EPISODE · Feb 10, 2026 · 37 MIN
Why $50 Bribes Are Breaching Enterprises - Ep64 - Michael Waite, Dune Security
from The Cyber Security Matters Podcast · host The Cyber Security Matters Podcast
On this episode of Cyber Security Matters, hosts Harry Baldwin and Matt Rose sit down with Michael Waite, Co-founder and CTO of Dune Security. Michael shares his journey from enterprise consulting to building a venture-backed startup tackling one of security's stickiest problems: the human element.Episode SummaryMichael discusses how traditional security awareness training fails to change human behaviour and why the threat landscape has shifted dramatically toward off-channel attacks via WhatsApp and encrypted apps. He reveals how attackers are using AI-powered voice cloning and open-source intelligence to launch sophisticated social engineering campaigns, and shares his personal security practices. Michael also explains how Dune Security uses AI defensively to quantify individual risk and drive targeted interventions that achieve a two-order-of-magnitude improvement in employee security posture.Key Topics CoveredThe transition from hands-on-keyboard building to strategic leadership as a startup scalesHow Dune's CISO Advisory Council shaped the product from day oneWhy soft skills and curiosity matter more than technical expertise in hiringThe shift from email phishing to off-channel attacks on personal devicesReal-world examples including the MGM breach and $50 bribes in lower-cost delivery centresPersonal security practices anyone can adoptUsing AI defensively for individual-level risk quantificationChapters00:00 – Introduction01:12 – How Michael got into cybersecurity04:43 – Key influences and leadership lessons from consulting07:05 – Mindset shift from consultant to co-founder/CTO09:05 – Building the CISO Advisory Council10:59 – Talent acquisition strategy and team building13:51 – The skills shortage debate and what really matters in hiring16:58 – The state of enterprise security and the human element19:42 – Off-channel attacks and the WhatsApp threat23:03 – What motivates attackers: bribes, data, and disruption25:00 – Why no business is safe from AI-powered attacks27:00 – Personal security tips29:24 – AI on the defensive side: how Dune Security uses it32:47 – Changing the "tick the box" compliance mindset35:42 – Advice for those entering cybersecurityGuest BioMichael Waite is the Co-founder and CTO of Dune Security, a company focused on protecting enterprises from modern social engineering threats. His career spans building secure platforms, leading large-scale cloud migrations, and scaling security solutions for Fortune 50 organisations. Under his technical leadership, Dune Security has raised $8 million in pre-seed and seed funding.
What this episode covers
On this episode of Cyber Security Matters, hosts Harry Baldwin and Matt Rose sit down with Michael Waite, Co-founder and CTO of Dune Security. Michael shares his journey from enterprise consulting to building a venture-backed startup tackling one of security's stickiest problems: the human element.Episode SummaryMichael discusses how traditional security awareness training fails to change human behaviour and why the threat landscape has shifted dramatically toward off-channel attacks via WhatsApp and encrypted apps. He reveals how attackers are using AI-powered voice cloning and open-source intelligence to launch sophisticated social engineering campaigns, and shares his personal security practices. Michael also explains how Dune Security uses AI defensively to quantify individual risk and drive targeted interventions that achieve a two-order-of-magnitude improvement in employee security posture.Key Topics CoveredThe transition from hands-on-keyboard building to strategic leadership as a startup scalesHow Dune's CISO Advisory Council shaped the product from day oneWhy soft skills and curiosity matter more than technical expertise in hiringThe shift from email phishing to off-channel attacks on personal devicesReal-world examples including the MGM breach and $50 bribes in lower-cost delivery centresPersonal security practices anyone can adoptUsing AI defensively for individual-level risk quantificationChapters00:00 – Introduction01:12 – How Michael got into cybersecurity04:43 – Key influences and leadership lessons from consulting07:05 – Mindset shift from consultant to co-founder/CTO09:05 – Building the CISO Advisory Council10:59 – Talent acquisition strategy and team building13:51 – The skills shortage debate and what really matters in hiring16:58 – The state of enterprise security and the human element19:42 – Off-channel attacks and the WhatsApp threat23:03 – What motivates attackers: bribes, data, and disruption25:00 – Why no business is safe from AI-powered attacks27:00 – Personal security tips29:24 – AI on the defensive side: how Dune Security uses it32:47 – Changing the "tick the box" compliance mindset35:42 – Advice for those entering cybersecurityGuest BioMichael Waite is the Co-founder and CTO of Dune Security, a company focused on protecting enterprises from modern social engineering threats. His career spans building secure platforms, leading large-scale cloud migrations, and scaling security solutions for Fortune 50 organisations. Under his technical leadership, Dune Security has raised $8 million in pre-seed and seed funding.
NOW PLAYING
Why $50 Bribes Are Breaching Enterprises - Ep64 - Michael Waite, Dune Security
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m