The Virtual CISO Moment
By Greg Schaffer
The Virtual CISO MomentMay 14, 2024
S6E28 - A Conversation with Andrew Wilder
Andrew Wilder helps businesses, boards, and startups understand and address Cybersecurity Risk. He has broad range of Cybersecurity, Risk Management, Audit, Merger & Acquisition, Organizational Design, and International experience cultivated over more than two decades across several industries. He is a retained Chief Security Officer, an adjunct professor in cybersecurity, and is an advisor for many cybersecurity startups.
S6E29 - Special - Challenges and Opportunities in Small and Midsized Business Information Security - BSides Nashville 2024
Challenges and Opportunities in Small and Midsized Business Information Security - a special episode, recorded at BSides Nashville May 11, 2024.
S6E27 - A Conversation with Darren Ritch
Darren Ritch has been in the IT Industry for 34 years, with AT&T about 20 and work in the CSO office. He also volunteers as a CISO for the past several years for a non profit and have helped them with HIPAA compliance, and recently earned the Certified Business Coach designation from Mindvalley.
S6E26 - A Conversation with Curt Vincent
Curt Vincent is cyber security maverick and entrepreneur. Founder and leader of the 400 person Morgan Stanley Cyber Security Division for 15 years, Senior Vice President and COO for both the Global Networking and Applications Operations Command Center at Bank of America, VP of a Dev/Ops team at Goldman Sachs and a founder of 5 startup companies. Curt is also a retired U.S. Army Lieutenant Colonel where he played cyber cat and mouse with nation states as the Operations Officer of the Army's Global Network Operations and Security Center.
S6E25 - Remembering Frank Platt
Frank Platt joined me on The Virtual CISO Moment in 2022. I share that episode as a remembrance and tribute to the great person he was. We will miss you, Frank.
S6E24 - A Conversation with Chris Kimpland
Chris Kimpland is a cybersecurity leader with a passion for helping organizations advance their security posture and succeed in today's threat landscape. He has extensive Governance Risk and Compliance experience across multiple frameworks, standards, and regulations such as DFARS, HIPAA, PCI, and NCUA. In this episode we cover a variety of topics including information security risk management and a great upcoming initiative to combat online predators.
S6E23 - A Conversation with John Christly
John Christly is a cybersecurity evangelist, military veteran, former CIO/CISO/CTO, author, and instructor. Currently the Director of IT Security at Summit 7, he is a passionate IT and cybersecurity professional with decades of experience. He has served in key roles such as CIO, CISO, and CTO, helping organizations of all sizes to build resilient IT systems, fortify their security systems, and grow security related practice offerings. He also owned and operated a successful Florida based MSP/MSSP for over 13 years.
Additionally, he is the author of the new book The Basics of Cybersecurity (available at https://www.amazon.com/Basics-Cybersecurity-John-Christly-ebook/dp/B0CZXQQTGR/) and the creator and instructor of the Udemy course How to become a CISO (see https://www.udemy.com/course/cybersecurity-leadership-how-to-become-a-ciso/).
S6E22 - A Conversation with Joshua Copeland
Joshua Copeland is a seasoned cybersecurity professional and educator with 25 years of experience, with a focus on holistic cloud and on-prem security approaches and specific expertise in building and operating security stacks, SOC operations, and cybersecurity governance, risk, and compliance (GRC) processes. Additionally, he served 20 years in the US Air Force. Also, since 2021 he has been the purveyor of #unpopularopinions as the "Unpopular Opinion Guy" SM or "UOG" on LinkedIn, covering topics like hiring, mentoring, and cybersecurity.
S6E21 - A Conversation with Troy Bowman
Troy Bowman is an Information Security Analyst for Costco Wholesale, specializing in application security. He is also a Navy veteran and has some excellent advice on those looking to enter cyber from military service. He also relays one of the most unique way I have heard to decompress with stress!
S6E20 - A Conversation with Evan Francen
Evan Francen is the CEO of FRSecure and SecurityStudio. His mantra of focusing on the mission is inspiring, and his mission is to, simply put, fix problems. He is the founder of the CISSP Mentor Program and the Certified vCISO (CvCISO) training. Additionally, he authored The Information Security Industry is Broken (June 2018). The industry may be broken, but we can fix it; that's just one of the topics we discuss.
S6E19 - A Conversation with Darius Davis
Darius Davis is a cybersecurity professional with over 15 years of information technology experience. He's worked in a wide-range of areas from tech support, system administration, to networking and security engineering. In this episode, he provides four excellent points of wisdom for those looking to enter and advance in their cybersecurity career. A hint: you have to crawl before you walk. He also is a great example of serving the infosec community, holding board positions in not one but two local professional security organization chapters.
Darius can be reached on LinkedIn at https://lnkd.in/emg3VYhf and X at @cyberninjapod.
S6E18 - A Conversation with Richea Perry
Richea Perry is a seasoned GRC and Cybersecurity Professional with an unwavering passion for securing today's digital environments. Throughout his journey, he has been at the forefront of shaping resilient network infrastructures, robust Governance, Risk Management, and Compliance strategies that are not just benchmarks, but catalysts for business growth. We discuss AI risks for SMBs, GRC (of course), and his career path from IT (networking) to cybersecurity. He is also the host of the CyberJA podcast - and I finally learned what the JA means! Hint - I definitely overthought it.
S6E17 - A Conversation with Stanley Charles
Stanley Charles is the Founder of the Charles Technology Group and Senior Manager, Information Security and Compliance at Pixel United. I realized early in the discussion that we have similar career paths, from aircraft maintenance in the United States Air Force, to an early career in networking as a network engineer, to eventually land in the information security and cybersecurity space. We cover a lot of ground in this episode, including advising SMBs on how to get the most out of their relationship with their MSP/MSSP.
S6E16 - A Conversation with Nick Mullen
Nick Mullen is the Founder and Principal Consultant at Sanguine Security Solutions and is also a Cybersecurity Program Mentor at Kennesaw State University. He is a technology leader dedicated to enabling teams and facilitating achievement, and his expertise is in program/project management, information security, IT governance, and compliance in the financial services sector. In this special midweek episode, we talk security plus Star Trek - a great combination!
S6E15 - A Conversation with Robert Hill
Robert Hill is a visionary leader with over three decades of expertise in the cybersecurity industry. As the founder and CEO of Cyturus Technologies, Inc, a leading Compliance and Risk Management solution provider, Robert has played an instrumental role in shaping the landscape of cybersecurity and helping organizations, navigate the complex challenges of a digital era.
Prior to founding Cyturus, Robert held positions within various consulting firms, where he honed his skills by collaborating closely with Fortune 500 companies to develop cybersecurity strategies. His hands-on experience in identifying deficiencies, mitigating risks, and implementing robust compliance frameworks has proven instrumental in fostering a culture of security awareness among clients. We cover a wide range of topics in this episode, including the limitations of traditional once-a-year assessments in organizations, where senior leadership makes decisions based on outdated data.
S6E14 - A Conversation with Nick Oles
Nick Oles is an author, cybersecurity professional, and veteran. We cover many topics including his book How to Catch a Phish (available at https://lnkd.in/e35B8YHz) and career paths, including this preview where he reviews his beginnings in IT in college. I often say that working at a university is a great place to get foundational IT experience, and he is a great example.
S6E13 - A Conversation with Jonathan Mandell
Jonathan Mandell calls Chicago home and has worked across various tech roles, from Enterprise AE to Business Development. He was part of the founding team of Tiz, which later became Provi, a SaaS company reshaping the alcohol industry. He has worked in third party risk management (TPRM) for the past 5 years, and recently founded Teepee, a cybersecurity firm delivering solutions in the area of TPRM. Join us as we discuss the challenges and benefits for SMBs in ensuring effective third party risk management.
For more information, check out Teepee at https://teepeesafe.com/.
S6E12 - A Conversation with Matthew Meadows
Matthew Meadows is an experienced Information Technology Security Specialist with a demonstrated history of working in the medical practice industry, and is currently an Information Security Engineer with Premier, Inc. Join us as he discusses a new approach to information security training for healthcare professionals. Learn more about the CyberSecurity Center of Excellence's Healthcare Track at https://cvcc.edu/CSCE/CyberSecurity-in-Healthcare.cfm.
S6E11 - A Conversation with Chris Foulon
Chris Foulon, Founder and Principal Cybersecurity Strategist of CPF-Coaching, is a seasoned vCISO, IT, and Security leader with over 17 years of progressive experience. He is also the co-host Breaking into Cybersecurity with Renee Smalls where they interviewed individuals who have transitioned into the cybersecurity industry within the past 5 years.
S6E10 - A Conversation with Daniel Moses
Daniel Moses is SDR for Cyble, which provides capabilities for customers to manage cyber risks with AI powered actionable threat intelligence, and are specialists in gathering intelligence across the Deepweb, Darkweb and the Surface Web. Join us as he discusses his journey, including that cybersecurity has taught him that you need to be able to pivot and keep pressing forward.
S6E9 - A Conversation with Bruno Aburto
Bruno Aburto is the cofounder of and vCISO at Aburto Kinney Consulting LLC. He is responsible for providing comprehensive cybersecurity and IT support to executives and their organizations, working =tirelessly to safeguard all digital assets and sensitive information, ensuring that clients are protected against potential threats and vulnerabilities. He provides augmented cyber expertise that enables clients to identify and mitigate risks while supporting business operations and enhancing overall security posture.
S6E8 - A Conversation with Jason Mar-Tang
Jay is a 17 year veteran of Information Technology who has been helping organizations of different industry verticals all over the United States. He also has 12 years experience in sales and recently stepped into leadership as well. In his spare time, Jay is extremely passionate about health, fitness, and nutrition.
As a bonus, see what I recommend for office fitness equipment to get in those workouts when going to a gym isn't feasible!
S6E7 - A Conversation with Brian Smith
Brian Smith is a 20-year veteran and entrepreneur in multimedia, cybersecurity, and technologies alike. He is Co-Founder and CTO at Spyderbat, an automated runtime security platform. Spyderbat stops attacks and automates root cause analysis on cloud-native environments by proactively recording Cloud system and container activities into a living 'Google Map'. With Spyderbat, DevOps and Platform teams stop attacks, prevent misconfigurations, and get a full understanding of what happened, how to clean up, and how to prevent it in the future.
In 2000, together with Marc Willebeek-LeMair, Brian founded TippingPoint Technologies (acquired by 3Com), and in 2009 he founded Click Security (acquired by Alert Logic). Prior to TippingPoint, Brian received his Ph.D. in Computer Science from the University of California at Berkeley in 1994 and was the Xerox Professor of Computer Science at Cornell University until 1998. He now holds 13 patents and is a fellow of the Alfred P. Sloan Foundation.
S6E6 - A Conversation with Mike Pedrick
Mike Pedrick is the VP, Cybersecurity Consulting for Nuspire. He believes that all businesses are at risk - hackers, crackers, nation states and bad actors - but small- and medium-sized businesses have to defend themselves against the same threats as the major corporations with fewer resources at their disposal. Who helps small business leaders navigate the murky waters of risk management, governance, compliance, privacy, and guerilla marketing campaigns? He does. Join us for an engaging conversation focused on SMB information security risk.
S6E5 - A Conversation with Ty Ward
Ty Ward is a published author (https://a.co/d/ipWJj2G) and seasoned cybersecurity professional with over 15 years of experience in the field. Ty is a former U.S. Air Force and also a former U.S. Intelligence Agency member. He has responded to hundreds of real-world data breaches and cyber-attacks, performed hundreds of penetration tests against organizations, and has served as a chief information security officer for a multitude of companies both nationally and internationally. He holds multiple university degrees and a long list of professional certifications, including the CISSP, GCIH, and others. Ty is also the Founder of the NightLight Foundation ( https://www.nightlight-foundation.org/), an anti-child exploitation and trafficking not-for-profit organization.
S6E4 - A Conversation with Scott McCrady
With 25 years of experience working in the networking, telecommunications, and information security space, Scott McCrady is currently serving as the CEO of SolCyber Managed Security Services. Scott has worked with large companies and start-ups, among them IBM and EDS, where he held Security Engineer and Team Leader positions (US and London).
Join us in a where we discuss a unique approach to providing MSSP services. I also learned a new term, "talent stacking". Listen or watch to learn what that means!
S6E3 - A Conversation with Sabine VanderLinden
Sabine VanderLinden is a seasoned executive with a proven track record of creating long-term sustainable impact for growth ventures and corporates. She specializes in designing, industrializing, and democratizing category-driven digital ecosystems that help de-risk corporate venturing for incumbent players. Sabine co-founded Alchemy Crew three years ago, a venture-first R&D lab that accelerates the commercialization of tech ventures by working with global Fortune 500 companies, venture capital funds, private equity funds, universities, and acceleration programs. Join us as we take on startups, insurance, entrepreneurship, taking risks, cybersecurity, and a bunch of other topics!
S6E2 - A Conversation with James Fair
James Fair is the Senior VP of Technical Operations at Executech, a leading IT outsourcing company committed to cutting costs for businesses in various industries. With expertise spanning over 35 years in IT, 30 years in Leadership, and a dozen years in the interpersonal workspace, James is a seasoned professional with a deep understanding of business strategy, cybersecurity, information technology (IT), and management.
James's remarkable journey from an entry-level technician to Senior Vice President has equipped him with an extensive knowledge base in all facets of IT. He leverages his passion for IT and cybersecurity, coupled with his dedication to leadership development, to teach and mentor other IT professionals and leaders.
S6E1 - A Conversation with Thomas Ballin
Thomas Ballin, Cofounder of Cytix, is an experienced security expert with leadership, management, and operational experience in cyber security. He has spent the past ten years as a security champion building innovative products, services, and teams to meet the needs of customers. In this episode we discuss SMB pen test challenges, scaling security programs, and Cytix's innovate approach to identifying how to effectively manage a vulnerability discovery program (hint: it's not put in a subnet and mask and click "run").
He is also cohost of the Real Cybertalk podcast, a new podcast premiering January 2, 2024. Check it out!
S6E0 - Season 6 Trailer
We're back with a new season of great conversations on The Virtual CISO Moment, beginning with our first episode of the year coming January 2, 2024. Hope you can join us!
S5E66 - Conversation with Keith Price
We end 2023 with a very special guest! Keith Price is the CSO for National Highways. Has worked in tech since 1991, beginning as a Mainframe Operator in the United States Air Force - so of course I had to wear my Air Force cap for this discussion! If you've never come across Keith's LinkedIn posts I'd be surprised, as he is always providing excellent and helpful content. He assists students, military veterans, and professionals wanting a change in their profession in cybersecurity. Most importantly, he loves what he does!
S5E65 - A Conversation with Evgeniy Kharam
Evgeniy Kharam is the founder of EK Cyber and Media Consulting providing consulting and advisory services in both the cyber and media domains, catering to vendors and MSSPs. He also is the founder of the Cyber Inspiration Podcast and cofounder of the Security Architecture Podcast, where they interview vendors in cybersecurity about their design and architecture. We talk about the need for SMBs to enhance awareness and the struggles for access to talent and other security issues for all businesses. Plus he's working on a book on the importance of soft skills in technical sales, to help communicate more effectively.
S5E64 - A Conversation with Daniel Waters
Daniel Waters is a cyber and technology strategist, startup advisor, business builder, and cybersecurity subject matter expert. We discuss how some issues affect large and small businesses alike, but startups often have more significant challenges in just trying to stay in business. We also tackle cyber burnout and how change from the leadership level can help.
S5E63 - A Conversation with Paul Valente
Paul Valente is the CEO and co-founder of VISO Trust and former CISO of Restoration Hardware, Lending Club and ASAPP.
He holds several industry designations, including Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM) and ISO 27001 Lead Implementer.
Listen to learn how VISO Trust, leveraging AI, can help with an issue all CISOs and vCISOs deal with - Third Party Risk Management.
S5E62 - A Conversation with Marc Crudgington
Marc Crudgington is the CEO, vCIO/vCISO of CyberFore Systems, has many years at the CISO level, and is a United States Air Force Veteran. He is also the author of two books, including "The Cyber War Is Here, US and Global Infrastructure Under Attack A CISO's Perspective". Join us as he discusses his career path and what led him to author two cybersecurity books.
S5E61 - A Conversation with Kyron Joseph
Transitioning from one career to cyber can be challenging but also brings opportunities. Kyron Joseph is a newly converted Cyber Security Professional with 5+ years of experience in Social Media /Marketing account management, content creation, data protection and client communication and pursuing the GRC path. He's learned a very important aspect of information security that many don't, even after decades in the field, and that puts him ahead of others in the GRC space. Listen to find out what that is.
S5E60 - A Conversation with Esteban Ribičić
Esteban Ribičić is the Founder and Project Leader at eramba. Serving thousands of companies around the world, eramba is a popular open Governance, Risk and Compliance (GRC) application. Listen to hear the story of eramba, how it was developed to solve real problems with simplicity, and how eramba's core values center on service.
www.eramba.org
S5E59 - A Conversation with Grant Elliott
Grant Elliott is the CEO and Chairman of Ostendio. He is an entrepreneurial leader with over 20 years experience in a variety of Operations, Customer Service and Product Development roles mostly in an Executive capacity. He has a proven track record of successfully leading organizations that require significant growth, development or change, having led business units in large, medium and start-up enterprises.
S5E58 - A Conversation with Dave Hatter
Dave Hatter is an accomplished, enthusiastic, award-winning technology professional and servant leader with more than 30 years’ experience as a cybersecurity consultant, software engineer, project manager, and instructor. He also has more than 25 years' experience as a local government official, most recently the last nearly nine years as Mayor of Fort Wright, Kentucky.
S5E57 - A Conversation with TJ Bettles
TJ Bettles is the founder and CEO of WhiteHat CyberSecurity Solutions, a Vancouver based network of ethical hackers and security experts offering penetration testing as a service. He is also a strength athlete that has dedicated 12+ years to strength training, coaching and to a much lesser degree, competition.
Additionally, he is the host of a new podcast focused on bullying in the workplace, Bully Proof. The first episode of Bully Proof, a discussion with Jennifer Fraser, author of The Bullied Brain, drops Monday, November 13, 2023. You won't want to miss it!
S5E56 - A Conversation with Matt Winkeler
Matt Winkeler is a analytical security and privacy leader. He created a security and privacy program compliant with SOC 2, GDPR, and CCPA in less than a year. He has provided leadership as organization expanded from US to Europe, India, Australia, and beyond.
S5E55 - A Conversation with Simon Janin
Simon Janin is the CEO of X80. He is a Technology Entrepreneur with strong expertise in Security, Computer Science and Software as a Service. He is a prior member of the Swiss Military Intelligence CNO unit, founded three companies, and made contributions to the fields of secure protocols, financial infrastructure and cyber security.
S5E54 - A Conversation with Tim Golden
Tim Golden am the founder of Compliancerisk.io, a company that focuses on empowering the compliance function within your #MSP by streamlining your compliance operations. He is a seasoned professional in the governance risk and compliance space, with over 20 years of experience helping organizations tackle their business problems with the help of people, process, policy, and technology. He is an expert in compliance, risk management, governance policy management, and cybersecurity, and provides training, consulting, and technical assistance and governance programs to Managed Service Providers (MSPs)
S5E53 - A Conversation with Iboro Philip
Empathy is his superpower, cyber security is his professional passion. Learn about Iboro Philip's rather unique journey and how a simple scam propelled him to a career in cybersecurity.
Throwback Thursday - A Conversation with Greg van der Gaast
From March 29, 2023 - Greg van der Gaast is an international speaker on Why Security Fails, IT Quality, Leadership, and Strategy. He also is a former hacker, FBI & DoD operative, author, advisor, CISO, and people and culture enthusiast. Listen to hear his fascinating story and what is a major threat for SMB information security that most don't consider. He can be reached at https://gregvandergaast.com/.
S5E52 - A Conversation with Andrea Toponi
Andrea Toponi is the CEO and founder of Cyberangels. With over 18 years of experience in project management, risk management, and IT consulting, he has always been passionate about using technology to solve complex problems and create value for customers. As a CEO and founder of Cyberangels, he helps small and medium-sized businesses (SMBs) secure their digital assets and protect their reputation from cyber attacks.
https://cyberangels.it
https://cyberangels.io (coming soon)
Throwback Thursday - A Conversation with Bill Butler
Bill Butler is an experienced Vice President Of Engineering with a demonstrated history of working in the hospital and health care and security compliance industry. He is the Founder and VP Engineering of PolicyCo (policyco.io), a platform that lets you tie Regulations, Policies, Procedures, Control Testing and Remediation together in a single platform, along with a host of other features like version control, reporting, sharing, attestations, and a public API.
S5E51 - A Conversation with Perry Ausbrooks
Perry Ausbrooks is a passionate Veteran Success Specialist & IT Systems Analyst at Intellectual Point, where he combines his commitment to helping fellow veterans with his growing expertise in cybersecurity. With certifications in Security+, C|EH, and Splunk, he provide training and mentorship to veterans transitioning into IT and cybersecurity careers.
S5E50 - A Conversation with Jeremy Snyder
For our 100th discussion episode, Jeremy Snyder, founder and CEO of FireTail joins us. FireTail is a different, effective approach to API security. He looks for interesting challenges in the cloud, cybersecurity, data and robotics domain spaces, with the potential to have a positive impact. He tends towards entrepreneurial environments where people are highly motivated and moving at a fast pace, and where he can contribute more to the company's success.
S5E49 - A Conversation with Chris Rule
"Cybersecurity Cowboy" Chris Rule joins us to discuss cybersecurity concerns in education. He has been a School District level Technology Director since 1999 and worked directly or consulted with numerous school districts in Wyoming and Colorado. Aside from being a CoSN certified Education Technology Leader (CETL), a Certified vCISO, and a former Microsoft Certified System Engineer (MCSE), he is an experienced technology infrastructure expert and carries a wide array of technology skills.