Tuesday Morning Grind: A Cybersecurity Podcast
By risk3sixty
Tuesday Morning Grind: A Cybersecurity PodcastDec 07, 2021
#69 Former Homeland Security Cybersecurity Deputy Talks Cyber Risk and Leadership (w/ Mark Weatherford)
Mark Weatherford, Homeland Security Cybersecurity Deputy Under President Obama talks about Cyber Risk and Leadership
Mark Weatherford has a long career in public service including serving in Homeland Security and CISO for the state of California and Colorado. In this episode of Tuesday Morning Grind, Mark and Christian discuss cyber risks, cybersecurity legislation, and leadership in the public sector.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#68 - Passion and Community for Cyber, Resiliency in Cyber, and Gamification Education (w/ Gerald Auger)
Gerald Auger is the host of Simply Cyber, an information security YouTube channel designed to help individuals go further, faster in the information security field. He’s also the Director of Cybersecurity Education at ThreatGEN™. Christian and Gerald discuss his passion for the information security field which led to the creation of Simply Cyber, handling breaches, how to talk to executives about security, and what’s missing from the field for it to work better. They also talk about Gerald’s new adventure into ThreatGEN™ and the gamification of cybersecurity education.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#67: Making A Business Case, Attracting Talent and Being a Story Teller in Cyber (w/ Rock Lambros)
How to make a business case as a CISO, attract talent and tell a story in cyber.
Rock Lambros is the CEO & Founder of RockCyber. In this episode of Tuesday Morning Grind, Rock and Christian discuss how to make a business case to C-suite executives, how to attract top-tier talent in a virtually zero unemployment industry and how to tell a story so employees can understand cyber issues and risks.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#66 - Breaking into Buildings, Getting Arrested, and Red Teaming (w/ Gary DeMercurio)
Gary DeMercurio was arrested for breaking into a courthouse in Iowa.
Gary DeMercurio is a master at physical security. He breaks into buildings and tells the owners how he did it so they can improve their security posture. In 2019, he was arrested in Iowa after breaking into a courthouse. In this episode of Tuesday Morning Grind, Gary and Christian discuss how it all went down and lessons learned from the event. They also discuss some of the tactics used in physical penetration test engagement.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#64: Hyper Growth Start-ups, Women in Cyber, and Courage (w/ Dinah Davis)
What it takes to grow a hyper growth start-up, lead people, and the courage to take your shots.
Dinah Davis is the VP of R&D Operations at Arctic Wolf. She has helped the organization scale from 35 to nearly 1500 employees. In this episode of Tuesday Morning Grind, Dinah and Christian discuss practical lessons on leadership, Dinah’s journey as a women in technology leadership, cybersecurity trends, and the incredible value in finding the courage to take your shot.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx.
You can learn more about risk3sixty at www.risk3sixty.com.
#63: Privacy: Healthcare Regulations, Social Media, and Listening Devices (w/ Kate Godfrey)
Privacy considerations in the world of healthcare, emerging tech, and regulation.
From regulations like HIPAA, GDPR, and CPRA to home listening devices -- Kate and Christian discuss the future of privacy and the potential implications for businesses and individuals.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#62: Four of the World’s Top Hackers Talk Cyber War, Hacking, Metaverse, Privacy, and Life
Four of the World’s Top Hackers Talk Cyber War, Spying, Hacking, Privacy, and Life
The impacts of technology on our society are further reaching that we yet understand. As our society increases screen time, connects our home, our cars, and ourselves to the digital universe both practical and philosophical questions must be answered. Questions of cyber conflict, privacy, digital interaction, and what it means to be human all emerge. In this episode of Tuesday Morning Grind, four of the world’s top hackers discuss some of these questions at length.
Connect with the hackers in this episode:
- Chris Roberts: https://www.linkedin.com/in/sidragon1/
- Luke “Pyr0” McOmie: https://www.linkedin.com/in/lmcomie/
- Mike Weber: https://www.linkedin.com/in/webermike/
- Mike “The Haunted Hacker” Jones: https://www.linkedin.com/in/mikejonesnotanalias/
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#61: Crypto: Get Rich, Vulnerabilities, Bugs, Criminals, and the Potential to Change the World (w/ Lance Whatley aka Moontography)
Crypto - What are the threats and opportunities?
There are big threats and even bigger opportunities in the world of crypto right now. New technologies, huge upside investment, software vulnerabilities, bugs, world changing payment solutions, and criminal organizations – all exist and thrive in the same environment. In this episode of Tuesday Morning Grind, Lance, Sawyer, and Christian discuss blockchain technology and crypto.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#60: Cyber War, Breaches, and Human Emotion (w/ Raj Samani)
We are seeing the highest volume of cyber attacks we have ever seen.
Raj has briefed heads of state, CEOs, and politicians on cybersecurity. During his time a chief scientist at McAfee he was responsible for understanding the thread landscape, researching emerging threats, and perhaps most importantly – mastering the human side of cybersecurity – emotion, self-interests, fear, and geo-politics. In this episode of Tuesday Morning Grind, Raj and Christian discuss the current state of cybersecurity, emerging trends, and the human side of cybersecurity.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
Books Recommended in this Episode: What Everybody is Saying by Joe Nevarra
Whitepaper by Raj: Hacking the Human Operating System
#59: How to Do Better Security Assessments (w/ Amanda “Jo” Erven)
Learn how to take your security assessments to the next level by implementing a few best practices.
Jo is an author, teacher, and life long internal auditor. She has spent her career thinking about risks and helping communicate those risks to executives. In this episode of Tuesday Morning Grind, Jo and Christian discuss how principles of “total quality auditing” can be used to execute better security assessments. They talk about selecting risk based projects, communication issues, report writing, and driving organizational change.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
Book Recommendation from this episode: Total Quality Auditing
Check out training and education: https://www.auditconsultingeducation.com/total-quality-auditing/
#58: How to Navigate CMMC Compliance (w/ Jax Scott)
Jax Scott breaks down the latest trends with security and compliance in the federal space.
Jax is an security and compliance expert in the federal space, co-author of the book “Cybersecurity Career Masterplan”, podcaster, and entrepreneur. In this episode of Tuesday Morning Grind, Jax and Christian break down the latest news with CMMC compliance. They also talk about how to get a job in cybersecurity and talk about trends related to diversity.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
Book Recommendation from this episode: Cybersecurity Career Masterplan
#57: How Security Leaders Can Upgrade to Business Leaders (w/ Matthew Sharp)
Security leaders must have strong business acumen if they want to be successful. Otherwise, they are destined to the child’s table within the leadership ranks at their organization.
Security programs must align the organization’s most important business objectives. This is a fact that all successful security leaders must understand. In this episode of Tuesday Morning Grind, Matthew and Christian discuss business topics that every security leader needs to know to successfully serve their organization – and how business is directly linked into cybersecurity.
Book Recommendation: CISO Evolution by Matthew Sharp (https://www.cisoevolution.com/)
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#56: How to Get PCI Certified in 2022 (w/ PCI Expert Chris Donaldson)
This is everything you need to know to get PCI DSS certified in 2022.
Chris Donaldson is a PCI Expert and the PCI Practice Leader at risk3sixty. Chris has helped organizations from start-ups to Fortune 10 achieve PCI certification. In this episode of Tuesday Morning Grind, Chris and Christian talk through everything a company needs to know to begin their PCI certification journey.
Featured How to Guide: How to Get PCI Certified
Featured Book or Resource: risk3sixty’s PCI DSS e-book
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#55: A System for Running Your Business and the Best Meeting Format (w/ CJ DuBe')
CJ DuBe' has helped over 110 companies implement habits to run a better business. She also shares her #1 tip for success – the Level 10 Meeting™.
CJ DuBe' is an expert in helping companies implement the Entrepreneurial Operating System® (EOS®) made famous by the book Traction by Gino Wickman. CJ says at the heart of EOS is the ability to help manage and focus human energy. Through setting vision, establishing meet rhythms, getting the right people on the team doing the right jobs and a host of other activities – CJ helps companies thrive. In this episode of Tuesday Morning Grind, CJ and Christian explore a few aspects of an EOS and share practical tips to get started building a better company.
Featured How to Guide: How to Run a Better Meeting
Featured Book or Resource: Check out the book “Traction” and the free resources and templates at EOS Worldwide.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#54: How Cybersecurity Researchers Think and Break Things (w/ Chris Roberts)
Chris Roberts shared his journey from hacker to security researcher in a quest to change the digital landscape for the better.
Chris Roberts is a hacker, security researcher, and thought leader. Chris worked for both the private sector as well as the government and intelligence agencies on cybersecurity projects and research initiatives. In this episode of Tuesday Morning Grind, Chris and Christian explore the world of cybersecurity research, discuss issues of individual rights and privacy, and consider the future.
Book Recommendation from this Episode: Verbal Judo
How to guide from this Episode: How security researchers leverage their curiosity to break things and turn lessons learned into cybersecurity research projects.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#53: How to Build Security Awareness (w/ George Finney)
George Finney, CISO at SMU and Author of Well Aware, discusses the 9 habits of building cybersecurity awareness.
George Finney is the CISO at Southern Methodist University and the author of the book Well Aware. In this episode of Tuesday Morning Grind, George and Christian discuss the challenges of building cybersecurity programs for Higher Education, cybersecurity threats, careers in cybersecurity, and why we are excited about the future.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#52: How to Catch a Hacker (w/ Brian Levine)
Brian Levine tells the story of a 10 year journey to catch the Bayrob group hackers.
Brian Levine is a former Department of Justice coordinator that participated in the 10-year journey to catch the Romanian hacker group that would come to be known as the Bayrob group. In this episode of Tuesday Morning Grind, Brian and Christian discuss the details of the case.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#51: How to Use Compliance to Manage Security Risks (w/ John Bordwine)
John Bordwine, AVP Product & Cloud Compliance at Hyland, shares his insight on leveraging security compliance to manage risk.
John Bordwine is the AVP Product & Cloud Compliance at Hyland. Prior to Hyland, John held leadership positions at Citrix and Symantec. In this episode of Tuesday Morning Grind, John and Christian discuss how building a security compliance program isn’t about “check the box” activities – it’s about helping the organization manage risk. John shares his insight on building teams, navigating compliance programs, and practical techniques to use compliance requirements to reduce cyber risk.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#50: Special Thanksgiving Episode
This is a special episode of Tuesday Morning Grind. We are coming up on 50 episodes as well as the Thanksgiving holiday.
Today, I’d like to look back on our 50 episodes to date, and surface a few of the most memorable insights I’ve learned from the incredible array of guests we’ve had on the show. We’ll cover lessons learned about entrepreneurship, cybersecurity, and more.
Time Stamps:
- [0:47] Kennet Westby from Coalfire - Identify Where There's Opportunity
- [1:49] Justin Nassiri from Captivate.ai - You Have to Put in Work to Get Added Value
- [2:36] Mike Meyer from SalesLoft - Celebrate the Wins
- [3:21] Colonel Rob Campbell - It's Personal, Not Personnel
- [5:22] Brooklyn Dicent - Telling Stories to Test Your Material
- [6:18] Trent Russel - Using Podcasting to Build B2B Relationships
- [7:49] Nikole Davenport from HITRUST - Why Does Privacy Matter?
- [8:51] Jeremy Garcia from LinuxQuestions.org - Technology Erodes Privacy
- [10:07] Daniel Solove - Meaningless Privacy Measures and Innocuous Information
- [11:48] Kelly Haxton, a former US Special Agent - Advice to Prevent Fraud
- [13:23] Paulo Shakarian - Cybersecurity and Machine Learning Data Analytics
- [14:56] Luke McOmie, aka the hacker Pyr0 - 3 Attributes of a Great Security Practitioner
- [16:58] Pete Strouse - How to Break Into the Cyber Security Field
We at risk3sixty are so excited about the road ahead. And I’m excited to continue to bring you more great episode of Tuesday Morning Grind in the months ahead.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#48: Being an Entrepreneur, Building a Company, and Cybersecurity (w/ Ryan Denehy)
Ryan Denehy, Founder and CEO of electric.ai, shares lessons learned from being an entrepreneur, successfully exiting 3 companies, and cybersecurity.
Ryan Denehy is the Founder and CEO of electric.ai. Prior to Electric, Ryan has started and sold three companies, most recently to Groupon. In this episode of Tuesday Morning Grind, Ryan and Christian discuss entrepreneurship, building teams at scaling organizations, and how cybersecurity is impacting companies of all sizes.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#47: Privacy in a Digital World (w/ Stuart Lee)
Stuart Lee, Chief Privacy Officer at VMWare, shares insights on building a global privacy program that is good for people and good for business.
Stuart is a privacy expert with extensive experience building privacy programs for global organizations. In this episode of Tuesday Morning Grind, Stuart and Christian, discuss topics ranging from privacy regulation, privacy by design, and the societal impact of mass data collection.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#46: Building a GRC Program (w/ Jewel Hefner)
SOC 2, PCI DSS, ISO 27001, FedRAMP, GDPR – the list goes on. In this episode, Jewel and Christian discuss how to build a global security and compliance program poised to support multiple frameworks.
Jewel is an expert in governance, risk, and compliance with experience building teams and navigating the complexities of global compliance initiatives. Having forged a non-traditional route to a GRC leadership position, Jewel is passionate about helping others do the same. In this episode of Tuesday Morning Grind, Jewel and Christian discuss how to get into cybersecurity, the challenges that come with
leadership, and many of the tactics of being an effective GRC professional.About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#45: How to Get Funding for Your Security Startup (w/ Mel Shakir)
Mel Shakir hears over 300 pitches per year for security startups. In this episode of Tuesday Morning Grind, Mel and Christian talk about cybersecurity trends, startups, and what it takes to get a potential investor excited about your company.
Mel Shakir is an entrepreneur, cybersecurity expert, investor, and advisor for Dreamit Ventures. Dreamit Ventures focuses on pre-seed and seed round funding for cybersecurity organizations. In addition to capital, Mel and his team help organizations better understand their customers, productize their offering, and prep for investor pitches.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#44: How to Build a Marketing Function at a Start-Up (w/ Ryan Yackel)
Every tech CEO wants to crack the secret code of marketing. How do you build a brand, get more leads, and measure the results?
Ryan Yackel has successfully built marketing programs for successful start-ups for the last decade. In this episode of Tuesday Morning Grind, Ryan and Christian talk about how high growth tech companies can build marketing programs that lead to results.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
About Keyfactor: Keyfactor is the leader in cloud-first PKI-as-a-Service (PKIaaS) and crypto-agility solutions. Its Crypto-Agility Platform™ empowers security teams to seamlessly secure and orchestrate every machine identity across their entire enterprise. The company helps its customers apply cryptography in the right way from modern, multi-cloud enterprises to complex IoT supply chains.
With decades of cybersecurity experience, Keyfactor is trusted by more than 500 enterprises across the globe. Built on a foundation of trust and security, Keyfactor is a proud equal opportunity employer, supporter and advocate of growing a trusted, secure, diverse and inclusive workplace. For more information, visit www.keyfactor.com or follow Keyfactor on LinkedIn, Twitter, and Facebook.
#43: Mass Surveillance, Data Harvesting, and Freedom (w/ Virginia MacSuibhne)
Mass data harvesting, government surveillance, and regulations at every turn. How do people and businesses navigate the current privacy environment?
Privacy is one of the most important challenges facing our society. How we communicate, our opinions, and our individual freedoms are at stake. Tack on a patchwork of compliance and regulatory requirements and it can be overwhelming. In this episode of Tuesday Morning Grind, Virginia and Christian discuss many of the problems and potential solutions as our society and businesses navigate one of the most important challenges of our time: Privacy.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#42: Acoustic’s Security Journey (w/ Steve Dotson)
Steve Dotson, CISO at Acoustic, discusses tools of the trade to build security programs at high growth technology companies.
What does your first 90 days as a security executive look like? How do you get a seat at the table with executives? How do you get a budget approved? How do you build a team?
From start-up advisor and investor, CISO, and business executive, Steve’s journey has helped him build security teams at organizations as diverse as multi-billion-dollar organizations to start-ups. In this episode of Tuesday Morning Grind, Christian and Steve discuss what it takes to be an effective security executive.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#41: Ex-Anonymous Hacktivist Shares His Story of Crime, Spying, and Cyber War (w/ Mike Jones)
Former member of the hacktivist group Anonymous, Mike Jones, shares his insider perspective on cybersecurity, privacy, and the future of our digital world.
After a career in military intelligence Mike Jones grew weary of the mass surveillance apparatus and decided to join the hacktivist group Anonymous. Soon the FBI showed up and Mike became a confidential informant working to fight foreign adversaries. Since then, Mike has continued his journey as a world-renowned security researcher, penetration tester, public speaker, advocate for young people at risk, and founder of the cybersecurity community haunted hacker.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#40: Elite Sales Teams Put One Thing Above All Else (w/ John Kaplan)
World renowned sales coach, John Kaplan, talks about how the key to sales is all about customer experience.
John Kaplan is the president and co-founder of Force Management. For the last 20 years he has helped organizations build elite customer centric sales teams. In this episode of Tuesday Morning Grind, we break down some of the myths about sales and talk about how good salespeople only care about one thing: the customer.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#39 – There Are No Shortcuts In Entrepreneurship or Marketing (w/ Justin Nassiri)
Serial entrepreneur, Justin Nassiri, talks about digital marketing and entrepreneurship.
Justin Nassiri is the CEO and Founder of Captivate.ai. Since starting his career in the Navy onboard nuclear submarines, he has earned his MBA from Stanford Business School and raised over $3M in venture capital from Google’s Chairman, Eric Schmidt. His marketing technology products have been used by over 35 Fortune 500 companies and over 100M users worldwide. In this episode of Tuesday Morning Grind, we break down some of the myths about entrepreneurship and marketing and how growth requires consistent effort, skill, and luck.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#38: SalesLoft’s Security Journey (w/ Mike Meyer)
VP of Security at SalesLoft, Mike Meyer, provides insight into building a program for a unicorn start-up.
SalesLoft has received nearly $250M in funding and was recently valued at over $1.1 Billion. To say their growth has been meteoric is not an exaggeration. During that growth, Mike Meyer has worked to build a security program that can scale with the organization. Under Mike’s leadership, SalesLoft has achieved ISO 27001 certification, worked to build trust with clients, and forged relationships across the organization that instill a culture of security. In this episode of Tuesday Morning Grind, Mike shares much of his wisdom in how to build security programs – and why context matters.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#37: You Can Be Happy Doing Anything, Even Auditing (w/ Robert Berry)
Robert Berry once focused his career on auditing, but has come to learn the secret to happiness. In this episode, Robert and Christian explore the world of auditing, risk management, and of course – being happy.
About Robert Berry: Robert is a 20+ year veteran of auditing, with a career in consulting, financial services and higher education. Today, Robert is an entrepreneur, serving as a trainer, author, socialmedia influencer, public speaker, blogger, e-commerce merchant and podcast host. A dynamic and energetic personality, Robert brings passion not generally associated with audit. You can find Robert on his website (thatauditguy.com), his “Audit Bites” podcast which is available on the all the traditional channels, as well as his weekly LinkedIn Live podcast, “Friday Fraudster” which he co-hosts with Kelly Paxton and Jo Erven.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#36: It’s Fraud, People! (w/ Kelly Paxton)
About Kelly Paxton: Kelly is a former US Special Agent, certified fraud examiner, author, private investigator, public speaker and podcast host. Today, Kelly is a solopreneur, serving as a fraud consultant and public speaker on topics covering “Pink Collar” crime, ethics, open source investigations and social media. You can find her Great Women in Fraud podcast on all the traditional podcast channels, as well as her weekly LinkedIn Live podcast, “Friday Fraudster” which she co-hosts with Robert Barry and Jo Erven.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#35: ISACA Geek Week: The Biggest Volunteer Led Security Event in Atlanta (w/ Elizabeth Mavetz)
ISACA VP of Operations, Elizabeth Mavetz, talks about the purpose and mission of Geek Week – the biggest volunteer lead security event in Atlanta.
ISACA Atlanta connects thousands of security, privacy, and risk professionals in the Atlanta area. If you talk to security professionals in Atlanta, almost everyone has been to a monthly or annual ISACA event. Many people have launched careers, earned certifications, and forged friendships through the events ISACA hosts. It has truly become a staple of the growing security and privacy community. In this episode, we speak to VP of Operations Elizabeth Mavetz about ISACA Atlanta’s mission and what to expect this year at Geek Week 2021.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#34: Platform.sh’s Security and Privacy Journey (w/ Joey Stanford)
VP of Security and Privacy at Platform.sh, Joey Stanford, provides insight into building a trust-based security and privacy program for a global tech start-up.
There is nothing easy about building a security and privacy program that can scale globally at a tech-start up, but Joey Stanford is showing the world it can be done. With the support of Leadership, for the last 5 years Joey has been working tirelessly to instill a culture of security and privacy into his organization. In this episode of Tuesday Morning Grind, Joey shares much of his wisdom in how to build security and privacy programs, align them with the business’s most important objectives, and most importantly – do it all by building a culture of trust.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#33: risk3sixty 5 Years in Review (w/ Co-founder Christian White)
July 2021 marks risk3sixty’s 5-year anniversary. To celebrate, Christian Hyatt and Christian White talk about their journey and where risk3sixty is headed next.
We have two goals with this episode of Tuesday Morning Grind:
1) We want to get current team members excited about being a part of risk3sixty. We want our team to have some insight into where we have been, where we are going, and why this is a unique place to build a career.
2) We want future team members that are considering risk3sixty to have a reference guide to risk3sixty. We want prospective team members to have one place to learn about where risk3sixty has been and where we are going.
If you are considering a career at risk3sixty – reach out at vibes@risk3sixty.com!
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#32: The hacker Pyr0 (w/ Luke “Pyr0” McOmie)
World famous hacker Pyr0 and risk3sixty co-founder Christian Hyatt explore the depths of becoming a world-famous hacker and living to tell the tale. Covering topics from building security teams, the origins of the nickname Pyr0, and living off the grid.
Pyr0 is a man that explores the careful balance between chaos and order. On the one hand Pyro is a hacker, a rule breaker, a pyrotechnics expert, and proud owner of a gold mine who lives off the grid in a remote region of Colorado. On the other hand, Pyr0 is dedicated to stopping cyber-crime, sharing his knowledge generously, and helping people launch a career in cybersecurity. Anything but convention, he is Luke McOmie – Pyr0.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#31: How Great Leaders Scale Organizations (w/ Colonel Rob Campbell)
Rob and Christian discuss what it means to be a leader and how great leaders can scale organizations.
Rob Campbell is a leadership coach, keynote speaker, and author of two books. Prior to leadership coaching, Rob was an Army Colonel and Brigade Commander for the 101 st Airborne Division where he lead a brigade of nearly 5000 individuals.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#30: Cybersecurity Trends and Emerging Risks (w/ Coalfire Co-Founder Kennet Westby)
Kennet Westby and Christian Hyatt talk about what it’s like to build a cybersecurity firm and where the industry is headed.
Kennet Westby is the co-founder of Coalfire, serial entrepreneur and investor, and cybersecurity expert. Since 2001 he has helped build and assess security programs from start-up, fortune 500 organizations, and government entities. In this episode of Tuesday Morning Grind, Kennet and Christian talk about what it’s like to build a cybersecurity firm and where the industry is headed.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#29: How Privacy Will Shape Society and Business (w/ Daniel Solove)
Christian speaks with world renounced privacy researcher Daniel Solove about the current and future implications of privacy on society and business.
About Daniel Solove: Daniel is a research professor at George Washington University Law School, CEO of TeachPrivacy.com, and holds a JD from Yale Law School. Daniel is one of the most respected and frequently sited privacy professionals on earth, with over 50 research publications, and over 1M followers on social media.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#28 Matters of Privacy (with Privacy Guru Robert Glaser)
Robert is a longtime privacy leader, currently serving as a Vice President & Chief Privacy Officer at Entisys360. In this episode of the Tuesday Morning Grind, Robert and Christian talk about Robert’s path into the privacy field, board-level awareness of privacy concerns, ethics and privacy, education, and much more.
#27: Open Source Matters (w/ LinuxQuestions.org Founder Jeremy Garcia)
Jeremy Garcia is the founder of LinuxQuestions.org and an open-source expert. In this episode of Tuesday Morning Grind, Jeremy and Christian talk about managing a community of 500,000 users, the merits of open source technology, cybersecurity, privacy, and much more.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high-growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#25: Predicting Hacks Before They Happen (w/ Ph.D. Paulo Shakarian)
Paulo Shakarian is an expert in predicting cybersecurity events before they happen. In this episode, Christian and Paulo discuss the cyber underground, leveraging machine learning and threat intelligence to predict the likelihood a vulnerability will be exploited by hackers, and the nature of war in the cybersecurity domain.
About Cyr3con: Paulo is the CEO of Cyr3con. Cyr3con leverages machine learning and threat intelligence to predict potential cyber exploits. Learn more at www.cyr3con.ai/.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
How to get PCI DSS Certified (w/ PCI QSA Christian White)
In this episode of Tuesday Morning Grind, Christian White and Christian Hyatt discuss address many of the common questions associated with PCI DSS, the process to become certified, how to prepare a budget, and how long it takes.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#24: Virginia’s New Privacy Law (w/ Privacy Fellow Philip Brudney)
Christian Hyatt and Phillip Brudney discuss Virginia’s new privacy regulation and potential impacts to consumers and businesses. We compare the privacy law to GDPR and CCPA and discuss things organizations might want to consider in building a privacy program.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#23: Cyber War (w/ Colonel Andrew Hall)
In this episode of Tuesday Morning Grind, Andy and Christian discuss topics ranging from cyber warfare, the Army’s role in cybersecurity, competition between nations, cybersecurity in advanced education, and privacy.
Colonel Andrew Hall is a cybersecurity expert, retired army colonel, associate professor at Marymount University where he researches cybersecurity, and cybersecurity research staff member at the Institute for Defense Analysis. Before joining Marymount, He was on the faculty at the United States Military Academy at West Point, in the Department of Mathematical Sciences. He was most recently the Director of the Army Cyber Institute, the Army’s Think Tank for the cyber domain, where he directed and oversaw research, leadership development, and partnership efforts in the cyber domain.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com. #cybersecurity
#22: How to Get a Job in Security(w/Security Recruiter Pete Strouse)
Pete Strouse has been an information security recruiter for a decade. During that time, he has had the opportunity to work with hundreds of professionals and learn what works and what doesn’t when it comes to rising through the ranks of security org structures.
In this episode of Tuesday Morning Grind, Pet and Christian, talk about what it takes to be successful in the security space, how to get hired, how to rise through the ranks, potential career paths, and the attributes of aspiring security leaders.
About Infosec Connect: Infosec Connect helps provide recruiting and placement services for security companies with specialties in Information Security Executives, Information Security Sales & Marketing, Security Audit & Compliance (GRC), Data Privacy, Security Operation s, Offensive Security, Digital Forensics & Incident Response (DFIR), and Cloud Security.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com/.
#21: How to Build a Happy Company (w/ Cooleaf Co-founder Prem Bhatia)
Prem Bhatia is the co-founder of Cooleaf, a platform that helps make the employee experience better. In this episode of Tuesday Morning Grind, Prem and Christian discuss the challenges of entrepreneurship and building workplaces where the whole team is excited to be there.
About Cooleaf: Cooleaf’s market-leading platform empowers midsize and enterprise customers to listen to employee sentiment, engage employees through recognition & rewards, performance incentives, and virtual group experiences, and make more data-driven decisions to continuously improve the employee experience. Guest: Prem Bhatia
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high-growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
#20: Building a Business Helping Others Achieve Financial Freedom (w/ Qoins CEO Christian Zimmerman)
Christian Zimmerman is the Founder and CEO of Qoins, a mobile app designed to help people get out of debt and manage their finances. Christian is a Forbes 30 under 30 and has been featured on CNN Money, Forbes, NBC, and more. In this episode of Tuesday Morning Grind, Christian and Christian discuss the challenges of entrepreneurship, raising capital, growing teams, how to get press, and getting your first clients.
About Qoins: Qoins is a mobile app designed to help users get out of debt, save money, and manage their financial life. You can download Qoins on the app store or check them out at www.qoins.io.
About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.
Download the Tuesday Morning Grind Podcast:
- On Apple: https://podcasts.apple.com/us/podcast/tuesday-morning-grind/id1519592554
- On Spotify: https://open.spotify.com/show/0hNChm6MfPAArdxEzzvBDR
- Any Podcast Player: https://anchor.fm/risk3sixty
#19: What it Takes to Start a Side Hustle (w/ Data Analytics Guru Trent Russell)
Data analytics, side hustles, starting a podcast, entrepreneurship, internal auditing, and more.
#18: Gap Selling, Improv Comedy, and Happiness at Work (with Happiness Consultant Brooklyn Dicent)
Brooklyn and Christian discuss entrepreneurship, leadership, happiness, and becoming a great public speaker.