by SecurityStudio
Welcome to "The CvCISO Podcast" - an extension of SecurityStudio's vCISO training program. Designed to keep the conversation alive beyond the confines of traditional training, this podcast is your ongoing resource for all things related to Virtual Chief Information Security Officers (vCISOs).<br /><br />This podcast is a space where vCISOs can continue to explore, discuss, and evolve their understanding of the cybersecurity landscape. Join us as we delve into the experiences, perspectives, and challenges that vCISOs face. From sharing success stories to dissecting tough lessons learned, we cover it all.<br /><br />The goal of the podcast is to build a community where vCISOs can come together to learn from one another. Through engaging discussions and thought-provoking questions from the vCISO community, we keep the conversation dynamic and relevant. This isn't just a podcast - it's a dynamic platform where your voice matters. So, whether you're a seasoned vCISO or just starting, join us on the "CvCISO Podcast" as we continue the journey of learning and growth together.<br /><br /><b>Hosts:</b><br /><b>Jordon Darling (Vice President, Top Dog PC Services)</b><br /><a href="https://www.linkedin.com/in/jordon-darling/" target="_blank" rel="noreferrer noopener">https://www.linkedin.com/in/jordon-darling/</a><br /><b>Evan Francen (Founder and CEO, SecurityStudio)</b><br /><a href="https://www.linkedin.com/in/evanfrancen/" target="_blank" rel="noreferrer noopener">https://www.linkedin.com/in/evanfrancen/</a><br /><b>Meg Perron (CvCISO Training Academy Director, SecurityStudio)</b><br /><a href="https://www.linkedin.com/in/evanfrancen/" target="_blank" rel="noreferrer noopener">https://www.linkedin.com/in/meg-perron-mba/</a><br /><br /><b>To find out more information about SecurityStudio's CvCISO Training Program visit:</b> <a href="https://academy.securitystudio.com/pages/securitystudio-learning-home-page" target="_blank" rel="noreferrer noopener">www.cvciso.com</a><br /><br /><b>Follow SecurityStudio on LinkedIn:</b> <a href="https://www.linkedin.com/company/11486715" target="_blank" rel="noreferrer noopener">https://www.linkedin.com/company/11486715</a><br /><br />Email <b>[email protected]</b> with questions or topics you'd like our hosts to tackle!
Language
🇺🇲
Publishing Since
3/29/2024
Email Addresses
1 available
Phone Numbers
0 available
April 18, 2025
<b>Summary</b><br /><br />In this special 50th episode of the CvCISO Podcast, the hosts celebrate their milestone while discussing the importance of continuing education for venture capitalists (VCs). They explore various strategies for staying educated, including maximizing conference experiences, understanding CPE requirements, and aligning learning with career goals. The conversation emphasizes the significance of being proactive in professional development and the various avenues available for earning CPEs, including independent learning and community involvement. In this conversation, the speakers discuss the importance of maximizing the value of Continuing Professional Education (CPE) credits, emphasizing the need for passion and engagement in learning. They explore different learning styles and effective training methods, as well as strategies for choosing the right conferences and getting the most out of them. Networking is highlighted as a crucial component of professional development, with practical tips provided for building connections at events. <br /><b></b><br /><b>Takeaways</b><br /><ul><li>This is a special episode celebrating 50 episodes of the podcast.</li><li>Continuing education is crucial for VCs to stay relevant.</li><li>Conferences can provide valuable CPE credits and networking opportunities.</li><li>CPEs are available through various avenues, not just formal courses.</li><li>Being strategic about CPEs can enhance professional growth.</li><li>Understanding external factors is important for VCs.</li><li>Independent learning can also count towards CPEs.</li><li>Engaging with the community can provide additional learning opportunities.</li><li>Documentation is key for proving CPE credits.</li><li>The conversation around education is vital for helping others in the industry. Maximizing CPE value requires active engagement and passion.</li><li>Learning is more effective when it is applied in real-world scenarios.</li><li>Different individuals have unique learning styles that should be considered.</li><li>Choosing the right conferences can significantly impact professional growth.</li><li>Networking is essential for career advancement and knowledge sharing.</li><li>Preparation before attending conferences enhances the learning experience.</li><li>Finding 'golden nuggets' of information is key to effective learning.</li><li>Building connections with speakers and attendees can lead to valuable opportunities.</li><li>A strategic approach to conferences can yield better results.</li><li>Continuous learning and networking are vital for success in the cybersecurity field.</li></ul>
April 11, 2025
<b>Summary</b><br /><br />In this episode, the hosts discuss the controversy surrounding Mark Lanterman, a forensic expert accused of embellishing his credentials. They explore the implications of credibility and integrity in the cybersecurity field, particularly for expert witnesses. The conversation delves into the ethical responsibilities of professionals and the potential legal ramifications of misrepresentation. The hosts reflect on the importance of validating claims and the consequences of failing to do so, both personally and professionally. In this conversation, the speakers delve into the implications of dishonesty, particularly in professional settings. They discuss the consequences of lies, the importance of maintaining integrity and reputation, and the value of truth in personal and professional growth. The dialogue emphasizes the need for self-awareness and the significance of competing with oneself rather than others. Ultimately, the speakers encourage listeners to embrace honesty and learn from their mistakes, highlighting that it's never too late to start anew.<br /><b></b><br /><b>Takeaways</b><ul><li>Mark Lanterman is accused of embellishing his credentials.</li><li>Credibility is crucial in the cybersecurity profession.</li><li>Embellishing credentials can lead to legal consequences.</li><li>Expert witnesses must have validated backgrounds.</li><li>The importance of integrity in professional settings cannot be overstated.</li><li>Legal implications arise from misrepresentation in court.</li><li>The hosts emphasize the need to call out dishonesty.</li><li>There is a lack of accountability in verifying expert witnesses.</li><li>The conversation highlights the ethical responsibilities of professionals.</li><li>Consequences of lying can be more damaging than the truth. Shitty choices have consequences.</li><li>Don't fall for the urge to claim more than you are.</li><li>The truth always comes out, eventually.</li><li>Reputation is everything; it can be destroyed easily.</li><li>You can always start now to rebuild your integrity.</li><li>Competing with yourself is the only true competition.</li><li>Lies of commission and omission both destroy credibility.</li><li>Don't take shortcuts; they will sting you in the end.</li><li>Winners focus on winning; losers focus on others.</li><li>You can turn negative experiences into positive lessons.</li></ul>
April 8, 2025
<b>Summary</b><br /><br />In this episode, Meg and Dave discuss the importance of viewing information security not just as an IT issue, but as an organizational and societal concern. They explore how different departments within an organization contribute to security and the need for a holistic approach. The conversation also delves into the societal dependency on technology and the implications of critical infrastructure failures. They emphasize the importance of collaboration between sectors to enhance security and resilience in communities. In this conversation, Dave and Meg explore the complexities of cybersecurity consulting, focusing on the importance of regulatory standards, risk management frameworks, and the need for awareness in the industry. They discuss the challenges posed by ignorance and apathy, the interconnectedness of security sectors, and the significance of translating technical risks into business context. The conversation emphasizes the broader impact of security on communities and the necessity for organizations to be aware of available resources. <br /><b></b><br /><b>Takeaways</b><ul><li>Information security is fundamentally an organizational issue, not just an IT issue.</li><li>Understanding the critical elements of each department is essential for effective risk assessment.</li><li>Business impact analysis helps prioritize what is most critical for different departments.</li><li>The societal perspective on security is crucial for understanding broader risks.</li><li>Dependency on technology has increased, making security more complex.</li><li>Critical infrastructure is vital for daily life and community resilience.</li><li>Collaboration between sectors is necessary for effective security measures.</li><li>InfraGard serves as a bridge between the FBI and critical infrastructure sectors.</li><li>Awareness of security risks varies by industry and needs continuous improvement.</li><li>The conversation highlights the importance of proactive measures in security planning. Awareness of cybersecurity resources is crucial for organizations.</li><li>Ignorance and apathy are significant barriers in cybersecurity.</li><li>Regulatory standards like NIST and ISO provide frameworks for risk management.</li><li>Cybersecurity impacts not just organizations but entire communities.</li><li>Translating technical risks into business context is essential for effective communication.</li><li>The interconnectedness of security sectors highlights the importance of a holistic approach.</li><li>Consultants must ensure clients are aware of available resources and standards.</li><li>The CVCISO program uniquely prepares individuals to communicate risks effectively.</li><li>Public information is often overlooked in cybersecurity discussions.</li><li>Engaging with local cybersecurity resources can enhance organizational security.</li></ul>
The InfoSec Mission
David Spark, Mike Johnson, and Andy Ellis
CISO Series
N2K Networks
Jack Rhysider
Johannes B. Ullrich
David Spark, Steve Zalewski, Geoff Belknap
Pod Engine is not affiliated with, endorsed by, or officially connected with any of the podcasts displayed on this platform. We operate independently as a podcast discovery and analytics service.
All podcast artwork, thumbnails, and content displayed on this page are the property of their respective owners and are protected by applicable copyright laws. This includes, but is not limited to, podcast cover art, episode artwork, show descriptions, episode titles, transcripts, audio snippets, and any other content originating from the podcast creators or their licensors.
We display this content under fair use principles and/or implied license for the purpose of podcast discovery, information, and commentary. We make no claim of ownership over any podcast content, artwork, or related materials shown on this platform. All trademarks, service marks, and trade names are the property of their respective owners.
While we strive to ensure all content usage is properly authorized, if you are a rights holder and believe your content is being used inappropriately or without proper authorization, please contact us immediately at [email protected] for prompt review and appropriate action, which may include content removal or proper attribution.
By accessing and using this platform, you acknowledge and agree to respect all applicable copyright laws and intellectual property rights of content owners. Any unauthorized reproduction, distribution, or commercial use of the content displayed on this platform is strictly prohibited.