CISO Series Podcast

With AI, Don’t Think Like a Hacker, Think Like the Whole of Society

Apr 8, 2025

Nathan Hunstad, Director of Security at Vanta, shares insights on navigating the complex landscape of AI and security. He emphasizes the need to rethink adversaries, including everyday users, to enhance AI deployment. Discussions delve into the importance of SOC 2 compliance for startups while treating generative AI like any other application. Hunstad also highlights building a robust security foundation beyond mere certifications and the necessity of strong leadership and teamwork in tackling vulnerability management.

39:04

Creator website

Episode guests

Nathan Hunstad

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Effective communication and transparency between security vendors and clients fosters trust, enabling more meaningful partnerships and better problem-solving.

A broader perspective on AI security, considering both organizational and societal factors, is essential for proactively managing potential user exploitation risks.

Deep dives

Effective Communication from Security Vendors

A strong approach from security vendors is prioritizing effective communication with clients. Vendors should focus on understanding the specific problems faced by potential clients and provide honest feedback about whether they can effectively address those issues. This level of transparency is rare in the industry and fosters trust, as it allows customers to seek alternative solutions if necessary. Being straightforward about capabilities can differentiate a vendor in a crowded market and lead to more meaningful partnerships.

Intro

4min

Rethinking Adversaries in Generative AI Red Teaming

4min

Navigating Generative AI and SOC 2 Compliance in Startups

2min

Building a Strong Security Foundation Beyond Certifications

5min

Navigating Vulnerability Management and Leadership in Cybersecurity

18min

Community Reflections and Tech Talks

6min

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is our sponsored guest Nathan Hunstad, director, security at Vanta.

In this episode:

Thinking like AI
Building off a solid foundation
Start with ownership
Following the leader

Big thanks to our sponsor, Vanta

Automate, centralize, & scale your GRC program with Vanta. Vanta’s Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Get the app

CISO Series Podcast

With AI, Don’t Think Like a Hacker, Think Like the Whole of Society

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Effective Communication from Security Vendors

Red Teaming in Gen AI Security

Navigating SOC 2 Compliance for Startups

The Challenges of Vulnerability Management

Remember Everything You Learn from Podcasts