Security Stories Podcast Archives

Insights for security leaders, by security leaders

Discover the unique, inspiring, and often amusing stories behind what it takes to lead cybersecurity efforts in an organization. The Security Stories podcast features interviews with a diverse range of guests, each sharing their experiences for the benefit of others in the industry.

70: Driving innovation from within with Raj Chopra

Taz and Raj Chopra, senior vice president of product management at Cisco, delve into the strategies and tactics that successful businesses can use to drive innovation from within.

69: Preparing for a cybersecurity incident, with Jeremy Maxwell

Meet Jeremy Maxwell, CISO of Veradigm, a healthcare IT company. Jeremy discusses how his organization proactively prepares for cybersecurity incidents within a highly regulated industry.

68: Engineering the Future: Artificial Intelligence in Security with Shaila Shankur

Listen to Taz and Shaila Shankar, Cisco SVP Engineering, Security Business Group, address how AI is shaping cybersecurity and how we are engineering for the future.

67: The Intersection of Technology and Social Responsibility with Brian Tippens

Join Brian Tippens, SVP and Chief Social Impact Officer, Cisco, as we explore the impact of technology and the role that Cisco plays in creating a better world. We discuss the intersection of technology and social impact through the lens of Cisco, while keeping security at the center.

66: Security Myths and Realities with CISO of the NFL, Tomas Maldanado

Join Tomas Maldanado, Chief Information Security Officer of the NFL, and Taz for their take on the most common myths about cybersecurity and as they unpack the realities behind these bloated assumptions.

65: Translators and Non-Technical Departments are Your Secret Weapons to Staying Secure, with Tom Gillis

Listen in to learn how simplifying cybersecurity language, collaborating across departments, and using translators can improve your organization's cybersecurity efforts and keep you and your data safe.

64: The Intersection of Technology and Society: Navigating a New Era with TK Keanini, CTO of Cisco Secure

Join us for a discussion on The Intersection of Technology and Society: Navigating a New Era with TK Keanini, CTO of Cisco Secure.

63: Live at RSAC '23 with Jeetu Patel: The Role of Generative AI in Shaping the Future of Cybersecurity

Cybersecurity is a crucial aspect of responsible artificial intelligence (AI), especially as AI continues to advance and become more prevalent across industries. Join Jeetu Patel and Taz as they delve into this topic

62: Security Resilience in the Mergers and Acquisitions space with business and tech thought-leader, Alex Wolf

Taz and Alex chat about Alex Wolf's path into the mergers and acquisitions space, what it's like to be an investor, and how security plays a valuable role in her work and industry.

61: Content filtration, zero trust and life as a security engineer turned entrepreneur with Yasmin Abdi

Learn about content filtration, zero trust, and life as a security engineer-turned-entrepreneur with Yasmin Abdi.

60: Data ethics and resilience with Netflix docufilm star, Joe Toscano

In episode 60, Taz interviews Joe Toscano, Netflix docufilm star and CEO of DataGrade.

59: Failing Fast with Jason Button

In episode 59, Taz interviews Jason Button, our information security director who manages Cisco’s cybersecurity efforts for mergers and acquisitions.

58: You don't need to be in leadership to lead, with Lena Olympio

In episode 58, Taz chats with Lena Olympio about her career trajectory, how she was inspired by this year's Women of the Channel winners, and her thoughts on leadership.

57: We’re changemakers too, with Confidence Staveley

In episode 57, Taz chats to Confidence Staveley, Founder of CyberSafe Foundation. Nicknamed "The Relatable CyberSecurity Queen,” Confidence is Africa’s most celebrated female cybersecurity leader, talent developer, global speaker, and inclusion advocate.

56: Why you're entitled to feel safe online, with Cathy Pedrayes

Happy National Cyber Security Awareness Month! Today's guest is Cathy Pedrayes: Author, television host and bilingual social media influencer, Cathy Pedrayes is best known as TikTok's 'Mom Friend.'

55: Privacy rights in our current world, with Ashlee Benge

Our guest is Ashlee Benge, Strategic Intelligence Lead at Cisco Talos. This episode includes a wide-ranging discussion on data privacy, including the rising use of health-tracking apps and wearable tech.

54: Ukraine Independence Day: Cisco Talos update

This episode features a recording from a live event that we hosted on 24 August, aka Independence Day for Ukraine. 

53: Would I lie to you? Round 2

In this special game show edition, Security Stories faces off with the Beers with Talos crew once again. This second round contains stories of betrayal, donkeys in the desert, and very embarrassing situations.

52: Securing the Super Bowl, with Tomás Maldonado and Brad Garnett

Episode 52 features an insightful conversation between Tomás Maldonado, NFL Chief Information Security Officer, and Brad Garnett, Director of Cisco Talos Incident Response. Tomás discusses his early life and career, and he and Brad discuss exactly how the NFL and Cisco came together to secure Super Bowl LVI.

51: Infosec Court Live, with Wendy Nather, Helen Patton, Dave Lewis and Dennis Fisher

All rise, all rise, for Infosec Court, brought to you from RSA Conference 2022. Judge Wendy Nather presides, and three InfoSec experts (Helen Patton, Dave Lewis, and Dennis Fisher) all have a "hot take" that they want to be more widely accepted in the InfoSec industry.

50: How can we actually, really, take care of our mental health?

In episode 50, we are joined by members of the Cisco Talos team for an authentic conversation about mental health and burnout. We talk about how hard it can be to prioritize self care, and how we can spot the signs of burnout in others.

49: Moving toward security resilience, with Liz Waddell, Accidental CISO, and Christos Syngelakis

Episode 49 features a chat about how to build security resilience. Three security leaders share their stories: Accidental CISO (yes, the anonymity intrigues us, too.; Liz Waddell, Incident Response Practice Lead for Cisco Talos; and Christos Syngelakis, CISO and Data Privacy Officer at Motor Oil Group.

48: Entering the metaverse, with Jaeson Schultz

In Episode 48 we enter the metaverse with Jaeson Schultz, Technical Director at Cisco Talos. We talk about the evolution of Web 3.0, its security implications, and possible ethical considerations.

47: Getting into offensive security, with Shannon Lietz

In Episode 47 our guest is Shannon Lietz, Vice President of Vulnerability Labs at Adobe. Shannon talks about how she first got into offensive security, the red team activities that the team undertakes, and the moment that led Shannon to change her leadership style.

46: Experimenting outside of the job description, with Jerry Gamblin

In Episode 46 we welcome Jerry Gamblin, Director of Security Research at Kenna Security (now part of Cisco). Jerry talks about his journey: from working on an IT help desk to managing the network security infrastructure of the Missouri House of Representatives to leading security research at Kenna.

45: Building resilience, with Goher Mohammad

In Episode 45 we meet Goher Mohammad, Head of Information Security at L&Q Group, one of the United Kingdom's largest charitable housing associations. Goher talks about resilience and the rewards and challenges of building a new security team from the ground up.

44: Case Study: How to practically implement XDR, with Enric Cuixeres and Jessica Bair

In Episode 44 we are joined by two security experts to discuss the practical implications of extended detection and response (XDR). Enric Cuixeres is a Cisco Secure customer who has implemented an XDR strategy within his organization, Leng D'Or.  He is joined by Cisco Director of Technical Alliances, Jessica Bair.

43: The right brain thinkers, with Jane Frankland

In Episode 43 we welcome Jane Frankland, who has worked in the cybersecurity industry for 24 years. Jane is an award-winning entrepreneur and best-selling author of "IN Security: Why a Failure to Attract and Retain Women in Cybersecurity Is Making Us All Less Safe." We chat about Jane's career, how she fights for women in the industry, and her latest venture.

42: How do our lived experiences impact our approach in cybersecurity? With Jarell Oshodi

In Episode 42, Tazin and Hazel have an in-depth conversation with Jarell Oshodi, a licensed attorney. Jarell has spent 12 years honing her expertise in data compliance and privacy at various federal agencies, including the Department of Justice and her current role as Associate Chief Privacy Officer at the Center for Disease Control and Prevention.

41: Are experts always the best teachers? With Gary Hibberd

In Episode 41 our guest is Gary Hibberd, "The Professor of Communicating Cyber" for the Cyberfort Group. Gary has worked in cybersecurity for over 35 years, spending much of that time in highly regulated industries. We discuss the highs and lows of Gary's career and why marketing and cybersecurity go hand in hand.

40: Building trust, with Brad Arkin

In Episode 40 we meet Brad Arkin, Cisco's Chief Security and Trust Officer. Before joining Cisco, Brad was the first Chief Security Officer at Adobe, where he grew the security team from just a few employees to over 600 globally. He is a pioneer in software security and led the rapid Cisco Zero Trust architecture deployment to over 100,000 users.

39: When Hazel met Cisco Talos' first responders

In Episode 39, we meet members of the Talos Threat Detection and Response team, who are Cisco customers' first responders to cyber threats. Joining Hazel for a brilliant discussion are Christopher Marshall, Diana Brown, Doaa Osman, and Lilith Wyatt. We chat about the unique paths that led them into the security industry, and their team's roles. 

38: Would I lie to you? Security Stories versus Beers with Talos

In Episode 38, the Security Stories team tries to outfox the Beers with Talos team. Using a live, game show format, we present "facts" about significant moments in our security careers—but who is telling the truth? To learn if we can sort fact from fiction, don't miss this special edition: "Would I lie to you? Security Stories versus Beers with Talos."

37: The vision of what's at stake, with Dr. Kelley Misata

In Episode 37 our guest is Dr. Kelley Misata. Having survived years of cyberstalking, Kelley completed a PhD in information security and wrote her dissertation on the cybersecurity preparedness of nonprofits that work with victims of violence. She later set up her own nonprofit company, Sightline Security. This is her story. 

36: Falling over in IT, standing up in Security, with Pam Lindemoen

In Episode 36 our guest is Pam Lindemoen, Advisory CISO at Cisco Secure and former Deputy CISO at Anthem Inc. In this thoughtful interview, learn about Pam's passion for championing women in IT, her approach to learning from mistakes and failure, as well as her top tips to ensure that security and risk can be understood across the entire business.

35: How to manage imposter syndrome, with Stuart Coulson

In Episode 35 our guest is Stuart Coulson, director at Hidden Text Ltd, where he uses the skill sets and knowledge borne of many years in the security industry to help others. In addition to discussing Stuart's career path in cybersecurity, we chat about managing social media as an infosec professional and how to deal with imposter syndrome.

34: The rockstar turned CISO, with Ian Thornton Trump

In Episode 34 our guest is Ian Thornton-Trump, CISO at Cyjax Limited. Ian talks about his career journey, from joining the Military Intelligence Branch of the Canadian Forces, to managing IT projects at the Canadian Museum of Human Rights, to being a CISO. He also shares his top lessons learned from 30 years in the cybersecurity industry.

33: The People Hacker, with Jenny Radcliffe

In Episode 33 we meet Jenny Radcliffe, the "People Hacker." Jenny is hired to talk her way into secure locations through a mixture of psychology, cunning, and guile. She protects clients from scammers and leads simulated criminal attacks. We also chat to Nirav Shah, who worked at Solar Winds when the major breach occurred.

32: The mentality of experiencing a data breach, with Stuart Peck

In Episode 32, Stuart Peck, Director of Cybersecurity Strategy at Zero Day Lab, talks about his background in social engineering, and incident response. He also discusses how infosec teams can prepare mentally for a data breach. Plus, Hazel, Sana, and guest co-host Geraldo De La Cruz explore the notorious attack on Enigma.

31: Building inclusive cultures, with Dug Song and Gene Hall

In Episode 31, guests Dug Song, Cisco Chief Strategy Officer, and Gene Hall, Vice President of Security Marketing at Cisco Secure, join us for a conversation about creating inclusive cultures. We also discuss what security challenges are top of mind for our customers and how Cisco is addressing them.

30: For the love of DevSecOps, with Tanya Janca

Our guest in Episode 30 is Tanya Janca, founder and CEO of We Hack Purple and best-selling author of Alice and Bob Learn Application Security. Tanya has worn many hats in her 20-year security career, including: penetration tester, CISO, AppSec engineer, and software developer. She chats about her experiences and explains why application security needs to be more in the spotlight.

29: The art of the idea, with Al Huger

Our guest in Episode 29 is Al Huger, Vice President of Cisco's security platform and response. Al has founded several startups and sold them to large organizations, including Cisco. He is well known in the vulnerability space and has developed patents for methods of hunting down malware. We chat about these topics, how he comes up with ideas, and the future of end-user security.

28: How the CISO role will change, with Helen Patton

Our guest in Episode 28 is Helen Patton, CISO Advisor at Cisco Duo. Helen was previously the CISO at Ohio State University and the executive director at JP Morgan Chase. She talks about these two wildly different experiences—as well as how to know when it's time to leave a company, resilience in the age of Covid and killer hornets, and how the CISO role will change over the next three years.

27: Addressing burnout, stress and mental health within the threat intelligence industry

In Episode 27, guests Matt Watchinski, Matt Olney, and Mitch Neff from Cisco Talos discuss stress and burnout within the threat intelligence industry and the mental toll of threat hunting. This conversation is relevant for security practitioners, as well as leaders who want advice on how to spot and manage burnout within their security teams.

26: The rising cases of collaboration app abuse, with Nick Biasini and Edmund Brumaghin

In Episode 26, Talos guests Nick Biasini and Edmund Brumaghin discuss their latest research on the rising cases of collaboration app abuse. Ben shares the origin stories behind some cyber threats—and their unusual names. Plus, Sana chats about the evolution of threats over the past year and how the industry is fighting back.

25: Knowing your data privacy rights, with Tazin Khan

In Episode 25 our guest is Tazin Khan, a data privacy advocate and founder of the Cyber Collective, an organization that helps people understand their data privacy rights. We discuss her journey as a Bengali immigrant and Queens native, as well as how she found her cybersecurity "sweet spot" and dealing with cybersecurity burnout.

24: Solving the opportunity divide, with Dr Christine Izuakor

In Episode 24 we're joined by Dr. Christine Izuakor, the first African American woman (and youngest student) to gain a Ph.D. in Security Engineering. In 2020 Christine created Cyber Pop-up, an on-demand cybersecurity service platform. She is active in the diversity and inclusion community, and her story is one of passion, resilience, and grit.

23: What really works in cybersecurity? With Wade Baker and Wolfgang Goerlich

In Episode 23, Cisco Advisory CISO Wolfgang Goerlich discusses the results from Cisco's 2021 Security Outcomes Study with Wade Baker, co-founder of research firm Cyentia. They offer advice on what organizations can do to decrease waste and optimize the effectiveness of their security strategy.

22: Defending against critical threats, with Esmond Kane

In Episode 22 we hear from the front lines of healthcare security. CISO Esmond Kane, of Steward Health Care, offers insights from an industry that has long been a target of cyber crime. And Edmund Brumaghin, threat researcher at Cisco Talos, joins us live to discuss the evolution of ransomware and "big-game hunting" attacks.

21: Review of the Year, with Fareedah Shaheed

In our last episode of the year, Fareedah Shaheed, CEO and founder of Sekuva, shares stories about growing up in Saudi Arabia, how she built her businesses, and being named one of Forbes' Top 30 Under 30. We are also joined by Senior Director of Product Marketing Ben Munroe and count down our top 3 security moments in 2020.

20: Creating safe spaces, and the troubling nature of attribution in threat research, with Chloé Messdaghi and Warren Mercer

In Episode 20 of Security Stories we are joined by Chloé Messdaghi, an infosec advocate and activist who is working to create a safe space for underrepresented groups within the industry. Our second guest, Talos's Warren Mercer, drops in to talk about the PoetRAT malware and the enormous issue of attribution in threat research.

19: Being your true authentic self, with Javvad Malik

In Episode 19 Hazel chats to Javvad Malik, a security awareness advocate at KnowBe4. Javvad is one of the security industry's most prolific video bloggers and is known for his signature light-hearted perspective on security. He shares his advice on how to create engaging presentations, and puts his security spin on the infamous "Zombieland" rules.

18: The future of the SPOC

In Episode 18 we meet Gabriel Gumbs, Chief Innovation Officer at Spirion. He shares stories, ranging from hacking portable devices at school to helping lead the evolution of data privacy. We are also joined by Wolf Goerlich and Nigel Houghton, who provide insights into the future of security operations.

17: The building blocks of political disinformation campaigns

Episode 17 sees the return of Theresa Payton to the Security Stories podcast. She joins Hazel, Noureen, and special guest Nick Biasini, a threat researcher at Cisco Talos, to discuss online disinformation campaigns and how they are used in political elections. With only weeks to go until the United States general election, Theresa and Nick outline what the public needs to be aware of and how we can spot and report online disinformation.

16: Openness and support: A frank discussion on why diverse representation matters

Episode 16 features two meaningful discussions. Hazel and Noureen talk first with Leticia Gammill, Cisco's Channel leader for Canada and Latin America, and Matt Watchinski, Vice President of Cisco Talos, about the significance of diverse representation in cybersecurity. Our second conversation, with Mike Hanley, Cisco's new Chief Information Officer, gives insights into the importance of hiring diverse talent and building a culture of appreciation, openness, and internal mentoring.

15: Taking the unconventional cybersecurity career path, with Curtis Simpson

In Episode 15 we meet Curtis Simpson, Chief Information Security Officer at Armis. As well as discussing his journey as a security leader, Curtis talks about changing the perception that cybersecurity is a cost center and ways in which cybersecurity can contribute to business outcomes. This episode also features a discussion with some special guests about their unconventional career paths into the cybersecurity industry.

14: Not fearing failure, and challenging the status quo, with Chris Leach

In Episode 14 our guest is Chris Leach, Senior CISO Advisor for Cisco. After 30 years of running security and risk operations for a wide variety of organizations, Chris sits down with Hazel to talk about his journey and offer some insights into the life of a CISO, including how to combat the fear of failure and how to successfully challenge the status quo.

13: Prime directives: Serving the public trust, protecting the innocent, and upholding security laws, with Tanya Forsheit

In Episode 13 our guest is Tanya Forsheit, one of the world's leading data privacy and security advisers and litigators. We consider what the future might hold for data privacy in the next year, within the context of COVID-19 and tracing apps. We also discuss data privacy as a fundamental human right.

12: Lifting others up: Stories of how we can help each other in cybersecurity

From eye-opening discussions on diversity issues in cybersecurity, to stories of how CISOs got their initial starts, our chief interviewer Hazel has edited together some of her favorite moments so far from the Security Stories podcast series

11: What to Expect When You're Electing: Election Security special, with Matt Olney and Steve Caimi

In Episode 11 the focus is on election security, and we are joined by Matt Olney, Director of Threat Intelligence and Interdiction at Cisco Talos, and Steve Caimi, U.S public sector cybersecurity expert. We discuss what Talos has learned about election security after four years of research and hands-on experience, and we share thoughts on where election security in the United States stands heading into November's general election.

10: "Don't fire the CISO," with Quentyn Taylor

In Episode 10 we chat with Quentyn Taylor, CISO for Canon Europe. He talks about his multitalented and customer-centric cybersecurity team, how to overcome the "virtual hurdle" of working remotely, why firing the CISO after a cyber attack is rarely the first resort, and how to make the perfect cybersecurity cocktail.

9: Creating more opportunities for others, with Andy Ellis

In Episode 9 we meet seasoned CISO Andy Ellis, who talks about giving women and minorities more opportunities in cybersecurity. He also tells the fascinating story about how he eliminated use of the password at his organization, and explains why he employs librarians and journalists on his security team.

8: Sandworm, Not Petya and the hunt for the most dangerous hackers

In episode 8 we are joined by Andy Greenberg, senior investigative journalist for Wired, as well as members of the Cisco Talos threat intelligence team and senior Cisco cyber engineer Noureen Njoroge. Together we look back at the world's most catastrophic cyber attack: Not Petya. We discuss the nuances of the attack, its scale and significance, and the impact that is still felt three years later.

7: The impact of a diverse cybersecurity team with Marene Allison

In episode 7 we meet Marene Allison, vice president and chief information security officer at Johnson & Johnson. We hear about her life in the military, her career as a special FBI agent, and how she has built a diverse cybersecurity team at Johnson & Johnson.

6: The Strongest Link with Brian Honan

In Episode 6 we meet Brian Honan, an internationally recognized expert on cybersecurity and data protection. Brian founded his own security consultancy company, BH Consulting, in 2008. He is also the founder and CEO of IRISS, Ireland's first Computer Emergency Response Team.

5: People-powered security: Masha Sedova

In episode 5 we meet Masha Sedova, co-founder of Elevate Security, which uses data and behavioral analytics to help organizations build a strong security culture.  We chat about how to build effective employee awareness programs and what it's like to set up a new business in the security industry. 

4: Building the best cybersecurity team: Mark Weatherford

In this podcast, we meet CISO Mark Weatherford. We learn how he created the U.S. Navy's first-ever Red Team, and how he worked to get laws passed to establish a security program for the first time in several U.S. states. But how does Batman fits into all of this? Listen to find out.

3: Protecting democracy, and how to spot manipulation tactics online: Theresa Payton

In episode 3 we meet Theresa Payton, the first female CIO of The White House and one of Security Magazine's top 25 Most Influential People in Security. Theresa is a respected authority on security and intelligence operations and the author of books on data privacy and election hijacking.

2: Democratizing security: Wendy Nather

Wendy Nather, Head of Advisory CISOs at Cisco Duo, joins us for the latest episode of Security Stories. Wendy discusses how we can involve users in our security practices, rather than blaming them when they fall foul of the rules. And she comes up with a unique idea for shaking up the industry.

1: From the battlefield to the boardroom: Mick Jenkins MBE

Our special guest this episode is Mick Jenkins MBE, CISO for Brunel University London. Mick is a former counterterrorist officer and published novelist, and has led some incredibly innovative changes at his organization to turn their cybersecurity approach around.