Is it the increased work or the pandemic itself that’s causing us all to work more than we’ve ever worked before?



This episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest this week is Christopher Zell, vp, head of information security, The Wendy’s Company.

Thanks to this week’s podcast sponsor GitGuardian

GitGuardian empowers organizations to secure their secrets – such as API keys and other credentials – from being exposed in compromised places or leaked publicly. GitGuardian offers a threat intelligence solution focused on detecting secrets leaked on public GitHub and an automated secrets detection solution which tightly integrates with your DevOps pipeline.

Got feedback? Join the conversation on LinkedIn.

On this week’s episode

Why is everybody talking about this now?

On TechRepublic, Scott Matteson wrote an article about cybersecurity pros working harder than ever during the pandemic. Stuart Mitchell of Stott and May posted the article to LinkedIn and asked if anyone has taken a day off since COVID-19 started, and the general consensus is no. I see a multitude of factors affecting this: increased surface area to protect, compliance is more difficult, I also have to deal with my family, and where the heck is anyone going to go for vacation? I guess I’ll just work.

Close your eyes and visualize the perfect engagement

On LinkedIn, our guest Chris Zell asked others to be more welcoming when you see someone post “aspiring cybersecurity professional.” We discussed the approach and what the community could teach us.

What’s Worse?!

Three options of how to talk to the board.

There’s got to be a better way to handle this

On CSO Online, Mary Pratt has a guide for CISOs on securely laying people off. What are critical technical considerations during layoff time, and as a manager how do you manage security for those people who are still there. Have either of you made a massive security mistake during a layoff that was a great learning experience for you?

What Is It and Why Do I Care?

We played this game before and like the “What’s Worse?!” game, the title pretty much explains it. I have three pitches from three different vendors who are all in the same category of governance, risk and compliance or GRC. I have asked the reps to first, in 25 words or less, just explain their category. That’s the “What Is It?” and then for the “Why Do I Care?” I asked them to explain what differentiates their product or makes them unique also in 25 words or less. It is up to Mike and Chris to pick their favorite of each and explain why. I only reveal the winning contestants and their companies. Ready to play?