Discover the unique, inspiring, and often amusing stories behind what it takes to lead cybersecurity efforts in an organization. The Security Stories podcast features interviews with a diverse range of guests, each sharing their experiences for the benefit of others in the industry.
Taz and Raj Chopra, senior vice president of product management at Cisco, delve into the strategies and tactics that successful businesses can use to drive innovation from within.
Join Brian Tippens, SVP and Chief Social Impact Officer, Cisco, as we explore the impact of technology and the role that Cisco plays in creating a better world. We discuss the intersection of technology and social impact through the lens of Cisco, while keeping security at the center.
Listen in to learn how simplifying cybersecurity language, collaborating across departments, and using translators can improve your organization's cybersecurity efforts and keep you and your data safe.
Cybersecurity is a crucial aspect of responsible artificial intelligence (AI), especially as AI continues to advance and become more prevalent across industries. Join Jeetu Patel and Taz as they delve into this topic
Taz and Alex chat about Alex Wolf's path into the mergers and acquisitions space, what it's like to be an investor, and how security plays a valuable role in her work and industry.
In episode 60, Taz interviews Joe Toscano, Netflix docufilm star and CEO of DataGrade.
In episode 57, Taz chats to Confidence Staveley, Founder of CyberSafe Foundation. Nicknamed "The Relatable CyberSecurity Queen,” Confidence is Africa’s most celebrated female cybersecurity leader, talent developer, global speaker, and inclusion advocate.
Episode 52 features an insightful conversation between Tomás Maldonado, NFL Chief Information Security Officer, and Brad Garnett, Director of Cisco Talos Incident Response. Tomás discusses his early life and career, and he and Brad discuss exactly how the NFL and Cisco came together to secure Super Bowl LVI.
All rise, all rise, for Infosec Court, brought to you from RSA Conference 2022. Judge Wendy Nather presides, and three InfoSec experts (Helen Patton, Dave Lewis, and Dennis Fisher) all have a "hot take" that they want to be more widely accepted in the InfoSec industry.
In episode 50, we are joined by members of the Cisco Talos team for an authentic conversation about mental health and burnout. We talk about how hard it can be to prioritize self care, and how we can spot the signs of burnout in others.
Episode 49 features a chat about how to build security resilience. Three security leaders share their stories: Accidental CISO (yes, the anonymity intrigues us, too.; Liz Waddell, Incident Response Practice Lead for Cisco Talos; and Christos Syngelakis, CISO and Data Privacy Officer at Motor Oil Group.
In Episode 47 our guest is Shannon Lietz, Vice President of Vulnerability Labs at Adobe. Shannon talks about how she first got into offensive security, the red team activities that the team undertakes, and the moment that led Shannon to change her leadership style.
In Episode 46 we welcome Jerry Gamblin, Director of Security Research at Kenna Security (now part of Cisco). Jerry talks about his journey: from working on an IT help desk to managing the network security infrastructure of the Missouri House of Representatives to leading security research at Kenna.
In Episode 45 we meet Goher Mohammad, Head of Information Security at L&Q Group, one of the United Kingdom's largest charitable housing associations. Goher talks about resilience and the rewards and challenges of building a new security team from the ground up.
In Episode 44 we are joined by two security experts to discuss the practical implications of extended detection and response (XDR). Enric Cuixeres is a Cisco Secure customer who has implemented an XDR strategy within his organization, Leng D'Or. He is joined by Cisco Director of Technical Alliances, Jessica Bair.
In Episode 43 we welcome Jane Frankland, who has worked in the cybersecurity industry for 24 years. Jane is an award-winning entrepreneur and best-selling author of "IN Security: Why a Failure to Attract and Retain Women in Cybersecurity Is Making Us All Less Safe." We chat about Jane's career, how she fights for women in the industry, and her latest venture.
In Episode 42, Tazin and Hazel have an in-depth conversation with Jarell Oshodi, a licensed attorney. Jarell has spent 12 years honing her expertise in data compliance and privacy at various federal agencies, including the Department of Justice and her current role as Associate Chief Privacy Officer at the Center for Disease Control and Prevention.
In Episode 41 our guest is Gary Hibberd, "The Professor of Communicating Cyber" for the Cyberfort Group. Gary has worked in cybersecurity for over 35 years, spending much of that time in highly regulated industries. We discuss the highs and lows of Gary's career and why marketing and cybersecurity go hand in hand.
In Episode 40 we meet Brad Arkin, Cisco's Chief Security and Trust Officer. Before joining Cisco, Brad was the first Chief Security Officer at Adobe, where he grew the security team from just a few employees to over 600 globally. He is a pioneer in software security and led the rapid Cisco Zero Trust architecture deployment to over 100,000 users.
In Episode 39, we meet members of the Talos Threat Detection and Response team, who are Cisco customers' first responders to cyber threats. Joining Hazel for a brilliant discussion are Christopher Marshall, Diana Brown, Doaa Osman, and Lilith Wyatt. We chat about the unique paths that led them into the security industry, and their team's roles.
In Episode 38, the Security Stories team tries to outfox the Beers with Talos team. Using a live, game show format, we present "facts" about significant moments in our security careers—but who is telling the truth? To learn if we can sort fact from fiction, don't miss this special edition: "Would I lie to you? Security Stories versus Beers with Talos."
In Episode 37 our guest is Dr. Kelley Misata. Having survived years of cyberstalking, Kelley completed a PhD in information security and wrote her dissertation on the cybersecurity preparedness of nonprofits that work with victims of violence. She later set up her own nonprofit company, Sightline Security. This is her story.
In Episode 36 our guest is Pam Lindemoen, Advisory CISO at Cisco Secure and former Deputy CISO at Anthem Inc. In this thoughtful interview, learn about Pam's passion for championing women in IT, her approach to learning from mistakes and failure, as well as her top tips to ensure that security and risk can be understood across the entire business.
In Episode 35 our guest is Stuart Coulson, director at Hidden Text Ltd, where he uses the skill sets and knowledge borne of many years in the security industry to help others. In addition to discussing Stuart's career path in cybersecurity, we chat about managing social media as an infosec professional and how to deal with imposter syndrome.
In Episode 34 our guest is Ian Thornton-Trump, CISO at Cyjax Limited. Ian talks about his career journey, from joining the Military Intelligence Branch of the Canadian Forces, to managing IT projects at the Canadian Museum of Human Rights, to being a CISO. He also shares his top lessons learned from 30 years in the cybersecurity industry.
In Episode 33 we meet Jenny Radcliffe, the "People Hacker." Jenny is hired to talk her way into secure locations through a mixture of psychology, cunning, and guile. She protects clients from scammers and leads simulated criminal attacks. We also chat to Nirav Shah, who worked at Solar Winds when the major breach occurred.
In Episode 32, Stuart Peck, Director of Cybersecurity Strategy at Zero Day Lab, talks about his background in social engineering, and incident response. He also discusses how infosec teams can prepare mentally for a data breach. Plus, Hazel, Sana, and guest co-host Geraldo De La Cruz explore the notorious attack on Enigma.
In Episode 31, guests Dug Song, Cisco Chief Strategy Officer, and Gene Hall, Vice President of Security Marketing at Cisco Secure, join us for a conversation about creating inclusive cultures. We also discuss what security challenges are top of mind for our customers and how Cisco is addressing them.
Our guest in Episode 30 is Tanya Janca, founder and CEO of We Hack Purple and best-selling author of Alice and Bob Learn Application Security. Tanya has worn many hats in her 20-year security career, including: penetration tester, CISO, AppSec engineer, and software developer. She chats about her experiences and explains why application security needs to be more in the spotlight.
Our guest in Episode 29 is Al Huger, Vice President of Cisco's security platform and response. Al has founded several startups and sold them to large organizations, including Cisco. He is well known in the vulnerability space and has developed patents for methods of hunting down malware. We chat about these topics, how he comes up with ideas, and the future of end-user security.
Our guest in Episode 28 is Helen Patton, CISO Advisor at Cisco Duo. Helen was previously the CISO at Ohio State University and the executive director at JP Morgan Chase. She talks about these two wildly different experiences—as well as how to know when it's time to leave a company, resilience in the age of Covid and killer hornets, and how the CISO role will change over the next three years.
In Episode 27, guests Matt Watchinski, Matt Olney, and Mitch Neff from Cisco Talos discuss stress and burnout within the threat intelligence industry and the mental toll of threat hunting. This conversation is relevant for security practitioners, as well as leaders who want advice on how to spot and manage burnout within their security teams.
In Episode 26, Talos guests Nick Biasini and Edmund Brumaghin discuss their latest research on the rising cases of collaboration app abuse. Ben shares the origin stories behind some cyber threats—and their unusual names. Plus, Sana chats about the evolution of threats over the past year and how the industry is fighting back.
In Episode 25 our guest is Tazin Khan, a data privacy advocate and founder of the Cyber Collective, an organization that helps people understand their data privacy rights. We discuss her journey as a Bengali immigrant and Queens native, as well as how she found her cybersecurity "sweet spot" and dealing with cybersecurity burnout.
In Episode 24 we're joined by Dr. Christine Izuakor, the first African American woman (and youngest student) to gain a Ph.D. in Security Engineering. In 2020 Christine created Cyber Pop-up, an on-demand cybersecurity service platform. She is active in the diversity and inclusion community, and her story is one of passion, resilience, and grit.
In Episode 23, Cisco Advisory CISO Wolfgang Goerlich discusses the results from Cisco's 2021 Security Outcomes Study with Wade Baker, co-founder of research firm Cyentia. They offer advice on what organizations can do to decrease waste and optimize the effectiveness of their security strategy.
In Episode 22 we hear from the front lines of healthcare security. CISO Esmond Kane, of Steward Health Care, offers insights from an industry that has long been a target of cyber crime. And Edmund Brumaghin, threat researcher at Cisco Talos, joins us live to discuss the evolution of ransomware and "big-game hunting" attacks.
In our last episode of the year, Fareedah Shaheed, CEO and founder of Sekuva, shares stories about growing up in Saudi Arabia, how she built her businesses, and being named one of Forbes' Top 30 Under 30. We are also joined by Senior Director of Product Marketing Ben Munroe and count down our top 3 security moments in 2020.
In Episode 20 of Security Stories we are joined by Chloé Messdaghi, an infosec advocate and activist who is working to create a safe space for underrepresented groups within the industry. Our second guest, Talos's Warren Mercer, drops in to talk about the PoetRAT malware and the enormous issue of attribution in threat research.
In Episode 19 Hazel chats to Javvad Malik, a security awareness advocate at KnowBe4. Javvad is one of the security industry's most prolific video bloggers and is known for his signature light-hearted perspective on security. He shares his advice on how to create engaging presentations, and puts his security spin on the infamous "Zombieland" rules.
In Episode 18 we meet Gabriel Gumbs, Chief Innovation Officer at Spirion. He shares stories, ranging from hacking portable devices at school to helping lead the evolution of data privacy. We are also joined by Wolf Goerlich and Nigel Houghton, who provide insights into the future of security operations.
Episode 17 sees the return of Theresa Payton to the Security Stories podcast. She joins Hazel, Noureen, and special guest Nick Biasini, a threat researcher at Cisco Talos, to discuss online disinformation campaigns and how they are used in political elections. With only weeks to go until the United States general election, Theresa and Nick outline what the public needs to be aware of and how we can spot and report online disinformation.
Episode 16 features two meaningful discussions. Hazel and Noureen talk first with Leticia Gammill, Cisco's Channel leader for Canada and Latin America, and Matt Watchinski, Vice President of Cisco Talos, about the significance of diverse representation in cybersecurity. Our second conversation, with Mike Hanley, Cisco's new Chief Information Officer, gives insights into the importance of hiring diverse talent and building a culture of appreciation, openness, and internal mentoring.
In Episode 15 we meet Curtis Simpson, Chief Information Security Officer at Armis. As well as discussing his journey as a security leader, Curtis talks about changing the perception that cybersecurity is a cost center and ways in which cybersecurity can contribute to business outcomes. This episode also features a discussion with some special guests about their unconventional career paths into the cybersecurity industry.
In Episode 14 our guest is Chris Leach, Senior CISO Advisor for Cisco. After 30 years of running security and risk operations for a wide variety of organizations, Chris sits down with Hazel to talk about his journey and offer some insights into the life of a CISO, including how to combat the fear of failure and how to successfully challenge the status quo.
In Episode 13 our guest is Tanya Forsheit, one of the world's leading data privacy and security advisers and litigators. We consider what the future might hold for data privacy in the next year, within the context of COVID-19 and tracing apps. We also discuss data privacy as a fundamental human right.
From eye-opening discussions on diversity issues in cybersecurity, to stories of how CISOs got their initial starts, our chief interviewer Hazel has edited together some of her favorite moments so far from the Security Stories podcast series
In Episode 11 the focus is on election security, and we are joined by Matt Olney, Director of Threat Intelligence and Interdiction at Cisco Talos, and Steve Caimi, U.S public sector cybersecurity expert. We discuss what Talos has learned about election security after four years of research and hands-on experience, and we share thoughts on where election security in the United States stands heading into November's general election.
In Episode 10 we chat with Quentyn Taylor, CISO for Canon Europe. He talks about his multitalented and customer-centric cybersecurity team, how to overcome the "virtual hurdle" of working remotely, why firing the CISO after a cyber attack is rarely the first resort, and how to make the perfect cybersecurity cocktail.
In Episode 9 we meet seasoned CISO Andy Ellis, who talks about giving women and minorities more opportunities in cybersecurity. He also tells the fascinating story about how he eliminated use of the password at his organization, and explains why he employs librarians and journalists on his security team.
In episode 8 we are joined by Andy Greenberg, senior investigative journalist for Wired, as well as members of the Cisco Talos threat intelligence team and senior Cisco cyber engineer Noureen Njoroge. Together we look back at the world's most catastrophic cyber attack: Not Petya. We discuss the nuances of the attack, its scale and significance, and the impact that is still felt three years later.
In episode 7 we meet Marene Allison, vice president and chief information security officer at Johnson & Johnson. We hear about her life in the military, her career as a special FBI agent, and how she has built a diverse cybersecurity team at Johnson & Johnson.
In Episode 6 we meet Brian Honan, an internationally recognized expert on cybersecurity and data protection. Brian founded his own security consultancy company, BH Consulting, in 2008. He is also the founder and CEO of IRISS, Ireland's first Computer Emergency Response Team.
In episode 5 we meet Masha Sedova, co-founder of Elevate Security, which uses data and behavioral analytics to help organizations build a strong security culture. We chat about how to build effective employee awareness programs and what it's like to set up a new business in the security industry.
In this podcast, we meet CISO Mark Weatherford. We learn how he created the U.S. Navy's first-ever Red Team, and how he worked to get laws passed to establish a security program for the first time in several U.S. states. But how does Batman fits into all of this? Listen to find out.
In episode 3 we meet Theresa Payton, the first female CIO of The White House and one of Security Magazine's top 25 Most Influential People in Security. Theresa is a respected authority on security and intelligence operations and the author of books on data privacy and election hijacking.
Wendy Nather, Head of Advisory CISOs at Cisco Duo, joins us for the latest episode of Security Stories. Wendy discusses how we can involve users in our security practices, rather than blaming them when they fall foul of the rules. And she comes up with a unique idea for shaking up the industry.
Our special guest this episode is Mick Jenkins MBE, CISO for Brunel University London. Mick is a former counterterrorist officer and published novelist, and has led some incredibly innovative changes at his organization to turn their cybersecurity approach around.