The Virtual CISO Podcast cover art

All Episodes

The Virtual CISO Podcast — 160 episodes

#
Title
1

Episode 159: The New Security Stack: Doors, Data, and AI With Jeffrey Friedman

2

Episode 158: AI Is Increasing Your Cyber Risk – Can It Also Reduce It? With Mike Armistead

3

Episode 157: AI Security: Testing, Exploits, and Threat Feeds With Marco Figueroa

4

Episode 156: AI Security: Threat Modeling & Pipeline Evolution with Jason Rebholz

5

Episode 155: Incident Response Testing in Cloud Forward Organizations with Matt Lea

6

Ep 154: How DORA Will Impact US Companies with Dejan Kosutic

7

Ep 153: Inside ISO 42001: The Future of AI Governance with Danny Manimbo

8

EP 152: Granular, Persistent, Zero Trust: The Case for File-Level Security

9

EP 151: Trust, But Verify: How HITRUST is Reshaping Assurance

10

Ep 150: Is OSCAL the Future of Security Documentation (& FedRAMP)?

11

Ep 149: Unlocking the Future: Passkeys and Passwordless Authentication with Anna Pobletts

12

Episode 148: Cloud Detection & Response

13

Episode 147: Why vCISO Engagements Fail

14

Episode 146: Dark Web Monitoring

15

Episode 145: CMMC: The Final Rule

16

Episode 144: TxRAMP or StateRAMP or AZRAMP or FedRAMP? What’s right for your company?

17

Episode 143: Is Decentralized Proof of Security Leveraging Blockchain the future of Cybersecurity?

18

Episode 142: CNAPP - Secure Cloud Apps in a Snap

19

Episode 141: Stopping Business Email Compromise with a Novel Malicious File Reconstruction Approach

20

Episode 140: DIB/CMMC Cybersecurity – Interesting Observations from a Significant Study

21

Episode 139: How adding Crisis Management to your Incident Response Plan can save your bacon?

22

Episode 138: Is Consuming SaaS an Information Security Faustian Bargain? w/ William Eshagh

23

Episode 137: Strategies and Insights w/ Sagi Brody

24

Episode 136: AI Risk Management – Is ISO 42001 the Solution? w/ Ariel Allensworth

25

Episode 135: Can Distributed Ledger Technology Simplify Privacy Compliance? W/ Zenobia Godschalk

26

Episode 134: Understanding TISAX w/ Alexander Häusler

27

Kubernetes Security – Simplified Shauli Rozen, CEO of ARMO

28

Episode 132: Optimize Your SOC 2 - Lessons Learned from the 2023 Benchmark Study w/ Scott Woznicki

29

Episode 131: The New CMCC Proposed Rule w/ Jeff Carden & Warren Hylton

30

Episode 130: Revolutionizing Security Training with Kevin Paige CISO and VP of Product Strategy at Uptycs

31

Episode 129: Empowering Diversity in the Cybersecurity Industry with Larry Whiteside Jr.

32

Episode 128: Understanding the ISO 27001:2022 Update with Andrew Frost and Leigh Ronczka

33

Ep 127: The Future of Security: Unraveling the World of Social Engineering

34

Ep 126: Unlocking AI's Potential: Risks, Optimism & Challenges in the Current Wave of AI Technology

35

Ep: 125 - Understanding the New FTC Safeguards Rule: Key Changes and Requirements Explained

36

An Introduction to AI and its Place in the Work Place with CEO of Private AI Patricia Thaine

37

Ep 123: Navigating IT-OT Dynamics: Cybersecurity, Integration, and Collaboration

38

Ep 122: Navigating New Horizons: CMMC, NIST 800-171 Updates, and Compliance Insights

39

Ep 121: Strategies for Reducing the Cost of Your Cyber Liability Insurance Policy

40

Ep 120: A FedRAMP ATO – The Good, The Bad, and the Ugly

41

Ep 119: What is a Microservice Architecture and how do I secure it?

42

Ep 118: The Simplest Way to Transition from ISO 27001:2013 to ISO 27001:2022

43

Ep 117: Eight Key Takeaways from the RSA 2023 Conference

44

Ep 116: What is an SBOM & Why Are My Customers Suddenly Asking for One?

45

Ep 115: If Your Asset Management Sucks, Your Security Sucks

46

Ep 114: 4 Tactical Steps To Implementing DevSecOps In 2023

47

Ep 113: Should we be in Microsoft 365 GCC, GCC High, or Commercial?

48

Ep 112: When should you move to ISO 27001:2022?

49

Ep 111: How to use the Software Assurance Maturity Model (SAMM) to Build Highly Secure Applications

50

Ep 110: Understanding TISAX (Trusted Information Security Assessment Exchange)

51

Ep 109: Understanding How Cybercriminals Operate Can Protect Your Business

52

Ep 108: Understanding the Legalities Around CUI

53

Ep 107: An AWS Security Guru’s Recommendation for Securing your AWS Infrastructure

54

Ep 106: Strategies to Manage Cybersecurity through an Economic Downturn

55

Ep 105: Solving the Problems of Cloud Native Apps.

56

Ep 104: Is Digital Business Risk Mgt. The Future of ASM

57

Ep 103: The Complexity of Deploying a Secure Application in the Cloud

58

Ep 102: The Intersection of Privacy and Security

59

Ep 101: Most Asked CMMC Questions

60

Ep 100: The Two Audiences For Privacy & How They Drive Data Collection

61

Unpacking Critical Elements of Supply Chain Risk Management

62

Breaking Down the Latest in Software Security Standards & the Impact on SaaS Businesses

63

What You Need to Know about APIs and API Security

64

How to Measure the Value of Information Security

65

Understanding NIST’s Secure Software Development Framework

66

US Gov. Cybersecurity Roadmap: Where it came from and Where is it Going?

67

Confronting the Wild West of Database Security

68

Bridging the Gap Between Cybersecurity and the Business World

69

Legal and Infosec strategies to deal with exploding Cyber Liability Insurance premiums

70

Important Clarifications on CMMC v2 from CMMC Day May 9, 2022

71

The Past, Present and Future of Cybersecurity From the Viewpoint of a Venture Capitalist

72

Understanding Attack Surface Management and How It Applies to Your Cyber Security Strategy

73

The Convergence of Physical & Cyber Security and the Impact to Cyber Security Professionals

74

What CMMC 2 Guidance Means for Managed Service Providers (MSPs)

75

8 Ingredients for Baking Inclusivity into Your Culture

76

Becoming More Efficient w/ a Cloud-Native Approach

77

Use the CSA Cloud Controls to Maximize Your Security & Reduce Your Risk of Breach

78

Ongoing Challenges in CMMC

79

Is Open Source the Future of Endpoint Security

80

The AWS Approach to Provable Security

81

What Does the New ISO 27002 Update Mean for You?

82

CMMC 2.0 & Continuous Compliance w/ Andrea Willis

83

8 Information Security Predictions for 2022

84

Government Security Guidance: How We Got Here

85

How Hardware Hackers Exploit IoT Vulnerabilities w/ Joe Grand

86

Bridging the Gap Between Security & Development Teams w/ Harshil Parikh

87

Why Cloud Is More Secure Than Your Average On-Prem Solution w/ Mark Richman

88

How Configuration Management Makes Security Simple w/ Brian Hajost

89

CMMC 2.0 is Here! Find Out What It Really Means for DIB and Non-DIB USG

90

How Simply Cyber Helps People Pivot to a Cybersecurity Career w/ Gerald Auger

91

Can You Benefit from Attack Surface Management? w/ Steve Ginty

92

Why Continuous Compliance Matters More than Ever w/ Mosi Platt

93

How HIPAA Compliant Email is Revolutionizing Healthcare w/ Hoala Greevy

94

Private Practices: How to Prioritize Privacy in Your Organization w/ Jason Powell

95

Why Information Security Is Key to Business Strategy w/ Chris Dorr

96

Head in the Clouds: Multi-Cloud Security & Governance w/ John Grange

97

Can We Predict Security Threats w/ Machine Learning? w/ Johnna Verry

98

What People Get Wrong About ISO 27001 Compliance

99

Bridging the Gap Between Traditional Compliance & DevOPs w/ Raj Krishnamurthy

100

A Guide for Validating Your Security Process w/ John Verry

101

Governing Cybersecurity: A Process for Becoming Provably Secure & Compliant w/ John Verry

102

The Cybersecurity Executive Order: What You Need to Know w/ Scott Sarris

103

Your Passwords Are Failing You w/Josh Amishav-Zlatin

104

Information Governance w/David Gould

105

DIBCAC & CMMC Audit Prep w/ George Perezdiaz & Caleb Leidy

106

Trust Is a Vulnerability: 5 Steps on the Path to Zero Trust with John Kindervag

107

You Are a Target: Assessing Cybersecurity Risk with Dr. Eric Cole

108

CMMC Assessments Are Here: What You Need to Know with Stacy High-Brinkley

109

Everything You Need to Know About StateRAMP with Leah McGrath

110

How EDR & NDR Help You Make Better Security Decisions with Chris Neyhuis

111

How PreVeil Drive Makes Storing and Sharing Data More Secure with Sanjeev Verma

112

Lessons Learned in Our Initial 27701 Certification Audits

113

Using your ISO 9001 Management System to Simplify CMMC Certification

114

How to Communicate Across Departmental Divides

115

MSPs, MSSPs & Validation: What You Need to Know

116

Why CMMC Is the Most Significant Standard of all Time

117

CMMC Level 1: An Overview

118

Solutions to Security, Compliance, and Technology Challenges in Aerospace

119

CMMC Level 3: What Government Staffing Agencies Need to Know

120

The ISVS: What You Need to Know

121

FedRAMP: What You Need to Know

122

How Data Privacy Standards Affect Your Business

123

Should You Invest in a GRC Tool for Security & Compliance?

124

CMMC Compliance: The Nuances You Should Know

125

GCC High Demystified: What CMMC Compliance Means for DIB Firms

126

What DIB Firms Need to Know About the CMMC Interim Rule

127

The Secrets to Keeping Your SaaS Secure

128

32. How IoT Is Shaping the Future of Cybersecurity

129

31. A Brief History of NIST Guidance

130

30. How to Beat the 6 Most Challenging CMMC L3 Requirements

131

29. How COVID-19 Is Shaping Security’s Future w/Reg Harnish

132

28. Why 800-171 Compliance Isn’t Going Away Any Time Soon w/John Ellis

133

27. How DevOps Took Over (& Why You Should Care) w/Jon Bass

134

26: How to Optimize Your ISMS w/Rich Stever

135

25: CMMC Compliance & Continuous Monitoring Made Simple w/Chris Lank

136

24: Everything You Need to Know About ISO 27001 Audits w/ Ryan Mackie

137

23. Why Security Is So Important for a Growing SaaS w/ Jesse Nash

138

22. CMMC Training & Assessments: Rollout, Certification & Competition w/ Ben Tchoubineh

139

21. CMMC Compliance Doesn’t Have to Be Hard (or Pricey) w/ Sanjeev Verma

140

20. Faster, Better & Cheaper Vendor Due Diligence Reviews w/ Kevin Hermosura

141

19. Why Application Security is a Team Sport and How Your Team Can Win w/ Joe Manico

142

18. IT & Security: How to Do More with Less w/ Jose Ciriaco

143

17. CMMC Certification Audits—Can You Leverage ISO 27001? w/ Thomas Price

144

16. Why Buyers of Security Services Need to Leverage CREST w/ Ian Glover

145

15. The OWASP Top Ten is Great, but is it Enough? w/ Andrew van der Stock

146

14. How Computer Forensics Protects Your Data During Litigation w/ Brian Dykstra

147

13. Why ISO 27701 is the Answer to Privacy Compliance w/ Debbie Zaller

148

12. Disaster Recovery, Business Continuity, and Data Resilience w/ Cosmo Gazzani

149

11. OWASP ASVS: The Go-To Standard for Application Security w/ Daniel Cuthbert

150

10. Exostar and Their Role in Your CMMC Certification w/ Stuart Itkin

151

9. When an SMB Should Implement a SIEM w/ Danielle Russell

152

8. Resilience Guidance and the SCA w/ Tom Garrubba

153

7: Dead CISO's Don't Get Bonuses w/ Dr. Joel Kahn

154

6. The Virtual CIO: What it Is and What it Isn’t w/ Darek Hahn

155

5. Staying Secure in a COVID-19 World w/ John Verry

156

4. True Confessions of a Real Virtual CISO w/ Andrew Farkas

157

3. ISO 27001 vs. SOC 2 – Which Attestation is Right For You? w/ Dan Schroeder

158

2. How to Attract and Retain Cyber Talent w/ Deidre Diamond

159

1. CMMC: What You Need to Know About DoD Cybersecurity Regulation w/ Katie Arrington

160

Welcome to The Virtual CISO Podcast