Emily Wearmouth [00:00:01] Hello and welcome to a new episode of Security Visionaries, a podcast where we usually talk to experts in the cyber and related industries to find out by interesting stuff. But today we have something a little bit different for you. Today I'm your host Emily Wearmouth, but I plan to interview my co-host Max Havey to find out interesting stuff.
Max Havey [00:00:21] And I'm Max Havey, and I plan to interview my co-host Emily Wearmouth about interesting stuff.
Emily Wearmouth [00:00:26] We're doing this because we're picking up new listeners, new subscribers every two weeks as we put out episodes. But some of our new subscribers perhaps aren't so aware of some of the great conversations that we've had in the past. So Max and I thought lets interview one another, find out what some of the highlights have been for us, and perhaps point some of our listeners to some episodes in that back catalog that they might find particularly interesting. So it's going to be a short episode, but hopefully all whet everybody's appetite to go back and have a listen in the archives. I'm going to kick off Max with the first question. If I may. I want to find out what is the most interesting thing that you've learned so far recording these podcasts?
Max Havey [00:01:05] We had a lot of really strong conversations so far this year, but I think the one that I enjoyed the most and like still am thinking about, was a conversation we had with Steve Riley, a former Gartner analyst, and Mona Faulkner, whose job is primarily analyst relations, talking about analyst research, specifically the Gartner Magic Quadrant and all the work that goes into that from both the analyst side and a vendor analyst relations side, because having worked in the cybersecurity industry for five years now, having recently hit that milestone, which is very fun.
Emily Wearmouth [00:01:33] Congratulations.
Max Havey [00:01:35] Oh thank you. I've seen, you know, the Gartner Magic Quadrant, the IDC market scape. I've seen all of these sort of different reports over the years, and it feels like a black box and you're never quite sure how that works. And it's less about how the sausage is made or peek behind the curtain. But really just a kind of two people who have had a lot of experience with this breaking down the work that they've put into it in the past. It makes for a really high definition illustration of what those processes look like and how organizations can best use them, because whether that's people looking for a new vendor for cybersecurity or architecture or what have you, I think it's important to know how that research is done and what sort of work goes into that. So people don't see it as sort of a pay for play, or see it as something where it is murky. It kind of sheds some light on it in a way that I think is really interesting and well worth your time.
Emily Wearmouth [00:02:27] I think what was really telling for me with that one was our listener numbers, which were phenomenal. And it said to me, vendors are out there constantly trumpeting their achievements in these Gartner Magic quadrants and other analyst reports, but that perhaps the people that they want to know about it don't really understand what it means and what it's about. And, what information has fed into those conclusions in those reports? So, yeah, I think that was a really well worth episode to record. And I would agree. Max.
Max Havey [00:02:55] Glad to hear it. Well, and Emily, to throw the question back at you. What's the most interesting thing that you've learned so far from recording episodes of the podcast?
Emily Wearmouth [00:03:03] You've just copied my question, Max. How cheeky. Well, the most interesting thing that I heard was from an episode that we did back in December, it was called Young Voices, and we had a number of guests who were in their first job in cybersecurity, and they were all women. That wasn't deliberate. We were trying to have sort of diversity, but they happened to all be women. So female perspectives was a big focus for the conversation, and I was asking them questions about what their experiences have been, what their expectations were, whether their career in cybersecurity was matching up to those expectations, what their concerns might be about a long running career within cybersecurity. And firstly, they were brilliant. All of them were fascinating. Secondly, I was really heartened by how optimistic and positive they were, and I think I've been around the block for a couple of decades now, and I perhaps have had a more challenging run through those 20 years, and it was really refreshing to hear it was getting a little bit easier and that their experiences were better. But my main favorite thing about that episode was we often say, don't expect people to have the solutions, listen to their experiences, and then work together to come up with the solutions. They don't have to have all the answers, but these guests had the answers they literally had. When I said the last question, what would you change? It was like they had lists in front of them. They knew everything tangible that could be changed or done slightly differently to make things easier, to better serve the industry. So it's literally just a crib sheet of how we can make things better. So that's my top episode in terms of interesting stuff and valuable takeaways.
Max Havey [00:04:34] I really like that episode as well, because it's a great way to dig into that community of folks who are that new generation of cybersecurity professionals working their way up. And we had folks from all around the world. We had Jacqueline from, Kenya. We had, Samantha from Australia with Ali from Saint Louis. We had we had people from all over the place. And it's exciting to see who those bright young folks are that are on their way up in the industry. Absolutely.
Emily Wearmouth [00:04:59] All right. Should I go again or do you want to ask the next one?
Max Havey [00:05:02] Absolutely. Go on ahead.
Emily Wearmouth [00:05:03] Okay. All right. What do I have next on my list? I wanted to know which you've talked about. What was interesting, which is the episode that you think is most worth scrolling back and listening to.
Max Havey [00:05:13] I think one that really stuck out to me and is right at the beginning of the year, and that was an episode that we did with Shannon Jurkovic and Samm McLeod that was all about resilience and fighting burnout as CISOs. They both dug into this very candid conversation that you had with them about fighting burnout, what it means to focus on resilience as CISOs and like high intensity industries, things like the financial sector and the technology sector and what they're doing themselves to try and battle that, I know the the CSO mental health crisis is something that we see folks talking about and writing about at length and presenting at conferences about, but this is a really great, like, very honest, candid conversation about what they're doing. And I think if anybody hasn't listen to that, I've said, it is so worth your time to go back and hear what they had to say. I really enjoyed that one. I also was the producer on that episode, so I got to I was sitting there kind of fist pumping behind the boards and having a very good time listening to you do that talking.
Emily Wearmouth [00:06:12] Yeah that's a good pick. It was very honest. And they talk not only about their own resilience, but also their team and how to manage resilience within their team. So I enjoyed that one a lot as well as a good one to pick.
Max Havey [00:06:22] What's an episode that you want folks to go back to that they might have missed? I know that you have a handful that you hosted. Are there any of those that you think folks should go back and check out? Well, I.
Emily Wearmouth [00:06:31] Feel a bit mean because you picked one of mine and I'm picking one of mine as well.
Max Havey [00:06:36] That's fine.
[00:06:38] But the episode that I would point people to, and it's one that you should only go and listen to when your brain is working, is the one we did all about changing perceptions of risk appetite. And we had Jack Freund and David Fairman join us. Now. Jack is the guy who's you literally wrote the book about risk management and the FAIR risk analysis method, and we got into some really interesting conversations about how organizations view risk, how you go about managing risk, how much of that is actually reducing risk, and how much of it is just making risk visible? I came up with an analogy that Jack said was brilliant, and so that's probably why I think it's a great episode, because he compliments me on it. So that's the one I would point back to. But definitely have you brain switched on. It's a complicated conversation and it's really interesting.
Max Havey [00:07:25] No doubt. Something that is great about this podcast is when we can really go deep with folks who understand a specific niche within the cybersecurity world and go deep on it like that, and that talk with David and Jack really, really digs in in a fun way.
Emily Wearmouth [00:07:41] Hey, Max, what's the weirdest thing that you've heard on the podcast?
Max Havey [00:07:45] Fantastic question. Maybe not the weirdest thing, but certainly a thing that I keep thinking about and that it's just has sunk its claws directly into my brain for the past, like three months. We did an episode about election security and disinformation and misinformation, and with Sharma Naidoo. And that conversation, it just blows my mind how much election security is really not so much focused on the actual, like, election systems and ballot systems, and it's really more about the way that things can be influenced outside of the ballot, the way that the real threats are in misinformation and disinformation, and the way that the threats that we've seen evolve with AI and deepfakes and how all of those things come together in this very dangerous, perfect storm of bad ideas and bad actors and such. And I think that is such a relevant conversation to have on the brain as we enter a big election year all over the place. We're in the midst of it. And I think that conversation with Sharma is only going to be more and more beneficial to have sitting in the.
Emily Wearmouth [00:08:51] Back of your brain, totally topical for a whole year. Yeah.
Max Havey [00:08:53] To change gears just slightly here, Emily, what have you been most proud of out of the episodes we've had so far this year?
Emily Wearmouth [00:08:59] Oh, proud of. That's an interesting one. I think probably it's not the episodes. It's it's a bigger picture. So listeners might not know. But behind the scenes, we use some color coding on some of our spreadsheets because it's really important to me that we have a diversity in the voices that we have talking on the podcast, and I don't just want it to be, let's do a regular episode about women in cybersecurity, but that we have experts and that it's not all the same voices that we're hearing from. So we go for geographic diversity. We go for different roles and experiences that people bring, whether it's practitioners or academics or analysts or threat researchers. And we also go for a male female score. And while you might listen to three episodes in a row that perhaps have more women or more men, we do track on a quarter by quarter basis and we are running at 50, 50 male female guests. Big learnings for me is if you're running an event, a podcast, a panel, and you're looking for a diverse range of speakers, you do have to put in a little bit more work. But when you do the work and you sourced speakers, you're finding people who perhaps aren't overly exposed. They're saying something a little bit different. And I think that some of our better guests, because they have a fresh perspective. So it's been worth it for the content. And I'm very proud that we've been able to stick with that. And all these months in, we're still maintaining that 5050 diversity representation.
Max Havey [00:10:22] And it's led to some really, really cool guests that we've had on, like Rebecca Hines from Asana's Remote Work Lab, Suzanne Oliver, who is a IP strategist. Yeah, we've just had a lot of really cool folks, even with Shannon and Samm from Australia, lots of really cool folks that are bringing interesting perspectives. And I think that's so key to doing a show like this completely.
Emily Wearmouth [00:10:44] I'm going to hit you with another curveball. It's nothing as profound as that. Please, you were our man on the ground to our site? And I wanted to know because we haven't done an episode sort of summarizing RSA. There's plenty of other content out there that does that, but what did you think was the most interesting thing at RSA this year?
Max Havey [00:10:58] Yeah, you are correct. I was max on the street at RSA 2024 again this year. You know, hitting hitting the conference floor in my high visibility floral shirts. Keep an eye out for me. If you saw my videos on LinkedIn, you will see me bopping around the Moscone Center or the Saint Regis or the Press Club talking to all sorts of folks. There was a real feeling that AI was going to dominate all of the conversations at the conference, and in a way it did. But what I found most interesting is that there were a couple of interesting outliers, and the folks I was talking to who were really starting to point to the fact that SaaS security was making its way back as a big topic among customers and prospects and, you know, AI enabled SaaS security and things of that sort, alongside conversations around how infrastructure and connectivity is key to having a strong security base, that having security and infrastructure that you, you know, main hands of a SASE platform, together is what organizations need to have to evolve to that next level of security. And I think it was really intriguing to see that bubbled to the surface amid the din of AI talk at this year's conference.
Emily Wearmouth [00:12:08] You, Max, I thought you were going to say the best thing was, podcast guest Chase Cunningham, dressed as a wrestler. Was it? I thought that's what you were going to pick.
Max Havey [00:12:16] Yeah. He was walking around dressed as Macho Man Randy Savage. And, it was it was quite fun. It was actually right before Steve Riley was going to talk with other podcast guests. John Kindervag. And I believe the three of them got a photo together and we could probably link to that in the show notes. I believe I have that photo.
Emily Wearmouth [00:12:32] The zero trust triangle.
Max Havey [00:12:34] It's a real zero trust triad. And just like just a trio of of big brains doing great things.
Emily Wearmouth [00:12:40] And we have had all three on the podcast. So we've got an episode you can listen to Steve Riley talking about. And I think he's talking about Zero Trust Network Access and why he wanted to shoot his VPN. And I think he said at one point, we've had John Kindervag talking about zero trust and identity and why it's more than that. And then we just recently had Chase Cunningham, Doctor Zero Trust, talking about zero trust from a national security perspective. So we've hit all the big zero trust names in the last few months.
Max Havey [00:13:04] Absolutely. And so Emily, turn the camera back to you here. What are some trends that have jumped out to you? I know we've covered a lot of different stuff in the last six months, in the back half of last year. What are some trends that have really jumped out to you?
Emily Wearmouth [00:13:15] Would you throw something at me if I said I you probably would. I think though.
Max Havey [00:13:20] No, I think AI's on everybody's mind at this point. So yeah, it's forgiven.
Emily Wearmouth [00:13:25] It's interesting how hard we've had to work to not just do fortnightly episodes on AI in cybersecurity. It's been that dominant, and we have had AI episodes and they've been really, really interesting. We've had Yihua Liao on our podcast talking from the perspective he runs the AI labs and that scope. He's he was a great episode. But to have to think about what can we talk about that's not AI, I think has informed some of our interesting podcasts around things like career ladders. We've talked about non-executive director roles, we've talked about fractional CIOs and CISOs and what those roles look like. We did an episode on patents in which I think we managed to not talk about AI, which was incredibly hard, but that one was really interesting. So I feel like the topic that's on everyone's lips is AI, and we've talked about it, but I feel like we've worked really hard to talk about more than just AI as well.
Max Havey [00:14:13] Absolutely. There's so much to talk about in the world of AI that I think just broadly saying AI it is isn't enough. You kind of have to burrow into all those different side streets about what people are doing with AI, how their security and all those things.
Emily Wearmouth [00:14:27] Yeah, I think so. Okay. I've got one last one for you, Max.
Max Havey [00:14:30] All right.
Emily Wearmouth [00:14:31] Who would be your dream guest to pop up in an episode for the second half of the year?
Max Havey [00:14:36] I don't know if I particularly have a dream guest like a specific person in mind, but I would really like for us to find a way to speak to that CIO and I&O, infrastructure and operations, audience. Last season, hosted by Mike Anderson, was very much focused on that CIO perspective and the idea of building a team as a CIO and making security sort of a team sport. And I'd love for us to find a way to bring that CIO perspective back in a little bit more like maybe understand better what CIOs wish security practitioners better understood about their role and how to better work with them. Things along those lines. I think that's such a key part of understanding how to better evolve your security strategies and better evolve your organization. And I think that's the missing piece of the secret sauce here. That's one that I really hope we get to dig into a little bit more later this season.
Emily Wearmouth [00:15:30] I guess our challenge is how do you take a podcast called Security Visionaries and make sure everybody knows that you don't have to have a security job for it to be relevant to you, and for there to be interesting stuff in that podcast for you. So maybe that's our challenge for the second half of the year.
Max Havey [00:15:44] Certainly. Well, Emily, for my last question, what most excites you looking ahead at the rest of 2024 with Security Visionaries? What are you hoping to get out of the rest of this season?
Emily Wearmouth [00:15:54] I'm looking ahead at our editorial calendar and I'm excited about it. I mean, we've got some cool guests coming up, some nice names, some very interesting topics, some topics that I don't think you'll find on the editorial calendar of any other podcast that you subscribe to. Some really interesting stories that we've found around the world that are pertinent to security leaders. And I&O leaders, as you call out, I'm not going to name them. I'm going to make people subscribe so that they find all of those good episodes. But I think you can take clues from some of our recent episodes where we, I think, got a bit brave and stuck our neck out and thought, well, who do we want on the podcast? We want to jump in, develop, we want to chase Cunningham. And we just went out and we invited them. And I think listeners will see more of that in the second half of the year where we've gone, I want to talk to you because you're really interesting on this topic. So yeah, that's what I'm looking forward to, names that people recognize and some really fascinating topics and perhaps episodes where the two come together, but also episodes where you might not know the name, but the topic is really, really good and vice versa. So no, we don't want big names, if they're not interested, not vice versa. Topics going to be there regardless, but some of them will be some really big names.
Max Havey [00:17:00] No doubt. I mean, I think, I think we want this to be a podcast that you look forward to seeing in your inbox every other week, and we've got some cool names, we've got some cool topics. I'm really excited by what we've got coming up in the hopper as well.
Emily Wearmouth [00:17:11] Well, thank you for joining me, Max and up and grilling me while I grilled you. Hopefully the listeners have enjoyed this sort of slightly different episode on our calendar, and I've got some ideas for some episodes to go back and dig out. You have been listening to The Security Visionaries. And I've been your host, Emily Weymouth and Max Havey has been your other host. If you've enjoyed this episode, please do go back and listen to those episodes that we pointed to. There's loads in the back catalog. There's lots more that we didn't even touch on, so plenty to keep you interested and definitely subscribe on Apple Podcasts or Spotify, wherever you listen, so that you don't miss any future episodes. We'll catch you on the next one.
Why Netskope 
){kind=icon}
