Podcasts about cyber risk

Comment on the Show by Sending Mark a Text Message.One sentence in an onboarding packet can decide what law controls your livelihood, and this story proves it. We dig into a real federal court brawl where a highly paid cybersecurity events sales executive claims he's owed about $220,000 in commissions, while his former employer tries to keep him sidelined with a sweeping nationwide noncompete.We walk through the mechanics that most people never read closely: retention bonuses tied to restrictive covenants, “trade secrets” defined as customer spend data and decision-maker access, and a commission plan that doesn't treat a signed deal as “earned” until billing, delivery, and payment conditions all clear. If you work in sales, marketing, recruiting, consulting, or any relationship-driven field, the details here will feel uncomfortably familiar.Then the case turns into a crash course in preliminary injunctions and choice-of-law strategy. The court applies Delaware law because of a boilerplate clause, and that leads to a twist: Delaware's Sunder Energy decision (yes, the one with the Girl Scout cookies analogy) makes the noncompete look overbroad. But the emergency request still fails on “irreparable harm,” meaning the employee may have to wait years for a paycheck-sized remedy while the ban stays in place. Finally, we break down the moment everything explodes on LinkedIn and triggers aggressive counterclaims.If you've ever signed page-seven paperwork without thinking, this is your wake-up call. Subscribe, share the episode with a coworker, and leave a review. What clause in your own job documents worries you most right now? If you enjoyed this episode of the Employee Survival Guide please like us on Facebook, X and LinkedIn.  We would really appreciate if you could leave a review of this podcast on your favorite podcast player such as Apple Podcasts and Spotify. Leaving a review will help other employees find the Employee Survival Guide.  For more information, please contact our employment attorneys at Carey & Associates, P.C. at 203-255-4150, www.capclaw.com.Disclaimer:  For educational use only, not intended to be legal advice. 

In this episode of the Security Insider Podcast, we speak with Alastair MacGibbon, one of Australia's most experienced cyber security and technology resilience leaders.Alastair has shaped Australian cyber security from almost every angle: as a Federal Agent with the Australian Federal Police, founder of the Australian High Tech Crime Centre, Australia's inaugural eSafety Commissioner, Special Adviser to the Prime Minister on Cyber Security, National Cyber Security Adviser, and founding executive at CyberCX.Ahead of his September conference presentation, Alastair joins us to discuss how AI is changing the threat environment, why the traditional separation between cyber, physical and insider risk is breaking down, and what physical security managers need to understand now to protect their people, facilities, information and operations.This conversation is designed to give security leaders practical ways to think about converged risk, without pre-empting the full detail of Alastair's upcoming presentation.

On Aon — Episode 116 Title: Navigating Cyber Risk, Regulation and the Reality of Fines In this Risk Capital Insight episode of the On Aon podcast, Pablo Constenla, head of coverage and claims for cyber and financial lines in EMEA for Aon, is joined by Charlie Weston-Simons, partner at A&O Shearman, to examine how leaders can stay ahead as cyber risk, regulation and financial exposure converge. As artificial intelligence accelerates the scale and sophistication of attacks and regulators expand enforcement, the discussion focuses on what it takes to translate uncertainty into action — from quantifying cyber-related fines to understanding where insurance comes into play. Drawing on Aon's Cyber Fines Report and frontline experience across incidents and investigations, the episode highlights how organizations can align legal, risk and insurance strategies to make more confident decisions and strengthen resilience at pace. Key Takeaways: AI is reshaping threat dynamics, requiring leaders to move beyond awareness and invest in quantification, scenario planning and faster response to stay ahead of evolving risks. Anticipate regulatory impact and act before enforcement does. Globally regulators are increasing scrutiny and doubling down on fines and potential leadership accountability, elevating the need for cross-border risk strategies. Cyber insurance plays an important role but is only one part of a broader resilience strategy, as organizations must prioritize preparation, response and a strong cyber risk culture to navigate increasingly complex exposures. Experts in this episode:  Pablo Constenla, Head of Coverage and Claims for Cyber and Financial Lines, EMEA, Aon Charlie Weston-Simons, Partner, A&O Shearman Key Resources: The Insurability of Cyber Fines Key Moments: (01:40) How AI is reshaping cyber risk, from enhanced social engineering to the emergence of automated attacks and new vulnerabilities (05:30) The growing complexity of regulation, including NIS2 implementation challenges and inconsistencies across jurisdictions (12:10) Why cyber incidents are now viewed as existential crises and how organizations should rethink incident response and resilience Soundbites: Pablo Constenla: “And the real challenge isn't just managing cyber risk, it's connecting the dots across legal, risk and insurance when a collective action is faced.” Charlie Weston-Simons: “I think from a legal and insurance perspective, the key issue becomes how do you manage a risk that is evolving faster than regulation and controls can adapt.”

Sean Barnes opens this episode from Nashville, having just stepped off the stage after delivering a personal branding keynote to a room of cybersecurity executives. He reflects on how unlikely this version of his life would have sounded five years ago, when he was still the extreme introvert who couldn't imagine traveling the country to speak in front of hundreds of people. In this conversation, he walks through the actual journey from quiet executive to in demand speaker, including where most people start, where most people quit, and what separates the executives who eventually own a stage from the ones who never get past their first panel. He shares the 75/25 framework he uses with anyone he coaches on keynotes, why social proof matters more than people realize, and gets honest about the emotional moments that hit him mid talk when he remembers how far he's come.   Key Moments 00:00:01 — Setting the scene in Nashville after a cybersecurity keynote, and the realization that sparked the episode 00:00:32 — The five years ago version of Sean who would have laughed at the idea of giving keynotes 00:01:23 — Why he started on panels at Gartner and Cyber Risk before ever giving a keynote 00:02:09 — The first move anyone should make: tell event organizers you want to speak 00:02:57 — What pre call prep with moderators actually looks like 00:03:16 — Where most people quit, and why one panel isn't enough 00:04:03 — Social proof, pictures from stage, and how that gets you access to bigger stages 00:04:48 — The mistake people make when they finally get offered a keynote 00:05:31 — The 75 to 80 percent core story plus 20 to 25 percent audience nuance framework 00:06:24 — What it actually feels like to be the only person on stage 00:07:10 — Reading the room: who's leaning in, who's on their phone 00:07:36 — The emotional moments mid talk when the journey hits him 00:08:03 — Marathon not sprint, plus the coaching question 00:08:27 — Why he does this in the first place   Key Takeaways Start on panels, not keynotes. The moderator carries most of the pressure, the audience splits its attention across multiple people, and your reps cost a lot less than they would solo on a stage. Sean did this for years before ever giving a keynote, and it's the lowest stakes way to find out if speaking is something you actually want to keep doing. One panel isn't enough. Reps are the whole game. The biggest reason people never become speakers isn't that they bombed their first panel. It's that they did one, walked off, and never asked for the second. The executives who keep going are the ones who get better, build social proof through pictures and posts, and end up with people coming to them. Your story is 75 to 80 percent of every talk you give. The other 20 to 25 percent is audience. When event organizers ask what you want to talk about, the worst answer is "whatever you want." Have a core narrative you can repeat across every stage and then tweak the remaining slice to land with the room in front of you. HR executives need a different flavor than technology executives, but the spine of the story stays the same.   Podcast Show Notes – Episode 283 | 05.26.2026 Episode Title: How Do You Start Speaking on Stage When You're an Introvert? Sean Barnes Breaks Down the Process     Host: Sean Barnes Website: https://www.wolfexecutives.com   https://www.seanbarnes.com   LinkedIn: https://www.linkedin.com/in/seanbarnes/ https://www.linkedin.com/company/wolfexecutives https://www.linkedin.com/company/thewayofthewolf/ LinkedIn Newsletter: https://www.linkedin.com/newsletters/7284600567593684993/   Twitter: https://x.com/seanbarnes https://x.com/wolfexecutives   Instagram: https://www.instagram.com/the_seanbarnes https://www.instagram.com/wolfexecutives   TikTok: https://www.tiktok.com/@the_seanbarnes   Facebook: https://www.facebook.com/theseanbarnes

Madeline Sedgwick — Cyber Threat Analyst at Palo Alto Networks and a DUUUUVALLL lifer No Password Required Season 7: Episode 5 – Madeline Sedgwick   Madeline Sedgwick is a  Cyber threat Researcher and Threat Analyst at Palo Alto Networks Unit 42, specializing in nation-state cyber activity, covert infrastructure, and cyber intelligence analysis. Before entering the private sector, she spent six years in the U.S. Navy as an intelligence specialist, helping support some of the earliest cyber operations under United States Cyber Command. In this episode, Madeline shares her journey from joining the Navy to becoming one of the first certified cyber targeteers supporting offensive cyber operations. She discusses the realities of tracking covert threat actor infrastructure, why defenders must understand adversary behavior beyond alerts and signatures, and how intelligence analysis helps uncover the bigger picture behind cyber campaigns. 
Jack Clabby and co-host Sarina Gandy talk with Madeline about fusion analysis, cyber warfare, leadership, and the challenges of translating highly technical investigations into actionable insights for government and industry leaders. She also reflects on the importance of humility in leadership, mentoring, and learning to navigate high-pressure situations with confidence and curiosity. 
In the Lifestyle Polygraph, Madeline debates cybersecurity in the Star Wars universe, explains her Weird Al Yankovic Dragon Con costume, reflects on her time playing bass in a metal band, and proudly shares why Jacksonville, Florida, will always be home.   Follow Madeline on Linked in: https://www.linkedin.com/in/mesedgwick/ Chapters:  02:10 Intro-Madeline Sedgwick  09:00 The Role of Cybersecurity in National Security 12:08 Understanding Covert Networks and Threat Intelligence 14:52 Fusion Analysis in Cybersecurity 18:04 The Importance of Distinguishing Threats 20:52 Challenges in Cybersecurity Response 23:58 Briefing Decision Makers on Cyber Threats 27:52 Understanding Adversary Intent and Risk Communication 30:12 Leadership Lessons from the Navy 34:33 The Importance of Mentorship in Career Development 37:30 The Lifestyle Polygraph: A Fun Twist on Cybersecurity 41:04 Embracing Creativity and Personal Expression 45:50 Pride in Roots: The Jacksonville Connection

Podcast: ICS Cyber Talks PodcastEpisode: Liron Ner VP Engineering & Oren Valdman ResiliOTech product manager @DVplan on Cyber Risk AssessmentPub date: 2026-05-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationהשגרה המקובלת בעולמות אבטחת המידע מבוססת על מחזוריות מתמדת: ביצוע סקר סיכוני סייבר, גיבוש תוכנית פעולה, תיקון פערים ומבדקי חדירות – תהליך החוזר חלילה מדי 12 עד 18 חודשים. למרות ההתקדמות הטכנולוגית בתחום הגנת הסייבר, סקר סיכוני הסייבר נותר אחד התהליכים הבודדים שכמעט ולא השתנו. הוא עדיין נשען במידה רבה על הידע האישי של הסוקר, מומחיותו והמתודולוגיה הנבחרת על ידו. בעתיד הקרוב מגמה זו עשויה להשתנות, עם כניסתם לשימוש של מודלי שפה גדולים במוצר כמו רזיליוטק לעיבוד תשובות משאלונים והצלבתן מול מתקפות סייבר בפועל, סקרי סיכונים אחרים ותקני התעשייה המקובלים. נחשון פינקו מארח את לירון נר, סמנכ"ל הנדסה וטכנולוגיה, ואת אורן ולדמן, מנהל מוצר רזילויוטק בחברת די.וי פלאן בדיון על אופטימיזציה של סקרי סיכוני סייבר במטרה להשיג תוצאות טובות יותר, תוכניות עבודה יישומיות ותיקון פערים אפקטיבי.  The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Despite rapid digital acceleration across Southeast Asia, enterprises remain trapped in a costly cycle of reactive cybersecurity and third-party risk management. Fragmented vendor ecosystems, opaque AI integrations, and siloed threat data force CISOs into perpetual firefighting rather than strategic anticipation. As regulatory expectations tighten and attack surfaces expand through generative and agentic AI, waiting for incidents to strike is no longer viable. Regional leaders must pivot from compliance-driven checkboxes to intelligence-led oversight. By unifying external threat intelligence, continuous vendor monitoring, and AI-augmented analytics, ASEAN organisations can break the reactive loop and build resilient, forward-looking risk architectures.In this PodChats for FutureCISO, Mark Harris, solutions sales director APAC, for Diligent offers some practice insights and recommendations for how organisations in Asia can move out of reactive cyber habits in 2026.1.       How are ASEAN enterprises currently measuring the gap between reactive incident response and proactive threat intelligence, and which metrics best validate a shift toward predictive oversight?2.       Where do traditional third-party risk frameworks fall short in anticipating systemic cyber exposures introduced by agentic AI and cross-border cloud vendors?3.       How can CISOs operationalise external threat intelligence and regional peer benchmarking to pre-emptively adjust controls before attackers or regulators force a reaction?4.       What balance should organisations strike between AI-driven automation for vendor assessments and human-led judgement for nuanced, jurisdiction-specific supply chain risks?5.       Which intelligence-led reporting narratives are successfully converting technical cyber and third-party exposures into actionable board-level strategy across diverse ASEAN markets?6.       How are divergent regional data and AI regulations (e.g., PDPA, MAS, BSSN, NPC) creating reactive compliance silos, and what unified frameworks can harmonise oversight?7.       What underutilised data signals or external intelligence sources could transform your organisation from reactive firefighting to continuous, predictive risk management?8.       As AI-augmented vendor ecosystems become more autonomous, what new governance models will CISOs need to maintain intelligence-led oversight without stifling regional innovation?

CyberSmart, a leading provider of cyber risk management for small businesses, has released findings from its third annual MSP Survey, revealing that economic pressures are pushing cybersecurity down the priority list for many Irish SMEs, even as cyber threats and supply chain risks continue to grow. The CyberSmart MSP Survey 2026 found that 42% of MSP customers are more concerned about operational challenges such as rising costs and inflation than cybersecurity risks, despite an increasingly hostile threat landscape. At the same time, AI-driven threats were named the top cybersecurity concern for MSPs (49%). The 2026 research, conducted by OnePoll, features insights from 100 MSP leaders across Ireland, spanning a range of industries and supporting customers with between 1 and 250+ employees. MSPs Remain Prime Targets for Cybercriminals Over three quarters (77%) of MSPs admitted to suffering at least one cyber breach in the last 12 months, with 59% reporting two or more breaches and 40% experiencing three or more incidents. The findings demonstrate that repeat attacks remain commonplace and that MSPs continue to represent valuable targets for cybercriminals due to their privileged access to customer systems and data. MSPs ranked AI-related threats as the biggest risk facing their organisation (49%), followed by inflation and spiralling costs (43%) and then ransomware/malware infections (40%). Operational concerns such as inflation have climbed sharply up the list of threats facing MSPs over the past year. This reflects the wider economic uncertainty affecting businesses across Ireland. Supply chain risk has also increased in prominence, with over half (52%) of MSPs and their customers reporting that they had experienced a cyber incident caused by or originating from a supplier or third-party vendor in the past year. Of those supply chain incidents: 48% affected only the customer 13% affected only the MSP 33% affected both the MSP and the customer This means that 46% of incidents involved the MSP directly in some way, underlining the critical role MSPs now play within increasingly interconnected supply chains. Economic Pressures Overtaking Cyber Concerns The research found that half of MSPs believe that their customers are now more vulnerable to cyber threats than they were 12 months ago. This is significantly less than their British counterparts, where 62% believe their customers are at greater risk. However, when asked about the biggest risks facing customers, MSPs said inflation and rising operational costs were viewed as a greater concern than ransomware, unpatched vulnerabilities or emerging threats. According to MSP respondents: 42% cited inflation and spiralling costs as customers' top concern 41% cited ransomware or malware infections 32% cited exploitation of unpatched or undisclosed vulnerabilities 30% cited emerging AI threats The findings suggest that many SMEs are focusing on immediate financial pressures and operational resilience ahead of cyber preparedness, despite the growing sophistication and frequency of attacks. Despite this, MSPs reported that the vast majority (92%) of their customers demonstrate average or above-average levels of cybersecurity awareness. For British MSPs, this awareness sat lower at 85%. Compliance and Continuous Monitoring Becoming Business Priorities Customer expectations of MSPs are also evolving, with 57% of customers now expecting support with cybersecurity compliance requirements in addition to traditional IT and security services. In response, 62% of MSP leaders say that they've increased spending when it comes to specialist regulatory and compliance support over the past year. However, the research also revealed significant gaps in supply chain oversight. Two thirds (66%) of MSPs do not continuously monitor supply chain risk, while 45% assess supplier risk only quarterly and 13% only annually. The percentage of those who do not continuously monitor is significantly higher than ...

השגרה המקובלת בעולמות אבטחת המידע מבוססת על מחזוריות מתמדת: ביצוע סקר סיכוני סייבר, גיבוש תוכנית פעולה, תיקון פערים ומבדקי חדירות – תהליך החוזר חלילה מדי 12 עד 18 חודשים. למרות ההתקדמות הטכנולוגית בתחום הגנת הסייבר, סקר סיכוני הסייבר נותר אחד התהליכים הבודדים שכמעט ולא השתנו. הוא עדיין נשען במידה רבה על הידע האישי של הסוקר, מומחיותו והמתודולוגיה הנבחרת על ידו. בעתיד הקרוב מגמה זו עשויה להשתנות, עם כניסתם לשימוש של מודלי שפה גדולים במוצר כמו רזיליוטק לעיבוד תשובות משאלונים והצלבתן מול מתקפות סייבר בפועל, סקרי סיכונים אחרים ותקני התעשייה המקובלים. נחשון פינקו מארח את לירון נר, סמנכ"ל הנדסה וטכנולוגיה, ואת אורן ולדמן, מנהל מוצר רזילויוטק בחברת די.וי פלאן בדיון על אופטימיזציה של סקרי סיכוני סייבר במטרה להשיג תוצאות טובות יותר, תוכניות עבודה יישומיות ותיקון פערים אפקטיבי.  

At RIMS RISKWORLD 2026, Meredith Schnur of Marsh joins Carrier Management’s Elizabeth Blosfield to discuss how organizations are evolving their cyber strategies through better risk analytics, measurement, and … Read More » The post Cyber Risk Is No Longer Just an Insurance Problem appeared first on Insurance Journal TV.

Cybersecurity is no longer just a technical issue, it is now a human, business, and financial system challenge.In this episode of Couchonomics with Arjun, Arjun is joined by Ralph Echemendia, Ethical Hacker and Cyber Security Expert, for a sharp conversation on hacking psychology, cybercrime, AI-driven fraud, and why financial institutions need to rethink security.Ralph explains why some of the most dangerous attacks are not built on complex code, but on human vulnerability, trust, and social engineering.From banks and insider threats to AI, quantum computing, and the myths Hollywood created around hackers, this episode looks at the real risks sitting behind digital finance today.

Send us Fan MailCybersecurity is unlike any other Industry or environment I've ever covered. But more than the technology, the intriguing players and the somewhat spooky elements surrounding it, is how the things we discuss on this podcast impact nearly every element of our day-to-day lives. It's not just how artificial intelligence is impacting email phishing schemes, but how clicking on that link could let a state-sponsored hacker steel login credentials for obtaining access to an industrial control system that is not only used by a power tool manufacturer, but by a defense contractor or water treatment facility.The interconnected nature of the industrial sector makes an appreciation for cybersecurity vital to the ongoing safety and success of manufacturing – which, again, impacts nearly every facet of every person's daily life.That's why I enjoy talking to people like Aaron Shraberg, Senior Team Lead at Flashpoint – a leading provider of threat landscape intelligence. The stuff Aaron talks about is frightening, which is another challenge of covering cybersecurity – balancing education with data sharing without fear mongering. But I'd encourage you to really wach/listen as Aaron talks about the evolution of threats from China, Russia and Iran, and how cyber threats are converging with physical battlefields to fuel threats thousands of miles from where the missiles are flying. The bottom line is – we're all connected and we're all impacted, so we need to be prepared - regardless of how far removed you think you are. There's also good news in terms of solutions, which can start with sharing some of this scary information. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us Fan MailNext Peak:   https://nextpeak.net/services/icr/A regional conflict can spike your cyber risk even if your offices never move and your headcount never changes. That is the uncomfortable reality behind geopolitical cyber risk, and it is why I brought on Helen Lee, Director of Intelligence Cyber Research at NextPeak, to break down how global flashpoints turn into real security problems for businesses of every size. If your security program only reacts to today's alerts, you are already behind the curve. We dig into what “geopolitical cyber risk” actually means, why awareness so often fails to become action, and how to bridge that gap with practical, decision ready outputs. Helen shares concrete examples that make the risk feel real: how hardware and supply chains can become national security issues, why router ecosystems can create broad exposure, and how second and third order effects in semiconductor production can introduce new vulnerabilities across your tech stack. We also talk about the World Economic Forum data showing that organisations expect geopolitical tensions to increase cyber risk while many are still adjusting their posture. From there, we get operational. We cover where this work fits in an existing security stack, how to “bake it in” at the governance, risk, and compliance layer, and why threat intelligence teams will be critical for monitoring geocyber indicators and handing off actionable guidance to the SOC and leadership. Helen walks through offerings like a geopolitical cyber risk index, assessments, advisory support, customised reporting, and future focused tabletop exercises that test readiness for plausible scenarios years ahead. If you are studying for the CISSP, this conversation ties directly to Security and Risk Management, third party risk, supply chain risk, and communicating risk to executives and boards. Subscribe for more practical CISSP focused conversations, share this with a security leader who owns vendor risk, and leave a review so more people can find the show. What is the biggest geopolitical risk you think your organisation is ignoring right now?Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Sean Kevelighan, CEO, Insurance Information Institute, and Mark Grazman, CEO, Fenix24, discuss the evolving cyberthreat landscape and insurers' increasing focus on resilience, recovery and preparedness.

Jonathan Spry, co-founder and CEO of reinsurance startup Envelop Risk, talks to Sir Richard Harpin about how cyber-attacks are now inevitable for modern businesses — and how business leaders can mitigate the risks. From ransomware and Black Swan events to AI-generated threats, Jonathan reveals how his company uses AI and advanced analytics to model catastrophic cyber scenarios for insurers around the world. He also shares how he scaled a Bristol-based B2B business, raised major investment and built competitive moats. Also, how many Jonathans has he hired? Topics covered:InsuranceArtificial IntelligenceB2BSalesCyber attacksBlack SwanGeopoliticsInvestmentQuantum ComputingLeadershipHiring talentLondon and IPOBristolMentoringBusiness Leader is a membership community for ambitious CEOs and founders of mid-sized UK companies, designed to help them grow with purpose through strategic support, peer-to-peer learning, expert coaching, and high-impact events. Join the Business Leader community here and sign up for our newsletter here. Hosted on Acast. See acast.com/privacy for more information.

In this episode of UC Today, host Kristian McCann sits down with Bill Dunnion, Chief Information Security Officer at Mitel, to unpack one of the most persistent challenges in enterprise security: getting cybersecurity onto the C-suite agenda before disaster strikes.In this candid conversation, Mitel's CISO Bill Dunnion explains why security still struggles to compete with revenue targets at the executive level, and what needs to change.Rather than framing cybersecurity as a technical issue, Dunnion argues the case for repositioning it as a core business enabler—one that directly impacts revenue, competitiveness, and customer trust. Whether you're a business leader trying to understand your true exposure or a security professional struggling to make risk resonate at board level, this discussion offers practical, real-world insight you can apply immediately. Key topics include:

Ryan Burke, VP of Worldwide Sales at Crogl, joins Sam Jacobs, AJ Bruno, and Asad Zaman on the new economics of enterprise cyber risk. Topics include Anthropic's Mythos model, AI for the security operations center, why vibe-coded apps are far more likely to have security issues, why Claude Design tanked Figma's stock, and what the Elon Musk versus OpenAI lawsuit signals for AI governance. Key takeaways: AI has crashed the cost of running sophisticated attacks, putting nation-state-grade tooling in the hands of low-skill operators. As Ryan Burke, VP of Worldwide Sales at Crogl, put it on Anthropic's Mythos model: "Mythos has lowered the cost to like the dollar menu equivalent of...running an attack...so more people can do it." Enterprises are staring down a multi-year patching backlog that runs from now until the end of time. Non-technical teams in finance, ops, and HR are shipping internal tools using Replit and Claude, and almost none of them are securing what they build. Ryan Burke flagged the research: "vibe-coded software is almost 3 times as likely to have security issues." When the employee who built the agent quits, the agent stays behind with no owner, no documentation, and quiet access to systems it never should have had in the first place. For founders eyeing an exit, security has joined revenue, IP, and hitting your numbers as a non-negotiable diligence pillar. As Ryan Burke explained: "lack of security can kill an acquisition...a fourth pillar now is you're secure." Acquirers like JPMorgan Chase will not buy a fintech startup that turns into a vector for attackers to walk straight into their environment. The market case for NRR-fortress legacy SaaS may be weaker than the last decade made it look. As Asad Zaman, CEO of Sales Talent Agency, argued: "there was a generation of software companies that had signs that they had really good customer relationships...but their customers felt more like prisoners." If AI makes switching cheap and a new generation of software actually delights users, the moats around system-of-record incumbents start to compress fast. Connect with the hosts and guest:  Host: Sam Jacobs, CEO at Pavilion - https://www.linkedin.com/in/samfjacobs/  Host: AJ Bruno, CEO at QuotaPath - https://www.linkedin.com/in/ajbruno3/  Host: Asad Zaman, CEO at Sales Talent Agency - https://www.linkedin.com/in/azaman1/  Guest: Ryan Burke, VP Worldwide Sales at Crogl - https://www.linkedin.com/in/ryan-burke-bos/ Topline is more than a YouTube Channel:  Subscribe to Topline Newsletter: https://toplinemedia.substack.com/  Tune into Topline Podcast, the #1 podcast for founders, operators, and investors in B2B tech: https://www.joinpavilion.com/topline-podcast  Join the free Topline Slack channel to connect with 600+ revenue leaders to keep the conversation going beyond the podcast: https://www.joinpavilion.com/topline-slack Chapters:  00:00 Introducing Ryan Burke 03:14 Anthropic Mythos and Cyber Risk 04:20 How Attackers Use AI at Scale  07:00 Dollar Menu Attacks Explained  10:41 AI for the Security Ops Center  14:53 Why Claude Tanks Figma's Stock  18:30 Sam's Advice on Falling Stocks  20:50 Are Legacy SaaS Companies Back?  24:04 The Vibe-Coding Risk Surface  27:56 Quiz Pro: Cybersecurity Edition  33:46 Replit Apps Inside Enterprises  40:18 Security as the M&A Fourth Pillar  44:17 Personal Data and Digital Legacy  47:24 Bulls vs Bears: Elon vs OpenAI  52:03 Will ServiceNow Hit $32B?

This Wednesday on The Brian Crombie Hour, two powerful conversations explore how technology is reshaping both our institutions and our humanity.In Part One, Brian is joined by Daniel Zborovski, President of Hudson Technology, for a timely discussion on the rapidly evolving world of cybersecurity.As AI-powered threats become more sophisticated, organizations face new vulnerabilities that go far beyond traditional IT concerns. From phishing scams and voice impersonation to the growing risks around weak authentication systems, the conversation highlights why cybersecurity has become a core business and leadership issue.Brian and Daniel discuss:The rise of AI-driven cyber attacksWhy human behaviour remains the greatest security vulnerabilityWhy SMS authentication is increasingly unsafeAnd why boards and executives must now treat cybersecurity as a strategic priorityThis is no longer a future problem.It's happening now — and every organization is exposed.In his closing commentary, Brian turns to a deeper and more philosophical question: how artificial intelligence may be transforming not only work and economics, but human relationships themselves.Drawing on recent conversations with Daniel Zborovski, John Ruffolo, and Eugene Lang — as well as a provocative New York Times discussion about AI and inequality — Brian examines how AI is concentrating power, outpacing institutions, and reshaping society faster than governments and leaders can respond.But beyond economics lies a more personal concernWhat happens when machines begin simulating empathy, attention, and understanding?But it cannot truly care, sacrifice, commit, or love.And in a world increasingly mediated by technology, that distinction may become one of the defining questions of our time.Will we continue choosing the difficult, deeply human work of real connection — or settle for the illusion of it?

In this brief episode, Kevin Szczepanski breaks down the critical importance of cybersecurity risk assessments, explaining legal requirements across industries, what a robust risk assessment looks like, and how organizations must use these insights to bolster their security posture. Aimed at cybersecurity professionals and organizational leaders, the discussion offers practical steps for compliance and security improvement.

Qualys ANZ managing director Sam Salehi joins the Cyber Uncut podcast to expose the expanding AI attack surface, the governance gaps exposing organisations, and why boards must translate cyber risk into dollars to take it seriously. This week on the Cyber Uncut podcast, host Liam Garman speaks with Qualys ANZ managing director Sam Salehi about the rapidly evolving "AI attack surface" – from shadow AI usage and prompt injection risks to data leakage and model vulnerabilities – and why a lack of visibility is leaving businesses exposed before they even realise it. Salehi outlines the core problem facing security leaders: organisations often don't know what AI tools are already in use, let alone how to secure them. The conversation explores how fragmented tooling, poor asset inventory, and missing business context are undermining risk management efforts, while boards continue to push AI adoption for efficiency gains. Salehi argues that leaders are flying blind, prioritising the wrong threats while leaving critical exposures unaddressed. From data minimisation and API security to continuous monitoring and the rise of the "risk operations centre", Salehi emphasises the need for a unified, risk-based approach. His bottom line is blunt: in an environment where exploitation timelines are shrinking to hours, the only metric that matters is how quickly organisations can detect and close exposure – before attackers do. Enjoy, The Cyber Uncut team

Your controls aren't failing. The spaces between them are. That's the uncomfortable truth Jon Marler, Director of Product Management and Cybersecurity Evangelist, sits down to unpack with Whitney Ruggles, VP of Marketing, in Episode 1 of Business Uninterrupted, VikingCloud's new podcast series on cybersecurity and compliance. In this episode, Jon breaks down the one belief he still sees CISOs holding on to that no longer reflects how attacks actually happen. Read the blog it's based on: https://bit.ly/4bFtMFF. #Cybersecurity #Quishing #AIinCybersecurity #CyberRisk #BusinessUninterrupted

Qualys ANZ managing director Sam Salehi joins the Cyber Uncut podcast to expose the expanding AI attack surface, the governance gaps exposing organisations, and why boards must translate cyber risk into dollars to take it seriously. This week on the Cyber Uncut podcast, host Liam Garman speaks with Qualys ANZ managing director Sam Salehi about the rapidly evolving "AI attack surface" – from shadow AI usage and prompt injection risks to data leakage and model vulnerabilities – and why a lack of visibility is leaving businesses exposed before they even realise it. Salehi outlines the core problem facing security leaders: organisations often don't know what AI tools are already in use, let alone how to secure them. The conversation explores how fragmented tooling, poor asset inventory, and missing business context are undermining risk management efforts, while boards continue to push AI adoption for efficiency gains. Salehi argues that leaders are flying blind, prioritising the wrong threats while leaving critical exposures unaddressed. From data minimisation and API security to continuous monitoring and the rise of the "risk operations centre", Salehi emphasises the need for a unified, risk-based approach. His bottom line is blunt: in an environment where exploitation timelines are shrinking to hours, the only metric that matters is how quickly organisations can detect and close exposure – before attackers do. Enjoy, The Cyber Uncut team

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: Cyber Risk in Construction: Securing AEC Projects in a Digital, AI-Driven WorldPub date: 2026-04-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationConstruction sites are no longer just physical - they're digital, connected, and increasingly vulnerable. In this episode of Protect It All, host Aaron Crow sits down with Lee Carsten to explore the rising cyber risks across the architecture, engineering, and construction (AEC) industry. As digital transformation accelerates - with AI, digital twins, and connected building systems becoming standard - construction projects are expanding their attack surface in ways many organizations don't fully understand. Aaron and Lee unpack the unique challenges facing AEC environments, from fragmented systems and evolving workflows to the growing need for integrating cybersecurity into business decisions - not just IT functions. You'll learn: Why construction and infrastructure projects are becoming prime cyber targets How digital transformation and AI are reshaping risk in AEC environments The role of building management systems (BMS) and OT in modern projects Why foundational controls and human awareness still matter most How to align cybersecurity with real-world construction workflows Practical strategies to build resilience into projects from day one Whether you're in construction, engineering, IT, or OT security, this episode delivers real-world insights to help you protect the infrastructure we rely on every day. Tune in to learn how to secure modern construction in a connected world - only on Protect It All. Key Moments:  05:39 Importance of interpersonal skills 08:08 Construction security and recent projects 11:46 Challenges in AEC industry adoption 19:30 Importance of disaster recovery 20:31 Discussing costs of business interruptions 24:06 RFP process and bid management 27:25 Complexity of building projects 32:02 FBI investigation triggers and readiness 36:55 Managing complex building assets 39:37 Choosing durable equipment and future tech 42:01 Understanding OT data for security About the guest :  Lee Carsten's journey in technology began in the era of punch cards - painstakingly sorted and fed into compilers, where a single fumble could mean hours' worth of work undone. Lee studied COBOL in college, envisioning a future as a programmer. That path nearly led to Walmart, where Lee's mother worked on the company's pioneering buyer decision support system under Randy Mott. While the family connection and an offer from Kevin Turner to join a new team were tempting, Lee ultimately decided against moving to Bentonville and working for $18,000 annually. This early exposure to large-scale business technology, combined with pivotal career choices, shaped Lee Carsten's perspective on IT and the evolving world of software development. How to connect Lee: https://www.linkedin.com/in/leecarsten/ Website: https://whitecaprisk.com/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The Institute of Internal Auditors Presents: All Things Internal Audit Tech  In this episode, Adam Ross speaks with Vipul Patel about how organizations can better prepare for ransomware attacks. They talk through what goes wrong in the first hours of an attack, what smart preparation looks like, and where traditional audit approaches fall short when a business is in crisis mode.   HOST: Adam Ross, CIA, CISA Partner and Internal Audit Services Leader, Grant Thornton   GUEST: Vipul Patel, CISA Audit and Assurance Managing Director, IT Internal Audit Leader, Deloitte & Touche LLP   KEY POINTS: Introduction [00:00:02-00:00:27] Common Mistakes in Ransomware Response [00:00:27-00:02:14] Building Crisis Communication Plans [00:02:20-00:03:03] A Simple Incident Response Runbook [00:03:03-00:05:03] Internal Audit's Role Before an Incident [00:05:03-00:07:05] Stress Testing and "What If" Scenarios [00:07:05-00:08:01] Tabletop Exercises and Cross-Functional Readiness [00:08:02-00:10:03] Partnering With the CISO and Management [00:10:03-00:11:15] Lessons Learned After Ransomware Incidents [00:11:15-00:14:05] Governance Changes After an Attack [00:14:55-00:16:55] Cyber Risk as a Business Issue [00:16:55-00:17:16] Traits of Organizations That Respond Well [00:17:20-00:19:44] Final Advice for Internal Auditors [00:19:44-00:20:56] Visit The IIA's website or YouTube channel for related topics and more.   IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Global Internal Audit Standards Cybersecurity Topical Requirement Course: Detecting, Mitigating and Responding to Global Ransomware Attacks Articles: A Ransomware Playbook IIA Certificates: IT General Controls Certificate Knowledge Centers: Artificial Intelligence Vison 2035 IIA Courses: Fundamentals of IT Auditing Become a Certified Internal Auditor (CIA) CIA Challenge Exam   Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer

Send us Fan Mail

In this episode of Robots and Red Tape, Nick Schutt welcomes Cat Casey (TechnoCat), Chief Legal AI Futurist for Masters AI and author of the newly released AI and Legal Tech.Cat brings 20 years of experience—from leading tech at Gibson Dunn to building forensic programs and now educating the industry—along with her signature sparkly perspective. The two friends reflect on Legal Week's evolution, debate the future of the billable hour, discuss the disappearing training path for junior lawyers, unpack law-firm cybersecurity risks (including shadow AI), and explore why basic AI literacy is quickly becoming a professional necessity.From Picasso analogies to real-world hallucination cases and the critical importance of keeping humans in the driver's seat, this conversation is packed with timely, actionable insights.Guest: Cat Casey (TechnoCat) LinkedIn: https://www.linkedin.com/in/catherineacasey/Watch the full conversation

Dale Jordan, Perspectives Cyber and Technology Advisors, on Ransomware, Vendor Security, and Cyber Risk for Small Businesses and Nonprofits (North Fulton Business Radio, Episode 953) In this episode of North Fulton Business Radio, host John Ray welcomes Dale Jordan, Founder and Principal of Perspectives Cyber and Technology Advisors, a North Georgia-based firm that helps small and […]

AGENDA: 00:00 — Anthropic Unveils Mythos: The Model "Too Good at Hacking" to Release 05:56 — Why Mythos is a Quantum Leap in Cyber Risk 10:11 — The "Boy Who Cried Wolf": Jason's Critique of Dario Amodei 14:00 — The Oppenheimer Moment: Are Founders Using Doom as a Marketing Tool? 19:22 — Amazon's $20B Secret: Is NVIDIA's Chip Stranglehold Finally Loosening? 22:28 — Claude vs. Lovable & Replit: Anthropic Moves into App Building 25:24 — The 60% Death Spiral: Why Public SaaS Stocks are Entering a Doom Loop 39:51 — Meta Debuts Muse Spark: Alex Wang's First Model from Super Intelligence Labs 44:18 — OpenAI's $50B Ad Vision: The Plan to Monetize Intelligence 53:50 — Token Maxing: How CIOs are Reclaiming Control Over AI Budgets 57:57 — SpaceX's Leaked Financials: The Math Behind the $2 Trillion IPO 1:08:00 — Thoma Bravo Shuts Growth Equity 1:16:18 — Who IPOs First; OpenAI or Anthropic?  

Rob Demain, CEO, e2e assure : The Mythos Moment: Cyber Risk Gets Smarter full 662 Fri, 10 Apr 2026 20:37:46 +0000 LmEAi5bfwW86vfa1NPNdznT82yS0QAFj business CEO Spotlight business Rob Demain, CEO, e2e assure : The Mythos Moment: Cyber Risk Gets Smarter David Johnson CEO Spotlight 2024 © 2021 Audacy, Inc. Business False https://player.amp

On this episode of the Insurance Coffee House, Nick Hoadley is joined by Beth Boucher, an experienced independent director with a portfolio spanning Hiscox, Coforge, and Specialty Insurance. Beth brings over 30 years of experience across technology, insurance, and business transformation, with a career built around using technology to drive operational change and growth.Beth shares how she transitioned from a full-time executive career into a portfolio of board roles, advisory work, and fractional CIO positions. She explains why that shift happened after COVID, how she approached building a board career intentionally, and what she learned early on about the difference between operating roles and governance.The conversation explores how to secure a first board role, including the importance of signalling your transition clearly to your network and recruiters, repositioning your profile, and being deliberate about the type of roles you pursue. Beth also shares her experience of board certification, why she chose to do it before securing her first role, and how it helped her understand the responsibilities and expectations of a non-executive director.Nick and Beth discuss the realities of board work, including onboarding into complex organisations, managing large volumes of board material, and building an understanding of areas outside your core expertise. Beth explains how directors can stay effective by committing to continuous learning, understanding their blind spots, and using the resources available within the board and management team.The episode also explores board dynamics and culture, with Beth emphasising the importance of fit, trust, and open challenge in the boardroom. She highlights why board appointments are always a two-way decision, and how interpersonal dynamics can be just as important as technical expertise.Beyond governance, the conversation looks at corporate social responsibility (CSR) and the role boards play in shaping meaningful impact. Beth shares examples of initiatives focused on education, community access, and environmental programmes, and explains how these efforts support employee engagement, brand reputation, and long-term value creation.The discussion closes with a practical look at cyber risk and technology oversight. Beth outlines the key questions boards should be asking around cybersecurity, including risk appetite, asset protection, resilience planning, and incident response. She also highlights the growing importance of AI and why all board members need a baseline understanding of both cyber and emerging technologies.This episode provides a clear view of how modern board careers are built, how governance expectations are evolving, and what boards need to focus on as technology and risk continue to change.Connect with Beth Boucher on LinkedIn to follow her work across insurance, technology, governance, and board leadership.The Insurance Coffee House Podcast is brought to you by Insurance Search.We are a global Insurance Executive Search Consultancy, supporting Insurance and Insurtech businesses to attract and retain the very best insurance talent.Find out more about showcasing your employer brand as a guest on the Insurance Coffee House Podcast or sign up to our News and Insights.Or follow us on LinkedIn, Twitter or Instagram.Insurance Executive Search Consultants in USA, London and Bermuda.Copyright Insurance Search 2025 - All Rights Reserved.

In today's rapidly shifting geopolitical landscape, cyber threats have become a frontline tactic—not through sophisticated zero-day exploits, but through the exploitation of basic security gaps like weak credentials, unpatched systems, and misconfigured environments. In this episode of the Connection Cybersecurity Podcast, host Kim Coombes is joined by security experts John Chirillo and Rob Di Girolamo to unpack the reality of modern cyber conflict. Together, they explore how nation-state actors, ransomware groups, and hacktivists are converging, why critical infrastructure and mid-sized organizations alike are increasingly at risk, and how “proxy targeting” makes every company part of a larger attack surface. The conversation challenges common assumptions about cybersecurity, emphasizing that today's greatest risk isn't lack of advanced tools—but failure to address fundamental security hygiene and identity protection. Listeners will walk away with a clearer understanding of how cyber warfare is evolving, how it impacts organizations indirectly, and what practical steps leaders must take now to reduce exposure and strengthen resilience. 

Stephen Grootes speaks to Sibusiso Sishi, a cybersecurity analyst and Director at IronSky South Africa, after Liberty Group confirmed a data breach involving unauthorised access to parts of its systems. While the company says it has contained the incident and operations remain unaffected, limited detail on the extent of the breach, the type of data compromised, and the number of affected clients raises broader concerns around transparency, cyber resilience, and customer risk. The incident also comes against the backdrop of Liberty’s 2018 breach, highlighting the persistent and evolving nature of cyber threats facing financial institutions, as well as the potential financial, reputational, and regulatory consequences in an environment where data protection has become increasingly critical. The Money Show is a podcast hosted by well-known journalist and radio presenter, Stephen Grootes. He explores the latest economic trends, business developments, investment opportunities, and personal finance strategies. Each episode features engaging conversations with top newsmakers, industry experts, financial advisors, entrepreneurs, and politicians, offering you thought-provoking insights to navigate the ever-changing financial landscape.    Thank you for listening to a podcast from The Money Show Listen live Primedia+ weekdays from 18:00 to 20:00 (SA Time) to The Money Show with Stephen Grootes broadcast on 702 https://buff.ly/gk3y0Kj and CapeTalk https://buff.ly/NnFM3Nk For more from the show, go to https://buff.ly/7QpH0jY or find all the catch-up podcasts here https://buff.ly/PlhvUVe Subscribe to The Money Show Daily Newsletter and the Weekly Business Wrap here https://buff.ly/v5mfetc The Money Show is brought to you by Absa     Follow us on social media   702 on Facebook: https://www.facebook.com/TalkRadio702 702 on TikTok: https://www.tiktok.com/@talkradio702 702 on Instagram: https://www.instagram.com/talkradio702/ 702 on X: https://x.com/CapeTalk 702 on YouTube: https://www.youtube.com/@radio702   CapeTalk on Facebook: https://www.facebook.com/CapeTalk CapeTalk on TikTok: https://www.tiktok.com/@capetalk CapeTalk on Instagram: https://www.instagram.com/ CapeTalk on X: https://x.com/Radio702 CapeTalk on YouTube: https://www.youtube.com/@CapeTalk567 See omnystudio.com/listener for privacy information.

Modern ships are more connected, more automated, and more exposed than ever before. In this episode of the ShorelineHudson Maritime Risk Podcast, we move beyond theory and into operational reality. What happens when navigation systems don't fail… but quietly degrade? When everything appears to be working, yet the data guiding the vessel is no longer trustworthy? Drawing on real-world developments, including escalating GNSS disruption in high-risk regions, Captain Thomas Brown and Andrew Sallay (Cequra) explore a critical and often misunderstood risk: the danger of ambiguity at sea. From degraded positioning signals and decision-making under pressure, to the erosion of traditional seamanship skills and over-reliance on connected systems, this episode reveals how modern vessels can drift into a fragile state, without warning. Most importantly, it examines what can be done about it. If Episode 1 explored how fragility builds, Episode 2 shows what happens when that fragility meets reality. A must-listen for shipowners, operators, and anyone responsible for safe navigation in an increasingly complex risk environment.

The episode highlights a structural shift in the cyber insurance market, marked by increasing reliance on risk analytics and automation for underwriting and claims management. Companies like CyberWrite and its CyGPT platform exemplify this move, leveraging artificial intelligence and large language models (LLMs) to support decisions around risk evaluation, policy underwriting, and post-incident analysis. The discussion points to a broader trend where insurers, seeking profitability and efficiency amidst rising cyber threats, increasingly depend on technical risk scoring and automated assessment rather than deep operational understanding of client environments. A key development is the heightened use of pre-breach and post-breach data collection by insurers for client evaluation. According to Nir Perry, insurance companies deploy platforms that scan client attack surfaces, dark web exposure, and implemented security measures, supplemented by questionnaires often completed by MSPs or IT managers. For larger clients or more significant coverage, insurers require more detailed controls and evidence, but the overall business remains highly profitable, with loss ratios generally favorable except in brief harder-market phases. The industry's underwriting models, as outlined by Nir Perry, prioritize statistical risk reduction based on historical breach data, not bespoke knowledge of each MSP's operational reality. Secondary factors reinforcing this shift include tension between checklist-based compliance approaches and practical security management, as well as the growing expectation that AI-enabled tools will speed up risk assessments and ROI modeling for security investments. Nir Perry notes that modern LLM-driven systems can rapidly extract and interpret risk information from technical documentation, enabling faster, data-driven recommendations for both insurers and MSPs. However, the episode also covers gaps in accountability when large software vendors shift the risk of vulnerabilities onto customers—a contrast to physical world liability frameworks—indicating persistent governance gaps in cyber risk assignment. For MSPs and IT leaders, increased dependency on insurer-driven checklists and risk models means that decision-making must closely track evolving carrier requirements, not merely technical best practices. Contractual and evidentiary risk arises if controls asserted during underwriting are not maintained, with some carriers declining coverage where documentation is inaccurate or solutions are misrepresented. Providers must account for operational delays during incidents, as insurer processes may prioritize forensics and evidence over immediate restoration. The proliferation of AI tools for risk analysis can help justify investments to business stakeholders but also increases the need for transparent and auditable decision records.

As digital transformation accelerates, today's leaders are navigating an increasingly complex risk landscape shaped by rising cyber threats, evolving regulations, and constant technological change. In this Episode, we sit down with Scott Alldridge—CEO of IP Services, President of the IT Process Institute, and author of the widely recognized VisibleOps series to help organizations bridge the gap between technical complexity and business strategy, enabling leaders to make smarter, risk-aware decisions. In this episode, we explore: The evolving role of boards in cybersecurity leadership Key gaps in traditional risk management strategies What true cybersecurity maturity looks like today Practical ways to build a culture rooted in accountability and resilience Scott's latest book, VisibleOps Cybersecurity, has earned Amazon Best Seller status and continues to shape how executives and cybersecurity professionals approach modern risk. Connect with Scott and learn more through his official website. Episode also available on Apple Podcasts: https://apple.co/38oMlMr  Keep up with Scott Alldridge socials here: Facebook: https://www.facebook.com/scott.alldridge.24/ X: https://x.com/scottalldridge  Instagram: https://www.instagram.com/scottalldridge1/  Youtube: https://www.youtube.com/@scottalldridge 

Sara Ricci is a cybersecurity and enterprise risk executive with deep expertise in operational resilience, IT risk, and third-party risk management. She advises C-suite leaders on building stronger, more resilient organizations in the face of evolving cyber and operational threats. Sara is a frequent global speaker and mentor through the Executive Women's Forum Lift program and is known for her cross-disciplinary approach to risk, combining cybersecurity, business continuity, privacy, and sustainability to help organizations stay resilient.00:00 Intro02:29 Our Guest06:12 Resilience across industry15:30 Data exists in many forms21:20 Is you see something, say something26:20 The attack surface changing with AI38:30 4th party risk42:15 Connecting with Sara--------------------------------------SOCIAL MEDIA:Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio!Instagram: @securityconfidential and @DarkrhiinosecurityFacebook: @Dark-Rhiino-Security-IncTwitter: @darkrhiinosecLinkedIn: @dark-rhiino-securityYoutube: @DarkRhiinoSecurity ​

Madhav Nakar — AI Security Researcher and Documentarian of Spirituality and Play   No Password Required Season 7: Episode 3 - Madhav Nakar   Madhav Nakar is a Security Researcher at BeyondTrust specializing in identity threats, endpoint security, and cloud attack paths. With a background in theoretical mathematics, his current research focuses on analyzing attacker behavior to build practical systems of detection.   In this episode, Madhav shares the pivotal moments that shaped his career, including his first experience witnessing a nation-state attack unfold in real time from his seat in a SOC. He explains how mathematical thinking sharpens security strategy and why strong research is rooted in exploration, not predetermined outcomes.   Jack Clabby of Carlton Fields, joined by co-host Kayley Melton of the Cognitive Security Institute, welcomes Madhav for a conversation on modern cyber defense. From AI-driven attacks and agentic systems to privilege escalation risks in role-based access environments, Madhav breaks down what teams are getting wrong about AI and why defending against AI increasingly requires AI-powered tools.   The conversation turns to Madhav's philosophy of “serious play,” where curiosity, experimentation, and failure fuel better research and resilience. He also shares insights from his spiritual and philosophy project, The Fire of Knowing, exploring consciousness and belief through a neutral lens.   In the Lifestyle Polygraph, Madhav pitches a cybersecurity documentary, debates growth versus comfort, and reflects public dancing experiments.  Follow Madhav Nakar here: https://www.linkedin.com/in/madhav-nakar/ Follow "The Fire of Knowing" on Instagram and Youtube!  CHAPTERS:  00:00 Introduction with Kayley and Jack 08:08 Transition from Theoretical Math to Cybersecurity 16:13 Exploring Spiritual Traditions and Madhav's Documentary 19:48 The Intersection of Art and Science in Content Creation 25:20 The Lifestyle Polygraph: Challenging Perspectives on Security

Insurance today is proactive risk management, combining security intelligence, real-time monitoring, and rapid notification to minimize business interruption from cloud outages. Watch this clip with Insurance Journal’s Allen … Read More » The post Beyond the Policy: Building Real Cloud Resilience | Risky Future Event appeared first on Insurance Journal TV.

The Layer 8 Conference is excited to announce the first of its keynote speakers for 2026, Christina Lekati!Christina is a social engineering specialist who works with Cyber Risk, GmbH in Munich, Germany. She got her undergraduate degree in Psychology and has a Masters in International Business Studies. She has been a part of the OSINT Curious team and has taught her classes at Black Hat in Las Vegas but will also be offering her two-day social engineering class at the Layer 8 Conference this year. Come join us at the Layer 8 Conference, meet Christina and all of our other incredible speakers in Boston, MA on June 5-6.

Send a text

What if the device keeping you alive was also a cybersecurity vulnerability? That's not a hypothetical — it's Victor Barge's reality. In this episode of The Audit, IT Audit Labs' Global Delivery Director Victor Barge shares the story of his sudden cardiac event and the life-saving defibrillator now implanted in his chest and the eye-opening security questions that followed. Co-hosts Joshua Schmidt, Eric Brown, and Nick Mellum connect Victor's story to the real-world cyber risks organizations ignore every single day. What you'll learn in this episode: How modern pacemakers and defibrillators transmit biometric data 24/7 — and what happens if that data is compromised Why the 2017 Abbott pacemaker recall of 500,000 devices is a warning the industry hasn't fully heeded The parallel between reactive healthcare and reactive cybersecurity — and why waiting costs you more Why billion-dollar organizations are still storing passwords in spreadsheets in 2026 What continuous monitoring in IT security can learn from real-time cardiac telemetry Whether you're a CISO, IT auditor, or just someone wearing a smartwatch, this episode will make you rethink what "sensitive data" really means. 

Security teams are under more pressure than ever, reacting at human speed while systems, identities, and AI agents operate at machine speed. In this episode of Security Matters, host David Puner sits down with cybersecurity leader and former FBI executive MK Palmore to explore why defenders struggle to keep pace and what it takes to regain control.From AI agents that overshare sensitive data to cloud misconfigurations that never seem to disappear to the persistent success of ransomware, MK explains how complexity, vendor sprawl, and overloaded teams create gaps that attackers continue to exploit. The conversation highlights how identity across human, machine, and emerging agent types has become the center of modern security and why fundamentals, prioritization, and platform thinking matter more than ever.Listeners will hear insight on: • Identity at machine speed and the rise of autonomous access • Why attackers still win more than 51 percent of the time • How ransomware continues to succeed despite industry progress • Why SMBs face “mission impossible” expectations • The true cost of vendor sprawl and operational overload • What effective security leadership looks like in the current threat environmentIf you work in identity, security operations, strategy, or leadership, this discussion cuts through hype and focuses on the realities defenders face and how to push back against the constant pressure of the tyranny of the now.

We have had some extremely distinguished guests over the last 6 years, but we haven't secured one who combines, a Rhodes Scholar, US Army Colonel, Counter terrorism expert, leading the US's cyber intelligence defence agency, and a lecturer at Oxford and beyond, whilst also having worked at Morgan Stanley, and now CEO at RSAC. Jen plots a journey from Oxford to Westpoint, from Colonel of the US's first Cyber Battalion to the Whitehouse, working under Condoleezza Rice and then chosen by President Biden to create CISA, The US's first cyber defense agency.In a whirlwind, world-wide tour, Jen plots the risks, defines the adversaries, reflects on intelligence, cooperation, and the real and present cyber risks to industries.She offers advice to boards, the existential risks for businesses who think this is just a “technology issue” and leaves us with a stark observation. If the cost of annual cybercrimes were aggregated into one number, it would be equivalent in GDP terms to being the third largest economy in the world! The Money Maze Podcast is kindly sponsored by Schroders, IFM Investors, World Gold Council and LSEG.Sign up to our Newsletter | Follow us on LinkedIn | Watch on YouTube 

Welcome to the CRE podcast. 100% Canadian, 100% commercial real estate. What if the global geopolitical churn is actually creating opportunities to realign your portfolio? In this episode of the Commercial Real Estate Podcast, powered by First National, hosts Aaron Cameron and Adam Powadiuk are joined by Lachlan MacQuarrie, Industry Fellow at Intelligent Building LLC,... The post Beyond Locks and Cameras: Cyber Risk in CRE with Lachlan MacQuarrie, Industry Fellow at Intelligent Buildings LLC. appeared first on Commercial Real Estate Podcast.

OMB's new memo rescinds the Biden‑era requirements and shifts software and hardware security to an agency‑driven, risk‑based model. SBOMs and attestations move from “must” to “may.” That means CIOs and CISOs can tailor what they ask for from vendors, but they'll also carry the burden of proving those choices keep mission systems safe. We'll dig into what this change unlocks and where it could create blind spots with Jean‑Paul Bergeaux, Federal CTO at GuidePoint Security.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

CyberArk founder and executive chairman Udi Mokady returns to Security Matters at a transformational moment—now as part of Palo Alto Networks, following the acquisition's close on February 11. In this far‑reaching conversation, Udi and host David Puner explore why identity has become the attack vector for modern enterprises, driven by an unprecedented surge in human, machine and AI‑powered identities that attackers increasingly exploit.Udi discusses what the combined companies' scale and capabilities mean for customers, why identity security must now operate as frontline defense rather than a management layer, and how AI agents are rapidly reshaping the threat landscape. He also reflects on CyberArk's long‑distance entrepreneurial journey, the cultural foundations that have made the company durable over 26 years, and how productive paranoia, innovation and trust continue to guide the mission forward inside Palo Alto Networks.Note: This episode was recorded in January, prior to the acquisition's close.

Sue Serna - Social Media Security and Governance Leader and Lover of All BeaglesNo Password Required Season 7: Episode 2 - Sue SernaSue Serna is the CEO and Founder of Serna Social and the former head of global social media at Cargill. She brings more than two decades of experience at the intersection of storytelling, strategy, and security.In this episode, she shares her journey from business reporter to leading her own consultancy serving companies around the world on social media strategy.Jack Clabby of Carlton Fields, P.A, joined by guest co-host Rex Wilson of Cyber Florida, welcomes Sue for a candid discussion about the realities of enterprise social media. From managing more than 150 Facebook pages for a single company, to navigating internal politics, agency relationships, and regulatory pressure, Sue explains why social media is far from “free” and why most organizations still under-resource it.Sue dives deep into the gap between social media teams and cybersecurity departments. She outlines how personal account compromises can escalate into enterprise-level incidents, why governance frameworks matter, and how large organizations can regain control of sprawling digital footprints. Drawing from real-world examples, she argues that social media must be treated like finance or HR, a core business function requiring structure, ownership, and accountability.The episode wraps with the Lifestyle Polygraph, where Sue reveals her love of Apollo-era space history, debates iconic Philadelphia traditions, and imagines what magical talent her beagle would bring to Hogwarts.Follow Sue at SernaSocial.com or connect with her on LinkedIn: https://www.linkedin.com/in/sueserna/ Chapters: 00:00 Introduction and First Impressions   02:45 The Evolving Role of Social Media in Corporations   04:58 Transitioning from Journalism to Social Media  11:11 Building Social Media from Scratch   13:00 Becoming a CEO and Founder   16:28 The Importance of Networking   16:54 Bridging the Gap Between Social Media and Cybersecurity  20:51 Real-World Social Media Security Incidents  28:35 Navigating Internal Conflicts in Social Media  30:32 The Lifestyle Polygraph Begins   31:17 Nerd Things That Expose Sue: Space and Harry Potter!  35:16 Sue's Love For Beagles  37:50 Wreckless Intern or Overconfident Executive?  40:42 Hogwarts and Magical Beagles 

Can cyber risk actually be measured in dollars? How do you know if your risk data vendor is any good? And is cyber insurance really worth the investment? Let's find out with our guest Scott Stransky, who leads the Cyber Risk Intelligence Center at Marsh and was named 2023 Cyber Risk Industry Person of the Year. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.  LinkedIn profile -- https://www.linkedin.com/in/scott-stransky-92659095/ Top 12 Report -- https://www.marsh.com/en/services/cyber-risk/insights/cybersecurity-signals.html                          Marsh Cyber Risk Intelligence Center -- https://www.corporate.marsh.com/solutions/cyber-resilience/cyber-risk-intelligence-center.html  

In this Brand Highlight, Ivan Milenkovic, Vice President, Cyber Risk Technology at Qualys, joins host Sean Martin to discuss how security leaders can break free from the whack-a-mole cycle of vulnerability management.With more than 48,000 vulnerabilities disclosed in 2025 alone and the average enterprise juggling 76 different security consoles, Milenkovic argues that the old methods of counting patches and chasing alerts are no longer sustainable. Instead, Qualys helps organizations prioritize threats based on business context through what the company calls TruRisk.Milenkovic describes a fundamental shift he sees taking place in boardroom conversations: moving from risk appetite to risk tolerance. Boards and executives now want to know what specific losses mean to the business rather than simply asking whether the organization is secure.For CISOs, this means evolving from the department of "No" to the department of "Know," where security leaders understand where problems exist, how to fix them, and what architecture supports business objectives. The key is demonstrating return on investment through resilience metrics rather than vulnerability counts.Qualys addresses this challenge through its Enterprise TruRisk Management platform, which facilitates what Milenkovic calls the Risk Operations Center. Unlike a traditional SOC that focuses on incidents that have already occurred, the ROC takes a proactive stance, helping organizations prevent threats and optimize security spending before damage occurs.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTIvan Milenkovic, Vice President, Cyber Risk Technology, QualysOn LinkedIn | https://www.linkedin.com/in/ivanmilenkovic/RESOURCESLearn more about Qualys | https://www.qualys.comAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSIvan Milenkovic, Qualys, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, Enterprise TruRisk Management, Risk Operations Center, ROC, vulnerability management, CISO, cyber risk, risk tolerance, security leadership, proactive security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.