Heavy Strategy

Anand Oswal, Executive Vice President at Palo Alto Networks, joins Johna Johnson and John Burke for a wide-ranging exploration of two emerging focal points of enterprise risk: cryptographically relevant quantum computing, and browser-mediated agentic AI. The looming arrival of quantum computers that can break legacy encryption has already created the threat of “harvest now, decrypt... Read more »

The discussion dives into existential threats that could potentially cripple organizations. Concepts like 'bricking the company' and real-world examples, including Travelex and Codespaces, highlight the stakes involved. Insights on how to assess vulnerabilities and the implications of supply-chain risks provide crucial knowledge. The hosts emphasize the importance of framing these risks effectively for senior leadership, recommending concise communication and practical exercises to enhance awareness. The role of AI in amplifying threats is also thoughtfully examined.

Environmental, Social, Governance (ESG) initiatives aren’t just “the right thing to do”, they can also save companies real dollars, particularly if they’re investing in data centers and other infrastructure. Join Jonathan Ciccio, Continuous Improvement Manager for The Siemon Company, as we discuss The Siemon Company’s ESG initiatives. The Siemon Company has been in business for... Read more »

Dive into the complex world of nth-party risks and how they ripple through modern supply chains. Discover the implications of recent Salesforce breaches and the rise of agentic AI in managing these hidden dangers. The conversation reveals the need for blockchain as a solution for tracking software changes and ensuring accountability. Explore the challenges of standards and the role of government procurement in driving adoption. The hosts debate the balance between speed and responsible risk management in the face of evolving technology.

In this engaging discussion, hosts explore the pitfalls of linking cybersecurity budgets to IT spending, revealing why this approach is flawed. They highlight human complacency and the need for a fresh perspective on security in a world without clear network perimeters. By recommending a spend-per-employee model, they emphasize the importance of identifying what truly matters to an organization. The conversation also delves into the complexities of AI and third-party risks, urging listeners to modernize their risk assessment strategies.

Exploring when to insource or outsource IT functions, the hosts stress the need for organizations to reassess sourcing strategies during shifts in the economy or technology. They discuss the sacrifices made when outsourcing, including loss of control. Key drivers like demographics and cloud economics are analyzed. There's a spotlight on the importance of aligning IT with HR and determining the true purpose behind moving workloads. The discussion also touches on the risks of inaction and the delicate balance between swift transitions and comprehensive planning.

Sandy Miller, a pseudonymous CIO, shares her insights on identifying toxic IT work environments. She highlights five signs of an abusive IT relationship, including the dreaded 'Sunday scaries' and stalled promotions. Sandy shares personal experiences of fear and distrust stemming from manipulation of information and siloed cultures. The discussion dives into recognizing hostile workplaces, the impact of bad leadership versus toxic company intentions, and the importance of aligning personal values with corporate missions. A candid exploration of workplace dynamics!

Network-as-a-Service (NaaS) promises enterprises the ability to set up and configure connectivity and network security with a couple of clicks. But for NaaS to truly transform enterprise networking, one thing has been missing: standards. Enter Mplify (formerly the Metro Ethernet Forum), a non-profit focused on standardizing NaaS service definitions. Mplify’s CTO, Pascal Menezes, joins Johna... Read more »

The discussion highlights the risks of losing cloud services amidst geopolitical tensions, illustrated by a case of an Indian energy company cut off from Microsoft. It’s crucial for organizations to rethink their risk management strategies and incorporate contingency plans. The impacts of legal changes on corporate structures are explored, emphasizing communication between departments. The hosts advocate for diversifying service providers and preparing for unexpected disruptions, likening it to buying insurance against unpredictability in an unstable global landscape.

Experts discuss the rapidly approaching threat of quantum computing capable of breaking traditional encryption. Recent estimates show this technology could arrive years sooner than expected. Organizations must act fast, particularly in finance, to adopt quantum-resistant cryptography. The conversation dives into evaluating vendor strategies for data protection and the importance of proactive cybersecurity measures. With cryptographic vulnerabilities on the rise, there's an urgent need for reassessing security practices to safeguard communications in our tech-driven world.