Business Security Weekly (Audio)

Rahul Parwani, Head of Product, Security Solutions at Airia, dives into the security implications of the Model Context Protocol (MCP) as AI reshapes business operations. He highlights the security nightmare posed by community-built MCP servers and the risks of inadequate authentication. Rahul discusses innovative solutions like centralized gateways for securing AI tools and emphasizes the need for guardrails to balance developer velocity with security. The conversation also touches on the potential fallout from replacing entry roles with AI and the importance of mindful leadership in navigating these changes.

Rob Allen, Chief Product Officer at ThreatLocker, shares insights from his 20+ years in IT. He discusses how misconfigurations are a leading breach vector, highlighting the importance of monitoring and remediation. Rob explains how ThreatLocker's tools can automatically identify these issues and ensure compliance. He also emphasizes the need for organizations to elevate misconfiguration awareness to board level. Finally, he touches on metrics that matter for CISOs to demonstrate value through effective risk management.

Jeff Pollard, Vice President and Principal Analyst at Forrester Research, dives into the emerging role of the Chief Trust Officer, highlighting its importance in today's business landscape. He explains how customer demands have driven this role's evolution from traditional CISO responsibilities, now encompassing ESG, resilience, and compliance. Pollard emphasizes the need for metrics that demonstrate trust's contribution to revenue, while discussing ideal CISO personas for this position. The conversation also touches on the balance between AI reliance and core security skills.

Nicole Jiang, Co-founder of Fable Security, and Rinki Sethi, CSO at Upwind Security, delve into the significant challenge of human error in security. They discuss how traditional training fails to change behavior, advocating for personalized, context-driven interventions instead. Jiang explains the power of AI in delivering timely nudges and behavior modification, while Sethi emphasizes embedding security into company culture. Their insights underscore the necessity of adapting security strategies to align with human behavior for lasting change.

Trevor Horwitz, Founder and CISO at TrustNet, brings over 20 years of cybersecurity experience to the table. He delves into how agentic AI can revolutionize compliance and risk management, automating tedious tasks and enhancing efficiency. Trevor highlights the importance of human oversight despite AI’s capabilities, discussing the fine line between automation and human involvement. He also addresses the evolving role of CISOs in navigating organizational challenges and stresses the need for authentic leadership without succumbing to bureaucracy.

Merritt Maxim, VP and Research Director at Forrester, dives into the booming cybersecurity market forecast, predicting a striking $302.5 billion spend by 2029, with software dominating the budget. He discusses that 69% of this spending will focus on key areas like applications and identity. The conversation also explores the rising significance of AI in security, with a staggering 21.2% growth in AI software investments. Furthermore, Merritt highlights regional trends and the nuanced risks surrounding cybersecurity spending in today's landscape.

Amanda Jack, CTO at Manpower Group, shares insights from the Future Forward: CIO 2025 Outlook report. She reveals that 41% of CIOs list cybersecurity as their top concern, while 77% plan to increase their security budgets. The conversation explores the challenges of finding skilled tech talent, with 76% of employers struggling. Amanda discusses the importance of C-suite understanding of the CIO role and how AI investments are evolving. The episode highlights the necessity of embedding security into modernization efforts and the risks associated with new technologies.

Guillaume Jaulerry, founder and CEO of O Company, discusses the urgent need for decentralized, privacy-first solutions in a world grappling with a privacy crisis fueled by cloud dependence. He shares insights on how centralization poses risks like data breaches and surveillance, advocating for personal control over data through wearable mini-servers. The conversation also touches on the evolving role of CISOs and the challenges they face aligning with boards amid rising AI risks, along with practical career advice on networking and leadership.

Chuck Randolph, SVP of Strategic Intelligence & Security at 360 Privacy, shares his insights on the evolution of executive protection in the digital age. He highlights the shift from physical threats to online dangers, emphasizing the risks posed by data brokers and AI manipulation. Tom Pore, AVP of Sales Engineering at Pentera, discusses the rise of AI-driven cyberattacks and the need for proactive security strategies. Together, they advocate for a unified approach to risk management, addressing both cyber and physical security in an increasingly digital landscape.

Jess Burn, Principal Analyst at Forrester Research, shares insights on the 2026 Budget Planning Guide for security leaders, emphasizing smart investment strategies amid economic volatility. She discusses how to effectively budget to mitigate risks. In a dynamic segment, Danny Jenkins, CEO of ThreatLocker, reveals the intricacies of FedRAMP compliance and the importance of secure configurations. He highlights emerging threats hidden in everyday software, showcasing how innovative techniques can improve endpoint security and risk management in the ever-evolving cybersecurity landscape.