Security Advisor Alliance Podcast

Julie Smith, the Executive Director of the Identity Defined Security Alliance and Paul Lanzi, Co-Founder and COO of Remediant Security join Alliance Executive Director Gary Latham and host AJ Eads on the podcast to discuss Identity Management Day, on April 13, 2021.

The Security Advisor Alliance believes in the mission of the IDSA, its various working groups and its commitment to helping the entire industry.

Julie and Paul discuss what makes Identity Management so important in today's security organizations and across the business/government landscape.

We also chat about the events on April 13, 2021 and how to get involved/promote the day.

Direct download: Identity_Management_Day_Podcast_mixdown.mp3
Category:general -- posted at: 1:51pm CDT

Lukas Burzynski is one of those high school students that just wows you from the very start.  Lukas is a 4.65 student, a tutor, a volunteer and it seems, and all around good person.

Lukas found out about cybersecurity through a Career Advanced Program Studies program and recently participated in a nationwide CTF with some United States Air Force Cyber officers.

We speak with Lukas, Matt Evans and Devon Overstreet and we had a great conversation.  This young man will be a great recruit for many of our members.

The Alliance is always looking for ways to welcome new talent into the industry and we would like to thank George Sconyers for his efforts in tackling the #talentgap.

Thank you as well to CyberUp, the cyber non profit that helped organize the event!

Direct download: Lukas_Podcast_-_Stereo_Mix_2.mp3
Category:general -- posted at: 8:07am CDT

Jitender Arora (Jit) is the Chief Information Security Officer for the UK in Deloitte. 

The Alliance is elated that Jitender has accepted an offer to join our advisory board and in this conversation, we discuss Jit’s career path, his approach to building strong teams and his passion for giving back to the industry.  

Jit is living the Alliance Mission every year by speaking at primary, secondary and university level schools to encourage others to pursue the career path.

Direct download: Alliance_Podcast_Jitender_Arora_Project.m4a
Category:podcast -- posted at: 7:00am CDT

Roger Hale, Chief Security Officer for BigID and long time supporter of the Alliance joins the podcast to preview an upcoming webinar, “Justifying Your Security Budget During Uncertain Times”

Roger has great insight on what security organizations and enterprises should be thinking about during a wildly unpredictable time.

We really enjoyed this conversation and we know you will to.

Direct download: Alliance_Podcast_-_Security_During_A_Pandemic_-_Roger_Hale_Of_BigID_2.m4a
Category:general -- posted at: 9:21am CDT

The Security Advisor Alliance is excited to announce the release of it's Cyber Futures Program, a virtual mentorship mobile app aimed at expanding the reach of our Converge Tour Program.  


Direct download: Cyber_Futures_Program_Podcast_mixdown.mp3
Category:general -- posted at: 11:50am CDT

Ann Johsnon, CVP of Cybersecurity Solutions Group at Microsoft and Ron Green, EVP and CSO at Mastercard join the Alliance Podcast to discuss the Cyber Talent Initiative.  

This program brings together the private and public sectors of the United States and creates a direct pathway to employment in the information security industry.

We discuss the #talentgap, its impact on both private and public sector jobs, who qualifies for the program, what kind of assistance is provided and much more.

Ron and Ann both serve on the Alliance Board of Directors and prove just why global organizations like Microsoft and Mastercard chose them as leaders.

Direct download: Alliance_Podcast_-_Cyber_Talent_Initiative_mixdown.mp3
Category:general -- posted at: 3:23pm CDT

Brian Johnson is the CEO and co-founder at Divvycloud.  Brian chats with host AJ Eads about his career in cybersecurity, including his pathway into the industry though gaming.  

We also talk about why Brian started Divvycloud, their core service offering and how they help companies innovate by better leveraging the cloud.

This is a short conversation from the 2019 Executive Leadership Summit but a good one for business leaders who are struggling to understand security's role in innovation and competitive advantage.

Direct download: Alliance_Podcast_-_Brian_Johnson_mixdown_2.mp3
Category:general -- posted at: 1:34pm CDT

Rick Howard is the Chief Security Officer for Palo Alto Networks.  He's a graduate of West Point Military Academy, a former Chief of the Army's Computer Emergency Response Team and a current member of the Alliance Board of Directors.

Rick has been one of the most impactful members of the Alliance over the last two years, bringing invaluable advice, resources and talent to our efforts to close the #talentgap and grow executive development.

We have a great conversation about Rick's job, how they help customers and why he's involved in the Alliance.

Palo Alto Networks is our Title Sponsor at the 2019 Executive Leadership Summit and Rick will be speaking on "The State Of The Network Defender Community"

Direct download: 2019.07.23_Alliance_Podcast_-_Rick_Howard_mixdown_2.mp3
Category:general -- posted at: 9:57am CDT

Neil Thacker, CISO for Netskope Cloud Security EMEA, and Mike Spain, Executive Director for NeuroCyberUK join the podcast for a conversation around our first Converge Tour event held in the UK, and how we can better understand neurodiversity advantages in our organizations.



Direct download: Alliance_Podcast_-_NeuroDiversity_mixdown.mp3
Category:general -- posted at: 5:05pm CDT

Dustin Wilcox, one of our favorite CISOs of all time, sits down to share the story of his career and some of his most valuable lessons learned along the way.  

Dustin's career has spanned from the financial sector, the department of defense, smart grid energy and healthcare.  

We talk through many of the evolutions of the industry and where Dustin thinks the future is going.

Worth every minute!

Direct download: 38_-_Dustin_Wilcox_mixdown.mp3
Category:podcast -- posted at: 7:00am CDT

Ryan Frillman, Director of Information Security and Compliance for Spire Energy Group, a major energy provider with locations all over the United States sits down with us to discus his career in cybersecurity and many of the resources he uses to develop his team, and protect our infrastructure.

Ryan serves as the St. Louis Chapter President for the Alliance as well as an advisory board member, and the technology lead on our virtual capture the flag platform.

This is a great interview with some incredible advice on protecting ones own personal networks and working with your kids to create safe learning environments.

Direct download: 37_Ryan_Frillman_mixdown.mp3
Category:general -- posted at: 7:00am CDT

Joey Smith, CISO for Schnuck Markets and host AJ Eads (Director of Communications, Alliance) talk about Joey's career pathway from entry level position through the ranks to his current CISO role.

Joey provides some great insight into how his team works across business lines to train & motivate their nearly 15,000 employees across several states.  

As a contributing member of our St. Louis chapter, Joey has attended multiple Cyber Security Converge Tour events and was kind enough to invite Schnuck Markets Chief Legal Council to our annual summit as a keynote.  

I had a great time speaking with such a centered leader, this episode is definitely worth a listen.

Direct download: Joey_Smith_mixdown.mp3
Category:podcast -- posted at: 7:44pm CDT

Brandon Dunlap, Global CISO for Black & Veatch Joins Alliance Executive Director to discuss the talent gap in the information security industry and how to address it.

Show Notes at


Direct download: Brandon_Dunlap_Podcast_Episode_36_mixdown.mp3
Category:podcast -- posted at: 10:59am CDT

In Episode 34 of the Alliance Podcast, Mary Dickerson and John Godfrey of the University of Houston and Kansas University Medical Center weigh in on the challenges of educating the next generation of cyber security professionals.

What is currently being done?

What are the barriers preventing more students from entering the field?

What are the biggest challenges Universities face with regards to Information Security?

Join Host AJ Eads, Director of Communications for the Alliance along with two incredible guests to learn more about this fascinating topic and how two of our executive members are making an incredible difference.

Direct download: Alliance_Podcast_Episode_34v2_mixdown.mp3
Category:general -- posted at: 9:56am CDT

Lewie Dunsworth of Optiv Security and former Director of Information Security at H&R Block joins Alliance Executive Director Clayton Pummill to discuss how he made the transition from IT to Security and the steps necessary to build a successful security program from the ground up.

Lewie addresses how to find/create a security budget, how to communicate with LOB leaders to understand what assets need protection and some resources that new and established security leaders can access to further their expertise.

Join the Alliance at and check out recent updates and news at 

The Security Advisor Alliance is a non profit founded and run by industry leading information security professionals with the missions of aligning our leaders, growing the space and giving back to local communities.  If you'd like more information on how to engage with us, follow the Alliance on LinkedIn at and follow us on twitter @saasecure


Direct download: Podcast_Episode_33_-_Lewie_Dunsworth_mixdown.mp3
Category:podcast -- posted at: 9:49am CDT

Experts in the Information Security field chime in on the uses for Email tagging in their organizations and some best practices for implementation & adoption. 

Episode #32

Topic: Email Tag

Host: Clayton Pummill

Guests: James Robinson - Director, Risk & Threat Management

            Michael - Healthcare Information Security Leader


Direct download: Podcast_32_Mixdown.mp3
Category:podcast -- posted at: 5:07pm CDT recently released their 2016 Trends that will dominate cyber security.  Two Alliance Members, Neil Thacker of ForcePoint and Raf Los from the Office of the CISO at Optiv Security weigh in on each topic.

Neil Thacker - Information Security and Strategy Officer

Raf Los - Managing Director, Solutions R&D

2016 Trends According to

  1. The Unintended Consequences of State Intervention
  2. Big Data Leads to Big Problems
  3. Mobile Applications and the IOT
  4. Cyber Crime Causes the Perfect Threat Storm
  5. Skills Gap Becomes an Abyss for Information Security

Also Mentioned in this episode:

The Hard Things About the Hard Things - Ben Horowitz Cleaning Up After a Breach Post-Breach Impact: A Cost Compendium

ENISA - Threat Landscape

Full CIO Article Discussed in this Podcast

Visit The Alliance for Past Episodes and More information at:

Direct download: Alliance_Podcast_31_Mixdown_1.mp3
Category:podcast -- posted at: 11:25am CDT

Security Advisor Alliance - EP30 - Aligned and Committed

The Alliance has been incredibly active following our 2015 Leadership Summit in Dallas Texas.  

Our leadership team, along side our advisory board has been building and planning for 2016 and beyond.  The most exciting projects of note that we discuss in this episode are:

  • New Website and Branded Collateral.
  • Communications Platform
  • RSA - We'll be onsite all week!
  • 2016 Alliance Leadership Summit Date Released.

The episode concludes with a short discussion on leadership and self improvement.


Host:  Clayton Pummill - Executive Director, Security Advisor Alliance

Guest: A.J. - Director of Communications, Security Advisor Alliance

Direct download: Alliance_Podcast_30__-_2116_8.47_PM.mp3
Category:podcast -- posted at: 1:09pm CDT

Episode 29 - Visibility.  The SAA podcast is guest hosted by Raf Los.  Raf is joined by SAA members Renee Guttmann (VP Information Risk @ Optiv), Dustin Wilcox (CISO @ Centene) and Arian Evans (VP Product Strategy @ RiskIQ).

Direct download: Security_Advisor_Alliance_-_EP29_-_Visibility.mp3
Category:podcast -- posted at: 11:23am CDT

Episode 28 - Insider Threat management.  The SAA is joined by Chris Ray (CISO @ Epsilon) and Neil Thacker (CISO @ Raytheon|Websense) to discuss key wins to manage Insider Threat in the US and EU.

Direct download: 28_Security_Advisor_Alliance_-_EP28_-_Insider_Threat_management.mp3
Category:podcast -- posted at: 4:36am CDT

Episode 27 - The OPM breach.  The SAA podcast is hosted by Clayton Pummill and joined by Robert Bigman (President @ 2BSecure and ex-CISO for CIA), Chris Ray (ex-CISO @ Epsilon) and Neil Thacker (CISO @ Raytheon|Websense) to discuss findings of OPM breach.

Direct download: Episode_27_-_OPM_breach.mp3
Category:podcast -- posted at: 1:02am CDT

Episode 26 - Legislation, Privacy & Regulation.  The SAA podcast is hosted by Mr Clayton Pummill and joined by Dustin Wilcox (CISO @ Centene) and Daniel Farris (Shareholder @ Polsinelli) to discuss Legislation, Privacy & Regulatory landscapes.

Direct download: Episode_26_-_Legislation_Privacy__Regulation.mp3
Category:podcast -- posted at: 5:34am CDT

Episode 25 - Skills shortage.  The SAA podcast is hosted by Mr Raf Los.  Raf is joined by Brian Wrozek (CSO @ Alliance Data) to discuss the current skills shortage and wins the InfoSec community can take on to help new recruits join the industry.

Direct download: Episode_25_-_Skills_shortage.mp3
Category:podcast -- posted at: 8:27am CDT

Episode 24 - 3rd-party Risk.  The SAA podcast is hosted by Mr Raf los.  Raf is joined by David Fairman (CISO @ Royal Bank of Canada) for a deep discussion on 3rd party business engagement, risk management and risk ranking when dealing with 3rd parties.

Direct download: Episode_24_-_Third-party_Risk_Management.mp3
Category:podcast -- posted at: 3:27am CDT

Episode 23 - KPIs and Metrics.  The SAA podcast is guest hosted by Mr Raf Los.  Raf is joined by SAA regular James Robinson, Ed Pagett (Board of Advisors @ and Robb Reck (CISO @ Pulte Group) to discuss all things KPI and metrics.

Direct download: Episode_23_-_KPI_and_Metrics_Special.mp3
Category:podcast -- posted at: 4:42am CDT

Episode 22 - A review of IoT security.  The SAA is joined by Renee Guttmann (CSO @ Accuvant), Russ Dietz (CSO & GM @ GE Software) and Charlie Isaacs (CTO for customer connection @

Direct download: 22_Security_Advisor_Alliance_-_EP22_-_IoT.mp3
Category:podcast -- posted at: 5:07am CDT

Episode 21 - A Security Program Essentials special hosted by Brian Engle.  Brian is joined by Phillip Beyer, Brian Wrozek and Joseph Krull.  Brian and guests discuss their roles within the Texas CISO Council and the Security Program Essentials scheme.

Episode 20 - A review of SCADA and ICS security.  The SAA is joined by Chris Sawall (Director Cyber @ Monsanto), Larry Whiteside (CISO @ LCRA) and Parrish Gunnels (CISO @ Celanese)

Direct download: Security_Advisor_Alliance_-_EP20_-_SCADA_ICS.mp3
Category:podcast -- posted at: 4:32am CDT

Episode 19 - A review of the fundamentals of InfoSec that some organisations continue to miss.  The SAA podcast team (James Christiansen and Jason Clark) are joined by Dustin Wilcox (CISO at Centene) and Mike Eisenberg (VP @ Accuvant) to discuss the

Direct download: Security_Advisor_Alliance_-_EP19_-_Back_to_Basics.mp3
Category:podcast -- posted at: 4:50am CDT

Episode 18 - part 2 - The evolution of the CSO role.  A review of the current role and how CEOs are looking to hire the right CSO for their company.  Feedback from SAA founders Brian Engle, John Johnson, Jason Clark and James Robinson.

Episode 18 - A great discussion on the recent news with NSS vs PAN, choosing technology from continuous requirements and a SAA update.  SAA is joined by Brian Engle (CISO for state of Texas), John Johnson (Global Security Strategist @ John Deere).

Episode 17 - SAA update.  A short podcast covering updates on the activity of the SAA founders one year on including the introduction of an SAA VIP Mary Quayle and an update on the recent SAA founders meeting in St. Louis with our missions explained.

Direct download: 17_Security_Advisor_Alliance_-_EP17_-_SAA_update_1_year_on.mp3
Category:podcast -- posted at: 4:12pm CDT

Episode 16 - Healthcare special.  The SAA is joined again by Connie Barrera, Rob Winter and Tom August to discuss InfoSec in Healthcare including a discussion on HITECH/HIPAA, clinical risk, insider threat and education for employees.

Direct download: 16_Security_Advisor_Alliance_-_EP16_-_Healthcare_special_2_of_2.mp3
Category:podcast -- posted at: 3:39pm CDT

Episode 15 - Healthcare special.  The SAA is joined by Connie Barrera, Rob Winter and Tom August to discuss InfoSec in Healthcare including a discussion on HITECH/HIPAA, clinical risk, insider threat and education for employees.

Direct download: 15_Security_Advisor_Alliance_-_EP15_-_Healthcare_special_1_of_2.mp3
Category:podcast -- posted at: 7:25am CDT

Episode 14 - Threat intel special.  The SAA is joined by Rick Holland and Stu Solomon to discuss all things threat intel.  The fundamentals alongside common fails and successes with using rich threat intel to help apply context to threats relevant to you.

Direct download: 14_Security_Advisor_Alliance_-_EP14_-_Threat_Intel_2_of_2.mp3
Category:podcast -- posted at: 6:41am CDT

Episode 13 - Threat intel special.  The SAA is joined by Rick Holland and Stu Solomon to discuss all things threat intel.  The fundamentals alongside common fails and successes with using rich threat intel to help apply context to threats relevant to you.

Direct download: 13_Security_Advisor_Alliance_-_EP13_-_Threat_Intel_1_of_2.mp3
Category:podcast -- posted at: 2:32am CDT

Episode 12 - Special guest is Randy Trzeciak, CERT Technical Manager at Carnegie Mellon University.  Randy offers some great insight into insider threat characteristics, mitigation advice and future research areas that CMU CERT are working towards.

Direct download: 12_Security_Advisor_Alliance_-_EP12_-_CERT_special.mp3
Category:podcast -- posted at: 11:05am CDT

Episode 11 - Special guest is Bruce Schneier.  A recap on incident response with bells.  An introduction to Co3 systems and the value of automation during the IR process.  Bruce also offers insight into his new book arriving in 2015.

Direct download: 11_Security_Advisor_Alliance_-_EP11_-_IR_redux.mp3
Category:podcast -- posted at: 12:45pm CDT

Episode 10 - Special guest is Claus Houmann.  NSS Labs vs. FireEye in a BDS shootout, concern on XP armageddon, data protection legislation is a boardroom discussion and recommendations on incident response/recovery in 2014.

Direct download: 10_Security_Advisor_Alliance_-_EP10_-_XP_armageddon.mp3
Category:podcast -- posted at: 2:26am CDT

Episode 9 - RSA conference special.  Guests include Lamont Orange and Rick Holland.  A review of RSAC, the keynotes, important takeaways and expert insight from inside the innovation sandbox.

Direct download: 09_Security_Advisor_Alliance_-_EP9_-_RSAC_special.mp3
Category:podcast -- posted at: 5:59pm CDT

Episode 8 - NIST framework special.  Special guest includes Phil Agcaoili who is a security guru and key contributor to the newly released and very awesome NIST framework for improving critical infrastructure cybersecurity.

Direct download: 08_Security_Advisor_Alliance_-_EP8_-_NIST_framework_special.mp3
Category:podcast -- posted at: 12:11pm CDT

Episode 7 - We are back for 2014.  Special guests include James Christiansen (Accuvant) and John Johnson (John Deere).  We discuss the big Target data breach in detail and also our plans for RSA 2014.

Direct download: 07_Security_Advisor_Alliance_-_EP7_-_Target.mp3
Category:podcast -- posted at: 3:42pm CDT

Episode 6 - A 2014 prediction shake up special with our long awaited Q&A section. Mr Elliott Franklin joins us for a review of the predictions of 2014 alongside a response to questions from the SAA members.

Direct download: 06_Security_Advisor_Alliance_-_EP6_-_2014_prediction_shake_up.mp3
Category:podcast -- posted at: 8:05am CDT

Episode 5 - % of employees who would sell company data, are Security leaders leaving the enterprise and a zero-trust and threat intelligence extravaganza from Mr Rick Holland.

Direct download: 05_Security_Advisor_Alliance_-_EP5_-_Zero_trust_snow.mp3
Category:podcast -- posted at: 4:57am CDT

Episode 4 - Ransomware again hits headlines, price of data in the underground economy, review of pragmatic network security management and is cyber insurance hot...or not.

Direct download: 04_Security_Advisor_Alliance_-_EP4_-_Cryptolocker_with_sails.mp3
Category:podcast -- posted at: 4:43pm CDT

Episode 3 - A review of another Microsoft vuln, John McAfee for MS CEO, Cryptolocker becoming widespread.  Topics include micro-virtualisation effectiveness and why we all need a data scientist.

Direct download: 03_Security_Advisor_Alliance_-_EP3_-_Trip_through_your_wires.mp3
Category:podcast -- posted at: 3:06pm CDT

Episode 2 - Can't see the wood for the trees.  A review of the recent compromise, critique of the new IBM CISO study and views on the proposed NIST framework.  James summarises threat modelling and why all orgs should do it.

Direct download: 02_Security_Advisor_Alliance_-_EP2_-_Cant_see_the_wood_for_the_trees.mp3
Category:podcast -- posted at: 2:13pm CDT

Episode 1 - Introducing a new alliance.  The first in a series of podcasts aimed at security professionals.  Introducing the Alliance, news stories covering the Adobe breach and arrest of Paunch, Kotters 8 step plan for change and the Sourcefire aquisition.

Direct download: 01_Security_Advisor_Alliance_-_EP1_-_Introducing_a_new_Alliance.mp3
Category:podcast -- posted at: 4:37am CDT