Podcasts

  • I appeared with Mitch Ashley and JJ Minella on Techstrong TV to discuss the realities of a CISO’s journey into the boardroom, liability, and the SEC’s new disclosure rules.


  • In this episode of CISO Tradecraft, Andy Ellis talks about the concept of 1% leadership and how small, consistent improvements can lead to significant results in cybersecurity leadership.


  • Interview with Bishop Fox security research team about leadership at RSAC 2023.


  • Why does it seem that the only time we hear about a company’s concern about security and privacy is after they’re compromised. It is only at that moment they feel compelled to let us know that they’re taking this situation very seriously because as we’ve ll heard before “security and privacy are very important to…


  • Andy Ellis joins Alan at RSA to discuss his new book, 1% Leadership.


  • https://cisoseries.com/cant-you-just-pop-out-of-zeus-head-a-fully-formed-security-professional/ This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Joe Lewis, CISO, CDC. Full transcript [Voiceover] What I love about cybersecurity. Go! [Joseph Lewis] It really is a place for everybody. As an industry, we attract people like boxers and nurses and people from IT Ops and Audit and…


  • https://cisoseries.com/no-need-for-chaos-engineering-since-our-architecture-is-always-failing/ This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Mike Wiacek, CEO, Stairwell. Full transcript [Voiceover] What I love about cybersecurity. Go! [Mike Wiacek] I love the game, that cybersecurity is almost adversarial by design. Whatever we do as defenders to try and protect systems that we’re responsible…


  • https://cisoseries.com/why-arent-you-on-slack-where-i-can-interrupt-you/ This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Howard Holton, CTO, GigaOm. Full transcript [Voiceover] Best advice I ever got in security. Go! [Howard Holton] Keep it simple. You’re likely overcomplicating it. The reality is we spend a lot of time as technologists kind of buried in technology…


  • https://cisoseries.com/this-unwanted-cold-call-made-possible-thanks-to-this-months-sales-quota/ A CISO calls on security vendors to stop the spamming and cold calling. Are these annoyances the direct result the way salespeople are measured? Is that what drives the desperation and bad behavior? This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Dmitriy Sokolovskiy, CISO, Avid. Full…


  • https://cisoseries.com/adversaries-beef-up-their-shiny-object-distraction-campaign/ We are all very easily distracted, and adversaries know that. So they’ll try any little trick to make us not pay attention, look away, or do what we’re not supposed to do all in an effort to break our human defenses. This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy),…


  • https://open.spotify.com/episode/47RkcLAiY8RfT5glaFhAsJ Key insights from this episode featuring Jeremy Turner, Deputy CISO at Paidy:⚡ Security without passwords. “In a market like Japan, things are quite different. Thinking out of the box is probably the most critical skill we need. When we think about the consumer experience, they don’t have to deal with [passwords], and that really does…


  • https://cisoseries.com/stir-in-a-little-merger-and-acquisition-and-voila-youre-a-target/ There is a lot unknown before, during, and after a merger and that can make employees very susceptible to phishing attacks. But, at the same time, the due diligence that goes into an M&A can often open up signs of previous or active compromise, noted Rich Mason of Critical Infrastructure.What does a proposed merger…


  • https://techdebtburndown.com/episode_s02e02/ “Stop calling it technical debt” – Andy EllisWith intros over, Nick asks Andy about metrics, and Andy immediately responds by saying “stop calling it technical debt”. Executives have an understanding of ‘debt’, and it’s not a bad word for them, it’s what fuels everything around them. This leads into discussion of when’s the right…


  • https://open.spotify.com/episode/2wmxzrpQspD3wKXzWvN6Gp 💡 Name: Jay Thoden van Velzen💡 What he does: Strategic Advisor to the CSO at SAP.💡 Noteworthy: SAP is one of the world’s leading producers of software for the management of business processes and a company on a mission to help the world run better and improve people’s lives.


  • https://cisoseries.com/were-here-were-highly-unqualified-get-used-to-it/ “Does anyone else feel like the security field is attracting a lot of low-quality people and hurting our reputation,” asked a redditor on the cybersecurity subreddit who remembers a time when security personnel were seen as highly experienced technologists. But now they believe people view cybersecurity as an easy tech job to break into…


  • https://open.spotify.com/episode/1X6yRFgxfYymbG3qYO1hti 💡 Name: Jadee Hanson💡 What she does: She’s the CIO and CISO at Code42.💡 Noteworthy: As CIO and CISO at Code42, Jadee Hanson leads global risk and compliance, security operations, incident response, and insider threat monitoring and investigations. She brings more than 17 years of experience in information security and a proven track record of building security…


  • https://cisoseries.com/sound-security-advice-thats-perfect-to-ignore/ It appears our security awareness training is falling short at the point of taking any type of real action. While most people are aware of the need for secure passwords, they don’t create secure passwords. They are taking the easier way out rather than the secure path which isn’t that far from the easy…


  • https://cisoseries.com/entry-level-position-available-15-years-experience-required/ That headline is not a joke. An actual job listing on LinkedIn requested just that. We’re all hoping this was an error. Regardless, the community response to it was truly overwhelming, speaking much to the frustration of green and junior cybersecurity job seekers who are truly looking for entry level jobs.This week’s episode is hosted by David…


  • https://cisoseries.com/get-all-the-stress-you-want-with-none-of-the-authority/ CISOs and other security leaders have a lot of stress. But so do other C-level employees. Why does a CISO’s stress seem that much more powerful? Is it that their job is still in constant development, or is the “C” in their name just in title, but not authority?This week’s episode is hosted by David…


  • https://open.spotify.com/episode/3NhKH69mHwhXI70KgNSc15 💡 Guest: Kathy Wang, Chief Security Officer at Discord💡 Noteworthy: Kathy is a security executive and leader with a strong background in project management, research, and business development. She has worked in government, commercial, and technology startup environments and currently advises startups that offer security services/products. Key Insights ⚡ The importance of access control in security. Improving…


  • https://cisoseries.com/we-built-this-city-on-outdated-software/ “The biggest threat to national security is that many of the most vital systems on the planet CURRENTLY run on outdated and insecure software,” said Robert Slaughter of Defense Unicorns on LinkedIn. That’s at the core of the third-party security issue.This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating…


  • https://cisoseries.com/wrong-answers-to-revealing-interview-questions/ Security leaders will often ask challenging or potentially gotcha questions as barometers to see if you can handle a specific job. They’re looking not necessarily for a specific answer, but rather a kind of answer and they’re also looking to make sure you don’t answer the question a specific way. Don’t get caught in…


  • https://cisoseries.com/i-pity-the-fool-who-builds-a-homogeneous-cyber-a-team/ If you want to build a successful cybersecurity team, you need to be diverse, mostly in thought. But that diversity in thought usually is the result of people with diverse backgrounds who have had different experiences and have solved problems differently. It’s actually really hard to hire a diverse team because what people want…


  • https://cisoseries.com/who-do-you-need-to-trust-when-you-build-a-zero-trust-architecture/ Uggh, just saying “zero trust” sends shivers down security professionals’ spines. The term is fraught with so many misnomers. The most important is who are you going to trust to actually help you build that darn zero trust program? Are you going to look at a vendor that’s consolidated solutions and has built programs like this…


  • https://cisoseries.com/the-best-interview-questions-and-the-answers-you-want-to-run-from/ You want an awesome job in cybersecurity, and you want to ask the right questions. What are the right answers, and which ones are red flags that should cause you to run?This week’s episode is hosted by  David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Renee Guttman, former CISO,…


  • https://cisoseries.com/its-ok-to-look-like-a-cyber-hero-just-dont-act-like-one/ Security professionals should turn in the cyber hero mentality for the “sidekick” role. Many cybersecurity leaders believe they need to save the company from all the stupid users who can’t protect themselves. The reality is security professionals should lose the saviour mentality for a supporting role where they’re running alongside different business units trying…


  • https://cisoseries.com/when-good-decisions-go-bad/ You can make the right decision given the information you have, but everything is a risk, so there are times those good decisions are going to result in not the result you were hoping for. In essence, plenty of good decisions result in poor outcomes.This week’s episode is hosted by David Spark (@dspark), producer of CISO…


  • https://cisoseries.com/yuck-now-everyone-has-touched-my-data/ What can you do when your data keeps passing through different third party applications? Your data is being accessed and manipulated by more people, more applications, and more security policies that may not be aligned with your security policies. It seems once it leaves your environment, it’s out of your control.This week’s episode is…


  • https://open.spotify.com/episode/0iVYSb340x2z112H0nBxOB Guest-at-a-Glance💡 Name: Allison Miller💡 What she does: Allison is the VP of Trust at Reddit.💡 Noteworthy: Allison was in marketing before dedicating her career to cybersecurity.


  • https://open.spotify.com/episode/3UKA35LWdXaKvR7Wi7xOUj Guest-at-a-Glance💡 Name: Amanda Fennell💡 What she does: She’s the CIO and CSO at Relativity.💡 Noteworthy: Amanda joined the Relativity team in 2018 as the CSO, and her responsibilities expanded to include the role of the CIO in 2021. She’s responsible for championing and directing security strategy in risk management and compliance practices, as well as building and…


  • https://cisoseries.com/what-does-it-cost-to-prove-security-is-working/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is John McClure (@johnmcclure00), CISO, Sinclair Broadcast Group. Full transcript [Voiceover] What I love about cyber security. Go! [John McClure] Yeah, I think what I love most is really the challenge, how quickly the field is moving. Every day is…


  • https://open.spotify.com/episode/381QqF5KDLa7cdzVegq8Kn Episode Summary Cybersecurity is an ever-changing field. And since the emergence of the cloud, social media networks, and machine learning algorithms, the security space has continued to evolve to respond to the market’s needs. But some things never change — the willingness to learn, adapt, and improve remains the golden standard of cybersecurity. In…


  • https://cisoseries.com/will-employees-eventually-violate-security-policies/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Jadee Hanson (@jadeehanson), CIO/CISO, Code42. Full transcript [Voiceover] 10-second security tip, go! [Jadee Hanson] When you see an employee put company data at risk, don’t assume it was done maliciously. Remind yourself that collaboration tools of…


  • https://hackervalley.com/cyberranch/board-reporting-metrics-pt.-2-w-andy-ellis Andy Ellis, CISO at Orca Security, is back for part 2 of this series on Board Reporting Metrics. In Episode 1, Andy and host Allan Alford addressed some of the most common questions posed by the board and shared their perspective on what the board needs to know from a cybersecurity standpoint. In this…


  • https://cisoseries.com/gartner-creates-another-category-for-everyone-to-ignore/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is RJ Friedman, CISO, Buchanan Technologies. Full transcription [Voiceover] Biggest mistake I ever made in security. Go! [RJ Friedman] The biggest mistake I’ve ever made in cyber security was assuming that everyone else cared as much as I…


  • https://open.spotify.com/episode/4cWnHffaVFtWrf2fAOlfDU Episode Summary The cloud has been around for a while now. And ever since it emerged — two decades ago — it has brought in new ways to think about security, identity, and access management. But at the end of the day, we still need to make sure that the right people have the…


  • https://cisoseries.com/decommission-our-legacy-tech-or-just-shut-down-the-business/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is TJ Mann (@teejaymann), CISO, Children’s Mercy Kansas City. Full transcriptI [Voiceover] Best advice I ever got in security. Go! [TJ Mann] Your data is your most valuable asset. Be careful who you share with your data with, and what…


  • https://open.spotify.com/episode/0EyOmAwm6YHhtUzuhgF0iD Episode Summary It’s been more than a decade since the cloud emerged as a new concept. And it’s safe to say that it has practically become the new normal, especially since the COVID-19 outbreak. However, when it comes to improving cyber security and risk management in the cloud, we still have a long way…


  • https://hackervalley.com/cyberranch/board-reporting-metrics-pt.-1-w-andy-ellis/ In this episode, Allan is joined by the CISO at Orca Security, Andy Ellis, to share his thoughts on board reporting metrics. What does the board need to know from a cybersecurity perspective? One of the questions is often: “Are we secure?” Is that even the right question? How much should you talk about…


  • https://cisoseries.com/lifes-certainties-death-taxes-and-violating-security-policies/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Bruce Schneier (@schneierblog), chief of security architecture, Inrupt and fellow and lecturer at Harvard Kennedy School. Full transcript [Voiceover] Best advice for a CISO. Go! [Bruce Schneier] I teach a class in cyber security policy at the Harvard Kennedy School, basically…


  • https://open.spotify.com/episode/5vf7duS2OlrUUqjARONtMb When someone says Pinterest, the first thing that comes to mind is a social platform and a place to seek inspiration. But for the people working behind the scenes, it’s more than that. In February 2021, Pinterest had 459 million active monthly users. That’s a lot of data and traffic, and security measures must…


  • https://www.youtube.com/watch?v=mQAxpR733s0 In this episode, Alyssa talks to Andy Ellis about presenting security to the business in a way that encourages them to participate.


  • https://open.spotify.com/episode/0SidaJEUzBGCyy8yKVtq1E Security and privacy are burning topics in the cloud era. But not many companies have professionals dealing with these issues. Therefore, it’s critical to make the topic of cybersecurity more accessible to business owners and board members. In this episode of Cloud Security Reinvented, we get to hear from Justin Somaini, the Chief Security…


  • https://open.spotify.com/episode/6c3omCDomJUBH3xWEwAx1J Episode Summary Cloud security looks a lot different to an outside observer than to an insider. And everyone thinks that some companies are further along in their cloud maturity journey than they really are. But there’s still a lot of work to be done regarding cybersecurity, so organizations should focus more on becoming cloud-native…


  • https://cisoseries.com/why-cisos-avoid-the-dreaded-request-a-demo-button/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Jim Routh (@jmrouth1), former CISO for MassMutual and CVS/Aetna. Full transcription [Voiceover] Biggest mistake I ever made in security. Go! [Jim Routh] The biggest mistake in security was actually following and meeting stakeholder expectations. Specifically the board and…


  • https://cisoseries.com/whats-next-in-cybersecurity-look-at-last-year-and-expect-more/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Ori Arbel, CTO, CYREBRO. Full transcript [Voiceover] 10-second security tip. Go! [Ori Arbel] After you bought it, that’s awesome, but make sure you set it up properly. In a month or two months’ time, go back, revisit…


  • https://open.spotify.com/episode/3knxTHDGGThKakRZ2ouWJB Episode Summary There’s no universal rule for breaking into a new industry. And the same goes for starting a career in the information security field. But one thing’s for sure — if you let your passion guide you and you’re willing to work hard, there’s no limit to what you can accomplish. In this…


  • https://cisoseries.com/are-you-attending-the-what-to-worry-about-next-security-conference/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Jason Witty, CSO, USAA. Full transcript [Voiceover] Best advice for a CISO. Go! [Jason Witty] Don’t try to prevent everything. I would spend probably about roughly 40 to 45% of your budget on prevention. Probably more like 40…


  • https://www.youtube.com/watch?v=FT-NBOYrkeI


  • https://open.spotify.com/episode/2lNsoo9AFEHvYahkr2YBNR Episode Summary Over a long security career, not only do professionals grow and change, but the world they’re operating within also changes. And talking about security, we are witnesses to the transition from local software to cloud security. The cloud brought new trends in solving security problems. But certain practices from the pre-cloud era…


  • https://cisoseries.com/how-to-be-so-awesome-cisos-cant-ignore-you/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Katie Stebbins (@ktlgs), board president, Global Epic. Full transcript [Voiceover] Ten second security tip. Go. [Katie Stebbins] Make cyber security friends, not enemies, inside your organization. Be friends with the people trying to help you do responsible cyber security.…


  • https://open.spotify.com/episode/5gDdavIqVuWIOwOrvHmKZK Episode Summary Implementing an effective security program has become a necessity over the past decade. And without a doubt, all businesses need to level up their security game to mitigate risks and protect their information. But small- and mid-market companies are somehow left behind when it comes to security guidance and realistic capabilities. In…


  • https://cisoseries.com/if-the-network-is-up-somebody-is-violating-our-acceptable-use-policy/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Matt Radolec, senior director, incident response and cloud operations, Varonis. Full transcript [Voiceover] Ten-second security tip, go! [Andy Ellis] There’s a tendency in cyber to overemphasize specific IOCs, and we’re seeing this a lot with Log4j and…


  • https://open.spotify.com/episode/1MminP7AWPutYfASjJpM7Z The cloud is the future for a reason. Besides its massive impact on security and more convenient file storage options, the cloud has fostered the creation of an environment where you can have all the information in the palm of your hand. And speaking of the cloud and technology, the best is yet to…


  • https://cisoseries.com/what-we-lack-in-security-well-make-up-in-school-spirit/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Dave Stirling, CISO, Zions Bancorporation. Full transcript [Voiceover] Ten-second security tip, go! [Dave Stirling] How do you know your managers are being thoughtful about certifying their users’ access rather than just rubber-stamping the recertification request? So, you can…


  • https://open.spotify.com/episode/58u0ezHnngNW1xQ0iGrxIr Guest-at-a-Glance 💡 Name: Ryan Gurney 💡 What he does: Ryan is the CISO-in-Residence at YL Ventures. 💡 Company: 💡 Noteworthy: Before joining YL Ventures, Ryan held security leadership positions at Looker, Google, eBay, and Zendesk. 💡 Where to find Ryan: ## Key Insights ⚡ Your cloud provider’s weaknesses can become your problem. Since the cloud has become more prevalent, many…


  • https://media.first.org/podcasts/FIRST-Impressions-Andy-Ellis.mp3 Chris, Martin, and Andy chat building teams, navigating within organizations, career change, and interpretive dance.


  • https://cisoseries.com/why-ignoring-most-of-your-vulnerabilities-is-the-best-strategy/‘ Which vulnerability should you tackle first? Second? Which ones should you ignore? Probably a lot more than you think. On this week’s CISO/Security Vendor Relationship Podcast, David Spark of CISO Series and I welcome sponsored guest Ed Bellis, CTO, co-founder, Kenna Security (now part of Cisco) to discuss vulnerability management among many other issues.…


  • https://orca.security/resources/podcast/?wchannelid=v7ih6xfqse&wmediaid=l94vm4avi3 The information security field is changing as fast as the rest of the world, and it’s safe to assume that it will grow rapidly in the years to come.If we look at the last decade, and particularly after the emergence off the cloud, we can’t help but notice how much the security field has…


  • https://orca.security/resources/podcast/?wchannelid=v7ih6xfqse&wmediaid=h01zmfgs59 If you’ve ever thought of pursuing a career in cybersecurity, we have an episode for you! Today’s guest is a career coach and a podcast co-host, and he’s here to talk to us about cybersecurity in the post-cloud era.Chris Foulon is the co-host of Breaking Into Cybersecurity, a Cybersecurity Strategist, and a noted career…


  • https://cisoseries.com/the-perfect-gift-for-a-cyber-crook/ What do you give to the person who wants to learn how to steal everything? On this week’s CISO Series CISO/Security Vendor Relationship Podcast, David Spark and I welcome sponsored guest Jim Wachhaus, director of technical product marketing, CyCognito to discuss: – How can we shore up our cybersecurity hygiene?– What have we heard…


  • https://orca.security/resources/podcast/?wchannelid=v7ih6xfqse&wmediaid=hil9bg18er Cloud computing is changing the world as we know it. So what impact does it have on the world of security?Jonathan Jaffe is the Chief Information Security Officer at Lemonade, a full-service consumer insurance company powered by artificial intelligence and behavioral economics and driven by social good. After years of experience in information security…


  • https://cisoseries.com/were-very-good-at-saying-we-care-about-diversity/ It’s extremely easy to say you want to diversify. In fact, I’ll do it right now three times. We want diversity.We’re very pro diversity and it’s our focus for the next year.Diversity is a very important part of our security program.Please don’t ask to though look at the lack of diversity on our staff.…


  • https://orca.security/resources/podcast/?wchannelid=v7ih6xfqse&wmediaid=9cf8dpfxhk When it comes to information security and technology, Drew Daniels is the person to talk to. He believes information security can be a business driver as important as providing strong leadership.Having been in the industry before cloud computing, he’s also knowledgeable about the best pre and post-cloud practices. However, despite his long experience and…


  • https://orca.security/resources/podcast/?wchannelid=v7ih6xfqse&wmediaid=071tif2v4p Regardless of the industry, most people agree that the cloud era has taken business processes to a whole new level. However, not all industries, including the airline industry, take advantage of cloud technologies as they should.In today’s episode of Cloud Security Reinvented, it is our pleasure to welcome Deneen DeFiore. Deneen is the VP…


  • https://cisoseries.com/a-quick-way-to-tell-which-vendors-you-should-avoid/ Do you really need to ask hundreds of questions to know if you want to work with a vendor? On this week’s CISO Series CISO/Security Vendor Relationship Podcast, David Spark and I welcome guest Nick Selby, CSO, Paxos Trust Company to discuss: – How do you suss out security vendors to make sure they’re…


  • Andy Ellis joins Fabien Böeck to discuss why computer security is important


  • Summary In episode 5 of the Leadership During Turbulent Times podcast, Randall Palm interviews Andy Ellis, former CSO at Akamai and current operating partner at YL Ventures, about his approach to leadership and his upcoming book on the topic. Highlights Transcript (raw) (00:00) leadership the action of leading a group of people or an organization…


  • https://cisoseries.com/whats-the-roi-of-nothing-happening/ On this week’s CISO Series CISO/Security Vendor Relationship Podcast, David Spark and I welcome my colleague Ryan Gurney, CISO-in-residence, YL Ventures to discuss: – What’s a better sign than “nothing happened” to indicate you did a good job in cybersecurity?– What happens when your company wants to use a really insecure SaaS product?– What…


  • https://orca.security/resources/podcast/?wchannelid=v7ih6xfqse&wmediaid=853km26i5c One of the aspects where we can see how much the technology has progressed is the cloud system. Cloud has become more prevalent than on-premise IT infrastructure, mainly since it is more secure and more reliable than it used to be at its very first beginnings. But how is it like to be a…


  • https://orca.security/resources/podcast/?wchannelid=v7ih6xfqse&wmediaid=poyihk0t4f We live in an era where cloud systems have beaten on-premise services. Most businesses have switched to the cloud infrastructure due to its advanced security and other useful features, but what about healthcare? How do they choose to protect and manage their systems?Meet Ben Waugh, the Chief Security Officer at Redox, a cloud-native medical…


  • https://cisoseries.com/could-we-speak-to-your-ciso-to-confirm-he-received-the-cupcakes/ This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Branden Newman, svp, CISO, MGM Resorts. “It’s generous to say that somebody saying military grade means they’re meeting a specific standard.. anybody who’s meeting a specific standard is going to…


  • https://thecyberwire.com/podcasts/interview-selects/77/notes


  • https://cisoseries.com/make-your-friends-jealous-with-our-hand-crafted-passwords/ This week’s CISO/Security Vendor Relationship Podcast was actually recorded in front of a small live audience at The Passwordless Summit in Newport, Rhode Island. The event was sponsored by HYPR, our sponsor for this episode as well. Joining me and my co-host, Andy Ellis (@csoandy), operating partner, YL Ventures, was our sponsored guest, Brian Heemsoth (@bheemsoth), head of cyber defense and…


  • https://cisoseries.com/we-shame-others-because-were-so-right-about-everything/ “I hate the ‘blame the user’ model of phishing tests. Phishing tests are to inform you about how bad your email infrastructure actually is. The user is just one piece of it.” Full Transcript Voiceover Ten second security tip. Go. Edward Contreras When engaged in a conversation, make sure you’re all using the same…


  • https://cisoseries.com/are-you-asking-how-secure-are-we-or-how-insecure-am-i/ This week’s episode is hosted by David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Kevin Morrison, CISO, Alaska Air. “If you don’t have a path for hiring that junior person and developing them all the way up to become a senior person, you know…


  • https://hackervalley.com/e/episode-166-there-is-no-skills-gap-with-andy-ellis/ Hosts Ron and Chris interview Andy Ellis, CISO for over two decades that recently started a startup. He is an operating partner at YL Ventures. Andy shares his perspective on whether there is really a skills gap or are we approaching this problem the wrong way?


  • https://techblogwriter.libsyn.com/yl-ventures-2 YL Ventures funds and supports brilliant Israeli tech entrepreneurs from seed to lead. With headquarters in Silicon Valley and Tel Aviv, YL Ventures manages $260 million and specializes in cybersecurity. It accelerates the evolution of portfolio companies via strategic advice and U.S.-based operational execution, leveraging a powerful network of CISOs and global industry leaders.Andy…


  • https://cisoseries.com/how-cisos-make-it-worse-for-other-cisos/ This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Andy Ellis (@csoandy), operating partner, YL Ventures. Full transcript (from cisoseries.com) Voiceover Ten second security tip. Go. Andy Ellis You should use multiple Chrome profiles so that you can separate your cookies and log-in credentials between your work and personal…


  • https://www.linkedin.com/video/live/urn:li:ugcPost:6808374241436811265/ Andy Ellis is the CSO Hall of Fame winner for 2021 and was the CISO of Akamai Technologies for 21 yrs and in this interview we will go with in security challenges then and now. With over 21 yrs in CyberSecurity he has seen few things which a lot of us think are standard…


  • https://hackervalley.com/cyberranch/clever-hiring-practices-w-andy-ellis/ With us today is Andy Ellis, operating partner at YL Ventures, former Akamai CSO and newly inducted member of the CSO Hall of Fame. We’re here to talk about nonstandard hiring practices and how Andy has built an amazing team using nonstandard approaches.Andy began his career in cyber (“I remember back then, you know,…


  • https://the-record.captivate.fm/episode/when-pipelines-run-dry Levi and Adam discuss the latest news on the Colonial Pipeline attack, and what the future of ransomware might look like. Andy Ellis, the former CSO of Akamai, joins later in the episode to talk about advising and investing in cybersecurity companies.


  • https://techspective.net/2021/05/10/andy-ellis-shares-insights-on-leadership-and-dc-comics/ Andy Ellis Shares Insights on Leadership (and DC Comics)


  • https://youtu.be/vUmbbIaafHA Andy shares his thoughts and experience with Jeff Chao on the role of Security Leadership Summary Andy Ellis, former chief security officer for Akamai Technologies, shares his insights on cybersecurity leadership, the importance of enabling and encouraging smart risk-taking, and the joy of using a simple but effective technology like a corkscrew. Highlights TRANSCRIPT…


  • In this special episode of the SecurityConversations podcast, outgoing Akamai Chief Security Officer Andy Ellis joins Ryan Naraine to discuss his 20-year career in cybersecurity, the ups-and-downs of building a modern security program, the monetization of security technologies, and some predictions for the future.


  • https://duo.com/decipher/decipher-podcast-andy-ellis-returns Andy Ellis, CSO of Akamai, joins Dennis Fisher to discuss the importance of setting priorities, how to assess your strengths and weaknesses as an organization, and the NFL draft.


  • https://securityconversations.fireside.fm/andy-ellis-akamai In an industry where 10-15% of staff are women, Akamai’s security team is 40% women and growing. Chief security officer Andy Ellis joins the podcast to share lessons on practical things — some subtle, some major — that pushed real diversity on Akamai’s security team.


  • https://www.recordedfuture.com/podcast-episode-187/ Our guest this week is Andy Ellis, chief security officer of Akamai Technologies. He shares the professional journey that led him to Akamai, along with his recollections of the early days of online data sharing when bandwidth was expensive and pipes were small, and the uncertainty of being part of an ambitious internet startup.…


  • https://duo.com/blog/plaintext-podcast-ep-4 Welcome back to the Plaintext Podcast with your host Dave Lewis, Global Advisory CISO for Duo Security, now part of Cisco. In this installment, I have the honour of interviewing friend and former colleague Andy Ellis, CSO of my previous employer, Akamai. In this episode, Ellis and I chat about his career path, how…


  • https://www.buzzsprout.com/926089/4502858-9-creating-more-opportunities-for-others-with-andy-ellis In this episode we chat to Andy Ellis, who, on the very day we interviewed him, was celebrating his 20th anniversary as the Chief Security Officer for Akamai. We cover many topics – from taking down the “booth babe” culture at RSA, to fighting for more representation and diversity on cyber panels, to how…


  • https://cisoseries.com/how-many-forms-of-id-do-i-need-to-buy-this-gift-card/ Getting someone to purchase gift cards is a popular vector for theft. Given that the gift card theft technique is so well known, many online sites have put up additional barriers to purchasing gift cards. Trying to buy them legitimately has become increasingly difficult. This week’s episode is hosted by David Spark (@dspark), producer…


  • https://technicaloutcast.com/podcast/2020/06/17/andy-explains-ep1-work-life-balance/ Andy Ellis (@CSOANDY), CSO at Akamai Technologies, joins Steve Ragan for a discussion about work / life balance, in this inaugural segment called Andy Explains. Today’s Andy Explains segment is an important one, as the balance between daily life and work has become central to people across the globe during the COVID-19 pandemic. Some…


  • https://www.csoonline.com/article/3516080/episode-10-dont-be-batman-why-cisos-should-embrace-the-sidekick-role-part-2.html In this second half, Akamai CISO Andy Ellis and host Bob Bragdon continue their talk about the good guy/bad guy dynamic in the infosec community and why it can result in you being marginalized in your organization. Ellis’ advice: Don’t try to be the hero; be the sidekick.


  • https://www.csoonline.com/article/3516079/episode-9-dont-be-batman-why-cisos-should-embrace-the-sidekick-role-part-1.html There is a prevailing attitude in the infosec community that security pros are the good guys and the bad guys are, well, just about everyone else — users, developers, senior leadership. This good guy/bad guy dynamic can result in you being marginalized in your organization, says Akamai CISO Andy Ellis. His advice: Don’t try…


  • https://duo.com/decipher/decipher-podcast-andy-ellis Andy Ellis, CSO of Akamai, joins Dennis Fisher to talk about the process of planning to move tens of thousands of employees to remote work securely, the increased stress on Akamai’s network, and what things might look like from a security perspective on the other side of the quarantine.


  • Cybersecurity workers in high demand during COVID-19 pandemic Transcript (raw) (00:00) – I’m actually hiring rightnow and we’re looking at possibly hiring a lot morethan we originally planned on. Partly, there’s a big opportunity here. As an Internet deliverycompany, we expect to see some, a lot changes on the Internet. And if people are physicallydistancing,…


  • https://businessofsoftware.org/2019/10/harry-potter-star-wars-nobody-villain-story-conversation-andy-ellis-cso-akamai/ Andy was one of the speakers at this year’s BoS Conference USA 2019 and talked about why humans were awesome at risk management and why humans were awful at risk management. It is good. Very good. At the speaker dinner, we got into a conversation about how people can take the same data to come to…


  • https://www.heavybit.com/library/podcasts/the-secure-developer/ep-38-you-own-it-you-secure-it-with-andy-ellis-of-akamai/ In episode 38 of The Secure Developer, Guy speaks with Andy Ellis, CSO of Akamai. They discuss streamlining customer assurance, the role of an incidents coordinator, and the value of transparency between a security company and their associates. TRANSCRIPT Guy Podjarny: Hello, everyone. Welcome back to The Secure Developer. Today we have a good…


  • In a conversation between Mike Mimoso, Editorial Director at Flashpoint, and Andy Ellis, Chief Security Officer at Akamai, the implementation of a zero-trust security model at Akamai is discussed. By treating users, devices, and applications as the perimeter, Akamai has moved away from traditional network security approaches. The conversation covers topics such as the influence…


  • Walking into a sleek glass-walled conference room on a cold and wet December day, Ellis has the easy confidence and serenity you might find in a semi-retired professional golfer. It is not the kind of demeanor often associated with CSOs, and certainly not with the CSO of a company that handles a non-trivial portion of…