All links and images for this episode can be found on CISO Series. As children, we don't dream of becoming a CISO, but yet we still have them. What is it a security professional can learn or even show, to demonstrate that they're getting ready for the position of a CISO? This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, operating partner, YL Ventures. Our guest is Paul Connelly, former CISO, HCA Healthcare. Thanks to our podcast sponsor, Nightfall Nightfall is the leader in cloud data leak prevention. Integrate in minutes with cloud apps such as Slack and Jira to instantly protect data (PII, PHI, Secrets and Keys, PCI) and prevent breaches. Stay compliant with frameworks such as ISO 27001 and more — all powered by Nightfall's industry-leading ML detection. In this episode: What is it a security professional can learn or even show, to demonstrate that they're getting ready for the position of a CISO? How to tell that you are NOT CISO material? What don't CISOs know about physical security that they should know before they get into big trouble?

All links and images for this episode can be found on CISO Series. It seems anything that's added to a business, like a new app or a third party vendor, just adds more risk. Risk definitely piles up faster than CISOs can reduce it. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Kurt Sauer (@kurtsauer), CISO, DocuSign (when we recorded the show, Kurt was the vp of security for Workday). Thanks to our podcast sponsor, Stairwell The standard cybersecurity blueprint is a roadmap for attackers to test and engineer attacks. With Inception, organizations can operate out of sight, out of band, and out of time. Collect, search, and analyze every file in your environment – from malware and supply chain vulnerabilities to unique, low-prevalence files and beyond. Learn about Inception. In this episode:  Does it seem like anything that's added to a business, like a new app or a third party vendor, just adds more risk? Does risk pile up faster than CISOs can reduce it? How do you avoid creating new risks when you add new applications, or even just update applications?

All links and images for this episode can be found on CISO Series. This show was recorded in front of a live audience in New York City! This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series, and a special guest host, Aaron Zollman, CISO & vp, platform engineering, Cedar. Our guest is Colin Ahern, chief cyber officer for the State of New York. Thanks to our podcast sponsor, OpenVPN, SlashNext & Votiro Take the cost and complexity out of secure networking with OpenVPN. Whether you choose our cloud-delivered or self-hosted solution, subscriptions are based on concurrent connections, so you pay for what you actually use. Start today with free connections, no credit card required, and scale to paid when you’re ready. SlashNext, a leader in SaaS-based Integrated Cloud Messaging Security across email, web, and mobile has the industry’s first artificial intelligence solution, HumanAI, that uses generative AI to defend against advanced business email compromise (BEC), supply chain attacks, executive impersonation, and financial fraud. Request a demo today. No matter what technology or training you provide, humans are still the greatest risk to your security. Votiro’s API-centric product sanitizes every file before it hits the endpoint, so the files that your employees open are safe. This happens in milliseconds, so the business stays safe and never slows down. In this episode: If you hired someone today, how would you know in 3 months time that they were the right fit? Do you have any other questions you've heard from candidates that you think are better? What doesn't the government currently know about cloud providers that they should know?

All links and images for this episode can be found on CISO Series. Turns out cybersecurity professionals lie on their resumes. They add degrees and certifications they don't have. They omit degrees for fear of looking overqualified. And sometimes, they flat out invent jobs. But given the responses as to why people do it, it's because they're trying to get by the unnecessary barriers of cybersecurity hiring. Does that make the lying justified? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our sponsored guest is David Nolan, vp, enterprise risk & CISO, Aaron's. Thanks to our podcast sponsor, Varonis Everyday, your employees share thousands of sensitive files with too many people, exposing data to the entire organization – or even the entire internet. Varonis monitors sharing link activity and intelligently eliminates links that aren’t needed – reducing your risk on a continual basis. Discover more at www.varonis.com/cisoseries. In this episode:  Do some cybersecurity professionals really lie on their resumes? Is this because they're trying to get by the unnecessary barriers of cybersecurity hiring? Does that make the lying justified?

All links and images for this episode can be found on CISO Series. Companies want to hire security professionals who know everything. Eager professionals who want all those skills are screaming please hire me and train me. But unlike the military which can turn a teenager into a soldier in 16 weeks, corporations in dire of cybersecurity help have little to no means to train. They're just hoping they'll show up perfect and ready to fight in a digital war. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Joe Lowis, CISO, CDC. Thanks to our podcast sponsor, Cyolo Too many critical assets and systems remain exposed because traditional secure access solutions are not able to protect the high-risk access scenarios and legacy applications that keep business operations running. With its trustless zero-trust access solution, Cyolo gives organizations the visibility and access control they need to secure every connection. In this episode: Is it realistic for companies to hire security professionals who know everything? Do companies realize that there are professionals who want all those skills and are eager to learn? Why isn’t there more emphasis on providing training like how the military trains all new recruits?