The Virtual CISO Podcast

Hosted by John Verry

TechnologyInterviews guests

Website RSS feed

Episodes

160

Latest episode

Jun 2026

Language

About the show

The Virtual CISO Podcast is a frank discussion that provides the very best information security advice and insights for Security, IT and Business leaders. If you’re looking for the latest strategies, tips, and trends from seasoned information security practitioners, want no-B.S. answers to your biggest security questions, need a perspective on how your peers are addressing the same issues, or just simply want to stay informed and proactive, then welcome to the show. Our moderator, John Verry, chats with industry thought leaders to ensure you have what you need to be confident in your security and compliance. John will keep you informed, and perhaps even mildly entertained, through topics like ISO 27001, breach avoidance, incident response, dealing with pesky security questionnaires, data privacy, and managing vendor risk. Think of it as security… with a smile.

Listen to episodes

60 recent

June 10, 202641 min

Episode 159: The New Security Stack: Doors, Data, and AI With Jeffrey Friedman

April 28, 202645 min

Episode 158: AI Is Increasing Your Cyber Risk – Can It Also Reduce It? With Mike Armistead

April 3, 202650 min

Episode 157: AI Security: Testing, Exploits, and Threat Feeds With Marco Figueroa

February 25, 2026Episode 15648 min

Episode 156: AI Security: Threat Modeling & Pipeline Evolution with Jason Rebholz

December 17, 2025Episode 15530 min

Episode 155: Incident Response Testing in Cloud Forward Organizations with Matt Lea

November 6, 202533 min

Ep 154: How DORA Will Impact US Companies with Dejan Kosutic

September 22, 202540 min

Ep 153: Inside ISO 42001: The Future of AI Governance with Danny Manimbo

August 12, 2025Episode 15237 min

EP 152: Granular, Persistent, Zero Trust: The Case for File-Level Security

July 1, 2025Episode 15145 min

EP 151: Trust, But Verify: How HITRUST is Reshaping Assurance

In this episode of the Virtual CISO Podcast, host John Verry and guest Chris Schaeffer discussthe HITRUST framework, its evolution, and its significance in the cybersecurity landscape. Theydelve into the Common Security Framework (CSF), the different assessment models (E1, I1,R2), and how HITRUST compares to other frameworks like SOC 2 and ISO 27001. Theconversation also touches on the future of HITRUST, including potential reciprocity with otherstandards and the impact of emerging technologies like AI.

April 29, 2025Episode 15046 min

Ep 150: Is OSCAL the Future of Security Documentation (& FedRAMP)?

In this episode of the Virtual CISO Podcast, John Verry speaks with Kenny Scott, founder and CEO of Paramify, about the challenges of cyber risk management and the potential of OSCAL (Open Security Controls Assessment Language) in simplifying compliance and documentation processes. They discuss the importance of structured digital communication in security, the complexities of FedRAMP, and how OSCAL can streamline the documentation process, ultimately reducing costs and improving efficiency in security programs. In this conversation, Kenny and John discuss the challenges and strategies for adopting OSCAL (Open Security Controls Assessment Language) in organizations. They explore the importance of understanding data flows for compliance, the role of AI in streamlining compliance processes, and the potential for OSCAL to transform how organizations manage security and compliance documentation. They also touch on the future of OSCAL and its relevance in various compliance frameworks beyond FedRAMP.