Podcasts
Afternoon Cyber Tea with Ann Johnson
Ep 109
Afternoon Cyber Tea with Ann Johnson 6.17.25
Ep 109 | 6.17.25

The Human Firewall: People-First Cybersecurity

Show Notes
Transcript

Ann Johnson: Welcome to Afternoon Cyber Tea, where we explore the intersection of innovation and cybersecurity. I'm your host, Ann Johnson. From the frontlines of digital defense to groundbreaking advancements shaping our digital future, we will bring you the latest insights, expert interviews, and captivating stories to stay one step ahead. [ Music ] Today I am thrilled to welcome Dr. Aleise McGowan, the Chief Information Security Officer for BlackGirlsHack, and a 20-year veteran in cybersecurity. Aleise has done it all, from network administrator, to adjunct professor, to red and blue team testing, to governance and even incident response. She is a wealth of information, and I'm really excited that she's made the time to be here to share that with our Afternoon Cyber Tea community. Welcome to Afternoon Cyber Tea, Aleise.

Dr. Aleise McGowan: Thanks, Ann, it's great to be here.

Ann Johnson: So I mentioned just a few of your career highlights, and you have such depth in almost every aspect of cybersecurity. Can you share how you became interested in the cybersecurity industry? And what shaped and started your career?

Dr. Aleise McGowan: Sure. So when I first graduated with my degrees in Management Information Systems and Computer Science, I was young, ambitious, and eager, you know, to make my mark in the tech world. And so I went to work every day, you know, excited to apply the programming skills that I learned in school, especially to techniques from my advanced visual basic course. And so what I didn't realize at the time was that while I was taught how to build software, no one had taught me how to build it securely. And so within my first month I got assigned my, you know, first task to build my very own first web application. You know, it was kind of like a big deal. It was like, "Hey, my moment to shine." And so I threw myself into the project, coded my heart out, and moved the final version from development to production, and you know, I was thrilled when it finally went live. And so I showed up at the office a few days later, you know, I had my iced green tea in my hand and I was, you know, excited to check on my work. And instead of the pride that I was expecting, my stomach dropped because the site had been hacked and defaced 02:20. And so in that moment, you know, I felt a wave of embarrassment, panic, and I also was worried that I was going to lose my job. But that's, you know, when it had hit me that building cool tech wasn't enough, you know, it had to be locked down and protected. So that moment kind of completely changed the direction of my career, so I pivoted into cybersecurity, you know, determined to turn, you know, that early mistake into a mission and kind of help people build secure, resilient systems. And you know, ever since then I've just focused on projecting systems and data and just turning, you know, what could have been a career-ending moment into one of my greatest strengths.

Ann Johnson: I love that story because cyber is mission-driven work. We talk about that a lot on the show. And it sounds like your entry also was solving hard problems, keeping the world safer, and actually turning something that could have been negative into a really positive experience.

Dr. Aleise McGowan: Right, and it was. So I just kind of tripped and fell into cyber I guess or got hacked and landed here.

Ann Johnson: I think a lot of us do. By the way, I think a lot of us end up by accident here and then we love it, right, we just don't leave.

Dr. Aleise McGowan: Right, we just stay. [Laughs]

Ann Johnson: Yes. And there are also too many buzzwords that show up in our industry. You've heard them, I've heard them. One of the things that's showing up recently is "next-generation security". You've worked in so many different aspects of cybersecurity, I know you have a broad perspective, so I want to understand from you, what does "next-generation cybersecurity" mean to you, and where do you think that organizations are falling short in preparing for the next generation?

Dr. Aleise McGowan: You know, Ann, so when I hear, "Next-generation cybersecurity," I believe that it lies at the intersection of machine learning and AI quantum in our virtual reality. Moving beyond that, no I don't just think about AI quantum and VR, you know, I think about people. And so to me it's about building systems where diversity, adaptability, and human intuition are, you know, just as critical as the tech itself or whatever. So it's about moving, you know, beyond tools to culture, collaboration, and even diverse perspectives, because homogenous environments, you know, themselves are security risks. And just so some of the solutions where -- areas that people are falling short would be like to embed security into the culture, treat employees as a human firewall. So for example, like a gamified training program that I designed reduced phishing susceptibility by 35% in the school district. So next-gen cybersecurity, you know, isn't just about outsmarting hackers, you know, it's about outgrowing our old biases. And, you know, if we want systems that withstand tomorrow's threats then, you know, we need to invest in people today, you know, their skills, their perspectives, and even their passions to protect what matters.

Ann Johnson: You know, I think it's really important, you touched on it, and it's something that I've talked about which is the culture of cybersecurity, putting humans in the forefront of cybersecurity. Can we just pull that thread just a little bit more and maybe talk about ways you've done that in the organizations you've been in?

Dr. Aleise McGowan: Sure. And I guess because I see where even organizations have like fallen short where the overreliance of like outdated playbooks and still kind of treating cybersecurity as like this checklist where, you know, like firewall check compliance, all this -- all that check, you know, versus a living -- actually, you know, like a living strategy. And so -- and culture is so important in a place, and so I guess trying to embed -- like you mentioned, embedding, you know, security into the culture of a place, you know, kind of baking it in, like even so much like security by design but more so baking it into the culture and not so much relying on just equipment.

Ann Johnson: I think it's important, baking it into the culture, not just relying on technology. And as we think about the next topic I want to talk to you about, which was the Security Operation Center, or the SOC, that is also evolving, and that is also becoming next-generation. And it's not just about the technology, it's about the technology plus humans. So how do you think leaders should be thinking about the roles of SOC, the broader business resiliency, and what does the next-generation SOC look like?

Dr. Aleise McGowan: So I was on LinkedIn the other day, and Julian Sanchez had a post about building a home lab SOC. And it kind of resonated with me as a CSO because innovation often, you know, starts with curiosity, you know, whether that's in like a garage or a boardroom. And so next-gen SOC isn't just about the tools, it's a strategic asset that aligns technical agility with business resiliency. And so as a CSO, my role is to bridge that gap to ensure that the SOC evolves as both a defender and an enabler. Some priorities that I think need to be focused on for like a next-gen SOC will be like automation with strategic oversight, so kind of implementing a SOAR platform to handle your repetitive tasks but, you know, also paired in with human expertise to help analyze like different attack patterns and even like, you know, automated intelligence loops so where you can use AI to correlate the internal data like your logs and incident reports with external threat feeds or whatnot. And so I think a lot of organizations fall short in areas where, you know, they kind of overlook governance. You know, your tools alone won't save you, and it's like policies, you know, and accountability, they matter. And so, you know, building frameworks that empower the SOC to kind of influence enterprise-wide risk decisions will kind of, you know, help the organization in that area. And even also we still hear and talk about like silo leadership where CSOs still don't have a seat at the executive table, you know, which can kind of lead to misaligned priorities. And so establishing a cross-functional steering committee where you have like Legal, HR, and IT to kind of help align SOC initiatives with the risk appetite for the organization, all of those are areas that organizations are falling short but, you know, things that they can kind of move towards. And even fostering a culture of like experimentation, where you could kind of encourage your teams to adopt a home lab mindset, you know, kind of like the project that I mentioned and, you know, to kind of test unconventional tactics, and even if that means the company allocating budget, you know, for internal hackathons or, you know, give somebody $500 for a home lab. You know, you'd be surprised how that lab could, you know, solve a million dollar problem. So a next-gen SOC isn't, you know, just a technical upgrade, you know, it's a leadership challenge. And as CSOs our job is to ensure that the SOC isn't just fighting today's fires but anticipating tomorrow's storms as well.

Ann Johnson: I love the way you put that. I may steal that phrase, by the way.

Dr. Aleise McGowan: You can have it. [Laughs]

Ann Johnson: Yes. [Laughs] And I love your energy, so I'm going to talk to you about another leadership topic, because you have this great energy that you're bringing to this, you know, optimism, but really pragmatic approach. So we talk a lot about incident response. People get very, very nervous about incident response. The industry as a whole has used assumed breach as a paradigm for, you know, well over a decade. But in incident response, what do you think the best leaders -- people who are leading incident response and trying to prepare, you know, the folks who are responding, what are they doing in those first 24 hours?

Dr. Aleise McGowan: So I'm going to borrow a line from Stephanie Maple that said it takes 20 years to build a reputation and minutes to ruin it. And so in those first 24 hours of a breach, you know, the clock is really your enemy. And so the best leaders act with urgency, clarity, and also empathy to kind of help turn the tide, because as a CSO I've learned, you know, it's not about avoiding the storm but, you know, steering the ship through it; and so like prioritizing containment over perfection. So you know, like got to stop the bleeding and kind of isolate affected systems, shut down compromised accounts, you know, things like that. Because what, Verizon's Data Breach Investigations Report said that like 45% of breaches involve hacking in minutes. And so, you know, delayed action equals exponential damage, so you kind of want to avoid analysis paralysis, if you will. Because I don't know, throughout my career, I've just seen that perfect intel is a myth, and also, proper communication is a must, you know, remembering to communicate with transparency, sending out like a concise internal message like, you know, "We're investigating a potential incident, so avoid external communications until further notice," or whatever, you know, it just kind of goes a long way, but you don't have to have -- you know, it kind of ends the speculation a little bit or kind of helps to deal with it, you know, even kind of managing stakeholders and not just systems. And so with three-line update to the board or executives like what happened, what we're doing, and, you know, what you -- what we need from you, and even sending employees and customers like a pre-draft template alert, you know, "You may receive phishing emails claiming to be us. Hey, don't click it." And so it's just about preparing before the crisis. I've participated in SANS Executive tabletop exercise at WiCyS this year, and the one thing that kind of stuck out to me the most was, you know, the impact of chaos. People were shutting down systems and they really didn't know what to do, so simulating the unthinkable to kind of, you know, help prepare before, you know, you're actually there. So you know, as a leader, if you haven't stress-tested your IR plans, you're -- you know, just assume you're already behind and start drilling today. Because in cybersecurity, you know, hope isn't a strategy, preparation is; and so the first 24 hours, you know, they kind of define your reputation, but they're just the start. You know, great leaders don't just respond, you know, they inspire like confidence, they learn fast, and they emerge stronger.

Ann Johnson: It's a great way of saying it, right? "Hope is not a strategy" is one of my favorite expressions. But what I tell people is that you have to have an incident response playbook that's written, tested, communicated, all the stakeholders know what it is; because what you don't want is people lacking clarity in times of crisis --

Dr. Aleise McGowan: Mm-hmm.

Ann Johnson: -- or people having to make hard decisions in times of crisis. You just follow the playbook. And of course you'll have to pivot because not every incident is the same, but if you have --

Dr. Aleise McGowan: Right.

Ann Johnson: -- something written that you've tested, right, and testing it --

Dr. Aleise McGowan: Right.

Ann Johnson: -- is the important thing.

Dr. Aleise McGowan: Right. Yes, I like to say being resilient isn't what you're doing during the storm it's, you know, what you build long before the clouds even start to gather.

Ann Johnson: Exactly. If you lived -- and I always say this to organizations I talk to, you all have plans if you had a natural disaster, if you had a fire, if you had a flood, if you had an earthquake, whatever it is, they're tested, they're communicated, you know what you're going to do. Cyber should have the same rigor. A cyber event should have the same rigor; which brings us to resilience. So cyber resilience does go hand in hand with business resilience. We've talked about this a little -- good lead into it, how do you get cyber resilience right, not just from a tech standpoint, but also from a more culture standpoint?

Dr. Aleise McGowan: Okay. And so just to kind of build on the fire thing that you mentioned, so getting it right is like building a city that doesn't just fear fires, you know, it trains firefighters, it designs flame-resistant buildings, it teaches every citizen to spot smoke. So it's not about avoiding the inevitable breach, but it's about bending without breaking, so that when a crisis actually hits, the business doesn't just survive, it knows how to adapt and thrive; and so from a tech aspect, architect for adaptability, you know, not just defense. So like automated resilience I feel is key, self-healing systems such as auto-reverting, you know, to clean backup reduced your downtime. IBM, their breach report said that companies with automated recovery actually cut breach cost by $3 million on average. Also fostering a culture, we talked about that, where every employee is a defender and a leader. And also, you know, measure what matters. Recovery over perfection. So track time to recover, not just time to detect. And so, you know, how fast can the finance system reboot after an attack? Can customer service maintain SLAs during the breach? And so resiliency isn't like a checkbox, it's a culture. When it's done right, you know, it turns crisis into like a catalyst. And so companies that get this don't just bounce back, they bounce forward. And so -- and they are armed with sharper tools, tighter teams, and unshakeable trust. And in today's world, you know, that's not just security, it's a strategic advantage.

Ann Johnson: Yes, I think that's right. And that strategic advantage piece is what people need to remember is that you are going to have some kind of event, right, and it's how you recover, how quickly you recover, and how quickly you get your business online, those are the metrics you have to be thinking about. Well, let's switch topics. You spoke -- congratulations, by the way, you spoke --

Dr. Aleise McGowan: Thank you.

Ann Johnson: -- this year at RSA on penetration testing. I know how hard it is to get selected to be one of the 450 people that speak out of the thousands of submissions, so you deserve the congratulations.

Dr. Aleise McGowan: Thank you, thank you.

Ann Johnson: You're welcome. How do you make the connection between penetration testing and business value, because it's a hard thing to do, right, because executives really aren't that interested in penetration testing. So how do you actually have the conversation so people aren't just thinking about it as some technical thing or some compliance thing?

Dr. Aleise McGowan: So I tell executives that penetration testing isn't just about checking the compliance box. And so you want to align your pen testing with a business risk and not just technical flows. So that could mean, you know, mapping findings to financial impact. And so during a pen test for a healthcare client, we exported a misconfigured API to access patient records. And so I could show executives that a breach could trigger, you know, eight million plus in HIPAA fines and a 30% patient drop in trust. And so don't just test to pass, you know, test to prove. When your next pen test result lands, you know, ask, "How does this make us stronger?" If you can't answer that then, you know, you're wasting money. And so to executives, I would say compliance is the floor not to ceiling. You know, people say that all the time. But penetration testing is how you build a bulletproof reputation, you know, one that attracts customers, retains talent, and turns cybersecurity from like a call center into one of your most powerful insurance policies; because in today's world like resiliency isn't optional, it's your brand.

Ann Johnson: Yes, "resilience is your brand" is something everyone should remember, and cyber should be a fully-integrated business partner, not just the people you call when something goes wrong. And I noted that Cobalt recently released its 2025 State of Penetration Testing Report, and it said that less than half of all penetration testing findings actually get resolved. How should companies be thinking about penetration testing and even other offensive tactics like red team, and how should they be both resolving the issues but using that to improve their customer trust?

Dr. Aleise McGowan: So yes, that report was pretty blunt, because organizations remediate barely like 48% of vulnerabilities that the pen testers hand them. And then even in the same report, when respondents rank why they fix things, like whether or not it was a critical issue, you know, was it easy to fit compliance, PI, exposure, asset sensitivity? You know, those were the things that they listed; like customer trust never even cracked the list. And so it's really a missed business opportunity that's hiding in plain sight. And so a shift from prove or compliant to prove or say. And so make every pen test goal-based. Protect the journey, like the checkout, the patient portal, or PLC, not checkbox-based. And even feeding finding straight into the same backlog that developers use instead of sending it to a PBF graveyard. And even integrating remediation signals into like your customer-facing status. So surface a quarterly security posture delta on your public status page, you know, whisked it up four points, because 92% of the 2020 findings were closed. And also kind of close the feedback loop with your customers. Provide an "ask the pen test" webinar, you know, after major releases. So pen testing is only an expense when the findings go untouched. Once those findings drive faster fixes, visible metrics, and honest conversations, then it becomes a brand asset. And that's the proof your customers need that trust isn't just a buzzword, but a deliverable.

Ann Johnson: Exactly. And the fact that you need to have metrics and proof for your customers, too, right, they just --

Dr. Aleise McGowan: Right.

Ann Johnson: It's not just say, "Take my word for it." Pen test is evolving. You talked about machine learning and AI earlier. Can you talk about how machine learning AI is going to help evolve pen testing to the next generation of offensive security?

Dr. Aleise McGowan: Sure. So the next generation of pen testing won't be defined by tubes, it will be defined by how well humans and AI can collaborate to, you know, outthink adversaries. So at RSAC, you know, during the workshop, Tennisha Martin and I showed how AI can turn like a lone wolf pen tester into a cyber orchestra. So just to be clear, like AI isn't replacing humans, it's just kind of redefining our role. Just like students who use ChatGPT to cheat instead of learning, professionals, you know, that treat AI as a crutch, you know, they're going to fall behind. And so, you know, the future belongs to those who keep humans in the loop, leveraging AI to augment, not replace their expertise.

Ann Johnson: Yes, I was reading just this week a bunch of commentary from some professors, as you're getting into like finals, right, and a lot of universities --

Dr. Aleise McGowan: Mm-hmm, Mm-hmm.

Ann Johnson: -- and students really complaining that they couldn't use AI to answer some of the questions. So I'm like kind of defeats the purpose, why would pay all that money to go to college if you're just going to have some technology, you know, solve your problem?

Dr. Aleise McGowan: Yes, we had a teacher require that they write code on paper and you would have thought it was the end of the world. [Laugh]

Ann Johnson: That's fantastic, though. At least, you know --

Dr. Aleise McGowan: Yes.

Ann Johnson: -- the job of a teacher is to teach and make sure people are learning, right? Anyway.

Dr. Aleise McGowan: Right, right.

Ann Johnson: I want to pivot. I want to save time for your work with BlackGirlsHack because you do such important work there. Can you explain the mission of the organization, what you're aiming to accomplish in the industry, and how did you get involved?

Dr. Aleise McGowan: Sure, yes, I appreciate that. So to kind of shift gears, so because while working as a CSO is deeply rewarding, you know, nothing fuels me more than what we're building at BlackGirlsHack. You know, we were originally founded to uplift black women and girls, a group that's severely underrepresented in cybersecurity, but now our doors are open to everyone who shares our values. So we educate, empower, and prepare allies also. And so the only folks that, you know, we exclude are jerks. [Laughs] And so our community thrives on respect, collaboration, and the belief that diversity strengthens defense.

Ann Johnson: I absolutely love that. And I love the fact that you're building allies also, because we need allies and the only people you don't invite are jerks. That's such a great way to say it. We're not excluding anyone unless you're a jerk.

Dr. Aleise McGowan: Unless you're a jerk. [Laughs]

Ann Johnson: Yes. You've been there for more than four years. Is there one moment, one story that you'd like to share that really stuck out to you as being impactful?

Dr. Aleise McGowan: Yes; so there are countless moments that elbow me. But one that I'll never forget involves a young lady that started working as a part-time parking attendant with the rangers and, you know, after joining BGH, her career progressed from a junior cybersecurity analyst to the manager of the department. And what I love most is that, you know, she didn't get the career and move on, but she's paying it forward by volunteering that countless hours with BGH to, you know, try to help someone else. And so backstory isn't unique, it's really like our blueprint. So every time someone says, "I don't belong here," or, you know -- you know, we can show them someone that had no cyber background, or a divorced stay-at-home mom of two that's now working with NASA, or even a veteran who defends networks like she defended her country. So that's the power of BGH. You know, we don't just open doors, you know, we build new ones brick by brick.

Ann Johnson: I think that's another -- you have all these wonderful sayings. Storytelling is so important, and when you have expressions that make it clear -- we tend to talk in this ridiculous language in cyber. I'm glad you have clarity that you can story-tell because it's going to resonate not just with the audience in Afternoon Cyber Tea -- not that they're not important because they are, but it resonates with the whole industry and making a change in the industry. So thank you for being a gifted storyteller as well as being very talented.

Dr. Aleise McGowan: Well, I'll just give a shoutout to the WiCyS Speaker Development program right here. [Laughs] I've been spending the last few weeks with them, so great to hear.

Ann Johnson: WiCyS does so much great work. How do you think about programs like BlackGirlsHack, how do you think about reshaping the talent that enters cyber, especially compared to -- and I don't know how many traditional pipelines we have in cyber, but I'm going to combine a couple questions. What does the unique talent that comes through your pipeline bring to the industry that they may not get from somebody who just graduate -- say who just took cyber courses in college and entered that way?

Dr. Aleise McGowan: Right; so kind of your traditional pipelines for cybersecurity talent often feels like a narrow bridge where -- you know, where only a select few make it across. And so programs like ours, you know, are tearing down that bridge and kind of building back the highway and proving that, you know, the best defenders don't always come from like AVULN [phonetic] computer science programs or corporate incubators. Sometimes they're a single mom, or a teacher, or an artist, people who have lived experiences that make them, you know, uniquely equipped to spot and stop tomorrow's threats. So your traditional pipelines a lot of times rely on degrees, certifications, and existing networks. But with BGH, you know, we try to provide access, you know, with free or reduced training, and also with mentorship, because it's important to us that, you know, not just help to help you get the job, but to make sure when you get the job, you can actually do the job and keep the job, and keep the job, and thrive in the environment and, you know, allow your career to progress and grow.

Ann Johnson: Yes, and I think that's incredibly important. I often say you go where you're invited, you stay where you're welcome. You also have --

Dr. Aleise McGowan: Right.

Ann Johnson: -- and there's another expression I use that I hope you appreciate which is, "Participate in your own rescue -- "

Dr. Aleise McGowan: Mm-hmm. Yes.

Ann Johnson: -- which means you need to not only get the skills to be hired, you need to also continue to -- no matter how -- I'm very tenured, you know, in my career. I'm still learning every day because in order for me to continue to be welcomed, I need to continue to have skills that are relevant to the world today.

Dr. Aleise McGowan: That's correct. So one of my friends said to me earlier this week that complacency assumes that what is enough is enough, and it's not. [Laughs]

Ann Johnson: No, it's not, and it's the way you get left behind, by the way --

Dr. Aleise McGowan: Right.

Ann Johnson: -- if you're just not willing to learn. And that's just not hard technical skills, it's also communication skills, it's how you show up in meetings. It's just incredibly important. You know, I tell people on my team you're interviewing for your next job every day. And you really are, because if you suddenly -- if someone's had really negative experiences with you all along and then you go to interview with them for the next job because you're like, "I'm super qualified," their perception of you is not going to be positive going in, right?

Dr. Aleise McGowan: Right. Right.

Ann Johnson: So let's talk a little bit about cybersecurity leadership for just a minute. How would you redesign it? If you had an opportunity, right, you could redesign cybersecurity leadership from the ground up, new tools, new teams, new mindset, where would you start? What would you focus on?

Dr. Aleise McGowan: I think I'd start by throwing the old playbook away. [Laughs] Today's cyber leaders are expected to be part technologist, part psychologist, as part futurist, but we're still operating like it's 2010. And so the rebuild begins with three seismic shifts, prioritizing, resilience, over-perfection, treating diversity as a security strategy, and empowering change to think like rebels and not just rule followers, and so and even like building cognitive diversity, hiring new or diverse talent, career changers, and ethical hackers from marginalized communities; because the future of cybersecurity leadership isn't about, you know, bigger budgets or fancier tools. Just imagine a world where the CSO isn't the smartest person in the room, but the one who listens the hardest. That's the change I'm fighting for.

Ann Johnson: I think that's a worthy change to fight for. Well, I close Afternoon Cyber Tea. It's a good segue into optimism. I call myself a cyber optimist. With your energy, I bet you're pretty optimistic, too, whilst being pragmatic. With that in mind, what are you optimistic about with the future of cyber?

Dr. Aleise McGowan: I'm wildly optimistic because the next generation of cyber defenders, you know, they're not waiting for permission to reinvent this field. You know, they're moms building home labs after bedtime, teachers scripting exploits because classes, you know, an artist using creativity to outsmart AI-driven threats. And so at BlackGirlsHack, you know, I see firsthand how diversity isn't just, you know, a nice-to-have, it's the, you know, secret sauce to out-innovate adversaries. But what excites me the most is that the walls are crumbling. You know, companies are finally realizing that a hacker's grit matters more than their GPA. Schools are ditching out data curriculum for hands-on learning. And in tools like AI, once [inaudible 00:30:13] are being using by communities to protect their own. So you know, we're not just defending systems anymore, we're building a future where cybersecurity is a human right and not a luxury.

Ann Johnson: That's fantastic. That's a great way of putting it. And it's a great way to close. Aleise, I know you're super busy. You have this really amazing work that you are doing. I appreciate everything you're doing for the industry. I know you're at the end of the semester in your Assistant Professor role, so I appreciate you making the time to join me today. Thank you.

Dr. Aleise McGowan: Oh, yes, you're welcome. Thanks for having me.

Ann Johnson: And many thanks to our audience for tuning in. Join us next time on Afternoon Cyber Tea. [ Music ] I invited Aleise to join me because she has a breadth of experience across many areas of cyber. She's truly an expert. She's especially smart at bridging the gap between knowledge and action and between cyber and business, also really an expert when it comes to incident response and offensive security. No matter what your role is, I think there is something you're going to learn from this episode. It was fabulous. And I mentioned on the episode even one of the reasons I love doing this show is I get to meet these fascinating people I would never normally meet. It was a great episode. [ Music ]

Afternoon Cyber Tea with Ann Johnson
Podcast Info
HOST(S):
Ann Johnson
Ann Johnson, Corporate Vice President and Deputy Chief Information Security Officer at Microsoft, talks with cybersecurity thought leaders and influential industry experts about the trends shaping the cyber landscape and what should be top-of-mind for the C-suite and other key decision makers. Ann and her guests explore the risk and promise of emerging technologies, as well as the impact on how humans work, communicate, consume information, and live in this era of digital transformation. Please note, the opinions expressed by guests on this podcast are their own and are not endorsed by, nor do they necessarily reflect opinions of, Microsoft or Ann Johnson.
Schedule: Tuesdays
Credits: Executive Producer is Charlynn Settlage, Producers are Rob Petrillo and Greg Ormsby. Production Manager is Max Solomon, Scheduling and Administrative Support is Katie Zwart, and our Audio Engineer (and magician) is none other than The Great Rich Cerbini.
Creator: Microsoft