Podcast
Business Security Weekly (Video)
Hosted by Matt Alderman · EN
About bridging the gap between security initiatives and business objectives. Hosted by Matt Alderman, co-hosted by Jason Albuquerque, Ben Carr.
11episodes
Episodes
Newest firstAll episodes
Innovation Without Data Security Risk as AI Unlocks Budgets and Identity Challenges - Tony Kelly - BSW #451
5d ago01:01:26Tap to summarizeAI is reshaping innovation as businesses embed it into core operations and move more processes online. This transformation is often seen as a tradeoff between innovation and data risk, but that assumption is wrong. Businesses can innovate and scale in the AI era while maintaining strong data security, ensuring protection, compliance, and control remain intact. Segment Resources: Check out these assets from Fortra for more information around Data Security for AI. Learn more about our Data Security suite: https://www.fortra.com/solutions/data-protection Get the ungated guide: Secure AI Innovation > https://www.fortra.com/resources/guides/secure-ai-innovation Read the blog: Staying Compliant While Using AI: What CISOs Need to Know https://www.fortra.com/blog/staying-compliant-while-using-ai-what-cisos-need-know This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! In the leadership and communications segment, Lost in translation: Cybersecurity board reporting for CISOs, AI may finally unlock the cyber budgets CISOs have wanted for years, How People Actually Get to the C-Suite in S&P 500 Companies, and more! Show Notes: https://securityweekly.com/bsw-451
Transcribe →
Scaling to $100M as the Security Weekly Index Hits an All Time High - Joshua Gould - BSW #450
2w ago00:53:01Tap to summarizeThe ultimate goal, scale a company to $100M and go IPO. Easier said than done. We've seen some make it and others that get stuck. What's he difference? Joshua Gould, CEO at thebigword, joins Business Security Weekly to discuss how to scale to $100M. From startup to platform, Joshua helps us understand the challenges and how to address them. If you're a founder looking to scale, this is an interview you can't miss. Segment Resources: https://en-gb.thebigword.com/ http://www.youtube.com/@Exec_Craft https://www.linkedin.com/in/joshuadgould/ In the Security Money segment, the Security Weekly Index and NASDAQ set new records. After CyberArk's acquisition, the Security Weekly Index is now comprised of the following 24 companies: SAIL Sailpoint Inc PANW Palo Alto Networks Inc CHKP Check Point Software Technologies Ltd RBRK Rubrik Inc GEN Gen Digital Inc FTNT Fortinet Inc AKAM Akamai Technologies Inc FFIV F5 Inc ZS Zscaler Inc OSPN Onespan Inc LDOS Leidos Holdings Inc QLYS Qualys Inc NTSK Netskope Inc TENB Tenable Holdings Inc OKTA Okta Inc S SentinelOne Inc NET Cloudflare Inc CRWD Crowdstrike Holdings Inc NTCT NetScout Systems Inc VRNS Varonis Systems Inc RPD Rapid7 Inc FSLY Fastly Inc RDWR Radware Ltd ATEN A10 Networks Inc Show Notes: https://securityweekly.com/bsw-450
Transcribe →
What Security Leaders Should Expect from RSAC - Joseph Blankenship - BSW #449
3w ago00:43:05Tap to summarizeRSA Conference (RSAC) 2026, the 35th annual flagship event for cybersecurity, drew over 43,500 attendees, featuring more than 600 exhibitors, 570+ sessions, and 700+ speakers from 104 countries. It generated 370 million social media impressions. With this size and reach, what should security leaders expect when they attend? Joseph Blankenship, Vice President, Research Director at Forrester Research, and Adrian Sanabria, host of Enterprise Security Weekly, join Business Security Weekly for a special recording from RSAC 2026. This pre-recorded session was filmed live from the conference on March 24, 2026. We discuss what security leaders will see, what they should expect from attending, and a few predictions for the future. If you didn't attend the conference, don't worry, this is a great way to get an inside view. And maybe it helps you decide to attend next year. Show Notes: https://securityweekly.com/bsw-449
Transcribe →
Shift to Prevention and Enforcement as We Repeat Security Mistakes With AI - Rob Allen - BSW #448
4w ago01:02:32Tap to summarizeOver the last decade, cybersecurity heavily invested in EDR, XDR, SIEM, telemetry, and SOC-driven operations. We stopped asking how to stop attacks and started asking how fast we could detect them. However, Mythos and frontier models have changed that paradigm. How do you detect a -7 day vulnerability? Detection and response cannot keep, so what's the answer? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss why cybersecurity is shifting from detection and response to prevention and enforcement. As attackers accelerate through automation and AI, organizations are revisiting prevention-focused controls. Rob will discuss why organizations need to adopt application allowlisting, Zero Trust, Ringfencing, and policy enforcement to reduce attacker freedom before execution occurs. Prevention-first security is the only way to decrease the AI attack surface. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, What CISOs need to land a board role, The Security Mistakes Being Repeated With AI, When Senior Leaders Lack People Skills, Transformations Fail, and more! Show Notes: https://securityweekly.com/bsw-448
Transcribe →
Optimize Legal Operations as the CISO Role Changes to Address Skills Gaps and AI - Walter Scott Wilkens - BSW #447
May 1300:53:45Tap to summarizeLegal departments are under continual pressure to solve problems effectively and integrate innovative technology all while reducing costs and complexity. Enter cybersecurity, a complex and potentially costly risk. How should legal departments prepare? Walter Wilkens, Head of Delivery, North America at DWF Legal Operations, joins Business Security Weekly to discuss how legal operations can help optimize your legal department by eliminating bottlenecks, identifying and fixinginefficiencies and developing processes tailored to enhance your team's performance. Walter will discuss how you can move from a lack of coordination to a structured legal operations to address cyber incidents before and after the event. In the leadership and communications segment, The Art of Security: It Is Time to Rethink the CISO's Role, The Best Leaders Embrace the Role of Supporting Character, Empathetic Leadership Can Make or Break AI Adoption, and more! Show Notes: https://securityweekly.com/bsw-447
Transcribe →
Teach to Sell and Two Interviews from RSAC 2026 from Dropzone AI and Microsoft - Dan Rochon, Edward Wu, Arunesh Chandra - BSW #446
May 601:06:02Tap to summarizeAs security leaders, we are continuously selling, maybe not as traditional sales folks, but as selling security across the organization. Whether you're closing client deals, leading a team, running a business, or simply wanting your voice to be heard by other executives or the board, we are selling. How can influence help? Dan Rochon, Author of Teach to Sell, joins Business Security Weekly to discuss psychology of influence, personal transformation, and how to build trust that converts. Dan will cover the four pillars from his book: Believe (in Yourself) Find Business Build an Organization to Scale Leadership And how they will help you overcome self-doubt, communicate confidently, and build careers that serve your life—not consume it. Segment Resources: Teach to Sell Book: https://www.teachtosellbook.com/ No Broke Months Podcast: https://podcasts.apple.com/us/podcast/no-broke-months-for-salespeople/id1527318879 The Agentic SOC: Autonomous AI Analysts at Machine Speed SOC teams are overwhelmed with the sheer number of alerts and have historically been reactive. Edward will discuss how Dropzone's Agentic SOC deploys autonomous AI agents that investigate every alert, respond to emerging threats, and proactively hunt attackers - without a human bottleneck. He'll explain how agent collaboration, deep recursive investigations, and self-agency expand SOC capacity by 10x without additional headcount. This segment is sponsored by Dropzone AI. Visit https://securityweekly.com/dropzonersac to learn more about them! Browser in the AI Era: Apply Controls Where the Work Happens The browser has become the primary gateway to work, data, and AI. In this episode, we talk about why security and IT teams are rethinking the role of the browser and what sets Edge for Business apart as a secure, enterprise-ready solution. We'll cover how built-in security, native integration with existing IT tools, and centralized management can simplify operations, reduce risk, and support modern work across managed devices, BYOD, and contractors. A must listen for IT pros and security experts navigating browser sprawl and AI adoption. This segment is sponsored by Microsoft. Visit https://securityweekly.com/microsoftrsac to learn more about them! Show Notes: https://securityweekly.com/bsw-446
Transcribe →
The Next Frontier: Autonomous Security and RSAC Interviews from Quantro & SandboxAQ - Mark Hughes, Mehul Revankar, Marc Manzano - BSW #445
Apr 2901:09:47Tap to summarizeAttackers are increasingly weaponizing frontier models to accelerate the entire attack lifecycle, with current and emerging models reducing the time and expertise needed to start disruptive attacks. As offensive capabilities become more automated and agentic, organizations will need security programs that are equally autonomous, coordinated and continuous. But where do you start? Mark Hughes, Global Managing Partner, Cybersecurity Services at IBM, joins Business Security Weekly to discuss autonomous security, the next frontier of cybersecurity services. IBM recently announced IBM Autonomous Security, a separate service that uses AI agents to analyze software exposures and runtime environments. Mark will discuss the fears and hype of AI and how agentic AI agents can identify paths in an enterprise security environment that can be exploited, improve cyber hygiene, and enforce security policies. As frontier models, like Mythos, accelerate attacks, security programs need to respond with speed, at scale, to drive the right business outcomes. AI Agents for Vulnerability Management Introducing Quantro Security, Inc., a new agentic AI solution bringing AI agents to vulnerability management. The company is focused on applying agentic AI to help address modern security challenges. In this interview, we'll learn more about Quantro Security, Inc., its approach, and what this new solution means for the future of vulnerability management. This segment is sponsored by Quantro Security. Visit https://securityweekly.com/quantrorsac to learn more about them! The Guardrails are Gone: The Onus for AI Security Is On the Enterprise AI model providers are increasingly stepping back from enforcing guardrails, putting the responsibility for AI security squarely on enterprises. But most organizations don't yet have the visibility to meet that responsibility, facing a blind spot across the broader ecosystem of AI systems already operating in their environments. Closing that gap requires unified visibility across both AI systems and the cryptographic infrastructure they touch, so security teams can assess risk and act on it in one place. Visit https://securityweekly.com/sandboxaqrsac to discover how enterprises are taking control of their AI security with AQtive Guard AI-SPM by SandboxAQ. Show Notes: https://securityweekly.com/bsw-445
Transcribe →
From Shame to Fame: Changing Behaviors and RSAC Interviews from Tanium and Illumio - Craig Taylor, Tim Morris, Andrew Rubin - BSW #444
Apr 2201:08:15Tap to summarizeWhy have security awareness training programs failed? Maybe we need to understand human psychology. Humans don't like tricks, or to be shamed, or negative emotions. Humans want to be rewarded, but yet our training and phishing programs are not built for reward. Maybe it's time to rethink cyber literacy. Craig Taylor, CEO and Co-founder at CyberHoot, joins Business Security Weekly to discuss why we need to shift our Cyber Literacy industry from shame and punishment towards gamification, positive reinforcement, and small rewards. If we truly aspire to change behaviors, then we need a different approach. Craig will discuss how a multi-disciplinary approach rooted in science is the future of training and phishing programs. Segment Resources: Individual Registration (Free Personal Training for Life): https://cyberhoot.com/individuals/ Newsletter Registration: https://cyberhoot.com/newsletters/ Blog Articles: https://cyberhoot.com/blog/ Cybrary (Library of 1000+ Cybersecurity Terms in non-technical language): https://cyberhoot.com/cybrary/ Special Podcast Offer: 20% off CyberHoot for 1 year using the podcast's unique coupon code: "Business Security Weekly" From Reactive to Autonomous: Real-Time Endpoint Intelligence in the Age of AI As organizations experiment with agentic AI and autonomous security operations, many are discovering a difficult reality: AI is only as effective as the data and visibility behind it. Yet most enterprises still struggle to answer basic questions about their endpoints in real time. In this conversation, we'll explore how IT and security teams are evolving from reactive operations toward proactive, preventative, and ultimately autonomous models. The journey begins with real-time endpoint intelligence—the ability to see, understand, and act across every endpoint in seconds. This segment is sponsored by Tanium. Visit https://securityweekly.com/taniumrsac to learn more about them! Hard Truths: The Lies We Keep Buying in Cybersecurity Cybersecurity isn't broken because of a lack of technology—it's broken because the industry avoids hard truths. Fear still drives budgets. AI is oversold as a cure‑all while foundations remain weak, and CISOs are held accountable without the authority to change outcomes. In this conversation, Illumio CEO and founder Andrew Rubin breaks down what must change to build real resilience—because the next breach won't just impact the business, it could end a career. For more information about Illumio, please visit: https://securityweekly.com/illumiorsac Show Notes: https://securityweekly.com/bsw-444
Transcribe →
Not All CISO Gigs Are Created Equal and RSAC Interviews from ESET and Mimecast - Joanna Chen, Tony Anscombe, Rob Juncker - BSW #443
Apr 1501:11:00Tap to summarizeSo you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Show Notes: https://securityweekly.com/bsw-443
Transcribe →
Zero Trust Readiness and Two RSAC 2026 Interviews from Fenix24 and Absolute Security - John Bruggeman, John Anthony Smith, Christy Wyatt - BSW #442
Apr 801:07:27Tap to summarizeAutonomous AI agents are creating a new attack surface for enterprise security teams, particularly as organizations deploy agents for operational tasks such as customer support automation, data analysis, and incident response. How can we align our Zero Trust initiatives to also address the emerging Agentic AI risks? John Bruggeman, Consulting CISO at CBTS, joins Business Security Weekly to discuss how your Zero Trust readiness can also prepare you for Agentic AI deployments. Organizations are granting agents access to sensitive systems without the security controls typically required for other Zero Trust initiatives. John will help educate CISOs on what they should be doing now to get ahead of the risk, including: Agent inventory Data security controls, including data model poisoning Agent identity controls, including authorization and access levels Infrastructure security controls, including MCP servers Why More Technology Hasn't Made Us More Secure Despite massive investment in cybersecurity tools, organizations remain vulnerable because their existing technologies are often misconfigured, poorly integrated, and disconnected from real operational risk. This keynote argues that complexity, human decision‑making, and gaps in execution—not a lack of products—are what truly empower attackers, especially as modern environments like cloud and SaaS expand the attack surface. Real security comes from simplifying, aligning, and expertly orchestrating what organizations already own, shifting the focus from buying tools to achieving disciplined, resilient outcomes grounded in breach reality. This segment is sponsored by Fenix24. Visit https://securityweekly.com/fenix24rsac to learn more about them! Downtime: The New Economic Threat Downtime is costing global enterprises hundreds of billions of dollars in losses annually. Caused by cyber incidents and software failures, enterprise CISOs are searching for strategies and solutions that will accelerate recovery and restoration of business operations after cyber disruptions render systems inoperable. This segment is sponsored by Absolute Security. Visit https://securityweekly.com/absolutersac to join The Resilient CISO Inner Circle! Show Notes: https://securityweekly.com/bsw-442
Transcribe →