CISO Series Podcast
Now That You Mention It I HAVE Heard Some Hype Around These AI Tools

We're all drowning in AI hype. The early days of being amazed by what consumer-grade LLMs can do are behind us. How do we find the actual value for organizations? It's one thing to have a new way to scale an old process, but where is AI helping us solve things in new ways?

This week’s episode is hosted by David Spark, producer of CISO Series and Mike Johnson, CISO, Rivian. Joining them is Erwin Lopez, CISO, SLAC National Accelerator Laboratory.

Listen to the full episode here.

The AI experimentation phase isn't optional

We've exited the wonderment stage of AI in cybersecurity. Now we're trying to hammer out the use cases. Organizations need to be focused on delivering value in this phase, as argued in a Forbes piece by Justin Warren from PivotNine. No one cares what shiny new toy you used, just that it works. As AI advances are getting more incremental, it's more incumbent than ever to experiment; the tech itself might not grow capabilities by leaps and bounds. Scaling old solutions with AI is table stakes. The best way to survive will be to figure out how to use the tech to solve new problems.

When selling security becomes the hardest part of the job

Keeping ahead of technical considerations is tough enough in cybersecurity. But the constant need to evangelize security within your own organization is downright exhausting. "I got tired of convincing people on the importance of security," shared a frustrated CISO on the cybersecurity subreddit. While some dismissed this as a first-world problem, others recognized this is how we end up with a burned-out industry. The hardest part of being a CISO isn't protecting against sophisticated threats. A lot of people get into the industry for that. But no one wants to constantly explain the same risks to stakeholders who don't want to listen.

Threat actors aren't hacking in anymore

Threat actors have figured out it's way easier to compromise credentials than exploit some novel vulnerability. Why break in when you can come through the front door? This well-known attacker playbook requires all defenders to assume breach from day one. That's why it's important to implement phish-resistant multifactor authentication, behavioral analytics to catch abnormal user activity, strategic honeypots to detect lateral movement, and zero-trust verification that never stops questioning. Your adversaries are probably already inside. Focus your defenses accordingly.

We build, we bond, and we can't bear to let go

We love the children that we nurture and watch them grow, even if they do make some mistakes, or maybe the same mistakes over and over. This can be analogous to overvaluing custom solutions you've built even when superior store-bought alternatives emerge. Steven Thomson of TJX Companies lived this firsthand, spending three years trying to migrate from a deteriorating on-premises Splunk deployment. The emotional investment in it made change feel impossible. Letting go felt like admitting their work was worthless. The decision to abandon custom builds should be driven by practical considerations rather than sweat equity: maintenance costs, single points of failure, and whether the solution still serves business objectives. No matter how long it took to put it together, sometimes it's got to go on the curb. Let it be somebody else's problem.

Listen to the full episode on our blog or your favorite podcast app, where you can read the entire transcript. If you haven’t subscribed to the CISO Series Podcast via your favorite podcast app, please do so now.

Thanks to Jason Keirstead of Simbian for providing our "What's Worse" scenario.

Huge thanks to our sponsor, ThreatLocker

Subscribe
Subscribe to CISO Series Podcast

Please subscribe via Apple Podcasts, Spotify, YouTube Music, Amazon Music, Pocket Casts, RSS, or just type "CISO Series Podcast" into your favorite podcast app.

Security You Should Know
Exploring Storage Control with ThreatLocker

User-based access controls are inadequate. Attackers know that users inherit their full permissions. When ransomware executes under a user's account, its game over. Traditional role-based access control simply cannot address the core problem: why should every app need access to all your data?

In this episode, Rob Allen, chief product officer at ThreatLocker, explains how their Storage Control solution addresses these challenges by implementing program-level access restrictions that work alongside traditional user permissions. Joining him are Jonathan Waldrop, CISO-at-large, and Nick Ryan, former CISO at RSM.

Read the full article here.

Thanks to our podcast sponsor, ThreatLocker

Subscribe
Subscribe to Security You Should Know

Please subscribe via Apple Podcasts, Spotify, Amazon Music, Pocket Casts, RSS, or just type "Security You Should Know" into your favorite podcast app.

Biggest mistake I ever made in security…

“Can't believe I'm admitting this, but right before vacation, I ended up blocking an entire top-level domain, co.uk, from my work specifically. So, anybody trying to go to any UK sites that were commercial, they were blocked, and that was on the day before I went on vacation.“ - Erwin Lopez, CISO, SLAC National Accelerator Laboratory

Listen to the full episode of “Now That You Mention It I HAVE Heard Some Hype Around These AI Tools”

What New Risks Does AI Introduce?

"What’s different about AI is that it’s a decision-making surface area. These systems can be used to shape, mislead, or overwhelm human and machine cognition. That’s a fundamentally different kind of security flaw that organizations now have to address." - Kara Sprague, CEO, HackerOne

Listen to the full episode of “What New Risks Does AI Introduce?”

Subscribe to our newsletters on LinkedIn!

CISO Series Newsletter - Twice every week

Cyber Security Headlines Newsletter - Every weekday

Security You Should Know Newsletter - Weekly

Reddit ‘Ask Me Anything’ – September 2025

Our monthly AMA on r/cybersecurity on Reddit has begun! Our topic is "I’m a security professional who had to clean up a mess. Ask Me Anything."

We’ve assembled a panel of security leaders to discuss a topic many professionals know firsthand: cleaning up after a cybersecurity mess. They’re here all week to share how they handled tough situations, what they learned, and how those lessons can help others facing similar challenges.

Please ask questions for our participants here.

This month’s participants are:

• Dan Holden, (u/desmondholden), CISO, BigCommerce

• Montez Fitzpatrick (u/Beneficial-Expert635), CISO, NavVis

• Steve Zalewski (u/cybersecsteve), co-host, Defense in Depth

• Nick Espinosa (u/NickAEsp), host, The Deep Dive Radio Show

• Bil Harmer, CISSP, CISM, CIPP (u/wilharm3), information security advisor, Craft Ventures

Thanks to all of our participants for contributing!

LIVE!
Cyber Security Headlines - Week in Review

Make sure you register on YouTube to join the LIVE "Week In Review" this Friday for Cyber Security Headlines with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be Brett Conlon, CISO, American Century Investments.

Thanks to our Cyber Security Headlines sponsor, Conveyor

Super Cyber Fridays!
Join us Friday for “Hacking Security Theater”

Join us on Friday, September 26, 2025, for Super Cyber Friday: “Hacking Security Theater: An hour of critical thinking about compliance checkboxes that don't actually improve security.”

It all kicks off at 1 PM ET / 10 AM PT, when David Spark will be joined by Alexandra Landegger, global head of cyber strategy & transformation, RTX, and Jonathan Waldrop, CISO-at-large, for an hour of insightful conversation and engaging games. And at 2 PM ET / 11 AM PT, stick around for our always-popular meetup, hosted right inside the event platform.

Register Now

Thank you!
Thank you for supporting CISO Series and all our programming

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.