Business Security Weekly (Audio)

Tim Lietz, National Practice Leader for Internal Audit Risk & Compliance at Jefferson Wells, provides insights into critical shifts in internal audit priorities for 2026. He highlights that cybersecurity and AI will dominate the landscape, as organizations grapple with rising economic uncertainties. Lietz discusses the need for trust between audit and IT leaders, the implications of third-party risks, and how conventional cybersecurity won't suffice for AI systems. He also emphasizes the importance of proactive collaboration to identify vulnerabilities and prepare for future challenges.

Erik Nost, a Senior Analyst at Forrester specializing in proactive security strategies, dives into the essential principles of visibility, prioritization, and remediation. He outlines key questions organizations must tackle to enhance their security posture, especially with the rise of AI technologies. Nost also discusses the challenges of asset management and the importance of context in prioritization. Additionally, he emphasizes the need for careful automation in remediation and shares insights on how C-suite executives can strategically approach AI integration.

Cyber threats and cyber criminals indiscriminately target the old as well as young regardless of race, creed or origin. Teens and young adults must realize that on the Internet nobody knows you're a rat. How do we keep kids and young adults safe in an era of AI-driven attacks? Tom Arnold, Adjunct Professor, Digital Evidence & Forensics, Cybersecurity Graduate Program at the University of Nevada Las Vegas, joins Business Security Weekly to discuss his new book: The Digital Detective: First Intervention. We examine how technologies like deepfakes, voice cloning, and hyper-personalized scams are being used to target younger audiences, and what parents, educators, communities, and CISOs can do to build awareness, resilience, and smart digital habits. Learn how today's highly organized operations, powered by automation and advanced AI, power the bad actors' tools, techniques, and procedures—making them more effective than ever. Understanding the past helps us prepare for the future—and protect the next generation online, including our employees. Segment Resources: https://www.idigitaldetective.com/blog https://www.idigitaldetective.com/ https://www.unlv.edu/degree/ms-cybersecurity In the leadership and communications segment, Executives say cybersecurity has outgrown the IT department, The Most Dangerous Leadership Mistake Isn't a Wrong Answer. It's a Wrong Question, Building cyber talent through competition, residency, and real-world immersion, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-429

CISO pressures are on the rise - board expectations, executive alignment, AI, and personal liability - and that's all on top of your normal security pressures. With all these pressures, CISO burnout is on the rise. How do we detect it and help prevent it? Easier said than done. In this Say Easy, Do Hard segment, we tackle the health and wellness of the CISO. In part 1, we discuss the increased pressures CISOs face. We all know them, but how are they impacting our daily lives, both at work and at home. In part 2, we discuss detection and prevention techniques to help avoid burnout, including: Detecting the signs of stress Acknowledging there is a problem Asking for help Techniques to deal with stress Industry and community support This is a serious problem in our industry and one we want to continue to focus on as we head into another stressful 2026. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-428

Join Business Security Weekly for a roundtable-style year-in-review. The BSW hosts share the most surprising, inspiring, and humbling moments of 2025 in business security, culture, and personal growth. And a few of us might be dressed for the upcoming holiday season... Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-427

Business Security Weekly is well aware of the cybersecurity hiring challenges. From hiring CISOs to finding the right skills to developing your employees, we cover it weekly in the leadership and communications segment. But this week, our guest interview digs into the global cybersecurity hiring trends. Jim McCoy, CEO at Atlas, joins Business Security Weekly to share his expertise on the global workforce needs in the 160 countries where Atlas provides direct Employer of Record services. From CISO hiring to where to build security teams, Jim will help us navigate the cybersecurity hiring challenges most organizations face. In the leadership and communications segment, CISOs, CIOs and Boards: Bridging the Cybersecurity Confidence Gap, Rethinking the CIO-CISO Dynamic in the Age of AI, Transparent Leadership Beats Servant Leadership, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-426

Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins Business Security Weekly to discuss the security challenges of Salesforce. Justin will discuss how proactive oversight and a strong security posture in Salesforce requires additional capabilities, including: Continuous monitoring of your Salesforce environment, Strict access controls of Salesforce users, and Automated backup of sensitive data. Think your data in Salesforce is safe and secure, think again. This segment is sponsored by AutoRABIT. Visit https://securityweekly.com/autorabit to learn more about them! In the leadership and communications segment, Boards Have a Digital Duty of Care, The CISO's greatest risk? Department leaders quitting, The 15 Habits of Highly Empathetic People, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-425

In this discussion, Mike Puglia, General Manager of Kaseya Labs and veteran in cybersecurity, addresses the hidden threats in SaaS applications like Microsoft 365 and Salesforce. He highlights how attackers exploit weaknesses via hijacked tokens and misconfigured settings. Mike also emphasizes the importance of beyond-basic protections, such as implementing telemetry and managing SaaS integrations. The conversation explores the evolving role of the Chief Trust Officer and the strategies for SMEs to enhance SaaS security while navigating the complexities of modern IT infrastructure.

The Security Weekly 25 index is back near all time highs as the NASDAQ hits another record high. Funding and acquisitions have shifted to AI as the security industry continues to evolve. We also had a new IPO, Netskope. They will replace CyberArk once the Palo Alto Networks acquisition closes, allowing the index to survive another public company acquisition. In the leadership and communications segment, Boards Seeking AI Specialists, A CISO's Guide to Navigating the Urgent AI Security Storm, How to Write AI Prompts That Get Results (& Don't Suck), and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-423

Join Dr. Yonesy Núñez, a global cybersecurity executive and seasoned CISO, as he dives into the pressing issue of CISO burnout. He advocates for mental wellness through 'optimizing the operator'—achieving harmony of mind, body, and spirit. Yonesy highlights practical health changes like reducing alcohol and improving nutrition. He emphasizes the need for organizational alignment to support CISOs and discusses the role of Business Information Security Officers (BISOs) in scaling security. This insightful conversation tackles how to recognize burnout and implement necessary changes in the cyber landscape.