SecOps continues to be one of the most challenging areas of cybersecurity. It involves addressing alert fatigue, minimizing dwell time and meantime-to-respond (MTTR), automating repetitive tasks, integrating with existing tools, and leading to ROI.

In this episode, we sit with Grant Oviatt, Head of SecOps at Prophet Security and an experienced SecOps leader, to discuss how AI SOC Analysts are reshaping SecOps by addressing systemic security operations challenges and driving down organizational risks.

Grant and I dug into a lot of great topics, such as:

• Systemic issues impacting the SecOps space include alert fatigue, triage, burnout, staffing shortages, and inability to keep up with threats.
• What makes SecOps such a compelling niche for Agentic AI, and what key ways can AI help with these systemic challenges?
• How Agentic AI and platforms such as Prophet Security can aid with key metrics such as SLOs or meantime-to-remediation (MTTR) to drive down organizational risks.
• Addressing the skepticism around AI, including its use in production operational environments and how the human-in-the-loop still plays a critical role for many organizations.
• Many organizations are using Managed Detection and Response (MDR) providers as well, and how Agentic AI may augment or replace these existing offerings depending on the organization's maturity, complexity, and risk tolerance.
• How Prophet Security differs from vendor-native offerings such as Microsoft Co-Pilot and the role of cloud-agnostic offerings for Agentic AI.

In this episode, we sit down with Rajan Kapoor, Field CISO of Material Security, to discuss the security risks and shortcomings of native cloud workspace security offerings and the role of modern platforms for email security, data governance, and posture management.

Email and Cloud Collaboration Workspace Security continues to be one of the most pervasive and challenging security environments, and Rajan provided a TON of excellent insights. We covered:

• Why email and cloud workspaces are some of the most highly targeted environments by cyber criminals, what they can do once they do compromise the email environment, and the broad implications.
• The lack of security features and capabilities of native cloud workspaces such as M365 and Google Workspaces and the technical and resource constraints that drive teams to seek out innovative products such as Material Security.
• The tug of war between security and productivity and how Material Security helps address challenges of the native workspaces that often make it hard for people to do their work and lead to security being sidestepped.
• Particularly industries that are targeted and impacted the most, such as healthcare, where there is highly sensitive data, regulatory challenges, and more.
• Common patterns among threats, attacks, and vulnerabilities and how organizations can work to bolster the security of their cloud workspace environments.

This is a fascinating area of security. We often hear “identity is the new perimeter” and see identity play a key role in trends such as zero trust. But, so often, that identity starts with your email, and it can lead to lateral movement, capturing MFA codes, accessing sensitive data, impacting business partners, phishing others in the organization, and more, all of which can have massive consequences for the organizations impacted.

Raja brought his expertise as a Field CISO and longtime security practitioner to drop a ton of gems in this one, so be sure to check it out!

While cybercriminals can (and do) infiltrate organizations by exploiting software vulnerabilities and launching brute force attacks, the most direct—and often the most effective—route is via the inbox. As the front door of an enterprise and the gateway upon which employees rely to do their jobs, the inbox represents an ideal access point for attackers.

And it seems that, unfortunately, cybercriminals aren’t lacking when it comes to identifying new ways to sneak in. Abnormal Security’s Field CISO, Mick Leach, will discuss some of the sophisticated threats we anticipate escalating in the coming year—including cryptocurrency fraud, AI-generated business email compromise, and more.

Mick and I dove into a lot of great topics, including:

• The evolution of email based attacks and why traditional tooling may fall short
• How attackers are leveraging GenAI and LLM’s to make more compelling email-based attacks
• How defenders can utilize AI to improve their defensive capabilities
• The role of tooling such as Secure Email Gateways and more, and how they still play a role but fail to meet the latest threat landscape
• How Abnormal is tacking email-based attacks and the outcomes they are helping customers achieve with streamlined integration and use

We’ve heard a ton of excitement about AI Agents, Agentic AI, and its potential for Cybersecurity. This ranges in areas such as GRC, SecOps, and Application Security (AppSec).

That is why I was excited to sit down with Ghost Security Co-Founder/CEO Greg Martin.

In this episode, we sit down with Ghost Security CEO and Co-Founder Greg Martin to chat about Agentic AI and AppSec. Agentic AI is one of the hottest trends going into 2025, and we will discuss what it is, its role in AppSec, and what system industry challenges it may help tackle.

Greg and I chatted about a lot of great topics, including:

• The hype around Agentic AI and what makes AppSec, in particular, such a promising area and use case for AI to tackle longstanding AppSec challenges such as vulnerabilities, insecure code, backlogs, and workforce constraints.
• Greg’s experience as a multi-time founder, including going through acquisitions, but what continues to draw him back to being a builder and operational founder.
• The challenges of historical AppSec tooling and why the time for innovation, new ways of thinking, and leveraging AI is due.
• Whether we think AI will end up helping or hurting more in terms of defenders and attackers and their mutual use of this promising technology.

And much more, so be sure to tune in and check it out, as well as check out his team at Ghost Security and what they’re up to!

In this episode, we will be sitting down with Filip Stojkovski and Dylan Williams to dive into AI, Agentic AI, and the intersection with cybersecurity, specifically Security Operations (SecOps).

I’ve been following Filip and Dylan for a bit via LinkedIn and really impressed with their perspective on AI and its intersection with Cyber, especially SecOps. We dove into that in this episode including:

• What exactly Agentic AI and AI Agents are, and how they work
• What a Blueprint for AI Agents in Cybersecurity may look like, using their example in their blog with the same title
• The role of multi-agentic architectures, potential patterns, and examples such as Triage Agents, Threat Hunting Agents, and Response Agents and how they may work in unison
• The potential threats to AI Agents and Agentic AI architectures, including longstanding challenges such as Identity and Access Management (IAM), Least-Permissive Access Control, Exploitation, and Lateral Movement
• The current state of adoption across enterprises and the startup landscape and key considerations for CISO’s and security leaders looking to potentially leverage Agentic SecOps products and offerings

In this episode, we sit down with StackAware Founder and AI Governance Expert Walter Haydock. Walter specializes in helping companies navigate AI governance and security certifications, frameworks, and risks. We will dive into key frameworks, risks, lessons learned from working directly with organizations on AI Governance, and more.

• We discussed Walter’s pivot with his company StackAware from AppSec and Supply Chain to a focus on AI Governance and from a product-based approach to a services-oriented offering and what that entails.
• Walter has been actively helping organizations with AI Governance, including helping them meet emerging and newly formed standards such as ISO 42001. Walter provides field notes, lessons learned and some of the most commonly encountered pain points organizations have around AI Governance.
• Organizations have a ton of AI Governance and Security resources to rally around, from OWASP, Cloud Security Alliance, NIST, and more. Walter discusses how he recommends organizations get started and where.
• The U.S. and EU have taken drastically different approaches to AI and Cybersecurity, from the EU AI Act, U.S. Cyber EO, Product Liability, and more. We discuss some of the pros and cons of each and why the U.S.’s more relaxed approach may contribute to economic growth, while the EU’s approach to being a regulatory superpower may impede their economic growth.
• Walter lays our key credentials practitioners can explore to demonstrate expertise in AI security, including the IAPP AI Governance credential, which he recently took himself.

You can find our more about Walter Haydock by following him on LinkedIn where he shares a lot of great AI Governance and Security insights, as well as his company website www.stackaware.com

In this episode, we sit with the return guest, Jim Dempsey. Jim is the Managing Director of the Cybersecurity Law Center at IAPP, Senior Policy Advisory at Stanford, and Lecturer at UC Berkeley. We will discuss the complex cyber regulatory landscape, where it stands now, and implications for the future based on the recent U.S. Presidential election outcome.

We dove into a lot of topics including:

• The potential impact of the latest U.S. Presidential election, including the fact that while there are parallels between Trump’s first term and Joe Biden’s, there are also key differences. We’re likely to see a deregulatory approach related to commercial industry and consumer tech but much more alignment and firm stances related to cyber and national security.
• The future of efforts around Software Liability and Safe Harbor
• Contrasted differences between the EU’s tech regulatory efforts and the U.S. The U.S. has taken a much more voluntary approach. While Jim is an advocate of regulation and thinks it is needed, he simply cannot get behind the heavy-handed approach of the EU and suspects it will continue to widen the tech gap between the U.S. and the EU.
• What is the potential for regulatory harmonization and the challenges due to the unique aspects of each industry, vertical, data types, and more.

Jim leads the recently formed IAPP Cybersecurity Law Center

He is also the author of the book Cybersecurity Law Fundamentals, Second Edition.

In this episode of Resilient Cyber I will be chatting with industry leaders Tyler Shields and James Berthoty on the topic of "Shift Left".

This includes the origins and early days of the shift left movement, as well as some of the current challenges, complaints and if the shift left movement is losing its shine.

We dive into a lot of topics such as:

• Tyler and Jame’s high-level thoughts on shift left and where it may have went wrong or run into challenges
• Tyler’s thoughts on the evolution of shift left over the last several decades from some of his early Pen Testing roles and working with early legacy applications before the age of Cloud, DevOps and Microservices
• James’ perspective, having started in Cyber in the age of Cloud and how his entire career has come at shift left from a bit of a different perspective
• The role that Vendors, VC’s and products play and why the industry only seems to come at this from the tool perspective
• Where we think the industry is headed with similar efforts such as Secure-by-Design/Default and its potential as well as possible challenges