Roland Cloutier: “How Do You Know”

Today's guest is Roland Cloutier, CISO at TikTok.

Patience is key. This is just one of the many lessons to be learned from this week’s episode. Roland discusses his current role and responsibilities as TikTok CISO, how he has advanced the security capabilities within TikTok, his message when recruiting new security practitioners, the differences between working as a CISO in a premier payroll processing organization versus a major social media company, what a “strategic converged security program is”, how he got his start in security (hint: it wasn’t in cyber!), what keeps him up at night, and as always, his toughest lesson learned.

Suzanne Kelly: “The Other Side of Fear”

Today's guest is Suzanne Kelly, CEO/Producer of The Cipher Brief.

"If we are afraid of failure, we will never succeed." In this episode, Suzanne discusses the vision and creation behind the Cipher Brief, the top national security issues we are currently facing, the threat that China poses, her book: "Master of War: Blackwater USA’s Erik Prince and the Business of War", if cyber offensive work should be outsourced, the Cyber Initiatives Group, ransomware attacks on critical infrastructure, what keeps her up at night, and as always, her toughest lesson learned.

#nationalsecurity #cybersecurity #ransomware

Bryan Ware: “The People and the Problem”

Today's Guest is Bryan Ware, founder and CEO of Next5.

"The best defense is a good offense." In this episode, Bryan discusses his current role at Next5, the history behind co-founding Digital Sandbox, how to approach low probability events with high consequences, his work at CISA, the past, present, and future of cybersecurity, election systems' security, AI, and as always, his toughest lesson learned.

#softwaresupplychainsecurity #ransomware #protectingcriticalinfrastructuresecurity #electionsystemssecurity #nationalsecurity

Vijaya Kaza: “Security is a Business Enabler”

Today's Guest is Vijaya Kaza, Chief Security Officer, Head of Engineering & Data Science for Trust & Safety at Airbnb.

In this episode, Vijaya discusses her current role and duties at airbnb and as a board member at Knock, the importance of automation and AI, relevant use cases, best practices, and where improvements are needed within these fields, how gender impacts working in the technology field, the importance of who you know, what keeps her up at night, and as always, her toughest lesson learned.

Duncan Woodbury: “No Checkbox Security, Please”

Today's Guest is Duncan Woodbury, Founder and CEO of Dream Team.

One part entrepreneur, one part security researcher. In this episode, Duncan discusses what he's doing today, some of the major cybersecurity threats to critical infrastructure, the dangers of recovery time from an attack, the difference between protecting OT vs. IT, why red teaming and pen-testing are so important, what keeps him up at night, how he got into the field, the cyberBoat Challenge, and of course, his toughest lesson learned.

#supplychainsecurity #exploits #criticalinfrastructure

Dr. Rebecca Wynn: “Pay It Forward”

Today's Guest is Dr. Rebecca Wynn, Global Cybersecurity & Strategy Consulting at Click Solutions Group.

"How can we be a part of the fabric without disturbing the fabric?" In this episode, Rebecca discusses how she defines the role of a CISO, how she believes we should "push the envelope of cybersecurity", working with companies that have experienced data breaches, what it takes to build a good security team, how to best interact with board members, future trends in technology, and of course, her toughest lesson learned.

Harold Smith: “Do Right By Your Customer”

Today's Guest is Harold Smith, CEO of Monkton, Inc.

"Too focused on the WHAT IF and not focused on WHAT WE CAN DO." In this episode, Harold discusses how Monkton brings mobility to the military and DoD, some use case examples, the certification process, his background and current work in mobile applications, how enterprise mobile security has changed over the years, and as always, his toughest lesson learned.

Michael Shinn: “Check the Spark Plugs”

Today's Guest is Michael Shinn, CEO of Atomicorp.

"Being compliant is not the same thing as being secure." In this episode Michael discusses the background of his company, the daily challenges they take on, his knowledge around federal regulations, his previous work in the White House, his first computer, what keeps him up at night, and of course, his toughest lesson learned.

Tina Williams-Koroma: “Crap Turns Into Fertilizer”

Today's Guest is Tina Williams-Koroma, Owner/President of TCecure, LLC.

"I see challenges as opportunities." What does a life-long entrepreneur look like? Look no further! In this episode, Tina discusses how to deal with breaks, Governor Hogan's Cybersecurity Summit, patterns to better address critical infrastructure, how all of her degrees aid her current role, her book: "Our Father's Business: Pick Up the Mission, Then Drop the Mic", what keeps her up at night, and as always, her toughest lesson learned.

Jim Routh: “Downstream Consequences”

Today's Guest is Jim Routh, Advisor & Investor at SYN Ventures.

While stepping away from full-time CISO duties, Jim Routh hasn't slowed down. In this episode, Jim tells us what he's been doing since leaving Mass Mutual, what he looks for when engaging with new companies, why he began working with startups. He also discusses the differences between serving as the CISO of larger versus a smaller organizations, his unique hiring strategy, the greatest needs from the private sector, and as always, his toughest lesson learned.

Lucian Niemeyer: “Building Cyber Security”

Today's Guest is Lucian Niemeyer, CEO of Building Cyber Security.

Cyber risks, ransomware, and attackers! Oh my! In this episode, Lucian discusses his organization, the blending of IT and OT, the gravity of our current cybersecurity situation, the morals around ransome, how to reduce ransomware attacks, what keeps him up at night, and you guessed it, his toughest lesson learned.

Heather Dahl: “Keep Flying the Plane”

Today's Guest is Heather Dahl, CEO of Indicio.tech.

Broadcast journalist turned tech CEO? What could be cooler? This week's episode features Heather Dahl, CEO of Indicio.tech. In this episode we learn about the founding of Endicio, decentralized identity, where regulators are doing well and where they need improvement, how Heather's early career as a broadcast journalist led to her current role, and as always, her toughest lesson learned.

Dan Doney: “Digital Currency, Blockchain, and Distributed Ledgers”

Today's Guest is Dan Doney, CEO of Securrency.

Want to better understand the connection between blockchain and cryptocurrency? Craving a wealth of information? In this episode, Dan discusses how he founded his company, Securrency, what they do, his foundations in security, what markets are right for cryptocurrency, the most important facts to know about blockchain, the geopolitical implications of cryptocurrency, the future of blockchain, what keeps him up at night, and as always, his toughest lesson learned.

Scott King: “Don’t Rush to Judgment”

Today's Guest is Scott King, VP & CISO at Encore Capital.

Are you thinking about entering the cybersecurity field? Then this is the episode for you! Scott discusses his background and transition to his new role as CISO, the biggest trends in the industry right now (HINT: ransomware attacks!), the best procedures for vulnerability and crisis management, the importance of ISACs, the appeal of working in this industry, and as always, his toughest lesson learned.

Nick Andersen: “Everyone is a Target”

Today's Guest is Nick Andersen, CISO at Lumen Technologies.

Want to hear from someone who has managed security risk from all angles? Look no further than Nick Andersen. In this episode, Nick discusses Lumen Technologies and his role there, operating under the assumption of an inevitable attack, his work with CESER within the DOE, the recent ransomware attacks, the recent Executive Order, our nation's top cybersecurity priorities, how he got his start, and of course, his toughest lesson learned.

Mark Ruchie: “Cyber’s Pirates of the Caribbean”

Today's Guest is Mark Ruchie, CISO at Entrust.

Do you want to be more up-to-date on all things cybersecurity? This is the episode for you! Mark discusses Entrust and his role there, how security solutions have evolved over the last few decades, which changes excite him, how he got his start, his time in the Air Force, his thoughts on the recent Executive Order, the ever-changing profile of the attacker, and as always, his toughest lesson learned.

Sam Crowther: “Trust Your Gut”

Today's Guest is Sam Crowther, Founder of Kasada.

Have you ever noticed a missing link within an industry and wanted to create a company to fill that gap? Meet Sam Crowther. In this episode, Sam discusses Kasada's founding and mission of "restoring trust in the internet", bot mitigation, how he got his start, the importance of confidence and exposure to problems, and as always, his toughest lesson learned.

Mark Loepker: “Dialogue is Everything”

Today's Guest is Mark Loepker, Education Director at the National Cryptologic Museum Foundation.

Have you ever wanted to explore a career in national security or cybersecurity? This is the episode for you! Mark discusses his rich history working within the security arena, from his early days protecting the “Star Wars” program to his experience leading international working groups to driving the National Cryptologic Museum Foundation's mission. Learn why Mark says designing for dis-functionality is important, and more!

Bob Carver: “One Person Can’t Do It All”

Today's Guest is Bob Carver, Principal Cybersecurity Threat Intelligence and Analytics at Verizon.

How did Bob Carver become the first security employee at Verizon Wireless? Hint: he credits Paris Hilton! In this episode, Bob discusses his current responsibilities at Verizon, maintaining a relationship between hunt teams and threat intelligence, how botnets have evolved over the years, the evolution of supply chain security and machine learning, and as always, his toughest lesson learned.

Gerald Beuchelt: “A Broader Aperture”

Today's Guest is Gerald Beuchelt, CISO at Sprinklr.

"Security, security, security." Though his roles may have changed he maintains the fundamentals of security remain the same even when the environment has evolved. In this episode, Gerald discusses his new role at Sprinklr and what he hopes to accomplish while there, how his past experiences and educational background inform his new role, open source vulnerabilities, and as always, his toughest lesson learned.

Janine Darling: “Talk to Your Customers”

Today's Guest is Janine Darling, founder and CEO of STASH Global Inc.

ALERT: Red hot data! Why should you protect your data? In this episode, Janine discusses her journey to establishing her organization, compliance programs, GDR, and much more!

Mikko Karikytö: “Security is a Communications Business”

Today's Guest is Mikko Karikytö, Chief Product Security Officer at Ericsson.

Have you ever wondered what it is like to be the Chief Product Security Officer at Ericsson? Today's your lucky day. Meet Mikko Karikytö. He has risen through the ranks and leads team through PSIRT, 5g, and zero trust security initiatives. In this episode, learn how security has changed over the course of his career, what keeps him up at night, his fresh take on security being a communications business, and of course, his toughest lesson learned.

Paul Rosenzweig: “There is No Perfect Gas”

Today's Guest is Paul Rosenzweig, Senior Fellow at the R Street Institute.

In this episode, Paul discusses what he is currently working on, his work with National Resiliency through the Aspen Institute, what metrics he believes should be used, his theories of trust around hardware and software systems, his thoughts on zero-trust and 5G, his recommendations for our current administration, the potential consequences associated with inaction, and his toughest lesson learned.

Larry Maccherone: “Too Far Left, Too Fast”

Today's Guest is Larry Maccherone, Distinguished Engineer of DevSecOps Transformation at Comcast.

In this episode, Larry discusses what he is currently working on at Comcast, the importance of adding security into the DevOps process, how to motivate developers to adopt security, how he measures programs going forward, what are the greatest security challenges that we are facing, what inspired his young entrepreneurship, and his toughest lesson learned.

Tanner Johnson: “Make a Decision”

Today's Guest is Tanner Johnson, Principal Analyst of Data Security at Omdia.

In this episode, Tanner discusses his current research agenda, recent trends in IoT security, the risks/trends/threats associated with data security, how COVID will affect us moving forward, what keeps him up at night, and his toughest lesson learned.

Greg Rattray: “Be Ready to Get Back Up”

Today's Guest is Greg Rattray, co-founder and partner at NextPeak.

In this episode, Greg discusses what he is currently working on at NextPeak, his connection to the Aspen Cybersecurity Group, how his educational background supported his future career, how cybersecurity has changed over the years, what the new administration should focus on, and his toughest lesson learned.

Neil Daswani: “Big Breaches & Relationships”

Today's Guest is Neil Daswani, Co-Director at the Stanford Advanced Security Program.

In this episode, Neil discusses his work at the Stanford Advanced Security Program, some of the most important duties of a CISO, the importance of being able to "talk tech", what inspired his most recent book, ways to improve the industry, how he got his start in cybersecurity, the biggest challenges facing our society, and his toughest lesson learned.

Sam Visner: “Bigger Than Yourself”

Today's Guest is Sam Visner, Tech Fellow at MITRE.

In this episode, Sam discusses what his current role entails, the issues he sees surrounding our transition to 5G, lessons he learned to help him work through the bigger questions, our current government policy and national strategy, how he views cybersecurity from a corporate goverance perspective, his work with the Space ISAC, and his toughest lesson learned.

Ian Anderson: “You Won’t Know All the Answers”

Today's Guest is Ian Anderson, DevSecOps Engineer at Naval Surface Warfare Center.

In this episode, Ian discusses what he is currently working on, the challenges associated with changing to DevSecOps, how he defines the "Sec" in DevSecOps, Navy's BlackPearl Initiative, what key metrics you should use to judge DevSecOps success, the impact that his education had on his career, what he considers our biggest security risk, and his toughest lesson learned.

Raj Samani: “Sharing to Enable Action”

Today's Guest is Raj Samani, Fellow and Chief Scientist at McAfee.

In this episode, Raj discusses his work at McAfee, the importance of finding like-minded people, his background in helping defend against cyber crime, APT, his book, the SolarWinds attack, the power of social media, and his toughest lessons learned throughout his career.

Antero Päivänsalo: “Pick Yourself Up”

Today's Guest is Antero Päivänsalo, CISO and Head of Information Security at Nokia.

In this episode, Antero discusses his role as CISO at Nokia, his considerations around customer and supply chain risk, how 5G plays a role in security risk, his previous roles at Nokia, the Nokia Security Hackathon, what keeps him up at night, and his toughest lessons learned.

Lessons from the Lessons: “It’s a Meta World”

For our 25th episode, our host and CEO, Joe Saunders, reflects on his lessons learned over the past 24 episodes.

He focuses on 6 specific episodes: John Graham-Cumming, Greg Touhill, Tony Sager, Gary McGraw, Rick Howard, and Ron Ross. He shares his insight on how these episodes touch on three different kinds of lessons: personal development & leadership, business, and technical.

Kurt John: “Collaborate”

Today's Guest is Kurt John, Chief Cybersecurity Officer at Siemens USA.

In this episode, Kurt John discusses his role and the history of Siemens USA, "Cyber Norms", protecting the manufacturing process, how his previous roles prepared him for his current one, his work with the The Virginia Innovation Partnership Authority, what keeps him up at night, and more.

Seth Carmody: “Let Curiosity Be Your Guide”

Today's Guest is Seth Carmody, VP of Regulatory Strategy at MedCrypt.

In this episode, Seth discusses his role at MedCrypt and their mission to make security easier for medical device manufacturers, medical-related security issues, his career journey and work at the FDA, what product manufacturers need to consider, and his toughest lessons learned. Additionally, Joe and Seth engage in a great discussion around what policy can do versus what industry ought to do.

John Graham-Cumming: “Just Keep Going”

Today's Guest is John Graham-Cumming, CTO at CloudFlare.

In this episode, John Graham-Cumming discusses his early background, his role at CloudFlare, how internet infrastructure differs in China, his book "The Geek Atlas", code breaking, email filtering, movie code, what keeps him up at night, 5G, and more.

Gloria D’Anna: “How to Go from A to E”

Today's Guest: Gloria D'Anna, author of "SAE CyberSecurity for Commercial Vehicles” and a Rf Systems and Antenna Applications Engineer at the Ford Motor Company.

In this episode, Gloria discusses her background, what keeps her up at night, her book, cybersecurity standards in the automotive industry, SAE G-32, Cyber-Physical Systems, and her toughest lessons learned in the cybersecurity field.

Michael Fraser: “Courage to Stick It Out”

Today's Guest: Michael Fraser, Co-Founder and CEO of Refactr.

In this episode, Michael discusses his company Refactr, the trials and triumphs of a start up, getting his start in the Air Force, his time in retail, the open source movement, and more.

Marc Crudgington: “Collaboration is King”

Today's Guest: Marc Crudgington, the CISO and SVP of Information Security at Woodforest National Bank.

In this episode, we learn ways to shorten the time to mitigate a breach, what it takes to become a Chief Information Security Officer, and what you, executives, and the board should know about the coming Cyber War.

Dr. Gary McGraw: “Process Does Matter”

Today's Guest: Dr. Gary McGraw, Co-Founder of the Berryville Institute of Machine Learning.

In this episode, Dr. Gary McGraw discusses co-founding the Berryville Institute of Machine Learning, the risk factors associated with machine learning, his background and early career work, the difficulties surrounding software security, and a fun story here and there.

Dr. McGraw is an advisor to RunSafe Security.

General Greg Touhill: “Ask for Help”

Today's Guest: General Greg Touhill, the first Federal CISO.

In this episode General Touhill discusses his service in the military, his work at DHS, our new administration's top priorities, and embracing zero trust as a business imperative. General Touhill highlights the importance of adopting a framework, communication, and follow through.

John Felker: “Trust but Verify”

Today's guest is John Felker, Senior Fellow at the McCrary Institute for Cyber and Critical Infrastructure Security.

In this episode, we learn about leadership, listening, and building organizations to align with the mission. But we also learn why it is important to both trust and verify.

Tommy Gardner: “You’ll Never Stop Learning”

Today's guest is Tommy Gardner, Chief Technology Officer at HP Federal.

In this episode, Tommy discusses his role at HP Federal, his company's background and green initiative, the role of research in cybersecurity, designing with cybersecurity in mind, and some of the most formidable lessons he's learned along the way.

Dr. Edward Amoroso: “How Angels View Cloud Computing”

Today's guest is Dr. Edward Amoroso, CEO of TAG Cyber LLC.

In this episode, we explore the different profiles of CISOs and the balance between simplicity and complexity.

Michelle Valdez: “Putting Your Boss to the Test”

Today's guest is Michelle Valdez, Chief Information Security Officer at OneMain Financial.

In this episode, we learn how to bring context and relevance to deep technical issues to help build resilient organiztions and systems.

Rick Howard: “The Atomic Question”

Today's guest is Rick Howard, Chief Security Officer at Palo Alto Networks.

In this episode we learn how great leaders embrace teammates who make mistakes and help learn their lessons.

Robert Knake: “Cybersecurity in State of Transition”

Today's guest is Rob Knake, Senior Fellow for Cyber Policy at the Council on Foreign Relations.

In this episode, Rob discusses the cybersecurity risk associated with a transition to the new administration, disinformation on social media as a threat to cybersecurity, the United States' decision on 5G, the DoD, the importance of critical infrastructure security, and his recent book: "The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats".

Sanjay Bavisi: “Certified Ethical Hackers Are Not Only Pen Testers”

Today's guest is Sanjay Bavisi, President of EC-Council.

In this episode, we explore how an attorney who was a technologist at heart has followed his passion to make a global impact on security.

Bill Crowell: “Push for Progress”

Today's guest is Bill Crowell, partner at Alsop Louie Partners.

Bill shares some of the expertise he's gained as Deputy Director of the NSA, CEO of a publicly traded company, and now as Venture Capitalist. In this episode, we discuss election interference, attacks in critical infrastructure, 5G, the "zero trust" principle, open source software, and his overall industry takeaways.

Ron Ross: “Elevating Security Posture at Scale”

Today's guest is Ron Ross, Fellow at the National Institute of Standards and Technology (NIST)

In this episode, we explore the profound positive impact standards have on our security posture and how software development life cycle will contribute significantly towards this end.

Ron Gula: “Closing the Gap to Defend the Country”

Today's Guest: Ron Gula, Co-Founder & President of Gula Tech Adventures

In this episode, we explore the increasing impact individuals, companies, and non-profits can have in securing the country and the importance of educating ourselves on the risks digital services have in our lives.

Tia Hopkins: “Competence Has No Competition”

Today's Guest: Tia Hopkins, VP of Global Solutions Engineering at eSentire

In this episode, we explore how to challenge perceived authority and expertise without making people defensive.

Ayan Islam: “A Bridge from Hackers to Policymakers”

Today's Guest: Ayan Islam, Cybersecurity Strategist at the Cybersecurity and Infrastructure Security Agency at DHS

In this episode, Ayan Islam shares joining a delegation of Congress members and policy makers to Black Hat conference.

Atlantic Council Cyber Statecraft Initiative: “The Nexus of Technology and Geopolitics”

Today's Guests: Atlantic Council's Trey Herr, William Loomis, Safa Shahwan Edwards, and Simon Handler, leaders of the Cyber Statecraft Initiative.

The Atlantic Council’s Cyber Statecraft Initiative in the Scowcroft Center for Strategy and Security explore the four pillars of The Cyber Statecraft Initiative.

Tony Sager: “Economics Always Wins”

Today's Guest: Tony Sager, Chief Evangelist at The Center for Internet Security and 35-year veteran of the National Security Agency.

Tony shares how economics factors into security and how you should think about software if you care about security.

John Stewart: “Be Committed, Passionate, and Patient”

Today's Guest: John Stewart, Founder of Talons Ventures and former CSO of Cisco Systems.

John shares what it means to give it your all and how to make an impact in startups, mature organizations, and across your ecosystem.

Nicolas Chaillan: “Invest in Continuous Learning”

Today's Guest: Nicolas Chaillan, Chief Software Officer, US Air Force.

Nicolas offers advice on ensuring alignment with stakeholders otherwise you may find yourself in a precarious situation.