Defense in Depth

What Makes a Successful Security Vendor Demo?
All links and images can be found on CISO Series.
Check out this post from Adam Palmer for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Geoff Belknap. Joining is Ken Beasley, BISO, Kaiser Permanente.
In this episode:
Show me the problem, not the product
Walking in blind
Discovery is the demo
Define the use case, set the clock
A huge thanks to our sponsor, Fenix24

Fenix24 is the world's leading breach recovery firm, providing rapid ransomware restoration, full asset visibility, and threat informed hardening. Alongside expert recovery services, Fenix24 delivers ongoing managed protection that secures backups, infrastructure, and critical controls, helping organizations stay resilient, recoverable, and prepared for modern cyber threats. Learn more at fenix24.com.

Should You Use Native or 3rd Party Cloud Management Tools?
All links and images can be found on CISO Series.
Check out this post from Steve Zalewski for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is their sponsored guest, Gal Ordo, co-founder and CPO, Native.
In this episode:
More tools, more problems
A gap in design
Catching what slips through
Competence over complexity
A huge thanks to our sponsor, Native Security

Native makes secure-by-design inherent to how the cloud operates. It's the control plane for built-in cloud security, unifying and governing native controls, so security intent is defined once and applied consistently across providers. Learn more at native.security.

How Should We Measure the Performance of a CISO?
All links and images can be found on CISO Series.
Check out this post from the cybersecurity subreddit for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining them is Jason Richards, vp, information security, CHG Healthcare.
In this episode:
Likability as a career strategy
The storytelling gap
How the math actually gets done
The unofficial scorecard
A huge thanks to our sponsor, ThreatLocker

ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

All links and images can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Ross Young, co-host, CISO Tradecraft. Joining them is Dan Walsh, CISO, Datavant. Be sure to check out Ross's book Cybersecurity's Dirty Secret: Why Most Budgets Go to Waste.
In this episode:
Patterns hiding in plain sight
Activity vs. advancement
The human cost
Frameworks about frameworks
A huge thanks to our sponsor, Fenix24

Fenix24 is the world's leading breach recovery firm, providing rapid ransomware restoration, full asset visibility, and threat informed hardening. Alongside expert recovery services, Fenix24 delivers ongoing managed protection that secures backups, infrastructure, and critical controls, helping organizations stay resilient, recoverable, and prepared for modern cyber threats. Learn more at fenix24.com.

All links and images can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week's episode, co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining them is Adam Palmer, CISO, First Hawaiian Bank. Be sure to check out David's book, Three Feet from Seven Figures: One-on-One Engagement Techniques to Qualify More Leads at Trade Shows.
In this episode:
Lead with insight, not persuasion
Recognize the opportunity when it arrives
Strategy over features
Keep it efficient
A huge thanks to our sponsor, Endor Labs

Discover how AI coding agents are reshaping software supply chain risk in the State of Dependency Management. Original research from Endor Labs shows 49% of dependency versions have known vulnerabilities (and that 34% don't actually exist). Get the report to see how "shadow AI" is reshaping attack surfaces. Learn more at endorlabs.com.