• Humans Are Bottleneck in a Machine-Speed World
    Jul 9 2026
    All links and images can be found on CISO Series We're evolving fast to secure AI. But are we evolving fast enough to secure WITH AI? Check out this post by Rinki Sethi, CSO, Upwind Security, for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Howard Holton, former CEO, GigaOm. Joining is Adam Glick, CSO, PSG Equity. In this episode: Human-in-the-loop math Should machines decide at all From assistant to autonomous Redefining the security role A huge thanks to our sponsor, Palo Alto Networks Cortex Cloud unifies code, cloud, and SOC on a single data, risk, and control plane — giving teams the context, workflows, and agentic intelligence to turn risk into resolution. Native AI agents investigate and act within enterprise guardrails, delivering real-time protection from workload to network edge. Cloud security that outpaces machine-speed threats. Visit paloaltonetworks.com/cortex/cloud.
    Show More Show Less
    36 mins
  • Even With All These Security Vendors We Still Have Glaring Gaps
    Jul 2 2026

    All links and images can be found on CISO Series

    There are thousands of cybersecurity vendors across categories. If there's a gap in the market, it's likely not for technical reasons. So, how do you actually find vendors that are a good fit rather than one that just meets technical requirements?

    Check out this post by Joe Head of REFLEX Solutions for the discussion that is the basis of our conversation on this week's episode, co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Ajit Girn, CIO, Employment Development Department (EDD).

    In this episode:

    • Built for vendors, not users
    • Signal versus noise
    • Priced out
    • The elegance gap

    A huge thanks to our sponsor, ThreatLocker

    ThreatLocker takes a deny-by-default approach to endpoint security — controlling what applications can run, what can access data, and what can elevate privileges. Used by organizations that want to reduce attack surface without relying on detection alone. Learn more at threatlocker.com/ciso.

    Show More Show Less
    34 mins
  • Is the "Attackers Only Need to Be Right Once" a Misnomer?
    Jun 25 2026

    All links and images can be found on CISO Series

    Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and George Finney, CISO, University of Texas System. Joining is Sean Walls, CISO, Bob's Discount Furniture.

    In this episode:

    • Asymmetric accounting
    • Sometimes it really is that easy
    • The spirit of the saying
    • The cheapest way in

    A huge thanks to our sponsor, Native Security

    Native is the Cloud Security Control Plane. It helps enterprises enforce secure-by-design architecture across multi-cloud environments by translating security intent into the cloud provider's built-in controls, previewing impact before rollout, and keeping enforcement aligned as the environment changes.

    Show More Show Less
    28 mins
  • What It Takes To Be Successful in Cyber Media
    Jun 18 2026

    What It Takes To Be Successful in Cyber Media

    All links and images can be found on CISO Series

    Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Dave Bittner, producer and host, The CyberWire. Joining is Graham Cluley, host of Smashing Security podcast and Leo Laporte, founder of TWiT (This Week in Tech) and host of Security Now podcast.

    In this episode:

    • Format follows function
    • The decision gap
    • Practitioner fingerprints
    • Beyond the news cycle

    A huge thanks to our sponsor, Palo Alto Networks

    Cortex Cloud unifies code, cloud, and SOC on a single data, risk, and control plane — giving teams the context, workflows, and agentic intelligence to turn risk into resolution. Native AI agents investigate and act within enterprise guardrails, delivering real-time protection from workload to network edge. Cloud security that outpaces machine-speed threats. Learn more at paloaltonetworks.com/cortex/cloud/demo.

    Show More Show Less
    55 mins
  • CISOs Buy For Selfish and Politically Risk-Averse Reasons (Not Because Your Product is the Best)
    Jun 11 2026

    All links and images can be found on CISO Series

    Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Howard Holton, CEO, GigaOm. Joining is Tyler King, senior director - threat operations and response, Sinclair.

    In this episode:

    • Career insurance
    • In the trenches together
    • Who are you actually selling to?
    • Common sense, uncommon in sales

    A huge thanks to our sponsor, Material Security

    Legacy email security only watches the door. Material protects your entire cloud workspace—email, files, and accounts—as one ecosystem. It's more coverage for less than the cost of a legacy SEG. One price, no surprises: just security that covers the whole surface area. Learn more at material.security.

    Show More Show Less
    31 mins
  • Has Cybersecurity Become a Cult?
    Jun 4 2026

    All links and images can be found on CISO Series

    We think of cybersecurity as a discipline. But when do ideas like best practices and NIST frameworks change into a system of belief?

    Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Davi Ottenheimer, principal, Flying Penguin. Joining is Joshua Copeland, director of security, Crescendo.

    In this episode:

    • Tools, not religion
    • The case for structured discipline
    • The management problem underneath
    • Fix the damn holes

    A huge thanks to our sponsor, ThreatLocker

    ThreatLocker delivers Zero Trust Network Access and Zero Trust Cloud Access that verifies both user and device before granting access to specific applications. No broad access, nothing exposed, and no reliance on credentials alone. It's a smarter way to control access and reduce risk. Learn more at ThreatLocker.com/CISO.

    Show More Show Less
    34 mins
  • What Does the Next Generation of Cloud Security Look Like?
    May 28 2026

    All links and images can be found on CISO Series

    We know human-paced security controls can't be applied to autonomous AI agents. So what needs to change with CNAPP and cloud security?

    Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Dan Benjamin, vp product - data, identity, and AI security, Palo Alto Networks.

    In this episode:

    • The detection ceiling
    • A category gap, not a feature gap
    • Resilience by design
    • An insider threat with no face

    A huge thanks to our sponsor, Palo Alto Networks

    Cortex Cloud unifies code, cloud, and SOC on a single data, risk, and control plane — giving teams the context, workflows, and agentic intelligence to turn risk into resolution. Native AI agents investigate and act within enterprise guardrails, delivering real-time protection from workload to network edge. Cloud security that outpaces machine-speed threats. Visit Palo Alto Networks and search cortex cloud.

    Show More Show Less
    33 mins
  • The Dangers of Picking the Wrong Vendor
    May 21 2026

    All links and images can be found on CISO Series.

    Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our guest, Paul Guerra.

    In this episode:

    • Read the contract
    • How vendors win before the evaluation ends
    • The fallout
    • The real cost

    A huge thanks to our sponsor, Native Security

    Native makes secure-by-design inherent to how the cloud operates. It's the control plane for built-in cloud security, unifying and governing native controls, so security intent is defined once and applied consistently across providers. Learn more at native.security.

    Show More Show Less
    27 mins