Dec 8, 2025
This episode was about agentic IAM—what it is and the risks that come with letting non-human agents act for customers. We defined external IAM, then traced how the industry moved from basic login and MFA to consent, delegation, and now agent-to-agent interactions. Along the way we unpacked key risks for CISOs...
Nov 10, 2025
CISO Sandy Dunn breaks down her blueprint for AI-ready defense—pairing MITRE ATT&CK v18 with MITRE ATLAS to move from policy to behavior-based detections. We hit practical AI governance, her early focus on defending and understanding AI, and how OWASP GenAI tools turn checklists into action.
Segment Resources:...
Oct 13, 2025
Jennifer Selby Long reframes security awareness as more than training—it’s about earning trust and influence with executives and security teams. She shares leadership lessons on how to build stronger alignment and support for security initiatives.
Visit https://cisostoriespodcast.com for all the latest...
Sep 8, 2025
Dawn Capelli, Head of OT-CERT at Dragos, unpacks the evolving risks to Operational Technology. From nation-state attacks on Ukraine’s infrastructure to hacktivists targeting U.S. water systems, she explains the PIPEDREAM malware, the top five SANS critical OT controls, and how Dragos’ OT-CERT program offers...
Aug 11, 2025
Kevin Nikkhoo joins the show to explore Security Operations Center as a Service (SOCaaS) and how it compares to traditional SOC models. He breaks down which organizations benefit most from this approach and how AI is reshaping modern SOC operations. Listeners will gain a clear understanding of how SOCaaS can enhance...