Menu
Sign In Search Podcasts Charts People & Topics Add Podcast API Blog Pricing
Podcast Image

The Virtual CISO Podcast

Technology

Activity Overview

Episode publication activity over the past year

Episodes

Showing 1-100 of 157
Page 1 of 2 Next → »»

Episode 156: AI Security: Threat Modeling & Pipeline Evolution with Jason Rebholz

25 Feb 2026

Contributed by Lukas

Episode 155: Incident Response Testing in Cloud Forward Organizations with Matt Lea

17 Dec 2025

Contributed by Lukas

Ep 154: How DORA Will Impact US Companies with Dejan Kosutic

06 Nov 2025

Contributed by Lukas

Ep 153: Inside ISO 42001: The Future of AI Governance with Danny Manimbo

22 Sep 2025

Contributed by Lukas

EP 152: Granular, Persistent, Zero Trust: The Case for File-Level Security

12 Aug 2025

Contributed by Lukas

EP 151: Trust, But Verify: How HITRUST is Reshaping Assurance

01 Jul 2025

Contributed by Lukas

In this episode of the Virtual CISO Podcast, host John Verry and guest Chris Schaeffer discussthe HITRUST framework, its evolution, and its significan...

Ep 150: Is OSCAL the Future of Security Documentation (& FedRAMP)?

29 Apr 2025

Contributed by Lukas

In this episode of the Virtual CISO Podcast, John Verry speaks with Kenny Scott, founder and CEO of Paramify, about the challenges of cyber risk manag...

Ep 149: Unlocking the Future: Passkeys and Passwordless Authentication with Anna Pobletts

06 Mar 2025

Contributed by Lukas

Episode 148: Cloud Detection & Response

11 Feb 2025

Contributed by Lukas

In this episode, John Verry interviews Eric Gumanofsky, Vice President for Product Innovation at Tenable Security, about the concept of Cloud Detectio...

Episode 147: Why vCISO Engagements Fail

29 Jan 2025

Contributed by Lukas

In this episode, John Verry and Matt Webster discuss the evolving landscape of virtual CISO services, exploring the common pitfalls and failures assoc...

Episode 146: Dark Web Monitoring

07 Jan 2025

Contributed by Lukas

In this conversation, John Verry interviews Steph Shample, Cybercrime Analyst for DarkOwl, about the dark web and its implications for cybersecurity p...

Episode 145: CMMC: The Final Rule

02 Dec 2024

Contributed by Lukas

In this episode of the Virtual See-So Podcast, host John Verry speaks with Sanjeev Verma, chairman and co-founder of Prevail, about the intricacies of...

Episode 144: TxRAMP or StateRAMP or AZRAMP or FedRAMP? What’s right for your company?

17 Oct 2024

Contributed by Lukas

In this episode of The Virtual CISO Podcast, your host John Verry is joined by Mike Craig to break down the differences between FedRAMP, TxRAMP, AZRAM...

Episode 143: Is Decentralized Proof of Security Leveraging Blockchain the future of Cybersecurity?

23 Sep 2024

Contributed by Lukas

In this episode of The Virtual CISO Podcast, your host, John Verry, sits down with David Carvalho, a cryptography and cybersecurity expert with over 2...

Episode 142: CNAPP - Secure Cloud Apps in a Snap

21 Aug 2024

Contributed by Lukas

Episode 141: Stopping Business Email Compromise with a Novel Malicious File Reconstruction Approach

11 Jul 2024

Contributed by Lukas

In this episode of The Virtual CISO Podcast, your host, John Verry, engages in a conversation with Aviv Grafi, CTO and founder of Votiro, as they disc...

Episode 140: DIB/CMMC Cybersecurity – Interesting Observations from a Significant Study

27 Jun 2024

Contributed by Lukas

Join us for an engaging episode of the Virtual CISO Podcast with host John Verry. This episode features Chris Petersen, co-founder of LogRhythm and cu...

Episode 139: How adding Crisis Management to your Incident Response Plan can save your bacon?

07 Jun 2024

Contributed by Lukas

Join us for an engaging episode of the Virtual CISO Podcast with host John Verry. This episode features Kevin Dinino, President of KCD PR, who delves ...

Episode 138: Is Consuming SaaS an Information Security Faustian Bargain? w/ William Eshagh

16 May 2024

Contributed by Lukas

Episode 137: Strategies and Insights w/ Sagi Brody

01 May 2024

Contributed by Lukas

Episode 136: AI Risk Management – Is ISO 42001 the Solution? w/ Ariel Allensworth

10 Apr 2024

Contributed by Lukas

Episode 135: Can Distributed Ledger Technology Simplify Privacy Compliance? W/ Zenobia Godschalk

28 Mar 2024

Contributed by Lukas

In this episode of The Virtual CISO Podcast, your host, John Verry, engages in a conversation with guest Zenobia Godschalk, Senior Vice President of H...

Episode 134: Understanding TISAX w/ Alexander Häusler

11 Mar 2024

Contributed by Lukas

Kubernetes Security – Simplified Shauli Rozen, CEO of ARMO

27 Feb 2024

Contributed by Lukas

In this episode of The Virtual CISO Podcast, your host, John Verry, engages in a conversation with guest Shauli Rozen, CEO and Co-Founder of ARMO, exp...

Episode 132: Optimize Your SOC 2 - Lessons Learned from the 2023 Benchmark Study w/ Scott Woznicki

09 Feb 2024

Contributed by Lukas

Episode 131: The New CMCC Proposed Rule w/ Jeff Carden & Warren Hylton

02 Feb 2024

Contributed by Lukas

Episode 130: Revolutionizing Security Training with Kevin Paige CISO and VP of Product Strategy at Uptycs

15 Jan 2024

Contributed by Lukas

Episode 129: Empowering Diversity in the Cybersecurity Industry with Larry Whiteside Jr.

04 Jan 2024

Contributed by Lukas

Episode 128: Understanding the ISO 27001:2022 Update with Andrew Frost and Leigh Ronczka

19 Dec 2023

Contributed by Lukas

In this episode of The Virtual CISO Podcast, your host, John Verry, sits down with Andrew Frost and Leigh Ronczka of CBIZ Pivot Point Security to disc...

Ep 127: The Future of Security: Unraveling the World of Social Engineering

19 Dec 2023

Contributed by Lukas

Ep 126: Unlocking AI's Potential: Risks, Optimism & Challenges in the Current Wave of AI Technology

21 Nov 2023

Contributed by Lukas

Ep: 125 - Understanding the New FTC Safeguards Rule: Key Changes and Requirements Explained

08 Nov 2023

Contributed by Lukas

Tune into an insightful conversation with Jeremy Price, co-leader of a national cybersecurity practice. In this engaging discussion, Jermey explains t...

An Introduction to AI and its Place in the Work Place with CEO of Private AI Patricia Thaine

10 Oct 2023

Contributed by Lukas

Join us for an insightful conversation with Patricia Thaine, Founder and CEO of Private AI, as we delve into the world of artificial intelligence, lan...

Ep 123: Navigating IT-OT Dynamics: Cybersecurity, Integration, and Collaboration

22 Sep 2023

Contributed by Lukas

Ep 122: Navigating New Horizons: CMMC, NIST 800-171 Updates, and Compliance Insights

31 Aug 2023

Contributed by Lukas

In this episode of the "Virtual CISO Podcast," your host John Verry speaks with guest Warren Hylton, a FedRisk consultant at CBIZ Pivot Point Security...

Ep 121: Strategies for Reducing the Cost of Your Cyber Liability Insurance Policy

11 Jul 2023

Contributed by Lukas

Like many other businesses, law firms are at significant risk of cyber-attack and increasingly are turning to cyber liability insurance (CLI) to trans...

Ep 120: A FedRAMP ATO – The Good, The Bad, and the Ugly

20 Jun 2023

Contributed by Lukas

To do wide-scale business within the US federal government, cloud service providers (CSPs) need a FedRAMP ATO. The prospect can be daunting as few CSP...

Ep 119: What is a Microservice Architecture and how do I secure it?

30 May 2023

Contributed by Lukas

Whatever kind of software application a team is building, the identification and remediation of cybersecurity issues needs to be part of every stage o...

Ep 118: The Simplest Way to Transition from ISO 27001:2013 to ISO 27001:2022

16 May 2023

Contributed by Lukas

If you are ISO 27001 certified, or considering it, you are likely wondering how the transition from ISO 27001:2013 to ISO 27001:2022 affects you. With...

Ep 117: Eight Key Takeaways from the RSA 2023 Conference

04 May 2023

Contributed by Lukas

In this week's episode of the Virtual CISO podcast, your host John Verry, Pivot Point Security CISO and Managing Partner, shares his valuable insights...

Ep 116: What is an SBOM & Why Are My Customers Suddenly Asking for One?

25 Apr 2023

Contributed by Lukas

With the release of President Biden’s Executive Order 14028 on “Improving the Nation’s Cybersecurity” from May 2021 the US public and private ...

Ep 115: If Your Asset Management Sucks, Your Security Sucks

11 Apr 2023

Contributed by Lukas

Asset management is a crucial aspect of information security. It refers to the processes and procedures involved in identifying, organizing, tracking,...

Ep 114: 4 Tactical Steps To Implementing DevSecOps In 2023

28 Mar 2023

Contributed by Lukas

DevSecOps is the practice of integrating security testing at every stage of the software development process. With DevSecOps, training and educating a...

Ep 113: Should we be in Microsoft 365 GCC, GCC High, or Commercial?

14 Mar 2023

Contributed by Lukas

Microsoft 365 was launched in 2011 in hopes of revolutionizing cloud-powered productivity platforms. Since then, Microsoft 365 has grown to the point ...

Ep 112: When should you move to ISO 27001:2022?

28 Feb 2023

Contributed by Lukas

ISO 27001:2022 is the first update to the global "gold standard" for provable cybersecurity in ten years. Notable changes from the 2013 version will l...

Ep 111: How to use the Software Assurance Maturity Model (SAMM) to Build Highly Secure Applications

14 Feb 2023

Contributed by Lukas

The “buzz” in building more secure applications is “shift security left,” which means integrating security into and throughout the Software De...

Ep 110: Understanding TISAX (Trusted Information Security Assessment Exchange)

31 Jan 2023

Contributed by Lukas

Trusted Information Security Assessment Exchange (TISAX) is a vendor due diligence standard used in the automotive industry to verify that third-party...

Ep 109: Understanding How Cybercriminals Operate Can Protect Your Business

17 Jan 2023

Contributed by Lukas

In today’s cyber landscape, business leaders and security professionals need every edge they can gain to better protect their organizations and plan...

Ep 108: Understanding the Legalities Around CUI

03 Jan 2023

Contributed by Lukas

Orgs in the DIB need to protect CUI in alignment with the NIST 800-171 cybersecurity standard—and soon the Cybersecurity Maturity Model Certificatio...

Ep 107: An AWS Security Guru’s Recommendation for Securing your AWS Infrastructure

20 Dec 2022

Contributed by Lukas

Over 90% of security breaches in the public cloud stem from user error, and not the cloud service provider. Today, your host John Verry sat down with ...

Ep 106: Strategies to Manage Cybersecurity through an Economic Downturn

13 Dec 2022

Contributed by Lukas

Managing Cybersecurity through an Economic downturn is no easy task. With increasing concerns on how to stay secure and compliant in a down economy, J...

Ep 105: Solving the Problems of Cloud Native Apps.

29 Nov 2022

Contributed by Lukas

Building Cloud Native Applications can bring about many operational and security problems. Today, we sat down with an expert in this field to talk abo...

Ep 104: Is Digital Business Risk Mgt. The Future of ASM

15 Nov 2022

Contributed by Lukas

Digital Business Risk Management helps companies track and disrupt the most advanced bad actors.  Team Crymu specializes in Digital Business Risk Man...

Ep 103: The Complexity of Deploying a Secure Application in the Cloud

01 Nov 2022

Contributed by Lukas

Governance, Risk, and Compliance (GRC) platforms can be tricky to construct.  Today, we sat down with an expert in this field to talk about building ...

Ep 102: The Intersection of Privacy and Security

25 Oct 2022

Contributed by Lukas

You cannot have privacy without security. While they once existed quite distinct from one another, they are now so delicately woven that they are near...

Ep 101: Most Asked CMMC Questions

14 Oct 2022

Contributed by Lukas

CMMC (Cybersecurity Maturity Model Certification) can raise many red flags and concerns - As CMMC rulemaking approaches in 2023, we take a break from ...

Ep 100: The Two Audiences For Privacy & How They Drive Data Collection

13 Sep 2022

Contributed by Lukas

This marks our 100th episode of The Virtual CISO and an insightful journey into having the opportunity to have frank discussions with thought leaders ...

Unpacking Critical Elements of Supply Chain Risk Management

30 Aug 2022

Contributed by Lukas

Supply chain risk management can prove to be a slippery slope—why should you take pains to conduct a proper risk assessment, and how do they impact ...

Breaking Down the Latest in Software Security Standards & the Impact on SaaS Businesses

16 Aug 2022

Contributed by Lukas

What are the merits of the Software Assurance Maturity Model (SAMM), and how does it differ from the Application Security Verification Standard (ASVS)...

What You Need to Know about APIs and API Security

09 Aug 2022

Contributed by Lukas

Application development is moving from a web-centric world to an API-centric world. If you’re wondering what that looks like, what the security impl...

How to Measure the Value of Information Security

02 Aug 2022

Contributed by Lukas

Most recognize the value preservation in cybersecurity. But forward thinking professionals also see the value creation in having a secure information...

Understanding NIST’s Secure Software Development Framework

26 Jul 2022

Contributed by Lukas

What exactly is a Software Development Life Cycle, and how does NIST’s Secure Software Development Framework impact that cycle and your organization...

US Gov. Cybersecurity Roadmap: Where it came from and Where is it Going?

19 Jul 2022

Contributed by Lukas

Today, information is worth more than riches. The new currency is data. With this being true, the state of cybersecurity within the upper branches of ...

Confronting the Wild West of Database Security

12 Jul 2022

Contributed by Lukas

Don’t wait for an emergency; secure your database correctly right out of the gate. Think of everything outside of your database as the wild west.  ...

Bridging the Gap Between Cybersecurity and the Business World

28 Jun 2022

Contributed by Lukas

Ron Gula, President and Co-Founder of Gula Tech Adventures, has a very specific goal: To defend the country in cyberspace by investing in companies an...

Legal and Infosec strategies to deal with exploding Cyber Liability Insurance premiums

21 Jun 2022

Contributed by Lukas

There’s no denying that cybersecurity risks in the workplace have increased exponentially in recent years. From the pandemic causing employees to wo...

Important Clarifications on CMMC v2 from CMMC Day May 9, 2022

14 Jun 2022

Contributed by Lukas

To invest in CMMC or to not invest in CMMC, that is the question. CMMC (Cybersecurity Maturity Model Certification) is a lofty yet necessary investme...

The Past, Present and Future of Cybersecurity From the Viewpoint of a Venture Capitalist

07 Jun 2022

Contributed by Lukas

Alberto Yépez joins the show to share his perspective as a venture capitalist working to help entrepreneurs build Cybersecurity businesses. He start...

Understanding Attack Surface Management and How It Applies to Your Cyber Security Strategy

24 May 2022

Contributed by Lukas

We’ve spent the last two and a half years with rapidly rising cloud adoption. It was a rocket ship before that, but the COVID-19 pandemic has only a...

The Convergence of Physical & Cyber Security and the Impact to Cyber Security Professionals

17 May 2022

Contributed by Lukas

As technology advances, there will always be new threats from malicious actors seeking to exploit these advancements — whether that be in the digita...

What CMMC 2 Guidance Means for Managed Service Providers (MSPs)

10 May 2022

Contributed by Lukas

As the implementation of CMMC by the DIB picks up pace, the frequently shifting requirements can be daunting — especially when the guidance is alrea...

8 Ingredients for Baking Inclusivity into Your Culture

03 May 2022

Contributed by Lukas

Inclusivity and diversity aren’t just about who you hire — it’s about the culture you create. Sure, you can get talent from all walks of life, b...

Becoming More Efficient w/ a Cloud-Native Approach

19 Apr 2022

Contributed by Lukas

What if you could be proactive in your approach to cloud data security rather than a reactive one once the attack has been made? This is exactly the s...

Use the CSA Cloud Controls to Maximize Your Security & Reduce Your Risk of Breach

05 Apr 2022

Contributed by Lukas

Even before the pandemic, the majority of businesses were already moving to the cloud.   Now, it seems you can’t do business without it.  Which m...

Ongoing Challenges in CMMC

29 Mar 2022

Contributed by Lukas

CMMC has come a long way in recent years… But organizations still face plenty of challenges navigating the guidance. What are the biggest hurdles an...

Is Open Source the Future of Endpoint Security

22 Mar 2022

Contributed by Lukas

Open source is a transparency issue. Being able to see what code is running on your computer — as well as what’s being monitored — gives you pra...

The AWS Approach to Provable Security

15 Mar 2022

Contributed by Lukas

Traditionally, companies have relied on the promises of vendors when it comes to reaffirming their security stance. However, LimaCharlie has a far mor...

What Does the New ISO 27002 Update Mean for You?

01 Mar 2022

Contributed by Lukas

After years, ISO 27002 is finally here.  What does that mean for your business?  Luckily, the transition should be pretty seamless…  But if you’...

CMMC 2.0 & Continuous Compliance w/ Andrea Willis

15 Feb 2022

Contributed by Lukas

If you look around at what’s happening in the world of cybersecurity, you’ll notice one thing:    Security never stops…   Which means nei...

8 Information Security Predictions for 2022

04 Feb 2022

Contributed by Lukas

We’ve had another bumpy year in 2021. So, what’s coming down the pike in 2022? And what impact will the ongoing information security challenges of...

Government Security Guidance: How We Got Here

28 Jan 2022

Contributed by Lukas

NIST, ISO, CMMC… If you’re beholden to government security guidance — and let’s face it, if you’re a company operating in the US, you very ...

How Hardware Hackers Exploit IoT Vulnerabilities w/ Joe Grand

16 Dec 2021

Contributed by Lukas

You’ve probably heard the hype: IoT is the next frontier in the information revolution that promises to make all our lives easier… And that’s do...

Bridging the Gap Between Security & Development Teams w/ Harshil Parikh

09 Dec 2021

Contributed by Lukas

There is an age-old conflict between security and development teams. Development teams are focused on time-to-market and packing features into the pr...

Why Cloud Is More Secure Than Your Average On-Prem Solution w/ Mark Richman

02 Dec 2021

Contributed by Lukas

What’s more secure? A cloud-based or on-prem document management system? It’s a question that gets asked a lot in our industry. So, I invited Ma...

How Configuration Management Makes Security Simple w/ Brian Hajost

23 Nov 2021

Contributed by Lukas

Configuration management is the best kept secret in security. Not only will it save time and money, it also helps you marry compliance and security —...

CMMC 2.0 is Here! Find Out What It Really Means for DIB and Non-DIB USG

12 Nov 2021

Contributed by Lukas

The US Department of Defense (DoD) has just announced CMMC 2.0, a new strategic direction for its cybersecurity program based on public comment and in...

How Simply Cyber Helps People Pivot to a Cybersecurity Career w/ Gerald Auger

10 Nov 2021

Contributed by Lukas

A lot of people want to break into cybersecurity. And why not? Where else can you have a blast, work with really smart people, earn a great living, ha...

Can You Benefit from Attack Surface Management? w/ Steve Ginty

29 Oct 2021

Contributed by Lukas

In a world where new vulnerabilities appear seemingly every minute, threat intelligence is more important than ever. And one of the most intriguing a...

Why Continuous Compliance Matters More than Ever w/ Mosi Platt

21 Oct 2021

Contributed by Lukas

As public trust in technology erodes — for the first time — it’s clear that we need to reevaluate our approaches to security and compliance. Th...

How HIPAA Compliant Email is Revolutionizing Healthcare w/ Hoala Greevy

06 Oct 2021

Contributed by Lukas

When it comes to healthcare InfoSec, it’s the Wild West. Most healthcare organizations just don’t have the necessary IT budgets to make it a prior...

Private Practices: How to Prioritize Privacy in Your Organization w/ Jason Powell

27 Sep 2021

Contributed by Lukas

In the U.S., it’s easy to look at overseas privacy legislation like GDPR and conclude it’s a reaction to worrying data practices from today’s te...

Why Information Security Is Key to Business Strategy w/ Chris Dorr

16 Sep 2021

Contributed by Lukas

Chess legend Bobby Fischer once said that winning tactics flow from a superior position. Bobby Fischer would have made a great CISO. That’s beca...

Head in the Clouds: Multi-Cloud Security & Governance w/ John Grange

10 Sep 2021

Contributed by Lukas

How well do you know what’s happening in your cloud? With so many people in an organization able to access it, managing and tracking every change ...

Can We Predict Security Threats w/ Machine Learning? w/ Johnna Verry

02 Sep 2021

Contributed by Lukas

Every CISO’s dreams is moving from reactive security to purely proactive security posture. In an era of big data and technological advancements in...

What People Get Wrong About ISO 27001 Compliance

26 Aug 2021

Contributed by Lukas

Just because ISO 27001 suggests a control, doesn’t mean you have to have it – in fact, you could be hurting yourself if you do by wasting money an...

Bridging the Gap Between Traditional Compliance & DevOPs w/ Raj Krishnamurthy

18 Aug 2021

Contributed by Lukas

Traditional compliance approaches have served us well for years… But they just don’t cut it anymore. We need an approach to compliance that mov...

A Guide for Validating Your Security Process w/ John Verry

11 Aug 2021

Contributed by Lukas

In this special episode, we’re sharing a guest appearance John made on The Perfect Storm. During that episode, he shared how Pivot Point Security he...

Governing Cybersecurity: A Process for Becoming Provably Secure & Compliant w/ John Verry

04 Aug 2021

Contributed by Lukas

Today’s special episode was inspired by a conversation we had with a then potential, now current client of ours at Pivot Point Security. In discus...

The Cybersecurity Executive Order: What You Need to Know w/ Scott Sarris

27 Jul 2021

Contributed by Lukas

In the wake of the SolarWinds fiasco, a new executive order mandates practices to prevent future attacks… How well does it address the threats? An...

Your Passwords Are Failing You w/Josh Amishav-Zlatin

20 Jul 2021

Contributed by Lukas

By the time you think of a ‘new’ password, attackers already have a way to crack it. Josh Amishav-Zlatin, Founder & Technical Director at Brea...
Page 1 of 2 Next → »»