The Security Champions Podcast
Automation, Generative AI, Shift Left - the world of application security is evolving fast, and so are the conversations that shape it.
Welcome to The Security Champions Podcast, the go-to resource for insights from the front lines of application security. The podcast is cohosted by Michael Burch, Director of Application Security for Security Journey, and Dustin Lehr, the Director of AppSec Advocacy. Each month, one of them shares a candid conversation with security leaders, engineering voices, and software experts.
From championing secure development practices to navigating real-world challenges in modern SDLCs, this show explores how teams are scaling appsec, strategy and culture.
New Episodes drop monthly, with even more security content at https://www.securityjourney.com/
Always remember: Security is a Journey, not a Destination.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This podcast is sponsored by Security Journey.
FOLLOW US to stay up-to-date with new content!
X (https://x.com/SecurityJourney)
LinkedIn (https://www.linkedin.com/company/7574213)
Instagram (https://www.instagram.com/securityjourney/?hl=en)
YouTube (https://www.youtube.com/@UCBVPnBCNcZqx_WAuCsV6BuA )
Online (securityjourney.com)
CONTACT: hello@securityjourney.com
The Security Champions Podcast
Mark McMillan - Leading with the Carrot: Building Security Culture, Not Just Compliance
Mark McMillan has been building and leading Information Security Champions programs for over five years and has spent nearly a decade shaping cybersecurity culture at Rocket. He's passionate about creating programs that empower, not punish, and help people understand their role in keeping data secure.
In this episode of The Security Champions Podcast, Mark shares his journey into the field and what he has learned about fostering engaging and supportive security programs. He contrasts the outdated “stick” approach with a more empowering “carrot” method that fosters trust, ownership, and lasting behavior change. He breaks down how Champions Programs act as powerful networks of internal advocates, strategies for scaling and sustaining them over time, and the importance of continuous improvement and community support.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.
FOLLOW US to stay up-to-date with new content!
- LinkedIn (linkedin.com/company/security-journey)
- Instagram (https://www.instagram.com/securityjourney)
- YouTube (youtube.com/c/securityjourney)
- Twitter (twitter.com/SecurityJourney)
- Online (securityjourney.com)
- CONTACT: hello@securityjourney.com