Celebrating the Century Mark 

As ‘The CISO Stories Podcast’ surpasses 100 episodes, Todd Fitzgerald discusses what he’s learned, how the podcast has evolved, and who would benefit from a good binge session.

Todd Fitzgerald’s podcast is different from the norm.  

At the end of 2022, Fitzgerald’s “The CISO Stories Podcast” was one of millions of podcasts available to an ever-growing audience — Spotify reports to have more than 4 million titles while Apple has more than 2.5 million. Nearly half of those podcasts have three or fewer episodes. More than a quarter have just one.  

Fitzgerald has already surpassed 100 episodes in less than two years.  

Todd FitzgeraldFitzgerald is an adjunct lecturer who teaches about risk management and cybersecurity for Northwestern Engineering's Master of Science in Information Technology (MSIT) program. He also serves as a member of the MSIT Industry Advisory Board (IAB), tasked with keeping the curriculum aligned with real-world needs.  

His podcast, which targets chief information security officers (CISOs) and other top information technology (IT) executives, is also helping educate MSIT students. 

“In class, I will actually refer to some of the clips from the podcast,” said Fitzgerald, whose career in IT dates back over 40 years. “You’ll have the person as if they’re a guest speaker in the classroom. That’s the cool part. It’s like bringing top CISOs into the classroom.” 

Fitzgerald published the first episode of The CISO Stories Podcast – CSP, for short – on Feb. 9, 2021. Since then, he’s built an unbroken streak of weekly episodes featuring some of the top names in the industry.  

The idea for the podcast was born from an information security leadership book he authored, CISO Compass: Navigating Cybersecurity Leadership With Insights from Pioneers (Auerbach Publications, 2019). Those pioneers provided some of the content Fitzgerald wove into his narrative, providing a comprehensive roadmap for chief information security officers (CISOs) and their teams.  

The podcast’s early episodes featured those pioneers providing a 25-30-minute deep-dive about their topic areas contributed to the book.  

“We’re sharing experiences that are not theoretical things,” Fitzgerald said. “I look to this person I’m interviewing as being a mentor to people. What is it they know about this topic that I don't know and that the listeners don’t know, something people want to know they can use in their jobs?”  

The podcast is published by SC Media, published by the Cybersecurity Collaborative, for which Fitzgerald serves as vice president of cybersecurity strategy. Though the podcast’s name and initial target audience keyed on CISOs, as it has evolved, so has Fitzgerald’s thoughts on who could benefit from listening.  

“As I went on with the podcast, it became apparent to me it’s not just the people leading organizations who need to know this stuff,” he said. “People throughout the organization in cybersecurity and in IT can learn something.”  

Podcast topics sometimes focus on the technical aspects of cybersecurity, but more often they address other parts of the job – especially leadership and soft skills. Episodes have featured guests talking about how to present to a board, how to maneuver a new idea through a company’s red tape, and how to win the budget needed to make a project successful.  

Fitzgerald said he enjoys teaching those same types of skills to MSIT students. The lesson always starts with a challenge.  

“Take an honest assessment of what you know and what you don’t know,” he tells his students. “What are the things you hate to do? Do you hate giving presentations? When you show up for a meeting, do you find it hard to participate in the meeting?”  

He then encourages them to use the opportunities provided in the MSIT program – and maybe a side-serving of his podcast – to fill the gaps and make the hard things easier.  

“I learn things all the time from the podcast," he said. "None of us knows everything. Learning is really lifelong.” 

McCormick News Article