The Professional CISO

Welcome to Episode 9 of the Professional CISO Podcast hosted by David Malicoat.
David meets up with Ryan Bachman, currently the Executive Vice President and Global Chief Information Security Officer at General Motors Financial. They discuss Bachman's career journey, from his early fascination with technology to his current role. Additionally, they highlight the significance of building trust and service within an organization and discuss the future trajectory of the CISO role in the corporate world as the responsibilities of the CISO role expand.
Sponsors: 
This episode is brought to you by Valence Security. Take steps to secure your SaaS apps and more at https://www.valencesecurity.com/
Impactful Moments:
00:00 - Welcome
03:30 - Introducing guest, Ryan Bachman
07:27 - Tech Driven vs Business Driven
12:25 - They DO Understand
17:20 - Broader Executive Skills
20:08 - Thanks to Valence Security
22:44 - Building Your Brand as A CISO
26:24 - Giving Good Service as A CISO
29:13 - Driving Innovation in Cybersecurity
37:38 - The Expanding Role of the CISO
46:47 - 10 Questions
 
Links:
Connect with our guest, Ryan Bachman:
https://www.linkedin.com/in/ryan-bachman-9253296/

A Texas Tech2Table event sets the stage for David and his podcast guest, James Binford, an Offensive Security Director. They discuss how his background as a former BISO influences his insights on offensive and defensive security, specifically surrounding healthcare. The conversation also touches on AI in security, and the importance of incorporating writing and storytelling to help formulate your message.
Sponsors: 
This episode is brought to you by ContraForce. When you need to to get maximum productivity from your existing Microsoft Security stack and other leading tools, you should be working with ContraForce. https://www.contraforce.com/
Impactful Moments:
00:00 - Welcome
02:09 - Introducing guest, James Binford
04:15 - Challenges of OffSec
08:35 - Healthcare Specific Defense Tips?
10:00 - Proactive on AI
11:58 - From Our Sponsor, Contraforce
12:58 - Advice for Healthcare CISOs
14:05 - CISOs Start with Writing
16:13 - Future of Healthcare Security
19:10 - 10 Questions
 
Links:
Connect with James Binford:
https://www.linkedin.com/in/jamesbinford/

Welcome to Episode 7 of the Professional CISO Podcast, Hosted by David Malicoat
David reunites with longtime friend and former coworker, Patrick Benoit. They explore the evolution and professionalization of the CISO role, Pat's career journey from technology and military service to cybersecurity leadership, and the necessity of soft skills alongside technical knowledge. They also discuss the challenge of guiding boards on cyber risk, the relationship between CISOs and technology executives, and the importance of developing trust and leadership qualities.
Don’t forget to subscribe to the podcast and join us on LinkedIn so we can keep the conversation moving forward. www.theprofessionalciso.com
Sponsors: This episode is brought to you by our foundational sponsor, Interpres Security. Visit www.interpressecurity.com/HVM to learn more!
Impactful Moments:
00:00 - Welcome
02:06 - Introducing guest, Pat Benoit
06:08 - Licensing CISOs?
07:37 - CISO Now Is Like CIO Then
09:25 - The ‘Trust & Inspire’ Skills
13:12 - Little c to Big C in CISO
16:00 - Approaching Other ‘C’ Roles
20:11 - 10 questions
27:15 - Cyber-Risk Insight
 
Links:
Connect with Pat Benoit:
cyber-riskinsights.com
https://www.linkedin.com/in/patricklbenoit/
Books Mentioned:
https://www.amazon.com/Extreme-Ownership-U-S-Navy-SEALs/dp/1250067057
The Four Agreements

Welcome to Episode 6 of the Professional CISO Podcast, Hosted by David Malicoat
Today’s lesson in becoming a professional CISO goes back to where a lot of our journey began; the SEC complaint against Solarwinds and its CISO, Tim Brown. David points out the good, the bad, and the key takeaways from the complaint that you can take to work with you today. 
Don’t forget to subscribe to the podcast and join us on LinkedIn so we can keep the conversation moving forward.
Sponsors: 
This episode is brought to you by ContraForce. When you need to to get maximum productivity from your existing Microsoft Security stack and other leading tools, you should be working with ContraForce. https://www.contraforce.com/
Impactful Moments:
00:00 - Welcome
02:14 - Disclaimers
02:59 - Background
04:17 - What the SEC Got Right
05:43 - Where the SEC Fumbled
08:16 - Conflating the Publications
10:46 - Who Can Publish Public Statements?
12:10 - Takeaways
15:52 - From our Sponsor, Contraforce
16:52 - Buried Four Levels Deep in the Org
22:40 - Closure
 
Links:
Join the Conversation: www.theprofessionalciso.com
SEC Complaint: https://www.sec.gov/news/press-release/2023-227
NIST CSF: https://www.nist.gov/cyberframework
NIST 800-53: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf

Welcome to Episode 5 of the Professional CISO Podcast, Hosted by David Malicoat
Part of becoming a professional CISO means knowing how to interact with stakeholders, so David sits down with Shashank Tiwari, CEO at Uno.ai, to help illuminate the path forward when it comes to all things AI. David brings the big questions, so get ready to take notes as Shashank dishes the advice you’ve been looking for.
Sponsors: 
This episode is brought to you by ContraForce. When you need to to get maximum productivity from your existing Microsoft Security stack and other leading tools, you should be working with ContraForce. https://www.contraforce.com/
 
Impactful Moments:
00:00 - Welcome
01:20 - Introducing guest, Shashank Tiwari
05:05 - Storytelling & Human Connections
09:57 - Security for AI, AI for Security
12:47 - From our Sponsor, Contraforce
13:58 - Securing How We’re Using AI & the Unknown
20:14 - The CISO as the AI Voice of Reason
23:03 - AI/SEC Regulations & Potential Impacts
28:20 - AI & the Skills Gap
33:10 - AI & Skill Certifications
36:37 - 10 Questions
 
Links:
Connect with Shashank Tiwari:
https://www.linkedin.com/in/tshanky/

Welcome to Episode 4 of the Professional CISO Podcast, Hosted by David Malicoat.
The scenery changes on our journey to becoming a professional CISO, as David sits down with guest Nick Lantuh, CEO of Interpres Security. Looking at the CISO role from the top, Nick describes his perspective as someone with CEO and Board member experience, but he also ways for CISOs to bring innovation to the table.
Sponsors: This episode is brought to you by our foundational sponsor, Interpres Security. Visit www.interpressecurity.com/HVM to learn more!
Impactful Moments:
00:00 - Welcome
01:29 - Introducing guest, Nick Lantuh
05:41 - CISO’s with Cyber Chops
08:22 - Believe, Lead, Succeed
10:01 - From our Sponsor, Interpres Security
10:55 - CISO Introspection
15:20 - Cyber Savings
19:35 - Prioritization of Threat & Defense
27:38 - Tool Maximization and CTEM
31:21 - 10 Questions
 
Links:
Connect with Nick Lantuh:
https://www.linkedin.com/in/nicklantuh/
You’re a crucial part of the conversation:
www.theprofessionalciso.com

Welcome to Episode 3 of the Professional CISO Podcast, Hosted by David Malicoat.
David gets to enjoy an in-person interview with new friend, Will Long, an Independent Healthcare CISO. Will speaks candidly about the complexity of cyber risk in the healthcare field and how it impacts leadership at the CISO level in various capacities. Listeners will enjoy hearing general tips about stakeholder management and creating effective solutions for the specific problems they face. 
Sponsors: This episode is brought to you by our foundational sponsor, Interpres Security. Visit www.interpressecurity.com/HVM to learn more!
 
Impactful Moments:
00:00 - Welcome
01:13 - Introducing guest, Will Long
03:59 - The Case for a CISO Professional
05:50 - Healthcare vs Other Industry
11:02 - Communicating with Healthcare Practitioners
13:32 - From our Sponsor, Interpres Security
14:25 - Moving Faster in Healthcare
17:09 - Automation in Healthcare
19:08 - Working on Your Executive Presence
23:40 - Cyber-Risk Quantification in Healthcare
27:18 - 10 Questions
 
Connect with our guest, Will Long:
https://www.linkedin.com/in/williamlongsr/
Engage with the THPC community on LinkedIn:
https://www.linkedin.com/company/the-professional-ciso-podcast/

Welcome to Episode 2 of the Professional CISO Podcast, Hosted by David Malicoat.
David sits down with Michael Jenks, CTO and co-founder of Interpres Security. They discuss the potential of threat-informed defense and automation; highlighting them as key pieces in the newest capabilities in cybersecurity. They should be on the CISO radar to help prioritize and make informed decisions that can bring them to the next level.
Sponsors: This episode is brought to you by our foundational sponsor, Interpres Security. Visit www.interpressecurity.com/HVM to learn more!
 
Key Moments:
00:00 - Welcome
00:57 - Introducing our Guest, Michael Jenks
03:24 - Compliance is Not Security
06:32 - The Quantitative Realm
10:26 - Thanks to Our Sponsor, Interpres
11:23 - It’s All About Automation
14:49 - A Symbiotic Relationship
16:28 - Continuous Threat Exposure Management (CTEM)
19:14 - What Should CISOs Be Thinking?
36:11 - 10 Questions
 
Connect with our Guest, Michael Jenks:
https://www.linkedin.com/in/michaeljenks/
Engage with the THPC community on LinkedIn:
https://www.linkedin.com/company/the-professional-ciso-podcast/

Welcome to Episode 1 of the Professional CISO Podcast, Hosted by David Malicoat.
 
Our journey continues with a notable figure in David’s professional development, Robert Pace, Chief Information Security Officer of Invitation Homes. He previously held positions at First American Payment Systems, Textron, and PwC. Robert Pace and David Malicoat worked together early in their careers at Perot Systems, which was later acquired by Dell Services.
This episode touches on various aspects such as risk management, team development, personal well-being, the process of professionalizing the CISO role, and more. At the end, we’ll break down the Eisenhower Matrix as a practical tool for effective decision-making and task prioritization.
 
Sponsors: 
This episode is brought to you by ContraForce. When you need to to get maximum productivity from your existing Microsoft Security stack and other leading tools, you should be working with ContraForce. https://www.contraforce.com/
 
Key Moments:
00:00 - Welcome
00:29 - Introducing our Guest, Robert Pace
01:53 - How Robert Jetted into Tech
05:55 - How Robert & David Met
10:26 - CISO Networking
13:21 - What’s Going Good/Bad in the CISO role?
18:11 - Getting Risk Management Experience
21:23 - The Process and the Risk Element
23:04 - Developing Teams
28:42 - CISO Work/Life Balance
34:03 - Eisenhower Matrix
36:11 - 10 Questions
 
Engage with the community on LinkedIn:
https://www.linkedin.com/company/the-professional-ciso-podcast/ 
 
Links to Cool Stuff:
A good guide to The Eisenhower Matrix by James Clear: https://jamesclear.com/eisenhower-box