Authenticate This! The Cybersecurity Leadership Podcast

In this episode, we talk to Richard Henderson, Executive Director and Chief Information Security Officer of Alberta Health Services, about leading cybersecurity across one of the largest hospital networks in North America. Richard explains how clinical operations, digital safety and human-centered leadership converge in high-stakes environments where downtime can directly impact patient care.He also shares how his background across public and private sectors informs his approach to team development, why he prioritizes continuous learning and rest, and how his perspective as a parent shapes his views on safe technology exposure and foundational digital skills.Key Takeaways:00:00 Introduction.07:13 Limiting screen time improves children's reading abilities.13:19 Mandatory learning plans prevent burnout and enable growth.22:30 Setting boundaries and reducing false urgency helps prevent burnout in security teams.27:53 Saying yes enables business success and collaboration.32:21 MFA and single sign-on form baseline security.37:19 Architectural safeguards protect legacy medical devices with minimal risk tolerance.43:16 Mind maps help clearly visualize all CISO responsibilities.47:16 Building organizational resilience matters more than prevention.53:10 AI cannot replace human intuition.Resources Mentioned:Richard Hendersonhttps://www.linkedin.com/in/richsentmeAlberta Health Services | LinkedInhttps://www.linkedin.com/company/alberta-health-servicesAlberta Health Services | Websitehttps://www.albertahealthservices.caThe Cuckoo’s Egg by Cliff Stollhttps://www.amazon.com/Cuckoos-Egg-Tracking-Computer-Espionage/dp/1416507787Primitive Technology YouTube channelhttps://www.youtube.com/@primitivetechnology9550Thank you for listening to “Authenticate This!: The Cybersecurity Leadership Podcast.” Be sure to leave us a review and subscribe so you don’t miss an episode. For more information, visit ic-consult.com#Cybersecurity #IdentityManagement #InformationSecurity

In this episode, hosts Aaron Lentz and Tim York sit down with Elliott Franklin, Senior Vice President and Chief Information Security Officer of Fortitude Re. Elliott is known as the Cybersecurity Whisperer. He shares his fascinating journey from hacking his high school's grade system to leading cybersecurity programs across diverse industries, from quick-service restaurants to healthcare and financial services.Key Takeaways:00:00 Introduction.01:10 Building a comprehensive information security program from the ground up.07:27 Early career security lessons from testing systems as a high school senior.12:25 Deploying deepfake detection technology in video conferencing platforms.16:40 Digital identity wallets could revolutionize personal data control and privacy.21:45 Creative network segmentation solves challenges with outdated infrastructure.27:16 Risk assessment and framework adoption must precede technology purchases.31:47 Talent shortage in identity and access management remains a critical challenge.36:24 Non-human identities, including APIs and tokens, create security vulnerabilities.41:11 Identity tool migration costs often exceed initial licensing fees significantly.Resources Mentioned:Elliott Franklinhttps://www.linkedin.com/in/elliottfranklinFortitude Re | LinkedInhttps://www.linkedin.com/company/fortitude-reFortitude Re | Websitehttp://www.fortitude-re.comCybersecurity Whisperer YouTube channelhttps://www.youtube.com/@CybersecurityWhispererThank you for listening to “Authenticate This!: The Cybersecurity Leadership Podcast.” Be sure to leave us a review and subscribe so you don’t miss an episode. For more information, visit ic-consult.com#Cybersecurity #IdentityManagement #IdentityAccessManagement

Cybersecurity’s human dimension takes center stage as we welcome Matthew Rosenquist, CISO, Cybersecurity Strategist and Advisor at Cybersecurity Insights. Hosts Aaron Lentz and Tim York guide the discussion, which explores the evolving role of CISOs, the realities of consolidation and AI’s increasing impact, ranging from bridging talent gaps to changing threat profiles.Key Takeaways:00:00 Introduction.01:43 The market’s consolidation cycle disrupts legacy expectations.06:28 CISOs must be influential at both board and business levels.10:55 Technical and business leadership gaps are systemic.14:54 Security features convert freemium users to revenue.18:21 Basic protections boost small businesses’ security posture.22:52 Revenue drivers define an effective security strategy.27:01 Unrealistic entry-level job requirements stall progress.30:59 Upskilling launches junior talent into future leadership.35:19 AI elevates both security analysts and adversaries.43:34 Behavioral awareness defends better than firewalls alone.Resources Mentioned:Matthew Rosenquisthttps://www.linkedin.com/in/matthewrosenquistCybersecurity Insights | LinkedInhttps://www.linkedin.com/company/cybersecurityinsightsCybersecurity Insights | Websitehttps://www.cybersecurityinsights.us/Thank you for listening to “Authenticate This!: The Cybersecurity Leadership Podcast.” Be sure to leave us a review and subscribe so you don’t miss an episode. For more information, visit ic-consult.com#Cybersecurity #IdentityManagement #InformationSecurity #IAM #IdentityAccessManagement

On this episode, hosts Aaron Lentz and Tim York sit down with Zach Lewis, Chief Information Officer and Chief Information Security Officer of the University of Health Sciences and Pharmacy in St. Louis. Zach discusses leading his university through a ransomware attack, how he balances security with student experience in a nonprofit environment, and why open conversations about breaches are vital for the industry.Key Takeaways:00:00 Introduction.02:06 Zach's book chronicles the university's LockBit ransomware experience.06:54 Password managers fail when Active Directory authentication becomes unavailable.09:00 Companies now want cybersecurity leaders who understand breach environments.14:27 Campus card systems integrate everything from dining to Grubhub.20:24 AI coding tools represent emerging technological capabilities worth exploring.23:54 Universities should teach students proper AI tool integration techniques.28:45 Technical revolutions require flexible pivoting from established security plans.37:36 Small organizations benefit from outsourcing 24/7 SOC monitoring.42:48 Legacy applications must evolve, or organizations get left behind.Resources Mentioned:Aaron Lentzhttps://www.linkedin.com/in/aaron-lentz/Tim Yorkhttps://www.linkedin.com/in/tim-york-b80b23a/Zach Lewishttps://www.linkedin.com/in/zacharylewis1University of Health Sciences and Pharmacy in St. Louis | LinkedInhttps://www.linkedin.com/school/uhspUniversity of Health Sciences and Pharmacy in St. Louis | Websitehttps://www.uhsp.edu“Locked Up” by Zachary Lewishttps://www.amazon.com/Locked-Cybersecurity-Mitigation-Real-World-Ransomware/dp/1394357044Thank you for listening to “Authenticate This!: The Cybersecurity Leadership Podcast.” Be sure to leave us a review and subscribe so you don’t miss an episode. For more information, visit ic-consult.com#Cybersecurity #IdentityManagement #InformationSecurity #IAM #IdentityAccessManagement

On this episode, Tim York and Aaron Lentz talk to Steve Cobb, CISO of SecurityScorecard and a founding member of the CarolinaCISO. Steve shares how today’s threat actors are targeting human behavior more than systems, and why cultural change and technical guardrails are both essential. He also discusses mentoring the next generation of cyber talent, the importance of foundational skills and his leadership approach rooted in curiosity, communication and service.Key Takeaways:00:00 Introduction.06:48 Deepfakes are now impersonating public officials to influence real-world decisions.09:39 “Trust but verify” is essential in a world where video calls can be faked.12:54 Organizations are rushing into AI at the cost of security and thoughtfulness.16:27 Cultural assumptions about trust make US users especially vulnerable to deception.20:51 We’re wired to seek connection; shifting to suspicion at work is counterintuitive but necessary.23:36 Threat actors are focused on hacking people, not just tech.26:15 Competitive cyber events train youth in real-world collaboration and red/blue team skills.35:03 Strong cyber teams are grounded in foundational skills: networking, cloud and OS.39:51 Communication, both up and down the chain, is a critical skill for cyber leaders.40:30 Servant leadership — building trust and supporting the team — creates stronger, more resilient organizations.Resources Mentioned:Tim Yorkhttps://www.linkedin.com/in/tim-york-b80b23a/Aaron Lentzhttps://www.linkedin.com/in/aaron-lentz/Steve Cobbhttps://www.linkedin.com/in/wscobb/SecurityScorecard | LinkedInhttps://www.linkedin.com/company/security-scorecard/SecurityScorecard | Websitehttps://securityscorecard.com/CarolinaCISO | LinkedInhttps://www.linkedin.com/company/carolinaciso/CarolinaCISO | Websitehttps://www.carolinaciso.org/Thank you for listening to “Authenticate This!: The Cybersecurity Leadership Podcast.” Be sure to leave us a review and subscribe so you don’t miss an episode. For more information, visit ic-consult.com#Cybersecurity #IdentityManagement #InformationSecurity #IAM #IdentityAccessManagement