Business Security Weekly (Audio)

Jess Burn, Principal Analyst at Forrester Research, shares insights on the 2026 Budget Planning Guide for security leaders, emphasizing smart investment strategies amid economic volatility. She discusses how to effectively budget to mitigate risks. In a dynamic segment, Danny Jenkins, CEO of ThreatLocker, reveals the intricacies of FedRAMP compliance and the importance of secure configurations. He highlights emerging threats hidden in everyday software, showcasing how innovative techniques can improve endpoint security and risk management in the ever-evolving cybersecurity landscape.

Jackie McGuire, a finance expert in cybersecurity marketing, and Ross Haleliuk, co-founder of a stealth mode startup, dive deep into the swift consolidation of the cybersecurity industry. They reveal how 200 companies shrank to just 11 over 20 years. The duo discusses the evolving roles of startups and the crucial need for innovation against emerging threats. They also analyze the fluctuating Security Weekly 25 index, and the trend of founders shying away from IPOs, opting instead for private equity routes.

In this engaging discussion, Brian Haugli, CEO at SideChannel and an expert in security programs, explores the advantages of hiring a Virtual CISO (vCISO) over a full-time CISO. He shares insights on current trends in vCISO services, essential qualifications, and the crucial role boards play in cybersecurity governance. The conversation also highlights the challenges organizations face in enhancing their security posture and the importance of effective communication in strategic leadership. Haugli’s expertise provides valuable guidance for businesses navigating the cybersecurity landscape.

Danny Jenkins, CEO and co-founder of ThreatLocker, dives into the often-overlooked vulnerabilities of misconfigurations in cybersecurity. He emphasizes how these can lead to significant security breaches and discusses ThreatLocker’s innovative Defense Against Configurations (DAC) feature, which provides real-time visibility into system misconfigurations. The conversation also highlights the importance of proactive engagement in security settings and explores how data-driven recommendations can enhance security measures. Jenkins advocates for governance in tech leadership and stresses the need for effective communication to mitigate risks.

Santosh Nair, Co-founder and CTO at Stix Intelligence, dives into the personal threats facing brands in the digital age. He discusses how AI attacks, such as impersonations and deepfakes, jeopardize trust and reputations. Santosh emphasizes the evolving role of CISOs, stressing the necessity for collaboration across departments to combat online fraud and misinformation. He also highlights the critical importance of communication strategies in navigating AI adoption, ensuring brand integrity and customer confidence amidst rising cyber threats.

In this conversation, Nick Mistry, with his extensive experience in cloud and application security, teams up with Richard Bird, Chief Security for Singular AI, to tackle the pressing need for AI governance in the supply chain. They delve into the challenges posed by third-party risks and the complexities of open-source software. The discussion also highlights the evolving nature of cybersecurity in the era of AI, emphasizing the importance of real-time risk management and proactive strategies to safeguard data privacy and enhance security practices.

Dive into essential leadership concepts shaping today's cybersecurity world. Discover how ditching ego can enhance collaboration among CISOs. Learn about navigating career changes through impactful books and effective communication. Explore the significance of engaging experienced auditors and the role of structured frameworks in managing risks. Finally, embrace adaptability for sustained success in an ever-evolving job market, alongside the necessity of crisis preparedness and proactive security measures.

Khaja Ahmed, an Advisor at CISO Forum with a wealth of experience in security technology, shares expert insights on aligning cybersecurity with business goals. He discusses strategies for CISOs to build consensus with the C-suite, emphasizing the need to communicate risks in financial terms. The conversation covers the significance of storytelling in leadership, effective security team construction, and navigating the complexities of cybersecurity hiring amid AI challenges. Khaja also highlights balancing data-driven decisions with human intuition for better outcomes.

Chris Carter, CEO at Approyo and an SAP expert, dives into the urgent challenges of migrating to SAP S/4HANA by 2027. He discusses strategic options for companies, including whether to stick with SAP or explore alternatives. Security concerns related to cloud versus on-premise solutions are a hot topic, highlighting the need for proactive CISO involvement. Carter also tackles the evolving CISO role and how radical transparency can reshape leadership dynamics, underscoring the importance of cybersecurity maturity in the boardroom.

The SEC's settlement with SolarWinds shakes up the cybersecurity landscape. Discover vital leadership skills for aspiring CISOs and strategies for retaining top talent. Small actions can create a lasting legacy in the industry. Explore the challenges of navigating evolving regulations and the balance between customer feedback and innovation. Gain insights on career paths in cybersecurity and the importance of diversity. Finally, learn how crafting a legacy through effective communication can transform your career.