The Cyber Security Transformation Podcast

JC Gaillard ends Series 6 by revisiting a number of topics addressed in earlier episodes around the role of the CISO, authority, accountability and real governance dynamics at C-level.

JC Gaillard talks about his new book "The First 100 Days of the New CISO - A Leadership Guide to Lasting Impact" ; he highlights its structure and why this is truly a blueprint for the next decade of cybersecurity leadership

JC Gaillard continues his journey through the "First 100 Days of the New CISO" and focuses on the context of cybersecurity transformation and why it is key to map it from the start

JC Gaillard continues to revisit the "First 100 Days of the New CISO" and explains why understanding culture and context from the start is more important than early action

⁠JC Gaillard⁠ follows up on the three cybersecurity clichés he discussed in Episode 7 and expands on the topic, and why it is key to go beyond semantics on those matters; read his original article on the theme ⁠here on Forbes

JC Gaillard and guest Mark Jacob from Cyrista look back at zero trust, what it really means for cybersecurity professionals and the impact of Agentic AI on identity and access management

JC Gaillard brings together a number of aspects previously discussed on the podcast around the role of the CISO in response to a recent article on CSOonline; read his original article on the theme here

⁠JC Gaillard⁠ and guest ⁠Mark Jacob⁠ from ⁠Cyrista ⁠highlight the multi-dimensional challenges of Agentic AI for cybersecurity professionals, and why good governance from the start is essential

JC Gaillard goes back to exploring the dynamics around cybersecurity strategic transformation and highlights why governance, people, and long-term vision matter more than flashy slides; read his original article on the theme here

⁠JC Gaillard⁠ highlights a number of issues in relation with cybersecurity awareness programs and why we might have been doing awareness the wrong way for the last two decades; read his original article on the theme here

JC Gaillard explores why the traditional CISO role has struggled to evolve and highlights what needs to change; read his original interview on the topic here

⁠JC Gaillard⁠ revisits once again a number of aspects in relation to the role of the Board around cybersecurity and highlights why it is essential for the conversation to be grounded in reality; read his original interview on the topic here

JC Gaillard and guest Mark Jacob from Cyrista revisit the challenges of post-quantum cryptography, and highlight why it is essential to take it seriously and start acting now

JC Gaillard highlights the complexities of cybersecurity transformation, emphasizing the importance of leadership, governance, and cultural change; read his original interview on the theme here

JC Gaillard revisits one more time the role of the Board around cybersecurity, this time in the light of a recent article in the Harvard Business Review; read his original article on the theme here

JC Gaillard deconstructs three topics which embody the problems still facing the cybersecurity narrative and highlights why it is key to avoid shallow and outdated positions on those matters; read his original article on the theme here on Forbes

JC Gaillard looks back at the CISO Report 2025 from Splunk, the interaction between CISOs and the Board, and the aspects that really matter; read his original article on the theme here

JC Gaillard looks back at the limitations of surveys detailing the costs of data breaches, and re-iterates that cybersecurity cannot just be reduced to a mere numbers game; read his original article on the theme here

JC Gaillard goes back to the dynamics of success and failure around cybersecurity and why it is key to look beyond budgets and investments; read his original article on the theme here

JC Gaillard revisits the importance trust and relationships for CISOs, looking beyond the mere justification of cybersecurity investments; read his original article on the theme here

In this second episode of Series 6, JC Gaillard revisits his views of the role of the CISO and the CSO and the real dynamics of cybersecurity transformation; read his original article on the theme here

JC Gaillard introduces the first episode in Series 6 of the Cybersecurity Transformation Podcast and highlights the various themes that will be covered in the series; read his original article covering the theme here on the Corix Partners blog

In this episode, JC Gaillard looks back at the dynamics of the "Cybersecurity Spiral of Failure" and the levers top executives can action to break out of it; this is the theme of his second book, released on Amazon in January 2024 and listeners can buy the book here

In this episode, JC Gaillard looks back at the "What", the "How" and the "Who" of change around cybersecurity - as mentioned in episode 21 - and what it takes to build or rebuild a successful cybersecurity operating model; the 2021 Corix Partners white paper on the theme can be downloaded here

In this episode, JC Gaillard looks back at cybersecurity governance challenges in the light of a recent article from McKinsey and offers his views on the matter, echoing a number of topics already discussed in earlier episodes of the podcast; the McKinsey article can be found here; JC's original article on the theme can be found here

In this episode, JC Gaillard revisits the issues at the heart of the interaction between the CISO and the Board and highlights why a sense of context is key to establishing meaningful exchanges around cybersecurity; read his original article on the theme ⁠⁠here

In this episode, JC Gaillard looks back at cyber resilience in the light of previous podcast episodes and offers his views around a recent HBR article on the topic; read his original article on the theme here; the HBR article mentioned in the podcast can be found here

In this episode, JC Gaillard and Chris Burtenshaw from Strata Security look back at the recent Crowdstrike outage and analyse the first implications from the incident

In this episode, JC Gaillard analyses a recent article from Hacker News and highlights his take on the 5 key questions CISOs should ask about their cybersecurity strategy; read his original article on the theme ⁠here

In this episode, JC Gaillard looks back at the various messages at the heart of the storytelling of security vendors, and highlights why true independence is a rare but essential commodity in the cybersecurity world; read his original article on the theme here

In this episode, JC Gaillard goes back to the dynamics surrounding the procurement of cybersecurity tools and explains why cybersecurity transformation is not - and cannot be - about implementing yet another technology product; read his original article on the theme here

In this episode, JC Gaillard shares his - still evolving - views on the impact Generative AI can have on cybersecurity and reflects on how the situation have evolved (or not) since his first article on the theme back in 2018

In this episode, JC Gaillard looks back at the role of the CISO, how it has evolved over the past two decades and where the priorities should be to drive real and lasting transformation around cybersecurity; read his interview on the theme ⁠here

In this episode, JC Gaillard looks back a the cybersecurity toolkit landscape and the issues already highlighted in earlier series of the podcast and put things in perspective around the need to declutter; read his interview on the theme here

In this episode, JC Gaillard explores the relationship between cybersecurity vendors and Board oversight, why they appear to be so driven by it and where their arguments often appear to be flawed; read his article on the theme here

In this episode, JC Gaillard looks back at a number of cybersecurity governance aspects he has written or spoken over the past few months, in the light of a recent report by Diligent and Bitsight; read his article on the theme here

In this episode, JC Gaillard makes a rare foray in the field of Artificial Intelligence and generative AI and highlights what he sees as the big untold problem at the heart of many discussions on the theme; read his article on the theme here on Forbes

In this episode, JC Gaillard talks around the concept of risk and the importance of using accurate and rigourous language around those aspects across the cybersecurity industry; read more about the approach he highlights in this whitepaper

In this episode, ⁠JC Gaillard⁠ looks back at the role of the virtual CISO and in particular why many small firms would often benefit from looking internally first, before jumping to externalised cybersecurity solutions; read his original article on the theme ⁠⁠here

In this episode, JC Gaillard continues his journey across cybersecurity governance matters, and in particular he goes back to the construction of the role of the CISO and why it is essential to put it back in its historical perspective; read his original article on the theme ⁠here

In this episode, JC Gaillard continues to explore cybersecurity governance and in particular, why it is essential to place it in a broader corporate governance context; read his original article on the theme ⁠here

In this first episode of the series, JC Gaillard explores issues around cybersecurity governance and ownership and in particular, why cyber resilience needs clear accountability from the top; read his original article on the theme here

The UK Government "call for views" around a proposed "Cyber Governance Code of Practice" mentioned in the episode can be found here

In this final episode of Series 4, JC Gaillard goes back to the role of the Board in relation to cybersecurity and clarifies a number of aspects from earlier episodes; read his original article on the theme here