Insights from recent episode analysis
Audience Interest
Podcast Focus
Publishing Consistency
Platform Reach
Insights are generated by CastFox AI using publicly available data, episode content, and proprietary models.
Most discussed topics
Brands & references
Total monthly reach
Estimated from 1 chart position in 1 market.
By chart position
- 🇧🇪BE · Technology#192500 to 3K
- Per-Episode Audience
Est. listeners per new episode within ~30 days
250 to 1.5K🎙 ~2x weekly·279 episodes·Last published 2d ago - Monthly Reach
Unique listeners across all episodes (30 days)
500 to 3K🇧🇪100% - Active Followers
Loyal subscribers who consistently listen
200 to 1.2K
Market Insights
Platform Distribution
Reach across major podcast platforms, updated hourly
Total Followers
—
Total Plays
—
Total Reviews
—
* Data sourced directly from platform APIs and aggregated hourly across all major podcast directories.
On the show
From 15 epsHosts
Recent guests
Recent episodes
#289 - What's the Best Career Move After Being a CISO? (with Gary Hayslip)
Jun 22, 2026
43m 32s
#288 - How to Break Into Cybersecurity Through GRC (with Steve McMichael)
Jun 15, 2026
39m 00s
#287 - Cybersecurity Insights You'll Want to Hear (with Michael Hammer)
Jun 8, 2026
45m 18s
#286 - AI-Native Security (with Nishant Doshi & Saro Subbiah)
Jun 1, 2026
45m 31s
#285 - Passwordless Authentication (with Nishant Kaushik)
May 25, 2026
42m 21s
Social Links & Contact
Official channels & resources
Official Website
Login
RSS Feed
Login
| Date | Episode | Topics | Guests | Brands | Places | Keywords | Sponsor | Length | |
|---|---|---|---|---|---|---|---|---|---|
| 6/22/26 |  #289 - What's the Best Career Move After Being a CISO? (with Gary Hayslip) | On this episode of CISO Tradecraft, host G Mark Hardy talks with Gary Hayslip about cybersecurity career growth beyond the traditional CISO “apex,” drawing on Hayslip’s 25+ years across military service, US Navy civil service, the City of San Diego as its first CISO, Webroot (CISO/CIO), SoftBank (including cyber and physical security), and most recently a field CISO role before being laid off. They discuss how the CISO role is evolving into merged executive positions (technology, risk, and AI), why continuous learning is essential as security changes rapidly, and why humans remain accountable even as AI reshapes teams. Hayslip outlines alternative paths like field CISO, data center security leadership, and VC/PE operating partner roles, and shares practical ways organizations used AI to speed legal review and automate security reporting while highlighting cost, risk, and workforce concerns. | 43m 32s | ||||||
| 6/15/26 |  #288 - How to Break Into Cybersecurity Through GRC (with Steve McMichael) | In this CISO Tradecraft episode, host G Mark Hardy interviews Steve McMichael, author of "How to Break into GRC: Mindset, Methods, and Skills," about entering cybersecurity through governance, risk, and compliance. McMichael shares his transition from accounting and explains GRC’s role as decision support and the interface between business and technical teams, breaking down governance, risk management, and compliance (including audits and third-party/supply-chain assurance). They discuss misconceptions that GRC is “just paperwork,” barriers like imposter syndrome, and strategies such as building T-shaped skills, targeting about 20% technical depth across domains, and developing credibility through a deep specialty. McMichael also describes an immersion mindset driven by emotional engagement, and showcases an open-source NIST Cybersecurity Framework Profile Assessment Database project on GitHub to help newcomers build skills and portfolio contributions. | 39m 00s | ||||||
| 6/8/26 |  #287 - Cybersecurity Insights You'll Want to Hear (with Michael Hammer)✨ | CybersecurityCISO role+5 | Michael Hammer | DMARCMythos AI | — | CISODMARC+5 | — | 45m 18s | |
| 6/1/26 |  #286 - AI-Native Security (with Nishant Doshi & Saro Subbiah)✨ | AI securitycybersecurity+3 | Nishant DoshiSaro Subbiah | CISO Tradecraft | — | AIcybersecurity+6 | Cyberhaven | 45m 31s | |
| 5/25/26 |  #285 - Passwordless Authentication (with Nishant Kaushik)✨ | passwordless authenticationcybersecurity+4 | Nishant Kaushik | FIDO AllianceYubiKeys | — | passwordlessauthentication+6 | — | 42m 21s | |
| 5/18/26 |  #284 - Lessons Learned from SQL Slammer to AI Agents (with Aaron Turner)✨ | cybersecurityAI security challenges+4 | Aaron Turner | Microsoft | — | SQL SlammerCode Red+5 | — | 45m 47s | |
| 5/11/26 |  #283 - Leadership Lessons and the Art of the Performance (with Chris Brogan)✨ | leadershipcommunication+3 | Chris Brogan | Navy SEALs | — | leadershipcommunication+5 | — | 47m 30s | |
| 5/4/26 |  #282 - Top 10 Agentic AI Attacks (with Rock Lambros)✨ | Agentic AIAI security+4 | Rock Lambros | ZenityOracle+3 | — | Agentic AICISO+8 | — | 45m 16s | |
| 4/27/26 |  #281 - SIEM Secrets They Don’t Tell You (with Anton Chuvakin & Alex Hurtado)✨ | SIEM programsdetection engineering+4 | Anton ChuvakinAlex Hurtado | Gartner | — | SIEMdetection engineering+5 | — | 48m 27s | |
| 4/20/26 |  #280 - Mythos and the Future of Vulnerability Operations (with Gadi Evron)✨ | vulnerability operationsAI in security+4 | Gadi Evron | AnthropicProject Glasswing+3 | — | vulnerabilityAI+8 | — | 43m 41s | |
Want analysis for the episodes below?Free for Pro Submit a request, we'll have your selected episodes analyzed within an hour. Free, at no cost to you, for Pro users. | |||||||||
| 4/13/26 |  #279 - AI Readiness (with JP Bourget)✨ | AI readinessdata governance+5 | JP Bourget | BlueCycleSaltCon+1 | — | AI readinessdata governance+6 | — | 44m 09s | |
| 4/7/26 |  #278 - RSAC Takeaways: AI SOC, Agent Security, and What Cyber Marketing Gets Wrong✨ | AI SOCAgent Security+4 | Andy Ellis | RSACDUHA+2 | — | RSACAI SOC+5 | — | 45m 10s | |
| 3/30/26 |  #277 - From SaaS to AI Agents: Gone in 60 Seconds✨ | large language modelssoftware development+4 | — | Clear CapabilitiesCycloneDX+3 | — | SaaSService as Software+7 | — | 39m 39s | |
| 3/23/26 |  #276 - How is AI Reshaping Fraud (with Brian Long)✨ | AIfraud+4 | Brian Long | Zoom | — | AIfraud+5 | Adaptive Security | 40m 30s | |
| 3/16/26 |  #275 - How to Secure Vibe Code (with Shahar Man)✨ | AI-driven coding toolssoftware security+4 | Shahar Man | Claude CodeCursor+3 | — | vibe codingAI security+5 | — | 45m 31s | |
| 3/9/26 |  #274 - The State of Stress in Cyber (with Steve Shelton)✨ | cybersecurity stressburnout in cybersecurity+3 | Steve Shelton | Green Shoe ConsultingLinkedIn+2 | — | cybersecuritystress+7 | — | 44m 42s | |
| 3/2/26 |  #273 - Creating a Wisdom-Led SOC (with Oren Saban)✨ | SOCAI-driven security+3 | Oren Saban | — | — | SOCAI+5 | Mate Security | 45m 14s | |
| 2/23/26 |  #272 - Data Centric Platform Play (with EJ Pappas) | In this episode of CISO Tradecraft, host G Mark Hardy speaks with EJ Pappas of PKWARE and Ross Young about why AI-driven threats demand a shift from platform-centric security to a data-centric strategy.CISOs still struggle to answer, “Where is our sensitive data?” as it sprawls across AI, endpoints, cloud, SaaS, and shared environments. In this conversation, we explore: Why CISOs still struggle with data visibility How vendor sprawl and fragmented toolsets create blind spots The difference between structured and unstructured data risk Why AI accelerates both defense and mistakes DLP vs. encryption: complementary, not competing controls Commonly missed exposure areas (test/QA environments, cloud storage) Compliance drivers including GLBA, PCI DSS, HIPAA, HITRUST CSF, and NIST SP 800-171Learn more at PKWARE.com/demo or contact EJ.Pappas@PKWARE.com | 59m 39s | ||||||
| 2/16/26 |  #271 - A Life of Service (with Chris Inglis) | In this special episode of CISO Tradecraft, host G Mark Hardy welcomes Chris Inglis, former National Cyber Director and career public servant, to delve into a wide-ranging conversation about cybersecurity leadership, public service, and life lessons. Chris shares his career journey from the Air Force Academy to piloting planes and serving at the NSA, providing unique insights along the way. They discuss the importance of integrating technology with business strategy, handling insider threats, and the future of AI in cybersecurity. Plus, enjoy some heartwarming stories about the power of culture and the joys of being grandparents. | 52m 49s | ||||||
| 2/3/26 |  #270 - And What is Truth? | Can you still tell what’s true on the internet or does everything feel questionable now? That confusion isn’t accidental. Disinformation, deepfakes, and cyber deception are being used deliberately to manipulate attention, erode trust, and fracture societies, often faster than truth can respond. In this episode of CISO Tradecraft, we break down how modern information warfare actually works and what leaders can do to defend truth using critical thinking, verification strategies, and practical countermeasures for today’s digital battlefield. | 31m 13s | ||||||
| 1/26/26 |  #269 - Changing Third Party Risk Management (with Nate Lee) | Third-party risk management has become a time-consuming, frustrating exercise. Security teams and vendors alike are buried under long, repetitive TPRM questionnaires that often miss what actually matters. Buyers struggle to assess real risk, while vendors waste countless hours answering low-value questions, slowing deals and draining resources.These bloated questionnaires don’t just waste time, they actively weaken security programs. Important risks get lost in the noise, assessments become checkbox exercises, and both sides grow cynical about the process. As supply chain attacks increase, relying on outdated, one-size-fits-all approaches leaves organizations exposed and ill-prepared to respond.In this episode of CISO Tradecraft, G Mark Hardy sits down with Nate Lee to explore smarter, more effective approaches to TPRM. Drawing on his experience as a CISO and entrepreneur, Nate shares practical strategies for automating assessments, asking more meaningful security questions, and using AI to reduce friction while improving insight. The conversation offers actionable guidance for buyers and vendors to streamline TPRM, focus on real risk, and build stronger, more scalable security programs.Nate Lee - https://www.linkedin.com/in/natetrustmind/Nate Lee - nate@trustmind.com | 34m 16s | ||||||
| 1/19/26 |  #268 - Zero Trust isn't a product (with George Finney) | Everyone talks about Zero Trust — but very few organizations actually know how to implement it successfully.In this episode of CISO Tradecraft, host G. Mark Hardy is joined by George Finney, a practicing CISO who literally wrote the book on Zero Trust and has implemented it in one of the most challenging environments imaginable: higher education.Together, they break down:Why Zero Trust is a strategy, not a productWhy most Zero Trust initiatives fail due to people and politics, not technologyHow attackers exploit trust and lateral movementHow to implement Zero Trust without destroying culture or productivityWhat changes when AI enters the trust modelWhy AI is effectively “100% trust” — and how to reduce the blast radiusHow CISOs should explain Zero Trust and AI risk to the boardGeorge also shares practical analogies (including his now-famous restaurant model for AI) that make Zero Trust and AI security understandable for executives, IT teams, and non-technical leaders alike.If you’re serious about:Preventing breaches instead of just responding to themLimiting lateral movementSecuring AI-driven systemsTurning Zero Trust from buzzword into business strategy👉 This episode is a must-watch.George's Books:Rise of the Machine: https://www.amazon.com/Rise-Machines-Project-Trust-Story/dp/1394303718Project Zero Trust: https://www.amazon.com/Project-Zero-Trust-Strategy-Aligning/dp/1119884845/ | 45m 36s | ||||||
| 1/12/26 |  #267 - Busy is the New Stupid (with Ross Young) | You’re working longer hours than ever… yet somehow getting less done. Sound familiar? In this episode of CISO Tradecraft, we break down why busy has become the enemy of effectiveness and why “Busy is the New Stupid.” This isn’t about working harder or faster. It’s about understanding how your time gets attacked, how distractions persist, and how even high-performing leaders fall into productivity traps. We introduce a practical framework inspired by MITRE ATT&CK to show: How meetings, emails, and interruptions gain initial access to your day Why multitasking and constant context-switching kill execution How “always-on” culture and people-pleasing create persistence What effective CISOs do to defend their time and focus on impact, not noise If you’re a CISO, security leader, or executive who feels constantly busy but strategically behind, this episode will challenge how you think about productivity—and give you a better way forward. 👉 Grab the Busy Is the New Stupid template for free https://www.cisotradecraft.com/bitns 👉 Share what’s missing and help us evolve the framework 👉 Follow CISO Tradecraft for more insights on leadership, strategy, and security Because being busy isn’t the goal. Being effective is. | 46m 10s | ||||||
| 1/5/26 |  #266 - Why CISOs Miss The Next Big Security Challenge (with Richard Stiennon) | CISOs are expected to anticipate the next major security failure, yet the cybersecurity market is moving too fast, too fragmented, and too noisily for any leader to clearly see what’s coming next. AI is accelerating vendor sprawl, threat models are shifting mid-year, and every product claims to be “critical.” CISOs aren’t missing threats because they’re uninformed; they’re overwhelmed. By the time a risk is obvious, it’s already budgeted, deployed, and exploited. Boards ask “How did we not see this?” while CISOs are left defending decisions made with incomplete signals and outdated market maps. In this episode of CISO Tradecraft, G Mark Hardy and industry analyst Richard Stiennon break down how CISOs can regain strategic foresight. Drawing on Richard’s experience at Gartner, IT Harvest, and the Security Yearbook, they share practical ways to cut through market noise, understand where AI is truly changing security, and identify emerging risks before they become incidents giving CISOs a clearer view of what matters next. | 44m 37s | ||||||
| 12/29/25 |  #265 - 12 CISO Templates (with Ross Young) | In this episode of CISO Tradecraft, hosts G Mark Hardy and Ross Young discuss the extensive redesign at CISO Tradecraft and introduce a series of free cybersecurity tools and templates available on their website. The tools, created with the help of AI, range from a Cybersecurity Budget Template and Gen AI Risk Assessment to a Personal Values Exercise and Process Improvement exercise. They also cover topics such as AI coding, CMMC Compliance, Cloud Security Alliance’s AI Control Matrix, and the Cyber Six Pack for improving vulnerability management. Additionally, they share insights on tools rationalization exercises, such as the cybersecurity murder board, and the importance of aligning tasks with personal values. Tune in for detailed walkthroughs of these innovative resources designed to enhance your cybersecurity strategies without breaking the bank. Templates can be found here: https://www.cisotradecraft.com/freetemplates | 45m 05s | ||||||
Showing 25 of 289
Sponsor Intelligence
Sign in to see which brands sponsor this podcast, their ad offers, and promo codes.
Chart Positions
1 placement across 1 market.
Chart Positions
1 placement across 1 market.