Podcasts about cisos

Today, we are dropping another episode in our series The AI Control Loop, How enterprises govern the AI they've already deployed - sponsored by our friends at Wallarm.Wallarm is the AI Control Platform for Enterprise AI, protecting every AI workload, API, and application in production, giving CISOs the governance they need and CIOs the speed they demand. Organizations choose Wallarm for a complete inventory of APIs, AI agents, and AI apps, patented AI/ML-based threat detection and blocking that operates at production traffic speeds.We all know that you can't secure what you can't see, which is why AI discovery is a first principle for AI security, but what's really required for AI discovery? It's more than just LLMs and agents. Today's episode is entitled AI Discovery isn't just AI, and joining us is Tim Ebbers, Field CTO at Wallarm. Tim and I discuss the real requirements for AI discovery, and why the connections between assets and infrastructure are part of the puzzle.QuestionsSecurity teams often say, “You can't secure what you can't see.” In the context of AI, what exactly do they need to see? What supporting infrastructure matters most when mapping AI risk, such as APIs, cloud services, Kubernetes workloads, data stores, identities, and external integrations?Where does shadow AI typically appear first inside an enterprise environment? How can it be prevented?How do relationships between assets change the risk picture? For example, why does it matter which API an agent can call or which data source a workflow can reach?What makes AI discovery harder than traditional application or cloud asset discovery? What are the similarities and differences?How should organizations prioritize what they find? Is every AI asset equally risky?What does “continuous discovery” mean in a world where AI services can be deployed, connected, or changed in minutes?Once an organization has visibility into its AI footprint, what's next? What are the biggest gaps in today's AI security programs?Linkshttps://www.wallarm.com/https://www.linkedin.com/in/tebbers/Full AbstractMost security teams know that you can't secure what you can't see. In the context of AI, that rule turns out to be a lot harder to satisfy than it sounds.AI discovery isn't just a matter of cataloging your LLMs and agents. The real picture includes the APIs those agents call, the data sources they reach, the infrastructure they run on, and all the AI that got deployed without anyone telling security. Building that picture requires understanding relationships, not just inventories, because risk doesn't live in assets in isolation. It lives in what those assets can do together.In this episode, Tim Ebbers, Field CTO at Wallarm, examines what a complete AI control loop actually requires at the discovery stage: what needs to be visible, why the connections between assets change the risk calculation, where shadow AI tends to appear first and how it becomes unmanaged risk, and what makes AI discovery structurally different from traditional cloud or application discovery. It also looks at what organizations should do once discovery is in place, and where the biggest gaps remain in AI security programs today.If your team is building toward continuous AI governance, this is where that work starts.Our Sponsors:* Check out Cash App and use my code CASHAPP10 for a great deal: https://click.cash.app/ui6m/mt82fpxl #CashAppPod. Cash App is a financial services platform, not a bank. Banking services provided by Cash App's bank partner(s). Prepaid debit cards issued by Sutton Bank, Member FDIC. See terms and conditions at https://cash.app/legal/us/en-us/card-agreement. Cash App Green, overdraft coverage, borrow, cash back offers and promotions provided by Cash App, a Block, Inc. brand. Visit http://cash.app/legal/podcast for full disclosures.* Check out Plaud AI and use my code CODESTORY for a great deal: https://plaud.aiAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

SUMMARY: As tools like Mythos create new AI-cybersecurity concerns, CIOs and CISOs need to be prepared for two challenges: Security Remediation and Patch to Production. SHOW: 1037SHOW TRANSCRIPT: The Enterprise AI Show #1037 TranscriptSHOW VIDEO: https://youtu.be/H5KxoiEIfUoSHOW SPONSORS:Nasuni - Activate your data for AI and request a demoOutShift by Cisco - “Scaling Out Superintelligence”  The Internet of Cognition architectureShareGate - ShareGate Protect. Microsoft 365 Governance, we got this!SHOW NOTES:Project Lightwell (Red Hat and IBM)Athena (Chainguard)Anthropic Project GlasswingOpenAI GPT 5.5-CyberTHESIS: Major initiatives are forming to help enterprise organizations combat security vulnerability threats found or created using new AI-cyber tools such as Anthropic Mythos. What are the key considerations, and what additional steps do organizations need to take to be advantaged by these capabilities? Part 1The Breaking Point and the Mythos MomentThe scope of open source security and supportPatches, disclosures and upstream open sourceClearinghouses, EOs, Laws and CommunitiesRemediation - Build vs. BuyPart 2How fast can you get from Patch to Production?Mitigation before patchingFast path and stable patch pipelines?Automation in patching vs. automation in deploymentFEEDBACK?Email: show @ the enterprise ai show dot comeBluesky: @TheEntAIShow.bsky.socialTwitter/X: @TheEntAIShowInstagram: @TheEntAIShow

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Mike Armistead has been in the room for almost every major technology wave of the past 30 years — from client-server computing, to the early internet at Lycos, to application security at Fortify Software (acquired by HP), to AI-driven security at Respond Software (acquired by FireEye for $186M, eventually folded into Google). Now on his sixth startup, he's CEO of Pulse Security AI, building what he calls a "system of record" for security leaders — giving CISOs the same kind of business-level visibility that CFOs get from their ERP and sales leaders get from their CRM.In this episode, Jeff and Mike dig into the weight of inertia that slows every major technology transition, why conviction is the one thing that gets founders through the rough patches, and how to stress-test your assumptions before spending a year building something people will admire but never buy. They also go deep on the evolving cybersecurity landscape — why security tools have historically grown in siloed, technical layers, why AI-driven threats (deepfakes, impersonation, prompt injection) are accelerating faster than most organizations can respond, and why scenario planning is no longer a quarterly exercise — it's a survival skill.Key Takeaways0:00 — Intro: The real obstacle to technology transitions isn't innovation — it's the weight of existing systems, habits, and inertia3:00 — Why conviction is the essential quality that gets founders through rough patches in every startup cycle7:00 — Lessons from Reed Hastings' Pure Software: culture, ethics, and values were being built even before Netflix9:00 — Risk evaluation after multiple exits: what Mike learned from walking into a high-debt company right before 9/11 — and why structural due diligence matters as much as product quality11:30 — The value of tabletop exercises: role-playing "what if" scenarios with co-founders and executives surfaces risks you'd never otherwise think about12:45 — What is Pulse Security AI? The gap between technical security data and business-level decision-making — and why CISOs are the only C-suite executives without a true system of record16:30 — How an agentic layer can connect siloed security tools and translate technical risk data into the business language boards actually need18:40 — Leading through platform shifts: understanding early vs. late adopters and why you can't force mainstream buyers before they're ready21:00 — Security's evolution from compliance checkbox to strategic business function — and why the threat landscape is always moving in multiple dimensions simultaneously24:20 — AI-driven threats, deepfakes, and the "trust and verify" world: practical security posture advice for companies of all sizes33:00 — Fundraising on your sixth startup: how the investment landscape has shifted (seed rounds now include institutional investors; A rounds now require real revenue)39:30 — Avoiding the customer feedback trap: why "that's cool" is not the same as "I'd pay for that" — and how to ask the uncomfortable pricing question early41:30 — The AI hype cycle: the one question that never changes — are you adding enough value that someone will pay for it?45:00 — The future of cybersecurity over the next five years: breaking down silos, AI-driven threat acceleration, and why humans still need to stay in the loopTweetable Quotes"Conviction is essential. It's what gets you through the rough patches — and there are always rough patches." — Mike Armistead"History doesn't repeat itself, but it certainly rhymes. You're gonna encounter certain things everywhere, and you have to learn how to break out of the bucket people want to put you in." — Mike Armistead"'That's cool' is not the same as 'I'd pay for that.' You have to listen for when they start thinking about how they can buy it." — Mike Armistead"Risk mitigation isn't a 'done' setting. Just because you're certified today doesn't mean you're protected tomorrow." — Mike Armistead"We live in a trust-and-verify world. If something is asking you to do something you wouldn't normally do, the flags have to go up." — Mike Armistead"AI doesn't scale people. It scales attacks. The infrastructure we built was designed for a different threat landscape." — Mike ArmisteadSaaS Leadership LessonsConviction is your most valuable asset in a hard growth cycle. Every startup goes through wild swings. The founders who make it through aren't the ones with the best product at every moment — they're the ones who maintained conviction that what they were building would be genuinely valuable to their customers. Momentum fades. Conviction doesn't.Do your structural due diligence before you walk in. Mike's hardest lesson came from his first CEO role: a high-debt company that collapsed not because the business was failing, but because lenders called loans after 9/11. The business itself was fine. The structure killed it. Always understand the financial architecture of what you're walking into — especially in uncertain macro environments.Run tabletop exercises with your leadership team. Don't wait for a crisis to figure out your response. Role-play "what if" scenarios regularly with your co-founders and executives. Someone always surfaces a risk you hadn't considered — and the solutions are often simpler than you'd expect. This is no longer optional; it's a survival skill.Know where you are in the adoption curve — and don't fight it. Early adopters will take a chance on you because they see competitive advantage. Mainstream buyers need proof points. Late adopters need to see their peers doing it. Pestering a mainstream buyer with an early-stage pitch isn't a winning fight. Build for the stage you're actually in.Ask the uncomfortable pricing question early and often. Founders are wired to build. We're not always wired to sell. But the market will tell you the truth faster than any advisor. Ask potential customers directly: "Would you pay X for this?" Fight through the politeness. Watch for buying signals — when someone starts thinking about procurement rather than just nodding along, you're onto something.Stop building for "cool" — build for "when can I buy it?" Customer enthusiasm and purchase intent are not the same thing. If your beta testers are telling you it's great but nobody's asking how to get it, you haven't found product-market fit. Continually test your story, move toward a bigger narrative when needed, and keep engaging the market until the signals change.Guest Resourcesmike@pulsesecurity.aipulsesecurity.aihttps://www.linkedin.com/in/mike-armistead-1164715/Episode SponsorThe Futureproof Series - https://www.youtube.com/playlist?list=PLfkXKUPZ5xuOqMPR7_gzGybncTtavyR1NThe Captain's KeysSmall Fish, Big Pond – https://smallfishbigpond.com/ Use the promo code ‘SaaSFuel'Champion Leadership Group – https://championleadership.com/SaaS Fuel ResourcesWebsite - https://championleadership.com/Jeff Mains on LinkedIn - https://www.linkedin.com/in/jeffkmains/Twitter - https://twitter.com/jeffkmainsFacebook - https://www.facebook.com/thesaasguy/Instagram - https://instagram.com/jeffkmains

In this episode of The Conference Room, Simon welcomes Joshua Jones, Founder and CEO of Crush Security, for an eye-opening conversation about the hidden flaws within today's cybersecurity partner ecosystem.Drawing on more than 20 years of industry experience, Joshua explains why many CISOs struggle to receive unbiased guidance when purchasing security technologies and how traditional reseller models have drifted away from their original purpose of delivering value. He shares the inspiration behind launching Crush Security and how the company is using AI-powered, data-driven insights to help organizations make smarter security decisions.The discussion explores trust, transparency, tool sprawl, and the growing pressure on security leaders, while offering practical lessons for anyone building businesses focused on solving real customer problems.Joshua shares how an unexpected career opportunity led him into cybersecurity over two decades ago.The story behind founding Crush Security and identifying a major gap in the cybersecurity ecosystem.Why the traditional partner and reseller model is "broken" and often fails to serve buyers effectively.The importance of unbiased advice and how incentives can influence purchasing recommendations.The biggest frustrations CISOs have with vendors, partners, and advisory firms today. Understanding tool sprawl and why organizations frequently purchase overlapping technologies.Building stronger relationships between security, procurement, legal, and finance teams.Do resellers still provide value? Joshua shares his perspective on the industry's future.How Crush Security aligns its internal culture to prioritize customers over quotas.Why CISOs played a direct role in shaping the Crush Security platform.A look ahead at what's next for Crush Security, including upcoming innovations and industry announcements.To learn more about Joshua Jones, please visit her Linkedin ProfileTo learn more about  Crush Security, please visit her website.YOUR HOST - SIMON LADER    Simon Lader is the host of The Conference Room, Co-Founder of global executive search firm Salisi Human Capital, and lead generation consultancy Flow and Scale. Since 1997, Simon has helped cybersecurity vendors to build highly effective teams, and since 2022 he has helped people create consistent revenue through consistent lead generation.      Get to know more about Simon at:    Website: https://simonlader.com/  Twitter: https://twitter.com/simonlader  LinkedIn: https://www.linkedin.com/in/headhuntersimonlader/    The Conference Room is available onSpotifyApple podcastsAmazon MusicIHeartRadio

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

All links and images can be found on CISO Series Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Howard Holton, CEO, GigaOm. Joining is Tyler King, senior director - threat operations and response, Sinclair. In this episode: Career insurance In the trenches together Who are you actually selling to? Common sense, uncommon in sales A huge thanks to our sponsor, Material Security Legacy email security only watches the door. Material protects your entire cloud workspace—email, files, and accounts—as one ecosystem. It's more coverage for less than the cost of a legacy SEG. One price, no surprises: just security that covers the whole surface area. Learn more at material.security.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Today, we are kicking off a new series entitled The AI Control Loop, How enterprises govern the AI they've already deployed - sponsored by our friends at Wallarm.Wallarm is the AI Control Platform for Enterprise AI, protecting every AI workload, API, and application in production, giving CISOs the governance they need and CIOs the speed they demand. Organizations choose Wallarm for a complete inventory of APIs, AI agents, and AI apps, patented AI/ML-based threat detection and blocking that operates at production traffic speeds.Today's episode is entitled AI Security is API Security, and joining us is Tim Erlin, VP of Product Marketing at Wallarm. We discuss the foundational link between AI security and API security, digging into the role that APIs play in the dev, deployment, and operations of AI. We explore how they contribute to the risk profile of AI transformation projects, and how securing APIs is critical for successful AI transformation.QuestionsWhen people hear “AI security,” they often think first about models, prompts, or training data. Why do you argue that AI security starts with APIs?Where do you see organizations underestimating API risk as they move AI projects from pilot to production?How does the rise of AI agents change the stakes for API security compared with traditional application architectures?What are the most common API security assumptions that break down once AI systems begin taking action autonomously?Wallarm's ThreatStats research points to APIs as a major overlap point for AI vulnerabilities and exploited vulnerabilities. What does that tell us about where attackers are likely to focus?How should security leaders think differently about authentication, authorization, and API abuse when the “user” may be an AI agent rather than a human?What is one practical step teams can take today to strengthen API security before AI adoption expands further?Once you accept that AI security depends on APIs, what do organizations actually need to discover before they can protect it?Linkshttps://www.wallarm.com/https://www.linkedin.com/in/tim-erlin/Full AbstractIn the first episode of the AI Control Loop series, Tim Erlin, VP Product at Wallarm, examines why AI security and API security are the same problem approached from different angles, and what organizations need to discover before they can protect either one.Every AI model needs data to act on. Every AI agent needs services to call. Every AI workflow needs integrations to function. The connective tissue running through all of it is APIs, which means the security posture of any AI system is inseparable from the security posture of the APIs underneath it.That link is not theoretical. APIs are already the most targeted attack surface in enterprise environments, and AI is making that problem significantly larger. Agents that act autonomously on behalf of users do not just consume APIs the way traditional applications do. They discover them, invoke them dynamically, chain them across workflows, and do all of it at a speed and scale that makes human review impractical. The authentication assumptions, rate limiting strategies, and abuse detection models that worked for human-driven API traffic were not designed for this, and the gaps are not subtle.Most organizations moving AI from pilot to production are underestimating how much of their AI risk surface is actually API risk surface. Shadow APIs that were never inventoried, overpermissioned integrations that made sense for a human user but not for an autonomous agent, authentication patterns that cannot distinguish a legitimate AI session from an abused one. Securing AI at the foundational level means answering the API question first: what APIs does the AI touch, what can it do through them, and what would an attacker be able to reach if any part of that surface were compromised.Our Sponsors:* Check out Cash App and use my code CASHAPP10 for a great deal: https://click.cash.app/ui6m/mt82fpxl #CashAppPod. Cash App is a financial services platform, not a bank. Banking services provided by Cash App's bank partner(s). Prepaid debit cards issued by Sutton Bank, Member FDIC. See terms and conditions at https://cash.app/legal/us/en-us/card-agreement. Cash App Green, overdraft coverage, borrow, cash back offers and promotions provided by Cash App, a Block, Inc. brand. Visit http://cash.app/legal/podcast for full disclosures.* Check out Plaud AI and use my code CODESTORY for a great deal: https://plaud.aiAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

AI is reshaping innovation as businesses embed it into core operations and move more processes online. This transformation is often seen as a tradeoff between innovation and data risk, but that assumption is wrong. Businesses can innovate and scale in the AI era while maintaining strong data security, ensuring protection, compliance, and control remain intact. Segment Resources: Check out these assets from Fortra for more information around Data Security for AI. Learn more about our Data Security suite: https://www.fortra.com/solutions/data-protection Get the ungated guide: Secure AI Innovation > https://www.fortra.com/resources/guides/secure-ai-innovation Read the blog: Staying Compliant While Using AI: What CISOs Need to Know https://www.fortra.com/blog/staying-compliant-while-using-ai-what-cisos-need-know This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! In the leadership and communications segment, Lost in translation: Cybersecurity board reporting for CISOs, AI may finally unlock the cyber budgets CISOs have wanted for years, How People Actually Get to the C-Suite in S&P 500 Companies, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-451

At Infosecurity Europe in London, Pete Hannah, VP of Sales for Western Europe at Object First, joins Sean Martin to reframe a question many organizations still get wrong. The issue is not only how to keep ransomware out, but how quickly you can recover once it gets in. With Europe's regulatory landscape tightening, that distinction is becoming the difference between disruption and disaster. What does the UK Cyber Security and Resilience Bill actually demand? According to Pete Hannah, it reads less like a checklist and more like an operational resilience standard. It expects organizations to manage threats, prove they have tested their recovery plans, and treat resilience as a board-level responsibility with real financial penalties. More than ninety percent of the bill already applies in practice, so waiting for it to become law is a risk in itself. Why do backups matter so much? Because more than ninety percent of cyberattacks target them first. Pete Hannah explains that "immutable" has become a marketing word, and the meaningful test is whether anyone still holds the access to destroy protected data. Object First answers that with absolute immutability, independently tested, with zero destructive access for admins or compromised accounts. That protection is purpose-built for Veeam environments through the Ootbi appliance, the resilient bunker that stays standing even when every password is known and every other system is compromised. When recovery is guaranteed, teams stop worrying about whether they will recover and focus instead on how fast. How does a stretched IT team adopt this without adding overhead? Pete Hannah describes deployment as taking the appliance out of the box, racking it, connecting it, and pointing backups at it. For boards and CISOs under budget and resource pressure, simplicity is the selling point. It is easy to manage, easy to prove, and dependable when it matters. The proof is in the field. Pete Hannah shares stories of customers who survived worst-case scenarios because Object First was the only thing left standing, and one who tracked him down simply to say thank you. In an era where AI is accelerating attacks and a single compromised password has bankrupted companies, knowing you can recover is the new definition of good enough. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Pete Hannah, VP of Sales, Western Europe, Object First LinkedIn: https://www.linkedin.com/in/peterhannah/ RESOURCES Learn more about Object First: https://objectfirst.com Ootbi by Object First (Out-of-the-Box Immutability): https://objectfirst.com Watch: Anthony Cusimano of Object First at RSAC Conference: https://youtu.be/LMWuZ_NH1lA Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Pete Hannah, Object First, Ootbi, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, immutable backup storage, ransomware recovery, Veeam backup, absolute immutability, Cyber Security and Resilience Bill, cyber resilience, data protection, operational resilience, backup and recovery, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

AI is reshaping innovation as businesses embed it into core operations and move more processes online. This transformation is often seen as a tradeoff between innovation and data risk, but that assumption is wrong. Businesses can innovate and scale in the AI era while maintaining strong data security, ensuring protection, compliance, and control remain intact. Segment Resources: Check out these assets from Fortra for more information around Data Security for AI. Learn more about our Data Security suite: https://www.fortra.com/solutions/data-protection Get the ungated guide: Secure AI Innovation > https://www.fortra.com/resources/guides/secure-ai-innovation Read the blog: Staying Compliant While Using AI: What CISOs Need to Know https://www.fortra.com/blog/staying-compliant-while-using-ai-what-cisos-need-know This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! In the leadership and communications segment, Lost in translation: Cybersecurity board reporting for CISOs, AI may finally unlock the cyber budgets CISOs have wanted for years, How People Actually Get to the C-Suite in S&P 500 Companies, and more! Show Notes: https://securityweekly.com/bsw-451

AI is reshaping innovation as businesses embed it into core operations and move more processes online. This transformation is often seen as a tradeoff between innovation and data risk, but that assumption is wrong. Businesses can innovate and scale in the AI era while maintaining strong data security, ensuring protection, compliance, and control remain intact. Segment Resources: Check out these assets from Fortra for more information around Data Security for AI. Learn more about our Data Security suite: https://www.fortra.com/solutions/data-protection Get the ungated guide: Secure AI Innovation > https://www.fortra.com/resources/guides/secure-ai-innovation Read the blog: Staying Compliant While Using AI: What CISOs Need to Know https://www.fortra.com/blog/staying-compliant-while-using-ai-what-cisos-need-know This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! In the leadership and communications segment, Lost in translation: Cybersecurity board reporting for CISOs, AI may finally unlock the cyber budgets CISOs have wanted for years, How People Actually Get to the C-Suite in S&P 500 Companies, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-451

In Episode 106 of the Cybersecurity Readiness Podcast Series, Dr. Dave Chatterjee is joined by Holger Hügel, Chief Technology Officer of SecurityBridge and a global authority on SAP cybersecurity with over 26 years of experience — to address a governance blind spot that exists inside the security perimeters of even the most mature enterprise organizations: the SAP environment.Opening with the August 2024 ransomware attack on Stoli Group USA — where attackers went straight for the company's SAP enterprise resource planning (ERP) system, disrupting financial operations and contributing directly to a bankruptcy filing within three months — Dr. Chatterjee frames the episode's central challenge: organizations can have zero trust architecture, network segmentation, and identity governance fully deployed across their IT landscape, and still be critically exposed, because most CISOs have never formally claimed accountability for SAP security, and most SAP teams do not think of themselves as part of the security function.Hügel explains the structural gap at the heart of this problem. SAP systems are simultaneously the most business-critical and the least security-governed assets in most large organizations. The C-suite depends on them for financial operations, payroll, procurement, and supply chain continuity, yet SAP teams and security teams speak different languages, operate under different budgets, and rarely collaborate. SAP departments typically define "security" as managing user authorizations and privileges — a narrow interpretation that leaves configuration drift, patch backlogs, and monitoring gaps entirely unaddressed.Analyzed through Dr. Chatterjee's Commitment–Preparedness–Discipline (CPD) framework, the conversation translates SAP cybersecurity from a technical niche into a governance imperative. The Medtronic case study demonstrates what good looks like: a CISO who crossed the organizational divide, sponsored SAP hardening from the cybersecurity budget, built a continuous patch management process, and created the governance structure that allowed the team to respond to an out-of-band vulnerability within hours rather than weeks.The episode's central message is neither technical nor abstract: the organizations that will survive the next ERP-targeted ransomware attack are not those with the most sophisticated tools — they are the ones that have claimed ownership of the problem, built the processes to address it continuously, and created the cross-functional governance structures that SAP and cybersecurity teams cannot build on their own.To access and download the entire podcast summary with discussion highlights - https://www.dchatte.com/episode-106-the-invisible-attack-surface-zero-trust-for-sap-and-erp-environments/Connect with Host Dr. Dave ChatterjeeLinkedIn: https://www.linkedin.com/in/dchatte/ Website: https://dchatte.com/Books PublishedThe DeepFake ConspiracyCybersecurity Readiness: A Holistic and High-Performance ApproachArticles & Cases PublishedChatterjee, D. (2026). Root: Automating the Remediation Gap, Ivey Publishing, Jan 7, 2026.Ramasastry, C. and Chatterjee, D. (2025). Trusona: Recruiting For The Hacker Mindset, Ivey Publishing, Oct 3, 2025.Chatterjee, D. and Leslie, A. (2024). “Ignorance is not bliss: A human-centered whole-of-enterprise approach to cybersecurity preparedness,” Business Horizons, Accepted on Oct 29, 2024.Isik, O., Chatterjee, D., and Lourenco, D.A. (2024). “Getting Cybersecurity Right,” California Management Review — Insights, Accepted for Publication, July 8, 2024. Chatterjee, D. (2023). “Mission critical – How American Cancer Society successfully and securely migrated to the cloud amid the pandemic,” I by IMD, March 13, 2023.Chatterjee, D. (2022). “Preventing security breaches must start at the top,” I by IMD, September 28, 2022, Institute for Management Development, Lausanne, SwitzerlandChatterjee, D. (2022). “Making Cybersecurity Readiness Mainstream,” Executive Blog Post, NETSPI, March 1, 2022Benz, M. and Chatterjee, D. (2020). “Calculated Risk? A Cybersecurity Evaluation Tool for SMEs,” Business Horizons, available online from May 4, 2020Chatterjee, D. (2019). “Should Executives Go To Jail Over Cyber Attacks,” Journal of Organizational Computing and Electronic Commerce, Vol 29, Issue 1, pp. 1-3.Abraham, C., Chatterjee, D., and Sims, R. (2019). “Muddling through cybersecurity: Insights from the U.S. healthcare industry,” Business Horizons, July 2019.

AI is reshaping innovation as businesses embed it into core operations and move more processes online. This transformation is often seen as a tradeoff between innovation and data risk, but that assumption is wrong. Businesses can innovate and scale in the AI era while maintaining strong data security, ensuring protection, compliance, and control remain intact. Segment Resources: Check out these assets from Fortra for more information around Data Security for AI. Learn more about our Data Security suite: https://www.fortra.com/solutions/data-protection Get the ungated guide: Secure AI Innovation > https://www.fortra.com/resources/guides/secure-ai-innovation Read the blog: Staying Compliant While Using AI: What CISOs Need to Know https://www.fortra.com/blog/staying-compliant-while-using-ai-what-cisos-need-know This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! In the leadership and communications segment, Lost in translation: Cybersecurity board reporting for CISOs, AI may finally unlock the cyber budgets CISOs have wanted for years, How People Actually Get to the C-Suite in S&P 500 Companies, and more! Show Notes: https://securityweekly.com/bsw-451

In this special Founder Initiative pitch episode, four cybersecurity founders pitch their startups live to Robert Lowry, CSO of Tonic AI and former security leader at organizations including NASDAQ and the Federal Reserve Bank. Robert Lowry- https://www.linkedin.com/in/lowryrobert/ The conversation covers some of the biggest emerging enterprise security challenges around AI agents, shadow AI, runtime protection, memory systems, cybersecurity data infrastructure, and modern SOC operations. Featuring: * IceGuard — next-generation AI-native cybersecurity data infrastructure - Anders Holden, https://www.linkedin.com/in/andersbholden/ * Optimus Labs — agent defense and AI runtime governance - Nipun Gupta - https://www.linkedin.com/in/guptanipun/ * KeyCaliber — AI usage visibility and cybersecurity asset intelligence - Roselle Safran - https://www.linkedin.com/in/rosellesafran/ * Dyng/Pilot AI — AI memory and contextual learning systems - Ricardo La Rosa - https://www.linkedin.com/in/ricardo-larosa/ Instead of polished demos and sales decks, this episode captures real buyer reactions, live feedback, objections, and the kinds of questions enterprise security leaders actually ask before considering a product. If you're building for CISOs, enterprise security teams, or AI infrastructure buyers, this episode gives a rare inside look at how technical buyers evaluate early-stage startups in real time.

Podcast: Industrial Cybersecurity InsiderEpisode: Is Your IIoT Strategy Creating More Security Risks?Pub date: 2026-06-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig and Dino address one of the most overlooked problems in OT security: the IIoT devices your security tools don't automatically detect.Most OT intrusion detection platforms do a reasonable job of identifying core control-layer assets such as PLCs, drives, and motor control centers. The problem is everything else. Laptops plugged into the network, third-party devices brought in by contractors, and a growing range of connected IIoT equipment often go completely undetected. Those are the gaps where risk accumulates.Craig and Dino explain why the belief that machines are air-gapped is a dangerous myth, how PLCs acting as gateways prevent intrusion detection platforms from seeing the devices behind them, and why an asset inventory is not the same as knowing your real risk and CVE exposure in multi-vendor environments.They reframe OT cybersecurity as a process-integrity problem and show how unmanaged network activity, third-party remote access, and even routine IT security scans can quietly degrade OEE and trigger unplanned downtime that costs millions.Using predictive-maintenance analogies such as thermal, harmonics, and vibration sensing, they make the case for treating digital anomalies the same way mature plants already treat mechanical ones.They close by examining why so many OT detection tools become shelfware, how to escape alert fatigue, and the two practical paths to real IT/OT convergence: building the right relationships with OEMs, system integrators, and AEC partners, and designing security-ready facilities from the ground up.It's a practical listen for CISOs, plant and engineering leaders, and OT/IT teams responsible for securing manufacturing and critical infrastructure.Chapters:(00:00:00) - Why No Industrial Asset Is Truly Air-Gapped(00:01:08) - IoT vs. IIoT: How OT Assets Get Classified(00:03:15) - The Control-Layer Blind Spot: Drives, Robots, and Motor Controls(00:05:25) - How PLC Gateways Hide Assets From Intrusion Detection(00:07:30) - Asset Inventory Isn't Risk: The CVE Gap in Multi-Vendor Plants(00:08:55) - When Cyber Blind Spots Become Costly Downtime(00:10:05) - Process Integrity: How Security Scans Disrupt Production(00:11:35) - Predictive Maintenance Meets Digital Anomaly Detection(00:17:45) - Avoiding OT Shelfware and Alert Fatigue(00:19:45) - IT/OT Convergence: Choosing a Partner and Building Secure-by-DesignLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Today’s headline news for Canadian IT solution providers: ConnectWise Platform: ConnectWise yesterday unveiled what it calls the industry’s first purpose-built platform for Predictive IT, unifying PSA, RMM, cybersecurity, automation, workflow orchestration, and native agentic AI into a single execution layer for managed services. CEO Manny Rivelo described it as a fundamental shift from reactive IT management to an AI-native operating model. The company also released new operational benchmark modeling based on a representative MSP with approximately $3M in annual managed services revenue, showing the productivity and economic impact it says AI-driven automation can deliver. Cavelo Cora AI Security Analyst: Kitchener, Ontario-based Cavelo has introduced Cora, an AI Security Analyst integrated into its data security posture management platform and positioned specifically for MSPs and MSSPs. Cavelo says Cora analyzes security telemetry and translates it into a guided remediation action plan in seconds, tailored by role. The tool targets the operational gap between risk visibility and actual remediation – without requiring additional headcount. Radiant Logic and Zscaler Partnership: Radiant Logic and Zscaler have announced a technology partnership aimed at solving the Day 1 access problem in mergers and acquisitions. By integrating RadiantOne’s identity data fabric with the Zscaler Zero Trust Exchange, the companies say acquiring organizations can securely connect newly onboarded employees to applications from the moment a deal closes, regardless of disparate identity systems. ConnectSecure Patch 360: ConnectSecure is launching Patch 360, a patch management platform built for MSPs that introduces pilot-first validation, risk-based prioritization using CISA Known Exploited Vulnerabilities and EPSS scoring, controlled rollouts with approval workflows, and integrated rollback – replacing what the company describes as a “deploy-and-hope” model with a “test-and-trust” framework. NTT DATA and Google Cloud: NTT DATA is expanding its AI partnership with Google Cloud, launching a dedicated Gemini Enterprise practice to help enterprise clients move AI deployments from pilot to production at scale. Descope Agentic Identity Hub: Identity platform Descope is announcing enhancements to its Agentic Identity Hub today, extending its tools for managing authentication and access for autonomous AI agents. Checkmarx CISO Research: Checkmarx has released research surveying more than 2,000 developers and CISOs, finding that 95 percent of CISOs report facing internal pressure to suppress software compliance findings. Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Tuesday, June 9, 2026, and here’s what’s happening in the channel today. ConnectWise yesterday unveiled what it is calling the industry’s first purpose-built platform for the era of Predictive IT. The ConnectWise Platform brings together PSA, RMM, cybersecurity, automation, workflow orchestration, and native agentic AI into what the company describes as a single intelligent execution layer for managed services. CEO Manny Rivelo positioned it as a fundamental shift away from the labor-intensive, disconnected systems that have defined MSP operations for decades, toward what ConnectWise calls an AI-native operating model. To support the launch, the company released new operational benchmark modeling showing the productivity and economic impact it says AI-driven automation can have on MSP operations. In their model, a representative managed services firm with approximately three million dollars in annual revenue could see measurable transformation across their first stages of the Predictive Intelligence journey. This is a significant platform bet from one of the largest players in the MSP tooling market, and the framing around “Predictive IT” is clearly a narrative ConnectWise intends to own. In the security space, Kitchener, Ontario-based Cavelo has introduced Cora, an AI Security Analyst integrated directly into its data security posture management platform. Positioned specifically for MSPs and MSSPs, Cora functions as an AI agent that analyzes security telemetry to identify, prioritize, and recommend remediation steps for cyber risks across client environments. Rather than adding more alerts to the dashboard, Cavelo says the tool translates security data into a guided action plan in seconds, tailored to the specific roles of frontline technicians and senior security leaders. The development targets a well-documented operational gap between risk visibility and remediation – allowing service providers to reduce manual investigation time and offer clients clear, actionable intelligence without increasing headcount. Radiant Logic and Zscaler have formed a strategic partnership designed to address the Day 1 access challenges commonly found in mergers and acquisitions. By integrating RadiantOne’s identity data fabric with the Zscaler Zero Trust Exchange, the companies are aiming to eliminate the complex network and identity merge projects that typically stall productivity following a deal close. The joint solution allows acquiring organizations to securely connect newly onboarded employees to necessary applications from day one, regardless of disparate Active Directory or HR systems. In a market where M&A activity among IT service providers shows no sign of slowing, this integration offers a repeatable framework for reducing the downtime and cyber risk associated with bringing acquired entities onto a managed environment – which is a practical and recurring service challenge for many MSPs in the field. In Brief – ConnectSecure launches Patch 360, a patch management platform for MSPs built on pilot-first testing, risk-based vulnerability prioritization, and integrated rollback controls. NTT DATA expands its AI partnership with Google Cloud, launching a dedicated Gemini Enterprise practice to help organizations move deployments from pilot to production scale. Descope is announcing enhancements today to its Agentic Identity Hub, aimed at helping organizations manage access for autonomous AI agents. Checkmarx research of more than 2,000 developers and CISOs finds 95 percent of CISOs report facing pressure to suppress software compliance findings. Full details and links in the show notes or the blog post. Later today on In The Channel, we have a conversation about the launch of the AWS Partner Innovation Hub in Toronto, with AWS Canada’s Martin Brazonet and CGI’s Dinesh Bhavsar on the challenge of moving AI from proof-of-concept to production. And if you haven’t heard it yet, check out our conversation with Earl Gosick from ESTI Consulting Services, recorded at Dell Technologies World, on why the AI story is really a storage story – that one is on the feed now. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening. Have a great day.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Podcast: ICS Cyber Talks PodcastEpisode: Yigal Gueta CEO & Dor Tuchman VP-Tech @Scadasudo on cyber sales and tailored solutions for customersPub date: 2026-06-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationאחד הנושאים היותר מאתגרים למנהל אבטחת מידע בארגון הוא בחירת טכנולוגיות הגנת סייבר, מאות מוצרים שלכל אחד מהם השטיק שלו, ברושורים ומצגות על כך שהמוצר עושה הכול כולל קפה נוסיף את העובדה שאנשי אבטחת מידע נמצאים תמיד תחת הצף וקשה להם לבדוק מגוון טכנולוגיות ולכן הם נאלצים לקבל סוג של החלטה מושכלת ולבצע בדיקת יתכנות למוצר בודד ומאידך החשש מהחלפת טכנולוגיה מוטמעת במוצר חדש נחשון פינקו מארח את יגאל גויטע מייסד ומנכ"ל ואת דור טוכמן סמנכ"ל הנדסה ופיתוח עסקי בסקאדה סודו, בשיחה על בכירה של טכנולוגיות סייבר בכובע היועץ, הצורך בהכרות עמוקה עם הצרכים של הלקוח לפני שבכלל ניגשים למציאת פתרונות והחשיבות של התאמת פתרון לצורך ולא צורך לפתרון A major challenge for Chief Information Security Officers (CISOs) is choosing the right cybersecurity technologies. With hundreds of vendors touting unique value propositions and comprehensive solutions, the selection process becomes overwhelming. Security teams, often stretched thin, lack the bandwidth to assess multiple platforms at once. As a result, CISOs must make strategic choices and conduct a Proof of Concept (PoC) on a carefully chosen solution. On the other hand, there is apprehension about replacing an embedded, established technology with a new product. Nachshon Pincu hosts Yigal Gueta, Founder & CEO, and Dor Tuchman, VP of Engineering & Business Development at SCADASudo, in a comprehensive discussion on evaluating cyber technologies from a consultant's perspective. The conversation highlights the importance of thoroughly understanding client needs before engaging with vendors and stresses the necessity of aligning solutions with business requirements—rather than adapting cyber needs to fit a specific product.  The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

For twenty years the security playbook started in the same place, find a vulnerability, prioritize it, and patch it. Doug Merritt, CEO of Aviatrix and former CEO of Splunk, thinks that playbook is quietly breaking, and his explanation has nothing to do with anyone being careless. The economics of offense changed underneath us, and most security programs are still funded as if they did not.Why this conversation mattersDoug has sat in two seats that give this argument weight. At Splunk he evangelized detect and respond, and now at Aviatrix he is arguing that detect and respond, while still important, is no longer enough on its own. That is not a vendor pivot so much as an honest reading of the incentives, and it lands differently coming from someone who built a business on the previous era. If you are a practitioner watching AI rewrite the attacker's cost curve, or a leader trying to defend a prevention-heavy budget to a board, this conversation reframes where the money should actually go.Key takeawaysOffense became a compute problem, and that is permanent. Finding and exploiting a vulnerability is a search task, and the cost per token has been deflating faster than Moore's Law. That is why this is a structural shift rather than a few headline demos, and why throwing compute at offense keeps getting cheaper and faster.Patching has a ceiling that offense does not. Every patch carries the risk of breaking something, so testing, deployment, and organizational friction cap how fast defenders can move. When vulnerability discovery scales freely and patching cannot, "find more and patch faster" turns into a race you are structurally set up to lose.The interesting question is not how they got in, it is where they went. Attackers increasingly arrive with valid credentials and move through the trust graph that runs across cloud services and CI/CD pipelines, including malware injected into trusted repositories. Once they look legitimate inside the environment, lateral movement and egress are where the real damage happens.Cloud rewarded velocity, and security paid the bill. Cloud providers made identity default-deny because someone has to own and pay for a workload, but they left networking wide open because their economic engine is developer velocity and security reads as friction. New agentic frameworks inherit that same wide-open default, connected to the internet with little oversight.A strong identity stance is necessary and not sufficient. Identity answers whether someone is allowed to act, not whether the action is an attack, which is why attackers log in rather than hack in. Human, agent, and workload identities are genuinely different, and workload identity in particular has been underserved.Containment is about blast radius, not about keeping everyone out. The mindset shift is to accept that breaches will occur and to govern every path a workload can take, so an incident stays local and recoverable. Done well, containment holds firm whether or not anyone has detected the attack yet.Blast radius has to become a boardroom metric. Doug's argument is that CISOs, CIOs, CEOs, and boards should be able to answer how reachable anything is from anything else, and treat that number as something to drive down deliberately rather than discover after an incident.AI is the reason containment is finally workable. The historic blocker to micro-segmentation was cognitive load across tens or hundreds of thousands of workloads. AI is strong at synthesis and pattern matching, which makes a staged path of observe, discover, monitor, and then enforce realistic, ideally starting with the internet-exposed workloads that have no filtering at all.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

⬥EPISODE NOTES⬥ The healthcare system is, by some measures, the most targeted sector in cybersecurity. Patient records get lifted, hospitals get held for ransom, and the supposed protections often look more like antiquated friction than modern defense. Gil Bashe, Chair of Global Health and Purpose at FINN Partners, joins Sean Martin to explore why the systems meant to protect people's most sensitive information are, in many cases, the same systems holding back better care. A former combat medic, agency CEO, private equity operator, and now author of Healing the Sick Care System: Why People Matter, Gil Bashe brings a rare composite view of how information, technology, and human judgment collide in healthcare. The conversation moves quickly from ransomware and HIPAA-covered entities into the harder questions about AI. With an estimated 80 percent of doctors already using OpenAI tools to assist with diagnosis or treatment patterns, the line between "in the zone" and "precision" information has become a clinical safety issue. Gil Bashe reframes hallucinations as what they really are in his world: wrong facts. And wrong facts, fed back into a system that increasingly trusts the output, create a feedback loop that no one is accountable for. The machine doesn't sleep, doesn't worry, doesn't carry responsibility. The humans on either side of it do. That accountability gap is where the cybersecurity audience comes in. Gil Bashe draws a direct parallel between great coders and great clinicians: both work inside-out and outside-in, interviewing the people who use the system and the people the system serves. He argues that the cybersecurity professional protecting an EMT's routing system, a hospital's power grid, or an MRI data pipeline is saving lives on the same continuum as the paramedic. The skillset is different. The stakes are not. Sean Martin and Gil Bashe also press on the leadership question raised by AI. If clinicians are freed up by 15 percent of their day, what does the system ask them to do with that time? See two more patients on the conveyor belt of sick care, or actually treat the underlying cause of disease? With 18.7 percent of U.S. GDP going to healthcare and 35 percent of that consumed by administration, the answer is not technical. It is a leadership decision about what the technology is for. This conversation asks cybersecurity practitioners, CISOs, and technology leaders to widen the frame. Protecting data is the floor. Protecting the human relationships, the clinical judgment, and the dignity of the patient on the other end of the system is the work. ⬥GUEST⬥ Gil Bashe, Chair, Global Health and Purpose at FINN Partners | On LinkedIn: https://www.linkedin.com/in/gilbashe/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ Healing the Sick Care System: Why People Matter (book by Gil Bashe) | https://www.finnpartners.com/news-insights/healing-the-sick-care-system-why-people-matter/ FINN Partners | https://www.finnpartners.com/ The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ Redefining CyberSecurity Podcast | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq The Future of Cybersecurity Newsletter | https://itspm.ag/future-of-cybersecurity Connect with Sean Martin | https://www.seanmartin.com/ ⬥KEYWORDS⬥ gil bashe, finn partners, sean martin, healthcare cybersecurity, hospital ransomware, ai in medicine, chatgpt clinical use, patient data protection, hipaa business associates, health information leadership, sick care system, non-communicable diseases, human leadership in ai, medical misinformation, prompt accountability, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode of Resilient Cyber, I sit down with Katie Norton, Research Manager for DevSecOps and Software Supply Chain Security at IDC, to unpack what application security looks like as AI moves from copilot to autonomous teammate across the software development lifecycle.We dive into:

⬥EPISODE NOTES⬥ The healthcare system is, by some measures, the most targeted sector in cybersecurity. Patient records get lifted, hospitals get held for ransom, and the supposed protections often look more like antiquated friction than modern defense. Gil Bashe, Chair of Global Health and Purpose at FINN Partners, joins Sean Martin to explore why the systems meant to protect people's most sensitive information are, in many cases, the same systems holding back better care. A former combat medic, agency CEO, private equity operator, and now author of Healing the Sick Care System: Why People Matter, Gil Bashe brings a rare composite view of how information, technology, and human judgment collide in healthcare. The conversation moves quickly from ransomware and HIPAA-covered entities into the harder questions about AI. With an estimated 80 percent of doctors already using OpenAI tools to assist with diagnosis or treatment patterns, the line between "in the zone" and "precision" information has become a clinical safety issue. Gil Bashe reframes hallucinations as what they really are in his world: wrong facts. And wrong facts, fed back into a system that increasingly trusts the output, create a feedback loop that no one is accountable for. The machine doesn't sleep, doesn't worry, doesn't carry responsibility. The humans on either side of it do. That accountability gap is where the cybersecurity audience comes in. Gil Bashe draws a direct parallel between great coders and great clinicians: both work inside-out and outside-in, interviewing the people who use the system and the people the system serves. He argues that the cybersecurity professional protecting an EMT's routing system, a hospital's power grid, or an MRI data pipeline is saving lives on the same continuum as the paramedic. The skillset is different. The stakes are not. Sean Martin and Gil Bashe also press on the leadership question raised by AI. If clinicians are freed up by 15 percent of their day, what does the system ask them to do with that time? See two more patients on the conveyor belt of sick care, or actually treat the underlying cause of disease? With 18.7 percent of U.S. GDP going to healthcare and 35 percent of that consumed by administration, the answer is not technical. It is a leadership decision about what the technology is for. This conversation asks cybersecurity practitioners, CISOs, and technology leaders to widen the frame. Protecting data is the floor. Protecting the human relationships, the clinical judgment, and the dignity of the patient on the other end of the system is the work. ⬥GUEST⬥ Gil Bashe, Chair, Global Health and Purpose at FINN Partners | On LinkedIn: https://www.linkedin.com/in/gilbashe/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ Healing the Sick Care System: Why People Matter (book by Gil Bashe) | https://www.finnpartners.com/news-insights/healing-the-sick-care-system-why-people-matter/ FINN Partners | https://www.finnpartners.com/ The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ Redefining CyberSecurity Podcast | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq The Future of Cybersecurity Newsletter | https://itspm.ag/future-of-cybersecurity Connect with Sean Martin | https://www.seanmartin.com/ ⬥KEYWORDS⬥ gil bashe, finn partners, sean martin, healthcare cybersecurity, hospital ransomware, ai in medicine, chatgpt clinical use, patient data protection, hipaa business associates, health information leadership, sick care system, non-communicable diseases, human leadership in ai, medical misinformation, prompt accountability, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: AI, Cybersecurity & Career Growth: Why Curiosity Matters More Than CredentialsPub date: 2026-05-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarization The future of cybersecurity belongs to people who can adapt - not just those with the longest list of certifications. In this episode of Protect It All, host Aaron Crow sits down with Peter Schawacker for a candid conversation about the evolving intersection of AI, cybersecurity, talent, and career growth. With nearly 30 years of experience in cybersecurity and technology leadership, Peter shares real-world insights on what organizations are getting wrong about hiring, why curiosity often matters more than credentials, and how AI is reshaping both technical work and the future of security teams. Together, Aaron and Peter unpack the changing role of CISOs, the dangers of checkbox-driven hiring, and why nontraditional talent may hold the key to solving the industry's growing skills gap. You'll learn: Why soft skills and curiosity are becoming critical cybersecurity assets How AI is transforming cybersecurity recruiting and technical roles The growing challenges around technical debt and workforce readiness Why traditional credentials don't always predict success How CISOs and leaders should think differently about talent and culture Practical career advice for cybersecurity professionals navigating rapid change Whether you're building a cyber team, hiring talent, or planning your next career move, this episode delivers honest insights into what it really takes to thrive in the AI-driven future of cybersecurity. Tune in to learn why adaptability, curiosity, and human ingenuity still matter most - only on Protect It All.. Key Moments:  04:08 The role of security in business 09:24 Managing Aramis online security 11:22 Hiring mindset for troubleshooting skills 13:55 Evaluating AI talent challenges 16:26 Discussing vulnerabilities in software 22:24 Early days of hacking and tech 25:55 Realizing the power of soft skills 28:15 Browsing eclectic book collections 32:13 Recent grads and AI opportunities 33:24 Getting into cybersecurity careers 37:22 Unexpected paths into security careers 40:41 Importance of critical thinking 44:35 Explaining tech's evolution over time About the Guest : Peter Schawacker is the Founder & CEO of Nearshore Cyber and a cybersecurity executive with more than 25 years of experience across multiple industries. A former CISO in four sectors, Peter specializes in cyber risk, AI governance, and workforce development. He is the creator of ARAMIS Insight, an AI-powered cybersecurity workforce competency platform aligned to the NIST NICE framework, and author of Governing AI at the Edge: An Operating Model for Citizen Development in the Enterprise. How to connect Peter:  LinkedIn: https://www.linkedin.com/in/schawacker  Nearshore Cyber: https://nearshorecyber.com.mx | ARAMIS Insight: https://project-aramis.com/insight  Email: peter@nearshorecyber.com.mx Phone: +1 (760) 880-4258 Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Most sales teams are reactive — waiting for buyers to fill out a form, book a demo, or respond to an email. Tal Peretz, co-founder and CEO of OnFire AI, is building the infrastructure to change that. OnFire monitors millions of public signals across Reddit, Stack Overflow, LinkedIn, Slack, and technical forums to identify high-intent buyers before they ever contact your sales team.In this episode, Tal breaks down how AI is transforming go-to-market for companies selling to technical buyers — CTOs, CISOs, and engineers — who notoriously resist generic outreach and respond only to context-rich, well-timed conversations. Tal shares his journey from engineer to CEO, how he and his co-founder interviewed 275 revenue leaders before writing a line of code, what it's really like to raise a $20M seed round, and the hard-won lessons of learning to sell as a first-time founder. From ICP discovery and outcome-based pricing to the future of AI in sales, this is a masterclass in signal-driven, intent-based revenue growth.Key Takeaways0:00 — Why most sales teams miss buyers who are already signaling intent publicly2:07 — Intro to Tal Peretz: Co-founder & CEO of OnFire AI3:56 — The origin story: 275 revenue leader interviews before building the product4:36 — How OnFire works: Capturing public web signals, de-anonymizing prospects, and delivering real-time context to sales teams6:25 — Why selling to CTOs, CISOs, and engineers is uniquely difficult — and uniquely valuable7:36 — The 50-million-engineer insight: Turning public technical conversations into revenue intelligence10:04 — What true AI ROI looks like: efficiency gains + directly attributed pipeline11:15 — The 4X pipeline result: What customers see in their first quarter with OnFire11:52 — Speed + personalization + human touch: Why all three are required for signal-based outreach13:03 — Raising a $20M seed round and what hypergrowth pressure really means13:47 — What makes a great investor: shared values, chemistry, and true partnership in hard moments15:59 — Managing pressure: Working backwards from a 24-month North Star to break goals into milestones17:07 — Building vs. selling: What was harder in the early days17:59 — An engineer who learned to love sales: How Tal found his passion for closing deals19:21 — The ICP trap: Why selling to everyone early is the most costly mistake a founder makes20:51 — The outbound playbook: Cold calling, LinkedIn, and the "stealth company" message that landed their biggest customers22:10 — The consulting approach: Why leading with curiosity instead of a pitch built their enterprise pipeline24:41 — The three-layer go-to-market machine: Brand, field/events, and outbound working together26:45 — Selling six-figure enterprise deals: Going on-site, acting as a partner, not a vendor28:51 — Staying focused in a crowded AI market: The "build on top of the platform" rule30:02 — Building go-to-market teams as a technical founder: The hardest challenge32:14 — The biggest AI pricing mistake: Why outcome-based pricing is the future35:03 — Sales-led vs. product-led growth: How Tal thinks about when and how to make the shift38:09 — The future of go-to-market: How AI eliminates the 80% of busy work reps do today40:53 — The one thing founders must nail to break through from product to real revenue41:38 — Where to find Tal and OnFire AITweetable Quotes"We monitor the public web for signals — competitors, pain points, product mentions — and surface them to your sales team in real time. Your buyers are already talking. You just have to listen." — Tal Peretz"It's not about quantity. It's about the quality of the data. Act fast, personalize based on the pain point, and always keep the human touch in the loop." — Tal Peretz"We take your existing team and infrastructure and make the pipeline 4X better — not by adding headcount, but by giving them the right signal at the right moment." — Tal Peretz"Every revenue is not good revenue. Nail your ICP first — where you see the biggest pain, the best retention, and the growth potential — then press the pedal." — Tal Peretz"The best investors aren't just writing checks. When something breaks — and something always breaks — that's where you find out if you have a true partner." — Tal Peretz"AI will eat the 80% of the sales rep's day that is busy work. The reps who win will be the ones who know how to leverage those tools and still build real relationships." — Tal Peretz"Outcome-based pricing is the future. Align what your customer pays with the value they actually receive — then you're never fighting about ROI again." — Tal Peretz"We started with outbound and a simple message: 'I'm a stealth founder. I want to learn from your experience.' No pitch. Just curiosity. Our biggest customers today came from that exact message." — Tal PeretzSaaS Leadership Lessons1. Validate the market before you build the product. Tal and his co-founders interviewed 275 revenue leaders before writing a single line of code. They didn't fall in love with a solution — they found the problem first. For early-stage founders, this discipline separates products that get traction from ones that get ignored.2. Your ICP is not a marketing decision — it's a survival decision. Selling to every prospect early feels like progress, but it's a trap. Tal's hard-won insight: identify the customers with the biggest pain, the highest retention potential, and the best growth trajectory early, then build everything around them. Chasing the wrong customers burns runway and muddies your product roadmap.3. Great investors are chosen for the downside, not the upside. When everything is working, any investor looks great. The real test comes when something breaks. Tal defines great investors by shared core values, authentic chemistry, and willingness to engage as a true partner — not just a capital source — when the hard moments arrive.4. Act like a consultant before you act like a vendor. OnFire's biggest enterprise wins came from going on-site, meeting the full revenue team, mapping the customer's strategic goals, and co-designing a plan — before ever talking contract. For founders selling complex, high-ACV solutions, acting as a partner rather than a vendor changes the entire sales dynamic.5. Outcome-based pricing aligns your success with your customer's success. Charging by seat or token puts you in constant translation mode — always proving value. Pricing tied to outcomes (pipeline generated, conversations resolved, deals influenced) makes the value self-evident and creates a partnership, not a vendor relationship. The companies doing this best in AI are winning stickier, larger contracts.6. The future sales rep is an AI orchestrator, not a data processor. Today's reps spend ~80% of their time on research, sourcing, and admin — not selling. AI will progressively eliminate that 80%. The reps who thrive won't be those who resist the change, but those who master AI tooling and redirect all of their energy to the irreplaceable human skill: building trust and closing deals.Guest Resourcestal@onfire.aihttps://onfire.aihttps://www.linkedin.com/in/tal-peretz/instagram.com/peretztalx.com/TalPeretz13Episode SponsorThe Futureproof Series - https://www.youtube.com/playlist?list=PLfkXKUPZ5xuOqMPR7_gzGybncTtavyR1NThe Captain's KeysSmall Fish, Big Pond – https://smallfishbigpond.com/ Use the promo code ‘SaaSFuel'Champion Leadership Group – https://championleadership.com/SaaS Fuel ResourcesWebsite - https://championleadership.com/Jeff Mains on LinkedIn - https://www.linkedin.com/in/jeffkmains/Twitter - https://twitter.com/jeffkmainsFacebook - https://www.facebook.com/thesaasguy/Instagram - https://instagram.com/jeffkmains

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

TVs, Old York, Flipper One, Ubiquity, Underminr, CISOs, GitHub, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-583

In this episode James talks to Robert Siciliano, certified speaking professional, bestselling author, private investigator, and creator of the Strategic Human Firewall. A man whose introduction to adversaries didn't come from a classroom but from being beat up in Boston aged 12. He has spent the 35 years since delivering the same uncomfortable truth, the biggest vulnerability in any system isn't the technology, it's the human trusting by default on the other side of the screen.Together they break down why phishing simulation training can cause a compliance trap that makes CISOs feel safe while leaving employees completely exposed, what the "human blind spot" is and why organized crime understands your psychology better than you do. Robert describes how AI has quietly turned pig butchering scams into the most lucrative fraud operation in human history. Taking us inside his personal undercover conversations with scammers, a deepfake video call with a woman named "Gloria," and the devastating real-world cost of these crimes that can cost people everything.  

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

TVs, Old York, Flipper One, Ubiquity, Underminr, CISOs, GitHub, Josh Marpet, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-583

TVs, Old York, Flipper One, Ubiquity, Underminr, CISOs, GitHub, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-583

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode of NASCIO Voices, hosts Amy Glasscock and Alex Whitaker sit down with NASCIO Deputy Executive Director Meredith Ward to unpack the newly released 2026 NASCIO-Deloitte Cybersecurity Study. Meredith walks through key findings. The conversation explores the growing pressure on CISOs to do more with less amid flat or shrinking budgets, the urgent need for whole-of-state cybersecurity collaboration that extends beyond state government to local governments, K–12, higher ed and public health entities, and why measuring cybersecurity effectiveness has become a top priority. Meredith also makes a plug for reauthorizing the State and Local Cybersecurity Grant Program before the episode wraps up with a lightning round covering dream jobs, language-learning aspirations, and an enthusiastic endorsement of countertop composters.

Greg Murphy of Vectra AI explains why no single security tool is enough in 2026, and how AI is transforming overwhelmed security teams into lean, highly responsive defense operations.Topics Include:Vectra AI helps enterprises detect and respond to cyberattacks before they become breaches.CISOs face millions of alerts monthly with dangerously understaffed security teams.Vectra pioneered AI-driven triage to prioritize only the most critical threats.The result: analysts act on two or three alerts, not thousands.Generative AI is now actively being weaponized by sophisticated bad actors.The first fully AI-orchestrated cyberattack by a nation state has already happened.Vectra and AWS Bedrock are building autonomous agents to fight back.Agentic AI can investigate thousands of incidents and surface only what matters.Over-reliance on single tools like EDR leaves dangerous gaps in defense.Modern attacks move fluidly across identity, network, and cloud environments simultaneously.AI stitches cross-surface signals together, revealing attacks hidden in isolated events.Best practice: assume breach, expand your network definition, and layer best-of-breed solutions.Participants:Greg Murphy – Chief Business Officer, Vectra AISee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

What does the generative AI conversation actually sound like inside a boardroom? Is the board ready to govern it? And what do board members wish CISOs understood about how they make decisions? Let's find out with our guest, Vanessa Pegueros, former CISO at Docusign and U.S. Bank, and current board member at LivePerson and BECU. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. LinkedIn profile – https://www.linkedin.com/in/vanessapegueros Website – https://vanessapegueros.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

All links and images can be found on CISO Series All security startups will tell you they talk to potential customers. The problem is that you limit your development when you only talk to CISOs who might buy. It's not the same guidance you'll get from a CISO who advises. Check out this post by Val Tsanev of the Cyber Risk Alliance for the discussion that is the basis of our conversation. This week's episode is co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Steve Jensen, CISO, University of Maine System. In this episode: Building for whom? The only feedback loop that matters Valid, but for whom? Rethink the advisor roster A huge thanks to our sponsor, Material Security Legacy email security only watches the door. Material protects your entire cloud workspace—email, files, and accounts—as one ecosystem. It's more coverage for less than the cost of a legacy SEG. One price, no surprises: just security that covers the whole surface area. Learn more at material.security. 

Everyone is racing to adopt AI, but almost nobody is talking honestly about the damage it can cause. In this powerful episode of Life of a CISO, Dr. Eric Cole breaks down why companies do not need a Chief AI Officer and why AI belongs under cybersecurity leadership. From hallucinated answers and broken automation to the dangerous hype surrounding agentic AI, Dr. Cole explains why businesses are moving too fast and trusting systems that are not ready for critical decision making. Dr. Cole shares why cybersecurity is now at the center of the AI conversation and why CISOs must take ownership before companies create more chaos, confusion, and risk. He explains how attackers are already using AI at a level defenders cannot ignore and why cybersecurity teams are desperate for better detection capabilities. This episode also dives into the reality behind the AI hype. Dr. Cole challenges the promises being sold online about fully automated businesses, AI agents replacing teams, and systems that supposedly eliminate the need for human expertise. He explains why communication, judgment, and critical thinking still matter more than ever and why humans cannot blindly trust machines that confidently produce inaccurate information. Dr. Cole also shares a real example of AI giving false information about Instagram encryption and explains why relying on unchecked AI outputs can destroy credibility, hurt businesses, and create dangerous outcomes. At the same time, he reveals where AI can actually create value in cybersecurity through lateral movement detection, behavioral analysis, and faster attack identification. Instead of replacing humans, AI should be used as a tool to strengthen defenses and help organizations respond to threats before major damage occurs. If you are a current or future CISO, cybersecurity professional, executive, or business leader trying to understand what AI really means for your organization, this episode is required listening. The future of AI is not about replacing humans. It is about knowing where AI belongs and where it absolutely does not.  

All links and images can be found on CISO Series This week's episode is hosted by David Spark, producer of CISO Series and Mike Johnson, CISO, Rivian. Joining is Jean-Paul Calabio, vp and CISO, Grainger. In this episode: Scanning the map isn't securing the territory CFOs don't fund faith What your AI inherits Nobody owns the gap Thanks to Jonathan Waldrop, CISO, Acoustic for providing our "What's Worse" scenario. A huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

Struggling to get your cybersecurity budget approved? In this video, as a board-certified cybersecurity leader and former CSO, I reveal my step-by-step framework to justify security budgets to your board or executive team.Most CISOs fail because they speak in technical jargon, not in business terms. Monica shows you exactly how to align security with revenue, risk, and reputation - the only language executives care about. If you want to lead as a CISO, cyber strategist, or business enabler, this is the skill you must master.You'll learn:The biggest mistakes CISOs make when asking for budget; How to speak in business impact terms, not security jargon; Why quantifying risk is your strongest weapon; How to present a tiered plan executives can't ignoreLooking to go from chaos and unpredictability to resilience in the world of AI? Start here with The Predictability Factor newsletter at The Monica Talks Cyber (https://www.monicatalkscyber.com).