Every year, I like to sit down and consider what the podcast should be focusing on. Not doing so ensures every single episode will be about AI and nobody wants that. Least of all, me. If I have one more all-AI episode, my head is going to explode.
With that said, most of what we talk about in this segment is AI (picard face palm.png). I think 2026 will be THE defining year for GenAI. Three years after the release of ChatGPT, I think we've hit peak GenAI hype and folks are ready for it to put up or shut up. We'll see winners grow and get acquired and losers pivot to something else. More than anything, I want to interview folks who have actually seen it work at scale, rather than just in a cool demo in a vendor sandbox.
Also on the agenda for this year:
What am I missing? What would you like to see us discuss? Please drop me a line and let me know: adrian.sanabria@cyberriskalliance.com
This topic has been in the works for a while! Ayman had a whole podcast and book focused on all the paths people take to get into security. Jackie worked with WiSys on outlining pathways into a cybersecurity career.
Whether you're already in cyber or looking for a way in, this segment crams a lot of great advice into just 15-20 minutes.
Segment resources:
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-441
For our first episode of the new year, we thought it would be appropriate to dig into some cybersecurity predictions.
First, we cover the very nature of predictions and why they're often so bad. To understand this, we get into logical fallacies and cognitive biases.
In the next segment, we cover some 2025 predictions we found on the Internet.
In the final segment, we discuss 2026, drop some of our own predictions, and talk about what we hope to see this year.
SPOILER: Please fix session hijacking, okay tech industry?
Segment resources:
Show Notes: https://securityweekly.com/esw-440
For this week's episode of Enterprise Security Weekly, there wasn't a lot of time to prepare. I had to do 5 podcasts in about 8 days leading up to the holiday break, so I decided to just roll with a general chat and see how it went.
Also, apologies, for any audio quality issues, as the meal I promised to make for dinner this day required a lot of prep, so I was in the kitchen for the whole episode! For reference, I made the recipe for morisqueta michoacana from Rick Martinez's cookbook, Mi Cocina. I used the wrong peppers (availability issue), so it came out green instead of red, but was VERY delicious.
As for the episode, we discuss what we've been up to, with Jackie sharing her experiences fighting against Meta (allegedly, through some shell companies) building an AI datacenter in her town.
We then get into discussing the limitations of AI, the potential of the AI bubble popping, and general limitations of AI that are becoming obvious. One of the key limitations is AI's inability to apply personal experience, have strong opinions, or any sense of 'taste'. I think I shared my observation that AI is becoming a sort of 'digital junk food'. "NO AI" has become a common phrase used by creators - a source of pride that media consumers seem to be celebrating and seeking out.
Segment Resources:
Show Notes: https://securityweekly.com/esw-439
External threats get discussed more than internal threats. There’s a bit of a streetlight effect here: external threats are more visible, easier to track, and sharing external threat intelligence doesn’t infringe on any individual organization’s privacy. That’s why we hear the industry discuss external threats more, though internally-triggered incidents far outnumber external ones.
Internal threats, on the other hand, can get personal. Accidental leaks are embarassing. Malicious insiders are a sensitive topic that internal counsel would erase from company memory if they could. Even when disclosure is required, the lawyers are going to minimize the amount of detail that gets out.
I was chief incident handler for 5 years of my enterprise career, and never once had to deal with an external threat. I managed dozens of internal cases over those 5 years though.
In this interview, we discuss the need for strong internal controls with Frank Vukovits from Delinea.
As systems and users inside and outside organizations become increasingly connected, maintaining strong security controls is essential to protect data and systems from both internal and external threats. In this episode, we will explore the importance of strong internal controls around business application security and how they can best be integrated into a broader security program to ensure true enterprise security.
This segment is sponsored by Delinea.
Visit https://securityweekly.com/delinea to learn more about them!
Many of us depend on service providers for our personal email, file storage, and photo storage. The line between personal accounts and work accounts often blur, particularly when it comes to Apple devices. We’re way more dependent on our Microsoft, Apple, Meta, and Google accounts than we used to be. They’re necessary to use home voice assistants, to log into other SaaS applications (Log in with Google/Apple/FB), and even manage our wireless plans (e.g. Google Fi). Getting locked out of any of these accounts can bring someone’s personal and/or work life to a halt, and there are many cases of this happening.
I’m not sure if we make it past sharing stories about what can and has happened. Getting into solutions might have to be a separate discussion (also, we may not have any solutions…)
Show Notes: https://securityweekly.com/esw-438
Illuminating Data Blind Spots
As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we’ll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over their most sensitive assets.
Our guest will break down how DSPM differs from adjacent technologies like DLP, CSPM, and DSP, and how it integrates into broader Zero Trust and cloud security strategies. We’ll also explore how compliance and regulatory pressures are shaping the next evolution of the DSPM market—and what security leaders should be doing now to prepare.
Segment Resources:
https://static.fortra.com/corporate/pdfs/brochure/fta-corp-fortra-dspm-br.pdf
This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them!
Over this year on this podcast, we've talked a lot about infostealers. Passkeys are a clear solution to implementing phishing and theft-resistant authentication, but what about all these infostealers stealing OAuth keys and refresh tokens? As long as session hijacking is as simple as moving a cookie from one machine to another, securing authentication seems like solving only half the problem. Locking the front door, but leaving a side door unlocked.
After doing some research, it appears that there has been some work on this front, including a few standards that have been introduced:
We'll address a few key questions in this segment: 1. how do these new standards help stop token theft? 2. how broadly have they been adopted?
Segment Resources:
Show Notes: https://securityweekly.com/esw-437
Misconfigurations are one of the most overlooked areas in terms of security program quick wins. Everyone freaks out about vulnerabilities, patching, and exploits.
Meanwhile, security tools are misconfigured. Thousands of unused software packages increase remediation effort and attack surface. The most basic misconfigurations lead to breaches. Threatlocker spotted this opportunity and have extended their agent-based product to increase attention on these common issues.
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more!
AI and the case for toxic anthropomorphism. When Wendy coined this phrase on Mastodon a few weeks ago, I knew that she had hit on something important and that we needed to discuss it on this podcast.
We were lucky to find some time for Wendy to come on the show!
Quick note: while this was not a sponsored segment, 1Password IS currently a sponsor of this podcast. That doesn’t really change the conversation any, except that I have to be nice to Wendy. But why would anyone ever be mean to Wendy???
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-436
Live from InfoSec World 2025, this episode of Enterprise Security Weekly features six in-depth conversations with leading voices in cybersecurity, exploring the tools, strategies, and leadership approaches driving the future of enterprise defense. From configuration management and AI-generated threats to emerging frameworks and national standards, this special edition captures the most influential conversations from this year’s conference.
In this episode:
-You Don’t Need a Hacker When You Have Misconfigurations — Rob Allen, Chief Product Officer at ThreatLocker®, discusses how overlooked settings and weak controls continue to be one of the most common causes of breaches. He explains how Defense Against Configurations (DAC) helps organizations identify, map, and remediate configuration risks before attackers can exploit them.
-Security Challenges for Mid-Sized Companies — Perry Schumacher, Chief Strategy Officer & Partner at Ridge IT Cyber, explores the evolving security challenges facing mid-sized organizations. He discusses how AI is becoming a competitive advantage, how mobility and third-party reliance complicate defenses, and what steps these organizations can take to improve resilience and efficiency.
-The Rise of Security Control Management: Secure by Design, Not by Chance — Marene Allison, former CISO of Johnson & Johnson, introduces Security Control Management (SCM), a new software category that unifies control selection, mapping, validation, and enforcement. She explains how SCM transforms fragmented compliance programs into proactive, embedded defense.
-Engineered for Protection: The Rise of Security Control Management — Ryan Heritage, Advisor at Sicura, continues the discussion on SCM, explaining how organizations can operationalize this approach to move from reactive reporting to proactive, data-driven defense. He highlights how automation and integration enable security decisions to be made at “the speed of relevance.”
-The AI Threat: Protecting Your Email from AI-Generated Attacks — Patricia Titus, Field CISO at Abnormal Security, explores how cybercriminals are weaponizing generative AI to create sophisticated phishing and social engineering attacks. She shares practical strategies for defending against AI-generated threats and emphasizes why AI-based protections are now essential for modern enterprises.
-Igniting Change: A Conversation with Dr. Ron Ross — Dr. Ron Ross, CEO at RONROSSECURE, LLC, shares insights from decades of pioneering work in cybersecurity, including the Risk Management Framework and Systems Security Engineering Guidelines. He discusses how leaders can apply these principles to strengthen resilience, foster innovation, and drive meaningful change across the cybersecurity landscape.
Segment Resources
Book a demo to see DAC in action. Visit https://securityweekly.com/threatlockerisw to learn more!
This segment is sponsored by Ridge IT Cyber. Visit https://securityweekly.com/ridgeisw to learn more about them!
Show Notes: https://securityweekly.com/esw-435
Ravid will discuss why security and engineering misalignment is the biggest barrier to fast, effective remediation, using data from Seemplicity’s 2025 Remediation Operations Report. This is costing some teams days of unnecessary exposure, which can lead to major security implications for organizations.
Segment Resources:
https://seemplicity.io/papers/the-2025-remediation-operations-report/
https://seemplicity.io/blog/2025-remediation-operations-report-organizations-still-struggle/
Ex-SC Media journalist Derek Johnson did a great job writing this one up over at Cyberscoop: China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work
There are a number of interesting questions that have been raised here. Some want more technical details and question the report's conclusions. How automated was it, really?
I found it odd that Anthropic's CEO was on 60 minutes the same week, talking about how dangerous AI is (which is his company's primary and only product).
I think one of the more interesting things to discuss is how Anthropic has based its identity and brand on AI safety. While so many other SaaS companies appear to be doing the bare minimum to stop attacks against their customers, Anthropic is putting significant resources into testing for future threats and discovering active attacks.
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-434
It’s the Year of the (Clandestine) Linux Desktop!
As if EDR evasions weren’t enough, attackers are now employing yet another method to hide their presence on enterprise systems: deploying tiny Linux VMs. Attackers are using Hyper-V and/or WSL to deploy tiny (120MB disk space and 256MB memory) Linux VMs to host a custom reverse shell and reverse proxy.
In this segment, we’ll discuss strategies and mitigations to battle this novel technique with Rob Allen from Threatlocker.
Segment Resources:
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!
We're entering the age of human-shaped robots, so it seems like a good time to talk about the fact that they ALREADY HAVE CVEs assigned to them. I guess this isn't a terrible thing - John Connor might have had an easier time if he could simply hack the terminators from a distance...
Resources
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-433
OT/ICS/SCADA systems are often off limits to cybersecurity folks, and exempt from many controls. Attackers don’t care how fragile these systems are, however. For attackers aiming to disrupt operations, fragile but critical systems fit criminals’ plans nicely.
In this interview, we discuss the challenge of securing OT systems with Todd Peterson and Joshua Hay from Junto Security.
This segment is sponsored by Junto Security. Visit https://securityweekly.com/junto to learn more!
This week's topic segment is all about tuning your 'spidey sense' to spot myths and misconceptions online so we can avoid amplifying AI slop, scams, and other forms of Internet bunk. It was inspired by this LinkedIn post, but we've got a cybersecurity story in the news that we could have easily used for this as well (the report from MIT).
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-432
Frontline workers can’t afford to be slowed down by manual, repetitive logins, especially in mission-critical industries where both security and productivity are crucial. This segment will explore how inefficient login methods erode productivity, while workarounds like shared credentials increase risk, highlighting why passwordless authentication is emerging as a game-changer for frontline access to shared devices. Joel Burleson-Davis, Chief Technology Officer of Imprivata, will share how organizations can adopt frictionless and secure access management to improve both security and frontline efficiency at scale.
Segment Resources:
This segment is sponsored by Imprivata. Visit https://securityweekly.com/imprivata to learn more about them!
Vendors are finding, after integrating agents into their processes, that agentic AI can get expensive very quickly. Of course, this isn't surprising when your goal is "review all my third party contracts and fill out questionnaires for me" and the pricing is X DOLLARS for 1M TOKENS blah blah context window, max model thinking model blah blah. No one knows what the conversion is from "review my contracts" to millions of tokens, so everyone is left to just test it out and see what the bill is at the end of the month.
As we saw with Cloud when adoption started increasing in the early 2010s, we are naturally entering the era of AI cost optimization. In this segment, we'll discuss what that means, how it affects the market, and how it affects the use of AI in cybersecurity.
Jackie mentions this story from Wired in the segment: https://www.wired.com/story/ai-bubble-will-burst/
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-431
In this week's sponsored interview, we dive into the evolving security landscape around AI agents, where we stand with AI agent adoption. We also touch on topics such as securing credentials in browser workflows and why identity is foundational to AI agent security.
This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more!
In this week's enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Interview with Connor Mulherin of TechSoup
The cybersecurity landscape in the nonprofit sector is evolving quickly, with organizations facing unique challenges due to limited resources, sensitive mission-driven work, and developing policies and training programs. Connor Mulherin, Director and GM of Validation Services at TechSoup, will discuss the industry's need for accessible and collaborative solutions to provide affordable technology leadership and security guidance. It will highlight how nonprofit organizations can build long-term digital resilience and combat these growing challenges.
Segment Resources:
Interview with Mike Poole, Director of Cyber Security at Werner Enterprises
In today's digital landscape, cybersecurity is not just a technical issue—it’s a business imperative. Organizations that prioritize cybersecurity culture see fewer incidents and stronger resilience against evolving threats. But how do you foster a security-first mindset across an organization?
This session will explore the critical components of building and maintaining a robust cybersecurity culture, starting with executive leadership buy-in—a fundamental step in securing resources and driving organizational change. We’ll then dive into the power of monthly phishing exercises, which reinforce awareness and preparedness. Attendees will also learn how to develop effective training programs that engage employees at all levels and create lasting behavioral change. Finally, we’ll discuss the role of cybersecurity-themed events, particularly during Cybersecurity Awareness Month, as a powerful tool to capture attention and reinforce key security principles.
This segment is sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more about them!
Show Notes: https://securityweekly.com/esw-430
David Brauchler says AI red teaming has proven that eliminating prompt injection is a lost cause. And many developers inadvertently introduce serious threat vectors into their applications – risks they must later eliminate before they become ingrained across application stacks.
NCC Group’s AI security team has surveyed dozens of AI applications, exploited their most common risks, and discovered a set of practical architectural patterns and input validation strategies that completely mitigate natural language injection attacks. David's talk aimed at helping security pros and developers understand how to design/test complex agentic systems and how to model trust flows in agentic environments. He also provided information about what architectural decisions can mitigate prompt injection and other model manipulation risks, even when AI systems are exposed to untrusted sources of data.
More about David's Black Hat talk:
Additional blogs by David about AI security:
An op-ed on CSO Online made us think - should we consider the CIA triad 'dead' and replace it? We discuss the value and longevity of security frameworks, as well as the author's proposed replacement.
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-429
We're always thrilled to have authors join us to discuss their new book releases, and this week, it is Dr. Anand Singh. He seriously hustled to get his new book, Data Security in the Age of AI, out as soon as possible so that it could help folks dealing with securing AI rollouts right now! We'll discuss why he wrote it, how he got it done so quickly, and who needs to read it.
Segment Resources:
Val Tsanev, founder of ExecWeb, part of the CyberRisk Alliance family, posted shared some VERY spicy insights about how CISOs buy products. This elicited some passionate responses.
There are many interesting insights, but the biggest and most interesting is that 76% of CISOs choose products that presents the least risk to them, personally. Career safety trumps product performance, it would seem.
In the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-428
At Oktane 2025, leaders from across the security ecosystem shared how identity has become the new front line in protecting today’s AI-driven enterprises. As SaaS adoption accelerates and AI agents proliferate, organizations face an explosion of human and non-human identities—and with it, growing risks like misconfigured access, orphaned accounts, and identity-based attacks.
In this special Enterprise Security Weekly episode, we bring together insights from top experts:
From open standards to privileged access management and AI-powered defense, these Oktane 2025 conversations explore how identity-driven strategies are shaping the future of enterprise security.
Segment Resources: https://www.okta.com/newsroom/articles/old-security-challenges--new-ai-risks--managing-authorization-in https://www.okta.com/newsroom/press-releases/okta-introduces-cross-app-access-to-help-secure-ai-agents-in-the/ https://www.okta.com/blog/ai/securing-the-ai-agent-ecosystem/ https://www.okta.com/customers/adyen/ https://www.okta.com/newsroom/?sort=featured&filters=okta%3Acategories%2Fidentity-security https://www.okta.com/customers/thoughtworks/
This segment is sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more about them!
Show Notes: https://securityweekly.com/esw-427
How identity security can keep pace with the evolving threat landscape, with Brett Winterford
Today’s threat landscape has never been more complex. Malicious actors are leveraging tools like generative AI to develop more creative social engineering attacks that can have serious ramifications for businesses. Brett Winterford, VP of Okta Threat Intelligence, shares findings from his team’s most recent investigations, as well as recommendations for organizations looking to strengthen their defenses.
Segment Resources
How to navigate app development in the AI era with Shiv Ramji
As AI reshapes how applications are built and consumed, developers and engineering leaders face a new set of challenges: enabling innovation while maintaining security. In this interview, Auth0 President Shiv Ramji will discuss the shifting landscape of application development in the AI era. He’ll discuss the shift toward developing AI agents that are secure by design and standards-first so they can thrive within an interconnected web of applications and systems.
How AI agents are reshaping cybersecurity from the inside out with Damon McDougald
AI is being harnessed to transform cybersecurity operations—from automating routine tasks to closing skills gaps and accelerating incident response. Damon McDougald, Global Security Services Lead at Accenture, shares how agents can cut through alert fatigue and proactively defend against threats at scale. Damon also outlines the identity risks these agents introduce—and what cybersecurity leaders must do now to secure their access and maintain control in an increasingly autonomous environment.
All three segments are sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more!
Show Notes: https://securityweekly.com/esw-426
This interview is sponsored by runZero.
Legacy vulnerability management (VM) hasn't innovated alongside of attackers, and it shows. Let's talk about the state of VM.
Check out https://securityweekly.com/runzero to learn more!
In this week’s topic segment, we’re discussing all the NPM supply chain attacks from the past 3 weeks.
I recently published a roundup of these incidents over on my Substack.
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-425
Introducing Forrester’s AEGIS Framework: Agentic AI Enterprise Guardrails For Information Security
For this episode’s interview, we’re talking to Forrester analyst Jeff Pollard. I’m pulling this segment’s description directly from the report’s executive summary, which I think says it best:
As AI agents and agentic AI are introduced to the enterprise, they present new challenges for CISOs. Traditional cybersecurity architectures were designed for organizations built around people. Agentic AI destroys that notion. In the near future, organizations will build for goal-oriented, ephemeral, scalable, dynamic agents where unpredictable emergent behaviors are incentivized to accomplish objectives. This change won’t be as simple or as straightforward as mobile and cloud — and that’s bad news for security leaders who in some cases still find themselves challenged by cloud security.
Then, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Interview with Rohit Dhamankar from Fortra
Live from Black Hat 2025 in Las Vegas, Matt Alderman sits down with Rohit Dhamankar, VP of Product Strategy at Fortra, to dive deep into the evolving world of offensive security. From red teaming and pen testing to the rise of AI-powered threat simulation and continuous penetration testing, this conversation is a must-watch for CISOs, security architects, and compliance pros navigating today's dynamic threat landscape.
Learn why regulatory bodies worldwide are now embedding offensive security requirements into frameworks like PCI DSS 4.0, and how organizations can adopt scalable strategies—even with limited red team resources. Rohit breaks down the nuances of purple teaming, AI-assisted red teaming, and the role of BAS platforms in enhancing defense postures.
Whether you’re building in-house capabilities or leveraging external partners, this interview reveals key insights on security maturity, strategic outsourcing, and the future of cyber offense and defense convergence.
This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more!
Interview with Michael Leland from Island
At BlackHat 2025 in Las Vegas, Matt Alderman sits down with Michael Leland, VP Field CTO at Island, to tackle one of cybersecurity’s most urgent realities: compromised credentials aren’t a possibility — they’re a guarantee. From deepfakes to phishing and malicious browser plug-ins, attackers aren’t “breaking in” anymore… they’re logging in.
Michael reveals how organizations can protect stolen credentials from being used, why the browser is now the second weakest link in enterprise security, and how Island’s enterprise browser can enforce multi-factor authentication at critical moments, block unsanctioned logins in real time, and control risky extensions with live risk scoring of 230,000+ Chrome plug-ins.
Key takeaways:
Segment Resources:
This segment is sponsored by Island. Visit https://securityweekly.com/islandbh to learn more!
Show Notes: https://securityweekly.com/esw-424
Doug White sits down with Theresa Lanowitz, Chief Evangelist at LevelBlue, for a powerful and timely conversation about one of cybersecurity’s most pressing threats: the software supply chain. Theresa shares fresh insights from LevelBlue’s global research involving 1,500 cybersecurity professionals across 16 countries. Together, they unpack the real-world risks of software acquisition in the API economy, the explosive growth of AI-generated code, and the rise of “vibe coding”—and how these trends are silently expanding the attack surface for organizations everywhere.
Visit https://securityweekly.com/levelbluebh to download the Data Accelerator: Software Supply Chain and Cybersecurity as well as all of LevelBlue's research.
In this interview, Yuval Wollman, President of CyberProof, unpacks how AI agents are not only expanding the attack surface—but reshaping the entire cyber threat landscape. Discover how ransomware-as-a-service platforms like Funksec and Dragonforce are operating with enterprise-level precision. Learn about the role of agentic AI, geopolitical cyber warfare, and why today's hackers offer better customer support than airlines.
This segment is sponsored by CyberProof. Visit https://securityweekly.com/cyberproofbh to learn more about them!
Doug White and Mickey Bresman, CEO of Semperis, dive deep into a conversation on the evolution of ransomware and the alarming rise of cyber extortion tactics. From the early days of encryption-only attacks to today's ransomware-as-a-service operations and hybrid threats blending digital and physical intimidation, this interview unpacks the growing sophistication of organized cybercrime. Mickey shares firsthand insights from Semperis’ recent ransomware report, including a chilling real-world example where a photo of a child was used to threaten an IT professional — illustrating how far threat actors are willing to go.
This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisbh to download the 2025 Global Ransomware Report!
Matt Alderman sits down with J.J. Guy, CEO & Co-Founder of Sevco Security, to unpack a 20-year industry failure finally being addressed: the disconnect between asset inventory, vulnerability visibility, and true cyber risk understanding. From the roots of CASM (Cyber Asset Attack Surface Management) to the convergence with CTE (Continuous Threat Exposure), JJ shares how Sevco is tackling today's fragmented environments — spanning cloud, on-prem, mobile, and containers — with a data-first approach.
Would you like to see the Sevco platform in action? You can take a self-guided tour at https://securityweekly.com/sevcobh
Doug White sits down with Intel 471 CEO Jason Passwaters for an eye-opening conversation on how cybercrime has evolved into a professional, profit-driven ecosystem. From ransomware-as-a-service to agentic AI, this interview pulls back the curtain on the real-world intel enterprises need to defend against today’s most dangerous digital threats. Jason shares how threat actors are using business models that rival legitimate startups — complete with support teams and customer service — while enterprise security teams face shrinking budgets and expanding attack surfaces.
This segment is sponsored by Intel471. Visit https://securityweekly.com/intel471bh to learn more about them!
CyberRisk TV sits down with HD Moore, CEO & Co-Founder of runZero, for a conversation on why vulnerability management is still failing enterprises — and what needs to change now. This interview dives deep into the real-world challenges facing security teams today: tool overload, missing assets, unauthenticated exposures, and the illusion of visibility. HD reveals how attackers are exploiting blind spots faster than defenders can react — and why unauthenticated discovery is the secret weapon defenders need.
Try runZero free! Get started at https://securityweekly.com/runzerobh
Jackie McGuire sits down with Jawahar Sivasankaran, President at Cyware, for an unmissable deep dive into the future of Cyber Threat Intelligence (CTI), agentic AI, and open-source security innovation. With nearly three decades of experience spanning hands-on engineering, go-to-market leadership, and cutting-edge product strategy, Jawahar shares insider insights on how CTI is evolving from fragmented alerts to unified, automated threat intelligence platforms.
To explore Cyware’s new Intelligence Suite, CTI automation capabilities, and open-source AI integration protocol, visit https://securityweekly.com/cywarebh.
Show Notes: https://securityweekly.com/esw-423
In this episode, Dave Lewis from 1Password discusses the critical importance of security in mergers and acquisitions, from due diligence through integration. He explores common pitfalls, essential security assessments, and practical strategies for security leaders to protect organizational value throughout the M&A process.
Every industry concerned with safety has a process for publishing the details of accidents, incidents, and failures. Cybersecurity has yet to reach this milestone, and hiding the details of failures is holding us back. This talk will argue for the need for breach details to go public, and share strategies for finding and using some little-known sources of detailed breach data.
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more about them!
Show Notes: https://securityweekly.com/esw-422
Oktane Preview: building frameworks to secure our Agentic AI future
Like it or not, Agentic AI and protocols like MCP and A2A are getting pushed as the glue to take business process automation to the next level. Giving agents the power and access they need to accomplish these lofty goals is going to be challenging, from a security perspective.
How do put AI agents in the position to perform broad tasks autonomously without granting them all the privileges? How do we avoid making AI agents a gold mine for attackers - the first place they stop once they hack into our companies? These are some examples of the questions Okta aims to answer at this year’s Oktane event, and we aim to kick off the conversations a little early - with this interview!
Segment Resources:
Reports of indirect prompt injection issues have been around for a while. Of particular note was Michael Bargury's Living off Microsoft Copilot presentation from Black Hat USA 2024. Simply sending an email to a Copilot user could make bad stuff happen.
Now, at Black Hat 2025, we've got more: the ability to plunder any data resource connected to ChatGPT (they call these integrations "Connectors") from Tamir Ishay Sharbat at Zenity Labs. The research is titled AgentFlayer: ChatGPT Connectors 0click Attack.
Looks like Google Jules is also vulnerable to what the Embrace the Red blog is calling invisible prompts. Sourcegraph's Amp Code is also vulnerable to the same attack, which encodes instructions to make them invisible.
What's really going to ruffle feathers is the fact that all these companies know this stuff is possible, but don't seem to be able to figure out how to prevent it. Ideally, we'd want to be able to distinguish between intended instruction and instructions injected via attachments or some other means outside of the prompt box. I guess that's easier said than done?
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-421
Vulnerability management is broken. Organizations basically use math to turn a crappy list into a slightly less crappy list, and the hardest part of the job as a CIO is deciding what NOT to fix. There has to be a better way, and there is...
Segment Resources:
This segment is sponsored by Horizon3.ai. Visit https://securityweekly.com/horizon3 to learn more about them!
Andy Ellis visited every booth at Black Hat. Every. Single. One. He wrote up what he learned and we discuss his findings!
https://www.duha.co/state-of-security-vendors-blackhat-2025/
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-420
We're coming live from hacker summer camp 2025, so it seemed appropriate to share what we've seen and heard so far at this year's event. Adrian's on vacation, so this episode is featuring Jackie McGuire and Ayman Elsawah!
Then, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-419
This week, we’ve had to make some last minute adjustments, so we’re going to do the news first, split into two segments.
This week, we’re discussing:
Guillaume shares his experiences building security from scratch at Canadian FinTech, Finaptic. Imagine the situation: you're CISO, and literally NOTHING is in place yet. No policies, no controls, no GRC processes. Where do you start? What do you do first? Are there things you can get away with that would be impossible in older, well-established financial firms?
Show Notes: https://securityweekly.com/esw-418
Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights he’s pulled out of this GitHub Actions incident. It isn’t an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments.
Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn’t get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait.
Triggered by an op-ed from Dave Kennedy, the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes.
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-417