In Episode 16 of Champions of Security, Jacob Garrison interviews Michael Tayo (U.S. Bank) & Parveen Singh.

Michael is an Assistant Vice President and Principal Information Security Engineer at U.S. Bank where he is responsible for providing visionary guidance for the enhancement of cloud and application security product offerings. With over 10 years of experience as an Information Security Professional, Michael specializes in designing and deploying cutting-edge security solutions to enhance cloud security posture, prevent cyber-attacks, and mitigate risks to help organizations remain secure throughout the digital transformation.  He is a security evangelist and author with his most recent feature being Collaborative Security to Defend the Modern Threat Landscape.

Parveen is a Cloud Consultant specializing in Microsoft Azure services. He helps companies use the cloud effectively and efficiently while also keeping the security-first mindset and saving costs. He’s worked with government, software development, retail, e-learning and education organizations by helping them migrate and secure their IT infrastructure. He runs a blog at parveensingh.com and also helps IT enthusiasts find their next IT role and upskill to grow in the cloud field.

Michael, Parveen, and Jacob talk about:

↳ Deeply understanding the shared responsibility model

↳ Determining the appropriate amount of outside help

↳ Learning cloud services one step at a time

And so much more.

Be sure to listen to this episode, and so many of our other great episodes by hitting the follow button. Make sure to like and subscribe.

We hope you enjoy it!

In Episode 15, Jacob Garrison interviews Amanda Alvarez (Trace3) & Brook Schoenfield (Resilient Software Security & True Positives).

Amanda Alvarez is a DevSecOps Architect consultant at Trace3 with a passion for helping people learn more about software security. She is a highly-motivated practitioner who enjoys creating developer-oriented solutions with an emphasis on increasing effective feedback loops to help companies balance agility with security. Her mission is to spread awareness on scalable and sustainable software security programs so that people and their data remain protected from evolving threats. Outside of continuously learning more about cyber security, she enjoys gardening and hiking the mountains of Colorado.

Brook Schoenfield has authored six security books, taught 100’s of security architects, and 1000’s have attended his threat modelling trainings. He was the technical lead for five software security programs and 4 consulting practices. Brook is currently the CTO of Resilient Software Security and True Positives' Chief Software Security Strategist. He helps organizations and technical leaders improve their software security practices. He also teaches at the University of Montana.

Amanda, Brook, and Jacob talked about:

↳ Never trust and always verify

↳ Design for secure-by-default

↳ Security being a moving target

And so much more.

Be sure to listen to this episode, and so many of our other great episodes by hitting the follow button. Make sure to like and subscribe.

We hope you enjoy it!

In Episode 14 of Champions of Security, Jacob Garrison interviews Jeevan Singh (Director of Product Security at Twilio) and Abdul Wahab.

Jeevan enjoys building security culture within organizations and educating staff on security best practices. Jeevan is responsible for a wide variety of tasks including architecting security programs, driving security strategy and mentoring and growing security engineers and managers. Before life in the security space, Jeevan had a wide variety of development and leadership roles over the past 20 years.

Abdul Wahab is a Senior Tech Lead who loves growing engineering teams that are inquisitive, hungry to learn, and deliver lasting business solutions. When he's not doing that, he writes tech articles & tutorials via Medium to teach and give back to the global Software community, and bake cakes & pizzas.

They talk about:

↳ Celebrating security wins company-wide

↳ Collaborating with engineering for stakeholder support

↳ Offering the carrot before resorting to the stick

And so much more.

Be sure to listen to this episode, and so many of our other great episodes by hitting the follow button. Make sure to like and subscribe.

We hope you enjoy it!

In Episode 13 of Champions of Security, Jacob Garrison interviews Jeremiah Salamon and Tony Quadros.

Jeremiah Salamon is the Information Security Director at one of the nation’s premier law firms. He has over a decade of experience in Security Operations, Security Architecture and Engineering, and Governance, Risk & Compliance working in small businesses and large enterprise environments with regulated data. Regardless of the size or complexities of the organization, Jeremiah has successfully influenced positive security culture and helped grow security teams.

Tony Quadros is a 10+ year veteran of the cyber security vendor landscape focusing on application security. He's helped numerous enterprises, including the largest social media and insurance companies in the world, continuously improve their application security programs to ensure the software we use daily is as secure as possible. 

Jeremiah, Tony, and Jacob talked about:

↳ Leveraging the security community for engaging events

↳ Driving attendance through word of mouth

↳ Using Meetup for member retention

And so much more.

Be sure to listen to this episode, and so many of our other great episodes by hitting the follow button. Make sure to like and subscribe.

We hope you enjoy it!

In Episode 12 of Champions of Security, Jacob Garrison interviews Sean Wright, Principal Application Security Engineer at Featurespace.

Sean Wright is a veteran application security engineer with software development roots. Within security, he has a particular interest in TLS encryption and supply chain attacks. He believes security teams must be business enablers with a focus on efficiency.

Sean and Jacob talk about:

↳ Manual code reviews being unscalable

↳ How transitive dependencies put you at risk

↳ Security teams needing to be business enablers

And so much more.

Be sure to listen to this episode, and so many of our other great episodes by hitting the follow button. Make sure to like and subscribe.

We hope you enjoy it!

In Episode 11 of Champions of Security, Jacob Garrison interviews Shanief Webb, Manager of Detection & Response at Okta.

Shanief is well-versed in the disciplines of computer science, cybersecurity, and digital forensics. He has over 8 years of diverse cybersecurity experience working for the FBI, Google, Cox Communications, IBM, Slack, Dropbox, and now Okta.

Shanief and Jacob talk about:

↳ Thoroughly resolving security incidents during post-mortems

↳ Detection-as-Code reducing the cost of false positives

↳ Practitioners can help others overcome security gatekeepers

And so much more.

Be sure to listen to this episode, and so many of our other great episodes by hitting the follow button. Make sure to like and subscribe.

We hope you enjoy it!

In Episode 10 of Champions of Security, Jacob Garrison hosts a live Q&A with Chris Romeo, CEO and Co-founder of Kerr Ventures, and Dustin Lehr, Head of Platform Security at Fivetran.

Dustin and Chris have each built thriving security champions programs - and today they’re helping the audience overcome objections.

They talk about:

↳  The necessary characteristics of a security champions program leader

↳ Designing a sustainable program

↳ Winning support from upper management

And so much more.

Be sure to listen to this episode, and so many of our other great episodes by hitting the follow button. Make sure to like and subscribe.

We hope you enjoy it!

In Episode 9 of Champions of Security, Jacob Garrison interviews Walter Haydock, Founder & CEO of StackAware, a cybersecurity risk management and communication platform.

Walter is also the author of the blog Deploying Securely. Previously, he was a Director of Product Management at Privacera - a data governance startup backed by Accel and Insight Partners - as well as PTC - where he helped to secure the company’s industrial IoT product lines. Before entering the private sector, he served as a professional staff member for the Homeland Security Committee of the U.S. House of Representatives, as an analyst at the National Counterterrorism Center, and as a reconnaissance and intelligence officer in the Marine Corps.

Check out Walter's AI Security Course and Generative AI security policy template:

↳ https://maven.com/harness-ai/ai-security

↳ https://www.blog.deploy-securely.com/p/deploying-securely-with-chatgpt

Walter and Jacob talk about:

↳  Business executives owning AI Security Risk

↳ Vendor management including artificial intelligence use

↳ AI security regulation's arrival

And so much more.

Be sure to listen to this episode, and so many of our other great episodes by hitting the follow button. Make sure to like and subscribe.

We hope you enjoy it!