TechSpective Podcast

Every few years, something comes along that reshapes the threat landscape and sends the industry scrambling for new tools, new frameworks, and new buzzwords. The perimeter died. Then it came back. Endpoints became the priority. Now they're not the whole story. Identity is the new battleground. AI is changing everything. And yet, the more I talk to people who've spent decades in the trenches, the more I keep hearing the same thing: the fundamentals still work. We just stopped trusting them. I had that conversation recently with Will Ledesma, a cybersecurity veteran with over 25 years in the field and a current role at N-able. Will also serves as a cyber warrior in the U.S. Air Force — and as a fellow Air Force vet, I can say the service tends to instill a certain appreciation for doing things right the first time. We talked about what N-able's latest State of the SOC report actually shows about where attacks are coming from — and the answer probably isn't what you'd expect if you've been following the conventional wisdom around endpoint protection. The data points somewhere else, and Will does a good job of explaining why that shift makes sense when you look at what's been happening across the business world over the last few years. From there, the conversation moved into identity — not just the username-and-password kind, but the full scope of what "identity" means in a world where your network includes laptops, IoT devices, cloud workloads, software applications, and increasingly, AI agents running on behalf of your employees. If an attacker can own any one of those identities, a lot of your other defenses stop mattering. Companies are bringing in AI tools at a rapid pace, leaning on them to augment their workforce and drive efficiency. That's fine. But what happens when those systems become mission-critical, and someone decides to take them out? We also got into something I've been saying for years about compliance. Compliance and security aren't the same thing. You can check every box on a framework audit and still get breached — plenty of high-profile companies have proven that. The frameworks have value, but they're a floor, not a ceiling. And too many organizations treat them like the finish line. Will's framing for all of it comes back to defense in depth — a concept he learned early in his career and one that he argues is more relevant now, not less. The attack surface has expanded. The identities have multiplied. The stakes are higher. But the logic of layering your defenses, covering your fundamentals, and not betting everything on any one control? That hasn't changed. The episode is worth your time whether you're a practitioner, a leader trying to make sense of your security investments, or just someone trying to figure out what "cyber resilience" actually means when you strip away the marketing. Hint: it's bigger than cybersecurity.

I keep having versions of the same conversation. The names and logos change, but the underlying tension doesn't: organizations are deploying AI agents fast, they're deploying them into production, and a lot of them weren't ready when they did it. Monte Carlo's co-founder and CTO Lior Gavish joined me on the TechSpective Podcast recently, and we got into why that's happening and what it actually means. Monte Carlo publishes an Agents in Production report, and the numbers in the latest edition are worth paying attention to. Nearly half of enterprises surveyed already have agentic solutions running on mission-critical work — not pilots, not proofs of concept. And somewhere around three-quarters of them said they deployed before they felt ready. That's not a surprise, exactly. The pressure to move is real. Boards are asking about AI strategy. CEOs are mandating adoption. The competitive argument for waiting is getting harder to make. But there's a difference between accepting that reality and assuming the governance infrastructure you need is going to materialize on its own. Part of what makes agents different from every other enterprise tool is that they don't follow a script. You can sandbox traditional software, test it, QA it, and have a reasonable expectation that what you tested is what you're deploying. Agents take a natural language objective and go find a path. That path isn't always the one you'd have chosen. Lior put it plainly — agents are optimizing for the mission, not for whatever guardrails you assumed were obvious. If they can reach data that technically sits within their access permissions, they'll reach it. If they can route around a limitation by working through another agent, some of them will figure that out. The other layer is that these systems are probabilistic. You can trace what went wrong after the fact, but the trace doesn't give you control. Run the same agent on the same task tomorrow, and you might get a different path. The audit log is evidence, not a fix. Where Lior and I spent a lot of time is the scale problem. One agent, you can watch. You can inspect every decision, every tool call, every output — same way you'd stay close to a new hire you're still calibrating. But the organizations moving aggressively aren't staying at one agent. They're heading toward dozens, then hundreds, and at that point, the pilot-phase approach of eyeballing everything stops being an option. The answer isn't to slow down across the board. What Lior kept coming back to was reversibility — don't hand agents tasks where a wrong decision can't be unwound — and visibility, meaning you need enough observability to catch drift before it becomes a problem you're explaining to someone else. There's an analogy from the conversation that stuck with me. You jumped in the car, hit the gas, and now you're trying to install brakes while it's moving. That's a pretty accurate description of where a lot of enterprises actually are. The question isn't whether to deploy anymore. It's whether you can see what your agents are doing well enough to catch a problem before it becomes one you can't walk back. That's what we got into. Give it a listen.

There's a moment in my conversation with Bob Bobel where he mentions that customers are having a harder time finding people who actually know Active Directory. Not cloud identity — the old on-premise stuff that most large organizations still run, even if they've also got Entra ID and Office 365 sitting on top of it. That expertise is retiring, and it's not being replaced fast enough. Bob is the CEO of Cayosoft, which builds management, auditing, and recovery tools for Microsoft environments. He's been in this space for a long time — long enough to have sold to some of the same agencies he's selling to now, nearly two decades later. He started the company on his 401k, which his wife apparently still doesn't know about. We covered a lot of ground in this episode. Some of it is squarely in the weeds of Microsoft infrastructure — hybrid environments, the gap between what native tools can do and what organizations actually need, and why change auditing matters more than most IT teams realize. Some of it is broader: AI, the ecosystem of companies that build businesses around Microsoft's footprint, and what federal agencies are actually looking for when they go shopping for tools in this space. The recovery conversation is worth your time on its own. Bob tells the story of how Cayosoft ended up building their patented approach to Active Directory recovery — it starts with a phone call at 3 am, a demo coming up in four days, and no hardware anywhere near Key West. The problem they had to solve in that moment turned into something they still consider one of their core differentiators. I'll let him tell it. On AI, Bob is more measured than most people I talk to right now. He's not skeptical of it, but he's also not pretending it's ready to run your identity infrastructure. His argument is that the more realistic near-term use case is capturing what experienced engineers know before they retire — embedding that institutional knowledge somewhere useful rather than just losing it. Cayosoft recently filed a patent around that idea. He explains the thinking behind it, and also where he thinks the hype is running ahead of reality. There's also a good thread in here about what it actually means to build a company inside someone else's ecosystem. I used to work at a company that was tightly coupled to AWS, so I know that tension — the question every year of whether the platform you're built on is going to decide to build what you do. Bob has a pretty clear-eyed take on the Microsoft version of that dynamic. It's a good conversation. Check it out wherever you listen to (or watch) podcasts.

It’s getting harder to have a “normal” conversation about content, social media, or visibility anymore—mostly because the rules keep changing while you're still mid-sentence. Just a few years ago, you could create a blog post, optimize it for SEO, promote it on Twitter (back when it was still Twitter and not a dumpster fire of right-wing conspiracy lunacy rebranded as X), and expect a decent number of eyeballs to land on it. That’s not the game anymore. Now we’re living in a world of algorithmic gatekeeping, AI-generated content slop, and platforms that are slowly morphing into echo chambers of their own making. And as someone who spends a lot of time thinking, writing, and talking about tech, marketing, and cybersecurity, I wanted to have an actual conversation about what this means—beyond the usual recycled talking points. So, I invited Evan Kirstel onto the TechSpective Podcast to dig in. If you’re not familiar with Evan, you should be. He’s one of the more influential voices in B2B tech media—part content creator, part live streamer, part analyst, part TV host, depending on the day. He’s also been doing this for a while, and more importantly, doing it well. That makes him a great sounding board for the increasingly murky topic of digital thought leadership. One of the first things we talked about was the rise of formulaic, AI-generated content. You know the kind—it reads like it was built from a checklist of “engagement best practices,” and while it may technically be “on brand,” it’s rarely interesting. The irony, of course, is that the platforms boosting this kind of content are simultaneously rewarding quantity over quality, while drowning users in sameness. From there, we explored how visibility really works in 2025. Hint: it’s no longer about who you know—it’s about which large language model knows you. If you’re not showing up in ChatGPT summaries or Google’s new generative answers, you’re basically invisible to a big chunk of your potential audience. Which raises the question: how do you actually earn mindshare in a world where traditional SEO has been replaced by AI synthesis? We didn’t land on a one-size-fits-all answer—but we did agree on a few things. First, content that sounds like content for content’s sake? It’s dead. Thought leadership that merely echoes what 20 other people are already saying? Also dead. What works now is originality, consistency, and credibility—backed by actual lived experience. Another key theme we unpacked: platforms. Everyone likes to say “meet your audience where they are,” but it’s harder than it sounds when the audience is splintered across LinkedIn, Reddit, YouTube, TikTok, and a dozen other niche platforms—each with its own expectations and formats. Evan shared how he tailors his content for each platform without diluting the message, and why companies that try to be “cool” without context usually fall flat. I’ll also say this—this episode reminded me that high-quality conversations are still one of the most underutilized forms of content out there. When it’s not scripted or polished within an inch of its life, a good conversation can cut through the noise and resonate on a level most polished op-eds or templated videos never will. So if you’re feeling stuck, wondering why your content isn’t landing like it used to, or trying to figure out how to show up where it matters—this episode is worth your time. Check out my conversation with Evan Kirstel on the TechSpective Podcast. And yes, we get into Gary Vaynerchuk, TikTok, zero-click search, and why it might be time to completely rethink your content strategy.

The cybersecurity landscape never sits still—and neither do the conversations I aim to have on the TechSpective Podcast. In the latest episode, I sit down with Etay Maor, Chief Security Strategist at Cato Networks and a founding member of Cato CTRL, the company’s cyber threats research lab. Etay brings a rare mix of technical depth and practical perspective—something increasingly necessary as we navigate the murky waters of modern cyber threats. This time, the conversation centers on the rise of Shadow AI—a topic gaining urgency but still underappreciated in many organizations. If Shadow IT was the quiet rule-breaker of the past decade, Shadow AI is its unpredictable, algorithmically supercharged cousin. It’s showing up in boardrooms, workflows, and marketing departments—often without security teams even knowing it’s there. Here’s the thing: banning AI tools or blocking access doesn’t work. People find a way around it. We’ve seen this play out with cloud storage, collaboration tools, and other “unsanctioned” technologies. The same logic applies here. Etay and I explore why organizations need to move beyond a binary yes/no mindset and instead think in terms of guardrails, visibility, and enablement. We also get into the tension between innovation and risk—how fear-based decision-making can put companies at a disadvantage, and why the bigger threat might be not using AI at all. That may sound counterintuitive coming from two people steeped in cybersecurity, but context matters. The risk of falling behind could be greater than the risk of exposure—if companies don’t take a strategic approach. Naturally, the conversation expands into how threat actors are adapting AI for offensive purposes—crafting more convincing phishing emails, automating reconnaissance, and even gaming defensive AI tools. Etay shares sharp insights into how attackers use our own tools against us and what that means for the future of cybersecurity. There’s also a philosophical thread woven throughout—questions about whether AI can truly be “original,” how human creativity intersects with machine learning, and what kind of ethical or regulatory frameworks might be needed (if any) to keep things from going off the rails. Etay brings both technical fluency and historical perspective to the discussion, making it a conversation that’s as grounded as it is thought-provoking. This episode doesn’t veer into fear-mongering or hype. It stays real—examining where we are, where we’re headed, and how to make better decisions as the ground keeps shifting. Whether you’re in security, tech leadership, policy, or just curious about how AI is reshaping the digital battleground, this one’s worth your time. Tune in to the latest TechSpective Podcast—now streaming on all major platforms. Share your thoughts in the comments below.

I’ve had a lot of conversations about AI over the past couple years—some insightful, some overhyped, and a few that left me questioning whether we’re even talking about the same technology. But every now and then, I get the opportunity to sit down with someone who not only understands the technology but also sees its broader implications with clarity and honesty. This episode of the TechSpective Podcast is one of those moments. Jeetu Patel, President and Chief Product Officer at Cisco, joins me for an unscripted, unfiltered conversation that covers more ground than I could have outlined in a set of pre-written questions. Actually, I did draft a set of pre-written questions. We just didn't follow or use them at all. Jeetu and I have known each other for a while, and this episode reflects the kind of conversation you only get with someone who’s deeply immersed in both the strategic and human sides of tech. It’s thoughtful. It’s philosophical. And it doesn’t pull punches. At the center of our discussion is the concept of “agentic AI”—a term that’s being used more frequently, sometimes without much clarity. We unpack what it actually means, what it can realistically do, and how it differs from the wave of chatbots and content generators that came before it. More importantly, we talk about how these AI agents might change not just the tasks we automate, but how we think about work itself. Of course, with any conversation about AI and the future of work comes the inevitable tension: what gets lost, what gets reimagined, and what still requires distinctly human judgment. Jeetu brings a nuanced take to this, rooted in his experience leading product innovation at one of the world’s largest tech companies. It’s not a conversation filled with predictions so much as it is a reframing of the questions we should be asking. What stood out to me is how quickly we normalize the extraordinary. A technology that felt magical two years ago is now embedded in our daily workflows. That speed of adoption changes the stakes. It means we need to be more deliberate—not just about what AI can do, but what we want it to do, and what we risk offloading too quickly. We also touch on the philosophical implications. If AI agents really can handle more of the cognitive heavy lifting, what’s our role in the loop? Do we become editors? Overseers? Explorers of new frontiers? And how do we prepare for jobs that don’t exist yet, using tools that are evolving faster than we can document them? I think this episode will resonate with anyone trying to navigate this moment—whether you’re in product development, policy, marketing, or just someone who likes to think a few moves ahead. It’s about more than AI. It’s about how we adapt, how we define value, and what we choose to hold onto as the landscape shifts. Give it a listen. And as always, I’d love to hear your thoughts.

There’s a question I’ve been sitting with lately: Are we prepared for what AI is about to expose in our organizations—not just technically, but operationally? In this episode of the TechSpective Podcast, I sit down with Kavitha Mariappan, Rubrik’s Chief Transformation Officer, to unpack some of the less flashy but arguably more urgent questions about enterprise security, AI readiness, and business continuity. If your organization is still treating identity as a login issue or AI as a future-state conversation, you might be missing the bigger picture. Kavitha doesn’t speak in clichés. She’s been in the trenches—engineering, scaling go-to-market teams, and now helping steer one of the fastest-evolving players in the data security space. Her perspective is shaped by decades of experience, but her focus is very much on the now: how to operationalize resilience at a time when every system, process, and even person has become a potential attack vector. One of the threads we pull on is the idea that resilience isn’t a fallback plan anymore—it’s the front line. And identity? That’s not just a security issue. It’s a dependency. If you can’t log in, you can’t recover. You can’t operate. You can’t pivot. The conversation touches on what it really means to build for resilience in a landscape where downtime isn’t just costly—it’s existential. We also explore what I’ll loosely call “AI exposure therapy”—not in the sense of experimenting with new models or shiny tools, but in understanding how AI is forcing companies to confront their structural weaknesses. What used to be considered internal inefficiencies are now potential vectors of attack. Technical debt isn’t just a performance issue—it’s a risk multiplier. Kavitha brings data to the table too—sharing insight from Rubrik Zero Labs on the alarming surge in identity-based attacks and why the majority of companies are still playing catch-up when it comes to securing what they can’t always see. It’s a wake-up call, but not a hopeless one. What made this conversation stand out to me wasn’t just the subject matter, but the way Kavitha frames the questions we should be asking: How do we architect for a world that’s already in flux? How do we define AI transformation when most businesses are still digesting digital transformation? And perhaps most critically, what needs to change inside the organization before the tech can even do its job? I won’t give away the full arc of the discussion, but here’s my pitch: If you’re leading, advising, or building for a company that handles sensitive data (hint: that’s all of us), this episode will challenge you to think differently about where resilience really begins—and what it’s going to take to build it into the DNA of your org. Listen to or watch the full episode here:

There’s something happening in cybersecurity right now that’s both exciting and a little disorienting. As generative and agentic AI take over headlines, conference keynotes, and investor decks, it’s easy to assume we’re on the verge of some great leap forward. The reality is more complicated—and more interesting. In the latest episode of the TechSpective Podcast, I had the chance to sit down with Sachin Jade, Chief Product Officer at Cyware, for a conversation that cuts through the buzzwords. We cover a lot of ground—from AI’s place in the SOC to the underrated power of relevance in threat intelligence—but what stuck with me most was this: the most transformative work happening in security right now doesn’t look like a revolution. It looks like simplification. Not simplification in the marketing sense—fewer dashboards, “single pane of glass,” etc.—but simplification where it actually matters: filtering noise, streamlining analysis, helping human analysts do their jobs better and faster. There’s a growing recognition among smart security leaders that “flashy” features might demo well, but if they don’t reduce burnout, improve signal-to-noise, or give analysts time back in their day, they’re missing the point. We’re at a moment where AI can—and should—do more than just surface alerts. The goal isn’t to impress anyone with a cool interface or to simulate a brilliant security expert. The goal is to embed intelligence into the places that grind analysts down: filtering irrelevant threat intel, connecting disparate data points, recommending next steps based on context. Mundane, unsexy tasks—yes. But transformative when done well. Sachin offered a useful framework for thinking about agentic AI that goes beyond the surface definitions most people are using. We talk about where true decision-making autonomy begins, how it fits into layered workflows, and what it really looks like to “mimic” human reasoning in a SOC environment. Spoiler: it’s not about replacing people. It’s about enabling them. Another theme that emerged: relevancy. Not in a vague, feel-good way, but in the deeply practical sense of “does this matter to me, my company, my infrastructure, right now?” For all the AI talk, too many tools still struggle to answer that question clearly. Cyware’s approach, which Sachin outlines in the episode, puts a premium on reducing noise and increasing clarity. There’s no magic wand—but there is a very intentional shift toward making intelligence actionable, digestible, and contextual. That matters more than whatever buzzword is trending on social media this week. We also explore the idea of functional decomposition in AI—a concept that mirrors how most human security teams are structured. Instead of building a monolithic super-intelligent assistant, Cyware has developed a multi-agent model where each AI agent is focused on a specific task, like malware triage or incident correlation. It’s less hive-mind, more specialized team—just like the best human teams. That architectural choice has significant implications for accuracy, explainability, and trust. The full conversation dives deeper into how these ideas show up in real-world security operations, what CISOs are actually looking for in AI-driven tools, and why strategic use of “boring” automation may be the real game-changer for the next decade. If you’re someone who’s tired of the AI hype but still deeply curious about where it’s actually moving the needle, I think you’ll find this episode worth your time. We don’t spend 45 minutes tossing around acronyms—we get into how AI can help analysts cut through the clutter, why relevancy is the next frontier, and what it means to design intelligence that works the way humans actually think. Listen to or watch the full episode here:

Every once in a while, a conversation forces you to stop and rethink something you thought you already understood. Recording this latest TechSpective Podcast episode with Semperis CEO Mickey Bresman did exactly that—and it has everything to do with how AI is quietly rewriting the rules of identity security. If you’ve been following the industry for a while, you know the story: hybrid environments are the norm, identity is the new perimeter, and permissions hygiene is the decades-old chore nobody has enough time—or patience—to do well. None of that is breaking news. What is new is what happens when you drop modern AI into the middle of that reality. We’re not talking about sci-fi leaps or theoretical risk models. We’re talking about something much more immediate: AI tools that can surface old data, forgotten data, and misconfigured access paths you didn’t even know existed. Years of “we’ll fix that later” suddenly become a living, breathing attack surface the moment AI starts connecting dots faster than any human ever could. Mickey and I unpack why this shift is so significant and why organizations often misunderstand the real implications. We also get into the emerging gray zone of agentic AI—systems that operate like users, make decisions like users, and introduce a whole new category of identity no one had to account for before. It’s an area where the guardrails are still being built, even as the tools accelerate. I won’t spoil the conversation here, because part of the fun is hearing how Mickey frames the problem—and the opportunities—through the lens of someone working directly with organizations grappling with this right now. Let’s just say the old assumptions don’t hold, and the path forward involves more than bolting AI onto existing processes. If you care about identity, security, or the rapidly approaching future where AI plays a central role in both offense and defense, this is a conversation worth your time. Check out the full episode here: And as always, stay tuned. At the pace things are evolving, this probably won’t be the last time we revisit the topic—and the next wave may hit sooner than any of us expect.

Every once in a while, I end up in a conversation that hits at exactly the right moment—when the industry is shifting, the vocabulary is changing, and everyone is quietly circling the same questions. This new episode of the TechSpective Podcast is one of those. Art Poghosyan, CEO and co-founder of Britive, joined me on this episode of the TechSpective Podcast for a fluid and surprisingly energizing dive into where identity security meets agentic AI. If you’ve followed the podcast this year, you know the pattern: gen AI defines the early hype cycle, but 2025 belongs to agents. Not the fantasy version where they automate your whole life, but the real-world scenario where they reshape what “digital responsibility” even means. Art has more than two decades of identity and access management experience, which gives him a grounded way of thinking about the moment we’re in. As we start talking, the first big theme that emerges is how fast the definition of “identity” is expanding. Identity used to be about people—employees, contractors, admins—and the occasional service account someone documented at 4:59 p.m. on a Friday. Now? Agents complicate all of that. A non-human autonomous system with access to a SaaS platform or a data lake behaves a lot like a user, even if it isn’t one on paper. Treating it as “just software” is exactly how we recreate the same exposures that powered the breach headlines of the last decade. One of the threads we tug on is the question of trust—not the fuzzy philosophical kind, but trust as an operational decision. An agent making decisions on your behalf needs to be verified every time it touches something sensitive. You need visibility into what it’s doing, controls around how long it can do it, and a way to shut it down when it starts operating outside its lane. These aren’t hypotheticals anymore. They’re the next generation of identity security problems, and Art offers a sharp perspective on what modern tooling needs to look like to keep up. The conversation also wanders into the human side of this shift. Everyone loves to frame the future as “AI versus AI,” but the real tension right now sits in the messy handoff between human intent and autonomous execution. Most organizations are easing into agents the same way you learn to drive a car: one cautious tap of the brakes at a time. That slow acclimation matters as much as any new feature or model. And yes, without giving anything away, we do acknowledge the part people sometimes treat like an afterthought: attackers get the same toys. They’re using them already. Ignoring that reality doesn’t make it go away. What I appreciate about this episode is how it holds the middle ground. It’s not hand-wringing about a dystopian future, and it’s not an AI pep rally. It’s a pragmatic, curious look at a technology that’s maturing faster than the guardrails around it. Art brings a thoughtful, steady view of where identity security is heading and what happens when autonomous systems stop playing by human rules. If you’re trying to understand how agentic AI fits into your world—or how identity security has to evolve to keep pace—this is a conversation worth hearing. Watch the full episode on YouTube and see where the discussion takes your own thinking next.

One thing I’ve learned after years of covering cybersecurity is that the “state of the threat landscape” rarely sits still long enough to fit neatly into a headline. Every time you think you’ve understood the latest trend, something shifts under your feet. That’s part of the fun—and part of the challenge. That dynamic energy is exactly why I invited Brad LaPorte onto the TechSpective Podcast for this latest episode. Brad has lived just about every angle of cybersecurity you can think of: military intelligence, consulting, analyst work at Gartner, and now CMO of Morphisec. He’s been in the room for many of the big transitions—tooling changes, strategic changes, and the increasingly blurry line between human-driven attacks and AI-driven ones. Our conversation went much deeper than a simple “state of ransomware” update. Ransomware itself has grown so far beyond the old definition that it feels strange to keep calling it that. The classic “encrypt everything and demand crypto” playbook isn’t what defines the modern threat. The real story now is how fast attackers adapt, how quickly new tactics spread, and how criminal groups behave more like full-fledged businesses than hobbyist hackers. We dig into all of that, but in a conversational way rather than a technical lecture. The thread that kept coming up is how small pieces of data—details that seem harmless on their own—can snowball into serious compromises when attackers start connecting the dots. Brad shared experiences that underscore how those tiny cracks get leveraged in ways most people never consider. It’s a reminder that cybersecurity is not only about the tools in place, but about the environment those tools live in. Another theme we circled around is the growing presence of AI in both defense and offense. AI-driven attacks aren’t a distant theory anymore. They’re active, adaptive, and often unsettling in how quickly they shift tactics mid-stream. Brad and I talked about what that means for defenders, why “preemptive” approaches are gaining traction, and how companies are trying to outpace threats that no longer behave like traditional malware at all. We also talked about the human side—something that doesn’t always make it into technical coverage. Cyberattacks aren’t abstract events. They’re personal. They exploit habits, patterns, and moments of distraction. Anyone who has ever clicked something out of instinct rather than scrutiny will relate to some of the scenarios we discuss. One thing I love about hosting this podcast is the space it creates for unscripted, honest discussion. Brad and I covered a lot—ransomware economics, polymorphic attacks, data exposure, the “funhouse mirror” problem of deception technologies, and even the strange comfort of knowing that pizza orders can still give away national secrets. Yes, really. And no, I’m not explaining it here; you’ll have to listen. If you work in cybersecurity, follow cybersecurity, or simply exist in a world shaped by cybersecurity, this episode is worth your time. It’s lively, candid, and packed with insight without requiring a glossary on the side. And if past experience is any guide, the things we talk about today may feel very different six months from now. That’s part of why these conversations matter. Give it a listen, subscribe if you enjoy it, and let me know what topics you want to hear explored next.

The latest episode of the TechSpective Podcast dives straight into one of the most pressing questions in cybersecurity right now: what happens when the vast majority of identities in your environment aren’t human anymore? I sat down with Danny Brickman, co-founder and CEO of Oasis Security, for a wide-ranging conversation about the future of identity, the rise of agentic AI, and why enterprises may be sprinting into an AI-powered future without realizing just how much risk they’re accumulating along the way. Danny brings a background that blends offensive experience, deep identity expertise, and a pragmatic understanding of what security teams actually need—not just in theory, but in the messy reality of modern cloud environments. We covered a lot of ground. Some of it gets philosophical. Some of it gets unsettling. None of it is boring. A few themes we talk about (without giving the episode away): Identity is no longer about people. If you’re still thinking of identity as usernames and passwords, you’re roughly a decade behind. The overwhelming majority of identities in an enterprise belong to machines, services, workloads, keys, tokens—digital “keycards” with no owner attached. And that was before agentic AI entered the picture. AI agents behave like employees… just much faster. This creates opportunity. It also creates chaos if you don’t know what your agents can access, what they can do, or how quickly they can do it. The idea of an AI system accidentally wiping out a database is no longer hypothetical. Access is becoming the currency of the AI era. The value an agent delivers directly correlates to the access it’s granted. That tension—between capability and control—is now central to modern security strategy. Governance frameworks for AI agents aren’t optional. Danny and his team have been working with industry leaders to build a framework that defines what’s acceptable, what’s risky, and how enterprises can put real guardrails around AI systems. It may be the first time you’ve heard the term “agentic access management,” but it won’t be the last. We also dig into the AI bubble, the trust problem, and why ‘do your own research’ is becoming less meaningful in an AI-shaped world. These tangents got lively, but they all tie back to a core idea: when machines act on our behalf, we need to understand the implications. Why this episode matters AI is reshaping cybersecurity faster than any shift we’ve seen in years. But it’s also blurring lines—between humans and machines, autonomy and oversight, innovation and risk. We don't go out of our way to try to package neat answers. Instead, we raise the questions every security leader should be asking right now: What should agents be allowed to do? Who’s accountable when something goes wrong? How do we maintain trust in systems that move faster than we can supervise? And what does identity even mean in a world where humans are the minority? If you want a thoughtful, candid exploration of these issues—and a look at how one company is thinking about securing the future—give the episode a listen. The full episode is now live on the TechSpective Podcast. Let the conversation challenge your assumptions.

Cybersecurity has a long memory—and an even longer list of recurring frustrations. Chief among them: alert fatigue. For as long as security teams have existed, they’ve been drowning in notifications, dashboards, and blinking red lights. Each new platform promises to separate signal from noise, and yet, years later, analysts are still buried under an avalanche of “critical” alerts that turn out to be anything but. In the latest episode of the TechSpective Podcast, I sat down with Raghu Nandakumara, VP of Industry Strategy at Illumio, to explore why this problem refuses to die—and whether the rise of agentic AI could finally change the equation. Raghu describes Illumio as a “breach containment company,” focused on limiting the damage when (not if) attackers break through. Their philosophy is simple but powerful: you can’t prevent every intrusion, but you can prevent the blast radius from spreading. That means reducing lateral movement risk—the ability for attackers to move freely once they’re inside a network—and building what he calls “true cyber resilience.” But our conversation quickly veered into a broader question about the human side of the SOC (Security Operations Center). Analysts are expected to triage thousands of alerts per day—one every 40 seconds on average. Most are false alarms. A few are genuine threats. The real challenge isn’t visibility; it’s focus. How do you know which alerts matter when every tool is screaming for your attention? That’s where AI comes in. And not just any AI—the kind that thinks and acts like a teammate. As we discussed, agentic AI represents a shift from passive pattern recognition to autonomous decision support. Instead of merely identifying potential threats, agentic systems can prioritize them, contextualize them, and even recommend (or execute) response actions. If that sounds like science fiction, it’s not. As Raghu points out, many of the prescriptive tasks assigned to Level 1 SOC analysts—correlating events, escalating cases, and following playbooks—are ideal for automation. An agentic system doesn’t get tired, doesn’t lose focus, and doesn’t fear missing an alert that might end up on the evening news. It simply does the job, at scale, with consistency. In the episode, we talked about how this approach might reshape the traditional SOC hierarchy. Rather than replacing humans, AI could specialize in specific “personas” that complement human expertise. You might have one agent trained as a first-tier analyst, another tuned to compliance monitoring, and another to executive-level risk analysis. Together, these agents form a collaborative mesh that filters, enriches, and interprets data before it ever hits a human’s desk. That’s not just a technology upgrade—it’s an operational shift. It redefines how teams think about detection, response, and ultimately resilience. Because resilience isn’t just about blocking attacks or patching vulnerabilities; it’s about ensuring the business continues to function even when something breaks. What struck me most about our discussion was how seamlessly this connects back to Illumio’s roots in segmentation. For years, the company has helped organizations visualize and contain movement within their environments. Now, by layering intelligent agents into that framework, they’re taking the next logical step: using automation not just to observe risk, but to act on it. We also talked about how the traditional boundaries between security disciplines—vulnerability management, threat detection, breach simulation—are beginning to blur. In a future shaped by agentic systems, those silos start to dissolve. Tools, agents, and human operators all contribute to a shared understanding of exposure, risk, and response. The result could be a more unified, adaptive form of cybersecurity—one built not on isolated alerts, but on intelligent, contextual awareness. That’s the promise of agentic AI. It’s not about replacing human judgment; it’s about amplifying it. And as Raghu notes, the sooner organizations embrace that shift, the closer we get to a world where “alert fatigue” is finally a thing of the past.

Cybersecurity has always been a race against time—but in the era of artificial intelligence, it’s become a race against the machine. In this episode of the TechSpective Podcast, I sit down with Ankur Singla, founder and CEO of Exaforce, to explore what it really means to build an AI-powered SOC. We talk about the shift from manual detection and response to automation at machine speed, and what happens when AI agents begin to take on specialized roles in security operations—an idea that sounds futuristic, but is already unfolding across the industry. Singla brings deep experience from years at companies like F5, Juniper, and Cisco, and he’s seen firsthand how much inefficiency still lingers inside security operations. His view is that AI isn’t just an enhancement—it’s a necessity. Attackers are already using automation to scale their efforts, and defending against them requires the same level of speed and precision. But as we discuss, the rise of AI in cybersecurity isn’t just about capability—it’s about control. What happens when your defensive AI gets hijacked? How do we maintain human oversight in an environment increasingly dominated by machine logic? And at what point does the pursuit of efficiency start to blur the line between autonomy and accountability? Our conversation stretches from the practical realities of AI-driven threat detection to the philosophical questions of trust, identity, and human relevance in the next generation of cybersecurity. It’s a candid look at both the promise and peril of a world where digital defenders never sleep—and where the same tools that protect us can also be turned against us. If you’re curious about how security operations will evolve over the next year—and what it really takes to fight machines with machines—this is one you won’t want to miss.

For years, phishing has been the king of cyberattacks. It’s simple, cheap, and it works. Most of us have learned to spot the obvious red flags in email—strange senders, misspelled domains, suspicious links. But the threat has started to evolve. And it’s moving to places where we’re far less prepared. Think about how you handle email versus text messages. With email, you might let a dozen questionable messages pile up before sorting through them. You scan headers, hover over links, and delete anything that feels off. With text messages, though, the reaction is different. You hear the notification, glance down, and reply almost instantly. That’s human nature. Attackers know it. And they’re exploiting it. In the latest episode of the TechSpective Podcast, I sat down with Jim Dolce, CEO of Lookout, to talk about what this shift means for cybersecurity. Lookout has spent years protecting mobile devices, but its newest focus takes aim at a very different attack surface: us. Instead of guarding the machine, the challenge now is guarding the human behind it. We explore why the human layer is such an irresistible target for attackers. Email filters and security gateways have raised the bar, but SMS, messaging apps, voice calls, and even QR codes remain wide open. And unlike email, where skepticism has become second nature, people are far more trusting when a text or call comes through on their phone. That trust—combined with distraction and urgency—makes mobile messaging a perfect delivery channel for scams. Jim explains how these “omnichannel” attacks are multiplying. Smishing (SMS phishing), vishing (voice phishing), and quishing (QR code phishing) may sound like buzzwords, but they’re real and growing fast. Each relies on the same core weakness: our willingness to believe and respond without hesitation. Of course, the obvious question is what to do about it. Traditional defenses aren’t built for this world. There’s no email gateway to filter your texts. Caller ID can be spoofed. QR codes can be swapped. It requires a different way of thinking about security—one that accounts for the psychology and behavior of people, not just the vulnerabilities of machines. That’s where AI enters the picture. Jim and I discuss how large language models can analyze the context and intent of a message, spotting subtle cues that humans might miss. It’s not just about catching malicious links anymore. It’s about recognizing when a message is crafted to spark an emotional response—whether that’s urgency, fear, or curiosity. The idea is to give people an early warning before they engage. We also touch on the balance between privacy and protection. For any AI system to work, it needs data to learn from. But nobody wants their personal messages sitting in some company’s training set. How that tension gets resolved could make or break adoption of these kinds of solutions. The bigger takeaway from the conversation is that we’re at an inflection point. Cybersecurity has always evolved alongside attackers, but the ground is shifting. As threats move beyond the inbox and onto the devices we rely on most, defenses have to follow. That means new technologies, yes, but it also means rethinking the role of people in their own security. I won’t spoil the details of how Lookout is approaching this challenge—you’ll have to listen to the episode for that. But I will say this: the days of thinking of phishing as an “email problem” are over. The frontlines have moved. And if you haven’t thought about what that means for you, your employees, or your business, now is the time. Listen to the full conversation on the TechSpective Podcast to hear where phishing is headed next—and how security needs to catch up.

Security teams know the pressure all too well: attackers move faster, the attack surface expands every year, and the tools meant to protect enterprises often create more friction than clarity. Traditional SOAR platforms promised efficiency but often delivered complexity, inflexibility, and frustration. Now, a new wave of AI-driven automation is reshaping the conversation—and the stakes couldn’t be higher. In the latest episode of the TechSpective Podcast, I sat down once again with Ajit Sancheti of CrowdStrike to dig into what this next chapter of automation really looks like. If you’ve listened to Ajit before, you know he has a talent for breaking down complex cybersecurity challenges into practical, human-focused insights. This time, our discussion centered on the intersection of agentic AI and the modern SOC—a space where innovation and risk run side by side. Why Old SOAR Models Fell Short We start off with a reality check on traditional SOAR solutions. Many organizations invested heavily, only to find themselves burdened by rigid workflows, brittle integrations, and tools that couldn’t keep up with evolving threats. The issue often revolves around whether security teams can adapt responses in real time without breaking the system. Ajit offers a perspective on why legacy approaches struggled to gain traction and how attackers’ increasing use of AI has made flexibility and speed non-negotiable. That tension—between what defenders need and what their tools can actually deliver—sets the stage for where agentic AI enters the picture. Agentic AI: Promise and Caution If generative AI brought us new ways of working with text and language, agentic AI goes a step further: it doesn’t just generate, it acts. That opens doors for SOCs to automate targeted, granular responses at machine speed. But it also introduces a new kind of trust problem. How much autonomy are you comfortable handing over to an AI agent? What happens when it makes the wrong call? Ajit and I explore the idea of “earned trust”—why human oversight will remain essential and why AI “performance reviews” might become as routine as employee evaluations. It’s a fascinating parallel: treating these agents not just as tools, but as teammates that require accountability. The Human Factor in Automation One theme we return to often in our discussion is simplicity. For too long, security technology has required deep expertise just to ask the right question or interpret the right output. That has to change. Future SOC tools need to feel less like command-line puzzles and more like natural conversations—where context, clarifying questions, and intuitive design make security accessible to more people across the organization. The democratization of security is one of the most exciting trends on the horizon. Smaller companies that never imagined deploying advanced detection or response tools are suddenly finding themselves able to do so—without a staff of experts on hand. Ajit points out how this shift could level the playing field for businesses of all sizes. Looking Ahead We don't go so far as to try to predict a perfect AI-secured future. Instead, we talk about what’s realistic over the next 12 to 24 months. Expect more narrowly focused AI agents, more orchestration challenges, and an evolving role for humans in the loop. There will be setbacks, and likely some very public failures, but also tremendous opportunities for organizations willing to adapt. As always, Ajit brings an optimistic yet grounded perspective. Security is a constant cat-and-mouse game, but this new generation of automation might just give defenders the flexibility and speed they’ve been missing. Why You Should Listen This episode is a candid exploration of where automation stands today, where it needs to go, and how organizations can prepare themselves for an AI-driven future without losing sight of human judgment. If you want a glimpse into the future of SOC operations, and if you’ve ever wondered whether AI can truly lighten the load for overworked security teams, this is a conversation you’ll want to hear.

Artificial intelligence is transforming nearly every industry, and cybersecurity is no exception. On the latest episode of the TechSpective Podcast, I spoke with Kevin Simzer, COO of Trend Micro, about how generative and agentic AI are reshaping development and defense strategies. Kevin shared why AI should be seen as neither magic nor snake oil, but as a powerful tool that can accelerate innovation while still requiring human expertise. From code generation to enterprise-scale deployment, the opportunities are immense—but so are the risks. That’s why security must be built in from the start, not bolted on after the fact. One of the most fascinating parts of our discussion centered on digital twin technology. Traditionally used in fields like manufacturing or engineering, digital twins are now emerging as a game-changer for cybersecurity. By creating a virtual replica of an organization’s environment, enterprises can continuously run simulations, red-team scenarios, and experiment with different defenses—without putting live systems at risk. Instead of waiting for quarterly tests, organizations can stress-test their infrastructure constantly, learning and adapting in real time. As Kevin explained, this shift could fundamentally change how enterprises think about resilience. Combined with the rapid rise of AI-driven agents, digital twins offer a way to stay ahead of evolving threats while navigating the complexity of modern IT environments. Cybersecurity has always been about anticipating the next move. With AI and digital twins in play, the game board itself is changing—and those who embrace these tools early will be far better prepared for what comes next.

Ransomware has been part of the cybersecurity conversation for years, but if you think it’s yesterday’s problem, think again. The headlines might be dominated by AI these days, yet behind the scenes, ransomware continues to disrupt organizations of every size — from small businesses to multinational enterprises. In this episode of the TechSpective Podcast, I sat down with Rob Harrison, Senior Vice President of Product Management at Sophos, for a wide-ranging conversation about findings from the recent Sophos State of Ransomware Report, ransomware’s persistent threat, the critical role of Managed Detection and Response (MDR), and how AI is reshaping the security landscape. Fortunately, it was not a typical “cyber doom” discussion. Rob brings a unique perspective, blending his experience leading Sophos’ MDR business with a career that’s spanned everything from defending national security to protecting critical cloud workloads. Our talk dives into the trends shaping both the technical and human sides of ransomware response — and why some organizations emerge stronger while others don’t survive at all. Why This Conversation Matters While ransomware hasn’t disappeared, the tactics have evolved. The game is no longer just about encrypting data and demanding payment. The threat landscape is shifting toward double extortion, data exfiltration, and in some cases, skipping encryption altogether. Rob and I explore how this evolution is forcing organizations to rethink their approach to prevention, detection, and response. We also discuss how MDR can be a game-changer, particularly for organizations without the resources or expertise to run a 24/7 security operation in-house. It’s not just a question of technology — it’s about having the right people, processes, and visibility to act decisively when every second counts. But what about AI? It’s easy to assume that “AI in security” is just another buzzword. We unpack how AI — especially in its more agentic and automation-focused forms — is already making a real impact in the SOC. From handling tedious, repetitive tasks to providing richer context for human analysts, AI is becoming a force multiplier for security teams. The Human Factor One of the most compelling parts of our conversation focuses on the human cost of ransomware — the stress, burnout, and organizational disruption it leaves behind. Rob offers insights on how to prepare for worst-case scenarios, not just from a systems and data standpoint, but from a leadership and team perspective. We also touch on the importance of preparation and practice. Just as pilots run flight simulations and first responders drill for emergencies, organizations need to rehearse their incident response. That way, when the heat is on, muscle memory kicks in, roles are clear, and decisions are made with confidence. Why You Should Listen If you’re a security leader, business owner, IT professional, or simply someone interested in how technology, strategy, and human decision-making intersect in the fight against ransomware, this episode is for you. We cover: The changing tactics of ransomware operators How MDR can extend or even replace in-house capabilities The role of AI in modern security operations Strategies for reducing the human toll of cyber incidents The importance of preparation, communication, and trust in response efforts This is not a doom-and-gloom story. It’s a conversation about resilience, about making smarter security decisions, and about ensuring that when — not if — an incident occurs, your organization is ready. Listen to the full episode now to hear the full discussion and take away actionable insights you can apply today.

Cybersecurity strategy has evolved over the years—first focusing on keeping the bad guys out, then on detecting and responding to threats faster, and now on cyber resilience and the notion of ensuring business continuity no matter what happens. In the latest episode of the TechSpective Podcast, Druva Chief Security Officer Yogesh Badwe joined me to talk about why the next phase of security maturity must be built around a single, non-negotiable truth: data is the real crown jewel. The Shift to Data-Centric Security Historically, organizations poured resources into protecting networks and identities, often treating data as a secondary concern. “Breaches are inevitable,” Badwe explained. “Detection is a lagging indicator. Organizations need to be ready to respond and recover from bad scenarios—and that starts with the data itself.” With sprawling hybrid environments, complex supply chains, and AI agents introducing new attack vectors, prevention alone isn’t enough. Security teams need full visibility into what data exists, where it resides, and who can access it. Backups: From IT Tool to Security Backbone Most companies think of backups as an IT disaster recovery resource. Badwe argues they must be elevated to a frontline security capability. Recovering from ransomware isn’t as simple as restoring a snapshot—you need to identify clean copies, remove malicious artifacts, and, in some cases, blend files from different points in time to minimize business disruption. “Security recovery is completely different than IT recovery,” he noted. Attackers know this, too. Modern ransomware campaigns often target backup systems directly to remove a company’s safety net. Preparing for Emerging Risks The conversation also touched on two looming challenges: Double-extortion ransomware, where attackers both encrypt and exfiltrate data to increase leverage. Post-quantum cryptography, and the “harvest now, decrypt later” risk that stolen encrypted data could be cracked in the future. Organizations should begin mapping their encryption landscape now to prepare for a PQC transition within the next few years. The Visibility and Classification Challenge Centralizing all corporate data is unrealistic. Instead, companies need tools that can provide visibility where the data lives—whether that’s in SaaS apps, multi-cloud environments, or third-party systems. Badwe sees automated classification as essential, not just for prevention but for rapid incident response. Knowing which 20% of your data is truly sensitive allows you to focus security controls where they matter most. AI’s Real Role AI in security is often overhyped, but Badwe sees practical value in tier-one SOC triage, automating runbooks, and enhancing secure software development processes. AI can’t replace sound security architecture, but it can accelerate analysis and decision-making. Looking Ahead As AI agents and integrated corporate search platforms become more common, traditional authentication and authorization models will be tested. Security leaders will need to rethink access controls for human-to-agent and agent-to-agent interactions. For Badwe, resilience isn’t just about bouncing back—it’s about making data the centerpiece of prevention, detection, response, and recovery. Because in the end, it’s not the network or the identity we’re protecting—it’s the information that keeps the business running. Check out the full podcast for more:

When it comes to cybersecurity, it’s easy to fall into the trap of thinking in binaries—good guys and bad guys, black hats and white hats, defenders and attackers. But the reality is far more complex, especially in an age where artificial intelligence is changing the rules for everyone, whether they like it or not. In the latest episode of the TechSpective Podcast, I sat down with Myke Lyons, CISO of Cribl, for a conversation that spans a lot of ground. And I mean a lot of ground. From retail fraud and social engineering to ransomware economics and the future of AI-powered search, we explore how cybercriminals are using the same tools defenders have access to—but with very different goals in mind. We kick things off by unpacking Cribl’s unique role in the world of IT and security telemetry. At one point, I draw the comparison of Cribl as a sort of Rosetta Stone for log data—helping organizations normalize, route, and optimize data flows to the right places for the right reasons. Myke shares how this kind of architectural flexibility isn't just convenient—it’s becoming essential in a world where data is growing at breakneck speed and attackers are using AI to move just as fast. Then we shift into a broader discussion about why retail—especially during high-stakes periods like Prime Week or Black Friday—is such a tempting target for attackers. The emotional nature of shopping, the scale of operations, and the deeply trusted brand names all make retail a ripe hunting ground for bad actors. But it’s not just old-school fraud or phishing anymore. We get into how AI is helping attackers spoof websites, impersonate brands, and even fake their way through job interviews to infiltrate organizations from the inside. One particularly eye-opening thread: the evolving ransomware playbook. Threat actors are now using AI to research their victims more thoroughly—tailoring ransom demands based on insurance coverage, revenue cycles, and organizational pain points. It’s strategic, it’s efficient, and yes, it’s unsettling. But this conversation isn’t just doom and gloom. We also talk about how security teams can flip the script by using AI themselves—developing muscle memory with new tools, leveraging prompt engineering, and building infrastructure that adapts in real time. Myke makes the case for experimentation, curiosity, and staying a step ahead—not just with tech, but with mindset. If you’re a security leader, a practitioner, or even just a curious listener trying to make sense of this rapidly evolving landscape, you’ll find a lot to chew on here. And if you think the line between helpful AI assistant and risky attack vector is starting to blur… you’re not alone. Listen to the full episode now and hear why your AI should be more like JARVIS—and what happens when the bad guys figure that out first.

The ever-expanding world of cybersecurity is full of big promises, bold claims, and—if we’re being honest—a lot of noise. As security leaders face mounting pressure to do more with less, it’s no longer enough to simply buy the newest tool or chase the latest trend. What organizations really need is a trusted advisor—someone who knows the landscape, understands the stakes, and can help make sense of it all. That’s exactly the theme of the latest episode of the TechSpective Podcast. John Hurley, Chief Revenue Officer at Optiv joins me in a wide-ranging, candid discussion of the real challenges facing CISOs today: managing tool sprawl, justifying investments, cutting through cybersecurity jargon, and understanding where artificial intelligence fits into the modern security stack. At the heart of our conversation is Optiv’s unique approach to helping organizations rationalize their security environments. John shares how Optiv leverages a decade’s worth of data and experience to guide clients through the decision-making process—moving from a transactional vendor model to a genuinely consultative partnership. The analogy I came up with for Optiv's role is that it essentially positions itself as a “pharmacist” in the cybersecurity ecosystem—helping organizations make sense of countless overlapping solutions and potential “side effects.” The episode also addresses some timely questions: What does it mean to be a true advisor in an industry obsessed with buzzwords? How can AI be leveraged to bring real value, rather than just more noise? And what steps should organizations take when rethinking their security architecture in the face of continuous change? Whether you’re a security leader looking for fresh perspective, a vendor navigating a crowded marketplace, or just a tech enthusiast fascinated by the challenges of enterprise security, this episode promises plenty of food for thought. Curious? Give it a listen (or watch it on YouTube)—and hear firsthand how the conversation is evolving from selling tools to solving real business problems.

Cloud security is one of the most talked-about issues in cybersecurity today—but are we talking about the right things? In the latest episode of the TechSpective Podcast, I sat down with Cristian Rodriguez, Field CTO for the Americas at CrowdStrike, to explore the evolving landscape of cloud threats and how defenders need to adapt. With over a decade at CrowdStrike and more than 20 years in the cybersecurity space, Cristian brings a seasoned perspective on how adversaries have shifted their tactics—and how security teams can respond effectively. The Comfort Trap of Posture Management A major theme of our conversation is the current overreliance on cloud security posture management (CSPM). While CSPM tools play a critical role in identifying misconfigurations, compliance gaps, and other baseline security issues, Cristian points out that they are inherently limited by their snapshot-in-time nature. They’re valuable for hygiene, but they don’t give you a dynamic view of what’s happening in your environment right now. And that’s a problem—because attackers aren’t waiting for your next scan. They’re actively probing, logging in with stolen credentials, and moving laterally through cloud environments in ways that traditional security tooling often fails to detect. Living Off the Land, Evolved for the Cloud We also touch on a concept many security professionals know well: “living off the land.” This is when attackers use legitimate tools and processes already present in an environment to evade detection. What’s changing, Cristian explains, is how these techniques are now being used within cloud-native services—hiding in plain sight within container workloads, serverless functions, and IAM policies. This shift demands a new level of runtime visibility. You can’t just know what resources exist and how they’re configured—you need to understand who is accessing them, when, from where, and why. Behavioral analysis, real-time anomaly detection, and identity-based insights are becoming table stakes in defending modern cloud architectures. AI as a Force Multiplier for the SOC Naturally, no conversation about modern cybersecurity would be complete without discussing AI. Cristian shares how CrowdStrike’s AI assistant, Charlotte, is changing the game for SOC analysts by helping them triage incidents faster, guide investigations, and even orchestrate responses across multiple systems using natural language commands. But AI isn’t just about automation—it’s about augmentation. AI doesn’t replace the analyst; it frees them up to focus on what really matters. In a world where adversaries can break out and cause damage in under an hour, that time savings is crucial. Preparing for What’s Next We also touch on what has become a focus for me. It is one of the biggest questions for the future of AI: What happens when the next generation of cybersecurity professionals enters the field having never worked without AI? If level-one SOC roles are increasingly automated, how do tomorrow’s defenders gain the experience needed to make critical decisions in high-stakes situations? It’s a thought-provoking discussion that blends current challenges with a forward-looking lens on where the industry is headed—and what that means for the people defending it. Tune In to Learn More If you're a security leader, cloud architect, SOC analyst, or anyone trying to keep pace with the changing threat landscape, this is a must-listen episode. We explore not just the threats themselves, but the mindset shift required to defend against them—and the technologies that can help tip the scales in our favor. Listen now on your favorite podcast platform or watch the full conversation on YouTube. Have thoughts on this episode or topics you'd like to see covered in future discussions? Let me know on LinkedIn—I’d love to hear what’s on your mind.

Artificial intelligence may be the headline, but data is the story. In this episode of the TechSpective Podcast, I sat down with Todd Moore, VP of Data Security at Thales, to unpack the newly released 2025 Thales Data Threat Report. Our conversation explored the increasingly complicated intersection of data, AI, and cybersecurity—and why enterprises may be sprinting into transformation before securing their foundation. Spoiler: It’s all about the data. GenAI Is Booming—And So Are the Risks According to the report, one-third of organizations are already in the integration or transformation phase of GenAI adoption. And while that sounds like progress, Todd and I both agreed it mirrors past tech hype cycles—cloud, Wi-Fi, mobile—where enthusiasm far outpaced security planning. “The horse has left the barn,” Todd said. And that urgency to keep up with AI adoption is creating a familiar blind spot: data security. In fact, the fast-evolving GenAI ecosystem ranked as the top concern among respondents (69%), followed closely by risks to data integrity (64%) and trustworthiness (57%). Enterprises are waking up to the reality that AI isn’t just a new technology—it’s a new attack surface. Shadow AI, Prompt Injection, and Data Leakage One recurring theme from our conversation was the rise of "shadow AI"—where employees use public tools like ChatGPT without guardrails. While it might boost productivity, it also introduces serious risk if sensitive internal data gets fed into public models. We talk about how many organizations are adopting internal LLMs to mitigate this, but we acknowledge that enforcement is tough. The reality is that just like with shadow IT, if you don’t give people an approved tool that meets their needs, they’ll find workarounds. That’s where security posture management becomes crucial. Visibility into who’s using what data—and where it’s going—is no longer optional. Data Classification: Still a Work in Progress You can’t protect what you don’t know you have. Yet the report found that only one-third of organizations can fully classify their data, while 61% are juggling five or more data discovery tools. The inconsistency leads to fragmented policies, conflicting controls, and ultimately, more exposure. Todd and I agreed: classification has to be automated and context-aware. AI can help here—ironically—by understanding not just what a file says, but what it means based on surrounding data. Still, as Todd pointed out, AI is also the biggest creator of new data. “It’s a feedback loop,” he said. “AI is creating more unstructured data than ever before, which just makes the classification challenge even bigger.” Quantum Computing Is Closer Than You Think Another headline from the report—and our conversation—was the growing urgency around post-quantum cryptography (PQC). The threat of “harvest now, decrypt later” is very real, especially for regulated industries that store data long-term. Thales found that 63% of organizations are already concerned about future decryption of today’s data, and many are beginning to prototype PQC solutions. Todd emphasized that we now have a deadline: NIST and other global bodies are calling for a deprecation of classical algorithms by 2030. “This isn’t Y2K,” Todd warned. “We don’t know when Q-day will arrive. But when it does, if you haven’t prepared, it’s already too late.” Check It Out This episode dives deep into AI, PQC, classification, and the cultural challenges of balancing innovation with risk. If you're a CISO, security leader, or just trying to make sense of the data security landscape in 2025, you won’t want to miss it.

In a sea of sameness in the cybersecurity market, it’s easy to walk away feeling like every company says the exact same thing. “Autonomous.” “Agentic.” “AI-powered.” After a while, it all blends together. But every now and then, a brand cuts through the noise—not just because of a flashy event booth or viral stunt, but because it tells a compelling story with intention behind it. In the latest episode of the TechSpective Podcast, I sit down with Don Jeter, Chief Marketing Officer, and Leonid Belkind, CTO and Co-founder of Torq, to talk about what it takes to stand out in an industry that too often plays it safe. If you’ve seen Torq’s monster truck partnership or skeleton-themed branding at events like RSAC and wondered what’s behind the spectacle, this conversation peels back the curtain. But this isn’t just a story about branding. It’s a deeper discussion about authenticity, culture, and why cybersecurity marketing so often misses the mark. We explore how Torq built a company that reflects its people—irreverent, passionate, and unapologetically bold—and why that matters more than ever in today’s overcrowded cybersecurity landscape. We also talk about how automation is evolving beyond the limitations of legacy SOAR (Security Orchestration, Automation, and Response), and how AI—particularly agentic AI—is reshaping how security teams handle alerts, prioritize threats, and reclaim their time. The conversation touches on trust, risk, the future of security operations, and even gets into topics like self-driving cars, self-checkout lanes, and what it means for a new generation of analysts entering the field. If you’re interested in cybersecurity, brand differentiation, or how AI is transforming security operations, this episode is one you don’t want to miss. Check out the full episode now:

In the latest episode of the TechSpective Podcast, Errol Weiss, Chief Security Officer at Health-ISAC, joins me to dive into a timely and thought-provoking conversation on how cybersecurity collaboration is changing—especially when it comes to public and private sector relationships. For over a decade, Health-ISAC has played a vital role in helping healthcare organizations share threat intelligence and best practices. But in today’s environment, that collaboration is under pressure. The lines between private and public sector responsibility are becoming more blurred, and recent shifts in government participation are raising tough questions. Who is ultimately responsible for defending critical infrastructure? And what happens when the expected support simply isn’t there? Our discussion covers a wide range of themes—from the unique cybersecurity challenges facing hospitals and medical device manufacturers to the impact of political transitions on agency engagement. It also explores what it really means for organizations to be self-reliant in their defense efforts, and how global cooperation plays into the equation. This episode doesn’t offer easy answers—but it will make you think. If you’re in cybersecurity, healthcare, or just care about the systems we all depend on, this is one conversation you won’t want to miss. Tune in to hear how leaders like Weiss are adapting in real time and what the rest of us can learn from their approach. Listen now wherever you get your podcasts—or watch the full episode on YouTube.

How do you navigate a cybersecurity landscape where the threats are constantly evolving—and so is the government’s role in defending against them? I sat down with Jeff Man, a respected voice in cybersecurity and someone with deep roots in both the public and private sectors, to talk about this (and a bunch of other stuff) for the latest episode of the TechSpective Podcast. Jeff’s career spans more than four decades, including time at the National Security Agency during a pivotal era of transformation. He’s also spent years in the trenches with PCI-DSS compliance and now consults with companies across industries on how to build better, more resilient security programs. We talk about the philosophical and practical intersections between cybersecurity, trust, and governance in a rapidly changing world. Jeff and I discuss how cybersecurity has evolved since the Cold War, how the mythology around institutions like the NSA and Unit 8200 influences perception, and how recent political decisions are reshaping the roles of CISA, NSA, and other federal cyber agencies. But this episode isn’t just a retrospective or a policy rant. It’s a raw, candid, and sometimes uncomfortable look at where we are today. We question whether the growing skepticism of public institutions is warranted—and what it means when tech companies, not governments, are trusted as de facto arbiters of truth. And we grapple with the uncomfortable reality that while the cybersecurity stakes are higher than ever, the public’s confidence in traditional sources of authority may be at an all-time low. If you’re looking for a surface-level chat about tech trends, this isn’t it. But if you want to hear a thoughtful, unscripted discussion about the deeper issues impacting cybersecurity and society, this episode is a must-listen.

Cybersecurity isn’t what it used to be—and that’s a good thing. In the latest episode of the TechSpective Podcast, I sat down with Sunil Muralidhar, Vice President of Marketing and Partnerships at ColorTokens, to explore how organizations are rethinking traditional security approaches and what it means to be “breach ready” in today’s threat landscape. For years, enterprise security revolved around the concept of perimeter defense—building bigger walls and stronger gates to keep attackers out. But the game has changed. With cloud adoption, remote work, IT/OT convergence, and the rise of identity-based threats, the idea of a clearly defined perimeter no longer holds water. Sunil brings a wealth of experience to the table and makes a compelling case for why microsegmentation and Zero Trust architecture are no longer optional—they’re essential. The Shift from Reactive Defense to Proactive Containment Let’s face it: attackers are going to get in. Whether it’s through stolen credentials, social engineering, or misconfigured cloud resources, initial access is easier to achieve than ever. What matters now is what happens next. That’s where the concept of lateral movement becomes critical. Once inside, attackers often spend days, weeks, or even months quietly exploring internal networks, moving from one system to another in search of valuable assets. Breach readiness means being prepared to contain that movement, limit the blast radius, and prevent a minor incident from becoming a full-blown crisis. Sunil emphasizes that this isn't just a technical challenge—it's a business imperative. Cyber resilience is about ensuring that even when something goes wrong, operations continue with minimal disruption. It’s about keeping the business running while the security team does its job. Why Microsegmentation Matters At the heart of breach readiness is microsegmentation—a strategic approach that enforces strict access controls between workloads, devices, and users. It’s the digital equivalent of closing fire doors in a building: if one area is compromised, the threat can’t easily spread. But while the concept isn’t new, adoption has lagged due to complexity and fear of disruption. Sunil shares how ColorTokens is helping organizations overcome these barriers with simplified, agentless deployment models and greater visibility into interdependencies. The goal isn’t to create friction—it’s to build confidence that the right protections are in place without bringing operations to a halt. IT/OT Convergence: A New Frontier for Risk Another major topic we cover in the episode is the increasingly blurred line between IT and OT environments. Industrial systems that were once isolated are now networked, monitored, and managed remotely. While this drives efficiency and innovation, it also expands the attack surface. Sunil explains how the same principles of Zero Trust and microsegmentation apply here, too—just with additional considerations around legacy devices and protocols. Protecting these environments requires visibility, adaptability, and context-aware policy enforcement, especially when traditional agents can’t be installed. AI, Cloud, and the Evolving Threat Landscape We also touch on how AI is reshaping both attack and defense strategies, from identity spoofing to fully autonomous threats. With AI workloads increasingly built and deployed in the cloud, Sunil discusses why cloud-native security and identity-first protection are more important than ever. Breach readiness isn’t just about preventing attacks. It’s about designing systems that expect compromise, contain threats by default, and allow the business to stay resilient and responsive. Breach Ready This conversation is a must-listen for CISOs, security architects, and anyone navigating the modern cybersecurity landscape. Sunil brings thoughtful insights and practical advice to the table—and whether you’re already exploring Zero Trust or just starting to question your current strategy, there’s something here for you. Check out the episode to hear our full discussion on breach readiness, microsegmentation, IT/OT convergence, and what it really means to be secure in a borderless world. If you are going to be at RSAC 2025 in San Francisco next week, stop by Booth 2027 to meet the ColorTokens team and learn more.

The rise of artificial intelligence has opened up exciting possibilities, but it’s also creating new challenges--particularly for cybersecurity. I sat down with my friend Sam Curry, Global VP and CISO in residence at Zscaler, for an in-depth conversation about the ways AI is transforming cybersecurity, how it’s being adopted across industries, and what organizations need to do to keep pace with these rapid changes. Throughout the discussion, Sam emphasizes that AI is no longer a question of "if," but "how." As generative AI tools like ChatGPT continue to grow in popularity, they are being used in everything from content creation to customer service. However, with the tremendous opportunities come significant risks. We take a closer look at how AI is reshaping cyberattacks, particularly the rise of AI-powered phishing scams and deepfakes, which are increasingly difficult to detect and can have devastating consequences for individuals and businesses alike. One of the most fascinating points of discussion in this episode of the TechSpective Podcast is the generational divide in AI adoption. While many tech-savvy individuals, particularly from older generations, have embraced AI tools, there’s a noticeable resistance from younger generations, who are more concerned about the environmental impact of these technologies. We explore these differing perspectives and discuss the complex ethical considerations around AI, including concerns about data privacy, security, and the power these tools give to cybercriminals. The episode also dives into the practical side of cybersecurity, with Sam outlining the importance of implementing zero trust and least privilege principles in organizational infrastructure. With AI and other emerging technologies continuously altering the attack surface, these concepts are becoming even more critical for businesses looking to safeguard their sensitive data and ensure they are prepared for the next wave of cyber threats. This episode is packed with valuable insights for anyone concerned with the future of AI, cybersecurity, and the evolving threat landscape. If you’re looking to understand how to navigate these changes and secure your organization against the growing risks of AI-powered attacks, you won’t want to miss this conversation. So, whether you're an IT professional, a business leader, or simply someone interested in the intersection of technology and security, this episode offers a must-listen perspective on the future of AI in cybersecurity. Tune in to learn how we can all better prepare for the AI-driven future of cybersecurity.

How do you balance business priorities and AI trends with truly effective cybersecurity practices—and make sure you’re still doing right by employees and customers? My friend Matt Alderman, Chief Product Officer at CyberSaint and host of the Business Security Weekly podast, joins me to talk about this and more for this TechSpective Podcast episode. Matt’s career spans decades in cybersecurity, from early consulting days to product leadership at several well-known companies. Beyond his own hands-on experience, he’s got a deep appreciation for how fast technology and security threats evolve—and how leaders must adapt. In this episode, Matt and I touch on: The buzz around AI and what it actually means for cybersecurity teams How automation and platform consolidation are reshaping budgets and tools The tricky intersection of ethics, risk management, and real-world security Observations on leadership and moral responsibility in an increasingly complex digital world One of the most compelling parts of my conversation with Matt Alderman was about the human side of business decisions—especially when it comes to hiring and layoffs. In an industry driven by growth metrics and investor expectations, it’s easy to lose sight of the fact that behind every headcount number is a real person with a life and family. Matt shared some personal stories and reflections that bring this reality into sharp focus. We talked about how leaders can—and should—factor empathy and ethics into their decision-making, even when the financial pressure is high. Letting people go might be a business necessity at times, but doing so with compassion and transparency matters. On the flip side, companies also need to be careful about overhiring in the first place, which often leads to the inevitable cycle of cutbacks. Doing the right thing and running a smart business aren’t mutually exclusive. It was great catching up with Matt, sharing stories of what worked, what didn’t, and where cybersecurity is headed next. Get a unique perspective on how AI can simultaneously empower attackers and defenders, and how boardroom decisions (and moral compasses) factor into cybersecurity strategies. You won’t want to miss this episode.

Cybersecurity is constantly evolving, and staying ahead of threats requires more than just tools—it demands strategy, leadership, and expertise. The unfortunate reality is that the threat landscape affects all companies regardless of industry or size, but many companies simply do not have the expertise or budget to defend effectively. On the latest episode of the TechSpective Podcast, I sat down with my good friend Den Jones, Founder and CEO of 909Cyber, to talk about his latest venture and why it’s helping to fill that void and hitting the mark for companies of all sizes. If you know Den, you know he’s not someone who stands still for long. From leading security initiatives at Adobe and Cisco to helping Banyan Security scale up before its acquisition, his career has been defined by forward motion. Now, with 909Cyber, he’s taking everything he’s learned and offering it as a service—literally. In this episode, Den shares the inspiration behind 909Cyber, his take on the current cybersecurity landscape, and why organizations today need flexible, pragmatic solutions more than ever. We talk about the challenges facing small and mid-sized businesses, the growing demand for virtual CISOs, and how a "strategy and execution" approach can fill critical security gaps. We also get into the mindset shift that's happening across the industry: it's no longer about buying the shiniest tool, but about understanding your business, your risks, and deploying the right solutions—sometimes with what you already have. Whether you’re a CISO, a business leader, or just interested in how cybersecurity consulting is evolving, this conversation is full of insights you won’t want to miss. Watch or listen to the full episode now and learn how 909Cyber is helping organizations rethink security from the ground up. You should also check out the Cyber909 podcast—which I recently guested on with Den.

I recently sat down with my long-time friend and cybersecurity expert, Michael Farnum, to discuss his journey in the industry, his role as an advisory CISO at Trace3, and the evolution of the Houston Security Conference—more commonly referred to as HOU.SEC.CON. Farnum has a deep-rooted passion for cybersecurity and his commitment to community-building shines through as he shares the story behind the creation of HOU.SEC.CON—a regional event that has grown into something much larger. We delve into how HOU.SEC.CON started as a local cybersecurity conference but quickly gained traction with a unique twist: a strong community focus and a deep commitment to providing valuable, non-vendor-centric content. As the conference expanded, so did its scope, with specialized tracks like OT.SEC.CON EXEC.SEC.CON, and recently YOUTH.SEC.CON catering to niche segments like operational technology, executive-level discussions, and providing guidance and education for students. One of the standout themes in our conversation is how HOU.SEC.CON has managed to create an environment that's distinct from the larger industry conferences like RSAC and Black Hat. Farnum reflected on the importance of keeping the event accessible and affordable, with tickets priced around $100 to ensure broad participation. It’s all about fostering a community of cybersecurity practitioners, not just showcasing the latest vendor offerings. In addition to talking about the event itself, we explore broader trends in cybersecurity, including the potential for AI to disrupt the job market. Farnum offers a candid perspective on how generative AI could affect entry-level cybersecurity roles and the skills required for the next generation of security professionals. While the conversation touches on some of the challenges ahead, it’s clear that Farnum is excited about the future of cybersecurity and the opportunities to pivot into new areas within the field. Whether you’re a seasoned cybersecurity professional or just starting out, this episode offers valuable insights into the changing landscape of the industry and the importance of community-driven events like HOU.SEC.CON. Tune in to hear more about Farnum’s experiences and his vision for the future of cybersecurity conferences. You’ll also hear about some exciting updates for HOU.SEC.CON in 2025, so check it out. Also, make sure you take a look at the upcoming events and register to attend: OT.SEC.CON – April 17 EXEC.SEC.CON – April 22 YOUTH.SEC.CON – September 30 HOU.SEC.CON – September 30 – October 1

In the latest episode of the TechSpective Podcast, I sit down with Anthony Freed, Director of Research Communications at Halcyon, to dive deep into the ever-evolving ransomware landscape. We explore how ransomware has transformed from a financial cybercrime tool into a powerful weapon with geopolitical implications. We had more technical difficulties than I prefer and the audio is rough in parts, but a great conversation nonetheless, so here it is. Anthony and I have been in this industry long enough to witness ransomware’s evolution firsthand. From the early days of financially motivated attacks to today’s sophisticated ransomware-as-a-service (RaaS) ecosystems, we break down the layers of this thriving criminal enterprise. We discuss the rise of initial access brokers, affiliate attackers, and even the IT support structures that cybercriminals use to scale their operations—almost mirroring legitimate businesses. But the conversation takes an even more unsettling turn as we examine the intersection of ransomware and nation-state operations. Many cybercriminal groups enjoy safe harbor in countries like Russia and China, and there’s increasing evidence that some attacks—particularly those targeting critical infrastructure, healthcare, and supply chains—are serving dual purposes: profiting from ransom payments while also advancing geopolitical agendas. Is ransomware just a financial nuisance, or is it a national security crisis? Why has the response from governments remained largely reactive, and what should be done to disrupt this growing threat? We tackle these hard questions while also exploring the blurred lines between cybercrime, espionage, and information warfare. If you’re concerned about the future of cybersecurity—and the role ransomware plays in the global power struggle—this is an episode you won’t want to miss. Tune in now to hear the full conversation.

TechSpective Podcast Episode 148 Security Information and Event Management (SIEM) solutions were once hailed as the cornerstone of modern cybersecurity, promising centralized visibility, streamlined threat detection, and efficient response. Over time, though, many organizations have struggled with SIEM’s complexities, high costs, and an overwhelming volume of alerts—often leading to what’s known as "swivel chair syndrome" as analysts jump between multiple tools to investigate and respond to incidents. Next-gen SIEM is working to change that, though, and redefine the role of security operations centers (SOCs), bringing AI-powered automation and intelligent threat detection into the equation. Ajit Sancheti, GM of Next-Gen SIEM at CrowdStrike, joins the TechSpective Podcast to explore how SIEM solutions are evolving and what security leaders should expect in the coming years. We discuss: The legacy SIEM dilemma – Why traditional SIEMs struggled with scalability, data overload, and false positives AI-driven analytics – How AI is transforming SOC workflows, making security operations more efficient The rise of predictive security – How AI-powered models are shifting cybersecurity from reactive to proactive Data complexity and visibility – Why organizations need a single source of truth for security data The future of automated response – How security teams can move beyond rule-based playbooks to more dynamic AI-driven decision-making Organizations are now looking beyond traditional security stacks to solutions that seamlessly integrate threat detection, automated response, and predictive intelligence—all without the manual tuning and endless configuration that plagued legacy systems. Where is SIEM headed, and what does it mean for your security strategy? If you’re a CISO, SOC analyst, or security leader, you should check out the conversation.

TechSpective Podcast Episode 147   I sat down with Trevor Dearing, Director of Critical Infrastructure Solutions at Illumio, to unpack the findings of Illumio’s Global Cost of Ransomware study. The results? A wake-up call for organizations that believe they have ransomware under control. Key Highlights from the Conversation: 58% of organizations had to halt operations due to ransomware—why is this number climbing? The dangerous disconnect between confidence and reality in cybersecurity strategies. Why paying the ransom rarely works—and often leads to repeat attacks. The shift from data theft to operational disruption—why cybercriminals are changing tactics. The AI arms race in ransomware—how attackers are using AI to accelerate their attacks and what organizations can do to keep up. Ransomware isn’t just about stolen data anymore—it’s about shutting down businesses, crippling supply chains, and disrupting entire industries. And yet, many companies continue to underestimate their vulnerability. We also dive into the evolving role of zero trust, microsegmentation, and AI-powered defense strategies, exploring why containment—not just prevention—is the key to surviving modern cyber threats. Don’t miss this insightful conversation. Listen now to hear firsthand insights from Trevor on the state of ransomware, security resilience, and what organizations must do to protect themselves.

TechSpective Podcast Episode 146   Loneliness is a powerful emotion, and scammers know how to exploit it. Every year, in the weeks leading up to Valentine’s Day, there is a sharp rise in online romance scams. Similar spikes occur around the holidays, as people seek companionship during a season of togetherness. Karin Zilberstein, VP of Product at Guardio, joins me on the latest episode of the TechSpective Podcast to explore how romance scams have evolved, the red flags you need to watch for, and how AI-driven scams are making online deception more convincing than ever. “Everybody wants to feel connected, and that’s completely understandable,” Zilberstein says. “But scammers know how to take advantage of that vulnerability.” These scams don’t just happen on dating sites. Social media, gaming platforms, and even professional networking sites have become breeding grounds for deception. The Red Flags You Shouldn’t Ignore While romance scams are becoming more advanced, they still follow patterns that, if recognized early, can prevent costly mistakes. Here are the key warning signs that a seemingly romantic connection may be a scam: They insist on moving the conversation off-platform. Dating apps and social media platforms have security measures in place. Scammers want to communicate through encrypted channels where they can’t be traced. They avoid video calls or in-person meetings. Deepfake videos are improving, but many scammers still refuse face-to-face interactions, often citing excuses like a broken camera or military deployment. They create a sense of urgency. Scammers rush their victims into emotional or financial decisions. They might claim a sudden medical emergency or a last-minute travel expense that requires immediate help. They ask for money in unconventional ways. Rather than direct bank transfers, scammers often request cryptocurrency, gift cards, or wire services, making transactions harder to trace and recover. Their stories don’t add up. Inconsistencies in their background, vague answers to direct questions, or changes in personal details over time are all red flags. Recognizing these signs early can be the difference between protecting yourself and becoming the next victim of a costly con. AI and Deepfake Technology: The Future of Fraud Perhaps the most alarming trend in romance scams is the integration of artificial intelligence. There are cases where threat actors use deepfake videos to mimic real people, allowing scammers to hold video calls with their victims while pretending to be someone else. It’s no longer enough to rely on voice or even video as proof of authenticity. The technology is improving so quickly that, in some cases, even cybersecurity experts struggle to detect the fakes. This growing sophistication raises serious concerns about how online deception will evolve. With AI capable of generating customized messages, videos, and even entire social media profiles, scams will become harder to spot, making digital awareness and cybersecurity tools more critical than ever. The High Cost of Romance Scams The financial toll of romance scams is staggering. In 2023 alone, victims lost more than $1.14 billion to these schemes, according to the Federal Trade Commission. But the true cost isn’t just measured in dollars. Many victims suffer emotional distress, embarrassment, and even isolation from family and friends. Some cases involve devastating losses, with victims draining retirement accounts or losing their homes after being manipulated into financial ruin. The emotional investment can be so deep that, even when presented with clear evidence, victims refuse to believe they’ve been scammed. “It’s heartbreaking because the people being targeted just want connection,” Zilberstein says. “They’re not foolish or reckless. They’re being deceived by criminals who are experts in manipulation.” Fighting Back Against Digital Deception As romance scams become more advanced, individuals aren’t the only ones responsible for defense. Technology companies, internet providers, and mobile carriers all play a role in combating online fraud. Yet, many platforms still struggle to implement effective safeguards. Scammers adapt quickly, using burner numbers, disposable accounts, and AI-driven tools to evade detection. Consumers are often left to fend for themselves, relying on skepticism and cybersecurity solutions to stay protected. Zilberstein emphasizes the importance of using technology to fight technology. Guardio’s cybersecurity tools, for example, detect fake websites, phishing messages, and suspicious activity in real time, offering an added layer of protection that vigilance alone can’t provide. “People shouldn’t have to navigate this alone,” she says. “There are tools that can help keep them safe, and they should take advantage of them.” Listen to the Full Episode Romance scams are evolving, and everyone is a potential target. Whether you or someone you know is looking for love online, staying informed is the best defense against digital deception. Don’t let cybercriminals ruin trust in the digital age. Listen to the full episode now.

TechSpective Podcast Episode 145   For a CISO, dinding the right balance for between business priorities, security budgets, and emerging technologies is a perpetual challenge. I had the pleasure of diving deep into these topics with Mick Baccio, a seasoned security expert and Global Security Advisor at Splunk. Mick’s expertise, honed from years in the trenches, offers a refreshing perspective on the realities that today's security leaders face. Our discussion began with Splunk’s latest CISO report, which paints a telling picture of the current state of cybersecurity leadership. One of the primary themes we explored was the ongoing struggle many CISOs encounter when trying to align their security strategies with the financial expectations of corporate boards. Mick highlighted some eye-opening discrepancies between what boards think is “sufficient” for security and what CISOs see as necessary for real protection. This disconnect often leads to tough decisions about where to allocate limited resources—decisions that could significantly impact an organization’s ability to prevent and respond to cyber threats. Mick shared some personal insights into how CISOs can bridge this gap, emphasizing the importance of viewing security as a business enabler rather than a cost center. We talked about the shift in how security is perceived in the boardroom—a transformation that’s still in progress but undeniably crucial as cyber threats become more sophisticated. There’s a growing need for security leaders to speak the language of business, using compliance and risk management as leverage to make their case. But, of course, it’s not all about budgets and compliance. We also ventured into the realm of technology and innovation, exploring how artificial intelligence (AI) is reshaping the cybersecurity landscape. With AI's ability to streamline processes and automate repetitive tasks, it’s no surprise that it's becoming a central topic in discussions about the future of security. Mick offered an intriguing perspective on how AI isn’t just a buzzword—it’s a transformative force that could redefine how organizations approach security, if used strategically. However, as we noted, it’s not without its challenges and potential pitfalls. Throughout the conversation, one key message stood out: effective communication is essential. Whether it's translating technical details into business value or aligning cybersecurity initiatives with broader company goals, the role of the CISO has evolved. They’re not just the “security nerds” in the server room anymore; they’re becoming integral players in strategic decision-making. For anyone in a security leadership role—or anyone interested in the dynamic interplay between business and cybersecurity—this episode of the TechSpective Podcast is a must-listen. Mick brings a wealth of experience to the table, and his insights could provide valuable guidance on navigating the complexities of today’s security challenges.

TechSpective Podcast Episode 144   Are you ready for the quantum revolution? In the latest episode of the TechSpective Podcast, I diver into the fascinating world of post-quantum cryptography (PQC) with Ted Shorter, CTO of Keyfactor. Together, we unpack the urgency, complexity, and far-reaching implications of the transition to quantum-resistant cryptographic standards. The Challenges of Transition Transitioning to PQC is no small feat. Ted highlighted that this shift is more complex than past cryptographic changes, such as moving from SHA-1 to SHA-2. Organizations must inventory their systems, assess dependencies on vulnerable algorithms, and adopt a mindset of crypto-agility. Legacy systems, IoT devices, and critical infrastructure add layers of difficulty, as many of these technologies lack the flexibility for rapid updates. Highlights from the Conversation Quantum Computers Explained: Unlike faster versions of today’s computers, quantum machines are a unique breed, designed to excel in certain tasks—like breaking widely used cryptographic algorithms such as RSA and ECC. The Clock is Ticking: With organizations like NIST and NSA pushing for quantum-resilient cryptography by 2030, businesses must act now to avoid being caught unprepared. Why It Matters: From national security to corporate IP, data encrypted today could be vulnerable tomorrow. The “harvest now, decrypt later” approach underscores the need for immediate action. Crypto-Agility is Key: Embracing flexibility in cryptographic systems ensures organizations can adapt to new standards as they emerge, reducing risks associated with legacy systems. Compliance to the Rescue: While quantum computing may still feel distant to some, compliance mandates are forcing industries to tackle the issue head-on. An Invitation to Learn More Looking for deeper insights? Keyfactor’s Tech Days 2025 conference in March will feature an impressive lineup of speakers and sessions dedicated to PQC, security innovation, and more. Held in sunny Miami, this event is the perfect opportunity to engage with experts and peers while soaking in some rays (and perhaps a piña colada). Don’t miss this compelling conversation—available now on the TechSpective Podcast. Tune in to stay ahead of the quantum curve and future-proof your cybersecurity strategy.

TechSpective Podcast Episode 143   The latest episode of the TechSpective Podcast brings a dynamic and insightful conversation with Gianna Whitver, co-founder and CEO of the Cybersecurity Marketing Society. Gianna sheds light on the unique challenges of cybersecurity marketing, the role of artificial intelligence in the industry, and exciting developments for CyberMarketingCon. The Origins of the Cybersecurity Marketing Society Gianna begins by sharing the inspiring backstory of how the Cybersecurity Marketing Society was born. In 2020, she and her co-founder Maria recognized the struggles that many marketers face when transitioning into cybersecurity—a space loaded with jargon, acronyms, and a deeply technical audience. What started as a private Slack group of 10 friends has now grown into a vibrant community with over 3,500 members representing 1,000 companies. The Society provides marketers with a platform to share insights, resources, and strategies to overcome the complexities of the cybersecurity industry. Gianna highlights how the Society fosters collaboration and mentorship, especially for marketers coming from non-technical backgrounds. With a focus on community building and professional development, the Society has become a hub where members can navigate the nuances of marketing to security professionals, who are often skeptical and highly discerning due to the nature of their roles. Navigating the Challenges of Cybersecurity Marketing One of the key themes of our conversation is the difficulty of breaking through the noise in cybersecurity marketing. Gianna discusses the critical balance between technical expertise and storytelling—an approach that resonates deeply with the highly specific needs of security buyers. As she explains, “A security engineer on your marketing team is like a secret weapon,” providing valuable insights that can be paired with marketing expertise to create compelling and targeted campaigns. We also touch on how cybersecurity marketing has evolved over the years and discuss the tendency for companies to slash marketing budgets during economic downturns, a move we both agree is short-sighted. Marketing, we argue, is a long-term investment in brand building, trust, and audience connection—essential for maintaining relevance in a competitive market. AI: Friend or Foe for Marketers? A major topic of discussion is the growing role of artificial intelligence in marketing. We explore both the benefits and drawbacks of AI tools like ChatGPT, MidJourney, and others. While AI has been a game-changer for small marketing teams, enabling them to produce more content efficiently, it has also led to what Gianna calls a “sea of sameness.” Marketers who rely too heavily on AI without adding a human touch risk producing generic, formulaic content that fails to stand out. The conversation also delves into how AI might replace certain jobs in marketing while simultaneously creating new opportunities. I share my vision of AI evolving as a collaborative tool—allowing marketers to spend less time on mundane tasks and more on creative, strategic initiatives. Both agree that developing a unique brand voice and storytelling approach will become even more critical as AI becomes more pervasive. Why You Should Tune In Whether you’re a seasoned cybersecurity marketer or someone new to the field, this podcast episode is packed with actionable insights. From leveraging AI effectively to breaking through skepticism in security audiences, we cover a wide range of topics relevant to today’s marketing landscape. Listen to the TechSpective Podcast now and discover how you can elevate your marketing game in this challenging yet rewarding industry.

TechSpective Podcast Episode 142   Ajit Sancheti, General Manager of NG-SIEM at CrowdStrike recently joined me for an episode of the TechSpective Podcast. With years of experience in cybersecurity and as a co-founder of Preempt Security, Ajit brings a unique perspective on how the Security Operations Center (SOC) is evolving to meet today’s challenges—and what lies ahead for the industry. We covered a lot of ground in this episode, focusing on the growing pressures facing SOC teams and how CrowdStrike is leading a transformation to make analysts’ lives easier, more productive, and more focused on meaningful security tasks. One of the biggest challenges SOC analysts face today is what’s known as “Swivel Chair Syndrome”—the need to bounce between multiple screens, tools, and platforms just to assess and respond to threats. Ajit shared how this repetitive, fragmented work takes a toll, not just in terms of efficiency, but on the morale and long-term retention of cybersecurity professionals. So, what’s the solution? Ajit dives into CrowdStrike’s innovative approach, from leveraging AI to simplify workflows to implementing automation that frees up analysts to focus on the big picture. Rather than replacing analysts, CrowdStrike is using AI to reduce mundane, repetitive tasks so that the human talent in the SOC can focus on higher-level strategic thinking. It’s all part of an effort to reimagine the SOC as a place where analysts can do their best work without burning out—a vision that is resonating across the cybersecurity industry. Ajit also shares his thoughts on the future of the SOC, where AI and human expertise come together to create a more resilient and proactive security operation. This episode offers fresh insights for anyone interested in how cybersecurity is adapting to a more dynamic, cloud-based, and hybrid working world—and what it takes to stay ahead in an environment where attackers are moving faster than ever. For a fascinating look at the future of cybersecurity, listen to this episode of the TechSpective Podcast. Whether you’re a SOC analyst, a cybersecurity leader, or simply interested in the evolving role of AI in security, this conversation with Ajit Sancheti offers valuable takeaways on what’s next for the industry.

TechSpective Podcast Episode 141   I had the pleasure of speaking with Devansh Sharma, Senior Security and Compliance Product Owner at Adobe, about a game-changing approach to security and compliance: Adobe’s Common Controls Framework (CCF). If you’ve ever been overwhelmed by the complexity of navigating multiple regulatory standards—PCI, HIPAA, SOX, you name it—this episode is packed with insights you won’t want to miss. What is Adobe’s Common Controls Framework (CCF)? CCF is Adobe’s answer to the growing complexity of managing compliance. Devansh explains how CCF simplifies and unifies security and compliance controls into a single, cohesive framework. Instead of treating each regulatory requirement separately, Adobe created a Venn diagram of overlapping standards and boiled it down to the essentials. This approach allows Adobe to meet over 4,300 different security control requirements while reducing the actual number of controls to just over 300. In essence, Adobe is ensuring that by meeting the strictest standard in the bunch, they automatically cover all other requirements. This level of efficiency is invaluable in today’s complex regulatory landscape, especially as organizations scale and acquire new products. Security Should Drive Compliance One of the central themes Devansh stresses in our conversation is that compliance should not just be about checking boxes. Rather, it should be security-first, with compliance as a natural byproduct of strong security practices. If an organization focuses on securing its systems, compliance will follow. However, the reverse isn’t true—merely being compliant doesn’t mean you’re secure. By embedding security into the core of Adobe’s CCF, the company ensures that it isn’t just meeting regulatory requirements, but genuinely reducing risks. Automation and AI Powering the Future It wouldn’t be an Adobe conversation without touching on the future of AI. Adobe is increasingly incorporating automation into compliance testing, reducing the need for manual processes and ensuring continuous, real-time compliance. Devansh gives us a glimpse of where the industry is headed with automation tools that scan cloud configurations and alert teams to security gaps across thousands of accounts—all without human intervention. Imagine automating 100% of compliance checks instead of relying on a sample-based approach. AI and machine learning are not only set to revolutionize Adobe’s internal processes but could also be a game-changer for how other organizations approach security and compliance. Tackling Emerging Threats While the CCF helps Adobe manage compliance and security, Devansh highlights emerging threats that every organization should be preparing for, including supply chain vulnerabilities and AI-driven phishing attacks. As the world becomes more interconnected, it’s not enough to focus only on internal security. Protecting your organization means ensuring the security of vendors and third parties as well. Why This Matters: Scaling Security and Building Trust A particularly compelling part of the conversation is how Adobe’s CCF fosters transparency and builds trust with customers. By open-sourcing the CCF and continuously engaging with customers and external auditors, Adobe demonstrates its commitment to proactive compliance. Customers and partners can see exactly how Adobe is protecting their data and complying with global regulations. Adobe’s proactive approach also helps reduce “compliance fatigue” within the organization. By embedding compliance within the SDLC (Software Development Lifecycle), product teams aren’t bogged down by the complexities of meeting different regulations—they build compliant products from the start. Want to Learn More? If you’re looking for ways to simplify your organization’s compliance or if you’re curious about how AI and automation are transforming security, this episode is a must-listen. Devansh Sharma offers unique insights into how Adobe has built a robust, scalable compliance framework and shares advice on how other organizations can follow suit. Watch the podcast on YouTube or listen to the full podcast--linked below or on your favorite podcast platform--and learn how Adobe is leading the charge toward proactive compliance driven by security, scalability, and automation. Don’t forget to subscribe and follow TechSpective for more expert conversations on the latest in cybersecurity, compliance, and technology!

TechSpective Podcast Episode 140   I recently sat down with Jason Fruge, CISO-in-residence at XM Cyber, for an engaging discussion about one of the most critical shifts happening in cybersecurity today: Continuous Threat Exposure Management (CTEM). If you’ve been frustrated by the limitations of traditional vulnerability management, this episode is for you. Moving Beyond Legacy Vulnerability Management Jason explains how CTEM revolutionizes the outdated "patch and pray" approach. Instead of relying on periodic scans and CVSS scores, which often miss the bigger picture, CTEM introduces a dynamic, continuous model that tracks how vulnerabilities interact across systems, networks, and users. It’s no longer about simply patching the most severe vulnerabilities—it’s about understanding how they create exposure and potential attack paths. XM Cyber: Leading the Way in CTEM While many vendors may claim to offer CTEM solutions, few deliver on the complete promise. XM Cyber, as Jason explains, is one of the few platforms that maps to all five stages of CTEM—from identifying exposures to validating potential attack paths, and even mobilizing security teams with actionable insights. Unlike other tools that only address one aspect of the CTEM process or force organizations to piece together incomplete solutions, XM Cyber provides a holistic approach. Their innovative use of a digital twin creates a safe testing environment where real-time pen testing can occur without impacting live systems, ensuring security teams have up-to-the-minute intelligence on their exposure. Why It Matters Jason highlights how XM Cyber stands apart by not just offering visibility into vulnerabilities but showing the exact "choke points" in your network—areas that, if exploited, could cause the most damage. This allows security teams to prioritize fixes that drastically reduce overall risk, without getting bogged down in low-impact vulnerabilities. With XM Cyber, organizations have a powerful tool that integrates seamlessly with existing security infrastructure. Its AI-powered capabilities enhance threat detection, providing intuitive, data-rich prompts that guide security teams to the most critical issues—saving time and preventing security fatigue. Tune In for More Insights Whether you’re a security leader looking to optimize your vulnerability management or simply want to stay ahead of evolving cybersecurity trends, this episode provides deep insights into the future of CTEM. We also discuss the growing role of AI in security and how XM Cyber’s forward-thinking approach is shaping the next generation of threat exposure management. Don’t miss out—listen to the full episode now and discover how XM Cyber can help your organization stay ahead of the game. Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends. If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 139   In the latest TechSpective Podcast, I had the pleasure of speaking with Wilson Tang, a Machine Learning Engineer on Adobe’s threat hunting team. Our conversation delved into one of the most exciting and critical areas of technology today—how artificial intelligence (AI) and machine learning (ML) are reshaping cybersecurity. Wilson brings a unique perspective, having transitioned from traditional software engineering to focus on ML applications in security. Throughout the podcast, we explored how Adobe leverages ML to detect and mitigate threats that traditional, rules-based methods might miss. One standout example is Adobe's use of anomaly detection in identifying suspicious logins by establishing baseline behaviors for each user—an approach far more scalable and flexible than older security techniques. We also touch on the growing significance of large language models (LLMs), like ChatGPT, in cybersecurity. While these models have generated a lot of hype, Wilson emphasizes their best use cases, such as process improvements and AI assistance, while warning against over-relying on them for complex decision-making tasks. The conversation also highlights the environmental challenges posed by AI's energy consumption, a hot topic in tech circles today. For anyone curious about the future of cybersecurity, AI, and ML, this episode offers valuable insights from someone at the forefront of this evolving field. We discuss not just what’s happening now but also where technology is headed—including the potential game-changing role of quantum computing in the years to come. Tune in to this episode of the TechSpective podcast to hear how Adobe is using cutting-edge ML technologies to stay ahead of cyber threats, and what Wilson sees on the horizon for AI in cybersecurity. Whether you're a security professional or just interested in the intersection of AI and cybersecurity, this episode is a must-listen. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer: Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends. If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen. Don’t miss out—click below to listen and join the conversation!

TechSpective Podcast Episode 138   Cloud environments have transformed the way organizations operate, but they’ve also introduced new challenges for cybersecurity teams. In the latest episode of the TechSpective Podcast, I sit down with Eyal Fisher, CPO of Sweet Security, to dive deep into the evolving landscape of cloud security and the innovative solutions needed to stay ahead of threats. Tackling Cloud Security’s Unique Challenges Cloud environments are massive, dynamic, and present a much larger attack surface than traditional on-premises setups. This complexity makes real-time threat detection particularly difficult. As Eyal Fisher explains, traditional security tools designed for endpoints or on-prem environments struggle to scale effectively in the cloud. The key is understanding the unique nature of cloud infrastructure and using technologies that are purpose-built for it. eBPF and Runtime Detection One of the highlights of the conversation is how Sweet Security leverages eBPF (Extended Berkeley Packet Filter) technology to gather deep insights into cloud environments without complex deployment processes. Eyal emphasizes that detecting threats in runtime — while the cloud environment is active — is crucial to pinpointing real risks amidst the noise generated by everyday operations. Addressing Non-Human Identities Another critical issue is the explosion of non-human identities in cloud environments. These include APIs, machine-to-machine interactions, and service-to-service communications. Traditional identity security methods, like multi-factor authentication, focus on human users and miss the majority of risks. Eyal outlines how Sweet Security’s runtime approach helps prioritize non-human identities that need immediate attention based on actual behavior. AI and the Future of Cybersecurity AI is transforming the cybersecurity industry, and Sweet Security is at the forefront of using AI and Large Language Models (LLMs) to improve cloud defenses. Fisher shares how AI helps their solution analyze environments, reduce response times, and even assist SOC teams in investigating incidents more effectively. A Holistic Approach to Cloud Defense What sets Sweet Security apart is their all-layer defense strategy. Unlike other solutions that focus on either the infrastructure, cloud, or application layer, Sweet covers all three. This comprehensive approach ensures threats can be detected no matter where they originate — from the application layer down to the cloud infrastructure. Tune in to the full episode to learn more about how runtime detection, non-human identity security, and AI are reshaping the way organizations approach cloud security. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer: Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends. If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 137   I recently had the pleasure of sitting down with Sven Krasser, Chief Scientist and SVP of AI and R&D at CrowdStrike, to dive into the fascinating ways artificial intelligence (AI) is reshaping the cybersecurity landscape. If you're interested in how AI is empowering defenders while also being a tool for attackers, this episode is a must-listen. The Evolution of AI in Cybersecurity AI and machine learning have been crucial components in cybersecurity for years, but with the advent of generative AI, like ChatGPT, the game has changed. According to Sven, generative AI has allowed organizations to accelerate workflows, streamline documentation, and provide intelligence analysts with unprecedented access to large data sets. Tools like CrowdStrike’s Charlotte AI are at the forefront of this transformation, enabling security teams to quickly analyze complex attack graphs and detect emerging threats faster than ever before. Democratizing Cybersecurity with AI One of the most exciting aspects of AI discussed in this episode is how it democratizes access to cybersecurity expertise. With tools like Charlotte AI, even junior analysts can operate at higher efficiency levels by interacting with these advanced systems in natural language. This removes the need for deep technical knowledge of complex query languages, making cybersecurity tools accessible to a broader range of users. The Double-Edged Sword of AI Of course, with great power comes great responsibility. Sven also discussed the double-edged sword of AI in cybersecurity. While it’s helping defenders stay ahead, it’s also being exploited by attackers. AI is making it easier for bad actors to craft more convincing phishing attacks or find vulnerabilities in systems. However, Sven remains optimistic, noting that AI provides defenders with more significant advantages by enabling them to process vast amounts of data quickly and respond to threats in real-time. What’s Next? As AI continues to evolve, CrowdStrike is staying at the cutting edge of innovation. Sven highlighted the importance of security by design in AI platforms, ensuring that systems like Charlotte AI are not only powerful but also safe, secure, and compliant. He’s hopeful about the future, sharing that AI will help defenders stay ahead of the increasingly sophisticated threats posed by cyber adversaries. If you’re curious about how AI is reshaping cybersecurity and what the future holds, be sure to check out this episode. You’ll walk away with a greater understanding of how AI is empowering defenders and why the future of cybersecurity is one of cautious optimism. Tune in to the full episode to learn more about the design choices and challenges specific to cybersecurity and best practices for integrating GenAI into security frameworks. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer: Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends. If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 136   There’s one area that often flies under the radar, yet poses a critical cybersecurity threat to organizations: non-human identities. These programmatic access credentials—like API keys and service accounts—are the invisible lifeblood of today’s automated systems, yet they are also a major vulnerability. In this episode of the TechSpective Podcast, Itzik Alvas, co-founder and CEO of Entro Security, joins me to delve into the hidden world of non-human identity management. Drawing from his extensive experience, including multiple real-world breaches, Itzik sheds light on why these identities are often overlooked, how they can be exploited, and what organizations can do to protect themselves. But it’s not just about identifying the problem. Itzik also shares innovative strategies and tools that Entro Security is deploying to help companies get a handle on their non-human identity sprawl, and how these solutions are becoming essential as businesses increasingly rely on automation, AI, and microservices. Curious about what non-human identities are and why they’re such a big deal? Want to learn how to protect your organization from the hidden dangers lurking in your infrastructure? Tune in to this eye-opening conversation—it’s one you won’t want to miss. Tune in to the full episode to learn more about how Entro Security and how to solve the challenge of managing secrets and non-human identities. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer: Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends. If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 135   In the latest episode of the TechSpective Podcast, I had the pleasure of sitting down with Guy Guzner, co-founder and CEO of Savvy Security. With nearly three decades of experience in cybersecurity, Guy shares his insights into the rapidly evolving landscape of digital threats, particularly in the context of SaaS (Software as a Service) applications. The conversation dives deep into the challenges that modern organizations face as they navigate the complex world of SaaS sprawl. As businesses increasingly rely on SaaS solutions to drive productivity and innovation, the risks associated with identity management and security grow exponentially. Guy explains how identity has become the new perimeter in this cloud-first world, and why traditional security approaches are no longer sufficient to protect sensitive data and critical systems. One of the key themes of the episode is the balance between security and user experience. Guy and I discuss how security tools can either empower or hinder users, and why it's crucial for security solutions to be both effective and seamless. We also touch on the importance of automation and visibility in managing the sprawling IT environments that are now the norm for many organizations. If you're interested in the future of cybersecurity and how to stay ahead in a constantly changing threat landscape, this episode is a must-listen. Guy brings a wealth of knowledge to the table, offering practical insights and forward-thinking strategies that will resonate with anyone involved in protecting their organization's digital assets. Tune in to the full episode to learn more about how Savvy Security is tackling these challenges head-on and what steps you can take to secure your SaaS environment effectively. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer: Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends. If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 134   There is a lot of talk about identity protection--password policies and best practices, requiring two-factor or multifactor authentication, user credentials exposed in phishing attacks and data breaches, etc. What we don't talk about nearly as often is the fact that human user identities actually make up a relatively small percentage of the total identities for most organizations. Another thing that is not often acknowledged or discussed is that provisioning a user identity and setting an employee up with a username and password was traditionally more of a pure IT or HR function--not a task that even falls under security. Times have changed, and most organizations recognize that identity security is a crucial foundation for effective cybersecurity, but most also continue to struggle with identity visibility and hygiene. Silverfort strives to go where identity protection has never gone before. Hed Kovetz, co-founder and CEO of Silverfort, joins me on this episode of the TechSpective Podcast to talk about the challenges organizations face with identity security and share insights on how we need to evolve our approach to identity protection to adapt to the emerging attack surface and threat landscape. Check out the full episode for more about modern identity protection. We also chat about the impact of AI on identity security--both in how it enables threat actors to accelerate malicious activity and develop more convincing attacks, and the ways it empowers IT security teams to streamline identity protection and improve security. This conversation is packed with valuable insights for anyone looking to enhance their organization’s cybersecurity posture. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer: Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends. If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 133   Nick Edwards, Vice President of Product Management at Menlo Security joins me for this insightful episode of the TechSpective Podcast. Nick brings decades of cybersecurity experience to the table, offering a deep dive into the intricacies of enterprise browser security. If you’re looking to bolster your organization’s cybersecurity posture, this episode is a must-listen. Key Highlights from the Episode Nick delves into the fascinating evolution of browsers, from simple consumer tools to essential enterprise applications. With the rise of SaaS and remote work, browsers have become the primary interface for accessing sensitive business data, but their consumer origins mean they are not inherently secure for enterprise use. Nick highlights the unique vulnerabilities of browsers, which are designed to render and execute code, making them susceptible to a variety of attacks. He explains common threat vectors like HTML smuggling and web-delivered phishing attacks, emphasizing the necessity for robust browser security measures. One of the most compelling parts of the discussion is Menlo Security’s innovative approach to browser security. Instead of forcing organizations to switch to a new browser, Menlo's solution allows companies to continue using their preferred browsers, such as Chrome or Edge. Menlo’s cloud-based security layer acts on behalf of the endpoint, offering comprehensive security without disrupting the user experience. Check out the full episode for more about browser security. Nick also discusses the future of workspace security in the context of hybrid work environments. He underscores the importance of consistent security policies across various devices and locations, envisioning a secure future where browsers play a central role in enterprise security strategies. This conversation is packed with valuable insights for anyone looking to enhance their organization's cybersecurity posture. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer: Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends. If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 132   The rapid adoption of generative AI technologies like ChatGPT has taken the tech world by storm. Generative AI models and the LLMs (large language models) they rely on are pervasive--and potentially invasive--which highlights the importance of AI safety research, emphasizing the need to accelerate efforts to keep pace with this swift adoption. Adobe’s Strategic Approach Gurpartap "GP" Sandhu, the leader of the product security AI and data engineering team at Adobe, joins this episode of the TechSpective Podcast to talk about how Adobe’s approach to AI is both cautious and innovative. GP delves into practical applications of AI within Adobe, such as auto-generating code fixes and scaling threat models using multimodal AI capabilities. These advancements not only improve efficiency but also enhance the overall security infrastructure. The discussion extends to broader societal impacts, including the challenges posed by deep fakes and AI-generated disinformation. A Dual Mandate: Balancing Risks and Opportunities GP emphasizes the concept of a dual mandate in AI and security. He explains that while it’s essential to focus on minimizing risks such as data poisoning and prompt injection, it's equally important to leverage AI to enhance security measures. This balanced perspective sets the stage for a deep dive into how Adobe is navigating the complex landscape of AI in cybersecurity. Encouraging Hands-on Engagement We also talk about the importance of hands-on experimentation with AI technologies. They encourage listeners to engage directly with AI tools to better understand and contribute to their development. This call to action resonates with tech enthusiasts and professionals alike, emphasizing the collective effort required to navigate the evolving AI landscape. Check out the full episode for more about AI security and security for AI. GP and I have some interesting back and forth about the potential risks and implications of AI, and finding a balance between being cautious and optimistic. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer: Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends. If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

TechSpective Podcast Episode 131   Most people--at least, most people in tech--agree at this point that it's not so much that AI will steal your job as it is that AI will augment your job. To the extent that your job itself might be at risk, it's more likely that you would be replaced by someone who is better at using AI than you--not replaced by AI itself. Experts inside Adobe have been hard at work developing that sort of AI augmentation to streamline security operations. The LLM agent Adobe has developed provides Dynamic Detection Analysis to leverage the strengths of AI to quickly sift through data and identify issues worthy of further scrutiny. John Gillis, a Senior Automation Engineer with Adobe, joins the TechSpective Podcast once again to talk about Dynamic Detection Analysis and the efforts he is part of at Adobe. Check out the full episode for more about LLM agents and Dynamic Detection Analysis. We also discuss the impact of AI and generative AI on the world around us and the possibility of humans being connected directly to information through a neural link. Spoiler alert: I stress that if Elon Musk has any connection to the technology,  I will just be the Luddite without the neural link connection. I'm not looking to be part of a "Borg" collective of insane conspiracy theories and right-wing propaganda. The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer: Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends. If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.