Risk and Reels: A Cybersecurity Podcast

Systemic Cyber Risk: A CISO’s Impossible Task

04 Jun 2025

Contributed by Lukas

In this episode, Jeffrey Wheatman sits down with Paul Guckian, former BISO at Lloyd’s of London and author of Systemic Cyber Resilience: Why CISOs C...

Phishing for Truth: Fixing the Flaws in Security Awareness

28 May 2025

Contributed by Lukas

Jeffrey Wheatman sits down with Cary Johnson, founder of Phishbusters Audit and Consulting, to expose the failures of traditional phishing simulations...

The Accidental CISO

21 May 2025

Contributed by Lukas

In this episode of Risk & Reels, Jeffrey Wheatman sits down with RJ Friedman, CEO of Dayone Cyber, to talk frameworks, risk, and leadership. RJ sh...

A Story of Limited Resources

07 May 2025

Contributed by Lukas

In this episode of Risk & Reels, Jeffrey Wheatman sits down with Craig Taylor, CEO of CyberHoot, to talk about how small businesses are navigating...

From Homicide to Hackers: Fixing Cybersecurity’s Broken Model

23 Apr 2025

Contributed by Lukas

In this episode, Jeffrey Wheatman sits down with Carter Schoenberg, Chief Security Officer at Soundway Consulting and author of Why Cybersecurity Fail...

This Isn't the Wolf of Wall Street: Recruitment, Rewired

16 Apr 2025

Contributed by Lukas

Richie Lampani—self-proclaimed Chief Recruiter Dude—joins Jeffrey Wheatman to talk about the real state of hiring today. From music industry war s...

I Robbed a Bank with a Solar Eclipse

09 Apr 2025

Contributed by Lukas

Jayson Street, Chief Adversarial Officer at Secure Yeti, returns to Risk and Reels for a no-holds-barred conversation on hacking human nature, creatin...

A Confluence of Errors and a Little Help From Friends

02 Apr 2025

Contributed by Lukas

In this episode of Risk & Reels, host Jeffrey Wheatman sits down with Ed Gaudet, CEO and founder of Censinet, for an insightful conversation about...

Cyber Truths, Intelligence Myths, and Life after the NSA

26 Mar 2025

Contributed by Lukas

In this episode of Risk and Reels, host Jeffrey Wheatman welcomes security veteran and former NSA executive Don Boian for a wide-ranging conversation ...

Every Day is a Risk Decision

19 Mar 2025

Contributed by Lukas

In this episode of Risk and Reels, host Jeffrey Wheatman sits down with seasoned cybersecurity leader Kimberly Trapani to discuss the evolving role of...

Silent Risk - How Do We Figure Out What We Don't Know?

12 Mar 2025

Contributed by Lukas

In this episode of Risk and Reels, Jeffrey Wheatman (interviewing himself!) dives into the concept of the 'silent breach'—cybersecurity exposures th...

Telling YOUR Story Within Your Organization

26 Feb 2025

Contributed by Lukas

In this episode (throwback to Black Hat 2024), Jeffrey talks to Munish Walther-Puri, Adjunct Fellow at NYU Center for Global Affairs. Jeffrey and Muni...

The Concerning Impact of Cybersecurity on National Security

19 Feb 2025

Contributed by Lukas

In this episode, Jeffrey talks to Dr. David Bray, PhD, who shares his extensive background in cybersecurity, national security and technology in the p...

Meet an Attorney Who Keeps CISOs Out of Legal Hot Water

12 Feb 2025

Contributed by Lukas

In this episode, Jeffrey talks to Steven Teppler, a partner at Mandelbaum Barrett and the lead of the firm's Privacy and Cybersecurity practice gro...

Addressing Cybersecurity’s Education and Engagement Challenges

05 Feb 2025

Contributed by Lukas

In this episode, Jeffrey talks to Lisa Plaggemier, Executive Director of the National Cybersecurity Alliance. They discuss their favorite movie-based ...

Fresh Perspectives from a Future Cybersecurity Leader

29 Jan 2025

Contributed by Lukas

Cybersecurity veterans see the industry through the lens of experience. But how do those visions align with the outlooks of up-and-coming cybersecurit...

What the Trump Administration Could Mean for Cybersecurity

22 Jan 2025

Contributed by Lukas

In this episode, Jeffrey talks to Merritt Baer, CISO and advisory board member for Reco. Merritt also advises private businesses like Expanso, Andesit...

Everything is an Endpoint — and Other Zero Trust Insight

15 Jan 2025

Contributed by Lukas

In this episode, Jeffrey talks to Jessica Dapelo, a zero trust expert and founder of Jessica Dapelo Enterprises, a consulting firm specializing in cyb...

We Really Need to Shake S*** Up in Cybersecurity Research and Insight

08 Jan 2025

Contributed by Lukas

In this episode, Jeffrey speaks with cybersecurity marketing extraordinaire Dani Woolf, co-founder of CyberSynapse and CEO/host of the Audience 1st po...

Yes, CISOs Should Be Ethical — But Maybe We Stop Lying To Them

18 Dec 2024

Contributed by Lukas

In this episode, Jeffrey talks to Robert “RSnake” Hansen, Managing Director at Grossman Ventures. He’s also a computer hacker, executive and ent...

Turtles All the Way Down — Looking for Third-Party Risk in DORA

11 Dec 2024

Contributed by Lukas

In this episode, Jeffrey Wheatman talks to Sandra Saliba, TPP Governance Manager at APS Bank. Jeffrey and Sandra dig into the Digital Operational Resi...

Enough With the Cybersecurity Gatekeeping — Be a Genuine Mentor

04 Dec 2024

Contributed by Lukas

In this episode, Jeffrey talks with Dave Ruiz — aka “CyberDAve” — cybersecurity leader for the Public Works Commission in Fayetteville, North ...

Hey, Cybersecurity Pros: Complexity is the Enemy of Execution

27 Nov 2024

Contributed by Lukas

In this episode, Jeffrey talks to Edgar Jones, co-founder of Luminated in Thought — aka L.I.T. — an organization specializing in individual and gr...

Navigating Bias — Cybersecurity’s Crooked Mirror

20 Nov 2024

Contributed by Lukas

In this episode, Jeffrey talks to Dr. Dustin Sachs, Chief Technologist and Sr. Director of Programs at the CyberRisk Collaborative. They discuss movie...

Helping CISOs Communicate Their Way To Positive Outcomes

13 Nov 2024

Contributed by Lukas

In this episode, Jeffrey talks to Rock Lambros, founder and CEO of RockCyber. Along with coaching CISOs and serving as a vCISO, Rock is also a publish...

The Art of Throwing the (Calculated) Cybersecurity Hail Mary

06 Nov 2024

Contributed by Lukas

In this episode, Jeffrey talks to Mel Reyes, CEO of Elite Technical Concierge. Mel’s background is deep, with expertise in helping organizations bui...

What the Military’s “Elegant and Brutal” Model Can Teach Us About Cybersecurity

30 Oct 2024

Contributed by Lukas

In this episode, Jeffrey talks to Cindy Seipert, an InfoSec GRC analyst at Health Catalyst. They discuss movies that challenge our identity, Cindy’s...

You’ve Got To Be Audacious To Succeed

23 Oct 2024

Contributed by Lukas

In this episode, Jeffrey talks with Keren de Via, Go-to-Market Director at Cyturus Technologies. Keren has a deep cybersecurity background and was the...

What Better Time Than Now? (And Other Considerations for Aspiring Security Professionals)

16 Oct 2024

Contributed by Lukas

In this episode, Jeffrey talks to Tanara Burke-Lloyd, SOC Analyst at Littler, the largest global employment and labor law practice. They discuss “fi...

Why “Always Be Collaborating” Should Overshadow “Always Be Closing” in Security Sales

09 Oct 2024

Contributed by Lukas

In this episode, Jeffrey talks to entrepreneur and four-time CISO Demetrios Lazarikos — aka Laz. Laz is the founder and IT security consultant of Bl...

How CISOs Manage Risk Acceptance

02 Oct 2024

Contributed by Lukas

In this episode, Jeffrey talks to Evelin Biro, a CISO advisor and cybersecurity expert. They discuss movies where a character goes through a significa...

AppSec Ain’t Easy — But it Doesn’t Have to be Impossible

25 Sep 2024

Contributed by Lukas

In this episode, Jeffrey talks to Pete Chestna, Checkmarx's CISO of the Americas. They discuss movies in which a character feels threatened by the int...

Building Business Resilience in the Face of Risk

18 Sep 2024

Contributed by Lukas

In this episode, Jeffrey talks to Sara Ricci, an accomplished consultant and executive with a proven track record in global leadership roles, speciali...

Calculating the Cost of Cyber Risk

04 Sep 2024

Contributed by Lukas

In this episode, Jeffrey talks to veteran CISO and cybersecurity practitioner Jason Taule. Jason has worked with Booz Allen, General Dynamics, HITRUST...

How Security Advisors Support Sales — Without Actually Selling

28 Aug 2024

Contributed by Lukas

In this episode, Jeffrey talks to Helen Patton, cybersecurity advisor at Cisco. They discuss movies where the main character undergoes a career change...

An Uncommon Cybersecurity Question: What Makes Your Soul Sing?

21 Aug 2024

Contributed by Lukas

In this episode, Jeffrey talks with Dom Vogel, founder of Vogel Leadership & Coaching, where he helps cybersecurity executives to be the best lead...

Wanna Tackle Third-Party Risk? Collaborate, Collaborate, Collaborate!

31 Jul 2024

Contributed by Lukas

In this episode, Jeffrey talks to Richard Stiennon, Chief Research Analyst at IT-Harvest. They discuss their favorite buddy movies, the art of collabo...

You Can't Ease off the Security Gas Pedal — Especially in Healthcare

24 Jul 2024

Contributed by Lukas

In this episode, Jeffrey talks to Adam Moore, Head of Global Cloud Solutions for Elekta. They discuss movies that look forward and backward, security ...

CISOs Need to Tell Good Stories and the Right Allies to Help Tell Them

17 Jul 2024

Contributed by Lukas

In this episode, Jeffrey is joined by Matthew Webster, founder, CEO and CISO for Cyvergence. Jeffrey and Matthew discuss movies where miscommunication...

Third Party Risk Management Doesn’t Stop When the Contract is Executed

10 Jul 2024

Contributed by Lukas

In this episode, Jeffrey talks to Melissa Mellen, Head of Third Party Risk Management for the Federal Reserve Bank of New York. They discuss movies th...

An Honest Look at Diversity and Inclusion in the Security Industry

03 Jul 2024

Contributed by Lukas

In this episode, Jeffrey talks to Octavia Howell, CISO at Equifax. Jeffrey and Octavia discuss movies that have done a good job at implementing divers...

If You’re Not Leading With Empathy, Are You Really Leading?

12 Jun 2024

Contributed by Lukas

In this episode, Jeffrey talks with Tammy Klotz, CISO of Trinseo. Recorded at the recent Gartner Security & Risk Management Summit, they discuss t...

The Trials and Tribulations of a Virtual CISO and Startup Advisor

05 Jun 2024

Contributed by Lukas

In this episode, Jeffrey talks to Tony Gonzalez, a former CTO, CIO and CISO in sectors such as biotech, pharma, specialty chemicals, finance and insur...

Getting the Cybersecurity Budget you Need Doesn't Just Happen

29 May 2024

Contributed by Lukas

In this episode, Jeffrey talks with Ira Winkler, CISO for CYE. They discuss their favorite low-budget movies and strategies for convincing decision-ma...

The Risk & Reels Mix Tape — Some of our Favorite Guests

22 May 2024

Contributed by Lukas

From time to time, it’s fun to look back and share snippets from some of our best conversations on the podcast. In this episode, you’ll hear cool ...

From Outsider to Cybersecurity Insider — Leaning into the Power of Transitions

15 May 2024

Contributed by Lukas

In this episode, Jeffrey talks to Mariana Padilla, co-founder and CEO of HACKERVERSE. Jeffrey and Mariana discuss movies (and TV shows) where the main...

Are You Really You? The Fascinating World of Identity Access Management

08 May 2024

Contributed by Lukas

In this episode, Jeffrey talks to Rick Patterson, CISO at CLEAR. They discuss movies about mistaken identities, the challenges and future of identity ...

Want to be a Successful CISO? Know Your Audience

01 May 2024

Contributed by Lukas

In this episode, Jeffrey talks to Marcos Marrero, CISO at H.I.G. Capital. Jeffrey and Marcos discuss their favorite music-themed movies, how CISOs mus...

There’s No Excuse to Ignore Supply Chain Cyber Risk

24 Apr 2024

Contributed by Lukas

In this episode, Jeffrey talks to JC Dodson, former CSO for BAE Systems and the founder of global risk, resilience, and response advisory firm JCarl G...

The Intersection of OT and ICS Security

10 Apr 2024

Contributed by Lukas

In this episode, Jeffrey talks to Mike Holcomb, Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor — one of the world's larg...

The Art of Managing — and Communicating — Third-party Security Risks

03 Apr 2024

Contributed by Lukas

In this episode, Jeffrey talks to Phillip Addison, manager of third-party cyber risk management for The Hershey Company. Jeffrey and Phillip discuss b...

What Makes a Great Modern CISO?

13 Mar 2024

Contributed by Lukas

In this episode, Jeffrey talks to Joe Head, a CISO coach and mentor with Intaso. They discuss “fish out of water” movies, the challenges related t...

Pearls of Wisdom from a ‘Been There, Done That’ CISO

06 Mar 2024

Contributed by Lukas

In this episode, Jeffrey talks to six-time CISO — and respected security thought leader — Jim Routh. They cover movies where miscommunication play...

The Ins and Outs of Fractional CISOs

28 Feb 2024

Contributed by Lukas

In this episode, Jeffrey speaks to Carlota Sage, founder and CEO of Pocket CISO, to discuss obscure movies with Elvis characters, the emergence of Fra...

The Funniest — or “Least Boring” — Man in Cybersecurity

21 Feb 2024

Contributed by Lukas

In this episode, Jeffrey talks to Keyaan Williams, Founder and CEO of Cyber Leadership and Strategy Solutions on his affinity for “The Long Kiss Goo...

Have Your CISO's Back

14 Feb 2024

Contributed by Lukas

In this episode Jeffrey speaks with David Anderson, vice president of cyber at Woodruff Sawyer to discuss why he dislikes heist movies, his love for r...

The Unpredictable Career Trajectory of a Cyber Professional

07 Feb 2024

Contributed by Lukas

Steve Magowan, CISO and CISSP and Jeffrey Wheatman talk about their favorite movies with a small world and how to build a career in cyber security. 

How to Make Businesses Care about Security

31 Jan 2024

Contributed by Lukas

Dr. Anna Belak, director, office of cybersecurity at Sydig and Black Kite's Jeffrey Wheatman discuss how to make security a business priority. 

Finding your Path

24 Jan 2024

Contributed by Lukas

Ang Brown from TCM Security and Jeffrey Wheatman talk career paths and finding security. 

Positivity, Privacy, and Pressure

17 Jan 2024

Contributed by Lukas

Debbie Reynolds the Data Diva and Founder for Debbie Reynolds Consulting, and Jeffrey Wheatman talk about privacy in our modern world. 

The Unlikely Hero

10 Jan 2024

Contributed by Lukas

Jason Ozin,  CISO for PIB Group joins Jeffrey Wheatman, SVP Security Evangelist for Black Kite to  discuss unlikely heroes and the role of the CISO.

Heists, Fraud and Cons; Oh My!

15 Nov 2023

Contributed by Lukas

During this Podcast Jonathan Care, Advisor at Lionfish and former Gartner Analysts, talks scams, cons and frauds and why they still work. 

Can You See the Real Threats? | S2 Ep. 9 with Patrick Garrity

01 Nov 2023

Contributed by Lukas

Patrick Garrity talks about the real threats, prioritizing vulnerabilities and movies where someone thinks they know what is going on and is wrong. 

Tackling Risk | S2 Ep. 8 with Tomás Maldonado

25 Oct 2023

Contributed by Lukas

Join us as Tomas Maldonado, CISO for the NFL and Jeffrey Wheatman, Black Kite Cyber Risk Evangelist discuss the best sports movies, the challenges of ...

Building a Successful Security Program from Scratch | S2 Ep. 7 with George Al-Koura

18 Oct 2023

Contributed by Lukas

During this episode George Al-Koura, CISO at Ruby and co-host of the Bare Knuckles & Brass Tacks podcasts shares his insights on building security...

The Overlap of Physical Security into Digital | S2 Ep. 6 with Angela Dogan

10 Oct 2023

Contributed by Lukas

Meet Dr. Angela Dogan, the Associate Director for IT Cloud Computing at Kyndryl. Join us to talk about the Halloween movies, twists and turns, physica...

Security Operations: Learning what works | S2 Ep. 5 with Anton Chuvakin

02 Oct 2023

Contributed by Lukas

Meet today's guest: Dr. Anton Chuvakin, an advisor at the Office of the CISO of Google Cloud. Join us to chat about sci-fi movies, technology predicti...

Security Architecture and what the structure entails | S2 Ep. 4 with Evgeniy Kharam

25 Sep 2023

Contributed by Lukas

Jeffrey Wheatman is joined in this episode by Evgeniy Kharam, a fellow Cyber Evangelist! Today we are discussing learning from your mistakes, Avatar, ...

Why open standards matter for streamlined cybersecurity | S2 Ep. 3 with David Mahdi

18 Sep 2023

Contributed by Lukas

This week we have Jeffrey's old friend and colleague: Dave Mahdi, the current CIO (Chief Identity Officer) for Transmit Security. Join us to chat abou...

Prioritizing cybersecurity in the world of CISO burnout | S2 Ep. 2 with Rob Black

11 Sep 2023

Contributed by Lukas

In this episode, join Jeffrey and Rob Black, CISSP, the founder and CEO of Fractional CISO. Buckle up to talk about Stephen King, Barbenheimer,  and ...

Cybersecurity in the realm of Higher Education around the world | S2 Ep. 1 with Luqman Kondeth

05 Sep 2023

Contributed by Lukas

Welcome to SEASON TWO of Risk and Reels! Get ready to talk about Indian film festivals, Abu Dhabi, cyber security within higher education (with an emp...

The Bright Future of Public/Private Partnership in Cybersecurity | SEASON 1 FINALE Ep. 17 with Bailey Bickley

30 May 2023

Contributed by Lukas

True crime, storytelling, Big Fish, the partnership between private sector and public sector, the new White House cybersecurity policy, power of stron...

From the Military to IT and Cybersecurity | Ep. 16 with Lewis Heuermann

22 May 2023

Contributed by Lukas

Charlie and the chocolate factory, Tom Hanks, the Military, culture shifts, precision, training, accountability, the why for the what. Join Jeffrey W...

Investing in Cyber and AI in 2023 | Ep. 15 with Rick Grinnell

15 May 2023

Contributed by Lukas

Comedies, Young Frankenstein, History of the World, artificial intelligence, investments in cybersecurity, AI investors, third party risk, ChatGPT, th...

Cybersecurity in Higher Education – over the years and today | Ep. 14 with Gretchen Ruck

08 May 2023

Contributed by Lukas

80s movies, Animal House, cyber in higher education, university CISOs, managing student data, healthcare within universities, compliance requirements,...

The People of Cyber: Diversity, Education and Empowerment | Ep. 13 with Juliana Vida

01 May 2023

Contributed by Lukas

The Admiral, A Christmas Story, new policies, the New White House Cybersecurity Policy, information security importance, DEI, diversity in cyber, gove...

How to use cybersecurity tools properly to meet regulations | Ep. 12 with Larry Whiteside

24 Apr 2023

Contributed by Lukas

Crafty hackers, super-smart villains, speaking the business language, GRC tools, risk and regulatory correlations, reg ops, being compliant, meeting r...

Building a third-party risk program from the ground up | Ep. 11 with Tom Garrubba

17 Apr 2023

Contributed by Lukas

SPECIAL double-time episode. Hear from Tom Garrubba, the Director of Third-Party Risk Management Services at Echelon Risk + Cyber and he talks through...

Threat Modeling in STRIDE, the basis for cybersecurity. | Ep. 10 with Matt Stamper

10 Apr 2023

Contributed by Lukas

Forrest Gump, threat modeling, animal farm, application weaknesses, business impact analyses, resilience, accountability, and stride. Tune into the la...

Productive risk processes = *truly* reducing risk. How has TPRM shifted? | Ep. 9 with Bob Maley

03 Apr 2023

Contributed by Lukas

Star Wars, Star Trek, third party risk management, fallen heroes, best practices, triaging risk, cyber posture, the cloud, vendor access, productive r...

Talking with the former Director of Cybersecurity Coordination for the U.S. Dept. of Homeland Security | Ep. 8 with Mike Brown

27 Mar 2023

Contributed by Lukas

Jeffrey speaks with the former Director of Cybersecurity Coordination for the U.S. Dept. of Homeland Security, Mike Brown, about strategic, tactical, ...

With a plethora of emerging AI, where does the cybersecurity industry stand? | Ep. 7 with Eric Cowperthwaite

20 Mar 2023

Contributed by Lukas

Musicals, emerging AI, and understanding the risk within your third-party ecosystem. Our guest this week is Eric Cowperthwaite, COO at Threathunter.ai...

Managing the risk you quantify is half the battle | Ep. 6 with David Elfering

13 Mar 2023

Contributed by Lukas

Black and white films, photography, risk quantification, FAIR, (ROI), the business case for risk, risk scenarios, sea monsters, and PII. Our guest thi...

It’s the dog that caught the car - how can security programs properly mature? | Ep. 5 with Dave Lewis

06 Mar 2023

Contributed by Lukas

John wick, curiosity, organizational changes over time, security debt, risk appetite, chatGPT, dogs running around, and taking security seriously. Joi...

The anatomy of the 2023 Black Kite Third Party Breach Report | Ep. 4 with Ferhat Dikbiyik

20 Feb 2023

Contributed by Lukas

Third party attacks, common ways hackers target companies, Turkish movies, outsmarting the bad guys, and the trajectory of 2023 data breaches. Listen ...

“We’ve always done it that way.” Why we *shouldn’t.* | Ep. 3 with Patti Titus

13 Feb 2023

Contributed by Lukas

Security starts with people. Process requires purpose. | Ep. 2 with Brian Reed

13 Feb 2023

Contributed by Lukas

People, process, tools, tech, Ocean’s Eleven, movie remakes, and a recession. Security is people-centric, and tools cannot exist independently. Lear...

Who's a hacker? | Ep. 1 with Jayson Street

13 Feb 2023

Contributed by Lukas

Hackers, curiosity, security, pen-testers, kindness, analogies and Hollywood criminals. Welcome to the first episode of Risk and Reels with Jeffrey Wh...

Introducing Risk and Reels: A Cybersecurity Podcast

06 Feb 2023

Contributed by Lukas

It's me, Jeffrey. And the first three episodes of my new podcast release on February 13th. I want YOU to tune in and experience the fun and knowledge ...