Podcast
The GC+CISO Connection
Hosted by Shawn Tuma · EN
The GC+CISO Connection Show explores how we can better foster collaboration between organizations’ legal departments and security teams, with a focus on the General Counsel (GCs) and Chief Information Security Officers (CISOs). In an era where cyber threats are rapidly evolving, the partnership between legal and cybersecurity leaders is more crucial than ever. The goal of this Show is to enhance dialogue, understanding, and cooperation between these critical roles to bolster organizational cyber resilience. More information about the show, as well as the book addressing the same topics, can be found at www.gccisoconnection.com
10episodes
Episodes
Newest firstAll episodes
Cyber Resilience, AI Governance, and the CISO’s Evolution with Andy Land
1w ago00:38:27Tap to summarizeEpisode OverviewIn this episode of The GC+CISO Connection Show, Shawn Tuma sits down with Andy Land to discuss cyber resilience, AI governance, and the evolution of the CISO role in today’s business environment. Their conversation focuses on how the modern CISO must balance technical leadership with communication, business alignment, and stronger partnership with legal teams to help organizations build real resilience.About the GuestAndy Land is the General Manager of the CISO Executive Network (CISO ExecNet) and a recognized leader within the broader CISO community. He works closely with security executives across industries and brings a practical perspective on how the role of the CISO continues to mature as cyber risk, board expectations, and AI governance become more central to business leadership.Key Topics CoveredCyber Resilience as a Business Objective — Shawn and Andy discuss why resilience is the real mission and why organizations need to think beyond technical defense to business continuity and long-term strength.The Evolution of the CISO Role — The conversation highlights how the CISO role has changed from technical operator to strategic leader and business partner.AI Governance — AI governance is discussed as part of the broader transformation in cyber leadership and the growing need for legal and cyber teams to align on emerging technology risk.The GC-CISO Partnership — Shawn and Andy emphasize that the relationship between General Counsel and CISOs is becoming increasingly important in managing modern organizational risk.Humility, Communication, and Leadership — The episode underscores how communication skill, executive presence, and humility are foundational leadership traits for effective CISOs and strong cyber programs.Key TakeawaysCyber resilience should be treated as a business priority, not just a security program.The modern CISO must be able to communicate with executives, boards, and legal leaders, not just technical teams.AI governance is now part of the broader cyber leadership conversation and requires legal-cyber collaboration.GC-CISO alignment is a strategic advantage in a rapidly changing risk environment.Humility and clear communication are critical leadership traits in both legal and cyber roles.Resources & LinksGC+CISO Connection Website: www.gccisoconnection.comApple Podcasts: https://podcasts.apple.com/au/podcast/the-gc-ciso-connection/id1771903573Join the LinkedIn Community: https://www.linkedin.com/groups/14499302/Connect with Shawn: https://www.spencerfane.com/professionals/shawn-tuma/About the HostShawn E. Tuma is a globally recognized cybersecurity attorney, author of The GC+CISO Connection: Uniting the Cyber Risk Defenders, and Partner at Spencer Fane LLP, where he leads the Cyber, Data, AI & Emerging Technology Practice Group. He has practiced cybersecurity law since 1999 and has been involved in thousands of critical incident response cases. He helps businesses protect their information and protect themselves from their information. Learn more at https://www.spencerfane.com/professionals/shawn-tuma/
Transcribe →Crisis Management Lessons Every GC and CISO Needs | Jenny Gray | The GC+CISO Connection Show
Apr 2800:35:19Tap to summarizeEpisode OverviewIn this episode, host Shawn Tuma welcomes Jenny Gray, VP of Legal and Assistant General Counsel at Torrid, to discuss her firsthand experience guiding her previous employer, Tuesday Morning, through bankruptcy and liquidation — and what those hard-won lessons mean for GCs and CISOs facing cyber crises today. The conversation covers crisis team-building, transparent communication under pressure, the dangers of ego, and the growing connection between cyber attacks and financial collapse.About the GuestJenny Gray is Vice President of Legal and Assistant General Counsel at Torrid, a national publicly traded women's retailer. A Dallas native and SMU Law graduate, Jenny's career has spanned retail, governance, privacy, sustainability, and risk management. Key Topics CoveredThe Tuesday Morning Bankruptcy — Jenny recounts leading legal through Tuesday Morning's 2023 bankruptcy filing and liquidation, from the quiet crisis before filing to handing the keys to a trustee by August 1 — all in roughly six months at lightning speed.Parallels Between Bankruptcy and Cyber Crisis — Shawn and Jenny explore striking similarities: the speed, the unpredictability, the victim-to-wrongdoer dynamic, and the critical need for a prepared, trusted team before crisis strikes.Transparency as a Crisis Strategy — Jenny shares how her leadership team chose to tell hard truths to employees even at the risk of people leaving — and was surprised by how many stayed because they wanted to finish well.Team, Trust, and Collaboration — Both agree that the relationships you build before a crisis determine how well you survive it. Knowing your team's skills, personalities, and roles before the bad day arrives is non-negotiable.Data Privacy, AI Governance, and Stewardship — The conversation expands to the responsibility organizations have to protect customer, employee, and applicant data, and how AI introduces new layers of accountability demanding the same principles of transparency and ownership.Key TakeawaysMove slow when everything moves fast. In a crisis, the calmest person in the room wins. Slow down your communication, think deliberately, and resist the urge to react emotionally.Build your team before you need them. First introductions should never happen on the worst day of your professional life. Know your people, their roles, and how they think long before crisis arrives.Transparency builds trust — even in the worst situations. Telling hard truths, even imperfect ones, is better than silence. Tell people what you know today, and own it if it changes tomorrow.Ego is the enemy. Both legal and security leaders have strong, protective personalities. The willingness to say "I don't know — help me understand" is a superpower in any crisis.Cyber attacks can lead to bankruptcy. The connection is real and growing. Every GC and CISO needs to understand that a cyber crisis is simultaneously a financial, legal, and reputational crisis.Notable Quotes"In crisis, everything moves fast — so you move slow. You have to always be the calmest person on the outside in the room."— Jenny Gray, VP of Legal & Assistant General Counsel, Torrid"You are the victim of a cyber attack — but in law, regulation, even public opinion, you get transmogrified from the victim to the wrongdoer."— Shawn Tuma, Host, The GC+CISO Connection Show"The only thing I'm an expert in is being curious. The more I learn, the more I realize I need more support and more of a team to come beside me."— Jenny Gray, VP of Legal & Assistant General Counsel, TorridResources & LinksGC+CISO Connection Website: www.gccisoconnection.comApple Podcasts: https://podcasts.apple.com/au/podcast/the-gc-ciso-connection/id1771903573Join the LinkedIn Community: https://www.linkedin.com/groups/14499302/Connect with Shawn: www.linkedin.com/in/shawnetuma/Connect with Jenny Gray: https://www.linkedin.com/in/jennyfer-gray/The GC+CISO Connection: Uniting the Cyber Risk Defenders by Shawn Tuma: www.gccisoconnection.comAbout the HostShawn E. Tuma is a globally recognized cybersecurity attorney, author of The GC+CISO Connection: Uniting the Cyber Risk Defenders, and Partner at Spencer Fane LLP, where he leads the Cyber, Data, AI & Emerging Technology Practice Group. He has practiced cybersecurity law since 1999 and has been involved in thousands of critical incident response cases. He helps businesses protect their information and protect themselves from their information. Learn more at www.shawnetuma.com.
Transcribe →Holiday Bonus: Cyber Safety at Home — Legal + Security Lessons from Real Life
Jan 1300:10:43Tap to summarizeIn this special Christmas mini-episode, host Shawn Tuma is joined by his son, Ryan, for a candid conversation about cyber safety at home: screen-time limits, risky chats in games, not believing everything online, and why he doesn’t have his own YouTube channel—practical lessons that mirror how GCs and CISOs collaborate to govern risk at work. See how the same principles of governance, communication, and accountability that improve enterprise cyber resilience also protect our families online. Short, light, and useful—perfect for the holidays.Don’t forget to like, share, and subscribe!
Transcribe →The CISO's Playbook: From Security Leader to Business Partner
Dec 900:35:29Tap to summarizeFrom the Department of 'No' to a Seat at the Table: Mastering the Art of CISO LeadershipCISO Ian Schneller joins host Shawn Tuma to share how CISOs evolve into true business partners by aligning security with enterprise goals and collaborating closely with GCs and legal on AI governance, risk, and board communications. Hear practical guidance on moving from “defend” to “enable secure growth,” framing board updates from a position of strength, measuring effectiveness vs. risk, and using a decide-and-act mindset to drive outcomes. Perfect for CISOs, GCs, and security leaders who want to speak the language of the business and lead together.Don’t forget to like, share, and subscribe!#GCCISO #GCCISOSHOW #GCCISOBOOK #GCCISOCONNECTION #GC #CISO #CIO #BISO #CLO #CCO #CIO #CPO #CTO #Corporateattorney #Corporatecounsel #Corporatelaw #Corporatelawyer #Cyber #AI #AIStrategy #AIGovernance #AIlaw #Cybersecurity #RiskManagement #BoardCommunication #BusinessAlignment
Transcribe →Bridging Business, Legal, & Cyber: Janie Aggas, Global BISO at CBRE | The GC+CISO Connection Show
Jul 100:39:58Tap to summarizeIn this episode of The GC+CISO Connection Show, host Shawn Tuma sits down with Janie Aggas, Global Business Information Security Officer (BISO) at CBRE, to explore the critical role of collaboration between legal, cybersecurity, and business teams. Janie shares her unique career journey, from real estate law to cybersecurity leadership, and how her role as a BISO bridges the gap between business strategy and cybersecurity priorities.Janie discusses the importance of building strong relationships between legal and cyber teams, the evolving role of BISOs in aligning cybersecurity with business goals, and how her recent Master’s in Cybersecurity Law and Public Policy from Texas A&M has shaped her approach to leadership. She also provides actionable tips for fostering collaboration, preparing for board presentations, and navigating the complexities of emerging technologies like AI and NFTs.Whether you're a CISO, BISO, GC, or legal professional, this episode is packed with valuable insights on how to build stronger partnerships and drive organizational success.
Transcribe →Bridging the Gap: Collaboration Between Legal and Cyber with Carly Duvall Le Riche | The GC+CISO Connection Show
May 28, 202500:34:36Tap to summarizeIn this episode of The GC+CISO Connection Show, host Shawn Tuma sits down with Carly Duvall Le Riche, General Counsel for Cariloop, to discuss the critical intersection of legal and cybersecurity in today’s business landscape. With experience spanning technology, privacy, and risk management, Carly shares her unique perspective on how legal and cyber teams can work together to manage risk effectively, build resilience, and support organizational goals.Carly dives into her role leading legal, compliance, and information security at a lean technology company, offering insights on how to foster collaboration, communicate effectively with boards, and advocate for cybersecurity within an organization. She also provides practical advice for legal professionals looking to better understand cybersecurity and for security professionals seeking to build strong relationships with their legal counterparts.Whether you're a CISO, CLO, GC, or security professional, this episode offers valuable insights into the evolving partnership between legal and cyber.👉 Don’t forget to like, share, and subscribe for more engaging conversations on building collaboration between legal and cyber teams!
Transcribe →From Legal to Cyber: Building Bridges with CISO David Malicoat | The GC+CISO Connection Show
Mar 18, 202500:36:52Tap to summarizeIn this episode of The GC+CISO Connection Show, host Shawn Tuma welcomes CISO extraordinaire and host of The Professional CISO Show, David Malicoat. Together, they dive into the critical collaboration between legal and cybersecurity professionals, exploring how these partnerships can drive business success and mitigate risk. David shares his journey from Marine Corps veteran to CISO, his insights on leadership, and the lessons he's learned along the way. They also discuss the evolving role of CISOs, the importance of reporting structures, and how to foster a culture of continuous improvement in cybersecurity.Whether you're a GC, CISO, or business leader, this episode is packed with actionable takeaways to help you navigate the intersection of legal and cyber. Don’t miss this engaging conversation!
Transcribe →Leadership, Collaboration, and Cybersecurity: Insights from Bryce Carter, CISO of Arlington, TX
Mar 5, 202500:33:16Tap to summarizeIn this episode of "The GC+CISO Connection Show," host Shawn Tuma sits down with Bryce Carter, CISO for the City of Arlington, Texas, to explore the intersection of leadership, cybersecurity, and collaboration between legal and cyber teams. Bryce shares his unique career journey from pre-med to cybersecurity, his experiences as a startup founder, and his passion for servant leadership. Together, they discuss the importance of soft skills, building trust, and fostering teamwork between legal and cybersecurity professionals to navigate risk and achieve shared goals. Whether you're a cybersecurity professional, legal counsel, or aspiring leader, this episode offers actionable insights on leadership, collaboration, and balancing strategic and operational priorities.👉 Don’t forget to like, share, and subscribe for more episodes of the GC+CISO Connection Show!#GCCISO #GCCISOSHOW #GCCISOBOOK #GCCISOCONNECTION #GC #CISO #CIO #BISO #CLO #CCO #CIO #CPO #CTO #Corporateattorney #Corporatecounsel #Corporatelaw #Corporatelawyer #Cyber #Cybersecurity #Leadership #Podcast #Collaboration
Transcribe →The GC+CISO Connection, Ep. 3: Bridging the Gap: Discussing In-House Legal and Cyber Collaboration with the Queens of Badassery, attorneys Nicola Hobeiche and Shereen El Domeiri
Feb 5, 202500:31:41Tap to summarizeIn this episode of The GC+CISO Connection Show, host Shawn Tuma is joined by the Queens of Badassery, attorneys Nicola Hobeiche and Shereen El Domeiri, who bring decades of in-house legal experience to help dive deep into the vital relationship between in-house legal and security teams.Nicola and Shereen share their experiences, insights, and practical tips on building relationships and fostering collaboration across these critical departments. From preparing for critical incidents to navigating compliance with contracting, cybersecurity, privacy, and AI, to understanding roles and responsibilities, to Board reporting and CISO liability, this conversation explores how organizations can strengthen partnerships to protect and improve their organizations.Whether you're in legal, security, or executive leadership, this episode offers actionable advice for building stronger, more effective working relationships. Plus, hear about their own podcast, Counsel Brew, and what inspired them to share their expertise with the world! | Bridging the Gap: Discussing In-House Legal and Cyber Collaboration with Two Badass Attorneys, Nicola Hobeiche and Shereen El Domeiri.Please be sure to "LIKE" and "SUBSCRIBE" so you will not miss future episodes! #GCCISOSHOW #GCCISOBOOK #GCCISO #GCCISOCONNECTION #GCxCISO #GC_CISO #GC #CISO #CIO #BISO #CLO, #CCO, #CFO, #CEO, #CIO, #CPO, #CTO, #Compliance, #CorporateGovernance, #Corporateattorney, #Corporatecompliance, #Corporatecounsel, #Corporategovernance, #Corporatelaw, #Corporatelawyer, #Cyber, #CyberInsurance, #CyberLaw, #CyberRisk, #CyberRiskManagement, #CyberResilience, #CyberSecurityAwareness, #DataBreach, #DataIsTheHotPotato, #DataPrivacy, #DataSecurity, #DallasCISO, #DFWCISO, #IncidentResponse, #Infosec, #Legal, #LegalAdvice, #Legaloperations, #PrivacyLaw, #PrivacyLaws, #RiskAssessment, #RiskManagement, #RiskManagementStrategy, #Security, #StrongerTogether, #TexasCISO, #LegalAndIT, #LegalAndCyber, #CollaborationMatters #CISO #DataProtection #CyberRisk #PrivacyLaw #ExecutiveLeadership #Teamwork, #CounselBrew LINKS TO LINKEDIN PROFILES:Nicola Hobeiche https://www.linkedin.com/in/nicola-hobeiche-84699960/ Shereen El Domeiri https://www.linkedin.com/in/shereeneldomeiri/ CounselBrewhttps://counselbrew.com/ https://www.linkedin.com/company/counsel-brew
Transcribe →The GC+CISO Connection: A GC and IT Director Share Their Perspectives on Working Together to Protect the Organization Against Cyber Risk
Oct 31, 202400:31:53Tap to summarizeIn this episode of the GC+CISO Connection Show, host Shawn Tuma visits with Erin Stewart, Pinnacle Group Inc.'s General Counsel and Chief of Staff, and Jonathan Merrill, Pinnacle's Sr. Director of Information Technology. Erin and Jonathan share their experience and perspectives on how they work together to address legal, cyber, and information technology issues within the company, strategically work with and obtain buy-in from executive leadership, and provide tips for others in similar roles can work well with their legal and security counterparts.Connect with Erin and Jonathan:https://www.linkedin.com/in/erin-stewart-62585942/ https://www.linkedin.com/in/gomerrill/
Transcribe →