100 episodes

Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.

Defense in Depth David Spark

    • Technology
    • 4.9 • 49 Ratings

Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.

    Cybersecurity Burnout

    Cybersecurity Burnout

    All links and images for this episode can be found on CISO Series
    Why are cybersecurity professionals burning out? What's the dynamic of the job, the pressures being put on them, that causes the best to leave? And this industry can't afford to lose its best talent.
    Check out this post for the discussions that are the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and special guest co-host Shawn Bowen (@SMbowen), CISO, World Fuel Services. Our guest is Bozidar Spirovski (@spirovskib), CISO, Blue dot.
    Thanks to our podcast sponsor, HYAS

    Better production environment security starts with visibility. After all, how can you protect your most valuable asset if you don’t know A: what’s expected and B: when something’s happening that isn’t expected?

    This is why HYAS Confront monitors traffic to alert you to anomalies, letting you address risks, threats, and changes, while blocking infiltrations before they become successful attacks.

    Don’t just react, take your security back with HYAS. Visit HYAS.com
    In this episode:
    Why are cybersecurity professionals burning out? What's the dynamic of the job, the pressures being put on them, that causes the best to leave? Are certain areas of cyber are more prone to burnout than others? Do we have a training and communication crisis in the field?

    • 32 min
    How to Build a Greenfield Security Program

    How to Build a Greenfield Security Program

    All links and images for this episode can be found on CISO Series
    You're starting a security program from scratch and you're trying to figure out where to start, what to prioritize, and how to architect it so it grows naturally and not a series of random patches over time.
    Check out this post for the discussions that are the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO. Our guest is Mark Bruns, CISO, First Bank.
    Thanks to our podcast sponsor, Keyavi

    Myth: Data can’t protect itself. Fact: Now it does! You control where your data goes in the world, who can access it and when. On any device. Anytime. Anywhere. FOREVER. Learn more at Keyavi.com.
    In this episode:
    Have you ever had a purely greenfield situation? When starting a security program from scratch, how do you figure out where to start and what to prioritize? What are the top five actions if you were going to implement a brand new/greenfield security program? How do you architect a security program so that it grows naturally and not a series of random patches over time?

    • 31 min
    Managing the Onslaught of Files

    Managing the Onslaught of Files

    All links and images for this episode can be found on CISO Series
    Files are still the core of how people do business. How are you dealing with the onslaught of files coming into your network? People are sharing files across a multitude of platforms, and many for which you may not even know about. What checks and balances do you put in place to make sure you've got file integrity no matter the source?
    Check out this post for the discussion that are the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Our sponsored guest is Aviv Grafi, founder and CTO, Votiro.
    Thanks to our podcast sponsor, Votiro

    Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it’s an API, so it integrates with everything – including Microsoft 365. Learn more at Votiro.com. That’s v-o-t-i-r-o.com
    In this episode:
    How are you dealing with the onslaught of files coming into your network?
    What checks and balances do you put in place to make sure you've got file integrity no matter the source?
    Who has the authority to decide whether a file should be protected or deleted?

    • 31 min
    Can You Have Culture Fit and Diversity, or Are They Mutually Exclusive?

    Can You Have Culture Fit and Diversity, or Are They Mutually Exclusive?

    All links and images for this episode can be found on CISO Series
    Hiring managers speak about looking for culture fit and diversity, but never at the same time. Can they coexist? Are they mutually exclusive?
    Check out this post for the discussion that are the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Our guest is Sherron Burgess, CISO, BCD Travel.
    Thanks to our podcast sponsor, Votiro

    Can you trust that the files entering your organization are free of hidden threats like malware & ransomware? With Votiro you can. Votiro removes evasive and unknown malware from files in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it’s an API, so it integrates with email, cloud apps & storage, and content collaboration platforms like Microsoft 365 - wherever files need to flow. Learn more at Votiro.com.
    In this episode:
    Hiring managers speak about looking for culture fit and diversity, but never at the same time. Can they coexist? Are they mutually exclusive? How can you learn and grow as a company if everyone fits into one box? Is reaching diversity an overnight achievement, or a longer journey?

    • 34 min
    How to Follow Up With a CISO

    How to Follow Up With a CISO

    All links and images for this episode can be found on CISO Series
    Cyber sales is hard. But don't let the difficulty of doing it get in way of your good judgement. So what is the right way to follow up with a CISO?
    Check out this post for the discussions that are the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Our guest is Jack Kufahl, CISO, Michigan Medicine.
    Thanks to our podcast sponsor, SolCyber

    At SolCyber we're hell-bent on delivering Fortune 500 level cyber security for small and medium-sized enterprises. When you're being targeted by the same bad guys, nothing else will do. We bring to the table a curated stack of leading technologies and around-the-clock SOC support, all simply priced per user. Let us do the heavy lifting.
    In this episode:
    What is the right way to follow up with a CISO?
    How to prevent the difficulty of sales from clouding your good judgement?
    What are some ideas on how best to reach out to CISOs and other potential customers?

    • 36 min
    Roles to Prepare You to Be a CISO

    Roles to Prepare You to Be a CISO

    All links and images for this episode can be found on CISO Series
    One day you want to be a CISO. What area of security you begin your studies? Or maybe you shouldn't be studying security.
    Check out this post for the discussion that are the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Our guest is Evelin Biro (@wolfsgame), CISO, Alliant Credit Union.
    Thanks to our podcast sponsor, Qualys

    Qualys is a pioneer and leading provider of cloud-based security and compliance solutions.
    In this episode:
    What path should I take if I want to be a CISO?
    What security jobs/roles best prepare you to become a CISO?
    In what ways does the CISO role require totally different skills than the technical roles?

    • 31 min

Customer Reviews

4.9 out of 5
49 Ratings

49 Ratings

Shay Ch ,

Best cybersecurity podcast out there!

I listen or have listened to virtually every cybersecurity podcast out there and this one is my favorite by far! Well done folks!

John Haden ,

Love David’s shows

David always has great topics and guests. I listen to other security podcasts where there’s only one person speaking…man they’re boring! Not David’s! Always engaging!

roselinevelee ,

Value Added

If you aren’t listening to these podcasts what are you even doing with your life. Security professionals add value to your core knowledge with these daily injections of absolutely vital industry knowledge and trends.

You Might Also Like

CISO Series
David Spark, Mike Johnson, and Andy Ellis
CyberWire, Inc.
ITWC
Johannes B. Ullrich
CyberWire Inc.