There are so few jobs available for junior cybersecurity professionals. Are these cyber beginners not valued? Or are we as managers not creating the right roles for them to improve our own security? Check out this post for the basis…
Defense in Depth
Defense in Depth: Trusting Security Vendor Claims
Defense in Depth: Trusting Security Vendor Claims
Do security vendors deliver on their claims and heck, are they even explaining what they do clearly so CISOs actually know what they’re buying? Check out this post and the Valimail survey for the basis of our conversation on this…
Topic Takeover: API Security
Topic Takeover: API Security
When we set out on a “Topic Takeover” program, our goal is to generate a ton of content, across multiple media, in one topic in cybersecurity. We just finished a program on the topic of “API Security” sponsored by Salt…
Defense in Depth: How Vendors Should Approach CISOs
Defense in Depth: How Vendors Should Approach CISOs
“How do I approach a CISO?” It’s the most common question I get from security vendors. In fact, I have another podcast dedicated to this very question. But now we’re going to tackle it on this show. Check out this…
Best Moments from “API Security” Episode of Defense in Depth
Best Moments from “API Security” Episode of Defense in Depth
If you haven’t had a chance to listen to the “API Security” episode of Defense in Depth. Watch this short three-minute clip highlighting three of the best moments from the episode. The episode features me, David Spark (@dspark), producer of CISO Series,…
Defense in Depth: Secure Access
Defense in Depth: Secure Access
What is the Holy Grail of secure access? There are many options, all of which are being strained by our new work from home model. Are we currently at the max? Check out this post for the discussion that is the…
Defense in Depth: InfoSec Fatigue
Defense in Depth: InfoSec Fatigue
Have we reached peak InfoSec fatigue? Revolving CISOs and endless cyber recruitment OR the fact that we’re spending more money to reduce even greater risk. Is it all leaving our grasp? Check out this post for the basis of our…
Defense in Depth: Securing a Cloud Migration
Defense in Depth: Securing a Cloud Migration
You’re migrating to the cloud. When did you develop your security plan? Before, during, or after? How aware are you and the board of the cloud’s new security implications? Does your team even know how to apply security controls to…
Defense in Depth: API Security
Defense in Depth: API Security
APIs are gateways in and out of our kingdom and thus they’re also great access points for malicious hackers. How the heck do we secure them without overwhelming ourselves? Check out this post for the basis for our conversation on…
Defense in Depth: Shared Threat Intelligence
Defense in Depth: Shared Threat Intelligence
We all know that shared intelligence has value, yet we’re reticent to share our threat intelligence. What prevents us from doing it and what more could we know if shared threat intelligence was mandated? Check out this post for the…