For this week's episode of Enterprise Security Weekly, there wasn't a lot of time to prepare. I had to do 5 podcasts in about 8 days leading up to the holiday break, so I decided to just roll with a general chat and see how it went.
Also, apologies, for any audio quality issues, as the meal I promised to make for dinner this day required a lot of prep, so I was in the kitchen for the whole episode! For reference, I made the recipe for morisqueta michoacana from Rick Martinez's cookbook, Mi Cocina. I used the wrong peppers (availability issue), so it came out green instead of red, but was VERY delicious.
As for the episode, we discuss what we've been up to, with Jackie sharing her experiences fighting against Meta (allegedly, through some shell companies) building an AI datacenter in her town.
We then get into discussing the limitations of AI, the potential of the AI bubble popping, and general limitations of AI that are becoming obvious. One of the key limitations is AI's inability to apply personal experience, have strong opinions, or any sense of 'taste'. I think I shared my observation that AI is becoming a sort of 'digital junk food'. "NO AI" has become a common phrase used by creators - a source of pride that media consumers seem to be celebrating and seeking out.
Segment Resources:
Show Notes: https://securityweekly.com/esw-439
External threats get discussed more than internal threats. There’s a bit of a streetlight effect here: external threats are more visible, easier to track, and sharing external threat intelligence doesn’t infringe on any individual organization’s privacy. That’s why we hear the industry discuss external threats more, though internally-triggered incidents far outnumber external ones.
Internal threats, on the other hand, can get personal. Accidental leaks are embarassing. Malicious insiders are a sensitive topic that internal counsel would erase from company memory if they could. Even when disclosure is required, the lawyers are going to minimize the amount of detail that gets out.
I was chief incident handler for 5 years of my enterprise career, and never once had to deal with an external threat. I managed dozens of internal cases over those 5 years though.
In this interview, we discuss the need for strong internal controls with Frank Vukovits from Delinea.
As systems and users inside and outside organizations become increasingly connected, maintaining strong security controls is essential to protect data and systems from both internal and external threats. In this episode, we will explore the importance of strong internal controls around business application security and how they can best be integrated into a broader security program to ensure true enterprise security.
This segment is sponsored by Delinea.
Visit https://securityweekly.com/delinea to learn more about them!
Many of us depend on service providers for our personal email, file storage, and photo storage. The line between personal accounts and work accounts often blur, particularly when it comes to Apple devices. We’re way more dependent on our Microsoft, Apple, Meta, and Google accounts than we used to be. They’re necessary to use home voice assistants, to log into other SaaS applications (Log in with Google/Apple/FB), and even manage our wireless plans (e.g. Google Fi). Getting locked out of any of these accounts can bring someone’s personal and/or work life to a halt, and there are many cases of this happening.
I’m not sure if we make it past sharing stories about what can and has happened. Getting into solutions might have to be a separate discussion (also, we may not have any solutions…)
Show Notes: https://securityweekly.com/esw-438
Illuminating Data Blind Spots
As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we’ll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over their most sensitive assets.
Our guest will break down how DSPM differs from adjacent technologies like DLP, CSPM, and DSP, and how it integrates into broader Zero Trust and cloud security strategies. We’ll also explore how compliance and regulatory pressures are shaping the next evolution of the DSPM market—and what security leaders should be doing now to prepare.
Segment Resources:
https://static.fortra.com/corporate/pdfs/brochure/fta-corp-fortra-dspm-br.pdf
This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them!
Over this year on this podcast, we've talked a lot about infostealers. Passkeys are a clear solution to implementing phishing and theft-resistant authentication, but what about all these infostealers stealing OAuth keys and refresh tokens? As long as session hijacking is as simple as moving a cookie from one machine to another, securing authentication seems like solving only half the problem. Locking the front door, but leaving a side door unlocked.
After doing some research, it appears that there has been some work on this front, including a few standards that have been introduced:
We'll address a few key questions in this segment: 1. how do these new standards help stop token theft? 2. how broadly have they been adopted?
Segment Resources:
Show Notes: https://securityweekly.com/esw-437
Misconfigurations are one of the most overlooked areas in terms of security program quick wins. Everyone freaks out about vulnerabilities, patching, and exploits.
Meanwhile, security tools are misconfigured. Thousands of unused software packages increase remediation effort and attack surface. The most basic misconfigurations lead to breaches. Threatlocker spotted this opportunity and have extended their agent-based product to increase attention on these common issues.
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more!
AI and the case for toxic anthropomorphism. When Wendy coined this phrase on Mastodon a few weeks ago, I knew that she had hit on something important and that we needed to discuss it on this podcast.
We were lucky to find some time for Wendy to come on the show!
Quick note: while this was not a sponsored segment, 1Password IS currently a sponsor of this podcast. That doesn’t really change the conversation any, except that I have to be nice to Wendy. But why would anyone ever be mean to Wendy???
Finally, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-436
Live from InfoSec World 2025, this episode of Enterprise Security Weekly features six in-depth conversations with leading voices in cybersecurity, exploring the tools, strategies, and leadership approaches driving the future of enterprise defense. From configuration management and AI-generated threats to emerging frameworks and national standards, this special edition captures the most influential conversations from this year’s conference.
In this episode:
-You Don’t Need a Hacker When You Have Misconfigurations — Rob Allen, Chief Product Officer at ThreatLocker®, discusses how overlooked settings and weak controls continue to be one of the most common causes of breaches. He explains how Defense Against Configurations (DAC) helps organizations identify, map, and remediate configuration risks before attackers can exploit them.
-Security Challenges for Mid-Sized Companies — Perry Schumacher, Chief Strategy Officer & Partner at Ridge IT Cyber, explores the evolving security challenges facing mid-sized organizations. He discusses how AI is becoming a competitive advantage, how mobility and third-party reliance complicate defenses, and what steps these organizations can take to improve resilience and efficiency.
-The Rise of Security Control Management: Secure by Design, Not by Chance — Marene Allison, former CISO of Johnson & Johnson, introduces Security Control Management (SCM), a new software category that unifies control selection, mapping, validation, and enforcement. She explains how SCM transforms fragmented compliance programs into proactive, embedded defense.
-Engineered for Protection: The Rise of Security Control Management — Ryan Heritage, Advisor at Sicura, continues the discussion on SCM, explaining how organizations can operationalize this approach to move from reactive reporting to proactive, data-driven defense. He highlights how automation and integration enable security decisions to be made at “the speed of relevance.”
-The AI Threat: Protecting Your Email from AI-Generated Attacks — Patricia Titus, Field CISO at Abnormal Security, explores how cybercriminals are weaponizing generative AI to create sophisticated phishing and social engineering attacks. She shares practical strategies for defending against AI-generated threats and emphasizes why AI-based protections are now essential for modern enterprises.
-Igniting Change: A Conversation with Dr. Ron Ross — Dr. Ron Ross, CEO at RONROSSECURE, LLC, shares insights from decades of pioneering work in cybersecurity, including the Risk Management Framework and Systems Security Engineering Guidelines. He discusses how leaders can apply these principles to strengthen resilience, foster innovation, and drive meaningful change across the cybersecurity landscape.
Segment Resources
Book a demo to see DAC in action. Visit https://securityweekly.com/threatlockerisw to learn more!
This segment is sponsored by Ridge IT Cyber. Visit https://securityweekly.com/ridgeisw to learn more about them!
Show Notes: https://securityweekly.com/esw-435