The Hands On CISO

In this episode of the Hands-on CISO podcast, Adi speaks with Luna Wu, Chief of Staff to the CISO at Alteryx. They discuss the evolving role of cybersecurity professionals, the importance of human factors in security, and the impact of AI on the industry. Luna shares her career journey, insights on navigating security challenges, and advice for those looking to enter the field. The conversation highlights the need for continuous learning and adaptation in a rapidly changing cybersecurity landscape.

In this engaging conversation, Stephanie Roberts, CISO and VP of Infrastructure at EmployBridge, shares her extensive journey in the tech industry, particularly in cybersecurity. She discusses the evolution of security practices over the years, the importance of leadership and team management, and the challenges of hiring for security roles. Stephanie emphasizes the need for a security-aware culture within organizations and the significance of employee education. She also addresses the stress associated with cybersecurity roles and the importance of balancing work and personal life. Furthermore, she highlights the challenges of budgeting and prioritization in security, the need to retain top talent, and the continuous learning required in the fast-paced cybersecurity landscape. Finally, Stephanie shares her insights on the future of cybersecurity, particularly the role of AI.

In this episode of the Hands On CISO podcast, Adi speaks with Taylor Yarn, Chief of Staff and Head of Information Security at N1 Health. Taylor shares his unique journey into cybersecurity, starting as a software engineer and transitioning into a security role driven by necessity. He discusses the challenges of building a security culture in a startup environment, the importance of education and controls, and the balance between technical skills and management responsibilities. Taylor also highlights the impact of AI on the cybersecurity landscape and the need for increased investment in security, especially in the healthcare sector. He provides insights into the stress and challenges of the role, as well as advice for aspiring security professionals.

In this episode of the Hands-On CISO podcast, Rick Doten shares his extensive journey in the cybersecurity field, discussing how he got started, the evolution of roles within the industry, and the importance of communication and personality in leadership positions.Rick's channel:https://www.youtube.com/channel/UCSePMfJMI2PJ2qMrQrX9vIQRick's RSA Neurodiversity talk:https://www.youtube.com/watch?v=9fNxj-Oe9dU He emphasizes the significance of education, the challenges of managing stress, and the future of cybersecurity in the context of AI and organizational dynamics. Rick's insights provide a unique perspective on the intersection of personal experience and professional growth in cybersecurity.

In this episode of the Hands on CISO podcast, Adi speaks with Anthony Scarf, the director of security assurance and deputy CISO at Elastic. Anthony shares his journey into the field of security, discussing his transition from technical roles to management, the importance of empathy in security, and the challenges of prioritizing security initiatives. He emphasizes the need for a culture of conversation around security, the impact of AI on the industry, and the evolving responsibilities of security teams. The conversation also touches on the difficulties of managing security incidents, maintaining a calm environment, and the diverse backgrounds that can contribute to a successful career in security.

In this episode of the Hands on CISO podcast, host Adi interviews Marc Throne, an experienced CISO, discussing his journey in cybersecurity, the evolving role of a CISO, and the challenges faced in the industry. Marc shares insights on the importance of balancing technical and business skills, the impact of AI on security, and the critical need for effective third-party risk management. He emphasizes the necessity of awareness and preparedness in incident response, and the future of the CISO role in organizations.

In this episode of the Hands-on CISO podcast, Adi interviews Alicia Perez, who shares her unique journey into the field of cybersecurity. Alicia discusses her transition from customer support to security, the importance of continuous learning, and the evolving landscape of vendor relationships. She emphasizes the need for transparency and trust in security practices, the role of AI, and the significance of fostering a security-conscious culture within organizations. Alicia also highlights the importance of diversity in the security field, particularly the need for more women in the industry.

In this conversation, Tammy Klotz, CISO of Trinseo, shares her extensive experience in cybersecurity, discussing her journey from manufacturing to leadership in the field. She emphasizes the importance of understanding risk appetite, incident management, and the balance between technical and cultural aspects of security. Tammy also highlights the frustrations faced in cybersecurity, the need for continuous learning, and the impact of AI on the industry. She reflects on the importance of basics in cybersecurity, managing stress, and the skills necessary for advancing in the field. The conversation concludes with insights on creating a culture of security and the intrigue that comes with the role of a CISO.

In this engaging conversation, Jimmy Liranzo, Director of IT and Information Security at VIP Community Services, shares his insights on the human element in cybersecurity, his career journey, daily responsibilities, and the integration of IT and security. He discusses the challenges faced in the field, the role of AI, vendor relationships, and the importance of personal responsibility in security. Liranzo emphasizes the need for a balance between security measures and business needs, the evolving landscape of cybersecurity, and the future of leadership in the field.

In this episode of the Hands On CISO podcast, Adi speaks with Taylor Yarn, Chief of Staff and Head of Information Security at N1 Health. Taylor shares his unique journey into cybersecurity, starting as a software engineer and transitioning into a security role driven by necessity. He discusses the challenges of building a security culture in a startup environment, the importance of education and controls, and the balance between technical skills and management responsibilities. Taylor also highlights the impact of AI on the cybersecurity landscape and the need for increased investment in security, especially in the healthcare sector. He provides insights into the stress and challenges of the role, as well as advice for aspiring security professionals.

In this episode of the Hands on CISO podcast, Adi speaks with Lance Harris, the Senior VP and CISO for Everie. They discuss Lance's unique journey from studying psychology to becoming a CISO, the diverse roles he has held in cybersecurity, and the importance of communication and soft skills in the field. Lance shares insights on the challenges of managing security in companies of different sizes, the evolving role of the CISO, and the significance of risk management. He emphasizes the need for continuous education and the balance between technical skills and interpersonal abilities in cybersecurity. The conversation also touches on the current challenges in the industry, particularly around identity and access management, and how to handle the stress that comes with being in a security role.

In this episode of the Hands on CISO podcast, Adi interviews Federico Casano, a seasoned cybersecurity professional. They discuss Federico's journey into cybersecurity, the importance of stakeholder management, and the balance between technical skills and people skills in the field. The conversation delves into the challenges of staying updated in a rapidly changing environment, common threats like ransomware and phishing, and the significance of cybersecurity awareness among employees. Federico shares insights on managing security incidents, the evolving landscape of cybersecurity, and the future role of AI and automation. He emphasizes the need for continuous learning and the unique responsibilities that come with a career in cybersecurity.

In this episode of the Hands on CISO podcast, host Adi speaks with Konstantinos Argyropoulos, a seasoned CISO in the pharmaceutical industry. They discuss Constantinos' journey into cybersecurity, the evolution of security roles, the importance of human behavior in understanding cyber threats, and the challenges of crisis management. The conversation also delves into the balance between business needs and security, the regulatory landscape in pharmaceuticals, and the impact of AI on cybersecurity. Constantinos emphasizes the need for continuous learning, the importance of leadership and culture in security, and offers advice for aspiring security leaders.

In this episode of the Hands on CISO podcast, Adi interviews Bas Volkers, an interim CISO with extensive experience in crisis management and business optimization. Bas discusses the unique challenges and responsibilities of being an interim CISO, emphasizing the importance of data management, understanding the evolving cyber threat landscape, and the need for effective communication with management. He highlights the human factors in security, the balance between education and control, and the future of the CISO role as a trusted business partner rather than just a technical expert.

In this conversation, Ron Leplae, a CISO and security advisor, shares his extensive experience in cybersecurity, discussing the evolving landscape of threats, the importance of user awareness, and the role of AI in security. He emphasizes the need for continuous learning and adaptation in the field, as well as the significance of balancing security measures with user trust and understanding. Ron also highlights the challenges faced by security professionals today and offers insights for those looking to enter the field.

In this conversation, Diaa Abu-Shaqra shares his extensive journey in cybersecurity, from his early fascination with cryptography to his current role as an entrepreneur. He discusses the evolving role of the CISO, emphasizing the need for CISOs to have a seat at the executive table and to communicate effectively with business leaders. Diaa highlights the importance of proactive security measures, staying updated with industry standards, and fostering a culture of security within organizations. He also addresses the challenges of navigating regulatory environments and the significance of incident response preparedness. Finally, Diaa offers valuable advice for aspiring security professionals and shares insights into the future of cybersecurity.

In this episode of the Hands on CISO podcast, Adi speaks with Austin Hohl, the Information Security Manager at Heartland Bank. Austin shares his journey from IT to cybersecurity, discussing the cultural differences in how companies view security, his day-to-day responsibilities, and the importance of building a security culture within organizations. He emphasizes the need for user education, the challenges of managing stress in the field, and the evolving role of AI in cybersecurity. Austin also provides insights into compliance, current trends, and advice for those looking to enter the cybersecurity field.

In this conversation, Sharon Cohen, Head of Security at BetterHelp, discusses the evolution of cybersecurity over the past few decades and the challenges faced by CISOs. He emphasizes the importance of integrating cybersecurity into the software development process and the need for a strong partnership between cybersecurity and development teams. Sharon also shares his experiences with security breaches and highlights the significance of incident response plans. He discusses the differences between working in a health tech company and a software company, as well as the balance between educating employees and implementing controls. Sharon addresses the future of cybersecurity, including the increasing threat of AI-powered attacks

In this episode of the Hands on CISO podcast, Adi interviews Miglen Evlogiev, a cybersecurity expert with over a decade of experience. They discuss Miglen's journey into cybersecurity, his day-to-day responsibilities at PayHawk, and the importance of continuous learning in the field. Miglen emphasizes the need for a positive security culture, the challenges of incident response, and shares real-life security incidents that shaped his career. The conversation also explores the role of AI in cybersecurity, the future of the industry, and advice for aspiring professionals, highlighting the significance of storytelling in bridging the gap between technical and non-technical stakeholders.

In this episode of the Hands on CISO podcast, host Adi speaks with Todd Fitzgerald, an experienced CISO and bestselling author, about his journey in cybersecurity, the evolution of the CISO role, and the importance of understanding the human factor in security. Todd shares insights on the challenges faced by CISOs today, the significance of networking, and the future of cybersecurity. He emphasizes the need for continuous learning and the importance of building relationships within the industry.

In this conversation, Michael Hensley, head of cybersecurity at Modern Health, shares his journey from software development to cybersecurity, discussing the evolving landscape of the field, the unique challenges faced in health tech, and the importance of community and mentorship. He emphasizes the need for effective communication in leadership roles, the balance between employee education and implementing security measures, and the future trends in cybersecurity, including the role of AI and third-party vendor risks.

In this episode, Adi interviews Dexter Blakely, an information security manager, about his journey in the security field and the challenges of balancing business and security. Dexter shares his experience starting from the help desk and working his way up to becoming a security leader. He emphasizes the importance of understanding the needs of different stakeholders and tailoring conversations to their language. Dexter also discusses the evolving nature of cybersecurity, the impact of the pandemic on security practices, and the future challenges and hopes for the industry.

In this conversation, John Hathaway, VP of IT Security at Cambridge Savings Bank, discusses the evolving landscape of cybersecurity, the importance of understanding security blind spots, and the balance between security measures and productivity. He emphasizes the need for continuous education, the challenges faced in cybersecurity today, and the role of AI in shaping future security practices. Hathaway also shares insights on leadership decisions, the stress associated with security roles, and offers advice for those looking to enter the cybersecurity field.

Christopher Russell, CISO of tZero Group, shares his journey in the security field and discusses the role of a CISO. He emphasizes the importance of being customer-facing and understanding the needs and concerns of different stakeholders. Russell also highlights the balance between technical skills and soft skills in the CISO role. He provides insights into his day-to-day responsibilities, including incident response and the importance of trusting one's instincts. Russell discusses the evolving landscape of cybersecurity, the impact of AI, and the need for continuous learning in the field.

In this conversation, Adi interviews Dimitrius Stergiou, a CISO with over two decades of experience in security. They discuss Demetrius' journey in the field and the challenges and responsibilities of being a CISO. Demetrius emphasizes the importance of understanding the company's needs and goals when taking on the role of a CISO. He also highlights the need for a balance between security and business requirements, as well as the importance of communication and collaboration with different teams within the organization. Demetrius shares his thoughts on the evolving nature of cybersecurity, the impact of cloud-based services, and the role of AI in the field. He also provides advice for those looking to enter the cybersecurity field and emphasizes the importance of continuous learning and specialization.

Sebastiaan Gybels, an accomplished senior IT and security executive, shares his journey into cybersecurity and the importance of both technical and soft skills in the field. He emphasizes the need to understand the business side of cybersecurity and the importance of communication and collaboration with other departments. Sebastian also discusses the challenges of keeping up with the rapidly changing cybersecurity landscape and the importance of continuous learning and experimentation. He highlights the value of networking and engaging with online communities to connect with other cybersecurity professionals. Sebastian shares insights into different approaches to cybersecurity based on the maturity and size of the organization. He also discusses the role of a CISO and the balance between technical implementation and managing the business side of cybersecurity. Sebastian shares his experiences with security incidents and the importance of building a security culture within the company. He discusses the impact of AI and blockchain on cybersecurity and the need for consolidation in the security market. Sebastian concludes by emphasizing the importance of diversity in the cybersecurity field and the mindset of continuous learning and adaptability.

In this conversation, Adi interviews Jose Alvarado, the Director of Information Security at Stax Payment, about his journey in the field of cybersecurity. Jose shares how his interest in IT and networking led him to specialize in cybersecurity. They discuss the difference between IT and security roles, the importance of collaboration and communication in the security field, and the challenges of creating a security-focused culture within an organization. Jose also shares his experience dealing with a serious incident involving ransomware and emphasizes the need for organizations to assess and validate their security measures. The conversation with Jose focused on the challenges and priorities in cybersecurity, the importance of effective communication, the issue of burnout in the industry, and advice for those starting out in cybersecurity. Jose emphasized the need for organizations to ensure they are actually implementing the security measures they claim to have in place. He also discussed the challenge of balancing technical expertise with business understanding and the importance of concise and effective communication. Jose highlighted the issue of burnout in the tech industry and emphasized the need for leaders to be aware of their team's workload and mental well-being. He advised those starting out in cybersecurity to prioritize gaining experience and knowledge, rather than focusing on money, and to seek out opportunities that provide a wide range of experiences. Jose also discussed the evolution of cybersecurity as a separate field and the satisfaction he finds in completing projects and seeing the results of his team's efforts.

Holger Sontag, CISO of Privé Technologies, shares his insights on working in the field of security. He discusses his passion for solving puzzles and making things better for those who lack knowledge in security. Holger highlights the differences between working on the vendor side and in internal departments, emphasizing the importance of ongoing tasks and customer interaction. He also discusses the challenges of working in regulated industries and the need to stay updated in a rapidly changing field. Holger emphasizes the importance of building a security culture within organizations and the role of effective communication and awareness training. He shares his experiences with severe security incidents and the importance of staying calm and focused during stressful situations. Holger also discusses the balance between security and business, the challenges of remote work, and the future of cybersecurity.

In this episode of the Hands on CISO podcast, Adi interviews Korab Osmanaj, a seasoned information security expert and CISO at PriBank. Korab shares his unique journey into cybersecurity, detailing his diverse background and the evolution of his career. He discusses the dynamic responsibilities of a CISO, the importance of balancing security with usability, and the challenges of incident response. Korab emphasizes the significance of continuous learning, the human factor in security, and the future trends shaping the cybersecurity landscape. He concludes with valuable advice for those looking to enter or advance in the field of cybersecurity.

Maxim Mošarov, CEO and founder of Whitespots.io and CISO of Salmon Group, discusses his journey as a CISO and founder. He shares his experience working as an application security manager and the challenges he faced in communication between different teams. Max talks about starting his own consultancy services and eventually transitioning into a software company. He emphasizes the importance of having a strong team and an overview of processes as a CISO. Max also discusses the challenges in cybersecurity, the need for automation, and the importance of metrics and staying updated.

In this conversation, Scott discusses the importance of building trust and creating an open environment in cybersecurity. He shares his experiences in organizations where security was viewed differently and emphasizes the need for collaboration and accountability. Scott also provides advice for those looking to advance in the security field and highlights the challenges and opportunities in both small and large security teams. He discusses the future of the field, the increasing rate of change, and the importance of continuous learning. Scott concludes by expressing his love for the challenges and growth opportunities in the security field.

Chris Denbigh-White, CISO of NextDLP, shares his non-standard path into information security and how he ended up in his current role. He discusses the importance of understanding the business and providing a safe space for employees to work in. He emphasizes the need for companies to focus on addressing the basics of information security, such as asset inventory, application inventory, and network protections, rather than solely focusing on advanced threats. He also highlights the challenges and complexities involved in implementing these basic security measures. Chris Denbigh-White, Next DLP CISO, discusses the challenges of presenting information security in a way that engages the wider business. He emphasizes the importance of explaining security in business language and reducing business risk. Chris also shares his strategies for staying up-to-date in the rapidly changing field of cybersecurity, including using resources like the SANS Internet Storm Center and participating in information security meetups. He highlights the benefits of having a small security team and involving the wider company in security efforts. Chris discusses the different roles and responsibilities of a CISO in small and large companies and the need for both technical and business knowledge. He predicts that the cybersecurity field will continue to evolve with the adoption of AI and large language models, but emphasizes the importance of understanding the business problems that these technologies can solve. Chris offers advice for those interested in cybersecurity, encouraging continuous learning and not letting personal characteristics or self-doubt hold them back.

In this episode of the Hands-on CISO podcast, Adi interviews Stephen Owen, CISO of IQUW. With over 20 years of experience in the security field, Stephen shares his fascinating journey from software engineering to becoming a top 100 global leader in InfoSec. Listen in as Stephen discusses his background, the importance of constant learning, and the evolving landscape of cybersecurity. He delves into team management, risk assessment, and the impact of AI on security practices. This episode is packed with valuable advice for aspiring security professionals and seasoned leaders alike. Don't miss it!

Don Gibson, CISO of Kinley, shares his journey into the security field and discusses various aspects of cybersecurity. He emphasizes the importance of the desire to protect and help others in the role of a CISO. Don also talks about the evolving approach to security in different companies and sectors, highlighting the common foundation of the CIA (Confidentiality, Integrity, Availability) triad. He discusses the role of a CISO in a small team and the need to balance the big picture with attention to detail. Don also addresses the challenges of managing stress and mental health in the cybersecurity field. In this conversation, Don Gibson discusses the mental side of being a CISO and the ability to unwind. He emphasizes the importance of management support and the freedom to make decisions. Don also talks about the challenges of being a solo CISO and the need for a team. He highlights the need for continuous learning in cybersecurity and shares his methods of staying updated. Don also discusses the future of cybersecurity, including the impact of quantum computing and the potential irrelevance of personal data. He advises aspiring cybersecurity professionals to have a genuine passion for the field and to prioritize self-care.

In this conversation, Sean Turner discusses his journey into the security field and his experiences working in startups. He highlights the importance of having clear roles and responsibilities, especially in the startup environment where security personnel often wear multiple hats. Sean also talks about the balance between strategic and tactical work, the challenges of keeping up with the ever-changing cybersecurity landscape, and the role of AI in the field. The conversation covers various topics related to AI security, data protection, and the challenges faced by CISOs. The main themes include the need for controls and filters in AI systems, the intersection of AI and crypto, the importance of education and automation in preventing security threats, the carelessness of some businesses in handling cybersecurity, the challenges faced by CISOs, and the future of the cybersecurity field.

Malcolm Portelli shares his career journey and insights into the cybersecurity industry. He emphasizes the importance of passion and finding enjoyment in your work. Malcolm got into cybersecurity by being poached from a tech team by a CISO who recognized his potential. He discusses the challenges and rewards of working at a small startup, where he wears many hats and handles both strategic and hands-on tasks. Malcolm highlights the significance of creating a culture of security awareness and training within the company. He also discusses the future of cybersecurity, including the need for a focus on emerging technologies and soft skills.

Andrew Rose, CISO of SoSafe, shares his unconventional role as a field CISO and his journey to becoming a CISO. He emphasizes the importance of the human side of cybersecurity and the need for organizations to focus more on human risk management. Andrew discusses the stress and challenges faced by CISOs, the imbalance between technology and human resources, and the need for resilience in the face of cyber threats. He also highlights the need for CISOs to stay updated on the evolving threat landscape and to prioritize the security of their people. In this part of the conversation, Tamir discusses the importance of having backup systems and paper-based processes in case of a cyber attack. He emphasizes that every organization, regardless of its industry, is vulnerable to cyber attacks and should prioritize security. Tamir also talks about the role of the CISO and the need for them to have a strategic mindset and strong communication skills. He predicts that the future of cybersecurity will involve more automation and AI, as well as a greater focus on professionalizing the user awareness role. Tamir advises individuals looking to enter the cybersecurity field to gain experience in different industries, take on challenging roles, and bring their passion to the job.

Jose Bonilla, an information security GRC leader, shares insights on his career journey, the challenges of cybersecurity, and the evolving landscape of security in the age of AI. He discusses the importance of continuous learning, the impact of security incidents, and the need for a security-first culture in organizations. The conversation covers various aspects of cybersecurity, including AI, machine learning, career advice, security awareness, and the importance of security in organizations. It also delves into the challenges of auditing and the advice for those entering the field or working in organizations new to security practices.

Erez Bejerano, a cybersecurity expert, shares insights on his career journey, the role of a CISO, and the future of cybersecurity. He emphasizes the importance of a security mindset, the impact of automation and AI, and the need for clear communication between security and business. Erez also highlights the challenges and responsibilities of a hands-on CISO, providing valuable advice for those entering the cybersecurity field. Takeaways The role of a CISO involves being a bridge between business and security technology, requiring clear communication and a security mindset. The future of cybersecurity will see increased automation and AI integration, as well as a consolidation of security systems. Being a hands-on CISO involves managing priorities, planning ahead, and staying vigilant in the face of evolving threats. Advice for those entering the cybersecurity field includes the importance of being calm, clear communication, and continuous learning.