CyberWire Daily - Special Edition
Episode Title: Beyond Cyber: Securing the Next Horizon
Date: December 26, 2025
Host: Dave Bittner (N2K Networks)
Episode Overview
Main Theme:
This special edition episode of CyberWire Daily steps "beyond cyber" to explore how strategy, innovation, and AI are converging to secure tomorrow’s digital landscape. Featuring leading voices from across the cybersecurity ecosystem—including investors, founders, CISOs, and technology innovators—the episode digs into evolving threats, the rapid adoption of AI, growing regulatory demands, balancing innovation with trust, and why collaboration is more vital than ever.
Featured Guests:
- Dave DeWalt, Founder & CEO, NightDragon
- Nicole Bukala, CEO, Databee
- Michael Mastrol, VP Sales Engineering, Dataminer
- Joe Levy, CEO, Sophos
- Katie Jenkins, CISO, Liberty Mutual
1. Investing in the Next Wave of Security Innovation
Guest: Dave DeWalt, NightDragon
Segment Start: [05:16]
Key Discussion Points
- “Platformization” vs. Best-of-Breed:
- Cybersecurity is swinging between the consolidation of large platform vendors (“cloud titans” like Microsoft, AWS, Google, and dedicated security giants like Palo Alto Networks) and specialized innovation from nimble upstarts.
- Hot Areas:
- Third-party/supply chain risk management is vital given geopolitical uncertainty and new administrative policies.
- Agentic AI and autonomy are now providing defenders with scalable, pragmatic tools, potentially shifting the advantage toward the defense for the first time.
- Underhyped Threats:
- Electronic Warfare (EW): The convergence of radio frequency (RF) attacks and cyber, as seen in active war zones, poses emergent risks outside the digital domain.
- Quantum Computing Acceleration: Surprise advances in quantum will soon challenge current cryptography, much faster than most expect.
Notable Quotes
- “We’re watching this clash of titans—the really interesting dichotomy of young companies filling new areas of threats and risks, while platform vendors try to gobble it all up.”
—Dave DeWalt, [10:33] - "Agentic AI... gives defense a powerful lever against the offense for the first time."
—Dave DeWalt, [08:48] - “Keep an eye on Quantum. Keep an eye on electronic warfare.”
—Dave DeWalt, [14:55]
Timestamps of Important Segments
- The “year of agentic AI”: [08:08]
- Clash of titans—best of breed vs. suite: [10:33]
- Electronic warfare & quantum: [12:54]
2. CISOs & Data: Time, Talent, Trust, and Burnout
Guest: Nicole Bukala, Databee
Segment Start: [15:50]
Key Discussion Points
- CISO Pressures:
- Leaders are overwhelmed by compliance reporting, multiplying frameworks (NIST, PCI DSS, CIS controls), and the need to prove both implementation and effectiveness of controls.
- Data Challenges:
- Legacy, manual data aggregation for compliance leads to outdated and inaccurate reporting.
- Databee’s approach: real-time data ingestion and normalization, aligning dashboards to over 30 regulatory controls, allowing toggling between regimes—minimizing manual intervention.
- AI Realism:
- Buzzwords abound (especially “agentic AI”), but Nicole emphasizes that foundational data hygiene remains the precondition for useful AI outcomes.
- Staying Practical:
- Overcoming the AI hype requires aligning technology to practitioner realities—including law enforcement collaboration for insider threat cases and adapting detection tools as SaaS and encryption reshape network monitoring.
Notable Quotes
- “The number one thing I find [CISOs] grappling with is the increasing demand for reporting to show compliance with certain security frameworks.”
—Nicole Bukala, [18:06] - "Buzz is only deleterious when it means someone skips over the fundamentals.”
—Nicole Bukala, [24:10] - “AI isn’t a panacea. There are prerequisites—there are foundations that have to be put in place first.”
—Nicole Bukala, [24:10]
Timestamps of Important Segments
- CISO data/reporting struggles: [18:06]
- Aligning to multiple frameworks: [21:18]
- On AI buzz vs. utility: [22:09], [24:10]
3. Agentic AI: From Buzzword to Real-Time Defense
Guest: Michael Mastrol, Dataminer
Segment Start: [28:58]
Key Discussion Points
- Agentic AI in Practice:
- Dataminer uses AI to parse massive public data—text, images, voice, video—for relevant threat signals, empowering teams with actionable alerts before threats escalate.
- Third-Party & Vulnerability Intel:
- Provides early warnings about vendor breaches, vulnerability disclosures, and global risk signals—becoming an “early warning system” for cyber and physical incidents.
- Closing the Talent Gap:
- Citing BCG research: 2.8M cyber jobs unfilled globally; AI-driven automation is crucial to close this workforce gap and reduce the risk gap for CISOs.
- Growth & Funding:
- Dataminer’s recent $185M funding round will accelerate trailblazing generative and agentic AI capabilities, expand internationally, and fuel new products.
Notable Quotes
- “We just turn chaos into clarity in real time and empower these security teams with actionable information.”
—Michael Mastrol, [29:50] - “With both agentic AI and AI cybersecurity teams can achieve greater confidence through enriched context more quickly than by using conventional methods.”
—Michael Mastrol, [32:26] - "[AI can] assist CISOs with relevant alerts... help provide actionable intelligence necessary to help them thwart these threats during times like this."
—Michael Mastrol, [33:08]
Timestamps of Important Segments
- AI parsing the world’s data: [28:58]
- Use cases: [30:53]
- Addressing the talent gap: [33:08]
4. Integration vs. Innovation: The Platformization Dilemma
Guest: Joe Levy, Sophos
Segment Start: [36:00]
Key Discussion Points
- Attack Surface Expansion:
- The threat landscape is expanding due to proliferating endpoints, cloud, and increasingly sophisticated adversaries.
- AI Evolution:
- AI’s role in security is evolving from skepticism to cautious optimism. It’s moving beyond binary file classification (good/bad) to complex reasoning—simulating a human analyst’s intuition.
- Platform vs. Best-of-Breed:
- As complexity rises, security succeeds best through integration, not isolated innovation. Consolidated “best-of-suite” platforms that work together, versus a patchwork of disconnected “best-of-breed” tools, are becoming essential.
- Operational Judiciousness:
- Internal AI governance is crucial to avoid hype-driven, non-strategic adoption—striking a balance between innovation and risk management.
Notable Quotes
- “The greater the complexity, the more difficult it is to actually assess the security of a thing. Therefore, there’s also this motivation to move toward consolidation.”
—Joe Levy, [43:14] - "Attitudes have shifted... what I think is reasoning with [AI] in a way that is cautiously optimistic."
—Joe Levy, [39:31] - “Security tools need to work together, not just coexist.”
—Joe Levy, [43:14]
Timestamps of Important Segments
- On platformization: [43:14]
- AI’s practical benefit: [39:31]
5. A CISO’s Reality: Building Team Resilience & Responsible Innovation
Guest: Katie Jenkins, Liberty Mutual
Segment Start: [44:39]
Key Discussion Points
- Emerging Risks:
- AI security solutions are now “required,” not optional, for large enterprises.
- Broader RSA interests include process efficiency, workforce reskilling, and “post-quantum” security.
- Strategic Approach:
- Jenkins packs her agenda tightly, prioritizing actionable meetings while leaving some room for serendipitous, valuable discoveries.
- AI in Operations:
- AI is delivering real business value but comes with hype risk—build your own vs. buy, and vetting vendor offerings for real-world utility are central challenges.
- Collaboration & Resilience:
- Industry collaboration—formal and informal—is a “bright spot” and a core defense tactic in a complex threat landscape.
- Future Workforce:
- Urges an “upskilling mindset,” baking training and learning into daily routines as innovation and adversaries outpace current abilities.
- Balancing Innovation & Trust:
- Embeds security into every innovation process. Responsible AI and cross-disciplinary review structures foster a culture where raising concerns is encouraged, not feared.
Notable Quotes
- “AI is already well in use [at Liberty Mutual]. It’s creating real value for us... But I am cautious about the hype—surrounding the readiness of these solutions.”
—Katie Jenkins, [48:32] - “Learning from each others’ missteps and successes is really invaluable to me... This collective collaboration is essential in the spirit of being able to achieve more together.”
—Katie Jenkins, [50:17] - “With the rapid developments in emerging technologies... it’s just crucial that we’re preparing our security teams today with the skills that they’ll need in the future.”
—Katie Jenkins, [52:01] - “We have an in house Responsible AI Committee... It delighted me when non-security committee members challenged my security team with security questions.”
—Katie Jenkins, [55:47]
Timestamps of Important Segments
- Strategic show floor approach: [46:23]
- Real-world AI deployments & cautions: [48:32]
- Workforce upskilling imperative: [52:01]
- Responsible innovation & psychological safety: [55:47], [58:19]
Memorable Moments
- Dave DeWalt’s table stakes for the future: “Keep an eye on Quantum, keep an eye on electronic warfare.” [14:55]
- Nicole Bukala on AI’s limits: “AI is not just a band aid or a panacea. There are prerequisites, there are foundations that have to be put in place first.” [24:10]
- Joe Levy on tool sprawl: “Complexity is the enemy of security. Security tends to lurk at the interconnections.” [43:14]
- Katie Jenkins on team security culture: “We were celebrating people that are reporting things that seem unusual or suspicious to them. That puts us in such a stronger place.” [58:19]
Final Takeaways
- Agentic AI is more than a buzzword: it signals an inflection point in scalable, human-augmenting defense.
- Supply chain risk, electronic warfare, and quantum threats: big unresolved challenges loom.
- Platform integration vs. tool innovation: finding the right balance drives efficiency and resilience.
- CISO realities: growing regulatory burden, workforce gaps, burnout risks, and the imperative for trust-centered, collaborative, upskilled teams.
- Culture matters: Openness, cross-disciplinary review, and psychological safety are as important as technology itself.
For more interviews and insights: Visit thecyberwire.com
Host: Dave Bittner
Listen, subscribe, and share.