In this week's sponsored interview, we dive into the evolving security landscape around AI agents, where we stand with AI agent adoption. We also touch on topics such as securing credentials in browser workflows and why identity is foundational to AI agent security.
This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more!
In this week's enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Interview with Connor Mulherin of TechSoup
The cybersecurity landscape in the nonprofit sector is evolving quickly, with organizations facing unique challenges due to limited resources, sensitive mission-driven work, and developing policies and training programs. Connor Mulherin, Director and GM of Validation Services at TechSoup, will discuss the industry's need for accessible and collaborative solutions to provide affordable technology leadership and security guidance. It will highlight how nonprofit organizations can build long-term digital resilience and combat these growing challenges.
Segment Resources:
Interview with Mike Poole, Director of Cyber Security at Werner Enterprises
In today's digital landscape, cybersecurity is not just a technical issue—it’s a business imperative. Organizations that prioritize cybersecurity culture see fewer incidents and stronger resilience against evolving threats. But how do you foster a security-first mindset across an organization?
This session will explore the critical components of building and maintaining a robust cybersecurity culture, starting with executive leadership buy-in—a fundamental step in securing resources and driving organizational change. We’ll then dive into the power of monthly phishing exercises, which reinforce awareness and preparedness. Attendees will also learn how to develop effective training programs that engage employees at all levels and create lasting behavioral change. Finally, we’ll discuss the role of cybersecurity-themed events, particularly during Cybersecurity Awareness Month, as a powerful tool to capture attention and reinforce key security principles.
This segment is sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more about them!
Show Notes: https://securityweekly.com/esw-430
David Brauchler says AI red teaming has proven that eliminating prompt injection is a lost cause. And many developers inadvertently introduce serious threat vectors into their applications – risks they must later eliminate before they become ingrained across application stacks.
NCC Group’s AI security team has surveyed dozens of AI applications, exploited their most common risks, and discovered a set of practical architectural patterns and input validation strategies that completely mitigate natural language injection attacks. David's talk aimed at helping security pros and developers understand how to design/test complex agentic systems and how to model trust flows in agentic environments. He also provided information about what architectural decisions can mitigate prompt injection and other model manipulation risks, even when AI systems are exposed to untrusted sources of data.
More about David's Black Hat talk:
Additional blogs by David about AI security:
An op-ed on CSO Online made us think - should we consider the CIA triad 'dead' and replace it? We discuss the value and longevity of security frameworks, as well as the author's proposed replacement.
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-429
We're always thrilled to have authors join us to discuss their new book releases, and this week, it is Dr. Anand Singh. He seriously hustled to get his new book, Data Security in the Age of AI, out as soon as possible so that it could help folks dealing with securing AI rollouts right now! We'll discuss why he wrote it, how he got it done so quickly, and who needs to read it.
Segment Resources:
Val Tsanev, founder of ExecWeb, part of the CyberRisk Alliance family, posted shared some VERY spicy insights about how CISOs buy products. This elicited some passionate responses.
There are many interesting insights, but the biggest and most interesting is that 76% of CISOs choose products that presents the least risk to them, personally. Career safety trumps product performance, it would seem.
In the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-428
At Oktane 2025, leaders from across the security ecosystem shared how identity has become the new front line in protecting today’s AI-driven enterprises. As SaaS adoption accelerates and AI agents proliferate, organizations face an explosion of human and non-human identities—and with it, growing risks like misconfigured access, orphaned accounts, and identity-based attacks.
In this special Enterprise Security Weekly episode, we bring together insights from top experts:
From open standards to privileged access management and AI-powered defense, these Oktane 2025 conversations explore how identity-driven strategies are shaping the future of enterprise security.
Segment Resources: https://www.okta.com/newsroom/articles/old-security-challenges--new-ai-risks--managing-authorization-in https://www.okta.com/newsroom/press-releases/okta-introduces-cross-app-access-to-help-secure-ai-agents-in-the/ https://www.okta.com/blog/ai/securing-the-ai-agent-ecosystem/ https://www.okta.com/customers/adyen/ https://www.okta.com/newsroom/?sort=featured&filters=okta%3Acategories%2Fidentity-security https://www.okta.com/customers/thoughtworks/
This segment is sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more about them!
Show Notes: https://securityweekly.com/esw-427