Initial commit: HPR Knowledge Base MCP Server

- MCP server with stdio transport for local use
- Search episodes, transcripts, hosts, and series
- 4,511 episodes with metadata and transcripts
- Data loader with in-memory JSON storage

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

hpr_transcripts/hpr3424.txt

@@ -0,0 +1,131 @@
+Episode: 3424
+Title: HPR3424: Infosec Podcasts Part 6 - Infosec Leadership
+Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3424/hpr3424.mp3
+Transcribed: 2025-10-24 23:07:46
+
+---
+
+This is Hacker Public Radio Episode 3424 for Thursday, the 16th of September 2021.
+Tid's show is entitled Infosic Podcasts Part 6 Infosic Leadership and is part of the series podcast
+recommendations it is hosted by Trey and is about 12 minutes long and carries a clean flag.
+The summary is presenting my favorite information security leadership podcasts.
+This episode of HPR is brought to you by Ananasthost.com.
+Get 15% discount on all shared hosting with the offer code HPR15. That's HPR15.
+Better web hosting that's honest and fair at Ananasthost.com.
+Thank you to everyone who has listened to my previous episodes. This is the final episode in the
+Infosic Podcasts series. I listened to many, many podcasts. The vast majority of these are related
+to information security because there are so many podcasts to list. I have broken this
+recommendation series down into six different episodes based on the topics. Part 1 was on news
+and current events. You can listen to that in Episode 3324. Part 2 was general information security
+which you can listen to in Episode 3334. Part 3 was career and personal development which you can
+listen to in Episode 3344. Part 4 is social engineering. You can listen to in Episode 3368.
+Part 5 was Episode 3387 and it combined hacks and attacks, technical information and learning,
+Infosic community, social history, just a hodgepodge of catch all topics. And now Part 6 is on
+information security leadership. So before we get started, I'd like to talk about a term that I'm
+going to use many, many, many, many, many times throughout this podcast. And the term is CISO.
+That is an acronym, capital C, capital I, capital S, capital O, Charlie, India, Sierra, Oscar.
+It stands for chief information security officer. Some people may pronounce it CISO,
+I pronounce it CISO, other people pronounce it CISO, but it means the same thing. It stands for
+chief information security officer. And from the title, it sounds like this is an executive
+leadership position, similar to chief executive officer, chief finance officer, etc. But this is
+often not the case and we'll discuss that here in a little bit. The other thing I want to talk
+about is security leadership, because security leadership is changing. The old way, the classic way
+of security leadership was experienced technologists, usually old white guys who had worked their way up
+through the ranks and eventually reached a level where they were leading all of the security
+portion of an organization. They may or may not have the skills for management that were needed,
+they may or may not have the skills for business that were needed, but they were promoted because
+of their technology skills. These folks would usually report through IT to the CIO, to the CTO,
+CIO, that would be chief information officer or CTO, chief technology officer.
+These folks also often ran the department of no. Information security was the department of no
+because it blocked everything or tried to block everything that was bad. And as a result,
+it slowed down business. People would say, well, you know, I want to put this software on my
+computer, no, not until we evaluate it. I want to be able to have a split tunnel VPN, because
+you know, the things that I'm accessing that are out on the internet, I can't get quickly
+enough when I come through the VPN. No, you can't do that. No, a variety of different things.
+That was the classic security leadership, and it did a lot to protect our organizations,
+but it did not do a lot to partner with business and to help business to succeed.
+Now, the new way of security leadership is based around experienced business professionals
+with leadership skills and security understanding. These folks can report through IT again,
+through the CIO or CTO, or they may report through legal, especially if an organization has
+compliance requirements. They might also report through the chief finance officer
+if the organization has governance or compliance reasons, especially given the financial impacts
+of attacks lately, you know, the direct costs of something like a ransomware attack,
+and the fines, the fines related to release of private information, violations of things like
+GDPR and other regulations. So in some organizations, the CISO would report through finance.
+In some organizations, the CISO actually has a seat at the table. He reports to the CEO
+like other C-level execs, or he may report directly to the board and has a seat at the table
+that makes him somewhat equivalent to other C-level executives. That's very rare.
+But the new CISO empowers business to succeed in a secure way. They have a yes and
+approach to security. Yes, we will do what we can to empower the business to succeed,
+and we're going to try to do it in a secure manner. They can still slow down the business,
+but only when needed. And it's more like the illustration I like to use is like breaks on a racecar.
+You know, a racecar can go super fast, but it's going to be limited by how much control you have.
+If you don't have the control to be able to break going into turns or to be able to control the
+vehicle in the event of something going wrong, you're not going to be able to take that vehicle
+to the limits that it needs to be able to go to succeed. Breaks are what empowers the
+driver to push the car to success. And that's what the new CISO does. That's what new security
+leadership mentality does. All right, with all that in mind, let's talk about the leadership
+podcasts. The first one I'd like to talk about is the CISO Tradecraft podcast hosted by
+G Mark Hardy. This is a weekly podcast and it discusses topics related to becoming a CISO
+or maturing as a CISO. Oftentimes this will address technical subjects that a business-oriented
+CISO may or may not be fully fluent in and give them kind of a breakdown of what it is.
+You know, I really enjoyed when he did a breakdown of blockchain, for instance, because that's
+not something that a lot of us are really very familiar with. Or it might go the other way.
+It might break down some of the business-related topics and political-related topics,
+not not political with government, but more of the internal politics in an organization that a
+CISO needs to be aware of as they're leading. That a technical CISO may not necessarily have
+a full familiarity with. You can find CISO Tradecraft podcast by googling
+CISO Tradecraft podcast or by clicking on the link in the show notes.
+The second podcast I'd like to discuss is the CISO vendor relationship podcast. This is hosted
+by David Spark and guests. He may have various different guests on weekly. This is a weekly
+podcast that addresses the challenges experienced both by security professionals and by the vendors with
+whom they interact. It was originally built out of a frustration that was being expressed by
+vendors not being able to communicate with security professionals and by security leadership
+being frustrated that all they're getting are these vendor cold calls from people that don't
+understand their business and a lot of frustration there. It's a very, very fun podcast. You can
+learn a lot listening to it. My favorite part happens to be the What's Worse scenarios which are a
+risk exercise comparing to two unpleasant options and choosing which one presents the least risk.
+Very, very fun podcast. You can find it by googling CISO vendor relationship podcast or CISO
+series or you can click on the link in the show notes. Next, let's talk about the CISO talks
+with an S podcast. CISO talks podcast. This is a talk show series with discussions of current trends
+in the world of information security with CISOs and other security leaders that are on the
+front lines. You can find this by googling CISO talks plural or by clicking on the link in the
+show notes. Now the reason I specified CISO talks is because the next podcast I'd like to discuss
+is the CISO talk podcast singular. This hosted by James Azar. This is also a weekly podcast
+and it presents the CISO perspective or CISO point of view on cybersecurity and talent development
+technology leadership a lot more. James Azar is very opinionated. He has very specific things that
+will trigger him including his buzz word graveyard specific buzz words that just are a bit much.
+Those are things that make this podcast entertaining. You can find it by googling CISO talk podcast
+or by clicking on the link in the show notes. Next is the cyber ranch podcast. I really enjoy
+this one. I enjoy all of them but I really enjoy the cyber ranch podcast hosted by Alan Alfred
+and it's run through the Hacker Valley Studios organization. It's a weekly podcast and it has
+interviews with security leaders discussing various relevant topics. I like Alan's approach and how
+he just shares and how he he brings information out of the guests very down to earth just excellent
+podcasts to listen to. You can find it by googling the cyber ranch podcast or by clicking on
+the link in the show notes. Next is CISO's secrets CISO apostrophe S secrets. It's currently hosted
+by Grant Asplund and sponsored by Checkpoint. This includes interviews with security leaders
+across a wide range of interview a wide range of industries. It addresses real issues facing
+security professionals and business. You can find it by googling CISO secrets podcast or by
+clicking on the link in the show notes. Next is the CISO's stories podcast. This is hosted by Todd
+Fitzgerald and Sam Curry and it's part of the security weekly family of podcasts. This is
+based originally on interviews with security leaders who contributed to the book CISO Compass
+navigating cybersecurity leadership challenges with insights from pioneers. These episodes are
+usually about 20 minutes long very informative sometimes a little noisy sometimes the interviews
+sound like they were conducted in a restaurant or a bar or a lounge but good information from people
+who've been in the industry for a very long time and know their stuff. You can find it by googling
+CISO's stories podcast or by clicking on the link in the show notes. The last episode of this
+entire series is the new CISO hosted by ExeBeam's chief security strategist Steve Moore also
+sponsored by ExeBeam. This podcast has interviews with industry leading security visionary leaders
+discusses how to lead security teams how to lead business interacting with business leaders
+and other information like that. You can find this podcast by googling the new CISO podcast
+or by clicking on the link in the show notes. Well that wraps up this series. I welcome any
+feedback you might have in the comments section for this episode or any of my other episodes on
+the HPR site. Thank you very much for listening and have an awesome day.
+You've been listening to Hacker Public Radio at Hacker Public Radio dot org. We are a community
+podcast network that releases shows every weekday Monday through Friday. Today's show, like all our
+shows, was contributed by an HPR listener like yourself. If you ever thought of recording a podcast
+and click on our contributing to find out how easy it really is. Hacker Public Radio was founded
+by the digital dog pound and the infonomican computer club and is part of the binary revolution at
+binwreff.com. If you have comments on today's show, please email the host directly, leave a comment
+on the website or record a follow-up episode yourself. Unless otherwise stated, today's show is
+released on the creative comments, attribution, share a like, 3.0 license.