the marketplace but at the same time helps us understand the other vectors we need to protect? Do new categories of security products help or hurt the industry? Does this make it hard to keep up to date on all new products?

    • 34 min
    How to Always Make a Business Case for Security

    How to Always Make a Business Case for Security

    All links and images for this episode can be found on CISO Series.
    How can security leaders and how do they go about matching business case to every security action you want to take? Is this the right way to sell security to the board?
    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Our sponsored guest is Sravish Sridhar (@sravish), founder and CEO, TrustCloud.
    Thanks to our podcast sponsor, TrustCloud

    TrustCloud is the all-in-one platform to accelerate sales and security reviews, automate compliance efforts, and map contractual liability across your business. Connect with us to learn how you can transform security from a cost center into a profit driver with TrustCloud’s programmatic risk and compliance verification tools.
    In this episode:
    How can security leaders best make a case for security? How do you go about matching business cases to every security action you want to take? Is this the right way to sell security to the board? How do you show that security can be aligned to business objectives?

    • 31 min

Customer Reviews

4.9 out of 5
55 Ratings

55 Ratings

Shay Ch ,

Best cybersecurity podcast out there!

I listen or have listened to virtually every cybersecurity podcast out there and this one is my favorite by far! Well done folks!

John Haden ,

Love David’s shows

David always has great topics and guests. I listen to other security podcasts where there’s only one person speaking…man they’re boring! Not David’s! Always engaging!

roselinevelee ,

Value Added

If you aren’t listening to these podcasts what are you even doing with your life. Security professionals add value to your core knowledge with these daily injections of absolutely vital industry knowledge and trends.

Top Podcasts In Technology

Jason Calacanis
Lex Fridman
The New York Times
NPR
Ben Gilbert and David Rosenthal
Jack Rhysider

You Might Also Like

David Spark, Mike Johnson, and Andy Ellis
CISO Series
ITWC
N2K Networks
Johannes B. Ullrich
N2K Networks