The threat landscape a mighty beast in and of itself -- vast and, perhaps more importantly, constantly changing. In this episode, Brian chats with industry thought leader John Pironti about using threat and security models to consistently monitor landscapes, test scenarios, and why you should prioritize risk management.

A thorough understanding of the core fundamental principles is critical for those building a career in cybersecurity. Adam Fletcher, CISO at Blackstone, argues that cloud security now falls into that list -- developing a policy or translating a tool to cloud requires extensive knowledge, experience, and leadership skills. He and Brian discuss case-by-case scenarios and how to expand and develop your team given the industry-wide talent shortage.

Cloud security continues to attract more organizations seeking for better storage, but the prospect of data leakage hold some back from joining the bandwagon. Steve Lodin, Sr. Director of Cyber Operations at Sallie Mae, shares his “golden rules” for introducing it to your organization, advice for a bullet-proof migration, and lessons learned from decades of working in corporate security.

Today’s teens interact daily with technology more than ever before. Ease of access to the online world for things such as streaming, social media, and shopping comes with the big responsibility to develop smart computer habits early in life. This episode features the series’ youngest guest to date: seventh grader Athena Contos, who shares personal examples of cyber carelessness, foundational tips for building good habits, and more.

In many ways, cybersecurity is the same way it once was over 20 years ago in terms of risk, only with different devices, activities, and added ways of access. Parry Aftab, who was one of the world’s first cyber lawyers back in the early 90s, shares her work with multiple cyber safety organizations, tips on supporting kids who fall victim to cyberbullying, and being featured in a custom cyber safety Marvel comic.

Modern planes have come a very long way since the first commercial flight in 1914. Approximately 87,000 flights travel across the US every day, carrying passengers who expect the same level of device connectivity and as they get on the ground. Deneen DeFiore, SVP & CSO at GE Aviation, stresses the importance of maintaining customer trust and business reputation through diligence in cyber assurance and safety operations.

With all the categories defining the healthcare industry today (e.g. pharmaceuticals, providers, hospitals, etc) and sensitive data flowing between them, it can be hard to know where to start. How do we keep information secure, yet accessible to our doctors and providers? Colby DeRodeff, CTO at Verodin, shares a bit about security in the healthcare community, how far we’ve come, and where we should go from here.

Since 2011, GridEx has been a hub for security lovers to evaluate and hone their red, blue, and purple teaming skills with challenging scenarios. In this episode, Brian Contos and Michael Allgeier, Director of Critical Infrastructure Security at The Electric Reliability Council of Texas (ERCOT), comment on the appeal and value these interactive training sessions can offer major power corporations.

Cyber criminals know that the toughest of problems can be quickly solved if you work together–and especially when pulling knowledge from a collective pool of resources. What role do solutions such as encryption and SSO play against a team of hackers dedicated to stealing your data? Brian chats with Jon Inns, co-founder and CEO of Threat Status, about corporate password habits, the dark web, and surprising scam victims.

Nowadays, adversary tactics like spear-phishing are proving to be more sophisticated and deceptive than ever. Mike Fabrico’s career includes notable roles as specialist at NASDAQ and Senior Director at TrapX Security, the world leader in cyber deception technology. He breaks down deception as a strategy—not just a tool—to provide organizations with the ability to turn the tables on their opponents. And it’s much simpler than you think.

As CISO of the State of Vermont, Nick Andersen is involved in everything from healthcare to emergency management to academia. He and Brian dive into the crucial priorities for the state, differences between protecting state and business data, and establishing third-party relationships to neutralize risk.

Richard Stiennon, serial author, industry expert, and Chief Research Analyst at IT-Harvest, recaps the short timeline of quality assurance in manufacturing and argues for the same approach it to cybersecurity as a core function of the business. Do investors and CISOs aligning their digital strategies accordingly and where exactly does ownership lie if, and when, the unexpected happens?

Amazing new developments in machine learning and artificial intelligence automate testing, reporting, and workflow. However, Lisa Jones-Huff, VP of NA Pre-Sales Engineering at Exabeam, explains its true value as a tool – not a catch-all solution. She and Brian talk customer success, newly introduced security roles, and more.

Mark Weatherford, Global Information Security Strategist at Booking Holdings and former CISO of the States of California and Colorado, has over twenty years of executive-level leadership experience in some of the world’s most important organizations. He and Brian Contos discuss misconceptions of cloud security, issues in the supply chain, and evaluating all areas of your cybersecurity environment.

Seasoned cybersecurity veteran Richard Seiersen, former SVP & CISO at LendingClub and current CEO & Co-Founder of Soluble.ai, attributes success in any career to two things: metrics and measurement. He shares his contagious passion for security, the qualities of top engineers, his latest book, and more.

Brian Contos chats with Ed Amoroso, former SVP and CSO of AT&T and current CEO of TAG Cyber LLC, about priorities and advice for building a top-notch security team. From Ed’s perspective, decision-making board members must be equipped with continuous data and have instincts that come from experience, but that can be a challenging balance to find.

As CISO for Ohio State University, Helen Patton has an acute vision for students and professors who are passionate about cybersecurity. While undergraduate university programs are succeeding in many areas, they are hindered by a lack of structure and guidance from the industry as a whole. She explains how to create a valuable student internship experience that offers diverse and relevant practical experience.

Sometimes the most interesting careers emerge from the remnants of another passion. Microsoft Detection and Response Team (DART) consultant MacKenzie Brown describes how her love of theatre led her to her current work with incident response (IR) and becoming co-founder of the Ms. Greyhat Organization. She and Brian Contos talk proactivity, cracking down on communication, and key focus points for response teams.

According to Terry Ray, SVP, Fellow, and former CTO of Imperva, Inc., practices and safety around data privacy and the cloud, though slowly improving, still leave much to be desired. He and Brian Contos discuss the concept of absolute security and why businesses benefit more from calculating acceptable risk based on their unique critical assets.

Brian Contos sits down with cybersecurity veteran William (Bill) Crowell, former Deputy Director of the NSA and current partner at Alsop Louie Partners, to get a picture of the major threat landscape changes over the past 15 years. While phishing attacks, advanced persistent threats (APTs), and breach monetization become more sophisticated each day, CIOs and board members must turn their focus to implementing proper network segmentation.

In a security professional’s career, a nearly perfect success rate can be quickly and detrimentally tarnished by one mistake that puts the company at risk. Raj Samani, Fellow and Chief Scientist at McAfee, shares his professional journey and explains how his choices have reflected who he is as a mentor, peer, father, husband, and author, encouraging listeners to appreciate what they have now.

While appealing new gadgets and innovative products continue to hit the market, legal firms caution organizations about the risks of IoT devices. Technology-focused trial litigator IJay Palansky forecasts the impending boom of cyber litigation in the coming years and his recommendations for avoiding the costly consequences of an attack.

Cyber threat research is not all created equal – especially in the realm of Security Instrumentation. Mark Bagley, VP of Product at Verodin, highlights the core objectives of the Behavioral Research...

The industry-wide talent shortage makes it challenging to attract and retain top cybersecurity talent — analysts often operate understaffed and overwhelmed by the ever-growing volume of alerts to sort through. Kevin Morrison, CISO at Pulte Group, Inc. examines his culture-centric approach to structuring cybersecurity staff, maximizing skill-set efficiencies, and aligning the success of his program to core business objectives.

The Cybersecurity Effectiveness Podcast is kicking off the New Year with a forward-thinking episode featuring JASK CEO and Co-Founder Greg Martin. Hear his predictions about the key cybersecurity challenges that organizations will be facing in 2019. Learn about the ground-breaking developments in AI and SOC automation enabling security teams to combat the rising sophistication of cyber attacks at a super-human level.

Security analyst and outdoors enthusiast Tim Waldo examines the lingering effects of malware attacks like WannaCry in the healthcare sector and exposes disturbing trends that are putting patient data at risk to future outbreaks. Tim offers precise steps that organizations can take to dramatically improve the technologies and policies safeguarding sensitive information.

In this episode, host Brian Contos reconnects with an old friend and colleague, Dr. Ulf Lindqvist, who is the Senior Technical Director of SRI International’s Computer Science Laboratory. Ulf reflects on some of SRI’s most notable technology accomplishments, elaborates on the security industry movement spurred from past work with Logic Group, and predicts the future of IoT devices.

Cylance Chief Security and Trust Officer Malcolm Harkins reflects on his core leadership philosophies and the processes he implements to cultivate a professional culture of excellence. He walks us through his transition from working as the Chief Security & Privacy Officer at the multinational corporation, Intel, to joining the cutting-edge cybersecurity start-up, Cylance.

Brian Contos straps in with Dave Ockwell-Jenner of SITA, the world's leading air transport IT and communications specialist. Having worked in IT and aviation for about 25 years, Dave explains what makes the air transportation industry unique, perspectives that executives have toward cybersecurity, and the challenges and opportunities that analysts face as they navigate today’s threats.

In the spirit of Ada Lovelace Day coming up on October 9th, host Brian Contos chats with Verodin security analyst Ashley Zaya about her role on the Behavior Research Team (BRT) and the perspective she brings to the industry. Ashley reflects on her career in InfoSec thus far and the experiences she gained working in Boeing's fast-paced SOC. Ashley also shares valuable advice for women entering the field and her favorite movie soundtrack.

What do you get when you combine a surging demand for cybersecurity experts with one of the largest plastics, chemicals, and refining companies in the world? Host Brian Contos sits down with Dave Bang, the man in charge of IT Security Architecture at a multi-national chemical company, and gets his take on the industry’s attitude toward prioritizing security, current processes, and personal experience with their team in ensuring success.