From the Middle Tennessee ISACA Conference, Cool Springs, Tennessee, March 2025.

Stacy Mill is a seasoned cybersecurity and IT executive with a track record of leading complex technology initiatives in both the public and private sectors. She has served as CTO for the State of Kansas, VP of IT and CISO at Nashville Electric Service, and global CISO at major enterprises like Spirit AeroSystems and Yum Brands. Stacy is also an active board member and thought leader in the utility and cybersecurity communities.

In this discussion, she discusses the evolving landscape of cybersecurity, emphasizing the importance of leadership, communication, and mentorship in navigating complex risk environments. Stacy also offers insights into building resilient teams, working effectively with boards, and fostering diversity in tech leadership. Her story underscores the value of adaptability, continuous learning, and advocating for others in the cybersecurity field.

In this episode, Greg Schaffer interviews James Pham, CEO and co-founder of Opsin, who shares his unique journey from chemistry medalist in high school to tech entrepreneur. James discusses how his academic and professional path took him from studying in Korea and working in Singapore to pursuing his entrepreneurial dream in the U.S., eventually earning a spot at MIT where he taught machine learning. He later joined Abnormal Security in the Bay Area, gaining insight into enterprise security challenges. This experience inspired him to co-found Opsin, a company focused on helping organizations manage and govern generative AI usage securely. James emphasizes the risks of shadow AI and the need for guardrails in enterprise environments, particularly as large language models become increasingly integrated into workflows.

Referenced post: https://www.linkedin.com/posts/jamesopsin_steps-to-address-oversharing-activity-7319344015231856640-gmX9/

In this episode of Security Conversations from The Virtual CISO Moment, Greg Schaffer sits down with Mick Grayson, a seasoned cybersecurity professional with a wealth of experience in both the public and private sectors. Together, they explore the evolving challenges of managing risk in an increasingly complex threat landscape, the importance of mentorship in cybersecurity leadership, and how small and midsized organizations can build practical, resilient security programs. With thoughtful insights and real-world anecdotes, Mick offers valuable perspective for security leaders at every level.

In this episode of Security Conversations from The Virtual CISO Moment, we’re joined by Wil Ku, a seasoned cybersecurity leader with deep expertise in risk management, security strategy, and governance. With a background that spans both public and private sectors—including leadership roles at top consulting firms and critical infrastructure organizations—Wil shares insights on building resilient security programs, aligning cybersecurity with business objectives, and navigating the evolving regulatory landscape. Tune in for a practical, forward-looking conversation that highlights the importance of adaptability, leadership, and strategic thinking in today’s threat environment.

Rick Hein is the cofounder of Strategic Defense. He is a cybersecurity SME who wants to teach your organization how to secure your networks and applications from threat actors by simulating real-world attacks. We touch on many topics, including the need to be truthful and transparent in information security.

Brian Liceaga is the SVP, Cybersecurity at Qubika, where they are shaping the future of next-generation applications by seamlessly integrating high-quality UX, robust security, and AI-driven intelligence. Join us as we discuss AI in cybersecurity, starting and exiting a business, and what a "carbon analyst" is (it may be related to V'Ger).

From the ISACA Middle Tennessee conference, March 2025.

Dan Houser is a vCISO; 2024 Chair of the Board, ISC2; advisory strategist board member, NACD Certified Director, and more. He enables the business to take on more risk, safely, to acquire new markets, open new countries of operation and make connections that were impossible before. He helps organizations transition and achieve twice as much with half as much. As one example, he helped $120Billion company sidestep PCI-DSS rather than going through crazy levels of compliance, saving more than $100million.

Security practitioners and small and midsized business owners often do not pay necessary attention to the legal aspects of security and privacy. Thomas Ritter is an attorney and co-owner at Ritter Gallagher, a data privacy and cybersecurity law firm. Ritter Gallagher provides clients of all sizes with governance, risk management and compliance solutions based on a careful understanding of clients' data practices, business operations and objectives, and technological and regulatory landscape. Join us as we dive into this important aspect of information security and privacy.