Best Enterprise Risk Management Framework Podcasts (2025)

1
Trends Defining the Future of Enterprise Security Risk Management 19:03

Play Pause

8d ago19:03

19:03

Corporate security risks are evolving in ways that demand new mitigation strategies. Ryan Schonfeld, Co-founder and CEO of HiveWatch, an AI-driven physical security software platform, draws on his background in law enforcement and global enterprise security to offer a new perspective on how organizations can better manage today’s challenges. From t…

1
Security Lessons From a Leading U.S. Blood Center 24:46

22d ago24:46

24:46

When David Fortino joined New York Blood Center Enterprises—one of the largest nonprofit blood collection and distribution organizations in the U.S.—as Head of Corporate Security, he was tasked with building the company’s first enterprise-wide security program. With 2,300 employees spread across more than 70 locations in 17 states, and a constantly…

1
Why Data Sovereignty Matters for AI Innovation (Interview with Vinay Samuel from Zetaris) 32:49

28d ago32:49

32:49

In this episode of The Lights On Data Show, George Firican speaks with Vinay Samuel, CEO and Founder of Zetaris, about how organizations can build AI systems that are cost-efficient, sovereign, and trusted.They explore what it really means to own your AI: from keeping intellectual property and data within your control, to reducing cloud and lakehou…

1
How to Contextualize Global Risks for Your Leadership Team 19:04

1M ago19:04

19:04

In today’s complex global risk landscape, enterprise leadership teams must have a complete understanding of their risk profiles to make informed decisions on how to protect their people and assets. Daniel Devery, Director of Enterprise Crisis Management at Assurant, shares how his team turns geopolitical risks into early warnings by contextualizing…

1
Welcome to the CCISO Certification 1:57

1M ago1:57

1:57

Dive into a fast, no-fluff overview of what this podcast delivers, who it’s for, and how each episode helps you level up with practical, real-world takeaways. In this trailer, you’ll hear the show’s promise, the format you can expect, and a sneak peek at the kinds of stories, tips, and expert insights coming your way. Hit follow to get new episodes…

1
Turner Construction’s Blueprint for Ensuring Jobsite Safety 22:10

2M ago22:10

22:10

Construction sites are unpredictable by nature, with changing crews, high-risk hazards, and exposure to the elements. Eddie Barry, Director of Risk and Threat Intelligence at Turner Construction, shares how the international construction services company builds safety into every project from the ground up. Eddie also discusses how Turner’s culture …

1
Introducing a New Era of Risk Intelligence 24:54

2M ago24:54

24:54

Many corporate security teams struggle to keep pace with today’s rapidly evolving risk landscape. Most rely on a patchwork of disconnected tools for intelligence, response, and communication, which leads to duplicative work, slower detection, and inefficient threat resolution. To directly address these challenges, AlertMedia recently released a maj…

1
Amtrak’s Rail Safety Month Initiatives 21:49

3M ago21:49

21:49

September is National Preparedness Month and Rail Safety Month, two annual efforts spotlighting emergency readiness and rail-related hazards. With trains running through communities nationwide, we turn to Amtrak, the National Railroad Passenger Corporation, to see how these initiatives come to life. Amtrak’s Vice President of Operational Safety, Ju…

1
20 Years Since Hurricane Katrina: Lessons in Emergency Response 24:34

3M ago24:34

24:34

This month marks the 20th anniversary of Hurricane Katrina—one of the most devastating natural disasters in U.S. history. When the storm struck the Gulf Coast in August 2005, Bonnie Canal was among the many New Orleanians forced to make an impossible decision: stay or evacuate. In this deeply personal episode, Bonnie reflects on the chaos of evacua…

1
Inside Capital One’s Operational Resilience Framework 16:41

4M ago16:41

16:41

At Capital One, operational resilience is a long-term, companywide investment that prioritizes customer needs. Theresa Reynolds, Senior Director of Operational Risk Management, shares how her team ensures the company can deliver on its promises, even amid disruption. From mapping essential services to tackling third-party risk, she breaks down the …

1
From Data Overload to Data Impact with Ritavan 1:06:36

4M ago1:06:36

1:06:36

In this episode, Guy Spier speaks with Ritavan and Paaras about how businesses can unlock real value through data—not by chasing trends like AI or cloud, but by leveraging data purposefully. Ritavan shares insights from his book Data Impact, discussing how legacy companies often fall into the trap of tech commoditization. Learn how to: Use data lev…

1
A Collaborative Approach to Better Business Continuity 27:17

4M ago27:17

27:17

Business resilience isn’t built overnight; Joel Navarro knows that better than most. As Vice President of Global Business Resiliency at East West Bank and President of the North Texas Chapter of ACP, Joel is widely recognized as a go-to expert in business continuity. In this episode, Joel explains how close collaboration with business units leads t…

1
Changing Student Recruitment and Retention with AI 22:59

4M ago22:59

22:59

Join George Firican as he discusses with Emily Chase Coleman, CEO of HAI Analytics, about the convergence of EdTech and AI in transforming higher education. Learn how predictive modeling and AI are enhancing recruitment and retention strategies, identifying at-risk students, and optimizing financial aid packages. Discover the importance of human ov…

1
The Integral Role of Safety in Employee Experience 23:37

4M ago23:37

23:37

“Culture is a series of intentional actions that show care”—and for Jenna Eichberg, those actions begin with safety. As Chief People Officer at AlertMedia, she fosters a work environment where duty of care is a daily commitment, not just a concept. In the 200th episode of the show, Jenna discusses why creating a foundation of physical and psycholog…

1
ROI Framework for Data Teams 23:25

5M ago23:25

23:25

In this episode of the Lights On Data Show, George Firican interviews Ollie Hughes, CEO and co-founder of Count, to explore the challenge every data team faces: showing real Return on Investment (ROI). Ollie shares a clear framework built on four principles that help data teams break free from the 'service trap' and make a measurable business impac…

1
Episode 70: Final Exam Review and Strategy 15:03

5M ago15:03

15:03

In this final episode of the prepcast, we shift focus from content to performance. You’ve learned the material—now it's time to master the test. We walk through proven strategies for final review, including how to prioritize domains, balance study time, and simulate test conditions. You’ll get tips on memory recall, cognitive pacing, and avoiding e…

1
Episode 69: Vendor Risk Oversight and Auditing 16:22

5M ago16:22

16:22

Vendor relationships introduce risk far beyond basic performance metrics—and in this episode, we dive into the executive oversight practices required to manage those risks. You’ll learn how to assess third-party risk using tiered models, risk questionnaires, and onsite audits. We also discuss how to require evidence of compliance, conduct assessmen…

1
Episode 68: Vendor Contracts, SLAs, and Performance Metrics 16:04

5M ago16:04

16:04

Securing a vendor is only the beginning—the real work lies in managing performance, risk, and accountability. This episode focuses on the contractual elements that govern third-party relationships, including service level agreements (SLAs), key performance indicators (KPIs), penalties for non-compliance, and confidentiality clauses. You’ll learn ho…

1
Episode 67: Security Procurement: RFPs, RFIs, and Vendor Selection 17:31

5M ago17:31

17:31

Procurement is more than just purchasing tools—it’s a strategic process that shapes your organization's security ecosystem. In this episode, we walk you through the essentials of security procurement, including how to develop Requests for Proposals (RFPs) and Requests for Information (RFIs), establish evaluation criteria, and conduct vendor due dil…

1
Episode 66: ROI and Cost-Benefit Analysis for Security Investments 17:02

5M ago17:02

17:02

As cybersecurity budgets grow, so does the need to justify investments with clear, measurable value. In this episode, we explore how CISOs evaluate the return on investment (ROI) of security initiatives, technologies, and services. You’ll learn how to calculate ROI using both quantitative and qualitative factors, including risk reduction, productiv…

1
Episode 65: Security Budgeting Essentials: Managing and Adjusting Budgets 13:25

5M ago13:25

13:25

Security budgeting doesn’t end once funding is approved—CISOs must continuously manage, adjust, and defend their budgets in the face of shifting priorities and evolving threats. In this episode, we explore the fundamentals of dynamic budget management, including tracking expenditures, reallocating resources, and responding to unexpected events such…

1
Episode 64: Financial Management Principles for Security Leaders 15:53

5M ago15:53

15:53

Financial fluency is essential for every CISO—and in this episode, we break down the core principles of financial management in the context of enterprise cybersecurity. You’ll learn how to interpret balance sheets, manage operational and capital expenditures, and build forecasts that align with multi-year strategic plans. We explain how to calculat…

1
Episode 63: Strategic Security Planning Frameworks (TOGAF, SABSA) 15:33

5M ago15:33

15:33

Effective security leaders think in frameworks—and in this episode, we explore two of the most influential planning models for enterprise architecture: TOGAF (The Open Group Architecture Framework) and SABSA (Sherwood Applied Business Security Architecture). You’ll learn how these frameworks guide long-term security strategy by aligning governance,…

1
Episode 62: Aligning Security with Organizational Objectives 17:31

5M ago17:31

17:31

Security is no longer a siloed function—it must be embedded in business strategy. In this episode, we examine how CISOs align cybersecurity initiatives with overarching organizational goals. You’ll learn how to interpret business drivers, engage with other executive leaders, and shape security programs that enable growth, agility, and competitive a…

1
Episode 61: Autonomous Security Operations Centers and Future Trends 16:07

5M ago16:07

16:07

As security operations evolve, the idea of the autonomous SOC is moving from concept to implementation. In this episode, we explore what defines an autonomous Security Operations Center and how automation, AI, machine learning, and orchestration platforms are converging to reduce human intervention. You’ll learn about the architectural components o…

1
Episode 60: Emerging Tech in Security: AI and Machine Learning 17:21

5M ago17:21

17:21

Artificial intelligence and machine learning are rapidly reshaping the cybersecurity landscape—and CISOs must understand both their potential and their limitations. In this episode, we explore how AI and ML are used in security solutions, from behavioral analytics and anomaly detection to automated threat hunting and decision support. You’ll learn …

1
Episode 59: Virtualization Security Overview 18:26

5M ago18:26

18:26

Virtualized environments introduce a unique set of security concerns that CISOs must understand and manage. In this episode, we break down how hypervisors, virtual machines, and containers work—and how these technologies change the security landscape. You’ll learn about hypervisor attacks, inter-VM threats, virtual network segmentation, and the imp…

1
Episode 58: Mobile Device Security Essentials 18:47

5M ago18:47

18:47

With mobile devices becoming core tools for business productivity, they also represent a growing attack surface that CISOs must manage. In this episode, we examine the risks posed by smartphones, tablets, and other portable devices, and the controls needed to secure them. You’ll learn how to implement mobile device management (MDM), containerizatio…

1
Episode 57: Physical Security Management 18:46

5M ago18:46

18:46

While cybersecurity often dominates the conversation, physical security remains an essential component of any comprehensive security program. In this episode, we explore how physical controls—like access badges, surveillance systems, security guards, and biometrics—support the protection of data centers, executive offices, and other sensitive facil…

1
Episode 56: Encryption Principles and Practices 19:47

5M ago19:47

19:47

Encryption is a cornerstone of data protection, and in this episode, we break down its role in securing data both at rest and in transit. You’ll learn about the key encryption types—symmetric, asymmetric, and hashing—and how each serves a distinct purpose in confidentiality, integrity, and authentication strategies. We explore how encryption is app…

1
Episode 55: Data Security and Privacy Basics 16:32

5M ago16:32

16:32

Data is the crown jewel of most organizations—and protecting it is a central responsibility of the CISO. In this episode, we explore the foundational practices for securing sensitive and regulated data, including classification, labeling, access controls, encryption, and secure disposal. You’ll learn how to define data handling requirements by type…

1
Episode 54: Cloud Security Fundamentals 19:55

5M ago19:55

19:55

As organizations migrate more infrastructure and services to the cloud, CISOs must adapt their strategies to manage risk in cloud environments. This episode introduces the core principles of cloud security, including shared responsibility models, identity federation, encryption of data at rest and in transit, and secure API design. You'll learn abo…

1
Episode 53: Network Security for Executives 19:23

5M ago19:23

19:23

Network security remains a foundational element of cybersecurity architecture, even as perimeter boundaries blur in cloud-first and remote-enabled environments. In this episode, we provide a comprehensive overview of modern network security strategies, including segmentation, firewall deployment, IDS/IPS, secure tunneling, and zero trust network ac…

1
Episode 52: Endpoint Security Essentials 19:23

5M ago19:23

19:23

Endpoints represent one of the largest attack surfaces in modern organizations, making endpoint protection a critical priority. In this episode, we cover the foundational components of endpoint security—including antivirus, EDR (Endpoint Detection and Response), application whitelisting, configuration hardening, and data loss prevention (DLP). You’…

1
Episode 51: Best Practices for Access Control 19:01

5M ago19:01

19:01

Once you've selected the right access control model, the challenge shifts to enforcing it consistently across systems, users, and environments. In this episode, we walk through best practices for implementing, maintaining, and auditing access control systems in complex enterprises. You'll learn how to enforce least privilege, manage role creep, and…

1
Episode 50: Access Control Models Overview 12:02

5M ago12:02

12:02

Access control is foundational to every security program, and this episode introduces the core models used to govern who can access what, when, and under what conditions. We examine the primary access control models—Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), Attribute-Based Access Control (…

1
Episode 49: Advanced Threat Hunting Concepts 11:58

5M ago11:58

11:58

Building on the previous episode, we now explore more advanced threat hunting concepts that CISOs must understand to support elite detection capabilities. You'll learn how mature organizations move beyond one-off hunts to establish sustained, repeatable hunting programs with custom detection logic, automation pipelines, and continuous telemetry tun…

1
Episode 48: Threat Hunting Basics for Executives 12:50

5M ago12:50

12:50

Threat hunting goes beyond traditional alert-driven detection by proactively searching for indicators of compromise within the environment. In this episode, we explore what threat hunting is, why it's becoming a critical capability, and how CISOs support and guide hunting programs. You’ll learn about the use of hypotheses, the importance of telemet…

1
Episode 47: Threat Intelligence for Executives 11:59

5M ago11:59

11:59

By Dr Jason Edwards

1
Episode 46: Vulnerability Management Essentials 12:13

5M ago12:13

12:13

Vulnerability management is the process of identifying, evaluating, and remediating weaknesses in systems, applications, and configurations before they can be exploited. In this episode, we break down the key stages of an effective vulnerability management program, from scanning and prioritization to patching and verification. You’ll learn how to c…

1
Episode 45: Leveraging SIEM Solutions Strategically 13:03

5M ago13:03

13:03

Security Information and Event Management (SIEM) platforms are powerful tools for correlation, alerting, and visibility—but they can also become operational burdens if poorly managed. In this episode, we explore how CISOs select, configure, and govern SIEM solutions to drive meaningful insights without overwhelming analysts. You'll learn what data …

1
Episode 44: Security Operations Center (SOC) Basics 13:37

5M ago13:37

13:37

The Security Operations Center, or SOC, is the front line of defense against cyber threats. In this episode, we explain how SOCs operate, what core functions they perform, and how they fit into an enterprise security architecture. You’ll learn about SOC tiers, key analyst roles, common tools such as SIEMs, SOAR platforms, and EDR systems, and how S…

1
Episode 43: Disaster Recovery Strategy Essentials 12:03

5M ago12:03

12:03

Disaster recovery (DR) is the technical counterpart to business continuity—and this episode explores how CISOs ensure the restoration of systems, services, and data after catastrophic disruptions. You’ll learn about the core elements of DR planning, including backup strategies, failover procedures, DR site selection, data replication models, and sy…

1
Episode 42: Business Continuity Planning Fundamentals 13:06

5M ago13:06

13:06

Business continuity planning (BCP) ensures that critical operations can continue even in the face of major disruptions—and CISOs play a central role in shaping those plans. In this episode, we break down the key components of a business continuity strategy, including business impact analysis (BIA), recovery objectives (RTOs and RPOs), critical syst…

1
Episode 41: Digital Forensics Essentials for Executives 13:43

5M ago13:43

13:43

Digital forensics is no longer just a technical specialty—it’s an executive concern that intersects with legal risk, regulatory obligations, and organizational reputation. In this episode, we introduce the fundamentals of digital forensics from a CCISO lens. You’ll learn what forensics is, when it should be triggered, and how it integrates with inc…

1
Episode 40: Advanced Incident Response Techniques 13:13

5M ago13:13

13:13

Once the basics of incident management are in place, advanced techniques are needed to handle complex, multi-phase, or high-stakes threats. This episode dives deeper into advanced incident response strategies, such as threat containment across hybrid environments, cross-border coordination for global enterprises, and legal evidence handling during …

1
Episode 39: Incident Management Basics 13:21

5M ago13:21

13:21

Every security leader must be prepared to lead during a crisis—and that begins with mastering the fundamentals of incident management. In this episode, we walk through the full lifecycle of incident handling, from detection and triage to containment, eradication, and recovery. You’ll learn how to build incident response plans, define escalation pat…

1
Episode 38: Building Effective Security Teams 12:08

5M ago12:08

12:08

No security program can succeed without a well-structured, skilled, and motivated team. In this episode, we cover how CISOs build and lead security teams that are aligned to both technical and organizational goals. You’ll learn about the key roles within a mature security organization—from analysts and engineers to architects and governance leads—a…

1
Episode 37: Resource Allocation Strategies for Security Leaders 12:16

5M ago12:16

12:16

Security leaders must do more than secure funding—they must make smart, defensible decisions about how to allocate people, tools, and time. In this episode, we dive into the principles of resource allocation from a CCISO perspective, examining how to prioritize competing initiatives, assign responsibilities based on skillsets, and make tradeoffs be…

1
Episode 36: Budgeting Fundamentals: Planning and Strategy 13:40

5M ago13:40

13:40

In this episode, we explore the financial planning responsibilities that fall on every CCISO, starting with the fundamentals of budgeting. You’ll learn how to create a budget that aligns with strategic objectives, anticipates emerging risks, and reflects the true cost of implementing and maintaining effective controls. We discuss how to differentia…