257 episodes

Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.

Defense in Depth David Spark

    • Technology
    • 4.9 • 61 Ratings

Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.

    What Are the Risks of Being a CISO?

    What Are the Risks of Being a CISO?

    All links and images for this episode can be found on CISO Series.
    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our guest, Phil Davis, attorney, healthcare cybersecurity and privacy, Hall Render.
    In this episode:
    In today's current climate, is the role of the CISO still worth it?
    Does the position carry a lot of potential liability?
    Do the upsides still outweigh the risks?
    Do CISOs tend to have more responsibility than authority?
    Thanks to our podcast sponsor, Sonrai Security

    A one-click solution that removes excessive permissions and unused services, quarantines unused identities, and restricts specific regions within the cloud. Later, maintain this level of security by automatically enforcing policies as new accounts, roles, permissions, and services are added to your environment.
    Start a free trial today! sonrai.co/ciso

    • 35 min
    Onboarding Security Professionals

    Onboarding Security Professionals

    All links and images for this episode can be found on CISO Series.
    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our guest, Paul Connelly, former CISO, HCA HealthcareGot feedback?
    In this episode:
    How important is onboarding new cyber talent?
    Does it set the tone for their tenure with your organization?
    What should CISOs do to make sure onboarding is effective for both sides?
    What are the mistakes CISOs should avoid, and what are the best ways to excel?
     Thanks to our podcast sponsor, OffSec

    OffSec helps companies like Cisco, Google, and Salesforce upskill cybersecurity talent through comprehensive training and resources. With programs ranging from red team and blue team training and more, your team will be ready to face real-world threats. Request a free trial for your team to explore OffSec’s learning library and cyber range.

    • 31 min
    How to Improve Your Relationship With Your Boss

    How to Improve Your Relationship With Your Boss

    All links and images for this episode can be found on CISO Series.
    Check out this post Monte Pedersen of The CDA Group for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn.  Joining us is our guest, Jerry Davis, division director for cyber defense at Truist Bank.
    In this episode:
    Why does advancing your career require more than just technical skills?
    Does it require you to build relationships within your organizations, particularly with your boss?
    How can you consciously build these relationships with an eye to leveling up your career?
    How do you develop soft skills?
    Thanks to our podcast sponsor, OffSec

    OffSec helps companies like Cisco, Google, and Salesforce upskill cybersecurity talent through comprehensive training and resources. With programs ranging from red team and blue team training and more, your team will be ready to face real-world threats. Request a free trial for your team to explore OffSec’s learning library and cyber range.

    • 29 min
    Improving the Responsiveness of Your SOC

    Improving the Responsiveness of Your SOC

    All links and images for this episode can be found on CISO Series.
    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining me is our sponsored guest, Spencer Thompson, CEO, Prelude.
    In this episode:
    Why does it take so long to integrate new tools and get them up to speed?
    Are we always in a state where we are always lacking readiness?
    What should we be measuring?
    Do we focus too much on singular events?
    Thanks to our podcast sponsor, Prelude

    Prelude Detect is the world's only production-scale detection and response testing platform. Automatically transform your threat intelligence into validated detections and preventions in less than five minutes. Integrate with CrowdStrike, Microsoft Defender, SentinelOne, and more to enable machine speed detection and response engineering 🏎️ Learn more at preludesecurity.com.

    • 27 min
    The Demand for Affordable Blue Team Training

    The Demand for Affordable Blue Team Training

    All links and images for this episode can be found on CISO Series.
    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining me is our guest, Ron Gula, president and co-founder, Gula Tech Adventures.
    In this episode:
    Why is it so darn expensive to get any training on the defender side?
    Why is there a mountain of free education for red teaming?
    Shouldn’t blue team training should be free or less expensive as well?
    Is this the firewall that's preventing us from having all those cyber experts we so desperately need?
    Thanks to our podcast sponsor, Query

    Query Federated Search gets to your security relevant data wherever it is - in data lakes, security tools, cloud services, SIEMs, or wherever. Query searches and normalizes data for use in security investigations, threat hunting, incident response, and everything you do. And we plug into Splunk. Visit query.ai.

    • 29 min
    Why are CISOs Excluded from Executive Leadership?

    Why are CISOs Excluded from Executive Leadership?

    All links and images for this episode can be found on CISO Series.
    Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our guest, Ben Sapiro, head of global cyber security services, Manulife.
    In this episode:
    Why do we see a dearth of CISOs listed in executive leadership?
    Is this just a factor of company reporting structure?
    Or do CISOs really not have a seat at the table with the business?
    How do we convince the C-suite?
    Thanks to our podcast sponsor, Query

    Query Federated Search gets to your security relevant data wherever it is - in data lakes, security tools, cloud services, SIEMs, or wherever. Query searches and normalizes data for use in security investigations, threat hunting, incident response, and everything you do. And we plug into Splunk. Visit query.ai.

    • 33 min

Customer Reviews

4.9 out of 5
61 Ratings

61 Ratings

Shay Ch ,

Best cybersecurity podcast out there!

I listen or have listened to virtually every cybersecurity podcast out there and this one is my favorite by far! Well done folks!

John Haden ,

Love David’s shows

David always has great topics and guests. I listen to other security podcasts where there’s only one person speaking…man they’re boring! Not David’s! Always engaging!

roselinevelee ,

Value Added

If you aren’t listening to these podcasts what are you even doing with your life. Security professionals add value to your core knowledge with these daily injections of absolutely vital industry knowledge and trends.

Top Podcasts In Technology

Lex Fridman Podcast
Lex Fridman
All-In with Chamath, Jason, Sacks & Friedberg
All-In Podcast, LLC
Acquired
Ben Gilbert and David Rosenthal
TED Radio Hour
NPR
Hard Fork
The New York Times
Deep Questions with Cal Newport
Cal Newport

You Might Also Like

CISO Series Podcast
David Spark, Mike Johnson, and Andy Ellis
Cyber Security Headlines
CISO Series
CyberWire Daily
N2K Networks
Cybersecurity Today
ITWC
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
Hacking Humans
N2K Networks