All links and images can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap. Joining us is our sponsored guest, Kara Sprague, CEO, HackerOne.

In this episode:

• Shadow AI as a control problem
• Rethinking identity for autonomous agents
• When process meets momentum
• Beyond blocking: channeling AI usage

Huge thanks to our sponsor, HackerOne

Discover how AI innovators like Adobe, Anthropic, and Snap are using AI to find and fix vulnerabilities across the software development lifecycle. HackerOne, the global leader in offensive security solutions, reveals all in the CISOs’ guide to securing the future of AI. Download it now to see how AI can strengthen your security posture. Learn more at https://www.hackerone.com/

All links and images can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is CISO Series reporter and CISO herself, Hadas Cassorla.

In this episode:

• Security poverty line excludes SMBs
• Skills gap and channel dynamics slow SMB security adoption
• The startup disadvantage cycle
• Technology adoption flows from enterprise complexity to market simplification

Huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

All links and images can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by David Spark, the producer of CISO Series, and Geoff Belknap. Joining us is our sponsored guest Mokhtar Bacha, founder and CEO, Formal.

In this episode:

• Access management faces transformation
• AI agents demand new authentication paradigms
• AI complexity demands simplified governance approaches
• Data-centric identity management replaces role-based approaches

Huge thanks to our sponsor, Formal

Formal secures humans, AI agent’s access to MCP servers, infrastructure, and data stores by monitoring and controlling data flows in real time. Using a protocol-aware reverse proxy, Formal enforces least-privilege access to sensitive data and APIs, ensuring AI behavior stays predictable and secure. Visit joinformal.com to learn more or schedule a demo.

All links and images can be found on CISO Series.

Check out this post by Geoff Belknap, co-host of Defense in Depth, for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and John Overbaugh, CISO, Alpine Investors. Joining us is our sponsored guest, Pukar Hamal, founder and CEO at SecurityPal.

In this episode:

• When business moves faster than security
• Turning obstacles into opportunities
• The art of saying "not like that"
• Know your regulatory landscape

Huge thanks to our sponsor, SecurityPal AI

SecurityPal is the leader in Customer Assurance, helping companies accelerate security assurance without compromising accuracy. Their AI + human expertise approach, dynamic Trust Center, and modern TPRM solution eliminate manual work and streamline vendor security at scale. To learn more, visit securitypal.ai.

All links and images can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Justin Berman, formerly vp of platform engineering and CISO at Thirty Madison Health.

In this episode:

• Maps without transportation
• The untouchable employee problem
• Attestation theater
• The lightbulb moment

Huge thanks to our sponsor, SecurityPal

SecurityPal is the leader in Customer Assurance, helping companies accelerate security assurance without compromising accuracy. Their AI + human expertise approach, dynamic Trust Center, and modern TPRM solution eliminate manual work and streamline vendor security at scale. To learn more, visit securitypal.ai.

All links and images can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Rob Allen, chief product officer, ThreatLocker.

In this episode:

• Legacy infrastructure creates the biggest hurdles
• More marketing than methodology
• Implementation complexity makes zero trust a Sisyphean task
• Don't ignore human factors

Huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit Threatlocker.com/CISO

All links and images can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining them is Terry O'Daniel, former CISO at Amplitude.

In this episode:

• Beyond prioritization: aligning risk with reality
• From signals to strategy
• The Case for Maturity Models
• Security Starts With Culture

Huge thanks to our sponsor, SecurityPal

SecurityPal is the leader in Customer Assurance, helping companies accelerate security assurance without compromising accuracy. Their AI + human expertise approach, dynamic Trust Center, and modern TPRM solution eliminate manual work and streamline vendor security at scale. To learn more, visit securitypal.ai.

All links and images can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining them is their sponsored guest, Matt Eberhart, CEO, Query.

In this episode:

• Quality over quantity in AI decision-making
• Process before technology
• The connectivity challenge
• The context complexity paradox

Huge thanks to our sponsor, Query

Query is a Federated Search and Analytics platform that builds a security data mesh, giving
security teams real-time context from all connected sources. Analysts move faster and make
better decisions with AI agents and copilots that handle the grunt work and guide each step.
Learn more at query.ai