Episode Summary:
Joe Sullivan returns to The Professional CISO Show for a wide-ranging discussion with host David Malicoat. Together, they unpack the Salesforce hack, SaaS application blind spots, identity and access management, AI noise versus real use cases, and how security teams must evolve. Joe also shares candid lessons from crisis leadership, regulatory scrutiny, and the personal realities of being a CISO under fire.
Key Takeaways:
- Why SaaS security is still a blind spot — and how attackers exploit it
- Identity, cookies, and why current authentication standards fall short
- The fading CIO role and the rise of security leaders managing IT
- How AI will reshape both security threats and team structures
- AppSec’s critical role in the future of cybersecurity
- Building true organizational resilience in the age of ransomware
- Joe’s personal reflections on accountability, recovery, and resilience
Notable Quotes:
- “We can’t buy our way to good identity security yet.” – Joe Sullivan
- “AI is just a hyper speed version of a human problem.” – Joe Sullivan
- “Sooner or later, every CISO faces crisis — and we must prepare like firefighters.” – Joe Sullivan
- “The CEO wants a digital risk leader, not just a security leader.” – Joe Sullivan
Listener Benefits:
- Gain insight into current and emerging cybersecurity risks
- Learn practical approaches to SaaS and identity security
- Understand how AI will transform both attacks and defenses
- Hear candid reflections on resilience, leadership, and accountability
Call to Action:
🎧 Subscribe and listen:
What is The Professional CISO?
Shaping Cybersecurity Leadership: Today, Tomorrow, Together.