Agent of Influence

The Future of HubSpot is PasswordlessLearn how HubSpot's CISO Alyssa Robinson breaks down passwordless authentication, innovative security strategies, and the art of balancing usability with protection on the latest episode. + + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence.

Advancing Exposure ManagementHear from Jorge Orchilles, Senior Director at Verizon, on the shift from traditional vulnerability management to modern exposure management and the critical role proactive security plays in staying ahead of threats.+ + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence.

Does Open-Source AI Create a False Sense of Security?Listen to Suryaprakash Nalluri, an accomplished application security leader, discuss the shifting landscape of application security, challenges with open-source software, and the critical role of DevSecOps in modern development. + + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence.

Bridging the Cybersecurity DivideJoin host Nabil Hannan in conversation with Robert Wagner, Advisory CISO and Managing Director at NetSPI. The two discuss the cybersecurity divide and how to prioritize security efforts for small and medium-size businesses in the latest episode of Agent of Influence.+ + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence.

Security in Sync: Aligning Enterprise and Product TeamsListen to the latest episode of Agent of Influence featuring Nancy Brainerd from Medtronic as we explore bridging the gap between enterprise and product security, fostering dynamic collaboration, and harmonizing efforts across teams to create a unified approach to cybersecurity.+ + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence.

Digital Trust in the Age of AIHear from Aaron Shilts, CEO of NetSPI, as he sits down with Nabil Hannan, NetSPI Field CISO and host of Agent of Influence, to explore NetSPI's evolution and cyber predictions for 2025. + + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence.

New Year, New Role: 3 Key Strategies for Cyber LeadersListen to the latest Agent of Influence episode with Bindi Davé, Deputy CISO at DigiCert, as she discusses the Golden Triangle approach when entering a new company, focusing on asset discovery, defining acceptable risk, and fostering a comprehensive cybersecurity culture. + + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence.

The (not so) Secret Skills for Success in CyberRobert Wood, Founder and CEO of Sidekick Security and Co-Founder of Soft Side of Cyber unpacks the complexities of third-party risk management, discusses technical talents and soft skills in cybersecurity, and more in the latest episode of Agent of Influence. + + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence.

API Security for EveryoneListen to Agent of Influence with Buchi Reddy, Founder & CEO, of Levo.ai to dive deep into proactive API security measures and how to simplify API inventory. + + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence.

Let's Talk Automated Red TeamingExplore automated red teaming and red-blue team synergy with Ryan Hays, Global Head of Red Team at Citi, tackling misconceptions and fostering cross-team collaboration.+ + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence. 

Leveraging IT Hygiene to Build a Culture of SecurityTune in to this insightful episode with Dawn Armstrong about third-party risk, IT hygiene, security awareness, and advocating for gender equality. + + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence. 

Sharing a Blueprint for Cybersecurity LeadershipUnlock leadership strategies to elevate your cybersecurity career and get perspective on quality pentesting providers versus commodity ones with Tunde Oni-Daniel's expert insights.

Making Cybersecurity Accessible for AllJoin us in welcoming Mandy Haeburn-Little to Agent of Influence! Mandy is a pioneer in increasing access to security services for companies of all sizes across the UK. What started as a model to establish a policing Cyber Resilience Centre in Scotland expanded to the first national network of nine Cyber Resilience Centres across London, England, and Wales.

Staying Mindful throughout Data Breaches at Any Program Maturity LevelMeet Lee Vorthman, a Chief Security Officer (CSO) known for his expertise in cybersecurity program maturity and team leadership. Get to know Lee as he discusses how to respond to security events no matter what stage of maturity you're at. Read Lee Vorthman's 370 Security blog 

Dare to Leap: Conquering the Unknown in Cloud SecurityMeet Zinet Kemal, a remarkable individual who embarked on a transformative journey from a legal career in Ethiopia to a role in cybersecurity in the United States. Zinet joined Nabil Hannan, NetSPI's Field CISO on Agent of Influence where she shared how she transitioned careers and earned her master's degree in Cybersecurity from Georgia Tech University, all while raising four children. Now, as an Associate Cloud Security Engineer at Best Buy, Zinet plays a vital role in designing and implementing security measures to safeguard the company's cloud-based infrastructure and data.

Leading with FUN Instead of FUDDirector of IT and Security Services at One Step Secure IT, Tim Derrickson, joins host Nabil Hanan on the Agent of Influence podcast to discuss bringing more fun to the traditional fear, uncertainty, doubt (FUD) conversation. He also explores the differences between security versus IT, and the challenges ahead that face the supply chain.

Teaching the Next Generation of Cybersecurity LeadersIn episode 55 of Agent of Influence, Nabil is joined by Neil Plotnick, high school cybersecurity teacher at Everett High School in Massachusetts. They cover modern cybersecurity curriculum, student sentiment around sharing private data online, and ways to approach the talent shortage in STEM. 

Secure Your Products, Secure Your Business: Insights from Envestnet's Derek Fisher In this episode of Agent of Influence, Nabil is joined by Derek Fisher, Head of Product Security at Envestnet. They discuss product security and how it differs from application security and DevSecOps. Derek also shares valuable insights on cybersecurity budgeting. establishing clear communication between application security and engineering teams, and strategies for balancing security and business risk.

How to Balance Cybersecurity and ComplianceIn this episode of Agent of Influence, Nabil is joined by Marc Rubbinaccio, Senior Compliance Manager at Secureframe, who explores how to strike a balance between security and compliance. They discuss the most important cybersecurity compliance frameworks to consider, proactive tips for staying ahead of the regulatory landscape, and the relationship between penetration testing and governance, risk, and compliance (GRC).

High Stakes Security: Wynn Resorts CISO Covers Identity and Access Management and the Misrepresentation of Modern HackersIn this episode of Agent of Influence, Nabil is joined by David Tyburski, VP of Information Security and CISO of Wynn Resorts. David discusses the unique cybersecurity challenges in the hospitality industry and shares his experience building Wynn's identity and access management program, including how he developed a custom-built identity orchestration platform to manage access and privileges for over 14,000 users and 400 applications.

Phil Morris – On Leveraging Organizational Psychology to Reimagine Healthcare CybersecurityIn this episode of Agent of Influence, Nabil is joined by Phil Morris, the Director of Enterprise Security Risk Governance Team at Altera Digital Health. Phil shares how he leverages his background in organizational psychology to reimagine healthcare cybersecurity and discusses best practices in application security, risk management, and ransomware prevention.

Prepare for PCI DSS 4.0 Changes with Raymond James' Sr. Analyst of IT SecurityIn this episode of Agent of Influence, Nabil is joined by Heather Hirschey, Senior Analyst of IT Security at Raymond James. They discuss the upcoming PCI DSS 4.0 changes, vulnerability management strategies and actionable advice, and resources for getting started in cybersecurity.

Exploring Edge Data Center Security Challenges, Trends, and MoreIn this episode of Agent of Influence, Nabil and Todd Cushing, President at 1623 Farnam, discuss the importance of edge data centers. Plus, they explore data center security challenges, third-party risk management, and advice for organizations migrating to edge data centers.  

An Untraditional Approach to DevSecOps & The Future of Application Security TestingIn this episode of Agent of Influence, Nabil is joined by Larry Maccherone, DevSecOps Transformation Architect at Contrast Security. They explore Larry's untraditional definition of DevSecOps, application security testing tools like IAST, SAST, and DAST, and the future of application security testing.

Enabling Business Growth Through Data and CollaborationIn this episode of Agent of Influence, Nabil is joined by Samir Sherif, CISO at Imperva. Samir shares practical advice for building genuine connections and relationships within the information security space and leveraging risk and resiliency data to enable business growth.

 Zero Trust MisconceptionsIn this episode of Agent of Influence, Rob LaMagna-Reiter, CISO at Hudl, joins Nabil for a deep dive into zero trust. Rob also shares insights for building a cybersecurity program and how to align cybersecurity data to business growth.

The Unique Challenges of Healthcare CybersecurityIn this episode of Agent of Influence, Nabil is joined by Cecil Pineda, the SVP/CISO at R1 RCM. They discuss healthcare security concerns, the role of a CISO vs. vCISO, impactful cybersecurity budget metrics, the power of storytelling, the cybersecurity talent shortage, and community building within the industry. 

Logistics Industry Leader Discusses How to Cultivate a Relationship Between Business and CybersecurityIn this episode of Agent of Influence, Nabil is joined by Justin Hall, newly named CEO at PRIMO and Executive in Residence at 8VC. They discuss prioritizing security in the global supply chain, holding third-party vendors accountable for security, and the true business impact of a cybersecurity breach within the transportation and logistics industry. Justin also shares advice for legacy logistics industry players looking to modernize their processes and tips for cultivating relationships between business and security. 

Getting Started as a Security Leader, Addressing the Talent Shortage, and Securing the Critical Infrastructure – A Conversation with Ballerina Turned CSO, Jessica NemmersIn this episode of Agent of Influence, Nabil is joined by Jessica Nemmers, Chief Security Officer at Elevate. They discuss her transition from ballerina to cybersecurity leader, the cybersecurity talent shortage, how to encourage women to break into cybersecurity, advice for creating a strong security program foundation, critical infrastructure vulnerabilities, and more.

Deception Technology, Identity Detection and Response, Cloud Security, and MoreIn this episode of Agent of Influence, Nabil is joined by Carolyn Crandall, Chief Security Advocate and CMO at Attivo Networks, which was recently acquired by SentinelOne. They discuss hardware vs. software instability, deception technology, identity detection and response, credential management, cloud security and adoption, endpoint security, and how to make cybersecurity careers more accessible. 

What is Secure Access Service Edge (SASE) and How Has it Evolved in Recent Years?In this episode of Agent of Influence, Nabil is joined by Netskope's Jason Clark, Chief Security Officer and Chief Strategy Officer, and James Robinson, Deputy Chief Information Security Officer. They discuss the evolution of secure access service edge (SASE), the acceleration of cloud adoption, zero trust network access, threat modeling, and more.

The State of Authentication and Best Practices for Digital Certificate ManagementIn this episode of Agent of Influence, Nabil speaks with Jason Soroko, CTO-PKI at Sectigo about the state of authentication. They discuss multi-factor authentication weaknesses, Public Key Infrastructure (PKI), the difference between symmetric and asymmetric secrets, best practices for managing digital certificates, the role of AI and machine learning in threat detection, and more.

Contextual AppSec Testing, Open Source Security, Log4j, and MoreIn this episode of Agent of Influence, Nabil speaks with Idan Plotnik, CEO and Co-Founder of Apiiro. They dig into the concept of contextual application security testing, the importance of contributing to the open source community, dependency confusion, steps organizations should take to address Log4j (and similar vulnerabilities), and more.

A Deep Dive into SaaS Security Posture Management (SSPM)In this episode of Agent of Influence, Nabil speaks with Maor Bin, CEO and Co-Founder of Adaptive Shield, about all-things Software as a Service (SaaS) application security. They discuss SaaS security posture management (SSPM), what's driving SaaS adoption, the challenges of securing a SaaS stack, the Adaptive Shield origin story, the 2021 SaaS security survey, the concept of secure by default, and the Danish Gambit chess opening.

A Day in the Life of a NetSPI Penetration TesterIn this episode of Agent of Influence, Nabil sits down with NetSPI's very own security consultants Austin Altmann and Marissa Allen. They discuss what it's like to be a penetration tester, NetSPI's entry-level training program (NetSPI University), improvements to the current computer science curriculum, cybersecurity career misconceptions, characteristics of a successful pentester, refurbishing old Macs, and Kiwi the cockatiel.

“Cybersecurity is Everyone's Business” | How Can We Make Cybersecurity More Mainstream? In this episode of Agent of Influence, Nabil speaks with Dave Chatterjee, PhD, Professor at The University of Georgia and Duke University – and author of Cybersecurity Readiness: A Holistic and High-Performance Approach. They discuss cybersecurity readiness factors related to governance, why CISOs must be proactive, the need for development and security goal alignment, rewarding failure, today's cybersecurity curriculum, how to make security more mainstream, and more. 

Middle School Teacher Turned CISO Talks Reverse Engineering, Asset Management, and MoreIn this episode of Agent of Influence, Nabil speaks with Seth Edgar, CISO at insurance solutions provider AF Group. Hear Seth discuss his unconventional career path, parallels between his experience as a middle school teacher and his role as a CISO, lessons learned from reverse engineering, cyberattack trends in the insurance space, the most effective security activities, plus, his favorite places to explore outdoors with his family in Michigan.

The Future of Penetration Testing is Not Check-the-Box | Get to Know NetSPI's New CTOIn this episode of Agent of Influence, Nabil speaks with Travis Hoyt, a well-known financial services security leader – and NetSPI's new Chief Technology Officer (CTO)! They discuss why he's excited to be at NetSPI and his priorities as CTO, the value of tech-enabled services, the future of pentesting, the growth of the virtual CISO (vCISO) space, how we can improve security education, and what's “next next” in cybersecurity technology innovation. 

The Evolution of Incident Response, Lessons Learned from Chinese-Based Tech Companies, Mental Health, and MoreIn this episode of Agent of Influence, Nabil speaks with Doug Brush, Global Advisory CISO at Splunk. Doug discusses M&A security challenges, the evolution of incident response, why we need accurate asset inventory, his experience working with Chinese based organizations DJI Drones and TikTok, taking politics out of privacy, mental health in cybersecurity, neurodiversity, and the secret to the best cocktails. 

“Shift Left, But Not Too Left”: A Conversation on AppSec and Development TrendsIn this episode of Agent of Influence, Nabil speaks with Maty Siman, founder and CTO at Checkmarx. Hear Maty share the Checkmarx origin story and discuss application security and development trends, how to manage open-source software risks, the concept of shift left, challenges of API security, the future of IAST, static analysis best practices, and biking in the Israeli desert. 

What's Keeping Security Leaders Up at Night? DDoS, Ransomware, 5G, and Security EmploymentIn this episode of Agent of Influence, Nabil speaks with Michael “Kaz” Kaczmarek, head of product management for Neustar's Security Solutions business unit. They discuss how his engineering background has supported him in cybersecurity, the nature of creativity and problem solving, the rise of ransom-related DDoS attacks, how 5G and the hybrid workforce are causing a shift in attack patterns, considerations for paying a ransom, cybersecurity staffing challenges, best practices for securing smart home devices, and a memorable dining experience at minibar in D.C.

Communicating Cybersecurity ROI, AppSec Frameworks, AI and ML Security, and MoreIn this episode of Agent of Influence, Nabil speaks with Diana Kelley, founding partner and CTO at Security Curve, volunteer, security architect, keynote speaker, among her many other roles. They discuss how she unknowingly jumpstarted her security career after she found a vulnerability in ARPANET at age 13, tips for communicating cybersecurity ROI to leadership, the top frameworks and processes for application security, DevSecOps, how to safely leverage machine learning and artificial intelligence, inclusivity in cybersecurity, and their rescue pets. 

Application Security and Penetration Testing Insights from a Utilities Sector CISOIn this episode of Agent of Influence, Nabil speaks with Manish Khera, a CISO at a major utilities company. Hear Manish’s thoughts on utility sector cybersecurity challenges and opportunities, the Biden administration’s 100-day electrical grid security plan, consultancy versus internal cybersecurity careers, the future of penetration testing, threat modeling success stories, and his 15-year-old daughter’s entrepreneurial ventures. They also share advice on how to build an application security champions program that builds harmony between development groups and AppSec. 

Is Data Science the Key to a Mature Security Program?In this episode of Agent of Influence, Nabil speaks with Jim Routh, a well-known security leader and current board member at various innovative early-stage cybersecurity startups. Listen to Jim’s insights on how to define and encourage innovation, build a mature security program using data science, why risk frameworks alone are not enough, security past versus security present, how the pandemic has challenged the human factor, and last but not least, his pickleball hobby.

The Secret Service, Modern Bank Heists, Defensive Security, and MoreIn this episode of Agent of Influence, Nabil talks with Tom Kellermann, Head of Cyber Security Strategy for VMware’s Security Business Unit. Listen to Tom discuss the interesting role the secret service plays in fighting financial crime, key findings from his recent research Modern Bank Heists 4.0, SolarWinds and the concept of island hopping, tips to accomplish an effective defensive posture, and how to achieve a secure hybrid cloud. Additionally, Tom shares insights from his time as a cyber security commissioner for the Obama administration.

The Evolution of Risk Management and the Chief Risk OfficerIn this episode of Agent of Influence, Nabil sits down with Jeff Sauntry, CEO and Founder of Risk Neutral. They discuss the evolution of the Chief Risk Officer, guidance for security and risk professionals interested in participating on advisory boards, how PCI standards are keeping up with new development practices, compliance fatigue, the convergence of physical and cyber security, and his experiences scuba diving.

How Well Do You Know Your Breach Preparedness, Incident Response, and Regulatory Obligations?In this episode of Agent of Influence, Nabil speaks with Matt Hartley, Co-Founder and Chief Product Officer at BreachRx. Hear Matt’s insights on the threats posed by criminal, nation state, and hacktivist attackers, business continuity and disaster recovery, the differences and similarities between privacy and security incidents, breach preparedness, how to navigate privacy regulations, and other post-breach obligations businesses need to consider.

Startup Security, Threat Modeling, Pre-Social Engineering, and MoreIn this episode of Agent of Influence, Nabil speaks with Hadas Cassorla, Head of Security Engineering at Simple Finance. They discuss the challenges and opportunities of a security leader at a startup, the effectiveness of threat modeling, what “pre-social engineering” means, and unconventional, empathetic security training tactics. Additionally, Hadas shares security leadership lessons learned from doing improv, working in law, and being a serial hobbyist.

From Wealth Management to Vulnerability Management – Insights Gained from a Unique Career PathIn this episode of Agent of Influence, Nabil meets with David Quisenberry, InfoSec Manager at Zapproved. They discuss how he applies his tenure in wealth management to his work in cyber security, the importance of empathy in leadership, best practices for finding a mentor, his experience with the local Portland chapter of the OWASP application security group, and more. For any bookworms listening, David also offers a few powerful book recommendations.

Culture Eats Strategy for Breakfast: Acquisition and InfoSec Insights from NetSPI’s New CTOIn this episode of Agent of Influence, Nabil connects with NetSPI CTO Brady Bloxham. They discuss the importance of offensive security, entrepreneurship, characteristics of a successful infosec professional, and how he took his hobby building malware to the next level. They also talk about NetSPI’s acquisition of Silent Break Security, the company Brady founded, and provide advice for others in the midst of their own acquisition journey.

Comfort is the Enemy: Leadership Advice from a Top Woman in Cyber SecurityIn this episode of Agent of Influence, Nabil sits down with Jadee Hanson, CISO and VP of Information Systems at Code42 and founder of nonprofit Building Without Borders. She shares key learnings from her time as a ‘first responder’ during the 2013 Target breach, advice for security leaders getting too comfortable with their programs, and the imminent importance for application security – or “shifting left.”