WEBINAR
GigaOm Radar Report for PTaaS: How to Make a Smarter Investment in Pentesting
WEBINAR
GigaOm Radar Report for PTaaS: How to Make a Smarter Investment in Pentesting

Caroline Wong

Caroline Wong is an infosec community advocate who has authored two cybersecurity books including Security Metrics: A Beginner’s Guide and The PtaaS Book. When she isn’t hosting the Humans of Infosec podcast, speaking at dozens of infosec conferences each year, working on her LinkedIn Learning coursework, and of course evangelizing Pentesting as a Service for the masses or pushing for more women in tech, Caroline focuses on her role as Chief Strategy Officer at Cobalt, a fully remote cybersecurity company with a mission to modernize traditional pentesting via a SaaS platform coupled with an exclusive community of vetted, highly skilled testers.

Episode 87: How to Connect with the Infosecurity Community | Jimmy Sanders

Join us as we explore Jimmy Sander's insights on topics such as the importance of acknowledging when something no longer works, the distinction between a title and true leadership, and the impact of morale on team success. Tune in to discover the invaluable wisdom that Jimmy shares from his two decades in the industry.
Dec 7, 2023

Episode 86: The Glue That Binds Together Security and Development | Tejpal Garhwal

Tejpal Garhwal is the director of DevSecOps and application security at Pega. With more than 26 years of experience in application development and product security, he has led multiple security and dev teams, and set the direction for information security, application architecture, policy, and processes within numerous organizations. In this episode, Caroline gets his perspective on how leaders can bring security and development teams together, aligned towards a shared goal: building software that is both outstanding and secure.
Apr 6, 2023

Episode 85: The CISO Whisperer | Yael Nagler

Carving an unconventional path towards information security, Yael advises many a CISO, CIO and CRO. Leadership roles at BlackRock and JPMorgan during periods of crisis and growth have given her a unique technical and business perspective — instead of saying “Here’s why that won’t work.”, she asks “But what if we tried this?” In this episode you’ll learn more about Yael’s story, why she started Yass Partners, and how security teams can approach new situations with equal parts established processes and creative thinking.
Mar 23, 2023

Episode 84: How to Grow and Excel as a Team Leader in InfoSec | Tia Hopkins

Whether you're stepping into your first managerial role, or you're about to inherit a fully formed team, you might be facing self-doubt and uncertainty. Security veteran Tia Hopkins — Chief Cyber Resilience Officer and Field CTO at eSentire, adjunct professor, LinkedIn instructor — shares with Caroline how to overcome impostor syndrome as you progress, how to connect with your team, and how to set them up for success so well, others want to join.
Mar 10, 2023

Episode 83: Building Security Resilience in Turbulent Times | Robert Wood

In this episode, Robert discusses with Caroline how big changes and organizational pivots can bring just as much opportunity as they do anxiety. He shares his perspective on how he guides his team through turbulent times, and what other leaders can do to support their people and help them pursue new ideas on how to work better together and achieve even bigger goals than before.
Feb 23, 2023

Episode 82: An Entrepreneurial View of Cybersecurity | Bipin Gajbhiye

Bipin Gajbhiye is a security practitioner, advisor, and investor. These three roles coalesce into a unique perspective on how cybersecurity professionals can achieve their goals — whether it's negotiating with the board, landing a critical investment, or advancing in their careers. 
Feb 9, 2023

Episode 81: What Makes Remarkable Technology Dangerous | Geoff Huston

Geoff Huston has been working on the Internet since the early 80’s and, in his own words, “did his bit” to set up the Internet in Australia, as well as to set up the early global Internet in the academic and research community. In this episode, he shares with Caroline the leaps and bounds hardware has made over the decades to bring us opportunities we could have never imagined...and how the human condition inadvertently makes it all complex and insecure.
Jan 27, 2023
Podcast

Episode 80: Exploring the Individual Contributor Role in Cybersecurity | Seif Hateb

Is the manager role the only path ahead in cybersecurity? Seif Hateb, Security Architect at Twilio, shares his view on the Individual Contributor vs Manager dilemma, and how people in the field can pursue the type of role that fits them best.
Jan 12, 2023
Podcast

Episode 79: Ways to Keep Code From Turning Into a Security Time Bomb | Peter Chestna

As the CISO of North America at Checkmarx, Peter works towards providing the technology, expertise, and intelligence that enable developers and enterprises to secure the world’s applications. A lifelong developer at heart, Peter shares with Caroline his insights on what motivates Dev teams to prioritize security, and why so many current strategies are failing. You’ll learn more about how to not let your tools bury you in work, how to implement mutual accountability around security, and tactics to prevent open source code from blowing up your entire application when a new 0-day comes up.
Dec 22, 2022
Podcast

Episode 78: How Today’s Technology Choices Could Shape Our Future | Eugene Spafford

What felt like science fiction 40 years ago is our reality today. What about the technology that will come in the next 40-50 years? What could change, and how can people band together to craft a bright and equitable future? Eugene Spafford — technologist and professor of Computer Sciences at Purdue University — talks with Caroline about how advances in technology like robotics and machine learning are already impacting people’s lives, in both good and bad ways. We have a responsibility to not just consider what new tech to build, but also what we're building it for. At the end of the day, technology isn't the most important part — it's the people.
Dec 15, 2022
Podcast

Episode 77: Richard Greenberg Talks Curiosity, Technical Expertise, and Growing the OWASP LA Chapter

Richard holds many titles, one of which is the President of the OWASP LA Chapter. Initially an architect, learning AutoCAD sparked his interest for all things technical. After a career change, Richard has held many high-profile roles in cybersecurity, bolstering numerous communities and initiatives.
Dec 8, 2022
Podcast

Episode 76: Exploring Security in the Past, Present, and Future with Anton Chuvakin

Security Advisor at Office of the CISO and Co-Host of Google's Cloud Security Podcast, Dr. Anton Chuvakin, chats with Caroline about the past, present and future: how a hacked computer shifted his interest from physics to security, how threats from the 80s still plague orgaizations, and how cybersecurity will continue to spill out of the digital realm into the physical world.
Dec 1, 2022
Podcast

Episode 75: Carving your own path in InfoSec with Henning Christiansen

Don’t have a “typical security background?” Neither did Henning Christiansen, who is now the CISO at Ottobock. Before starting in InfoSec, he tried out roles in finance, development and auditing. Until one day, he began to nurture his interest in InfoSec, which led him to roles in Bombardier Transportation, Axel Springer, and now Ottobock. With decades of experience, this is what Henning would share with anyone trying to find their footing within the industry: “Try to make sure that you find your way without really giving up on yourself, giving up on your character, giving up on what you are.”
Nov 17, 2022
Podcast

Episode 74: How Curiosity Empowered OWASP Global Chair Vandana Verma

Security Relations Leader Vandana Verma is the Chair of the Board of Directors at OWASP. Starting with the dream of supporting her family, she pursues her curiosity around technology and builds renowned expertise in application security, infrastructure, and product security. In this episode, Caroline learns more about Vandana’s story, her diversity initiatives like Infosec Girls and Infosec Kids, and what security threats are on her mind.
Nov 3, 2022
Podcast

Humans of InfoSec Episode 73: The Impact of Communications in InfoSec & Privacy

Zenobia Godschalk — SVP of Communications at Hedera Hashgraph, and Founder and CEO of ZAG Communications — shares how a passion for PR, tech, and privacy has shaped her career. From handling comms around cloud computing, to investor relations in InfoSec, and now spearheading awareness around distributed ledger technology, she shares helpful tips on how to build a flexible career in the world of tech, how to talk about security breaches, and what identity management could look like in the future.
Oct 20, 2022
Podcast

The CISO Role Across Industries: The Differences and Similarities

With over 15 years of technical and managerial experience, Marnie Wilking has led security programs across multiple verticals — retail at Wayfair, healthcare at Orion Health, and finance at Early Warning and Wells Fargo. Listen to her story to learn how the CISO role changes in each environment, and what stays the same.
Oct 5, 2022
Podcast

Episode 71: Deep Dive Into the BISO Role with Nicole Dove

Caroline dives into the emerging Business Information Security Officer role with Nicole Dove, Head of Security, Games, at Riot Games. As technology and business become more interconnected, Nicole breaks down the unique value BISOs can bring to their organizations, and what other security roles can learn from the role to earn a seat at the business table. If you enjoy this talk, you can catch both speakers live at our upcoming PtaaS Exchange roadshow locations. Learn more here: https://event.cobalt.io/ptaas-exchange-roadshow
Sep 1, 2022
Podcast

Humans of InfoSec Episode 70: Flipping the Script with Yael Nagler

With Yael Nagler
Yael Nagler — founder of Yass Partners, advising CISOs, CIOs and Boards — surprised us when she said “Let me interview Caroline!” Taking this episode in a new direction, Yael asks Caroline about her story, her career, and her aspirations.
Jul 19, 2022
Podcast

Humans of InfoSec Episode 69: Inside the Mind of a Developer

With Will Gant
Will Gant — accomplished developer, author, software architect and co-host of the podcast “The Complete Developer” — shares with Caroline a glimpse into the Dev world. They talk about motivations, challenges, and how security teams can work better with their dev counterparts. A small hint: let your nerd flag fly.
Jun 28, 2022
Podcast

Humans of InfoSec Episode 68: Chatting with 'Smashing Security' Co-host Graham Cluley

With Graham Cluley
Winner of "Best Security Podcast 2018" and "Best Security Podcast 2019," Smashing Security is a fun and informative show on tech SNAFUs. Co-host Graham Cluley shares more about his 30 years in cybersecurity, along with thoughts on malware, state-sponsored attacks, IoT, and how the cybersecurity scene today would have looked like science fiction when he started.
Jun 9, 2022
Podcast

Humans of InfoSec Episode 67: Connecting GRC with Business Success

With Deika Elmi
Without good governance, every other part of security becomes much less effective. Caroline sits down with Deika Elmi — a security leader profiled by Risk & Compliance organization “Risky Women” in 2021 — to talk about GRC’s role in creating business value, and why Confidentiality shouldn't steal the spotlight away from Integrity and Availability.
May 31, 2022
Podcast

Humans of InfoSec Episode 66: Getting Security Fundamentals Right

Caroline talks with tech executive Brian Carmenatty and Sanjay Deo, Founder & President at 24By7Security, Inc. They explore how teams can face prevalent threats by going back to basics with their technology and security policies.
May 12, 2022
Podcast

Humans of InfoSec Episode 65: Building a Product Assurance Organization

With Swathi Joshi
Swathi Joshi is an Information Security executive who focuses on risk management, crisis response, security services, and cloud security engineering. She is currently the VP of Cloud Security at Oracle where she leads a global team of engineers, analysts, and operators to secure Oracle SaaS applications and keep customer data safe. Prior to Oracle, Swathi led Netflix's Detection and Response team to manage inevitable security incidents and minimize risk to Netflix.
Apr 20, 2022
    1 2 3 4