The Professional CISO

🚀 Episode Summary:In this insightful episode of The Professional CISO Show, host David Malicoat dives into the dynamic world of cybersecurity leadership with Janie Aggas, Head of Global Business Information Security Office (BISO) at CBRE. From her beginnings in legal studies to her transformative career journey, Janie sheds light on the pivotal role of a BISO in enabling business innovation securely.Janie explores her unique path, the importance of professionalizing the CISO role, and her ongoing pursuit of a Master’s in Legal Studies in Cybersecurity Law and Policy. Discover how BISOs bridge the gap between cybersecurity, business, and technology, and why this role is critical in today’s evolving digital landscape.🎯 Key Highlights:• Janie’s Career Journey: From legal studies to cybersecurity leadership• The Role of a BISO: A liaison between cybersecurity, business, and technology• Emerging Tech in Cybersecurity: Tackling unknowns like NFTs and immersive experiences• Professionalizing the CISO Role: Why it matters and how BISOs contribute• Practical Takeaways: Insights from Janie’s pursuit of a Master’s in Legal Studies• Career Development: How BISOs can grow into future CISO roles💡 Takeaways for Listeners:• Why the BISO role is vital for aligning security with business objectives• How emerging tech presents both challenges and opportunities in cybersecurity• Practical advice for aspiring BISOs or those transitioning from technical roles📢 Call to Action:👉 Don’t miss out on more conversations like this!• Follow The Professional CISO Show on Spotify and Apple Podcasts• Rate & Review the podcast to help us grow and reach more cybersecurity leaders!• Share this episode with your network and tag us on LinkedIn!🌐 Connect with Us:• Website: www.thpc.co• LinkedIn: The Professional CISO Show• Spotify: The Professional CISO Show• Apple Podcasts: The Professional CISO Show📋 Guest Information:Janie Aggas• Head of Global Business Information Security Office at CBRE• Connect with her on LinkedIn🔖 Hashtags:#TheProfessionalCISO #Cybersecurity #BISO #Leadership #EmergingTech #CyberRisk #JanieAggas #CBRE

Are the cybersecurity job numbers you’re hearing really accurate? In this compelling episode of The Professional CISO Show, host David Malicoat is joined by Ira Winkler, Vice President and CISO at CYE, to challenge the job market statistics promoted by ISC² and discuss their ethical implications for the cybersecurity profession.Ira shares the story behind his open letter to ISC², breaking down their claim of 4.8 million job openings and calling for greater transparency and accountability. This eye-opening conversation explores the disconnect between industry narratives and real-world hiring practices, as well as the critical role professional organizations play in maintaining credibility and trust.Whether you’re a cybersecurity professional, a hiring manager, or someone looking to enter the field, this episode provides invaluable insights into certifications, ethics, and the realities of the job market.Key Highlights:• Misleading cybersecurity job statistics: What’s really happening?• The ethics of promoting certifications with exaggerated claims.• The reality of hiring for cybersecurity roles: Entry-level vs. skilled positions.• How professional organizations can regain credibility and trust.• Ira Winkler’s take on professionalizing the cybersecurity industry.🎧 Plus, don’t miss Ira’s quickfire answers in our signature “10 Questions” segment at the end!Key Points Covered:• [00:00] Introduction and overview of the episode• [02:00] Ira Winkler on his open letter to ISC² and its impact• [08:00] Breaking down ISC²’s job market statistics and the truth behind the numbers• [15:00] Ethical concerns and the responsibility of professional organizations• [22:00] The challenges facing cybersecurity leaders in hiring• [30:00] Ira’s career reflections and lessons for professionals• [37:00] Quickfire 10 Questions with Ira WinklerCall-to-Action:• Follow Us: Visit www.thpc.co to explore more episodes and resources.• Subscribe on YouTube: Watch More Episodes of The Professional CISO Show.• Listen on Spotify: The Professional CISO Show.• Listen on Apple Podcasts: The Professional CISO Show.• Connect with Us: Follow The Professional CISO Show on LinkedIn.Guest Information:Ira Winkler• Vice President and CISO at CYE• Acclaimed cybersecurity professional and thought leader• Author of several books on cybersecurity awareness and ethicsRelated Episodes:• Gary Hayslip on Professionalizing the CISO Role• Matt Walker on Leadership and Cybersecurity ChallengesHashtags:#Cybersecurity #ISC2 #ProfessionalCISO #IraWinkler #CyberLeadership #CyberEthics

In this exclusive and unfiltered episode of The Professional CISO Show, David Malicoat hosts Joe Sullivan, current CEO of Joe Sullivan Security LLC and the former Chief Security Officer of Uber, for an in-depth conversation you won’t want to miss. Joe reflects on his groundbreaking career, his trial as the first corporate executive prosecuted for handling a data breach, and the lessons he’s learned along the way.Joe’s insights on professionalizing the CISO role, navigating risk, and fostering collaboration between the public and private sectors provide a roadmap for cybersecurity leaders aiming to take their careers—and the profession—to the next level.What You’ll Learn in This Episode• Joe’s journey from federal prosecutor to pioneering cybersecurity leader.• The evolution of the CISO role and the need for professionalization.• Building trust and managing risk in high-pressure environments.• Key lessons from his trial and its impact on the cybersecurity profession.• The importance of public-private collaboration for cybersecurity’s future.Key Moments:• Joe’s early connection with technology – [00:01:00]• Building trust and safety at eBay and PayPal – [00:10:00]• Reflections on his trial and its implications – [00:21:00]• The case for a professional association for CISOs – [00:28:00]• Advice for the next generation of cybersecurity leaders – [00:43:00]About Joe SullivanJoe Sullivan is the current CEO of Joe Sullivan Security LLC and former Chief Security Officer of Uber. A trailblazer in cybersecurity leadership, Joe is a strong advocate for professionalizing the CISO role and enhancing public-private collaboration to solve the industry’s biggest challenges.Follow and SubscribeDon’t miss exclusive interviews with top cybersecurity leaders on The Professional CISO Show.• YouTube: http://www.youtube.com/@TheProfessionalCISO• Spotify: https://open.spotify.com/show/2C7JojNZPdg1g6AXvpKDfn?si=a7ac3172bb414673• Apple Podcasts: https://podcasts.apple.com/us/podcast/the-professional-ciso/id1731138021• Website: www.thpc.co• LinkedIn: https://www.linkedin.com/company/the-professional-ciso-showRelated Episodes• Gary Hayslip: The Future of Cybersecurity Leadership• Matt Walker on Professionalizing the CISO RoleRelevant Hashtags#CyberSecurity #JoeSullivan #CISO #Leadership #DataBreach #FutureOfCISOs

In this special episode recorded live from the North Texas ISSA CSC 12 Conference, host David Malicoat dives deep into the future of cybersecurity with industry trailblazers. Tune in to hear from Ryan Rowcliff of Hyper, Julio Casablanca of WWT, and Ryan Heinrich of ID.me as they share invaluable insights on identity assurance, decentralized security, and the cutting-edge developments reshaping the role of the CISO.Ryan Rowcliff explains Hyper’s transition to identity assurance, highlighting the impact of FIDO technology and the journey to a password-free future. Julio Casablanca explores “borderless security” and the shift away from traditional security stacks, emphasizing the value of decentralized solutions in today’s digital landscape. Ryan Heinrich discusses ID.me’s vision for a portable internet identity and user-centered verification.Whether you’re a seasoned cybersecurity professional or just curious about the evolving role of identity in digital security, this episode offers a dynamic look at the advancements shaping the future of cyber defense.Key Takeaways:• Understanding the importance of identity assurance in reducing password dependency• How borderless security enables decentralized, scalable solutions• The role of portable identity and user control in the future of digital identity• Emerging regulatory tools that empower CISOs and support cybersecurity transformationTimestamps:• [00:01:00] Identity Assurance and Passwordless Technology with Ryan Rowcliff• [00:04:00] Borderless Security and Decentralized Solutions with Julio Casablanca• [00:10:00] Portable Identity for the Internet with Ryan Heinrich• [00:16:00] CISOs and Regulatory Support: Insights into SEC’s RoleListen and Follow:Stay tuned for more episodes as we explore groundbreaking topics that impact CISOs and cybersecurity professionals across industries.• Website: www.thpc.co• YouTube: http://www.youtube.com/@TheProfessionalCISO• LinkedIn: https://www.linkedin.com/company/the-professional-ciso-show• Spotify: https://open.spotify.com/show/2C7JojNZPdg1g6AXvpKDfn?si=a7ac3172bb414673• Apple Podcasts: https://podcasts.apple.com/us/podcast/the-professional-ciso/id1731138021Guests:• Ryan Rowcliff – Field CTO, Hyper• Julio Casablanca – Field CISO, WWT• Ryan Heinrich – Security Engineer, ID.meTags:#IdentityAssurance #BorderlessSecurity #Cybersecurity #CISO #DigitalIdentity #FIDO #DecentralizedSecurity #CyberDefense #ISSA2024

A special thank you to our sponsor Digital Era Group (https://www.digitaleragroup.com/)🔊 Episode Summary:In this special episode of The Professional CISO Show, host David Malicoat takes you directly into the energy of the North Texas ISSA CSC 12 Annual Conference. This engaging episode highlights discussions with key cybersecurity leaders who are shaping the future of the industry. Kevin Haft and Marius Bratan of the North Texas ISSA board discuss their mission, community-building efforts, and the importance of creating diverse and impactful cybersecurity events. Val Mukherjee from the Cyber Future Foundation shares insights into the development of a professional CISO association, emphasizing the need for a unified voice for cybersecurity professionals. Additionally, Steve Duncan from Lookout reflects on his extensive 27-year journey in the industry, offering perspectives on the integration of AI, the future of edge security, and how past lessons shape current practices.🎙️ Key Points Covered:• Conference Insights and Event Vision: Kevin Haft discusses the evolution and success of the North Texas ISSA conference and the power of fostering relationships within the cybersecurity community.• Community and Mission of ISSA: Marius Bratan highlights how the ISSA serves all professional levels in cybersecurity, from newcomers to seasoned executives, and the challenges and strategies in doing so.• The Push for Professionalization: Val Mukherjee talks about his work in creating a professional association for CISOs, advocating for a structured path for cybersecurity leadership and addressing the well-being and liability concerns of CISOs.• Past, Present, and Future of Cybersecurity: Steve Duncan shares his unique perspective on cybersecurity’s evolution over decades, emphasizing the importance of preparing for the future, especially with the advent of AI and a borderless network landscape.🔗 Listen and Subscribe:• Spotify: The Professional CISO Show on Spotify• Apple Podcasts: The Professional CISO Show on Apple💡 Call to Action:Subscribe to The Professional CISO Show to stay updated with in-depth discussions on cybersecurity, leadership insights, and strategies for empowering the next generation of CISOs. Don’t forget to leave a rating and review to help others discover the podcast!🌐 Connect with Us:• Website: www.thpc.co• LinkedIn: The Professional CISO Show on LinkedIn👤 Guest Information:• Kevin Haft – North Texas ISSA Board Member• Marius Bratan – Sponsorship Director, North Texas ISSA• Val Mukherjee – Chair, Cyber Future Foundation• Steve Duncan – Head of Global Sales & Operations, Lookout🔖 Related Episodes to Explore:• Pathways to Professionalizing CISOs: A Deep Dive• CISO Leadership and Strategic Partnerships: Live from NTX ISSA🔗 Relevant Links and Mentions:• North Texas ISSA Chapter: Supporting cybersecurity professionals at all career stages.• Cyber Future Foundation: Leading the initiative for a CISO professional association.🔖 Relevant Hashtags:#CISO #CybersecurityLeadership #ISSAConference #ProfessionalCISO #CyberCommunity #AIinCybersecurity #EdgeSecurity

In this episode of The Professional CISO Show, David Malicoat interviews Cecil Pineda, Senior VP and CISO at R1, on the future of cybersecurity leadership. Known for his groundbreaking work in healthcare cybersecurity and as a co-founder of CISO XC, Cecil shares his journey from early tech enthusiast to cybersecurity leader, emphasizing the importance of culture, collaboration, and community. Cecil’s insights are invaluable for anyone looking to elevate their approach to cybersecurity, whether you’re a CISO, an aspiring leader, or simply interested in the human side of cyber.🔑 Key Highlights:• Building a Resilient Cybersecurity Culture – How creating the right culture boosts team performance and loyalty.• The Power of Collaboration – Why connecting across silos and fostering relationships are essential to effective cybersecurity.• CISO XC and Community Building – Cecil’s vision for a community-driven approach to cybersecurity.• Practical Leadership Advice – Tips for aspiring CISOs on building teams, developing resilience, and leading with empathy.🕒 Time-Stamps:• [00:00] – Introduction to the episode and Cecil Pineda• [03:00] – Cecil’s journey from tech tinkering to cybersecurity leadership• [13:00] – How culture impacts cybersecurity team success• [20:00] – Building effective collaborations in cybersecurity• [32:00] – CISO XC and Cecil’s vision for a collaborative cyber community• [35:00] – “10 Questions for Cecil Pineda”🔔 Call-to-Action:If you enjoyed this episode, please subscribe to The Professional CISO Show for more discussions with top leaders in cybersecurity. Remember to rate and review us on Spotify and Apple Podcasts to help others discover the show!🌐 Connect with Us:• The Professional CISO Show on LinkedIn• Website• Watch Episodes on YouTube• Spotify• Apple Podcasts👤 Guest Information:Cecil Pineda• Senior VP and CISO, R1• Co-founder, CISO XC📹 Related Episodes:• Panel Discussion with Sailaja Kotra-Turner, Sonja Hammond, & Jessica Nemmers• Professionalizing the CISO Role with Matt Walker#TheProfessionalCISOShow #CyberLeadership #CISO #Cybersecurity #DavidMalicoat #CecilPineda #CultureInCybersecurity #CISOXC

We would like to thank our sponsor Digital Era Group (www.digitaleragroup.com)Welcome to a special episode of The Professional CISO Show, recorded live at the North Texas ISSA CSC 12th Annual Conference! Join host David Malicoat as he dives into today’s hottest cybersecurity topics with industry veterans, thought leaders, and innovators. Sponsored by Digital Era Group, this episode offers an inside look at data security in a borderless world, AI’s role in risk management, and the future of the CISO role.In This Episode, We Explore:• Data Security Without Borders: How CISOs are adapting to secure hybrid and remote work environments.• AI’s Impact on Cybersecurity: The benefits and challenges AI presents in data protection and threat management.• Mentorship in Cybersecurity: Why mentorship is key to bridging the talent gap and nurturing the next generation of cyber leaders.• Future of the CISO Role: The evolving responsibilities, regulatory pressures, and personal risks faced by today’s CISOs.Key Highlights:• [00:01:00] Robert Haldeman on supporting students and the cyber community through ISSA• [00:04:00] Insights from Logo Systems CEO on MSSPs and tech events• [00:09:00] James Christiansen on AI’s impact on data protection and the CISO role• [00:13:00] SEC regulations, data governance, and the CISO’s future• [00:23:00] Carol Weaver discusses securing global and hybrid workforces• [00:33:00] John Shin on mentorship, learning mindsets, and the future of cyber talentFeatured Guests:• Robert Haldeman – Deputy Director, ISSA North Texas• James Christiansen – Former CISO of Visa, GM, and Experian• Pat Benoit – Cybersecurity Strategist• Carol Weaver – Information Risk Leader at a Texas Bank• Maria Scarmato – Founder, Praxis Data Security• John Shin – Managing Director, RSI SecurityEpisode Highlights:Discover how cybersecurity professionals are navigating the complex demands of data protection in a rapidly evolving landscape. From AI’s transformative potential to the critical importance of mentorship, our guests share invaluable insights for CISOs and aspiring cyber leaders.Call-to-Action:Subscribe to The Professional CISO Show for exclusive conversations with the top minds in cybersecurity. Don’t miss upcoming episodes filled with expert insights, real-world strategies, and industry trends.Connect with The Professional CISO Show:• Website: www.thpc.co• LinkedIn: The Professional CISO Show• Watch on YouTube: The Professional CISO Show• Listen on Spotify: The Professional CISO Show on Spotify• Listen on Apple Podcasts: The Professional CISO Show on Apple PodcastsRelated Episodes:• AI and the New Frontier in Cybersecurity• Protecting Data in a Borderless World• Mentorship and the Next Generation of CISOsHashtags:#Cybersecurity #CISO #DataProtection #AISecurity #MentorshipInCyber #TheProfessionalCISOShow #RiskManagement #ISSAConference

Randy Potts joins The Professional CISO Show to discuss his unique career journey, from managing satellite communications in defense contracting to becoming a prominent CISO in the financial services industry. Randy shares insights on the importance of community among CISOs, the evolving responsibilities of the role, and practical leadership lessons that can make CISOs indispensable in any organization. Tune in to learn from Randy’s experiences, get a fresh perspective on data and AI in cybersecurity, and discover why empathy and adaptability are crucial in today’s cybersecurity landscape.Key Highlights• Randy’s transition from defense to finance and cybersecurity leadership• The impact of community building in strengthening the CISO role• Essential leadership advice for aspiring CISOs• The role of data management and AI in future cybersecurity strategiesEnjoyed this episode? Don’t forget to follow and rate The Professional CISO Show. Share it with your network, and tune in next week for more insights from top cybersecurity experts!Connect with Us• LinkedIn: The Professional CISO Show• Website: www.thpc.co• More Episodes: Apple Podcasts | Spotify

Episode Summary:In this episode of The Professional CISO Show, David Malicoat interviews Parrish Gunnels, Senior Vice President and CISO at Sunflower Bank, about his experiences leading cybersecurity across multiple industries. Parrish shares his thoughts on the evolution of the CISO role, why it’s essential to professionalize it, and how cybersecurity leaders can earn a seat at the table in their organizations.Key topics include the challenges of implementing Zero Trust, the role of artificial intelligence (AI) in financial services, and how CISOs can navigate complex regulatory environments. Parrish also offers valuable advice for aspiring CISOs on how to engage with business leaders and make meaningful impacts in their organizations.Key Discussion Points:• [01:30] Introducing Parrish Gunnels and his diverse career path in cybersecurity• [04:50] Professionalizing the CISO role: Why it’s essential and how to achieve it• [07:00] Zero Trust: Is it achievable, or just a guiding principle?• [12:20] Why CISOs still struggle to secure a seat at the table in many organizations• [18:15] The impact of AI on financial services and the associated security challenges• [23:45] Advice for new CISOs: Where to focus in your first 30 days• [30:10] How different industries shape the CISO role and key regulatory differences• [34:00] Fun rapid-fire questions with Parrish GunnelsKey Quotes:• “I think the CISO role is still in its infancy compared to positions like the CIO. There’s a lot we’re still figuring out.” – Parrish Gunnels• “Zero Trust is a great principle, but it’s not fully achievable, especially in industries like manufacturing with legacy systems.” – Parrish Gunnels• “Artificial intelligence is here to stay, but the models are still not where they need to be for security.” – Parrish GunnelsAbout Our Guest:Parrish Gunnels is the Senior Vice President and Chief Information Security Officer at Sunflower Bank. He has held cybersecurity leadership roles at companies like Verizon, Capital One, and Citigroup. With a background in telecommunications and financial services, Parrish brings a wealth of experience in securing complex organizations.Resources Mentioned:• North Texas ISSA Annual Golf Tournament• AI in financial services: Latest developments• CISO leadership advice for new and aspiring security leadersConnect with The Professional CISO Show:• Website: www.thpc.co• YouTube: www.youtube.com/@TheProfessionalCISO• LinkedIn: @TheProfessionalCISOSubscribe & Leave a Review:If you enjoyed this episode, please subscribe and leave a review on Spotify, Apple Podcasts, or your favorite podcast platform! Your support helps us bring more expert insights to the cybersecurity community.#CISO #Cybersecurity #ZeroTrust #AI #Leadership #ProfessionalCISO #FinancialServices #DavidMalicoat #ParrishGunnels

In this episode of The Professional CISO Show, host David Malicoat sits down with Anand Singh, Senior Vice President and Chief Information Security Officer at Alkami Technology. Anand shares his journey through the world of cybersecurity, from working with Cray supercomputers to leading cutting-edge AI-driven cybersecurity strategies.Key Discussion Points:• Professionalizing the CISO Role: Anand explains the importance of evolving the CISO role into a true executive function, focusing on business impact.• AI and Cybersecurity: Learn how AI is transforming cybersecurity from both attack and defense perspectives.• Board Governance: Anand discusses the growing need for board-level expertise in cybersecurity and the role of CISOs in influencing governance.• NACD Certification: Anand’s experience earning his NACD Directorship Certification and why it’s important for CISOs to influence cybersecurity at the board level.• Cybersecurity Leadership: Insights into Anand’s leadership experience across industries, including banking, healthcare, and retail.Quotable Moments:• “A CISO must be a true executive—using security as a mechanism to drive business goals.”• “AI is a force of nature. You can’t block it. You need to embrace it responsibly.”About Anand Singh:Anand Singh is an experienced cybersecurity leader, currently serving as SVP & CISO at Alkami Technology. He has held senior positions at leading companies including U.S. Bank, UnitedHealth Group, and Target.com. With a Ph.D. in computer science, Anand brings a deep technical and strategic perspective to the ever-evolving challenges in cybersecurity.Tune in for Insights on:• Navigating the intersection of AI and cybersecurity• The evolving role of CISOs in organizational strategy and risk management• Board governance and why cybersecurity is essential at the executive levelConnect with Us:• Follow The Professional CISO Show on LinkedIn and subscribe on YouTube for more exclusive interviews and discussions.Subscribe & Leave a Review:If you enjoyed this episode, please subscribe and leave a review on Spotify or Apple Podcasts. Your feedback helps us bring more insightful content from top cybersecurity leaders!#CISO #Cybersecurity #AI #BoardGovernance #ProfessionalCISO #Leadership #DigitalBanking

In This Episode:We cover a range of timely topics, including:• Matt Walker, Managing Director of Security and Compliance at Goosehead Insurance: Discusses the challenges of threat exposure management and strategies for cloud security.• Dr. Harvey Castro, ER Doctor and Keynote Speaker: Shares his journey of integrating AI into healthcare, from real-time diagnostics to the use of wearable tech for better patient care.• Justin Hutchens, Innovation Principal at Trace3: Delivers insights on autonomous hacking systems and the future of generative AI in the cyber threat landscape.• Ric Halsaver, Resilience Expert at IBM: Highlights the critical importance of time in incident response, the power of immutable snapshots, and how to recover quickly after an attack.Key Takeaways:• Strategies for navigating the complexities of cloud security and managing SaaS risks.• How AI is reshaping both cybersecurity defenses and the threats we face.• Practical advice for improving organizational resilience and minimizing recovery time.• The balance of human expertise and AI’s high-speed capabilities in cybersecurity and healthcare.Connect with Our Guests:• Matt Walker: Managing Director of Security and Compliance, Goosehead Insurance• Dr. Harvey Castro: ER Doctor, Keynote Speaker, and AI Enthusiast• Justin Hutchens: Innovation Principal, Trace3, and Author of The Language of Deception: Weaponizing Next Generation AI• Rick Haussauer: Cyber Resilience Specialist, IBMEpisode Highlights:• [00:02:15] Matt Walker on Cloud Security Challenges• [00:11:30] Dr. Harvey Castro: AI in Healthcare and Patient Care• [00:20:00] Justin Hutchins: AI-Powered Cyber Threats and Autonomous Hacking• [00:28:45] Rick Haussauer: The Importance of Cyber Resilience and Recovery TimeJoin Us Online:• Visit our website: www.thpc.co• Watch more on our YouTube channel: The Professional CISO Show• Follow us on LinkedIn for updates and more content!Book:The Language of Deception: Weaponizing Next Generation AI by Justin Hutchenshttps://a.co/d/366H7p0Subscribe and Leave a Review!If you enjoyed this episode, please subscribe and leave us a review on Spotify, Apple Podcasts, or your favorite podcast platform. Your support helps us bring more industry-leading insights to the CISO community.

In this episode, David Malicoat interviews Gary Hayslip, Global Chief Information Security Officer (CISO) at SoftBank Investment Advisors. Gary shares his deep insights on the evolution of the CISO role, discussing how it’s becoming more integrated with risk management, business strategy, and AI. He reflects on his own career journey from the U.S. Navy to becoming a global cybersecurity leader, offers practical advice for veterans transitioning into cyber roles, and explores how the future of cybersecurity leadership is shaping up.Whether you’re an aspiring CISO, a cybersecurity professional, or a business leader, this episode is packed with actionable insights and advice from one of the most respected figures in the industry.Key Topics Discussed:• Gary Hayslip’s Journey: From military service to global cybersecurity leadership.• Professionalizing the CISO Role: Why the CISO role is evolving and how it’s merging with other business and risk functions.• CISO Tenure and Burnout: Understanding why CISO tenures often range from 18 to 36 months and the factors behind this.• Advice for Veterans Transitioning to Cybersecurity: Gary shares how veterans can prepare for civilian cyber roles and why cyber offers a “mission-driven” career.• The Future of the CISO Role: AI, risk management, product security, and why the CISO’s responsibilities are expanding.Key Quotes from Gary Hayslip:• “Cyber is a discipline made up of multiple domains. The CISO role is the lead executive within cyber, but it’s something you grow into over time.”• “I see the CISO role merging with other risk executive roles. We’re business executives managing risk using technology, people, and processes.”• “AI isn’t something to run from. It’s something you figure out how to use and protect. If you do it right, you’ll be effective. If you screw it up, it’s a resume-generating event.”Guest Bio:Gary Hayslip is the Global Chief Information Security Officer (CISO) at SoftBank Investment Advisors, a cybersecurity veteran with decades of experience in the U.S. Navy, municipal government, cybersecurity product advisory roles, and venture capital. He’s also a co-author of the CISO Desk Reference book series and an influential thought leader in the cybersecurity industry.Connect with Gary Hayslip:• LinkedIn: https://www.linkedin.com/in/ghayslip/• Twitter: https://x.com/ghayslipEpisode Resources:• CISO Desk Reference Guide: Volume 1 & 2 by Gary Hayslip and co-authors Bill Bonney and Matt Stamper• Cloud Guru (for cloud certifications)• Udemy Python Courses (for learning scripting)Additional Links:• Subscribe to The Professional CISO Show on Spotify and Apple Podcasts• Follow us on YouTube: www.youtube.com/@TheProfessionalCISO• Join the conversation on LinkedIn: The Professional CISO LinkedInChapters:• 0:00 - Intro to Gary Hayslip• 1:30 - Gary’s Cybersecurity Journey• 5:00 - Professionalizing the CISO Role• 14:00 - CISO Tenure and Burnout• 19:00 - Advice for Veterans in Cybersecurity• 23:00 - The Future of the CISO Role• 29:00 - 10 Questions with Gary Hayslip• 33:00 - Closing Thoughts on Cyber LeadershipCall to Action:If you enjoyed this episode, please rate and review us on Apple Podcasts and Spotify! Don’t forget to hit that subscribe button so you never miss an episode of The Professional CISO Show.#CISO #Cybersecurity #GaryHayslip #Leadership #CyberRisk #VeteransInCyber #ProfessionalCISO #CyberLeadership #AIinCybersecurity

Brought to you by CyberProof (www.cyberproof.com)In this episode of The Professional CISO Show, recorded live at the North Texas ISSA CSC 12 Annual Conference, David Malicoat brings you conversations with industry-leading cybersecurity experts. Tune in to hear from Greg Lenox and Jason Malacko from CyberProof, Cecil Pineda (CISO of R1 and co-founder of CISO XC), and Robert Pace (CISO of Invitation Homes).Our guests cover crucial topics like Managed Detection and Response (MDR), Extended Detection and Response (XDR), the impact of AI on cybersecurity, and essential leadership skills for modern CISOs. This episode, part of The Professional CISO Event Series, also explores how networking and strategic partnerships can help organizations strengthen their cybersecurity posture.Key Discussion Points:• The future of MDR and XDR in cybersecurity (CyberProof)• The growing role of AI and cloud cost optimization• Key skills and leadership advice for current and aspiring CISOs (Cecil Pineda)• How to manage political capital when implementing security strategies (Robert Pace)• The rise of Dallas as a hub for cybersecurity leadershipWhether you’re an experienced CISO or new to the field, this episode offers practical insights and real-world strategies to elevate your cybersecurity approach.Featured Guests:• Greg Lenox – National Named Account Manager, CyberProof• Jason Malacko – Director of Architecture, CyberProof• Cecil Pineda – CISO, R1 & Co-founder, CISO XC• Robert Pace – CISO, Invitation HomesTimestamps:• 0:00 – Intro and Overview of North Texas ISSA CSC 12 Conference• 2:00 – Interview with Greg Lennox and Jason Malacco (CyberProof)• 10:00 – AI in cybersecurity and strategic partnerships• 15:00 – Cecil Pineda on critical skills for CISOs• 25:00 – Robert Pace on data security and using political capital in cybersecuritySubscribe to The Professional CISO Show for expert interviews, actionable insights, and the latest trends in cybersecurity leadership.Connect with Us:• Website: www.thpc.co• YouTube: The Professional CISO• LinkedIn: David MalicoatSponsors:This episode was made possible by our partners at CyberProof, a leader in Managed Detection & Response services. Learn more at cyberproof.com.#CyberSecurity #CISO #MDR #XDR #AI #CyberProof #ProfessionalCISOEventSeries #Leadership #NorthTexasISSA

In this episode of The Professional CISO Show, David Malicoat tackles a bold question: Is it time to break apart Governance, Risk, and Compliance (GRC) into separate, specialized functions? Join us as we explore how unbundling GRC could transform your cybersecurity program from a checkbox exercise into a powerful tool for business alignment and risk management. With thought-provoking insights and historical examples, David makes the case for why GRC needs a fresh approach in today’s fast-paced digital landscape.If you’re a CISO, security professional, or business leader, this episode is packed with actionable advice to help you elevate your organization’s cybersecurity maturity.Key Takeaways:• Why governance, risk, and compliance deserve individual attention• How CISOs can take ownership of governance for strategic impact• Using compliance to secure resources and improve risk management• Practical strategies to rethink and realign your GRC structureTimestamps:• 00:00 – Welcome and Introduction• 02:00 – Why GRC Needs a Fresh Approach• 06:00 – Historical Example: British Defense of Singapore• 09:00 – The Evolution of GRC: From 2000s to Present• 15:00 – Governance: A CISO’s Primary Responsibility• 21:00 – Risk Management: Aligning Cyber and Business Risk• 25:00 – Compliance: Turning It into a Strategic Advantage• 29:00 – Final Thoughts: Breaking Apart GRC for Cyber Superpowers• 31:00 – Call to Action: Professionalizing the CISO RoleQuotes:• “Governance isn’t just a checkbox; it’s the CISO’s responsibility to lead and set the strategic direction of the cybersecurity program.”• “Risk is the lens through which all programs need to make decisions. Without it, you’re misaligned with the business.”• “Just because you have GRC doesn’t mean you’re using it to its full potential. It could be your superpower if harnessed properly.”Connect with David Malicoat:Website: www.thpc.coYouTube: The Professional CISO ShowLinkedIn: David Malicoat on LinkedInTwitter: @ProfessionalCISOListen & Subscribe:Don’t miss an episode! Subscribe on Spotify | Apple Podcasts | Google PodcastsPlease leave us a review to help spread the word!Hashtags for Social Sharing:#CISO #GRC #GovernanceRiskCompliance #Cybersecurity #RiskManagement #ProfessionalCISO #Leadership

Episode 30: Joey Rachid – Professionalizing the CISO Role & Building Strong Cyber TeamsIn this episode of The Professional CISO Show, host David Malicoat interviews Joey Rachid, Chief Information Security Officer (CISO) at UST. Joey takes us on a fascinating journey from his early days in the U.S. Marine Corps, where he first got involved with technology, to his rise as a cybersecurity leader in the consulting and services industry.They discuss:• The difference between building vs. buying cybersecurity talent• The importance of professionalizing the CISO role in today’s business environment• Joey’s views on how business acumen and an MBA can elevate your role as a CISO• Effective leadership strategies for developing high-performing cybersecurity teams• The future of the CISO role and what it means for aspiring security professionalsWhether you’re a current or aspiring CISO, Joey’s insights on leadership, risk management, and aligning cybersecurity with business objectives are invaluable for anyone looking to grow in the field. Tune in for a deep dive into the practical and strategic aspects of being a cybersecurity leader today.Key Takeaways:• Joey Rachid’s path from the Marine Corps to cybersecurity leadership• Developing vs. hiring talent: Which is the better approach?• How an MBA can boost your business credibility as a CISO• The role of trust, competence, and character in effective leadership• Future trends in cybersecurity leadership and the evolving CISO roleResources & Links:• Follow Joey Rachid on LinkedIn: https://www.linkedin.com/in/joeyrachid/• Learn more about UST: https://www.ust.com/• Follow The Professional CISO Podcast on LinkedIn: https://www.linkedin.com/company/the-professional-ciso-show• Subscribe to our YouTube channel: www.youtube.com/@TheProfessionalCISO• Visit our website: www.thpc.coTimestamps:00:00 – Introduction02:30 – Joey’s background: From Marine Corps to cybersecurity06:45 – Building vs. buying talent in cybersecurity10:30 – Why professionalizing the CISO role matters15:00 – The value of an MBA in cybersecurity leadership20:00 – Leading and developing high-performing teams25:00 – Trust, character, and competence in leadership30:00 – The future of the CISO role

In this episode of The Professional CISO Show, host David Malicoat is joined by Matt Walker, Managing Director of Security and Compliance at Goosehead Insurance. Matt shares his unique journey from a career in commercial art to becoming a cybersecurity leader. Together, they explore the evolving role of the CISO and the importance of professionalizing the position within organizations.Key Takeaways:Professionalizing the CISO Role: Matt discusses the need for establishing a standardized professional framework for CISOs and the challenges associated with it.Translating Technical Risk into Business Terms: Learn how to communicate complex technical risks in a way that resonates with non-technical stakeholders and aligns with business objectives.Building Relationships in the C-Suite: Discover strategies for developing strong, trust-based relationships within the executive team, and how to navigate the political landscape of the boardroom.The Journey from IT to Cybersecurity Leadership: Matt shares his personal experiences and insights on transitioning from a technical background to a leadership role in cybersecurity.About the Guest: Matt Walker is the Managing Director of Security and Compliance at Goosehead Insurance. With a rich background in network security, commercial art, and leadership roles at Bain & Company and Dell, Matt brings a unique perspective to the discussion on cybersecurity leadership and the future of the CISO role.Episode Highlights:[02:00] Matt Walker’s early career and transition from commercial art to cybersecurity[07:00] The importance of professionalizing the CISO role[13:00] Strategies for effectively communicating risk to business leaders[18:00] Navigating stakeholder relationships and building trust in the C-suite[25:00] Matt’s tips for introverts on building professional relationships and influence[30:00] The role of diplomacy in cybersecurity leadershipConnect with Matt Walker:LinkedIn: https://www.linkedin.com/in/techguymatt/Goosehead Insurance: WebsiteConnect with David Malicoat:Website: The Professional CISOYouTube: The Professional CISOLinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/Subscribe & Leave a Review: Enjoyed the episode? Subscribe to The Professional CISO Show on Apple Podcasts, Spotify, or your favorite podcast platform. Don’t forget to leave a review and share the episode with your network!

In this special episode of The Professional CISO Show, host David Malicoat brings together three influential women leaders in cybersecurity: Sailaja Kotra-Turner (VP & CISO, Brown-Forman), Sonya Hammond (CISO & VP of IT Architecture and Engineering, National Veterinary Associates), and Jessica Nemmers (Field CISO, Flair Data Systems). The panel explores the challenges and opportunities women face in the cybersecurity industry, offering insights into breaking stereotypes, advancing technical expertise, and creating more inclusive professional environments.Key Topics Discussed:• Overcoming the challenges of being typecast into diversity panels• Encouraging young women to pursue and succeed in cybersecurity• The importance of diverse and inclusive networking opportunities• Actionable advice for women currently in the field seeking career advancement• Strategies for engaging with CISOs as a vendor or partner in the cybersecurity spaceWhy Listen:This episode is a must-listen for cybersecurity professionals, aspiring CISOs, and anyone interested in the intersection of diversity and technology. Gain valuable insights from leaders who are at the forefront of professionalizing the CISO role and promoting diversity in the field.Connect with Us:• 🌐 Visit our website: www.thpc.co• 📺 Watch the episode on YouTube: The Professional CISO YouTube Channel• 🔗 Follow us on LinkedIn: https://www.linkedin.com/company/the-professional-ciso-showEpisode Links:• North Texas ISSA Cybersecurity Conference: https://www.ntxissa.org/• Subscribe to our podcast on Apple Podcasts and Spotify for more episodes!About the Host:David Malicoat is a seasoned Chief Information Security Officer and host of The Professional CISO Show, where he explores the critical topics necessary to professionalize the CISO role. With insightful discussions and expert guests, David aims to drive the conversation forward on what it means to be a professional CISO.Hashtags: #Cybersecurity #WomenInTech #CISO #DiversityInTech #ProfessionalCISO

In this episode of The Professional CISO Show, host David Malicoat interviews Sailaja Kotra-Turner, CISO and Director of Global Infrastructure and Operations at Brown-Forman. Sailaja shares her remarkable journey from IT automation to cybersecurity leadership, offering invaluable insights into the evolving role of the CISO, the importance of mentorship, and the integration of security within infrastructure teams. Whether you're a seasoned professional or just starting out, Sailaja's story is filled with practical lessons on becoming a proactive business leader in cybersecurity.Key Takeaways:Career Evolution: How Sailaja transitioned from IT to cybersecurity, overcoming challenges along the way.Mentorship Matters: The critical role mentors played in her professional growth.Security Integration: Strategies for embedding security within infrastructure teams.CISO Role Transformation: The shift from technical expert to business leader.Certifications Strategy: Choosing the right certifications to signal career intent.Building a Security-First Culture: Practical tips for fostering security awareness across organizations.Quotes:"We need to get to the point where every infrastructure professional is also a security expert.""The earlier security leaders are involved, the better. It’s always easier to build security in from the start."Resources & Links:Follow The Professional CISO Podcast: www.thpc.coWatch on YouTube: The Professional CISO YouTube ChannelConnect on LinkedIn: The Professional CISOSailaja Kotra-Turner on LinkedIn: https://www.linkedin.com/in/sailajakotraturner/David Malicoat on LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/Upcoming Event:12th Annual North Texas ISSA Cybersecurity Conference:Join us on September 6th at the Plano Event Center. The Professional CISO Podcast will be on-site, conducting live interviews and engaging with industry leaders. (https://www.ntxissa.org/)Call to Action: If you found value in this episode, please subscribe, rate, and review The Professional CISO Podcast on Spotify and Apple Podcasts. Your support helps us continue bringing you great content from top cybersecurity leaders. Share this episode with your network to spread the word!Hashtags: #Cybersecurity #CISO #Leadership #ProfessionalDevelopment #Mentorship

In this episode of The Professional CISO Show, host David Malicoat is joined by Sonja Hammond, the Chief Information Security Officer and Vice President of IT Architecture and Engineering at National Veterinary Associates. Sonja shares her remarkable journey from land administration to becoming a cybersecurity leader, offering valuable insights on the evolution of the CISO role. The conversation delves into the importance of professionalizing the role, building strong stakeholder relationships, managing career growth amidst technological changes, and strategies to prevent burnout in high-pressure roles. Whether you're an experienced CISO or an aspiring security professional, this episode is packed with actionable advice and thought-provoking insights.Key Takeaways:The need for professionalizing the CISO role and moving it into risk management.Strategies for gaining and maintaining stakeholder support.How to manage a cybersecurity career amidst rapid technological changes.Preventing burnout and maintaining a healthy work-life balance as a CISO.The importance of adaptability and continuous learning in cybersecurity leadership.Guest Information:Name: Sonja HammondPosition: Chief Information Security Officer & VP of IT Architecture and Engineering, National Veterinary AssociatesLinkedIn: https://www.linkedin.com/in/sonjahammond/Links & Resources:Episode Transcript: [Link to Transcript] (if available)Related Articles/Resources: [Link to any additional resources mentioned]Subscribe to the Podcast: [Spotify Link] | [Apple Podcasts Link]Visit our Website: www.thpc.coFollow us on LinkedIn: [LinkedIn Profile Link]Episode Chapters:Introduction (00:00)Sonja Hammond's Career Journey (02:00)Professionalizing the CISO Role (10:00)Building Stakeholder Support (13:00)Managing Career Growth and Preventing Burnout (18:00)Final Thoughts and Advice for CISOs (24:00)10 Rapid-Fire Questions with Sonja Hammond (26:00)Please Rate and Review: If you enjoyed this episode, please take a moment to rate and review our podcast on Spotify or Apple Podcasts. Your feedback helps us bring more valuable content to the CISO community.Stay Connected:Website: www.thpc.coYouTube: www.youtube.com/@TheProfessionalCISOLinkedIn: https://www.linkedin.com/company/the-professional-ciso-podcastThank you for listening!

Host: David Malicoat, Chief Information Security Officer and Host of The Professional CISOGuest: Jessica Nemmers, Field CISO at Flare Data SystemsEpisode Overview:In this inspiring episode of The Professional CISO, David Malicoat welcomes Jessica Nemmers, the Field CISO at Flare Data Systems, to share her extraordinary journey from being a professional ballerina to becoming a leader in the cybersecurity industry. Jessica's story is a testament to the power of resilience, adaptability, and the importance of professionalizing the CISO role.Key Topics Discussed:The Transition: How Jessica made the leap from ballet to cybersecurity.Professionalizing the CISO Role: Why business acumen and relationship-building are crucial for today’s CISOs.Government Regulations & Compliance: Navigating the challenges and opportunities.Mentorship & Advice: Practical tips for aspiring CISOs, especially those from non-traditional backgrounds.Why You Should Listen: If you’re a cybersecurity professional, aspiring CISO, or simply interested in career transitions, this episode offers valuable insights into the evolving role of the CISO and how non-traditional paths can lead to success in cybersecurity.Timestamps:[00:00] Introduction to Jessica Nemmers and her background.[01:00] Jessica’s journey from a professional ballerina to a cybersecurity leader.[10:00] The importance of professionalizing the CISO role.[18:00] Challenges and opportunities in government regulations and compliance.[26:00] Advice for those entering cybersecurity from non-traditional backgrounds.[31:00] Closing thoughts and key takeaways.Resources Mentioned:Flair Data Systems: https://www.flairdata.com/NIST Cybersecurity Framework 2.0: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdfEC-Council Certified CISO Program: https://www.eccouncil.org/train-certify/certified-chief-information-security-officer-cciso/North Texas ISSA: https://www.ntxissa.org/Connect with Us:Website: www.thpc.coYouTube: @TheProfessionalCISOLinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/Spotify: https://open.spotify.com/show/2C7JojNZPdg1g6AXvpKDfn?si=1bf04388441845bcApple Podcasts: https://podcasts.apple.com/us/podcast/the-professional-ciso/id1731138021Follow, Share, and Subscribe:If you enjoyed this episode, please follow, share, and subscribe to The Professional CISO Show. Your support helps us continue to provide valuable content to the cybersecurity community.#Cybersecurity #CISO #JessicaNemmers #ProfessionalCISO #CareerTransition #CyberLeadership

Host: David MalicoatGuest: Jim Desmond, SVP and CSO at AsurionEpisode Summary:In this episode of The Professional CISO Podcast, David Malicoat interviews Jim Desmond, the Senior Vice President and Chief Security Officer at Asurion. They delve into the necessity of professionalizing the CISO role, effective risk management strategies, and the importance of ethical standards in cybersecurity. Jim shares his journey from consulting to cybersecurity leadership, providing valuable insights and actionable advice for CISOs and aspiring cybersecurity professionals.Key Topics Discussed:Introduction to Jim Desmond:Background in consulting and building cybersecurity programs.Unique aspects of his career and personal interests.Professionalizing the CISO Role:The importance and implications of ethical standards for CISOs.Comparisons to other professional fields like law and medicine.Risk Management:Jim's approach to prioritizing vulnerabilities and focusing on impactful areas.Tools and techniques used, including Rapid7 and Brinca.Crisis Leadership:Leading and inspiring teams during challenging times.The human side of cybersecurity and leadership.Cybersecurity Frameworks:Navigating various standards and their implications for global organizations.Practical advice for implementing effective cybersecurity practices.Personal Insights:Jim’s journey, favorite podcasts, and what drives his passion for cybersecurity.Fun rapid-fire questions revealing Jim's personal preferences and thoughts.Notable Quotes:"The importance of ethical standards and external support for CISOs.""Strategies to optimize risk management and vulnerability assessment.""Insights into the human side of cybersecurity and leadership."Upcoming Events:Digital Fight Club: Official podcast coverage and event highlights.ISSA North Texas: Moderating a panel on "Platform vs. Best of Breed" and the annual cybersecurity conference.How to Support:If you enjoyed this episode, please follow us on Spotify and Apple Podcasts, rate and review the show, and share it with your colleagues and friends. Your support helps us continue to bring you quality content on transforming the role of the CISO.Stay Connected:Website: www.thpc.coYouTube: @TheProfessionalCISOLinkedIn: The Professional CISOJoin the Conversation:We’d love to hear your thoughts! Leave a comment or review with your questions or insights about professionalizing the CISO role and risk management strategies.#Cybersecurity #CISO #RiskManagement #ProfessionalCISO #JimDesmond #Leadership #Podcast #CybersecurityLeadership #DigitalFightClub #ISSA #TheProfessionalCISOTune in to learn more about professionalizing the CISO role and enhancing your cybersecurity practices!

Welcome to the latest episode of The Professional CISO Show! In this episode, host David Malicoat sits down with Renee Guttmann, the founder and principal of CISO Hive, to discuss her extraordinary journey in cybersecurity. With a career spanning prestigious companies such as Coca-Cola, Royal Caribbean Cruises, Campbell Soup Company, Capital One, and Time Warner, Renee shares her invaluable insights and experiences.We would like to thank our sponsor Armis for making this episode possible. If you are going to Black Hat USA 2024, make sure to visit them at their booth or schedule some time at one of their events!Key Topics Discussed:[00:02:00] Early Career: Renee’s unique path from an analyst to a top-tier CISO.[00:06:00] Networking: The critical role of networking in the cybersecurity field.[00:11:00] Professionalizing the CISO Role: Why it’s essential and its future impact.[00:18:00] Reporting Structure: The debate on where the CISO should report within an organization.[00:23:00] IT and OT Convergence: The evolution and importance of IT and OT security.[00:28:00] Career Advice: Staying well-rounded in cybersecurity and the importance of understanding OT.Guest Information:Renee GutmannFounder and Principal, CISO HiveFormerly held positions at Coca-Cola, Royal Caribbean Cruises, Campbell Soup Company, Capital One, and Time WarnerConnect with Renee:LinkedIn: Renee GuttmannHost Information:David MalicoatHost of The Professional CISO ShowChief Information Security Officer at a medium-sized direct and digital marketing companyConnect with David:LinkedIn: David MalicoatWebsite: The Professional CISOResources Mentioned:National Association of Corporate Directors (NACD)Fair InstituteBlack Hat ConferenceNorth Texas ISSASubscribe and Follow:Spotify: The Professional CISO Show on SpotifyApple Podcasts: The Professional CISO Show on Apple PodcastsSupport the Show: If you enjoyed this episode, please rate and review us on your favorite podcast platform. Your feedback helps us improve and reach more listeners interested in cybersecurity.Follow Us on Social Media:Twitter: @ProfessionalCISOLinkedIn: The Professional CISO ShowYouTube: The Professional CISOTags: #Cybersecurity #CISO #ReneeGutmann #CybersecurityLeadership #Networking #Mentorship #ITSecurity #OTSecurity #RiskManagement

In this episode of the Professional CISO Podcast, host David Malicoat dives into the Innovation Series with Or Priel, co-founder of Silk Security. They discuss the acquisition of Silk by Armis, and the integration of Armis Centrix VIPR Pro. Or shares insights about his background in cybersecurity and his journey through various startups. The conversation covers the challenges organizations face with security tools and the innovative ways Silk Security’s technology bridges gaps in remediation and operational efficiency. They delve deep into the technology, problem-solving approaches, and the future extensibility of their solutions.00:00 Introduction to the Professional CISO Podcast 00:31 Innovation Series: Exploring Tech and Value Propositions 01:02 Guest Introduction: Or Priel from Armis Centrix for VIPR Pro 01:23 Or Priel's Background and Career Journey 04:17 Discussing the Problem Space in Cybersecurity 08:27 The Armis Acquisition of Silk Security 10:29 Deep Dive into Armis Centrix for Viper Pro 17:34 Implementation and Integration Insights 19:12 Future Directions and Extensibility 21:31 People, Process, and Technology Considerations 29:15 Complementary Tools and Outcomes 32:23 Conclusion and Final ThoughtsEpisode Sponsor: www.armis.com/platform/armis-centrix-for-vipr-pro-prioritization-and-remediation/Or Priel LinkedIn: https://www.linkedin.com/in/or-priel-13086371/David Malicoat LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/THPC Website: www.thpc.coTHPC LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcast

In this episode of the Professional CISO Podcast, host David Malicoat welcomes Will Long, Matt Walker, Andrew Forgie, and Phillip Wylie for a series of discussions on critical infrastructure and cybersecurity defenses. The guests share insights on vulnerability management, the role of federal and private sectors in securing critical systems, and the importance of asset inventory. They also debate topics like AI's impact on cybersecurity and the need for offensive security awareness. The episode concludes with announcements of upcoming events and speaking engagements.00:00 Introduction to the Professional CISO Podcast 00:30 Deep Dive into Critical Infrastructure 01:27 Tools and Strategies for Vulnerability Management 02:50 Final Thoughts on Critical Infrastructure 03:32 Introduction to Matt Walker 04:00 Insights from Digital Fight Club 05:34 Future Topics and Takeaways 07:19 Andrew Forgie's First Digital Fight Club 08:35 Federal Government's Role in Cybersecurity 12:46 Phillip Wylie’s Perspective 15:38 Upcoming North Texas ISSA Conference 16:43 Conclusion and Call to SubscribeSponsorInterpres Security: www.interpressecurity.comDavid Malicoat LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/THPC Website: www.thpc.coTHPC LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcastDigital Fight Club Website: https://digitalfightclub.co/Will Long LinkedIn: https://www.linkedin.com/in/williamlongsr/Matt Walker LinkedIn: https://www.linkedin.com/in/techguymatt/Andrew Forgie LinkedIn: https://www.linkedin.com/in/andrewforgie/Phillip Wylie LinkedIn: https://www.linkedin.com/in/phillipwylie/

In this episode of the Professional CISO Podcast, host David Malicoat introduces the first Innovation Series which delves into the latest technologies and developments in cybersecurity from a buyer's perspective. The episode features Michael Freeman, Head of Threat Intelligence at Armis, discussing the Armis Centrix product. The conversation covers the origins and problem-solving capabilities of Armis Centrix, focusing on asset identification, security prioritization, and process management. They discuss various aspects, including the integration of AI, the challenges of asset management in IT and OT environments, and the steps Armis is taking to future-proof its solutions. David and Michael also explore how Centrix can assist different cybersecurity teams without requiring additional hiring, provide process support, and potentially offer cost savings through tool consolidation. The episode aims to shed light on current trends and advancements, helping CISOs stay ahead in the ever-evolving cybersecurity landscape.00:00 Introduction to the Professional CISO Podcast 00:30 Introducing the Innovation Series 01:22 Deep Dive: Armis Centrix with Michael Freeman 02:24 Understanding the Problem Space 03:32 Prioritizing and Securing Assets 07:45 Implementation and Initial Setup 11:48 Future-Proofing with AI and Acquisitions 17:55 People, Process, and Technology 30:05 Final Thoughts and Wrap-UpMake sure you join Armis at Blackhat 2024: www.armis.com/black-hatMichael Freeman LinkedIn: https://www.linkedin.com/in/michael-f-81848a4/David Malicoat LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/THPC Website: www.thpc.coTHPC LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcast

In this episode of the Professional CISO Podcast, David Malicoat hosts discussions live from the Digital Fight Club After Party. Featuring interviews with cybersecurity experts like Will Long from Infinity Cyber Advisors, Jim Kastle from Kimberly-Clark, James Binford from Humana, and several others, the episode delves into the highlights of the evening's fights on critical topics in cybersecurity. Key discussions focus on the divisive AI debate, the importance of managing risk over just cybersecurity, and perspectives on future threats and technologies. The episode also touches on challenges such as the shortage of cybersecurity roles and effective strategies in vulnerability management.00:00 Introduction to the Professional CISO Podcast 00:22 Live from Digital Fight Club: Interview with Will Long 02:17 Insights from Referee Jim Kastle 04:21 James Binford on AI and Offensive Security 06:37 Byron Davis Discusses AI and Cybersecurity 10:26 Russ Murrell's Take on Digital Fight Club 13:38 Scot Miller's Perspective on AI and Future Topics 18:15 Presley Prescott on Critical Infrastructure and Training 21:58 Conclusion and Call to SubscribeSponsorArmis: www.armis.comDavid Malicoat LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/THPC Website: www.thpc.coTHPC LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcastDigital Fight Club Website: https://digitalfightclub.co/Will Long LinkedIn: https://www.linkedin.com/in/williamlongsr/Jim Kastle LinkedIn: https://www.linkedin.com/in/jim-kastle-01ba172/James Binford LinkedIn: https://www.linkedin.com/in/jamesbinford/Byron Davis LinkedIn: https://www.linkedin.com/in/byron-d-5b710962/Russ Murrell LinkedIn: https://www.linkedin.com/in/russ-m-623692/Scot Miller LinkedIn: https://www.linkedin.com/in/scotmiller/Presley Prescott LinkedIn: https://www.linkedin.com/in/presley-prescott-4548472/

In this episode of the Professional CISO Podcast, host David Malicoat dives into an engaging conversation with top cybersecurity attorney Shawn Tuma. They discuss Tuma's extensive career in cybersecurity law, the evolving role of the CISO, and the importance of professionalizing this crucial position. Tuma also introduces his forthcoming book focused on enhancing the relationship between general counsels and CISOs. The episode highlights the critical nature of cyber risk management, the need for strategic and business acumen in CISOs, and offers practical advice for CISOs to develop their careers. Additionally, Malicoat provides updates on upcoming events and future podcast episodes.

In this episode of the Professional CISO Podcast, host David Malicoat interviews Cheryl Nifong, CISO at the University of Texas at Arlington. They discuss Cheryl's career path, the necessity of professionalizing the CISO role, and the transition from technical to governance, risk, and compliance (GRC) positions. Cheryl shares her unique journey starting out in technical support, moving to cybersecurity leadership, and her experiences in creating effective risk management strategies. The episode covers challenges faced by women in cybersecurity, advice for aspiring cybersecurity professionals, and the importance of mentorship. Cheryl emphasizes the significance of strategic leadership and aligning daily tasks with the organization's broader vision. The conversation closes with practical advice for women entering the field and Cheryl's perspective on the future evolution of the CISO role.00:00 Introduction to the Professional CISO Podcast 00:32 Interview with a Higher Education Security Leader 01:29 Upcoming Event: Digital Fight Club 02:56 Guest Introduction: Cheryl Nyfong 03:30 Cheryl's Journey into Cybersecurity 06:22 Transitioning to GRC and Leadership 11:12 The Evolution of the CISO Role 21:48 Women in Cybersecurity 25:05 Discovering Hidden Talents in Cybersecurity 26:06 Managing Risks with Non-Traditional Hires 27:03 The Power of Internships and Volunteer Programs 29:09 Advice for Women Entering Cybersecurity 32:23 The Importance of Mentorship 36:37 Strategic Leadership in Cybersecurity 44:12 Fun and Personal Insights with Cheryl Nyfong 47:02 Conclusion and Final ThoughtsCheryl Nifong: https://www.linkedin.com/in/cheryl-nifong/ LinkedIn:David Malicoat LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/THPC Website: www.thpc.coTHPC LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcastDigital Fight Club Website: https://digitalfightclub.co/

In this episode of the Professional CISO Podcast, host David Malicoat interviews Ricardo Suarez, a seasoned technology leader who has served in local government for over 21 years. Ricardo shares his journey from being a sysadmin and teacher to becoming the CIO of Hialeah. The conversation delves into the early influences on Ricardo's interest in technology, the importance of professionalizing the role of the CISO, and the evolving challenges of cybersecurity. They also discuss the significance of conferences for networking and innovation, as well as the complexities of leadership and relationship-building in the public sector.00:00 Introduction to the Professional CISO Podcast 00:09 Meet Our Guest: Ricardo Suarez 01:32 Personal Background and Early Career 02:28 Transition to Cybersecurity 04:01 The Role of a CISO 06:28 Challenges and Insights in Leadership 07:33 The Value of Conferences 09:49 Innovation in Cybersecurity 11:26 Leadership Style and Development 14:03 Rapid-Fire Questions 16:55 Conclusion and Final Thoughts

In this episode of the professional CISO podcast, host David Malicoat interviews Edison Humphries, the Vice President and CISO at MasTec. With roots in network engineering and security management, Edison shares his journey from a computer operator in Jamaica to a CISO in the United States. The conversation covers the challenges and rewards of transitioning into leadership roles, the importance of mentoring and developing new talent, and the necessity of professionalizing the CISO role amidst increasing demands and responsibilities. Edison also discusses the benefits of attending cybersecurity conferences, the importance of creating a supportive team culture, and the need for work-life balance. The episode concludes with a fun segment of rapid-fire questions, providing deeper insights into Edison's personal and professional perspectives.00:00 Introduction to the Professional CISO Podcast 00:11 Interview with Edison Humphries: Background and Career Journey 00:42 Shout Outs and Conference Highlights 01:47 Edison's Early Career and Transition to Leadership 04:24 The Importance of Mentorship and Team Dynamics 06:04 Professionalizing the Role of the CISO 09:05 Challenges and Mental Health in the CISO Role 12:02 The Value of Conferences and Local Networking 13:49 Developing and Retaining New Talent 16:30 Rapid-Fire Questions with Edison Humphreys 19:35 Conclusion and Final ThoughtsEdison Humphries LinkedIn: https://www.linkedin.com/in/hedisonhumphries/David Malicoat LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/THPC Website: www.thpc.coTHPC LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcastDigital Fight Club Website: https://digitalfightclub.co/Foundation SponsorsInterpres Security: https://interpressecurity.com/ContraForce: https://www.contraforce.com/

In Episode 14 of the Professional CISO Podcast, host David Malicoat welcomes security leader Justin Somaini, a partner at YL Ventures. This episode explores Somaini's journey from military upbringing to penetration testing, and his current venture into cybersecurity venture capital. Key topics include the need to professionalize the CISO role, risk quantification, and the requirement for standardized cybersecurity measures for companies. The episode also delves into the future of the CISO role, the importance of community involvement, and practical advice for CISOs facing increased scrutiny. Somaini concludes with his perspectives on life after being a CISO and tips for career advancement.00:00 Introduction to the Professional CISO Podcast 00:31 Interview with a Venture Capital Security Leader 01:36 Digital Fight Club Announcement 03:29 Guest Introduction: Justin Somaini 04:03 The Journey of Justin Somaini in Tech 05:14 Professionalizing the Role of the CISO 12:39 The Future of Risk Quantification 18:35 The Evolution of the CISO Role 22:30 Increased Scrutiny in Cybersecurity 23:29 Changing the 'I've Got It Covered' Mentality 25:30 Simplifying Security with NIST CSF 27:01 Exploring Career Paths for CISOs 28:42 Building Relationships in the Security Industry 32:06 The Importance of Innovation 34:14 Real Advice for Aspiring CISOs 36:42 Rapid-Fire Questions with Justin Somaini 39:55 Conclusion and Final ThoughtsJustin Somaini LinkedIn: https://www.linkedin.com/in/jsomaini/YL Ventures: https://www.ylventures.com/David Malicoat LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/THPC Website: www.thpc.coTHPC LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcastDigital Fight Club Website: https://digitalfightclub.co/Foundation SponsorsInterpres Security: https://interpressecurity.com/ContraForce: https://www.contraforce.com/

Episode Summary: Welcome to The Professional CISO Podcast, hosted by David Malicoat. In this exciting episode, we sit down with Benjamin Dulieu, the CISO at Duck Creek Technologies, to explore his incredible journey from the Marine Corps to becoming a top cybersecurity leader. Ben shares invaluable insights on leadership, the importance of structured processes, and how CISOs can earn their seat at the executive table.Key Takeaways:Leadership and Trust: Effective leadership in cybersecurity hinges on building trust and understanding team dynamics.Business Integration: CISOs must align their objectives with business goals and think like a COO with a tech focus.Structured Processes: Turning complex challenges into manageable, repeatable processes is crucial for efficiency and improvement.Professionalizing the Role: The CISO role is evolving to become more integrated with business strategy and operations.Notable Quotes:"If human beings in a war zone can be turned into a process, you're kidding yourself if you think technology can't be.""You're running your own business as a CISO within the company. Start thinking like a COO with a technological mindset."Listener Benefits:Gain insights from Ben Dulieu’s unique career path and leadership philosophy.Learn how to effectively integrate cybersecurity with business strategies.Understand the importance of structured processes and continuous improvement.Discover practical advice for aspiring and current CISOs on earning executive trust and building strong teams.Benjamin Dulieu LinkedIn: https://www.linkedin.com/in/benjamin-dulieu-2844137a/David Malicoat LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/THPC Website: www.thpc.coTHPC LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcastDigital Fight Club Website: https://digitalfightclub.co/Foundation SponsorsInterpres Security: https://interpressecurity.com/ContraForce: https://www.contraforce.com/

In this exclusive episode of the Professional CISO Podcast, the script is flipped as David Malicoat, our usual host, becomes the guest. With his mentor, Robert Pace, taking over the hosting duties, David opens up about his recent experience interviewing for a CISO position at a Fortune 500 company. From the initial approach to making it to the final three candidates, David shares his mental state throughout the process and the invaluable lessons learned along the way. This episode is a must-listen for both seasoned CISOs and those aspiring to make the jump to high-level positions.Key Takeaways:Initial Interest: David discusses how he was first approached for the position and his initial thoughts and feelings about the opportunity.Application Process: Insights into the preparation of his resume and the mindset of staying calm and collected while waiting for responses.Interview Stages: Detailed breakdown of the multiple interview stages, including virtual screenings, leadership evaluations, and the importance of stakeholder management.Emotional Regulation: Techniques David used to manage stress and maintain focus during the high-stakes process, emphasizing the role of support from friends, family, and mentors.Learnings and Reflections: The importance of emotional intelligence, self-awareness, and staying true to oneself throughout the interview process.Final Thoughts: Reflections on reaching the final three candidates, handling the outcome, and maintaining a positive outlook for future opportunities.Notable Quotes:"In the end, it's all about the learnings.""Control the controllables and stay focused on what you can manage.""Give the opportunity its regard, but don't let it control you."Listener Benefits:For Aspiring CISOs: Gain insights into the interview process at a Fortune 500 company and learn how to prepare mentally and professionally.For Seasoned Professionals: Reflect on your own experiences and find new strategies for managing high-pressure situations.For Everyone: Understand the importance of emotional intelligence and the role of mentorship in career advancement.Call to Action:Don’t miss this chance to learn from David Malicoat’s personal experience. Subscribe to the Professional CISO Podcast for more episodes that professionalize the CISO role and offer valuable insights for your career journey.Connect with Us:Follow Robert Pace on LinkedIn: https://www.linkedin.com/in/robert-pace097/Follow David Malicoat on LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/THPC Website: www.thpc.coFollow THPC on LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcastCheck out the Digital Fight Club Website: https://digitalfightclub.co/Please check out our Foundation SponsorsInterpres Security: https://interpressecurity.com/ContraForce: https://www.contraforce.com/

This week’s guest is Allen Rountree, Deputy CISO of IBM Public Cloud. David talks to Allen about Leadership in cybersecurity, being fluent in the language of risk, and risk specific to cloud computing. Allen and David both served in the Marine Corps and both served in the Marine Corps Security Forces (MCSF), so they have very similar early starts in their service careers. In this conversation, they also cover specific advice for veterans looking to get into cybersecurity.Allen Rountree LinkedIn: https://www.linkedin.com/in/allenrountree/David Malicoat LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/THPC Website: www.thpc.coTHPC LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcastDigital Fight Club Website: https://digitalfightclub.co/Foundation SponsorsInterpres Security: https://interpressecurity.com/ContraForce: https://www.contraforce.com/

This week’s guest is Mike Pratt, Host and Owner of Digital Fight Club (DFC). Your host, David Malicoat, talks to Mike about how DFC started and how the show made it into the consciousness of the cybersecurity community. David reveals his history with DFC, as well as some back story on how DFC Cyber came together. Finally, Mike and David talk about the new developments with DFC and how it is gaining national attention with a full Hollywood production ready for television. DFC is back at the Grenada Theater in Dallas, Texas on June 27, 2024 for the recording of Season 1, Episode 1.Mike Pratt LinkedIn: https://www.linkedin.com/in/mikepratt/Digital Fight Club Website: https://digitalfightclub.co/David Malicoat LinkedIn: https://www.linkedin.com/in/david-malicoat-cissp/THPC Website: www.thpc.coTHPC LInkedIn: https://www.linkedin.com/company/the-professional-ciso-podcast

Welcome to Episode 9 of the Professional CISO Podcast hosted by David Malicoat. David meets up with Ryan Bachman, currently the Executive Vice President and Global Chief Information Security Officer at General Motors Financial. They discuss Bachman's career journey, from his early fascination with technology to his current role. Additionally, they highlight the significance of building trust and service within an organization and discuss the future trajectory of the CISO role in the corporate world as the responsibilities of the CISO role expand. Sponsors: This episode is brought to you by Valence Security. Take steps to secure your SaaS apps and more at https://www.valencesecurity.com/ Impactful Moments: 00:00 - Welcome 03:30 - Introducing guest, Ryan Bachman 07:27 - Tech Driven vs Business Driven 12:25 - They DO Understand 17:20 - Broader Executive Skills 20:08 - Thanks to Valence Security 22:44 - Building Your Brand as A CISO 26:24 - Giving Good Service as A CISO 29:13 - Driving Innovation in Cybersecurity 37:38 - The Expanding Role of the CISO 46:47 - 10 Questions Links: Connect with our guest, Ryan Bachman: https://www.linkedin.com/in/ryan-bachman-9253296/

A Texas Tech2Table event sets the stage for David and his podcast guest, James Binford, an Offensive Security Director. They discuss how his background as a former BISO influences his insights on offensive and defensive security, specifically surrounding healthcare. The conversation also touches on AI in security, and the importance of incorporating writing and storytelling to help formulate your message. Sponsors: This episode is brought to you by ContraForce. When you need to to get maximum productivity from your existing Microsoft Security stack and other leading tools, you should be working with ContraForce. https://www.contraforce.com/ Impactful Moments: 00:00 - Welcome 02:09 - Introducing guest, James Binford 04:15 - Challenges of OffSec 08:35 - Healthcare Specific Defense Tips? 10:00 - Proactive on AI 11:58 - From Our Sponsor, Contraforce 12:58 - Advice for Healthcare CISOs 14:05 - CISOs Start with Writing 16:13 - Future of Healthcare Security 19:10 - 10 Questions Links: Connect with James Binford: https://www.linkedin.com/in/jamesbinford/

Welcome to Episode 7 of the Professional CISO Podcast, Hosted by David Malicoat David reunites with longtime friend and former coworker, Patrick Benoit. They explore the evolution and professionalization of the CISO role, Pat's career journey from technology and military service to cybersecurity leadership, and the necessity of soft skills alongside technical knowledge. They also discuss the challenge of guiding boards on cyber risk, the relationship between CISOs and technology executives, and the importance of developing trust and leadership qualities. Don’t forget to subscribe to the podcast and join us on LinkedIn so we can keep the conversation moving forward. www.theprofessionalciso.com Sponsors: This episode is brought to you by our foundational sponsor, Interpres Security. Visit www.interpressecurity.com/HVM to learn more! Impactful Moments: 00:00 - Welcome 02:06 - Introducing guest, Pat Benoit 06:08 - Licensing CISOs? 07:37 - CISO Now Is Like CIO Then 09:25 - The ‘Trust & Inspire’ Skills 13:12 - Little c to Big C in CISO 16:00 - Approaching Other ‘C’ Roles 20:11 - 10 questions 27:15 - Cyber-Risk Insight Links: Connect with Pat Benoit: cyber-riskinsights.com https://www.linkedin.com/in/patricklbenoit/ Books Mentioned: https://www.amazon.com/Extreme-Ownership-U-S-Navy-SEALs/dp/1250067057 The Four Agreements

Welcome to Episode 6 of the Professional CISO Podcast, Hosted by David Malicoat Today’s lesson in becoming a professional CISO goes back to where a lot of our journey began; the SEC complaint against Solarwinds and its CISO, Tim Brown. David points out the good, the bad, and the key takeaways from the complaint that you can take to work with you today. Don’t forget to subscribe to the podcast and join us on LinkedIn so we can keep the conversation moving forward. Sponsors: This episode is brought to you by ContraForce. When you need to to get maximum productivity from your existing Microsoft Security stack and other leading tools, you should be working with ContraForce. https://www.contraforce.com/ Impactful Moments: 00:00 - Welcome 02:14 - Disclaimers 02:59 - Background 04:17 - What the SEC Got Right 05:43 - Where the SEC Fumbled 08:16 - Conflating the Publications 10:46 - Who Can Publish Public Statements? 12:10 - Takeaways 15:52 - From our Sponsor, Contraforce 16:52 - Buried Four Levels Deep in the Org 22:40 - Closure Links: Join the Conversation: www.theprofessionalciso.com SEC Complaint: https://www.sec.gov/news/press-release/2023-227 NIST CSF: https://www.nist.gov/cyberframework NIST 800-53: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf

Welcome to Episode 5 of the Professional CISO Podcast, Hosted by David Malicoat Part of becoming a professional CISO means knowing how to interact with stakeholders, so David sits down with Shashank Tiwari, CEO at Uno.ai, to help illuminate the path forward when it comes to all things AI. David brings the big questions, so get ready to take notes as Shashank dishes the advice you’ve been looking for. Sponsors: This episode is brought to you by ContraForce. When you need to to get maximum productivity from your existing Microsoft Security stack and other leading tools, you should be working with ContraForce. https://www.contraforce.com/ Impactful Moments: 00:00 - Welcome 01:20 - Introducing guest, Shashank Tiwari 05:05 - Storytelling & Human Connections 09:57 - Security for AI, AI for Security 12:47 - From our Sponsor, Contraforce 13:58 - Securing How We’re Using AI & the Unknown 20:14 - The CISO as the AI Voice of Reason 23:03 - AI/SEC Regulations & Potential Impacts 28:20 - AI & the Skills Gap 33:10 - AI & Skill Certifications 36:37 - 10 Questions Links: Connect with Shashank Tiwari: https://www.linkedin.com/in/tshanky/

Welcome to Episode 4 of the Professional CISO Podcast, Hosted by David Malicoat. The scenery changes on our journey to becoming a professional CISO, as David sits down with guest Nick Lantuh, CEO of Interpres Security. Looking at the CISO role from the top, Nick describes his perspective as someone with CEO and Board member experience, but he also ways for CISOs to bring innovation to the table. Sponsors: This episode is brought to you by our foundational sponsor, Interpres Security. Visit www.interpressecurity.com/HVM to learn more! Impactful Moments: 00:00 - Welcome 01:29 - Introducing guest, Nick Lantuh 05:41 - CISO’s with Cyber Chops 08:22 - Believe, Lead, Succeed 10:01 - From our Sponsor, Interpres Security 10:55 - CISO Introspection 15:20 - Cyber Savings 19:35 - Prioritization of Threat & Defense 27:38 - Tool Maximization and CTEM 31:21 - 10 Questions Links: Connect with Nick Lantuh: https://www.linkedin.com/in/nicklantuh/ You’re a crucial part of the conversation: www.theprofessionalciso.com

Welcome to Episode 3 of the Professional CISO Podcast, Hosted by David Malicoat. David gets to enjoy an in-person interview with new friend, Will Long, an Independent Healthcare CISO. Will speaks candidly about the complexity of cyber risk in the healthcare field and how it impacts leadership at the CISO level in various capacities. Listeners will enjoy hearing general tips about stakeholder management and creating effective solutions for the specific problems they face. Sponsors: This episode is brought to you by our foundational sponsor, Interpres Security. Visit www.interpressecurity.com/HVM to learn more! Impactful Moments: 00:00 - Welcome 01:13 - Introducing guest, Will Long 03:59 - The Case for a CISO Professional 05:50 - Healthcare vs Other Industry 11:02 - Communicating with Healthcare Practitioners 13:32 - From our Sponsor, Interpres Security 14:25 - Moving Faster in Healthcare 17:09 - Automation in Healthcare 19:08 - Working on Your Executive Presence 23:40 - Cyber-Risk Quantification in Healthcare 27:18 - 10 Questions Connect with our guest, Will Long: https://www.linkedin.com/in/williamlongsr/ Engage with the THPC community on LinkedIn: https://www.linkedin.com/company/the-professional-ciso-podcast/

Welcome to Episode 2 of the Professional CISO Podcast, Hosted by David Malicoat. David sits down with Michael Jenks, CTO and co-founder of Interpres Security. They discuss the potential of threat-informed defense and automation; highlighting them as key pieces in the newest capabilities in cybersecurity. They should be on the CISO radar to help prioritize and make informed decisions that can bring them to the next level. Sponsors: This episode is brought to you by our foundational sponsor, Interpres Security. Visit www.interpressecurity.com/HVM to learn more! Key Moments: 00:00 - Welcome 00:57 - Introducing our Guest, Michael Jenks 03:24 - Compliance is Not Security 06:32 - The Quantitative Realm 10:26 - Thanks to Our Sponsor, Interpres 11:23 - It’s All About Automation 14:49 - A Symbiotic Relationship 16:28 - Continuous Threat Exposure Management (CTEM) 19:14 - What Should CISOs Be Thinking? 36:11 - 10 Questions Connect with our Guest, Michael Jenks: https://www.linkedin.com/in/michaeljenks/ Engage with the THPC community on LinkedIn: https://www.linkedin.com/company/the-professional-ciso-podcast/

Welcome to Episode 1 of the Professional CISO Podcast, Hosted by David Malicoat. Our journey continues with a notable figure in David’s professional development, Robert Pace, Chief Information Security Officer of Invitation Homes. He previously held positions at First American Payment Systems, Textron, and PwC. Robert Pace and David Malicoat worked together early in their careers at Perot Systems, which was later acquired by Dell Services. This episode touches on various aspects such as risk management, team development, personal well-being, the process of professionalizing the CISO role, and more. At the end, we’ll break down the Eisenhower Matrix as a practical tool for effective decision-making and task prioritization. Sponsors: This episode is brought to you by ContraForce. When you need to to get maximum productivity from your existing Microsoft Security stack and other leading tools, you should be working with ContraForce. https://www.contraforce.com/ Key Moments: 00:00 - Welcome 00:29 - Introducing our Guest, Robert Pace 01:53 - How Robert Jetted into Tech 05:55 - How Robert & David Met 10:26 - CISO Networking 13:21 - What’s Going Good/Bad in the CISO role? 18:11 - Getting Risk Management Experience 21:23 - The Process and the Risk Element 23:04 - Developing Teams 28:42 - CISO Work/Life Balance 34:03 - Eisenhower Matrix 36:11 - 10 Questions Engage with the community on LinkedIn: https://www.linkedin.com/company/the-professional-ciso-podcast/ Links to Cool Stuff: A good guide to The Eisenhower Matrix by James Clear: https://jamesclear.com/eisenhower-box