Be Fearless Podcast by SquareX

Kevin Qiu, Staff Security Engineer at Shiftsmart and their first security hire, breaks down the realities of building security programs from scratch. In this episode, he discusses the risk that comes with using work devices for personal purposes, why everyone wins when companies get paid AI tools and why the industry's obsession with hiring only senior talent is creating a dangerous skills gap.0:00 How Kevin entered the field from a stint in consulting8:13 What no one tells you about being the first security hire at a startup18:28 The first thing security leads should do starting a security program22:24 Security in B2B2C companies27:53 Browser-based threats and on using work devices for personal matters37:08 Startups are already solving tomorrow’s cyber threats41:59 During incidents, keep the initial response team small44:10 Why refusing to hire juniors will lead to another COBOL quagmire🔔 Follow Kevin and Aleksandra on:https://www.linkedin.com/in/kevinmqiu/https://www.linkedin.com/in/aleksandra-melnikova-1012/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Julia Dudenko, Group CISO at Haniel, oversees cybersecurity strategy for 11 portfolio companies spanning everything from manufacturing to kindergartens. In this conversation, she reveals why enterprises need to watch out for attacks that target APIs and supply chains, whether we need “cybersecurity for AI” rather than just “AI for cybersecurity,” and examines the concept of "Enkelfähig" - building systems that can survive for generations.0:00 Managing cybersecurity from kindergartens to tech12:28 New threats to watch out for in API and code security16:16 Adopting AI is a challenge traditional industries must face20:20 Is cybersecurity for AI or is AI for cybersecurity?27:17 How a cloud migration inspired Julia to go into cybersecurity30:38 One policy to improve security posture🔔 Follow Julia and Aleksandra on:https://www.linkedin.com/in/julia-dudenko-8445252/https://www.linkedin.com/in/aleksandra-melnikova-1012/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Prasanna Kanagasabai (PK), CISO, Dkatalis (Bank Jago), started his career as a network engineer and before becoming a pentester-turned-CISO. In this episode, Prasanna explains why breaking systems first is crucial for building robust defenses, the unique challenges of securing a digital-first bank, the role of browser security in protecting sensitive data, and how AI is reshaping both offensive and defensive security strategies.0:00 Prasanna’s journey from network engineer to cybersecurity4:39 “A good offense is your best defense”14:18 Browser security and data protection in cloud platforms23:46 Utilizing AI tools and understanding their risks29:18 How security leaders can stay ahead with IR and a layered approach33:50 The value of GRC and AI integration into cybersecurity43:07 Debunking financial cybersecurity myths🔔 Follow Prasanna and Aleksandra on:https://www.linkedin.com/in/prasanna-kanagasabai-561a467/https://www.linkedin.com/in/aleksandra-melnikova-1012/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Sabika Ishaq, CISO at Grant Thornton Luxembourg and President of Women Cyber Force, shares her journey from the United Nations to becoming a cybersecurity leader. In this episode, Sabika reveals insights on AI integration in cybersecurity, why preparedness is the ultimate cybersecurity superpower and how cognitive diversity is as critical as security controls.0:00 How humanitarian work led Sabika into cybersecurity4:30 Even your front desk contributes to security10:40 Hidden cybersecurity risks in heavily regulated financial markets20:36 Securing where your team actually works: Inside the browser26:51 100% security is impossible — preparedness is your superpower34:38 Hiring diversely and creating a culture of psychological safety🔔 Follow Sabika and Aleksandra on:https://www.linkedin.com/in/sabika-ishaqhttps://www.linkedin.com/in/aleksandra-melnikova-1012/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Ashish Garg, founder and managing partner at Riga Cyber, sits down to discuss his two-decade journey in cybersecurity and the massive shifts he's witnessed since his early days in the field. In this conversation, Ashish shares insights on how attackers have evolved from script kiddies to well-funded, sophisticated adversaries, why browsers have become the primary attack vector and the stark differences in cybersecurity approaches across North America, Europe, and Asia.0:00 Ashish’s cybersecurity journey6:01 Navigating the maze of security tools13:30 Browsers are the new blindspot in enterprise security17:43 How cybersecurity strategies differ across regions26:05 The 5 cybersecurity principles that never change31:48 Advice for junior professionals in an AI-driven world🔔 Follow Ashish and Aleksandra on:https://www.linkedin.com/in/silsilay/https://www.linkedin.com/in/aleksandra-melnikova-1012/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Kush Sharma, Founder of KnightSpectre and Inaugural CISO of the City of Hamilton, has advised organizations worth over $2.5 trillion and knows exactly why most CISOs fail when talking to boards. From his experience being Toronto's inaugural CISO to overseeing a $34 billion railway merger, he shares his insights on government vs enterprise security, why small municipalities are cyber sitting ducks, and how AI-powered browser extensions are a massive security blind spot. 0:00 How an SAP internship created a cybersecurity powerhouse4:29 Security challenges in government and enterprise12:25 The trick to explaining security needs to the board level17:32 Why local governments are goldmines for hackers25:39 “Even security vendors get breached” and browser security blind spots29:56 Creating tailored security education programs40:56 Kush Sharma’s advice for aspiring CISOs: study human behavior🔔 Follow Kush and Aleksandra on:https://www.linkedin.com/in/kush-m-sharma-9bb875a/https://www.linkedin.com/in/aleksandra-melnikova-1012/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Bryson Bort, CEO and founder of Scythe and West Point graduate, breaks down the uncomfortable truths about modern cybersecurity that most vendors won't tell you. From real purple team stories to the "NSA problem" plaguing enterprises, Bryson explains why understanding post-access behavior matters more than prevention. If you're tired of security theater, this conversation will change how you think about defending your organization.0:00 From West Point to cybersecurity: the early days of "information assurance" and building offensive cyber capabilities17:10 Why industrial control systems are just old computers that change the physical world31:46 How AI revolutionizes knowledge management but increases vulnerability39:31 The two truths of cybersecurity: money matters and dwell time kills47:25 Purple teaming philosophy and the Grim Reaper brand story🔔 Follow Bryson and John on:https://www.linkedin.com/in/brysonbort/ https://www.linkedin.com/in/johncarse/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Perry Young brings 25 years of cybersecurity expertise across three continents, from network engineering to serving as Director and ASEAN CISO at Kyndryl. In this conversation with SquareX Field CISO John Carse, he discusses CISOs challenges, why CISOs must be technically competent and why continuous learning is critical.0:00 Episode highlights and Perry's career journey and the biggest challenge for CISOs19:18 When network security people don't understand networks27:09 Perry's work, Center for Internet Security (CIS) and the concept of secure by default38:16 Why Perry chose to go back to formal education48:25 AI in cybersecurity and security for AI56:59 Career advice for aspiring CISOs🔔 Follow Perry and John on:https://www.linkedin.com/in/perryyoung/ https://www.linkedin.com/in/johncarse/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

This episode of the Be Fearless Podcast features Evgeniy Kharam, Chief Strategy Officer at Discern Security and Security Architecture Podcast host. With 25+ years in cybersecurity—from Navy networking to enterprise consulting—Evgeniy explains why traditional security fails in today's browser-first world. He reveals shadow SaaS proliferation realities, describes how we've shifted from protecting a "needle" to a "desert" of attack surfaces, and shares practical enterprise security adaptation strategies.0:00 From Navy networking to CheckPoint13:04 Evgeniy's work at Discern Security16:34 Compliance doesn't always equal security32:34 The Shadow SaaS Crisis and Browser Security Gaps43:28 Common mistakes security startups make when selling to enterprises🔔 Follow Evgeniy and John on:https://www.linkedin.com/in/ekharam/ https://www.linkedin.com/in/johncarse/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Satyen Desai, VP of Sales for Asia Pacific at ColorTokens, discusses enterprise cybersecurity's evolution and why traditional security approaches fail. With over 25 years at IBM, SAP, Cisco, Oracle, and Cloudflare, he explains why organizations must shift from preventing breaches to being "breach ready." Satyen shares insights on micro-segmentation, building trust with seasoned CISOs and what it takes to succeed in enterprise security sales.0:00 Satyen's cybersecurity journey4:41 What is micro-segmentation and why it matters15:27 The difference between enterprise security sales and tech sales30:03 Winning over tough customers and entering new markets44:04 Why AI and autonomous breach readiness are the next big shifts48:16 Building resilient teams and leadership advice🔔 Follow Satyen and John on:https://www.linkedin.com/in/satyen-desai/https://www.linkedin.com/in/johncarse/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0