Podcast
Cyber Risk Management Podcast
Hosted by Kip Boyle · EN
Cyber risk made clear for busy leaders. Cyber threats move fast. Your business must move faster. In every episode, Kip Boyle—author of "Fire Doesn’t Innovate" and CISO at Cyber Risk Opportunities—joins cybersecurity attorney and CISSP Jake Bernstein to break down the latest cyber risk. You’ll hear plain-English explanations of what's going on and what you need to do about it. No jargon. No doom. Just clear steps you can use today to save money, win buy-in, and stay out of the headlines.
27episodes
Episodes
Newest firstAll episodes
EP 211: What Sea-Tac’s Ransomware Revealed
2d ago00:47:05Tap to summarizeIn August 2024, a ransomware attack shut down baggage systems, flight displays, and Wi-Fi at Sea-Tac Airport. What did it reveal about how executives think about cyber investment? And why is “how much more security do we need?” the wrong question to ask after a major incident? Let’s find out with our guest Stephanie Warren, Assistant Director of Information Security at the Port of Seattle, who lived through that attack and came out the other side with hard-won lessons about executive decision-making under pressure. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. LinkedIn profile – https://www.linkedin.com/in/stephanie-warren-0746343/
Transcribe →EP 210: How Boards of Directors Are Thinking About Generative AI
2w ago00:46:18Tap to summarizeWhat does the generative AI conversation actually sound like inside a boardroom? Is the board ready to govern it? And what do board members wish CISOs understood about how they make decisions? Let’s find out with our guest, Vanessa Pegueros, former CISO at Docusign and U.S. Bank, and current board member at LivePerson and BECU. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. LinkedIn profile – https://www.linkedin.com/in/vanessapegueros Website – https://vanessapegueros.com
Transcribe →EP 209: Mythos: When AI Finds More Than We Can Fix
May 500:52:31Tap to summarizeAnthropic released Claude Mythos Preview. The headline is "AI can now find zero-days." Yes, but the real story is the gap between what AI finds and what organizations can fix. About 99 percent of Mythos findings are still unpatched. We cover what Mythos is in plain English, why the patching gap matters most, what duty of care means when your board knows these tools exist, where AIR-MAP fits, and why most advisors skip data sovereignty. Hosts: Kip Boyle, CISO, Cyber Risk Opportunities; Jake Bernstein, Partner, K&L Gates. Anthropic Claude Mythos Preview https://red.anthropic.com/2026/mythos-preview/ AISLE / Stanislav Fort, "AI Cybersecurity After Mythos: The Jagged Frontier" https://aisle.com/blog/ai-cybersecurity-after-mythos-the-jagged-frontier AIR-MAP overview https://air-map.io/
Transcribe →EP 208: Flan Recipes and Prompt Injection
Apr 2100:52:39Tap to summarizeA Stripe employee hid a message in his LinkedIn profile telling any AI that read it to include a flan recipe. A month later, an AI recruiter emailed him one. It's funny until you realize the same technique can exfiltrate data, generate phishing content, or hijack automated business processes. What is prompt injection, why does OWASP rank it as the number one risk to large language models, and what should you do about it? Let's find out. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. OWASP Top 10 for LLM Applications -- https://genai.owasp.org
Transcribe →EP 207: Defend the Business from Cybersecurity
Apr 700:45:16Tap to summarizeWhat happens when a cybersecurity team designs controls without asking the business what they need? And what role exists specifically to prevent that? Let's find out with our guests Brian Shea and Maggie Amato, former Business Information Security Officers at Salesforce. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Brian Shea's LinkedIn profile -- https://www.linkedin.com/in/brianshea/ Maggie Amato's LinkedIn profile -- https://www.linkedin.com/in/maggie-amato-021624164/
Transcribe →EP 206: Fire Doesn't Innovate. AI Does. Are You Ready?
Mar 2400:31:30Tap to summarizeFire hasn't changed since the dawn of humanity, but our cyber adversaries evolve every single day. What happens when organizations spend $10 on AI transformation for every $1 on cybersecurity? In this special ROCon 2025 keynote replay, Kip shares two stories that changed how he thinks about risk: a "perfect" employee who became an insider threat in four weeks, and a $12M deepfake that defeated every technical control on the dashboard. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Get Kip's book, "Fire Doesn't Innovate" 2nd Edition -- https://a.co/d/0bYatohy
Transcribe →EP 205: Making Privacy Compliance Sustainable
Mar 1000:42:02Tap to summarizePrivacy laws keep multiplying, regulations keep changing, and AI is making everything more complex. How do businesses build privacy compliance that actually sticks instead of just checking a box? Let's find out with our guest Jordan Fischer, Founder and Partner at Fischer Law and Cybersecurity Lecturer at UC Berkeley. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Jordan Fischer's website: https://jordanfischerlaw.com Shoshana Zuboff's book: https://en.wikipedia.org/wiki/The_Age_of_Surveillance_Capitalism
Transcribe →EP 204: Carpets and Diamonds
Feb 2400:50:05Tap to summarizeMost cybersecurity people talk at CFOs instead of with them. What if there were a simple test to know when a CFO wants to learn about cyber risk versus when they just need someone to trust? Let's find out with our guest James Wheeler, a highly experienced CFO who now runs kept.pro, providing fractional accounting teams to businesses across the country. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. LinkedIn: https://www.linkedin.com/in/jamesdavidwheeler/ "Fire Doesn't Innovate" by Kip Boyle: https://a.co/d/0bYatohy
Transcribe →EP 203: Cyber Risk Quantification
Feb 1000:48:31Tap to summarizeCan cyber risk actually be measured in dollars? How do you know if your risk data vendor is any good? And is cyber insurance really worth the investment? Let's find out with our guest Scott Stransky, who leads the Cyber Risk Intelligence Center at Marsh and was named 2023 Cyber Risk Industry Person of the Year. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. LinkedIn profile -- https://www.linkedin.com/in/scott-stransky-92659095/ Top 12 Report -- https://www.marsh.com/en/services/cyber-risk/insights/cybersecurity-signals.html Marsh Cyber Risk Intelligence Center -- https://www.corporate.marsh.com/solutions/cyber-resilience/cyber-risk-intelligence-center.html
Transcribe →EP 202: Why Fortune 500s Still Run on Windows 2003
Jan 2700:38:15Tap to summarizeWhy do IT organizations cling to ancient technology like Windows 2003, creating dangerous technical debt they don't even recognize? And how do they get out of this trap? Let's find out with our guest Anton Chuvakin, who advises the biggest customers of Google's Cloud services. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. LinkedIn profile -- https://www.linkedin.com/in/chuvakin/ Podcast -- https://cloud.withgoogle.com/cloudsecurity/podcast/
Transcribe →