Do security vendors deliver on their claims and heck, are they even explaining what they do clearly so CISOs actually know what they’re buying? Check out this post and the Valimail survey for the basis of our conversation on this…

“How do I approach a CISO?” It’s the most common question I get from security vendors. In fact, I have another podcast dedicated to this very question. But now we’re going to tackle it on this show. Check out this…

What is the Holy Grail of secure access? There are many options, all of which are being strained by our new work from home model. Are we currently at the max? Check out this post for the discussion that is the…

Have we reached peak InfoSec fatigue? Revolving CISOs and endless cyber recruitment OR the fact that we’re spending more money to reduce even greater risk. Is it all leaving our grasp? Check out this post for the basis of our…

You’re migrating to the cloud. When did you develop your security plan? Before, during, or after? How aware are you and the board of the cloud’s new security implications? Does your team even know how to apply security controls to…

APIs are gateways in and out of our kingdom and thus they’re also great access points for malicious hackers. How the heck do we secure them without overwhelming ourselves? Check out this post for the basis for our conversation on…

We all know that shared intelligence has value, yet we’re reticent to share our threat intelligence. What prevents us from doing it and what more could we know if shared threat intelligence was mandated? Check out this post for the…

Why does the press persist on referring to all cyber breaches as sophisticated attacks? Is it to make the victim look less weak, or do they simply not know the tedium that’s involved in cybercrime? Check out this post by…

How do you calculate a security budget? Is it a percentage of the IT budget? Something else? And why does it grow so drastically after a breach? Check out this post for the basis for our conversation on this week’s…