All links and images can be found on CISO Series

We think of cybersecurity as a discipline. But when do ideas like best practices and NIST frameworks change into a system of belief?

Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Davi Ottenheimer, principal, Flying Penguin. Joining is Joshua Copeland, director of security, Crescendo.

In this episode:

• Tools, not religion
• The case for structured discipline
• The management problem underneath
• Fix the damn holes

A huge thanks to our sponsor, ThreatLocker

ThreatLocker delivers Zero Trust Network Access and Zero Trust Cloud Access that verifies both user and device before granting access to specific applications. No broad access, nothing exposed, and no reliance on credentials alone. It's a smarter way to control access and reduce risk. Learn more at ThreatLocker.com/CISO.

All links and images can be found on CISO Series

We know human-paced security controls can't be applied to autonomous AI agents. So what needs to change with CNAPP and cloud security?

Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Dan Benjamin, vp product - data, identity, and AI security, Palo Alto Networks.

In this episode:

• The detection ceiling
• A category gap, not a feature gap
• Resilience by design
• An insider threat with no face

A huge thanks to our sponsor, Palo Alto Networks

Cortex Cloud unifies code, cloud, and SOC on a single data, risk, and control plane — giving teams the context, workflows, and agentic intelligence to turn risk into resolution. Native AI agents investigate and act within enterprise guardrails, delivering real-time protection from workload to network edge. Cloud security that outpaces machine-speed threats. Visit Palo Alto Networks and search cortex cloud.

All links and images can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our guest, Paul Guerra.

In this episode:

• Read the contract
• How vendors win before the evaluation ends
• The fallout
• The real cost

A huge thanks to our sponsor, Native Security

Native makes secure-by-design inherent to how the cloud operates. It's the control plane for built-in cloud security, unifying and governing native controls, so security intent is defined once and applied consistently across providers. Learn more at native.security.