Defense in Depth David Spark
-
- Technology
-
Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.
-
Managing Data Leaks Outside Your Perimeter
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our sponsored guest, Mackenzie Jackson, developer advocate, GitGuardian.
In this episode:
How to manage data leaks outside your perimeter?
When data leaks increasingly come from third-parties, what can you do to protect your organization?
How do we even begin to address this problem?
Is there a one size fits all fix?
Thanks to our podcast sponsor, GitGuardian
GitGuardian is a Code Security Platform that caters to the needs of the DevOps generation. It provides a wide range of code security solutions, including Secrets Detection, Infra as Code Security, and Honeytoken, all in one place. A leader in the market of secrets detection and remediation, its solutions are already used by hundreds of thousands of developers in all industries. Try now gitguardian.com -
What Are the Risks of Being a CISO?
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our guest, Phil Davis, attorney, healthcare cybersecurity and privacy, Hall Render.
In this episode:
In today's current climate, is the role of the CISO still worth it?
Does the position carry a lot of potential liability?
Do the upsides still outweigh the risks?
Do CISOs tend to have more responsibility than authority?
Thanks to our podcast sponsor, Sonrai Security
A one-click solution that removes excessive permissions and unused services, quarantines unused identities, and restricts specific regions within the cloud. Later, maintain this level of security by automatically enforcing policies as new accounts, roles, permissions, and services are added to your environment.
Start a free trial today! sonrai.co/ciso -
Onboarding Security Professionals
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our guest, Paul Connelly, former CISO, HCA HealthcareGot feedback?
In this episode:
How important is onboarding new cyber talent?
Does it set the tone for their tenure with your organization?
What should CISOs do to make sure onboarding is effective for both sides?
What are the mistakes CISOs should avoid, and what are the best ways to excel?
Thanks to our podcast sponsor, OffSec
OffSec helps companies like Cisco, Google, and Salesforce upskill cybersecurity talent through comprehensive training and resources. With programs ranging from red team and blue team training and more, your team will be ready to face real-world threats. Request a free trial for your team to explore OffSec’s learning library and cyber range. -
How to Improve Your Relationship With Your Boss
All links and images for this episode can be found on CISO Series.
Check out this post Monte Pedersen of The CDA Group for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our guest, Jerry Davis, division director for cyber defense at Truist Bank.
In this episode:
Why does advancing your career require more than just technical skills?
Does it require you to build relationships within your organizations, particularly with your boss?
How can you consciously build these relationships with an eye to leveling up your career?
How do you develop soft skills?
Thanks to our podcast sponsor, OffSec
OffSec helps companies like Cisco, Google, and Salesforce upskill cybersecurity talent through comprehensive training and resources. With programs ranging from red team and blue team training and more, your team will be ready to face real-world threats. Request a free trial for your team to explore OffSec’s learning library and cyber range. -
Improving the Responsiveness of Your SOC
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining me is our sponsored guest, Spencer Thompson, CEO, Prelude.
In this episode:
Why does it take so long to integrate new tools and get them up to speed?
Are we always in a state where we are always lacking readiness?
What should we be measuring?
Do we focus too much on singular events?
Thanks to our podcast sponsor, Prelude
Prelude Detect is the world's only production-scale detection and response testing platform. Automatically transform your threat intelligence into validated detections and preventions in less than five minutes. Integrate with CrowdStrike, Microsoft Defender, SentinelOne, and more to enable machine speed detection and response engineering 🏎️ Learn more at preludesecurity.com. -
The Demand for Affordable Blue Team Training
All links and images for this episode can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining me is our guest, Ron Gula, president and co-founder, Gula Tech Adventures.
In this episode:
Why is it so darn expensive to get any training on the defender side?
Why is there a mountain of free education for red teaming?
Shouldn’t blue team training should be free or less expensive as well?
Is this the firewall that's preventing us from having all those cyber experts we so desperately need?
Thanks to our podcast sponsor, Query
Query Federated Search gets to your security relevant data wherever it is - in data lakes, security tools, cloud services, SIEMs, or wherever. Query searches and normalizes data for use in security investigations, threat hunting, incident response, and everything you do. And we plug into Splunk. Visit query.ai.
Customer Reviews
Best cybersecurity podcast out there!
I listen or have listened to virtually every cybersecurity podcast out there and this one is my favorite by far! Well done folks!
Love David’s shows
David always has great topics and guests. I listen to other security podcasts where there’s only one person speaking…man they’re boring! Not David’s! Always engaging!
Value Added
If you aren’t listening to these podcasts what are you even doing with your life. Security professionals add value to your core knowledge with these daily injections of absolutely vital industry knowledge and trends.