All links and images can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week's episode, co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining is their sponsored guest, Matt Brown, solutions architect, Endor Labs.

In this episode:

• The development disconnect
• Functionality first, security second
• The incentive problem
• Speed as the common ground

A huge thanks to our sponsor, Endor Labs

Discover how AI coding agents are reshaping software supply chain risk in the State of Dependency Management. Original research from Endor Labs shows 49% of dependency versions have known vulnerabilities (and that 34% don't actually exist). Get the report to see how "shadow AI" is reshaping attack surfaces. Learn more at www.endorlabs.com.

All links and images can be found on CISO Series.

Check out this post by Caleb Sima for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Evan McHenry, CISO, Robinhood.

In this episode:

• The information paradox
• Setting realistic expectations
• Prioritization over noise
• The cart before the horse

Huge thanks to our sponsor, Endor Labs

Discover how AI coding agents are reshaping software supply chain risk in the State of Dependency Management. Original research from Endor Labs shows 49% of dependency versions have known vulnerabilities (and that 34% don't actually exist). Get the report to see how "shadow AI" is reshaping attack surfaces.

All links and images can be found on CISO Series.

Check out this post, CISO, Upwind Security, for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap, CISO, LinkedIn. Joining us is Octavia Howell, vp and CISO, Equifax Canada.

In this episode:

• Beyond the quota
• The hard truth beats the polished bluff
• Paying for someone else's mistakes
• Reducing friction, increasing trust

Huge thanks to our sponsor, ThreatLocker

ThreatLocker takes a deny-by-default approach to endpoint security — controlling what applications can run, what can access data, and what can elevate privileges. Used by organizations that want to reduce attack surface without relying on detection alone. Learn more at threatlocker.com/ciso.

All links and images can be found on CISO Series.

This week's episode is co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Mark Eggleston, CISO, CSC.

In this episode:

• Breaking trust to test it
• Technical controls over testing
• The measurement imperative
• Fire drills, not gotchas

Huge thanks to our sponsor, Scanner

All your security logs end up in cloud storage like AWS S3. Scanner makes them searchable in seconds and runs real-time detections directly on that data. No pipelines, no re-ingestion. 100x faster than traditional data lakes, 10x cheaper than SIEMs. Loved by analysts. Built for AI agents. Learn more at scanner.dev.

All links and images can be found on CISO Series.

This week's episode is co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Cliff Crosland, co-founder and CEO, Scanner.dev.

In this episode:

• Earning autonomy gradually
• The blast radius question
• The reality check
• Today's value, tomorrow's evolution

Huge thanks to our sponsor, Scanner

All your security logs end up in cloud storage like AWS S3. Scanner makes them searchable in seconds and runs real-time detections directly on that data. No pipelines, no re-ingestion. 100x faster than traditional data lakes, 10x cheaper than SIEMs. Loved by analysts. Built for AI agents. Learn more at scanner.dev.

All links and images can be found on CISO Series.

Check out this post by Dr. Chase Cunningham, CSO at Demo-Force, for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap. Joining us is Brett Conlon, CISO, American Century Investments.

In this episode:

• The experience paradox
• Who benefits from the narrative
• Kitchen sink job postings
• The aggregation problem

Huge thanks to our sponsor, Scanner

All your security logs end up in cloud storage like AWS S3. Scanner makes them searchable in seconds and runs real-time detections directly on that data. No pipelines, no re-ingestion. 100x faster than traditional data lakes, 10x cheaper than SIEMs. Loved by analysts. Built for AI agents. Learn more at scanner.dev

All links and images can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week's episode, co-hosted by David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining them is their sponsored guest, Rob Allen, chief product officer, ThreatLocker.

In this episode:

• Getting permissions right
• The fundamentals that still fail
• Know what you have
• Simple controls, outsized impact

Huge thanks to our sponsor, ThreatLocker

Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and
workshops that show CISOs exactly how to implement and maintain Zero Trust in real
environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March
6. Get $200 off with ZTWCISO26 at ztw.com.

All links and images can be found on CISO Series.

Check out this post by Patrick Garrity of VulnCheck for the discussion that is the basis of our conversation on this week's episode, co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining them is Tom Doughty, CISO, Generate:Biomedicines.

In this episode:

• The 3Ms of product clarity
• Buzzwords work because buyers aren't experts
• Investor pressures distort messaging
• Threading the needle

Huge thanks to our sponsor, Alteryx

Alteryx is a leading AI and data analytics company that powers actionable insights that help organizations drive smarter, faster decisions. Alteryx One helps security, risk, and operations leaders cut hours of manual work to minutes, generate trusted insights at scale, and turn raw data into action faster than ever. Learn more at www.alteryx.com.