Defense in Depth

All links and images can be found on . Check out  for the discussion that is the basis of our conversation on this week's episode co-hosted by , the producer of , and . Joining us is our guest, Paul Guerra. In this episode: Read the contract How vendors win before the evaluation ends The fallout The real cost A huge thanks to our sponsor, Native Security Native makes secure-by-design inherent to how the cloud operates. It's the control plane for built-in cloud security, unifying and governing native controls, so security intent is defined once and applied consistently across...

Defense in Depth

All links and images can be found on  All security startups will tell you they talk to potential customers. The problem is that you limit your development when you only talk to CISOs who might buy. It's not the same guidance you'll get from a CISO who advises. Check out by Val Tsanev of the Cyber Risk Alliance for the discussion that is the basis of our conversation. This week's episode is co-hosted by me, , the producer of , and , senior evp and CISO, . Joining us is , CISO, . In this episode: Building for whom? The only feedback loop that matters Valid, but for whom? Rethink...

Defense in Depth

All links and images can be found on  Check out  for the discussion that is the basis of our conversation on this week's episode co-hosted by , the producer of , and . Joining us is our sponsored guest, Rob Allen. In this episode: The vulnerable stack Changing the structural economics Change the terrain The cost-benefit equation A huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce...

Defense in Depth

All links and images can be found on Check out for the discussion that is the basis of our conversation on this week's episode co-hosted by , the producer of , and . Joining us is our sponsored guest, , co-founder, . In this episode: Knowing which systems to save first Recovery is a business conversation, not an IT ticket Not all systems are created equal Recovery knowledge as a governed asset A huge thanks to our sponsor, Fenix24   Fenix24 is the world's leading breach recovery firm, providing rapid ransomware restoration, full asset visibility, and threat informed hardening....

Defense in Depth

What Makes a Successful Security Vendor Demo? All links and images can be found on . Check out from Adam Palmer for the discussion that is the basis of our conversation on this week's episode co-hosted by , the producer of , and . Joining is , BISO, . In this episode: Show me the problem, not the product Walking in blind Discovery is the demo Define the use case, set the clock A huge thanks to our sponsor, Fenix24 Fenix24 is the world's leading breach recovery firm, providing rapid ransomware restoration, full asset visibility, and threat informed hardening. Alongside expert recovery...

Defense in Depth

Should You Use Native or 3rd Party Cloud Management Tools? All links and images can be found on . Check out from for the discussion that is the basis of our conversation on this week's episode co-hosted by , the producer of , and , senior evp and CISO, . Joining us is their sponsored guest, , co-founder and CPO, . In this episode: More tools, more problems A gap in design Catching what slips through Competence over complexity A huge thanks to our sponsor, Native Security Native makes secure-by-design inherent to how the cloud operates. It's the control plane for built-in cloud...

Defense in Depth

How Should We Measure the Performance of a CISO? All links and images can be found on . Check out from the cybersecurity subreddit for the discussion that is the basis of our conversation on this week's episode co-hosted by me, , the producer of , and , senior evp and CISO, . Joining them is , vp, information security, . In this episode: Likability as a career strategy The storytelling gap How the math actually gets done The unofficial scorecard A huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control,...

Defense in Depth

All links and images can be found on . Check out for the discussion that is the basis of our conversation on this week's episode co-hosted by , the producer of , and , co-host, . Joining them is , CISO, . Be sure to check out Ross's book In this episode: Patterns hiding in plain sight Activity vs. advancement The human cost Frameworks about frameworks A huge thanks to our sponsor, Fenix24 Fenix24 is the world's leading breach recovery firm, providing rapid ransomware restoration, full asset visibility, and threat informed hardening. Alongside expert recovery services, Fenix24...

Defense in Depth

All links and images can be found on . Check out for the discussion that is the basis of our conversation on this week's episode, co-hosted by , the producer of , and . Joining them is , CISO, . Be sure to check out David's book, In this episode: Lead with insight, not persuasion Recognize the opportunity when it arrives Strategy over features Keep it efficient A huge thanks to our sponsor, Endor Labs Discover how AI coding agents are reshaping software supply chain risk in the State of Dependency Management. Original research from Endor Labs shows 49% of dependency versions have...

Defense in Depth

All links and images can be found on . Check out  for the discussion that is the basis of our conversation on this week's episode, co-hosted by , the producer of , and . Joining is their sponsored guest, , solutions architect, . In this episode: The development disconnect Functionality first, security second The incentive problem Speed as the common ground A huge thanks to our sponsor, Endor Labs Discover how AI coding agents are reshaping software supply chain risk in the State of Dependency Management. Original research from Endor Labs shows 49% of dependency versions have known...