Afternoon Cyber Tea with Ann Johnson

Trust Is Patient Well-being: Rob Suárez on Cybersecurity in Healthcare

Rob Suárez, Vice President and Chief Information Security Officer at CareFirst BlueCross BlueShield joins Ann on this week’s episode of Afternoon Cyber Tea. In the conversation, Rob shares how his career path and personal philosophy have shaped a mission-driven approach to cybersecurity that places patient trust, safety, and privacy at the center of every decision. He discusses the unique challenges of securing a deeply interconnected healthcare ecosystem, the critical role of culture and cyber literacy across organizations, and why transparency and resilience are essential during incidents. The episode also explores secure-by-design principles, the ethical use of AI in healthcare, and how the CISO role is evolving toward a broader focus on trust, collaboration, and human impact.

Transcript

The New Reality of the CISO Role

David Gee, a veteran CISO, CIO, board advisor, and author, joins Ann Johnson, CVP of Cybersecurity, Microsoft, on this week’s episode of Afternoon Cyber Tea. Drawing on decades of experience and insights from his books, Gee explores the gap between theory and reality for security leaders, the role of imposter syndrome in professional growth, and why embracing discomfort is essential to effective leadership. The conversation examines how CISOs can balance risk management with business enablement, reset expectations with boards and executives, and build resilient, team-driven security cultures. Gee also shares perspectives on mentorship, long-term sustainability in the role, and how the CISO must evolve from a control-focused operator to a strategic influencer in an era shaped by AI, regulation, and constant change.

Transcript

The Best of Afternoon Cyber Tea 2025

On this special best of episode of Afternoon Cyber Tea, Ann revisits six standout conversations from the past year with Amy Edmondson, Christina Morillo, Frank X. Shaw, Hugh Thompson, Troy Hunt, and Jack Rhysider. Together, these moments highlight the evolving human and technical challenges shaping cybersecurity today, from trust and transparency to breach response, leadership under pressure, AI disruption, and the realities facing defenders on the front lines. This curated collection offers a fast-moving look at the insights, lessons, and big ideas that defined the season.

Transcript

Lorrie Cranor: Why Security Fails Real People

Dr. Lorrie Cranor⁠, Director of the CyLab Security and Privacy Institute at Carnegie Mellon University joins Ann Johnson, Corporate Vice President, Microsoft, on this week's episode of Afternoon Cyber Tea to discuss the critical gap between security design and real-world usability. They explore why security tools often fail users, the ongoing challenges with passwords and password less authentication, and how privacy expectations have evolved in an era of constant data collection. Dr. Cranor emphasizes the importance of user-centered design, practical research, behavioral insights, and simpler, more transparent systems to help CISOs build security programs that truly work for people.

Transcript

Inside Data Breaches and Human Behavior with Troy Hunt

Troy Hunt, founder of Have I Been Pwned, joins Ann on this week's episode of Afternoon Cyber Tea to explore what billions of breached records reveal about attacker behavior, human weakness, and the state of breach disclosure. He explains why organizations often hesitate to notify victims, how breach fatigue shapes user responses, and why transparency is both powerful and challenging. Troy also shares how he personally fell for a phishing attack, illustrating that even experts have moments of vulnerability. The conversation points toward a more resilient future and what it will take for both people and organizations to stay ahead of evolving threats.

Transcript