Business Security Weekly (Audio)

Nicole Jiang, Co-founder of Fable Security, and Rinki Sethi, CSO at Upwind Security, delve into the significant challenge of human error in security. They discuss how traditional training fails to change behavior, advocating for personalized, context-driven interventions instead. Jiang explains the power of AI in delivering timely nudges and behavior modification, while Sethi emphasizes embedding security into company culture. Their insights underscore the necessity of adapting security strategies to align with human behavior for lasting change.

Trevor Horwitz, Founder and CISO at TrustNet, brings over 20 years of cybersecurity experience to the table. He delves into how agentic AI can revolutionize compliance and risk management, automating tedious tasks and enhancing efficiency. Trevor highlights the importance of human oversight despite AI’s capabilities, discussing the fine line between automation and human involvement. He also addresses the evolving role of CISOs in navigating organizational challenges and stresses the need for authentic leadership without succumbing to bureaucracy.

Merritt Maxim, VP and Research Director at Forrester, dives into the booming cybersecurity market forecast, predicting a striking $302.5 billion spend by 2029, with software dominating the budget. He discusses that 69% of this spending will focus on key areas like applications and identity. The conversation also explores the rising significance of AI in security, with a staggering 21.2% growth in AI software investments. Furthermore, Merritt highlights regional trends and the nuanced risks surrounding cybersecurity spending in today's landscape.

Amanda Jack, CTO at Manpower Group, shares insights from the Future Forward: CIO 2025 Outlook report. She reveals that 41% of CIOs list cybersecurity as their top concern, while 77% plan to increase their security budgets. The conversation explores the challenges of finding skilled tech talent, with 76% of employers struggling. Amanda discusses the importance of C-suite understanding of the CIO role and how AI investments are evolving. The episode highlights the necessity of embedding security into modernization efforts and the risks associated with new technologies.

Guillaume Jaulerry, founder and CEO of O Company, discusses the urgent need for decentralized, privacy-first solutions in a world grappling with a privacy crisis fueled by cloud dependence. He shares insights on how centralization poses risks like data breaches and surveillance, advocating for personal control over data through wearable mini-servers. The conversation also touches on the evolving role of CISOs and the challenges they face aligning with boards amid rising AI risks, along with practical career advice on networking and leadership.

Chuck Randolph, SVP of Strategic Intelligence & Security at 360 Privacy, shares his insights on the evolution of executive protection in the digital age. He highlights the shift from physical threats to online dangers, emphasizing the risks posed by data brokers and AI manipulation. Tom Pore, AVP of Sales Engineering at Pentera, discusses the rise of AI-driven cyberattacks and the need for proactive security strategies. Together, they advocate for a unified approach to risk management, addressing both cyber and physical security in an increasingly digital landscape.

Jess Burn, Principal Analyst at Forrester Research, shares insights on the 2026 Budget Planning Guide for security leaders, emphasizing smart investment strategies amid economic volatility. She discusses how to effectively budget to mitigate risks. In a dynamic segment, Danny Jenkins, CEO of ThreatLocker, reveals the intricacies of FedRAMP compliance and the importance of secure configurations. He highlights emerging threats hidden in everyday software, showcasing how innovative techniques can improve endpoint security and risk management in the ever-evolving cybersecurity landscape.

Jackie McGuire, a finance expert in cybersecurity marketing, and Ross Haleliuk, co-founder of a stealth mode startup, dive deep into the swift consolidation of the cybersecurity industry. They reveal how 200 companies shrank to just 11 over 20 years. The duo discusses the evolving roles of startups and the crucial need for innovation against emerging threats. They also analyze the fluctuating Security Weekly 25 index, and the trend of founders shying away from IPOs, opting instead for private equity routes.

In this engaging discussion, Brian Haugli, CEO at SideChannel and an expert in security programs, explores the advantages of hiring a Virtual CISO (vCISO) over a full-time CISO. He shares insights on current trends in vCISO services, essential qualifications, and the crucial role boards play in cybersecurity governance. The conversation also highlights the challenges organizations face in enhancing their security posture and the importance of effective communication in strategic leadership. Haugli’s expertise provides valuable guidance for businesses navigating the cybersecurity landscape.

Danny Jenkins, CEO and co-founder of ThreatLocker, dives into the often-overlooked vulnerabilities of misconfigurations in cybersecurity. He emphasizes how these can lead to significant security breaches and discusses ThreatLocker’s innovative Defense Against Configurations (DAC) feature, which provides real-time visibility into system misconfigurations. The conversation also highlights the importance of proactive engagement in security settings and explores how data-driven recommendations can enhance security measures. Jenkins advocates for governance in tech leadership and stresses the need for effective communication to mitigate risks.