App Store

Google Play

DK - Details page - Device banner - 894x1036

Nyd den ubegrænsede adgang til tusindvis af spændende e- og lydbøger - helt gratis

Lyt når som helst, hvor som helst 

David Spark

Geoff Belknap

Steve Zalewski

Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.

Defense in Depth

All links and images can be found on CISO Series.
 
Check out this post by Geoff Belknap, co-host of Defense in Depth, for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and John Overbaugh, CISO, Alpine Investors. Joining us is our sponsored guest, Pukar Hamal, founder and CEO at SecurityPal.
 
In this episode: 
 
 • When business moves faster than security
 • Turning obstacles into opportunities
 • The art of saying "not like that"
 • Know your regulatory landscape
 
Huge thanks to our sponsor, SecurityPal AI
 
 
 
 SecurityPal is the leader in Customer Assurance, helping companies accelerate security assurance without compromising accuracy. Their AI + human expertise approach, dynamic Trust Center, and modern TPRM solution eliminate manual work and streamline vendor security at scale. To learn more, visit securitypal.ai.

How to Deal with Last Minute Compliance Requirements

All links and images can be found on CISO Series.
 
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Justin Berman, formerly vp of platform engineering and CISO at Thirty Madison Health.
 
In this episode: 
 
 • Maps without transportation
 • The untouchable employee problem
 • Attestation theater
 • The lightbulb moment
 
Huge thanks to our sponsor, SecurityPal
 
 
 
SecurityPal is the leader in Customer Assurance, helping companies accelerate security assurance without compromising accuracy. Their AI + human expertise approach, dynamic Trust Center, and modern TPRM solution eliminate manual work and streamline vendor security at scale. To learn more, visit securitypal.ai.

Do You Have a Functional Policy or Did You Just Write One?

All links and images can be found on CISO Series.
 
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Rob Allen, chief product officer, ThreatLocker.
 
In this episode: 
 
 • Legacy infrastructure creates the biggest hurdles
 • More marketing than methodology
 • Implementation complexity makes zero trust a Sisyphean task
 • Don't ignore human factors
 
Huge thanks to our sponsor, ThreatLocker
 
 
 
ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit Threatlocker.com/CISO

Where are We Struggling with Zero Trust

All links and images can be found on CISO Series.
 
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining them is Terry O'Daniel, former CISO at Amplitude.
 
In this episode: 
 
 • Beyond prioritization: aligning risk with reality
 • From signals to strategy
 • The Case for Maturity Models
 • Security Starts With Culture
 
Huge thanks to our sponsor, SecurityPal
 
 
 
SecurityPal is the leader in Customer Assurance, helping companies accelerate security assurance without compromising accuracy. Their AI + human expertise approach, dynamic Trust Center, and modern TPRM solution eliminate manual work and streamline vendor security at scale. To learn more, visit securitypal.ai.

Cybersecurity Has a Prioritization Problem

All links and images can be found on CISO Series.
 
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining them is their sponsored guest, Matt Eberhart, CEO, Query.
 
In this episode: 
 
 • Quality over quantity in AI decision-making
 • Process before technology
 • The connectivity challenge
 • The context complexity paradox
 
Huge thanks to our sponsor, Query
 
 
 
Query is a Federated Search and Analytics platform that builds a security data mesh, giving
 security teams real-time context from all connected sources. Analysts move faster and make
 better decisions with AI agents and copilots that handle the grunt work and guide each step.
 Learn more at query.ai

How Can AI Provide Useful Guidance from Fragmented Security Data?

All links and images can be found on CISO Series.
 
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is Jason Thomas, senior director, technology security, governance, and risk, Cystic Fibrosis Foundation.
 
In this episode: 
 
 • The trust deficit
 • Defending the non-technical roles
 • The business accountability gap
 • The communication imperative
 
Huge thanks to our sponsor, Query.ai
 

 
 Query is a Federated Search and Analytics platform that builds a security data mesh, giving security teams real-time context from all connected sources. Analysts move faster and make better decisions with AI agents and copilots that handle the grunt work and guide each step. Learn more at query.ai

Why Salespeople's Knowledge of Cybersecurity Is Critical for the Ecosystem

All links and images can be found on CISO Series.
 
Check out this post for the discussion that is the basis of our conversation on this week’s episode, co-hosted by me, David Spark, the producer of CISO Series, and Dan Walsh, CISO, Datavant. Joining them is Sneha Parmar, former information security officer, Lufthansa Group Digital.
 
In this episode:
 • Shifting left, broadening out
 • The insurance wake-up call
 • Building trust into the system
 • Security’s identity crisis
 
A huge thanks to our sponsor, Doppel
 

 
Doppel is the first social engineering defense platform built to dismantle deception at the source. It uses AI and infrastructure correlation to detect, link, and disrupt impersonation campaigns before they spread - protecting brands, executives, and employees while turning every threat into action that strengthens defenses across a shared intelligence network. Learn more at https://www.doppel.com/platform

What Are the Cybersecurity Trends We Need To Follow?

All links and images can be found on CISO Series.
 
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is David Cross, CISO, Atlassian.
 
In this episode:
 
 • The experience prerequisite
 • The bootcamp reality check
 • The compensation conundrum
 • The domain expertise imperative
 
A huge thanks to our sponsor, ThreatLocker
 

 ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

Is It Even Possible to Fast-Track Your Way Into Cybersecurity?

All posts and images can be found on CISO Series.
 
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap. Joining us is Steve Knight, former CISO, Hyundai Capital America.
 
In this episode:
 
 • Streamlining vendor evaluations 
 • Moving beyond compliance theater
 • The scorecard skeptics
 • Finding the right balance
 
Thanks to our sponsor, Formal
 

 
Formal secures humans, AI agent’s access to MCP servers, infrastructure, and data stores by monitoring and controlling data flows in real time. Using a protocol-aware reverse proxy, Formal enforces least-privilege access to sensitive data and APIs, ensuring AI behavior stays predictable and secure. Visit joinformal.com to learn more or schedule a demo.

What's the Most Efficient Way to Rate Third Party Vendors?

All links and images can be found on CISO Series.
 
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by David Spark, the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining is Hanan Szwarcbord, vp, CSO and head of infrastructure, Micron Technology.
 
In this episode
 
 • Embracing growth
 • An urgent need for creativity
 • Get the business context
 • Embrace your inner theater kid
 
Huge thanks to our sponsor, Query.ai
 
 
 
Query is a Federated Search and Analytics platform that builds a security data mesh, giving
 security teams real-time context from all connected sources. Analysts move faster and make
 better decisions with AI agents and copilots that handle the grunt work and guide each step.
 Learn more at query.ai

Don't Ask "Can" We Secure It, But "How" Can We Secure It

All links and images for this episode can be found on CISO Series.
 
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Richard Ford, CTO, Praetorian.
 
In this episode:
 
 • 

When did we all agree that red teaming was about validating security?
 • 
 • 

Does it seem like increasingly red teaming is a catch all term for a whole lot of testing that isn't clearly defined?
 • 
 • 

Is this making it hard to see its value?
 • 
 • 

Can moving red teaming upstream be more valuable to your organization?
 • 
 
Thanks to our podcast sponsor, Praetorian
 

 
Praetorian helps companies adopt a prevention-first cybersecurity strategy by actively uncovering vulnerabilities and minimizing potential weaknesses before attackers can exploit them.

Use Red Teaming To Build, Not Validate, Your Security Program

Lyt når som helst, hvor som helst

Other podcasts you might like ...