Explore Cisco
How to Buy

Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Security Stories Podcast Archives

Insights for security leaders, by security leaders

Discover the unique, inspiring, and often amusing stories behind what it takes to lead cybersecurity efforts in an organization. The Security Stories podcast features interviews with a diverse range of guests, each sharing their experiences for the benefit of others in the industry.

1: From the battlefield to the boardroom: Mick Jenkins MBE

Our special guest this episode is Mick Jenkins MBE, CISO for Brunel University London. Mick is a former counterterrorist officer and published novelist, and has led some incredibly innovative changes at his organization to turn their cybersecurity approach around.

2: Democratizing security: Wendy Nather

Wendy Nather, Head of Advisory CISOs at Cisco Duo, joins us for the latest episode of Security Stories. Wendy discusses how we can involve users in our security practices, rather than blaming them when they fall foul of the rules. And she comes up with a unique idea for shaking up the industry.

3: Protecting democracy, and how to spot manipulation tactics online: Theresa Payton

In episode 3 we meet Theresa Payton, the first female CIO of The White House and one of Security Magazine's top 25 Most Influential People in Security. Theresa is a respected authority on security and intelligence operations and the author of books on data privacy and election hijacking.

4: Building the best cybersecurity team: Mark Weatherford

In this podcast, we meet CISO Mark Weatherford. We learn how he created the U.S. Navy's first-ever Red Team, and how he worked to get laws passed to establish a security program for the first time in several U.S. states. But how does Batman fits into all of this? Listen to find out.

5: People-powered security: Masha Sedova

In episode 5 we meet Masha Sedova, co-founder of Elevate Security, which uses data and behavioral analytics to help organizations build a strong security culture.  We chat about how to build effective employee awareness programs and what it's like to set up a new business in the security industry. 

6: The Strongest Link with Brian Honan

In Episode 6 we meet Brian Honan, an internationally recognized expert on cybersecurity and data protection. Brian founded his own security consultancy company, BH Consulting, in 2008. He is also the founder and CEO of IRISS, Ireland's first Computer Emergency Response Team.

7: The impact of a diverse cybersecurity team with Marene Allison

In episode 7 we meet Marene Allison, vice president and chief information security officer at Johnson & Johnson. We hear about her life in the military, her career as a special FBI agent, and how she has built a diverse cybersecurity team at Johnson & Johnson.

8: Sandworm, Not Petya and the hunt for the most dangerous hackers

In episode 8 we are joined by Andy Greenberg, senior investigative journalist for Wired, as well as members of the Cisco Talos threat intelligence team and senior Cisco cyber engineer Noureen Njoroge. Together we look back at the world's most catastrophic cyber attack: Not Petya. We discuss the nuances of the attack, its scale and significance, and the impact that is still felt three years later.

9: Creating more opportunities for others, with Andy Ellis

In Episode 9 we meet seasoned CISO Andy Ellis, who talks about giving women and minorities more opportunities in cybersecurity. He also tells the fascinating story about how he eliminated use of the password at his organization, and explains why he employs librarians and journalists on his security team.

10: "Don't fire the CISO", with Quentyn Taylor

In Episode 10 we chat with Quentyn Taylor, CISO for Canon Europe. He talks about his multitalented and customer-centric cybersecurity team, how to overcome the "virtual hurdle" of working remotely, why firing the CISO after a cyber attack is rarely the first resort, and how to make the perfect cybersecurity cocktail.

11: What to Expect When You're Electing: Election Security special, with Matt Olney and Steve Caimi

In Episode 11 the focus is on election security, and we are joined by Matt Olney, Director of Threat Intelligence and Interdiction at Cisco Talos, and Steve Caimi, U.S public sector cybersecurity expert. We discuss what Talos has learned about election security after four years of research and hands-on experience, and we share thoughts on where election security in the United States stands heading into November's general election.

12: Lifting others up: Stories of how we can help each other in cybersecurity

From eye-opening discussions on diversity issues in cybersecurity, to stories of how CISOs got their initial starts, our chief interviewer Hazel has edited together some of her favorite moments so far from the Security Stories podcast series

13: Prime directives: Serving the public trust, protecting the innocent, and upholding security laws, with Tanya Forsheit

In Episode 13 our guest is Tanya Forsheit, one of the world's leading data privacy and security advisers and litigators. We consider what the future might hold for data privacy in the next year, within the context of COVID-19 and tracing apps. We also discuss data privacy as a fundamental human right.

14: Not fearing failure, and challenging the status quo, with Chris Leach

In Episode 14 our guest is Chris Leach, Senior CISO Advisor for Cisco. After 30 years of running security and risk operations for a wide variety of organizations, Chris sits down with Hazel to talk about his journey and offer some insights into the life of a CISO, including how to combat the fear of failure and how to successfully challenge the status quo.

15: Taking the unconventional cybersecurity career path, with Curtis Simpson

In Episode 15 we meet Curtis Simpson, Chief Information Security Officer at Armis. As well as discussing his journey as a security leader, Curtis talks about changing the perception that cybersecurity is a cost center and ways in which cybersecurity can contribute to business outcomes. This episode also features a discussion with some special guests about their unconventional career paths into the cybersecurity industry.

16: Openness and support: A frank discussion on why diverse representation matters

Episode 16 features two meaningful discussions. Hazel and Noureen talk first with Leticia Gammill, Cisco's Channel leader for Canada and Latin America, and Matt Watchinski, Vice President of Cisco Talos, about the significance of diverse representation in cybersecurity. Our second conversation, with Mike Hanley, Cisco's new Chief Information Officer, gives insights into the importance of hiring diverse talent and building a culture of appreciation, openness, and internal mentoring.

17: The building blocks of political disinformation campaigns

Episode 17 sees the return of Theresa Payton to the Security Stories podcast. She joins Hazel, Noureen, and special guest Nick Biasini, a threat researcher at Cisco Talos, to discuss online disinformation campaigns and how they are used in political elections. With only weeks to go until the United States general election, Theresa and Nick outline what the public needs to be aware of and how we can spot and report online disinformation.

18: The future of the SPOC

In Episode 18 we meet Gabriel Gumbs, Chief Innovation Officer at Spirion. He shares stories, ranging from hacking portable devices at school to helping lead the evolution of data privacy. We are also joined by Wolf Goerlich and Nigel Houghton, who provide insights into the future of security operations.

19: Being your true authentic self, with Javvad Malik

In Episode 19 Hazel chats to Javvad Malik, a security awareness advocate at KnowBe4. Javvad is one of the security industry's most prolific video bloggers and is known for his signature light-hearted perspective on security. He shares his advice on how to create engaging presentations, and puts his security spin on the infamous "Zombieland" rules.

20: Creating safe spaces, and the troubling nature of attribution in threat research, with Chloé Messdaghi and Warren Mercer

In Episode 20 of Security Stories we are joined by Chloé Messdaghi, an infosec advocate and activist who is working to create a safe space for underrepresented groups within the industry. Our second guest, Talos's Warren Mercer, drops in to talk about the PoetRAT malware and the enormous issue of attribution in threat research.

21: Review of the Year, with Fareedah Shaheed

In our last episode of the year, Fareedah Shaheed, CEO and founder of Sekuva, shares stories about growing up in Saudi Arabia, how she built her businesses, and being named one of Forbes' Top 30 Under 30. We are also joined by Senior Director of Product Marketing Ben Munroe and count down our top 3 security moments in 2020.

22: Defending against critical threats, with Esmond Kane

In Episode 22 we hear from the front lines of healthcare security. CISO Esmond Kane, of Steward Health Care, offers insights from an industry that has long been a target of cyber crime. And Edmund Brumaghin, threat researcher at Cisco Talos, joins us live to discuss the evolution of ransomware and "big-game hunting" attacks.

23: What really works in cybersecurity? With Wade Baker and Wolfgang Goerlich

In Episode 23, Cisco Advisory CISO Wolfgang Goerlich discusses the results from Cisco's 2021 Security Outcomes Study with Wade Baker, co-founder of research firm Cyentia. They offer advice on what organizations can do to decrease waste and optimize the effectiveness of their security strategy.

24: Solving the opportunity divide, with Dr Christine Izuakor

In Episode 24 we're joined by Dr. Christine Izuakor, the first African American woman (and youngest student) to gain a Ph.D. in Security Engineering. In 2020 Christine created Cyber Pop-up, an on-demand cybersecurity service platform. She is active in the diversity and inclusion community, and her story is one of passion, resilience, and grit.

25: Knowing your data privacy rights, with Tazin Khan

In Episode 25 our guest is Tazin Khan, a data privacy advocate and founder of the Cyber Collective, an organization that helps people understand their data privacy rights. We discuss her journey as a Bengali immigrant and Queens native, as well as how she found her cybersecurity "sweet spot" and dealing with cybersecurity burnout.

26: The rising cases of collaboration app abuse, with Nick Biasini and Edmund Brumaghin

In Episode 26, Talos guests Nick Biasini and Edmund Brumaghin discuss their latest research on the rising cases of collaboration app abuse. Ben shares the origin stories behind some cyber threats—and their unusual names. Plus, Sana chats about the evolution of threats over the past year and how the industry is fighting back.

27: Addressing burnout, stress and mental health within the threat intelligence industry

In Episode 27, guests Matt Watchinski, Matt Olney, and Mitch Neff from Cisco Talos discuss stress and burnout within the threat intelligence industry and the mental toll of threat hunting. This conversation is relevant for security practitioners, as well as leaders who want advice on how to spot and manage burnout within their security teams.

28: How the CISO role will change, with Helen Patton

Our guest in Episode 28 is Helen Patton, CISO Advisor at Cisco Duo. Helen was previously the CISO at Ohio State University and the executive director at JP Morgan Chase. She talks about these two wildly different experiences—as well as how to know when it's time to leave a company, resilience in the age of Covid and killer hornets, and how the CISO role will change over the next three years.

29: The art of the idea, with Al Huger

Our guest in Episode 29 is Al Huger, Vice President of Cisco's security platform and response. Al has founded several startups and sold them to large organizations, including Cisco. He is well known in the vulnerability space and has developed patents for methods of hunting down malware. We chat about these topics, how he comes up with ideas, and the future of end-user security.

30: For the love of DevSecOps, with Tanya Janca

Our guest in Episode 30 is Tanya Janca, founder and CEO of We Hack Purple and best-selling author of Alice and Bob Learn Application Security. Tanya has worn many hats in her 20-year security career, including: penetration tester, CISO, AppSec engineer, and software developer. She chats about her experiences and explains why application security needs to be more in the spotlight.

31: Building inclusive cultures, with Dug Song and Gene Hall

In Episode 31, guests Dug Song, Cisco Chief Strategy Officer, and Gene Hall, Vice President of Security Marketing at Cisco Secure, join us for a conversation about creating inclusive cultures. We also discuss what security challenges are top of mind for our customers and how Cisco is addressing them.

32: The mentality of experiencing a data breach, with Stuart Peck

In Episode 32, Stuart Peck, Director of Cybersecurity Strategy at Zero Day Lab, talks about his background in social engineering, and incident response. He also discusses how infosec teams can prepare mentally for a data breach. Plus, Hazel, Sana, and guest co-host Geraldo De La Cruz explore the notorious attack on Enigma.

33: The People Hacker, with Jenny Radcliffe

In Episode 33 we meet Jenny Radcliffe, the "People Hacker." Jenny is hired to talk her way into secure locations through a mixture of psychology, cunning, and guile. She protects clients from scammers and leads simulated criminal attacks. We also chat to Nirav Shah, who worked at Solar Winds when the major breach occurred.

34: The rockstar turned CISO, with Ian Thornton Trump

In Episode 34 our guest is Ian Thornton-Trump, CISO at Cyjax Limited. Ian talks about his career journey, from joining the Military Intelligence Branch of the Canadian Forces, to managing IT projects at the Canadian Museum of Human Rights, to being a CISO. He also shares his top lessons learned from 30 years in the cybersecurity industry.

35: How to manage imposter syndrome, with Stuart Coulson

In Episode 35 our guest is Stuart Coulson, director at Hidden Text Ltd, where he uses the skill sets and knowledge borne of many years in the security industry to help others. In addition to discussing Stuart's career path in cybersecurity, we chat about managing social media as an infosec professional and how to deal with imposter syndrome.

36: Falling over in IT, standing up in Security, with Pam Lindemoen

In Episode 36 our guest is Pam Lindemoen, Advisory CISO at Cisco Secure and former Deputy CISO at Anthem Inc. In this thoughtful interview, learn about Pam's passion for championing women in IT, her approach to learning from mistakes and failure, as well as her top tips to ensure that security and risk can be understood across the entire business.

37: The vision of what's at stake, with Dr. Kelley Misata

In Episode 37 our guest is Dr. Kelley Misata. Having survived years of cyberstalking, Kelley completed a PhD in information security and wrote her dissertation on the cybersecurity preparedness of nonprofits that work with victims of violence. She later set up her own nonprofit company, Sightline Security. This is her story. 

38: Would I lie to you? Security Stories versus Beers with Talos

In Episode 38, the Security Stories team tries to outfox the Beers with Talos team. Using a live, game show format, we present "facts" about significant moments in our security careers—but who is telling the truth? To learn if we can sort fact from fiction, don't miss this special edition: "Would I lie to you? Security Stories versus Beers with Talos."

39: When Hazel met Cisco Talos' first responders

In Episode 39, we meet members of the Talos Threat Detection and Response team, who are Cisco customers' first responders to cyber threats. Joining Hazel for a brilliant discussion are Christopher Marshall, Diana Brown, Doaa Osman, and Lilith Wyatt. We chat about the unique paths that led them into the security industry, and their team's roles. 

40: Building trust, with Brad Arkin

In Episode 40 we meet Brad Arkin, Cisco's Chief Security and Trust Officer. Before joining Cisco, Brad was the first Chief Security Officer at Adobe, where he grew the security team from just a few employees to over 600 globally. He is a pioneer in software security and led the rapid Cisco Zero Trust architecture deployment to over 100,000 users.

41: Are experts always the best teachers? With Gary Hibberd

In Episode 41 our guest is Gary Hibberd, "The Professor of Communicating Cyber" for the Cyberfort Group. Gary has worked in cybersecurity for over 35 years, spending much of that time in highly regulated industries. We discuss the highs and lows of Gary's career and why marketing and cybersecurity go hand in hand.

42: How do our lived experiences impact our approach in cybersecurity? With Jarell Oshodi

In Episode 42, Tazin and Hazel have an in-depth conversation with Jarell Oshodi, a licensed attorney. Jarell has spent 12 years honing her expertise in data compliance and privacy at various federal agencies, including the Department of Justice and her current role as Associate Chief Privacy Officer at the Center for Disease Control and Prevention.

43: The right brain thinkers, with Jane Frankland

In Episode 43 we welcome Jane Frankland, who has worked in the cybersecurity industry for 24 years. Jane is an award-winning entrepreneur and best-selling author of "IN Security: Why a Failure to Attract and Retain Women in Cybersecurity Is Making Us All Less Safe." We chat about Jane's career, how she fights for women in the industry, and her latest venture.

44: Case Study: How to practically implement XDR, with Enric Cuixeres and Jessica Bair

In Episode 44 we are joined by two security experts to discuss the practical implications of extended detection and response (XDR). Enric Cuixeres is a Cisco Secure customer who has implemented an XDR strategy within his organization, Leng D'Or.  He is joined by Cisco Director of Technical Alliances, Jessica Bair.

45: Building resilience, with Goher Mohammad

In Episode 45 we meet Goher Mohammad, Head of Information Security at L&Q Group, one of the United Kingdom's largest charitable housing associations. Goher talks about resilience and the rewards and challenges of building a new security team from the ground up.

46: Experimenting outside of the job description, with Jerry Gamblin

In Episode 46 we welcome Jerry Gamblin, Director of Security Research at Kenna Security (now part of Cisco). Jerry talks about his journey: from working on an IT help desk to managing the network security infrastructure of the Missouri House of Representatives to leading security research at Kenna.

47: Getting into offensive security, with Shannon Lietz

In Episode 47 our guest is Shannon Lietz, Vice President of Vulnerability Labs at Adobe. Shannon talks about how she first got into offensive security, the red team activities that the team undertakes, and the moment that led Shannon to change her leadership style.

48: Entering the metaverse, with Jaeson Schultz

In Episode 48 we enter the metaverse with Jaeson Schultz, Technical Director at Cisco Talos. We talk about the evolution of Web 3.0, its security implications, and possible ethical considerations.

49: Moving toward security resilience, with Liz Waddell, Accidental CISO, and Christos Syngelakis

Episode 49 features a chat about how to build security resilience. Three security leaders share their stories: Accidental CISO (yes, the anonymity intrigues us, too.; Liz Waddell, Incident Response Practice Lead for Cisco Talos; and Christos Syngelakis, CISO and Data Privacy Officer at Motor Oil Group.

50: How can we actually, really, take care of our mental health?

In episode 50, we are joined by members of the Cisco Talos team for an authentic conversation about mental health and burnout. We talk about how hard it can be to prioritize self care, and how we can spot the signs of burnout in others.

51: Infosec Court Live, with Wendy Nather, Helen Patton, Dave Lewis and Dennis Fisher

All rise, all rise, for Infosec Court, brought to you from RSA Conference 2022. Judge Wendy Nather presides, and three InfoSec experts (Helen Patton, Dave Lewis, and Dennis Fisher) all have a "hot take" that they want to be more widely accepted in the InfoSec industry.

52: Securing the Super Bowl, with Tomás Maldonado and Brad Garnett

Episode 52 features an insightful conversation between Tomás Maldonado, NFL Chief Information Security Officer, and Brad Garnett, Director of Cisco Talos Incident Response. Tomás discusses his early life and career, and he and Brad discuss exactly how the NFL and Cisco came together to secure Super Bowl LVI.