All links and images for this episode can be found on CISO Series After every breach, you hear the same mantra from the attacked company: "We take security and privacy seriously." It's lost all its meaning. But what if you truly ARE serious about how you handle security and privacy? Should you say "seriously" twice? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Geoff Belknap (@geoffbelknap), CISO, LinkedIn and co-host of Defense in Depth. It was recorded in front of a live audience at Microsoft's Silicon Valley Campus in Mountain View, California as part of a regular ISSA-SV and ISSA-SF meeting. Check out all the fantastic photos from the event here. Thanks to our podcast sponsor, SafeBreach and Noname Security SafeBreach provides continuous security control validation powered by our breach and attack simulation (BAS) platform. We enable security leaders to proactively prioritize remediation efforts and drive ROI quickly by consolidating technology costs around what truly enhances your security posture. Real-world attacks. Real-time results. Prevent API attacks in real-time with automated AI and ML-based detection from Noname Security. Monitor API traffic for data leakage, data tampering, data policy violations, suspicious behavior, and API security attacks. Integrate with your existing IT workflow management system like Jira, ServiceNow, or Slack for seamless remediation. Learn more at nonamesecurity.com/runtime-protection In this episode: If you truly ARE serious about how you handle security and privacy, should you say "seriously" twice? Given the immense complexity not just on integration but also training, are we going to see more consolidation of point solutions into suites? When would it make sense for a company to completely dump their security team and completely outsource it? And if you were to outsource it, what the heck would that look like?