Jerod Brennen: From Music Educator to Cybersecurity Consultant and Mentor

Show Notes

Jerod Brennen, VP of Cybersecurity Services at SideChannel, brings a unique perspective to cybersecurity leadership. Originally pursuing a career in music education, Brennen's journey led him through various IT roles before landing in cybersecurity at a public utility. Today, he serves as a vCISO for multiple organizations while also creating educational content for LinkedIn Learning, where he has developed over 40 courses covering topics from application security to ethics in technology. His unconventional path from music to technology has shaped his approach to security leadership, emphasizing the importance of both technical expertise and human understanding.

As a vCISO, Brennen emphasizes the importance of tailored security approaches for small and medium-sized businesses. His work at SideChannel involves helping organizations across various sectors—from healthcare technology to manufacturing—build resilient security programs that align with their specific needs and capabilities. He highlights that while many of these businesses may not have the resources for a full-time CISO, they still require sophisticated security leadership to protect their digital assets and maintain compliance with industry standards. Brennen’s approach focuses on building security programs that enable business growth rather than simply implementing restrictions, ensuring that security measures support rather than hinder organizational objectives.

A significant portion of the conversation focused on the challenges of data security in modern business environments. Brennen discusses the complexities of managing data access, particularly in cloud environments, and emphasizes the importance of proper tenant separation for different environments (development, testing, production). He notes that while cost often drives initial cloud decisions, mature organizations eventually shift their focus to building stable, secure infrastructure that aligns with their business goals. The discussion delved into the increasing importance of compliance frameworks such as SOC 2 and CMMC, with Brennen sharing insights on how organizations can effectively prepare for and maintain these certifications while avoiding common pitfalls. 

The discussion also touched on emerging technologies, particularly the challenges and opportunities presented by AI. Brennen addresses the growing concern among organizations about the secure use of generative AI tools, highlighting the need for clear policies around data sharing with these platforms. He emphasizes the importance of considering long-term implications of AI adoption, drawing parallels with recent events in the tech industry to illustrate the potential risks of data handling by emerging technology companies. His perspective on AI security is particularly relevant given the current landscape where many employees are already using these tools without formal organizational guidance. 

LinkedIn: https://www.linkedin.com/in/jerodbrennen/

SideChannel: https://sidechannel.com/ 

Check out video versions of Kitecast episodes at https://www.kiteworks.com/kitecast or on YouTube at https://www.youtube.com/c/KiteworksCGCP.