Be Fearless Podcast by SquareX

Christopher Ahlberg, CEO and co-founder of Recorded Future (which was recently acquired by Mastercard), breaks down the evolving cybersecurity landscape with SquareX's field CISO John Carse. From his journey building Spotfire to creating the world's largest threat intelligence company, Ahlberg shares critical insights on nation-state actors today, the challenges facing modern CSOs, and why predictive threat intelligence is no longer a luxury in today’s world. 0:00 How a computer scientist went to hunt cyber criminals14:46 Your network is NOT safe if your neighbour’s isn’t27:43 How adversaries always find the weakest link39:26 “Some of the best hackers are actually pretty good social engineers”44:03 Bridging the gap between technical teams and executives51:46 Predictive threat intelligence is essential🔔 Follow Christopher and John on:https://www.linkedin.com/in/christopherahlberghttps://www.linkedin.com/in/johncarse/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Luke Shoberg took an unconventional path from studying biology to becoming Global CISO at Sequoia Capital. In this conversation, Luke explains what makes VC security uniquely challenging, why being "professionally paranoid" is essential in security, and how startups can implement scale-appropriate security without killing innovation. 0:00 Introduction and Luke’s path to cybersecurity in VC4:38 The unique challenge of cybersecurity in VC9:33 The common thread across cyber incidents15:31 Luke’s transition to Latacora19:04 What is ‘scale-appropriate security' for startups?25:56 The rise of browser-based attacks and stolen credentials34:02 Tailoring cybersecurity for diverse business models and communication platforms41:35 New technologies on the radar for Luke49:01 “It helps to be sceptical and approach things with an engineering mindset”🔔 Follow Luke and Aleksandra on:https://www.linkedin.com/in/lukeshoberg/https://www.linkedin.com/in/aleksandra-melnikova-1012/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

In this episode, we sit down with Vijay Jajoo, a partner at KPMG with over two decades of experience in cyber data and tech containment. Vijay shares his unique journey into cybersecurity, the biggest challenges facing large organisations today, and the best leadership advice he ever received.0:00 The Flyer that Led to a Cybersecurity Career11:20 The qualities necessary for a cybersecurity consultant20:24 How attack surfaces have evolved over the years24:07 How the browser is now a prime target, Vijay’s approach to browser security30:12 The 3 elements attackers exploit the most34:37 Contributing via the Purple Book Community40:22 Closing, leadership advice and how "it all boils down to people"🔔 Follow Vijay and Aleksandra on:https://www.linkedin.com/in/vijay-jajoo-73b346/https://www.linkedin.com/in/aleksandra-melnikova-1012/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Cecil Su, Director of Cybersecurity and CTI at BDO Advisory and co-lead of OWASP Singapore Chapter, brings nearly two decades of experience from his start in hospitality systems to becoming the cybersecurity leader he is today. In this episode, Cecil breaks down why the browser has become the new perimeter, insights on Singapore's vibrant cybersecurity community, red flags that signal poor security posture, and why prevention-first thinking needs to evolve into resilience-first strategy.0:00 How a hospitality tech role led Cecil into cybersecurity10:36 Inside Singapore's small but thriving cyber network14:41 How localizing the OWASP Testing Guide spiked adoption rates24:47 Browsers are now the biggest enterprise security blindspot29:17 Hidden dangers with SaaS integrations37:33 The biggest red flags in an organization's security posture43:59 Convincing executives to care about cybersecurity49:14 “Phishing isn't the disease, it's how the disease enters”55:43 Advice for security professionals1:00:16 Prevention will fail, focus on detection, response and resilience1:06:18 Black Hat AI Summit and the future of cybersecurity🔔 Follow Cecil and John on:https://www.linkedin.com/in/cecilsu/https://www.linkedin.com/in/johncarse/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Andrea Bergamini, VP and CIO of Orbia, started as a telco engineer 20 years ago when cybersecurity barely existed, but went into the field due to his audit work at GE, which sparked his fascination with risk and controls. Fast forward to today, and he's not just the VP and CISO at Orbia—a $8 billion purpose-driven company—but he recently made the leap to CIO as well, adding infrastructure to his security responsibilities. In this conversation, we dive deep into the balance between friction and protection being part of a purpose-driven company, and the importance of taking calculated risks.0:00 Episode highlights and introduction2:16 From telco engineer to CISO: Andrea's cybersecurity journey6:29 Orbia's purpose-driven mission and Andrea’s motivation for joining14:37 The CISO’s next chapter: Becoming a CIO21:44 Handling unmanaged assets and browser security32:10 Navigating the balance between user friction and security40:59 Using an Executive MBA to reopen closed career paths43:57 Why risk taking is crucial for aspiring CISOs🔔 Follow Andrea and Aleksandra on:https://www.linkedin.com/in/bergamini/https://www.linkedin.com/in/aleksandra-melnikova-1012/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Aamir Niazi, Executive Director and CISO at SMBC Capital Markets, shares his unfiltered 18-year journey from engineer to leading cybersecurity teams in financial services. Aamir gets honest about hiring mistakes, building remote teams during COVID, browser security challenges, getting executive buy-in, and the challenges of transitioning from hands-on practitioner to strategic leader.0:00 Transiting from IT engineer to cybersecurity6:14 “You must build the team that has integrity”12:24 Emerging cybersecurity tech and browser security20:47 Getting the buy-in for cybersecurity tools27:18 Compliance does not equate to sound security🔔 Follow Aamir and Aleksandra on:https://www.linkedin.com/in/aniazi/https://www.linkedin.com/in/aleksandra-melnikova-1012/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

What if most organizations are testing their security tools against the wrong threats entirely?As the leader behind the industry standard program that helps organizations understand how security tools perform against real-world threats, William Booth, General Manager and Director of MITRE's ATT&CK Evaluations, shares common misconceptions in adversary emulation, the gap between compliance and actual security effectiveness, and practical advice for security leaders trying to make sense of vendor claims and build truly effective defense strategies.0:00 Episode highlights and introduction0:56 How a money laundering investigation inspired William to enter the field6:11 What MITRE ATT&CK evaluations actually test and why participation matters23:07 Selecting the right adversary for emulation in your organization35:11 Compliance goes beyond security controls44:18 Browser attacks in ATT&CK evaluations58:37 AI's impact on evaluations and security tool performance1:10:07 Closing: advice for security leaders evaluating vendor claims🔔 Follow William and John on:https://www.linkedin.com/in/williambbooth/https://www.linkedin.com/in/johncarse/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Dr. Aleksandr Yampolskiy, cofounder and CEO of SecurityScorecard, went from being a 14-year old immigrant to America to building SecurityScorecard — the security ratings platform now used by over 3,000 companies. In this conversation with SquareX founder Vivek Ramachandran, Aleksandr breaks down the real challenges of category creation, his playbooks on entrepreneurship and the importance of understanding the customer. 0:00 Introduction to Aleksandr1:22 Aleksandr’s origin story: from Prince of Persia to cybersecurity6:57 Transitioning from academia to being entrepreneurship9:30 The market gap discovery that led to SecurityScorecard16:56 The playbook for creating categories21:08 “Always think you’re building a legendary company”26:37 SecurityScorecard’s SCDR (Supply Chain Detection and Response)28:32 Leadership style: zoom in, zoom out, and transparency31:05 Browser security as the next big necessity35:54 Highlights from Aleksandr’s book “The Perfect Scorecard” and closing 🔔 Follow Aleksandr and Vivek on:https://www.linkedin.com/in/ayampolskiyhttps://www.linkedin.com/in/vivekramachandran/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

Meet Dr. Brian Gardner, who secured the City of Dallas for over 7 years before moving to Austin as the City’s CISO. In this episode of the Be Fearless Podcast, Brian shares war stories from managing critical infrastructure, how he grew Dallas's cybersecurity budget from 2.3% to nearly 10% of the IT spend, and dives into the unique challenges cities face with shadow SaaS and browser security.0:00 Episode highlights and introduction5:43 On crisis recovery and resilience14:29 Wearing multiple hats from CIO to CTO to CISO19:49 Growing cyber budgets alongside cyber programs25:22 Defending critical infrastructure such as tornado sirens and cameras38:38 Browser security and SaaS app challenges47:58 The origins of the Coalition of City CISOs51:41 Closing: on fostering kids and future plans🔔 Follow Brian and John on:https://www.linkedin.com/in/brian-gardner-ph-d-3588a929/https://www.linkedin.com/in/johncarse/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0

What does it take to protect a beloved cultural institution like PBS? In this episode, Jimmy Benoit, CISO of PBS, discusses how he transitioned from military service to cybersecurity, balancing security requirements with business objectives, and why building relationships across the organization matters more than any single technology solution. 0:00 The journey from college to the military to private cybersecurity10:50 Balancing security needs with business goals14:22 Using the right-sized solution to combat threats and improve cyber resilience23:08 Building intra-organization relationships is the key to security success29:03 The three core messages for communicating security projects effectively🔔 Follow Jimmy and Aleksandra on:https://www.linkedin.com/in/jimmybenoit/https://www.linkedin.com/in/aleksandra-melnikova-1012/🔥 Powered by SquareXDeployed as a lightweight extension, SquareX turns any browser, on any device, into a secure enterprise browser. Find out more about SquareX at https://hubs.la/Q03rPcbf0