Business of Cyber

Michael Meis is the Associate CISO at the University of Kansas Health System.

Sid Trivedi is a Partner at Foundation Capital. Sid leads the firm’s focus on cybersecurity and has participated in investments in Permiso, CloudKnox, & Attivo Networks.

Aner Gelman is the CEO & Co-Founder at Atmosec a SaaS security company based in Tel Aviv

Joe Levy is the Chief Technology & Product Officer at Sophos.

Adam Gavish is the CEO & Founder at DoControl, a SaaS security platform based in NYC. Before founding DoControl, Adam was a Product Manager at Google Cloud Security.

Dimitri Sirota is the CEO and Co-Founder at BigID. 

Shira Shamban is the CEO and Co-Founder at Solvo. 

Dan Benjamin is the CEO at Dig Security, a Cloud Data Security platform. Before starting Dig, Dan led product strategy for cloud security at Microsoft Azure.

Stuart McClure is the CEO at ShiftLeft, a code-security platform that helps develops build & deliver secure code. Before joining ShiftLeft, Stuart founded Cylance which sold to Blackberry for $1.4b. 

Lior Yaari is the CEO and Co-Founder at Grip Security, a Tel-Aviv based SaaS security company. Before founding Grip, Lior was the CTO at YL Ventures, one of the leading cyber focused investment firms. 

Jack Naglieri is the CEO at Panther, a modernized, Cloud SIEM platform

Jake Storm is a Deal Partner at Felicis. Before Felicis, Jake was an investor at IVP.

Marty Roesch is the CEO at Netography. Before Netography, he founded Sourcefire which sold to Cisco for $2.7b in 2013.

Pramod Gosavi is an investor at 11.2 Capital. Prior to 11.2 Capital, Pramod was the Director of Strategy and Corporate Ventures at VMware. 

Chris Behrens is a Principal at SYN Ventures. 

Jason Martin is the Co-Founder / Co-CEO at Permiso. Before that, he was the EVP of Product at Fireeye. 

Lance Spitzner is the Director of Security Awareness at the SANS Institute. 

Michael Collins is the CISO at Judo Bank, one of the leading fintech's in Australia. 

Dylan Ayrey is the Co-Founder and CEO at Truffle Security. 

Bob Ackerman is the Founder & Managing Director at AllegisCyber Capital, one of the leading cyber investment firms. 

Harshil Parikh is the CEO & Co-Founder at Tromzo. 

Brian Contos is the CSO at Phosphorous. Before joining Phosphorus, he held CSO, Advisor, & leadership roles at companies like ArcSight, Cylance, Jask, and Verodin, to name a few.

Thomas Kinsella - COO & Founder of Tines. Prior to that, Thomas was the Sr. Director of Security Operations at DocuSign. 

Sara Anstey runs the data analytics practice at Novacoast. In our interview, we explore using data to have more effective conversations with business leaders. 

Travis McPeak is the CEO at Resourcely, a stealth stage startup that provides secure guard rails in the SDLC process. 

Lynn Dohm is the Executive Director at WiCys, a global community of cyber professionals with the mission of recruiting, retaining and advancing women in cybersecurity. 

Frank Kim is a Fellow & Instructor at the SANS Institue, invests in & advises in several security startups, is a Venture Advisor at YL Ventures, and has held a variety of security leadership roles throughout his career. 

Karl Sharman is the Head of Cybersecurity Services & Solutions recruiting at Stott & May. Karl and I discuss: 

• Why do reporting lines matter less than authority & access for a CISO
• How Karl prepares and educates a company that’s looking for a new CISO
• Assessing the capabilities of a prospective CISO
• Setting up a new CISO for success

Ian Yip is the CEO at Avertro. An Australian startup helping organizations to understand and communicate about the 'business of cyber.'

Ian and I dig into:

• Why he started Avertro
• The problem they solve
• What he experienced that led to him forming the business
• The challenges of founding a start-up during COVID
• How he's experienced being the CEO of a growing business  

Benny Lakunishok is the CEO of Zero Networks, based in Israel. He's been a part of 3 startups acquired by Microsoft and recently started Zero Networks.

Brian Vallelunga is the CEO & Founder at Doppler, a universal secrets management platform. Brian and I discuss:

1. Founding 7 companies starting in high school

2. Product/market requirements when getting an idea off the ground 

3. The Chipotle sales strategy 

4. Going through YC and raising money from Sequoia & GV

5. Doppler & where they're going 

Chris Castaldo is the Chief Information Security Officer at Crossbeam, the world's first and most powerful partner ecosystem platform. Chris is also the author of the best selling book Start-Up Secure: Baking Cybersecurity into your Company from Founding to Exit and is a visiting fellow at the National Security Institute at George Mason University's Antonin Scalia Law School.

Year 1 proceeds from Chris's book are being donated to a phenomenal cause, Home For Our Troops. 

ou can find the book here: https://www.amazon.com/Start-Up-Secure-Cybersecurity-Company-Founding/dp/1119700736

Joshua Scott is the Head of Information Security & IT at Postman, an API management platform meant to simply & manage each step of the API lifecycle. Postman has raised over $400m from investors like Insight, Coatue, and Battery Ventures. Prior to taking the CISO role at Postman, Josh was the CISO at Move Inc, the parent company of Realter.com and a subsidiary of News Corp. During the conversation, Josh and I discuss:

How he aligns his security program with Postman's business objectives

How he leads his team and what actions he takes to retain talent in a competitive market

What it's like to be a CISO at a rapidly growing company like Postman

Ross Hosman is the CISO at Drata, a Series A staged security and compliance automation company. Drata announced their Series A last month, with investment from GGV Capital, SVCI, Okta Ventures, and other prominent investors. They're focused on automating compliance requirements like ISO27001 & SOC2 so organizations can spend more time growing their businesses and less time doing manual compliance work.

Ross has some incredible experiences at large organizations like JP Morgan Chase where he built and managed the cloud security team and more recently as the Head of Security at Sigma Computing. This wide range of experience has helped form Ross's view that security needs to be 'close to the engineers' but also focused on measuring & communicating the value of security to the business. More specifically, he shared why he loves interfacing with customers & prospects, and how that experience makes him a better CISO. 

White Canyon Software is a data erasure company headquartered outside of Salt Lake City. I met with their CEO Paul Katzoff and discussed:

• How did Paul rise from a tech support role to CEO?
• What's it like operating a security technology company that hasn't raised outside capital?
• Why is the data-erasure space a growing segment of the market?
• How do they work with both small & large customers? 

Guy Fletcher is currently the CEO & Founder at Cider Security, a stealth mode startup based in Tel Aviv. Prior to founding Cider, he was the CISO at AppsFlyer, a late-stage startup that's raised $300 million from leading VC firms like Goldman Sachs, Salesforce Ventures, and General Atlantic. While Guy was at AppsFlyer, one of the biggest pain points he felt was a significant gap between the security & DevOps team. Today, they've completed their MVP and are working with design partners to validate their product strategy and test their GTM strategy. Throughout the episode we covered:

• What compelled Guy to leave AppsFlyer and start Cider?
• How did he know he was ready to embrace becoming an entrepreneur?
• Why are they pursuing product-led growth as their GTM strategy?

Craig Goodwin is the Co-Founder and Chief Product & Strategy Officer at Cyvatar.ai, a cybersecurity startup building a platform that offers a membership-based model for cyber security-as-a-service. Prior to starting Cyvatar, Craig was the Chief Trust & Risk Officer at Fujitsu, the massive Japanese IT services company. Prior to Fujitsu, Craig spent time at CDK Global, Monster, and the UK Intelligence Services.

While the majority of Business of Cyber episodes profile CISOs and unpack how they align security with the business, this episode digs into Craig's story for operating as a CISO and ultimately how he found himself co-founding a security start-up. There are a few things we specifically dug into this episode:

• How did a career as a CISO prepare him for success as an entrepreneur?
• What did he see that convinced him to leave his job and start this company?
• Why is the future of cybersecurity membership-based? 
• Given he's a former CISO, how does he think about their GTM strategy and getting in front of their target buyers?
• Why is community building a more effective strategy than traditional GTM efforts? 

Ty Sbano is the Chief Security & Trust Officer at Sisense, a business intelligence & data analytics unicorn headquartered in New York. Sisense was originally founded in Tel Aviv and has global offices in SF, Scottsdale, London, Melbourne, Tokyo, & Kiev. Ty has been in the security industry for 15 year and has a wide range of experience across many industries at companies like Lending Club, Capital One, and Target. Given this is Ty's first CISO gig, we spent the majority of our conversation exploring how he view's his role and how he's contributed meaningful business value to the rapidly growing business. During the interview, we dig into:

• How has Ty come to realize the human element of security is the most important part of managing security risk?
• How has he led through recent challenging circumstances like the California wildfires and COVID pandemic?
• How did he set proper expectations for his role going all the back to his interview process to ensure he'd be able to measure the business value he'd contributed?

Al Ghous is the Global Chief Information Security Officer at Envision Digital, a global AIoT technology organization. Prior to Envision Digital, Al served as Chief Security Officer at ServiceMax and was previously responsible for Cloud Platform, Product, and IoT security at GE Digital. Al has been in the Cyber Security industry for over 20 years contributing in different capacities from Product Security and Risk Management to Privacy and Security Architecture. Al has held other leadership roles in organizations such as Ernst and Young, Oracle, Kaiser Permanente, and Informatica to name a few.

Al is active in the Cyber Security industry and part of several industry organizations and consortiums, as well as a member of several advisory boards. As an Advisor, Al takes pride in helping Founders focus on product development while maturing their Security posture to attract customers and investors alike.

In this episode with Monica Verma, we discuss how a tour of an airplane's cockpit started a lifelong quest for a career in technology. She's now the CISO at the Norwegian Directorate of Health, is on the Board of the Cloud Security Alliance, and has held a number of security leadership roles at firms like PwC, Siemens, & Norges Bank, the Central Bank of Norway.

She talks about her career in security leadership has identified a huge focus on risk management, specifically, an importance in discussing cyber risk in a way peers in the business can understand. She shares some tips for security leaders looking to manage the evolution of the CISO to more of a business-focused role:

1. Be okay with delegating. Despite her technical background and passion for hacking & technology, she knows her energy is better spent elsewhere

2. Embracing that those you need to communicate with, don't think about cyber all the time. Therefore, you need to be open, have compassion and patience when you're in these discussions.  

You can hear more from Monica and check out her podcast at MonicaTalksCyber.com

John Bambenek is the President of Bambenek Labs, a security agency focused on providing cyber services in forensics, incident response, and managed services. John's spoken at conferences like ISC, BlackHat, SANS, and a number of other well known conferences. Additionally, he's huge contributor to the info sec community. During our conversation we explore how he's focused on communication, persuation, education as key skills for a security professional. Given John is a prolific speaker, he's well versed in articulating cybersecurity to a non-technical audiences. He boils it down to the 3 things any business will care about: Making money, spending less money, or mitigating risk. Additionally, we discussed how he viewed security's role as:

• Enabling risk based decision making
• CISO's becoming focused on how can they get business decisions made securely 
• The long term implications of technical advancements (AI, ML, etc.) for security

Jeff Wagner is the CEO of Aspis, a cyber & administrative services company serving both government and commercial clients. Prior to founding Aspis, Jeff was the CISO at the Farm Production & Conservation, one of the largest Department's within the US Department of Agriculture. During today's show we cover,

• What did Jeff have to focus on during his transition from a security practitioner to a security leader?
• Why does he encourage those with technical experience to seek our leadership and management opportunities? 
• What have been some of the most important leadership lesson Jeff's learned as a CISO as well as through his experience with his CISO customers?

Get in touch with the show: 

Website: businessofcyber.com 

LinkedIn: Joe Vinck & Business of Cyber 

Twitter: @joey_vinck

Jason Loomis is the CISO at MINDBODY, the SaaS solution provider serving the health, wellness, and beauty space. If you've recently booked a fitness class. there's a pretty good chance you scheduled the class through their platform. Jason shares he thinks most security professionals are too focused on the technical and not enough focus on telling the story. Jason credits his MBA for helping to refine his ability to sell his story & presentation skill, what he calls an often overlooked portion of the CISO role.

Furthermore, we dig into:

•  Building internal relationships as a part of his CISO role
• Prepping for and messaging his leadership presentations
• Story telling as a CISO skill 

Ross Young is currently the CISO at Caterpillar Financial Services, the bank behind the massive construction manufacturer. Prior to Caterpillar, Ross spent 2 years as a Divisional CISO at Capital One as well as over 10 years with the US government at organizations like the CIA, NSA, and Federal Reserve Board. 

On today's show, Ross and I explore his early desire to be a CISO and discuss how his career in the government and more recent shift to the private sector has enabled him to be an effective security leader. More specifically, Ross and I discuss one of the primary roles of the CISO which is maintaining the appropriate balance of security with enabling developers and the business to innovate. Ross and I dig into this and talk about strategies he's used to find a healthy balance throughout his career.

Get in touch with the show:

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

Roger Hale is currently the CSO at BigID, a startup that uses Machine Learning and Identity Intelligence to help organizations find, track and govern their Critical Data. Prior to that, Roger was the CISO at Informatica & Brocade, and held security leadership roles at Symantec, Lending Club, & inkling. 

On today's show, Roger and I discuss how he's viewed his job as a CISO pivot from an IT role to more of an evangelist role focused both internally and externally within a business.  More specifically, we dig into:

• Why he views himself as being in information security sales?
• How can CISO's get a 'seat at the table?'
• Why should every security decision consider risk vs. reward? 

Get in touch with the show:

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

Rick Howard is a legend in the security industry, having most recently served as the CSO at Palo Alto Networks. Rick's currently the CSO, Senior Fellow, and Chief Analyst at the CyberWire, one of the leading cybersecurity media & publishing companies. Rick is a self described "old army guy" having spent nearly 30 years in the US Army prior to transitioning to a commercial career with companies like Engility, Verisign, and Counterpane. 

On the interview, Rick and I dig into the changes he needed to make as a first time CISO in the commercial space as well as the primary differences between government & commercial sector. He describes one of his top skills as translating complex technical documents and concepts into a language that business professionals can understand. 

Get in touch with the show:

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

Jack Jones is one of the most well respected thought leaders in risk management and information security.  During his 30 years in the industry he has garnered a decade of experience as a CISO, including five years for a Fortune 100 financial services company. His work has also been recognized by his peers and the industry, earning him the 2006 ISSA Excellence in the Field of Security Practices award, and the 2012 CSO Compass Award for Leadership in Risk Management.

Jack is the originator of the now industry standard risk measurement model known as Factor Analysis of Information Risk (FAIR). FAIR has seen adoption globally, within organizations of all sizes, and is now regularly included in graduate-level university courses on information security and referenced by other industry standards. He also recently co-authored a book on FAIR entitled "Measuring and Managing Information Risk - A FAIR Approach", which has been inducted into the Cybersecurity Canon as a "must read" for professionals in the industry. Jack was also on the ISACA task force that developed the RiskIT framework, and he led the ISACA group that developed the CRISC certification.

Today, Jack is in charge of Research at RiskLens, Inc. and is a sought after speaker at national conferences and universities like Carnegie Mellon and Ohio State University. He is also the Chairman of The FAIR Institute (http://www.fairinstitute.org/), a non-profit organization led by information risk officers, CISOs and business executives to develop standard information risk management practices based on FAIR.

Daniel Hooper is currently the CISO at Varo Money, one of the leading mobile first digital banks in the US. Prior to Varo, Daniel was the CISO at PIMCO, the global investment firm with nearly $2trillion USD in assets under management. Daniel and I connected via LinkedIn following a viral post of his regarding how CISO's should respond to the questions, "Are we good?" & "Are we secure?" These all too common questions highlight the need for CISO's to translate the complex technological problems they face into meaningful talking points to explore with their business peers. On the show, Daniel and I dig into his suggestions for responding to these questions as well as:

What did Daniel need to work on most during his first CISO jobs?

How does Daniel go out of his way to continually understand his business peers and his clients?

What's the worst piece of security advice he's ever gotten?

Get in touch with the show:

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

Heath Renfrow is the Director & CISO at The Crypsis Group, an incident response and CISO advisory consulting firm. Prior to Crypsis, Heath has held CISO roles at the DoD, Army Healthcare, & the US Army Corp of Engineers. During the conversation, Heath and I cover:

• How has a career in the military prepared him for experience in the commercial security sector?
• How has he developed skill set's that enable him to communicate effectively with executive groups who lack cyber experience?
• Why does he chose to quantify risk and what has it done for him?

Get in touch with the show:

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

Vic Bhatia is the Head of Security GRC at Novi, a subsidiary of Facebook. Vic's experience spans across all sectors and a wide range of both consulting and security leadership roles. During the conversation we explore:

• What is the Facebook Novi project and how is Vic helping to operate their program?
• Why does Vic believe the most important area of focus for a security professional should be business context?
• How does Vic feel about control frameworks?

Get in touch with the show:

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

Sian John is the EMEA Director of Cybersecurity Strategy for Microsoft, leading a team of Chief Security Advisors who provides expert guidance and consulting services to some of Microsoft's largest customers throughout the region. Prior to Microsoft, Sian held a similar leadership roles at Symantec where she focused on helping customers build cyber strategy and refine the vision for their programs. 

On the episode today we discuss:

How does Sian recommend aligning with the business if you’ve historically struggled to do so?

What role does security play in digital transformation?

How can security teams position themselves to positively impact business initiatives?

Get in touch with the show:

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

Dan Blum is the Managing Director at Security Architects Partners, a consulting firm focused on cybersecurity leadership, architecture, and risk management. Prior to starting the firm, Dan was a research analyst at the Burton Group, which was subsequently acquired by Gartner in 2010. Additionally, he has security leadership experience at organizations like Respect Network and KuppingerCole. Most recently, Dan authored a book called Rational Cybersecurity for Business: The Security Leader's Guide to Business Alignment. Be sure to check out the book via the link below.

On today's show, we cover:

• What are some specific examples of clients Dan's worked with who have done a good job aligning themselves with their business peers?
• How have those organizations gone about justifying increase budget?
• Why are some people better at this than others?

Dan's Book: https://www.amazon.com/Rational-Cybersecurity-Business-Security-Alignment/dp/1484259513

Get in touch with the show:

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

Peter Liebert is currently the CISO at Cerner Government Services, the leading EHR provider for the public sector. Prior to joining Cerner, Peter was chosen by his peers to be the 2019 Chief Security Officer of the Year by SC Magazine. Additionally, he's the former CISO for the State of California and is a security visionary with over 19 years of leadership experience in private, Federal (including the Military), and State Government organizations.

On today's show we discuss:

• How have you justified an increase in cyber spend?
• How do you align with business KPIs?
• What have been the cultural differences you've noticed in working with both private and public sectors?

Get in touch with the show:

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

Bill Bonney is a well known figure in the security community having co-authored the CISO Desk Reference Guide with Matt Stamper & Gary Hayslip. Their book series is a meant to be a practical guide to help modern CISO's take on many challenges including executive leadership, communication, and business savvy. So of course, right in our wheelhouse. 

The books recently been published into the Cybersecurity Canon, the leading authority of cybersecurity content and books managed by Palo Alto Networks and The Ohio State University. 

During today's discussion, Bill and I discuss:

• How security leaders can conduct 'walk-about's' to position themselves as business enablers with the intent to listen and learn rather than describe how you support them
• CISO's forming a mentor relationship with a seasoned business leader within your organization
• The role digital transformation has played and will continue to play for security teams 

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

OFFER FOR FIRST TEN EPISODES In order to enter for a chance to win each book discussed in the first 10 episodes, please rate & leave a review wherever you listen to podcasts and reach out to Joe via Email, LinkedIn, or Twitter with your username to let us know you've rated. Winners will be announced after Episode 10

Diana Kelley is the Cybersecurity Field CTO at Microsoft, where she leads the Microsoft Cybersecurity Thought Leadership team and advises CIO's, CISO's, and CTO's on cyber strategy and approach. In addition to her work at Microsoft, Diana also serves on the Board of the non-profit, Women in CyberSecurity, on the Program Committee for the RSA Conference, hosts the MyCyberWhy podcast, and regularly appears on media platforms like CNBC, CBS, NY Times, and WSJ.

During the interview, Diana and I discuss:

• How did Diana find herself in cybersecurity and ultimately in her current role at Microsoft?
• How does she envision the continued move to the Cloud and security's role in this industry migration? 
• How does she encourage her customers to approach conversations with their business peers?
• Why should security teams take a leadership role in helping their business peers better understand cybersecurity?

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

OFFER FOR FIRST TEN EPISODES In order to enter for a chance to win each book discussed in the first 10 episodes, please rate & leave a review wherever you listen to podcasts and reach out to Joe via Email, LinkedIn, or Twitter with your username to let us know you've rated. Winners will be announced after Episode 10

Michel Romanino is the Deputy CISO at Cambia Health Solutions a member of the Blue Cross Blue Shield Association HQ’d in Portland. Prior to Cambia, Michel held security and software engineering roles at companies like CoreLogic, Intuit, Sharp Healthcare, & Teradata. During the interview, Michel talks about how he’s helped establish a strong security culture embedded in the organization's decision making process as well as some of the business opportunities they’re pursuing in light of the COVID19 pandemic.

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

OFFER FOR FIRST TEN EPISODES In order to enter for a chance to win each book discussed in the first 10 episodes, please rate & leave a review wherever you listen to podcasts and reach out to Joe via Email, LinkedIn, or Twitter with your username to let us know you've rated. Winners will be announced after Episode 10

Mark Simos is the Lead architect for Microsoft Enterprise Cybersecurity Group where he is part of a group of cybersecurity experts who create and deliver unique cybersecurity services and solutions to Microsoft’s customers. Having spent the majority of his career there, Mark's been with Microsoft for over 20 years.

We talk about:

How can security stay out of the way of the business?

How does Mark envision zero trust as a solution, improvement, or emerging trend?

What vs how of being a business partner and integrating well with their business?

Why is digital transformation the biggest opportunity for security teams to modernize?

Website: businessofcyber.com

LinkedIn: Joe Vinck & Business of Cyber

Twitter: @joey_vinck

OFFER FOR FIRST TEN EPISODES In order to enter for a chance to win each book discussed in the first 10 episodes, please rate & leave a review wherever you listen to podcasts and reach out to Joe via Email, LinkedIn, or Twitter with your username to let us know you've rated. Winners will be announced after Episode 10

Jamie Norton is the CISO at the Australian Taxation Office. The ATO is responsible for the Australian federal taxation system and is one of the largest agencies within the Australian federal government. Prior to ATO, Jamie held security leadership roles at organizations such as the World Health Organization, Check point, and Tenable. During the episode, Jamie draws on this experience to talk about how he approaches presenting security to a non-technical audience. Big thank you to Jim Seaman for the intro to Jamie.

On today's episode we discuss:

• How has Jamie seen security change over the last 20 years?
• How does he prepare for executive discussions with his various non-technical leadership peers?
• What are some of the major takeaways he's learned from running security for one of the largest agencies within the Australian federal government?

Email: [email protected]

Website: businessofcyber.com

LinkedIn: Joe Vinck

Twitter: @joey_vinck

OFFER FOR FIRST TEN EPISODES In order to enter for a chance to win each book discussed in the first 10 episodes, please rate & leave a review wherever you listen to podcasts and reach out to Joe via Email, LinkedIn, or Twitter with your username to let us know you've rated. Winners will be announced after Episode 10

Zohar Rozenberg is the CSO & Head of Cyber Investments at Elron, a venture capital firm in Tel Aviv. Prior to joining Elron, Zohar was the head of the Israeli Defense Forces’s (IDF) cyber department, so he’s been heavily involved in Israel's national cyber bureau and formalization of the Israeli national cyber strategy as they’ve become a global powerhouse of cyber security.

On today's episode we explore:

What experience does Zohar look for when he's meet with cyber founders?

How did a career in the IDF prepare him for the investment world?

How does he encourage portfolio companies to market their products to stand out in the saturated cyber environment?

Now that we're 5 episodes in, I'd love to hear from you regarding suggestions for the show. Feel free to recommend discussion subjects, questions, or guests you'd like me to interview. Here are all the ways to get in touch with me:

Email: [email protected] 

Website: businessofcyber.com 

LinkedIn: Joe Vinck 

Twitter: @joey_vinck 

OFFER FOR FIRST TEN EPISODES In order to enter for a chance to win each book discussed in the first 10 episodes, please rate & leave a review wherever you listen to podcasts and reach out to Joe via Email, LinkedIn, or Twitter with your username to let us know you've rated. Winners will be announced after Episode 10.

Joel Fulton is a pioneer and one of the most well respected figures in information security. Joel has security leadership experience at giants like Boeing, Symantec, Google, and Splunk. If that wasn't enough, he's a Co-Founder of Silicon Valley CISO Investments, an angel investment syndicate made up of some of the top security leaders around the world. Most recently, Joel's started his own security technology company currently operating in stealth mode.

On today's episode, Joel and I discuss:

Why is security fundamentally a people problem rather than a technology problem? 

How should we discuss the integration of security & the business and why are they often viewed as separate entity's? 

Contact Joe and the Business of Cyber:

Email: [email protected]

Website: businessofcyber.com

LinkedIn: Joe Vinck

Twitter: @joey_vinck

Instagram: @businessofcyber

OFFER FOR FIRST TEN EPISODES

In order to enter for a chance to win each book discussed in the first 10 episodes, please rate & leave a review wherever you listen to podcasts and reach out to Joe via Email, LinkedIn, or Instagram with your username to let us know you've rated. Winners will be announced after Episode 10.

Adam Cummings currently runs Third Party Risk at the global technology giant, Intuit. Prior to that, Adam was a Consultant at MindPoint, part of the security leadership team at PNC Bank, and faculty member at the legendary graduate engineering program at Carnegie Mellon. If that wasn't enough, he's served in both the US Marine Corps & the Peace Corps. 

On today's episode, Adam and I discuss:

How do you view the compliance based & risk based approaches to cybersecurity?

What have been the primary differences in managing security at a large bank vs. a large technology company?

What approaches have you seen be consistently successful for communicating well with a business audience?

How do you advise organizations structure their teams & position themselves to best influence business decisions and map to business outcomes?

Contact Joe and the Business of Cyber:

Email: [email protected]

Website: businessofcyber.com

LinkedIn: Joe Vinck

Twitter: @joey_vinck

Instagram: @businessofcyber

OFFER FOR FIRST TEN EPISODES

In order to enter for a chance to win each book discussed in the first 10 episodes, please rate & leave a review wherever you listen to podcasts and reach out to Joe via Email, LinkedIn, or Instagram with your username to let us know you've rated. Winners will be announced after Episode 10. 

Welcome to the first episode of the Business of Cyber podcast. We provide consistent, relevant, and valuable content to help security leaders better align with their business peers while helping business people better understand the value and business impact of cyber security.

Our guest today is Gabriel Friedlander. Gabriel is the Founder of Wizer - an organization with the mission to provide free security awareness training for everyone. To date they've partnered with over 3000 organizations to offer free, simple, educational, and entertaining training content. Prior to starting Wizer, Gabriel was a Co-Founder of ObserveIT, an insider threat management platform, which sold to Proofpoint last year for $225 million. 

On today's episode, Gabriel and I walk through:

How do view the potential business impact of insider threats, given insiders can have direct access to the "keys to the kingdom?" 

What training/HR policies can be put in place to best minimize the risk of insider threats? 

How can security teams market their projects, solutions, and investments, to be better received by the business?

What do car brakes and security teams have in common?

Contact Joe and the Business of Cyber:

Email: [email protected]

Website: businessofcyber.com

LinkedIn: Joe Vinck

Twitter: @joey_vinck

Instagram: @businessofcyber

OFFER FOR FIRST TEN EPISODES

In order to enter for a chance to win each book discussed in the first 10 episodes, please rate & leave a review wherever you listen to podcasts and reach out to Joe via Email, LinkedIn, or Instagram with your username to let us know you've rated. Winners will be announced after Episode 10.