Shows
Secure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceVolunteer Work in Cybersecurity Nonprofits | Interview with Aruneesh SalhotraJoin Dejan Kosutic, CEO of Advisera, on the Secure and Simple Podcast as he delves into the importance of cybersecurity NGOs with expert guest Aruneesh Salhotra. Explore the impact of organizations like OWASP and the Eclipse Foundation on global cybersecurity standards, the benefits of volunteering in these NGOs, and the influence of these nonprofits on government policies. Learn about Aruneesh’s involvement with projects like OWASP AI Exchange and AI BOM, and gain insights on how consultants and CISOs can leverage these organizations for professional growth and thought leadership. Links from the episode: - Conformio software to...
2025-10-0736 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceBuilding a Business-Aligned Cybersecurity Strategy | Interview with Thom LangfordIn this episode, Dejan Kosutic, CEO at Advisera, chats with Thom Langford, CTO of the EMEA region at Rapid7 and a director at (TL)2 Security. Thom shares invaluable insights from his 30-year career in cybersecurity, focusing on creating a business-aligned cybersecurity strategy and building a cybersecurity culture. Learn why understanding your business is crucial for effective cybersecurity, how to integrate security without hindering business operations, and ways to leverage cybersecurity as a competitive advantage. Thom also discusses the importance of risk management and how to effectively communicate cybersecurity needs to senior leadership. Links from the episode: ...
2025-09-2353 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceDemystifying Corporate Governance With ISO 37000 | Interview with George KestevenIn this episode of the Secure and Simple podcast, host Dejan Kosutic interviews George Kesteven, CEO of Frontex, who shares his experience in corporate governance. They discuss the critical importance of proper documentation and knowledge management in organizations for effective governance and compliance. The conversation covers the fundamentals of ISO 37000, how it helps organizations meet their governance objectives, and the distinctions between governance and management. They also explore how consultants can leverage ISO 37000 to assist organizations in achieving well-defined and structured governance systems. Links from the episode: - Conformio software to streamline and scale ISO 27001 implementation...
2025-09-0943 min
The ISO Review PodcastEnhancing Information Security Management Systems with AIClick here to learn about our new DIY ISO 9001 program using AI .Welcome back to the ISO Review Podcast. In this episode, hosts Jim Moran and Howard Fox are joined by special guest Dejan Kosutic, CEO of Advisera.Dejan is a renowned cybersecurity expert for ISO 27001. He is passionate about making compliance accessible. Dejan and Jim discuss how to use Artificial Intelligence (AI) to enhance your Information Security Management System (ISMS).DISCUSSIONAI and ISO 27001: Use cases for integrating AI into ISO 27001 compliance and...
2025-09-0134 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceU.S. vs International and European Cybersecurity Standards | Interview with John VerryIn this episode, host Dejan Kosutic, CEO of Advisera, welcomes John Verry, Managing Director at CBIZ Pivot Point Security consulting company. With over 25 years of experience and managing more than a thousand clients, John shares his immense expertise in various cybersecurity frameworks, including ISO 27001, CMMC, HIPAA, and HITRUST. The discussion delves deep into the complexities and opportunities within cybersecurity governance, the nuances of different frameworks (especially ISO 27001 and HITRUST), and the impact of AI and privacy regulations. Whether you're a consultant, CISO, or cybersecurity professional, this episode has valuable insights to help you navigate the ever-evolving landscape of cybersecurity...
2025-08-2641 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceBest Practices for Writing Policies and Procedures | Interview with Carlos CruzIn this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Carlos Cruz, founder of Metanoia Consulting in Portugal. They discuss essential best practices for creating and managing policies, procedures, plans, and other documents for compliance with ISO standards and cybersecurity regulations. Carlos shares insights on the distinction between procedures and work instructions, the importance of writing clear and concise documents, and the challenges of getting employees to adopt new procedures. They also cover the importance of templates, techniques for ensuring documents reflect current practices, and strategies for addressing resistance to new documents. This episode is a...
2025-08-121h 23Secure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceThe Journey and Insights of a Successful Fractional CISO | Interview with Terry ZiemniakIn this episode of the Secure and Simple Podcast, we sit down with Terry Ziemniak, an experienced fractional CISO with over a decade in the field. Terry shares his unique career journey from traditional cybersecurity roles to becoming a trusted fractional CISO. We discuss the key differences between full-time and fractional CISOs, how to balance multiple clients, and the importance of aligning cybersecurity with business goals. Terry also provides valuable insights on the essentials of well-written security policies, the crossover between AI governance and cybersecurity, and tips for aspiring fractional CISOs. Join us for a deep dive into the...
2025-07-2949 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceISO-as-a-Service and AI: Innovation in Consultancy | Interview with Alexander JaberIn this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Alexander Jaber, CEO of Compliant Business Solutions GmbH, a consulting company from Germany. They discuss ISO 27001 as a service, an innovative approach that combines consulting, policy writing, software, and certification into a cohesive package. Alexander shares insights on the consulting business, the importance of building client trust, the impact of AI on consultancy, and the future of compliance. Tune in to learn about the challenges and advantages of this unique service model and how AI could transform the industry.Links from the episode: ...
2025-07-1541 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceRole of EU Cybersecurity Bodies and How to Cooperate With Them | Interview with Brian HonanIn this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Brian Honan, the CEO of BH Consulting, to discuss the evolving landscape of cybersecurity and its governance, particularly in the EU. Brian shares insights on the role of European cybersecurity bodies like ENISA and the importance of cybersecurity in business operations. The discussion covers how to effectively communicate cybersecurity concerns to non-technical stakeholders, tips for building a successful consultancy, and the potential impact of new regulations like NIS2 and DORA on the industry. Learn about the resources and tools available for consultants on the ENISA website...
2025-07-0152 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceCoaching as a Service for Human-Centric Cybersecurity | Interview with Dominic VogelIn this episode of the Secure and Simple Podcast, host Dejan Kosutic sits down with Dominic "Dom" Vogel, president of Vogel Cyber Leadership and Coaching. Dom shares his unique journey from traditional cybersecurity consulting to a more human-focused coaching approach. He emphasizes the importance of building strong, empathetic relationships within tech teams and improving internal branding. Dom also discusses the value of integrating cybersecurity strategies with business goals and how a human-centric methodology can lead to more meaningful and sustainable change in organizations. With insights into his coaching methods and client success stories, this episode provides actionable advice for...
2025-06-1748 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceNext-level Consulting: Marketing & AI Governance Opportunities | Interview with Tudor GalosIn this episode of the Secure and Simple Podcast, we delve into the secrets of becoming a subject matter expert and thriving as a consultant. Our special guest, Tudor Galos, shares his transition from a marketing role at Microsoft to establishing his AI and GDPR consultancy. We explore the power of providing valuable content, maintaining positive client experiences, and navigating the growing field of AI governance. Packed with insights on marketing strategies, building trust, and dominating your niche, this episode is a must-watch for cybersecurity (and other) consultants.Links from the episode: - Conformio software to...
2025-06-0346 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceHow to Scale Cybersecurity Consultancy | Interview with Bevan LaneIn this episode of the Secure and Simple Podcast, host Dejan Kosutic speaks with Bevan Lane, CEO of InfoSec Advisory Group. Bevan shares his journey from starting as an independent contractor to building a successful cybersecurity consultancy with offices in South Africa and London, and clients across five continents. Learn about his approach to scaling the business, including hiring passionate young talent, leveraging automation, and adapting to industry changes. Bevan also discusses the importance of balancing work and family life and provides valuable advice for aspiring consultants. Stay tuned for insights on the future of cybersecurity consulting and more.
2025-05-2044 min
The FIT4Privacy Podcast - AI and Privacy insights to help you grow your skillsISO Standards with Dejan Kosutic and Punit Bhatia in the FIT4PRIVACY Podcast E138 S06Can following just one ISO standard help your business grow, save time, or boost sales? With so many different standards out there, is there a way to simplify the process? In this episode, we break down the real impact of ISO standards—how they help businesses, what it takes to get certified, and how you can become an expert in this field. Plus, why should companies even bother with compliance in the first place? To answer these questions, we’re sitting down with Dejan Kosutic, CEO of Advisor and a true expert in the world of ISO...
2025-05-0833 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceUnlocking Business Value From NIS2: The Consultant’s Role | Interview with Philippe CornetteIn this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Philippe Cornette, an interim CISO and founding partner at DigiSôter consultancy, to discuss the challenges and opportunities in cybersecurity consulting. They delve into the importance of aligning cybersecurity projects with business value, the evolving nature of cybersecurity frameworks like NIS2, and the critical skills consultants need to succeed. Philippe shares his journey from working as an employee for over two decades to becoming a consultant and offers valuable insights into how consultants can make a significant impact in this ever-changing field.Links from t...
2025-05-0657 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceUnderstanding the EU Electronic Evidence Package | Interview with Cristos VelascoIn this episode of the Secure and Simple Podcast, host Dejan Kosutic welcomes Cristos Velasco, an independent consultant and associate professor specializing in cyber law, cybercrime, cybersecurity, and AI. They discuss the new EU electronic evidence package published in August 2023 and its enforcement in 2026, diving into the regulation, the directive, and its implications for law enforcement and service providers. Cristos shares his journey into consultancy, the significance of electronic evidence and digital forensics, and the challenges presented by rapidly changing technologies and legislation. They also explore the benefits for companies preparing for these new regulations and offer advice for...
2025-04-2246 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceLeveraging Online Courses for Consulting Success | Interview with Richea PerryIn this episode of the Secure and Simple Podcast, host Dejan Kosutic welcomes independent cybersecurity consultant and Cyber JA podcast host, Richea Perry. Richea shares his journey from facing job loss during COVID-19 to becoming a successful consultant by leveraging online courses on platforms like Udemy. He discusses the importance of building a personal brand, creating valuable content, and how networking on LinkedIn and other platforms can lead to consulting opportunities. Richea also provides insights into the use of AI in course creation, effective communication skills, and the future of online education in cybersecurity. Tune in to learn best...
2025-04-0849 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and CompliancePromoting Consulting Business Through Content Marketing | Interview with Punit BhatiaIn this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Punit Bhatia, founder of FIT4Privacy Consulting Company, author of 4 books on GDPR, and host of the FIT4Privacy podcast. Punit shares his journey from working at a bank to becoming a leading consultant in privacy and AI governance. He discusses the importance of content marketing, personal branding, and consistency in building a consultancy business. Punit also provides insights into how creating expert materials, publishing books, speaking at events, and maintaining a presence on platforms like YouTube and LinkedIn have contributed to his success. Tune in...
2025-04-0842 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceTrends in ISO Standards: Certification Body Perspective | Interview with Tom WheatIn this insightful episode of the Secure and Simple Podcast, host Dejan Kosutic discusses the evolving landscape of standards with Tom Wheat, UK Country Manager at PJR. They delve into the importance of ISO 27001 as the benchmark for global information security, the internal processes within certification bodies, and the value certification bodies can add beyond just issuing certificates. The discussion also covers the role of consultants, the competitive certification market, the impacts of AI, and key recommendations for consultants preparing clients for certification. Tune in for valuable insights on ensuring continuous improvement, compliance, and the future of cybersecurity certification.
2025-04-0846 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceHow to Combine ISO 27001 and GDPR | Interview with Luigi ViscioneThis episode features Luigi Viscione, CEO and Founder of Micsar, a seasoned consultant with a decade of experience in IT security and data protection. Luigi discusses the intersection of privacy and cybersecurity, the challenges and benefits of being a consultant, as well as the importance of integrating multiple security frameworks like GDPR and ISO 27001. Gain insights on how to streamline processes, secure client buy-in, and manage large-scale implementations effectively. Don't miss Luigi's experiences on the future of AI in consultancy and how it can influence the cybersecurity landscape.Links from the episode:- Conformio software to...
2025-04-0851 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceTrends with ISO 27001, NIS2, and Supplier Security | Interview with René MatthiassenIn this episode of the Secure and Simple Podcast, host Dejan Kosutic is joined by Rene Matthiassen, a senior security consultant and partner at Front Door Security. With 30 years of experience in cybersecurity frameworks, Rene discusses the importance of tailored security frameworks, particularly ISO 27001, and how they benefit companies and suppliers under NIS2 scope. They delve into Rene’s journey from network engineering to consulting, the process behind developing security standards, and practical steps for managing cybersecurity among suppliers. The conversation also touches on the increasing importance of operational technology security frameworks like IEC 62443 and provides a forecast for th...
2025-04-0847 minSecure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and ComplianceHow to Become a Successful Consultant | Interview with Carlos CruzIn this episode of Secure and Simple Podcast, host Dejan Kosutic interviews Carlos Cruz, founder of Metanoia and ISO 9001 & ISO 14001 expert at Advisera. Carlos shares his journey in the consulting business, starting from the 1990s, and provides valuable insights on the do's and don'ts of building a successful consulting career. Learn how Carlos used writing, training, and strategic connections to grow his business, and how the consulting landscape has changed over the decades. The discussion also touches on the role of AI in consulting and offers practical advice for new consultants. Don't miss this opportunity to learn from Carlos's...
2025-04-0859 min