Business Security Weekly (Audio)

CISO pressures are on the rise - board expectations, executive alignment, AI, and personal liability - and that's all on top of your normal security pressures. With all these pressures, CISO burnout is on the rise. How do we detect it and help prevent it? Easier said than done. In this Say Easy, Do Hard segment, we tackle the health and wellness of the CISO. In part 1, we discuss the increased pressures CISOs face. We all know them, but how are they impacting our daily lives, both at work and at home. In part 2, we discuss detection and prevention techniques to help avoid burnout, including: Detecting the signs of stress Acknowledging there is a problem Asking for help Techniques to deal with stress Industry and community support This is a serious problem in our industry and one we want to continue to focus on as we head into another stressful 2026. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-428

Join Business Security Weekly for a roundtable-style year-in-review. The BSW hosts share the most surprising, inspiring, and humbling moments of 2025 in business security, culture, and personal growth. And a few of us might be dressed for the upcoming holiday season... Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-427

Business Security Weekly is well aware of the cybersecurity hiring challenges. From hiring CISOs to finding the right skills to developing your employees, we cover it weekly in the leadership and communications segment. But this week, our guest interview digs into the global cybersecurity hiring trends. Jim McCoy, CEO at Atlas, joins Business Security Weekly to share his expertise on the global workforce needs in the 160 countries where Atlas provides direct Employer of Record services. From CISO hiring to where to build security teams, Jim will help us navigate the cybersecurity hiring challenges most organizations face. In the leadership and communications segment, CISOs, CIOs and Boards: Bridging the Cybersecurity Confidence Gap, Rethinking the CIO-CISO Dynamic in the Age of AI, Transparent Leadership Beats Servant Leadership, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-426

Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins Business Security Weekly to discuss the security challenges of Salesforce. Justin will discuss how proactive oversight and a strong security posture in Salesforce requires additional capabilities, including: Continuous monitoring of your Salesforce environment, Strict access controls of Salesforce users, and Automated backup of sensitive data. Think your data in Salesforce is safe and secure, think again. This segment is sponsored by AutoRABIT. Visit https://securityweekly.com/autorabit to learn more about them! In the leadership and communications segment, Boards Have a Digital Duty of Care, The CISO's greatest risk? Department leaders quitting, The 15 Habits of Highly Empathetic People, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-425

In this discussion, Mike Puglia, General Manager of Kaseya Labs and veteran in cybersecurity, addresses the hidden threats in SaaS applications like Microsoft 365 and Salesforce. He highlights how attackers exploit weaknesses via hijacked tokens and misconfigured settings. Mike also emphasizes the importance of beyond-basic protections, such as implementing telemetry and managing SaaS integrations. The conversation explores the evolving role of the Chief Trust Officer and the strategies for SMEs to enhance SaaS security while navigating the complexities of modern IT infrastructure.

The Security Weekly 25 index is back near all time highs as the NASDAQ hits another record high. Funding and acquisitions have shifted to AI as the security industry continues to evolve. We also had a new IPO, Netskope. They will replace CyberArk once the Palo Alto Networks acquisition closes, allowing the index to survive another public company acquisition. In the leadership and communications segment, Boards Seeking AI Specialists, A CISO's Guide to Navigating the Urgent AI Security Storm, How to Write AI Prompts That Get Results (& Don't Suck), and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-423

Join Dr. Yonesy Núñez, a global cybersecurity executive and seasoned CISO, as he dives into the pressing issue of CISO burnout. He advocates for mental wellness through 'optimizing the operator'—achieving harmony of mind, body, and spirit. Yonesy highlights practical health changes like reducing alcohol and improving nutrition. He emphasizes the need for organizational alignment to support CISOs and discusses the role of Business Information Security Officers (BISOs) in scaling security. This insightful conversation tackles how to recognize burnout and implement necessary changes in the cyber landscape.

Rahul Parwani, Head of Product, Security Solutions at Airia, dives into the security implications of the Model Context Protocol (MCP) as AI reshapes business operations. He highlights the security nightmare posed by community-built MCP servers and the risks of inadequate authentication. Rahul discusses innovative solutions like centralized gateways for securing AI tools and emphasizes the need for guardrails to balance developer velocity with security. The conversation also touches on the potential fallout from replacing entry roles with AI and the importance of mindful leadership in navigating these changes.

Rob Allen, Chief Product Officer at ThreatLocker, shares insights from his 20+ years in IT. He discusses how misconfigurations are a leading breach vector, highlighting the importance of monitoring and remediation. Rob explains how ThreatLocker's tools can automatically identify these issues and ensure compliance. He also emphasizes the need for organizations to elevate misconfiguration awareness to board level. Finally, he touches on metrics that matter for CISOs to demonstrate value through effective risk management.

Jeff Pollard, Vice President and Principal Analyst at Forrester Research, dives into the emerging role of the Chief Trust Officer, highlighting its importance in today's business landscape. He explains how customer demands have driven this role's evolution from traditional CISO responsibilities, now encompassing ESG, resilience, and compliance. Pollard emphasizes the need for metrics that demonstrate trust's contribution to revenue, while discussing ideal CISO personas for this position. The conversation also touches on the balance between AI reliance and core security skills.