Threat Vector by Palo Alto Networks

Joey Smith, Vice President and CISO at Schnuck Markets, draws on his vast experience in incident response from MasterCard to highlight the crucial distinction between compliance and actual security. He discusses how treating compliance as the finish line leads to vulnerabilities, especially during breaches. Joey emphasizes the importance of effective risk communication to executives and stresses the need for early security integration in AI initiatives, advocating for clear guardrails to prevent hasty adoption of emerging technologies.

Join David Moulton, Senior Director of Thought Leadership for Unit 42, as he sits down with Kyle Wilhoit,Technical Director of Threat Research at Unit 42, for an intimate conversation about the evolution of hacker culture and cybersecurity. From picking up 2600: The Hacker Quarterly magazines at Barnes & Noble and building beige boxes to leading threat research at Palo Alto Networks, Kyle shares his personal journey into the security community. This conversation explores how AI and automation are lowering barriers for attackers, the professionalization of cybersecurity, and what's been lost and gained in the industry's maturation. Kyle offers practical advice for newcomers who don't fit the traditional mold, emphasizing the importance of curiosity, soft skills, and intellectual humility.  Kyle Wilhoit is a seasoned cybersecurity researcher, with more than 15 years of experience studying cybercrime and nation-state threats. He's a frequent speaker at global conferences like Black Hat, FIRST, and SecTor, and has authored two industry-respected books: Hacking Exposed Industrial Control Systems and Operationalizing Threat Intelligence. As a long-standing member of the Black Hat US Review Board and an adjunct instructor, Kyle is deeply involved in shaping both cutting-edge research and the next generation of cybersecurity professionals. Connect with Kyle on LinkedIn Previous appearances on Threat Vector:  Inside DeepSeek’s Security Flaws (Mar 31, 2025) https://www.paloaltonetworks.com/resources/podcasts/threat-vector-inside-deepseeks-security-flaws War Room Best Practices (Nov 07, 2024)https://www.paloaltonetworks.com/resources/podcasts/threat-vector-war-room-best-practices  Cybersecurity in the AI Era: Insights from Unit 42's Kyle Wilhoit, Director of Threat Research (Jan 11, 2024)https://www.paloaltonetworks.com/resources/podcasts/threat-vector-cybersecurity-in-the-ai-era-insights-from-unit-42s-kyle-wilhoit-director-of-threat-research  Learn more about Unit 42's threat research at https://unit42.paloaltonetworks.com/.  Related episodes: For more conversations about AI's impact on cybersecurity, career development in security, and insights from Unit 42 researchers, explore past episodes at https://www.paloaltonetworks.com/podcasts/threat-vector. Join the conversation on our social media channels: Website: http://www.paloaltonetworks.com/ Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/palo-alto-networks/ YouTube: ⁠⁠⁠⁠@paloaltonetworks Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠ About Threat Vector Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠

Bret Kinsella, the General Manager of Fuel iX at TELUS Digital and founder of Voicebot.ai, shares his deep expertise in enterprise AI and synthetic media. He discusses the risks of shadow AI, emphasizing the dangers of employees using consumer tools with sensitive data. Bret highlights the issues of data leakage and hallucinations in AI, calling for a human-in-the-loop approach for monitoring AI systems. He argues for comprehensive testing beyond just models and advocates for robust governance to navigate the evolving cybersecurity landscape.

In this episode of Threat Vector, host David Moulton, Director of Thought Leadership for Unit 42, speaks with Spencer Thellmann, Principal Product Manager at Palo Alto Networks. Spencer brings a background in AI policy from the University of Cambridge and now leads development of real-time AI runtime security solutions. Together, they explore the dual challenges of securing employee use of generative AI tools and defending internally built AI models and agents. Topics include prompt injection, model scanning, red teaming, agent posture control, and how AI changes cloud security architecture. Listeners will take away key mental models and practical guidance for building resilient, trustworthy AI systems. Explore More on AI Security and Strategy Defending in the AI Era: Learn how to protect your enterprise from the new threat landscape shaped by AI. Cybersecurity Perspectives Magazine: Stay ahead of the trends reshaping enterprise defense, including AI, cloud, and workforce security. Unit 42 Threat Frontier: Explore cutting-edge threat intelligence and research from Unit 42. Want more Threat Vector? Securing AI in the Enterprise with Tanya Shastri and Navneet Singh explores how to architect AI securely from the start. Enhancing Ethical Hacking with AI with Ryan Barger dives into offensive applications of AI in red teaming. Join the conversation on our social media channels: Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/ Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠ YouTube: @paloaltonetworks Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠

AI agents are no longer a distant future concept. They have arrived, and the pace of their deployment is accelerating rapidly. In this episode of Threat Vector, David Moulton speaks with Nicole Nichols, Distinguished Engineer for Machine Learning Security at Palo Alto Networks. Nicole breaks down her new paper, Achieving a Secure AI Agent Ecosystem, where she outlines three foundational pillars for defending emerging agent-based systems: protecting agents from third-party compromise, ensuring user alignment, and guarding against malicious agents. With deep expertise spanning academia and industry, Nicole brings clarity on why structured collaboration, component provenance, and rigorous evaluation are essential for deploying autonomous AI safely. For listeners looking to dive deeper into securing AI-driven environments, Palo Alto Networks offers a range of valuable resources: Secure AI by Design, part of the Precision AI portfolio, offering complete AI security coverage from model development to runtime protection AI Access Security, delivering visibility, access control, and data protection for generative AI applications Cyberpedia: AI Security, a guide to understanding AI security practices, challenges, and strategies Nicole also shares candid perspectives on what still needs to be built, from containment strategies to community-driven security protocols. If you are serious about securing the next era of autonomous systems, this episode is your primer. Mentioned by Nicole:  “Can LLMs Separate Instructions From Data? And What Do We Even Mean By That?” Sahar Abdelnabi, et al. Join the conversation on our social media channels: Website:⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠ Threat Research:⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠ ⁠⁠@paloaltonetworks⁠ Twitter:⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠ ⁠http://paloaltonetworks.com⁠⁠

In a dynamic discussion, Thomas P. Bossert, President of Trinity Cyber and former Homeland Security Advisor, reveals the importance of proactive threat interference. He emphasizes how companies can engage directly with threat actors rather than passively defending against cyberattacks. The conversation dives into the disconnect between cybersecurity policy and real-world technology, the necessity for strategic frameworks, and the critical role of nonpartisan cooperation in fortifying defenses against evolving threats. Bossert's insights aim to reshape the cybersecurity landscape.

In this episode of Threat Vector, host David Moulton speaks with Abby Adlerman, CEO of Boardspan, about how boards approach cybersecurity oversight. Drawing on decades of experience advising Fortune 100 companies and non-profits, Abby shares the OARS framework—Oversight, Accountability, Risk, and Strategy—as a practical guide for engaging boards on cyber risk. She explains how CISOs can balance detail with clarity, meet board members where they are, and frame cybersecurity as a strategic business enabler rather than a cost center. Listeners will learn how to prepare for meaningful board discussions, avoid common pitfalls, and strengthen business resilience through governance, storytelling, and crisis preparedness. Join the conversation on our social media channels: Website:⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠ Threat Research:⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠ Facebook:⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠ LinkedIn:⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠ YouTube:⁠ ⁠@paloaltonetworks Twitter:⁠ ⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠ ⁠http://paloaltonetworks.com⁠⁠

Liz Pinder, a Systems Engineer Specialist at Palo Alto Networks, and Patrick Bayle, a SecOps Consulting Manager with nearly two decades in cybersecurity, dive deep into the challenges faced by Security Operations Centers (SOCs). They discuss the detrimental effects of context switching on analyst productivity and mental health. The pair explores the critical role of automation in enhancing incident response and the need for collaboration through innovative validation practices. Their insights offer invaluable strategies for modernizing SOC workflows and alleviating cognitive overload.

In this episode of Threat Vector, host David Moulton speaks with Jason Reverri, Manager of Technical Product Engineering for Cortex at Palo Alto Networks, and James Holland, Distinguished Engineer for Technology Innovation at Palo Alto Networks, about the unique challenge of defending Black Hat—one of the world’s most complex cybersecurity events. Related Resources: Black Hat NOC: Protecting One of the World’s Most Dangerous Networks - Deep dive into defending Black Hat’s billion-threat environment Palo Alto Networks Secures Black Hat from Itself - Behind-the-scenes look at NOC operations and threat hunting 8 Tips for Surviving Black Hat and Other Hostile Networks - Practical security advice from NOC veterans Security Operations Blog - Latest insights on AI-driven security operations and automation Cortex XSIAM Solution Overview - Learn about the AI-driven security operations platform Join the conversation on our social media channels: Website:⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠ Threat Research:⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠ Facebook:⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠ LinkedIn:⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠ YouTube:⁠ ⁠@paloaltonetworks Twitter:⁠ ⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠ ⁠http://paloaltonetworks.com⁠⁠

Nigel Hedges, Executive General Manager of Cyber & Risk at Chemist Warehouse and Sigma Healthcare, dives into transforming cybersecurity into a business priority. He emphasizes the importance of aligning security strategies with enterprise goals and building trust with boards. Nigel discusses using storytelling to effectively communicate risks, bridging the gap between technical jargon and board-level conversations. He also highlights the value of team culture and creativity in fostering collaboration and resilience in cybersecurity initiatives.