The Virtual CISO Moment

Greg Schaffer

The Virtual CISO Moment dives into the stories of information security, information technology, and risk management pros; what drives them and what makes them successful while helping small and midsized business (SMB) security needs. No frills, no glamour, no transparent whiteboard text, no complex graphics, and no script - just honest discussion of SMB information security risk issues. Brought to you by vCISO Services, LLC, a leading provider of vCISO and information security risk management services. Visit https://vcisoservices.com to learn more. A Second Chance Publishing, LLC podcast.

  1. 6D AGO

    S8E11 - Cyber Threat Intelligence Insights with Travis Whitesel

    Cybersecurity isn’t just about technology—it’s about mindset, risk, and understanding where organizations are truly vulnerable. In this episode of The Virtual CISO Moment, host Greg Schaffer sits down with cyber threat intelligence professional Travis Whitesel to explore the evolving intersection of military intelligence, cybersecurity, and emerging risks in unexpected places like the sports industry. Travis shares how his journey from Army intelligence analyst to cyber warfare technician shaped his approach to cybersecurity—and how that perspective led him to launch Victory Cybersecurity Consulting to help underserved sectors strengthen their defenses within real-world budget constraints. From the growing risks around NIL deals for college athletes to the challenge small organizations face in prioritizing security investments, the conversation highlights practical ways to think about cyber risk without enterprise-level resources. The episode also dives into the realities of nation-state threats, why process often matters more than technology, and how cybersecurity professionals can avoid burnout in a high-pressure field. It’s a candid discussion about bridging strategy and tactics, communicating cyber risk in language executives understand, and finding balance while working in one of the most demanding industries today. Tune in to hear how one cyber professional is helping organizations—from universities to sports programs—build smarter security strategies in an increasingly complex threat landscape.

    34 min

  2. MAR 10

    S8E10 - AI Governance and the Future of Security with Jack Rumbaugh

    Cybersecurity leaders often struggle to translate technical risk into something the business actually understands. In this episode of The Virtual CISO Moment, Greg Schaffer sits down with Jack Rumbaugh, an experienced CISO and virtual CISO with a background spanning telecommunications, healthcare, finance, and global enterprises. Jack shares how security leaders can communicate cyber risk in the language executives understand—dollars and business impact—using approaches like FAIR risk analysis. The conversation also explores the growing role of AI governance, the risks of relying too heavily on generative AI in development, and why organizations must keep a human in the loop as AI capabilities expand. If you're navigating the intersection of cybersecurity, business leadership, and emerging AI risks, this episode offers practical insights you won’t want to miss.

    30 min

  3. MAR 3

    S8E9 - Jeremy Krienke on Risk, Resilience, and vCISO Work

    Jeremy Krienke, founder and CEO of Sidewalk Security Advisors, shares his journey from early threat intelligence work alongside federal partners to leading security programs in banking and fintech—and ultimately launching his own advisory firm. In this episode, Jeremy and Greg explore what it really means to serve as a fractional CISO, how to uncover and align to a company’s true risk appetite, and why many organizations misunderstand executive-level security leadership. Jeremy also discusses the entrepreneurial leap, lessons learned in the first year of business ownership, and his vision for improving third-party risk and incident transparency in regulated industries. A candid conversation about strategy, storytelling, and building security programs that actually fit the business.

    32 min

  4. FEB 25

    S8E8 - Ransomware Realities with Chris Kimpland

    In this episode of The Virtual CISO Moment, Greg Schaffer sits down with Chris Kimpland, CEO of Velocity Incident Response, a service-disabled veteran-owned firm specializing in digital forensics and incident response A former U.S. Army combat engineer, Chris has led hundreds of ransomware negotiations and brings a candid, frontline perspective to what unfolds during an active breach. He shares why negotiation is often more business than emotion, what “proof of life” means in a data extortion case, and how organizations navigate the hardest decision of all — whether to pay. This episode delivers a concise, real-world look at crisis leadership when minutes matter and stakes are high.

    31 min

  5. FEB 17

    S8E7 - Governing the AI Explosion with Dr. Natalia Semenova

    In this episode of The Virtual CISO Moment, Greg Schaffer sits down with cybersecurity architect Dr. Natalia Semenova for a deep dive into the evolving world of AI risk and security architecture With a Ph.D. in applied mathematics and experience spanning Google, Microsoft, Mercedes-Benz, and Deloitte, Natalia shares how her mathematical mindset shapes her approach to threat modeling, agentic AI, and governance frameworks. The conversation explores: Why AI threat modeling is fundamentally about subjects and objectsWhat ISO 42001 gets right about AI governanceHow AI risk differs from traditional IT riskWhy smaller businesses shouldn’t ignore AI governanceThe real role (and limits) of the virtual CISOWhether generative AI is eliminating security jobs—or creating new onesNatalia also offers a powerful perspective on auditing: if you’re being audited, you should understand the auditor’s playbook. If you’re navigating AI adoption, compliance, or evolving your vCISO practice, this episode delivers practical insights grounded in global experience.

    31 min

  6. FEB 10

    S8E6 - Passing Audits Isn’t Security with Mariia Erokhina

    What does real security maturity actually look like—beyond checklists and audits? In this episode of The Virtual CISO Moment, Greg Schaffer sits down with Mariia Erokhina, a global security leader who challenges the industry’s obsession with controls and compliance theater. Mariia shares why security must be embedded into business operations, how executives misunderstand risk ownership, and what aspiring CISOs must learn to operate at the strategic level. If you’ve ever questioned whether “audit-ready” really means “secure,” this conversation is for you.

    33 min

  7. FEB 3

    S8E5 - Order to Chaos: Cyber Risk and AI Governance with Scott Foote

    In this episode of The Virtual CISO Moment, Greg Schaffer talks with cybersecurity veteran Scott Foote about what hasn’t changed in cyber risk over the last 35 years—and why AI is amplifying those same mistakes at unprecedented speed. They discuss shadow AI, insecure defaults, “vibe coding,” privacy risks, and the growing need for practical AI governance. Drawing on decades of experience across industry and government, Scott shares why fundamentals still matter, how organizations can bring order to AI chaos, and what leaders need to understand before adopting AI at scale. A thoughtful, wide-ranging episode for CISOs, vCISOs, board advisors, and executives trying to understand where cyber risk ends and AI governance begins—and why fundamentals still matter more than ever.

    33 min

  8. JAN 27

    S8E4 - Offensive Security in the Age of AI with Mike Gropp

    In this episode of The Virtual CISO Moment, Greg sits down with Mike Gropp to explore an unconventional journey into cybersecurity—from entrepreneurship and living in China to offensive security and red teaming. The conversation dives deep into the real-world risks of “vibe coding,” AI-driven development, and why security can’t be an afterthought for business builders. Mike also shares hard-earned lessons on communication, risk ownership, and staying grounded in a high-stress industry—plus how endurance running keeps him sharp both mentally and professionally.

    36 min
See All (517)

Trailers

Ratings & Reviews

4.9
out of 5
7 Ratings

About

The Virtual CISO Moment dives into the stories of information security, information technology, and risk management pros; what drives them and what makes them successful while helping small and midsized business (SMB) security needs. No frills, no glamour, no transparent whiteboard text, no complex graphics, and no script - just honest discussion of SMB information security risk issues. Brought to you by vCISO Services, LLC, a leading provider of vCISO and information security risk management services. Visit https://vcisoservices.com to learn more. A Second Chance Publishing, LLC podcast.

Information

  • Creator
    Greg Schaffer
  • Years Active
    2022 - 2026
  • Episodes
    517
  • Rating
    Clean
  • Copyright
    © Greg Schaffer
  • Show Website
    The Virtual CISO Moment

You Might Also Like