Defense in Depth

All links and images can be found on CISO Series
We know human-paced security controls can't be applied to autonomous AI agents. So what needs to change with CNAPP and cloud security?
Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Dan Benjamin, vp product - data, identity, and AI security, Palo Alto Networks.
In this episode:
The detection ceiling
A category gap, not a feature gap
Resilience by design
An insider threat with no face
A huge thanks to our sponsor, Palo Alto Networks

Cortex Cloud unifies code, cloud, and SOC on a single data, risk, and control plane — giving teams the context, workflows, and agentic intelligence to turn risk into resolution. Native AI agents investigate and act within enterprise guardrails, delivering real-time protection from workload to network edge. Cloud security that outpaces machine-speed threats. Visit Palo Alto Networks and search cortex cloud.

All links and images can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our guest, Paul Guerra.
In this episode:
Read the contract
How vendors win before the evaluation ends
The fallout
The real cost
A huge thanks to our sponsor, Native Security

Native makes secure-by-design inherent to how the cloud operates. It's the control plane for built-in cloud security, unifying and governing native controls, so security intent is defined once and applied consistently across providers. Learn more at native.security.

All links and images can be found on CISO Series
All security startups will tell you they talk to potential customers. The problem is that you limit your development when you only talk to CISOs who might buy. It's not the same guidance you'll get from a CISO who advises.
Check out this post by Val Tsanev of the Cyber Risk Alliance for the discussion that is the basis of our conversation.
This week's episode is co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Steve Jensen, CISO, University of Maine System.
In this episode:
Building for whom?
The only feedback loop that matters
Valid, but for whom?
Rethink the advisor roster
A huge thanks to our sponsor, Material Security

Legacy email security only watches the door. Material protects your entire cloud workspace—email, files, and accounts—as one ecosystem. It's more coverage for less than the cost of a legacy SEG. One price, no surprises: just security that covers the whole surface area. Learn more at material.security.

All links and images can be found on CISO Series.
Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Rob Allen.
In this episode:
The vulnerable stack
Changing the structural economics
Change the terrain
The cost-benefit equation
A huge thanks to our sponsor, ThreatLocker

ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

All links and images can be found on CISO Series
Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Heath Renfrow, co-founder, Fenix24.
In this episode:
Knowing which systems to save first
Recovery is a business conversation, not an IT ticket
Not all systems are created equal
Recovery knowledge as a governed asset
A huge thanks to our sponsor, Fenix24
 
Fenix24 is the world's leading breach recovery firm, providing rapid ransomware restoration, full asset visibility, and threat informed hardening. Alongside expert recovery services, Fenix24 delivers ongoing managed protection that secures backups, infrastructure, and critical controls, helping organizations stay resilient, recoverable, and prepared for modern cyber threats. Learn more at fenix24.com.