CISO Series
Podcast Network
CISO Series is a media network for cybersecurity professionals, delivering the most fun you’ll have in cybersecurity. We publish 9-10 episodes every week across our network of five programs. Four of our programs are audio podcasts, and we also have two live streaming video events every week. Please check out our events page for upcoming virtual and in person events. Source
Actions
Media Outlet details
| Scope | National, Trade/B2B |
|---|---|
| Language | English |
| Country | United States of America |
|
Similarweb UVM |
Request pricing |
|
Comscore UVM |
Request pricing |
Recent Articles
Search ArticlesCybersecurity News: CMMC Phase II suspended, tracking troops in Iran, defenders turn to context bombing
The second phase of the Cybersecurity Maturity Model Certification, or CMMC, was due to go into effect on November 10th, 2026. Phase 1 of CMMC allowed companies, specifically contractors, to self-report their cybersecurity compliance levels. The second phase would require contractors who handle sensitive information for DoD applications to have their compliance checked by an outside company.
The Only Thing Worse Than Technical Debt is Newly Discovered Technical Debt
With new LLM tools, organizations are suddenly forced to reconcile years of technical debt being discovered at machine speed. So, how do organizations deal with this new diagnostic visibility that breaks every assumption about vulnerability management? This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, principal of Duha. Joining us is Tim Callahan, CIO/CISO, AFLAC. Join the conversation on LinkedIn. No, it’s not your imagination.
Cybersecurity News: Russia’s router access routes, MemGhost haunts AI memory, DHS alert waved off twice
The United States and 12 additional countries said in a joint cybersecurity advisory Monday that Russia’s Federal Security Service (FSB) linked hackers are going after network devices, especially older Cisco gear that still exposes Smart Install or legacy SNMP. The advisory points to older weaknesses that let attackers pull configuration files, modify settings, and quietly use routers and switches as footholds.
What If Stolen Credentials Were No Longer Enough?
Sponsored article Most cloud and SaaS security still assumes identity is the strongest control. But attackers have learned to steal passwords, intercept multi-factor authentication (MFA) codes, and replay tokens. Assuming you’re building a Zero Trust architecture, another verification step is necessary. Cloud access cannot depend on just identity verification.
Cybersecurity News: Multifunction Windows backdoor, NSA revives TAO, urgent ShareFile warning
According to Microsoft, this newly identified backdoor combines ransomware-like encryption with multiple data-wiping features. First spotted last October, this Golang-based application is now named GigaWiper.
The Department of Know: France gets ready for quantum, JadePuffer ransomware, UK’s Cyber Shield
This week’s Department of Know is hosted by Rich Stroffolino, with guests Davi Ottenheimer, principal, Flying Penguin, and Chris Ray, field CTO, GigaOm. Missed the live show? Check it out on YouTube. The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com. Claude Code, Cursor, and OpenAI Codex are starting to trigger the same endpoint security alerts that defenders use to catch real attackers.
Cybersecurity News: Interpol’s global fraud sweep, China’s Claude Code flag, old Github account tricks
Interpol says a three-month global crackdown called Operation First Light led to more than 5,800 arrests across 97 countries. Authorities say they identified more than 142,000 victims and seized $293M tied to online fraud and money laundering. The cases included business email compromise, romance scams, sextortion, impersonation, and investment fraud. Investigators also blocked more than 31,000 bank accounts connected to the activity.
Humans Are Bottleneck in a Machine-Speed World
We’re evolving fast to secure AI. But are we evolving fast enough to secure WITH AI? Check out this post by Rinki Sethi, CSO, Upwind Security, for the discussion that is the basis of our conversation on this week’s episode, co-hosted by me, David Spark, the producer of CISO Series, and Howard Holton, former CEO, GigaOm. Joining is Adam Glick, CSO, PSG Equity.
Cybersecurity News: Mexico’s big cyber test, Roundcube mailserver snooped on, Cash App found lax
Mexico’s new national cybersecurity plan is getting an early stress test as the country co-hosts the FIFA World Cup. This was adopted back in November and calls for updated cyber laws, a national cybersecurity strategy by the end of the third quarter of this year, a new National Cybersecurity Center to monitor cyber threats, and closer coordination between government, industry, and universities.
What Part of Zero Trust Does Your Exception Not Understand?
Organizations spend millions implementing zero trust architecture. But any time a business critical tool needs an exemption from those policies, we all know who is going to win. So how do we implement zero trust that works for the way business works? This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, principal of Duha. Joining is Patti Degnan, operating partner, Andreessen Horowitz.