Enterprise Security Weekly (Audio)

Segment 1: Interview with Warwick Webb
From Initial Entry to Resilience: Understanding Modern Attack Flows
Modern cyberattacks don't unfold as isolated alerts--they move as coordinated attack flows that exploit gaps between tools, teams, and time. In this episode, Warwick Webb, Vice President of Managed Detection and Response at SentinelOne, breaks down how today's breaches often begin invisibly, progress undetected through siloed security stacks, and accelerate faster than human response alone can handle. He'll discuss how unified platforms, machine-speed detection powered by global threat intelligence, and expert-led response change the equation--turning fragmented signals into clear attack narratives. The conversation concludes with how organizations can move beyond incident response to build resilience, readiness, and continuous improvement through post-attack analysis. Listeners will leave with a clearer understanding of how attacks actually unfold in the real world—and what it takes to move from reactive alert handling to true attack-flow-driven defense.
Segment Resources:
Wayfinder MDR Solution Brief
451 MDR Report
Managed Defense Redefined Blog
This segment is sponsored by SentinelOne. Visit https://securityweekly.com/sentinelone to learn more about them!
Segments 2 and 3: The Weekly News
In this week's enterprise security news,
we've got funding
free tools!
the CISO's craft
agentic browsers
tech companies are building cyber units?
giving AI agents access to your entire life
lots of dumpster fires in the industry today
Cisco killed Kenna
the state of AI in the SOC
homemade EMP guns! don't try this at home
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-444

Segment 1: Interview with Thyaga Vasudevan
Hybrid by Design: Zero Trust, AI, and the Future of Data Control
AI is reshaping how work gets done, accelerating decision-making and introducing new ways for data to be created, accessed, and shared. As a result, organizations must evolve Zero Trust beyond an access-only model into an inline data governance approach that continuously protects sensitive information wherever it moves. Securing access alone is no longer enough in an AI-driven world.
In this episode, we'll unpack why real-time visibility and control over data usage are now essential for safe AI adoption, accurate outcomes, and regulatory compliance. From preventing data leakage to governing how data is used by AI systems, security teams need controls that operate in the moment - across cloud, browser, SaaS, and on-prem environments - without slowing the business.
We'll also explore how growing data sovereignty and regulatory pressures are driving renewed interest in hybrid architectures. By combining cloud agility with local control, organizations can keep sensitive data protected, governed, and compliant, regardless of where it resides or how AI is applied.
This segment is sponsored by Skyhigh Security. Visit https://securityweekly.com/skyhighsecurity to learn more about them!
Segment 2: Why detection fails
Caleb Sima put together a nice roundup of the issues around detection engineering struggles that I thought worth discussing. Amélie Koran also shared some interesting thoughts and experiences.
Segment 3: Weekly Enterprise News
Finally, in the enterprise security news,
Fundings and acquisitions are going strong
can cyber insurance be profitable?
some new free tools shared by the community
RSAC gets a new CEO
Large-scale enterprise AI initiatives aren't going well
LLM impacts on exploit development
AI vulnerabilities
global risk reports
floppies are still used daily, but not for long?
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-443

Segment 1 with Beck Norris - Making vulnerability management actually work
Vulnerability management is often treated as a tooling or patching problem, yet many organizations struggle to reduce real cyber risk despite heavy investment. In this episode, Beck Norris explains why effective vulnerability management starts with governance and risk context, depends on multiple interconnected security disciplines, and ultimately succeeds or fails based on accountability, metrics, and operational maturity.
Drawing from the aviation industry—one of the most regulated and safety-critical environments—Beck translates lessons that apply broadly across regulated and large-scale enterprises, including healthcare, financial services, and critical infrastructure.
Segment 2 with Ryan Fried and Jose Toledo - Making incident response actually work
Organizations statistically have decent to excellent spending on cybersecurity: they have what should be sufficient staff and some good tools. When they get hit with an attack, however, the response is often an unorganized, poorly communicated mess! What's going on here, why does this happen???
Not to worry. Ryan and José join us in this segment to offer some insight into why this happens and how to ensure it never happens again!
Segment Resources:
[Mandiant - Best practices for incident response planning]
(https://services.google.com/fh/files/misc/mandiantincidentresponsebestpractices_2025.pdf?linkId=19287933)
Beyond Cyberattacks: Evolution of Incident Response in 2026
Segment 3 - Weekly Enterprise News
Finally, in the enterprise security news,
Almost no funding…
Oops, all acquisitions!
Changes in how the US handles financial crimes and international hacking
Mass scans looking for exposed LLMs
The state of Prompt injection
be careful with Chrome extensions
and home electronics from unknown brands
Is China done with the West?
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-442

First Topic - Podcast Content Plans for 2026
Every year, I like to sit down and consider what the podcast should be focusing on. Not doing so ensures every single episode will be about AI and nobody wants that. Least of all, me. If I have one more all-AI episode, my head is going to explode.
With that said, most of what we talk about in this segment is AI (picard face palm.png). I think 2026 will be THE defining year for GenAI. Three years after the release of ChatGPT, I think we've hit peak GenAI hype and folks are ready for it to put up or shut up. We'll see winners grow and get acquired and losers pivot to something else. More than anything, I want to interview folks who have actually seen it work at scale, rather than just in a cool demo in a vendor sandbox.
Also on the agenda for this year:
The battle against infostealers and session hijacking: we didn't have a good answer in 2025. When is it coming? Will it include Macs, despite them not having a traditional TPM?
The state of trust in outsourcing and third party use (Cloud, MSSPs, SaaS, contractors): 2025 was not a good year for third parties. Lots of them got breached and caused their customers a lot of pain. Also, there's the state of balkanization between the US and... the rest of the entire world. Everyone outside the US seems to be trying to derisk their companies and systems from the Cloud Act right now.
Vulnerability management market disruption: there are half a dozen startups already plotting to disrupt the market, likely to come out of stealth in 2026
Future of the SOC: if it's not AI, what is it?
What else???
What am I missing? What would you like to see us discuss? Please drop me a line and let me know: [email protected]
Topic 2: The state of cybersecurity hiring
This topic has been in the works for a while! Ayman had a whole podcast and book focused on all the paths people take to get into security. Jackie worked with WiSys on outlining pathways into a cybersecurity career.
Whether you're already in cyber or looking for a way in, this segment crams a lot of great advice into just 15-20 minutes.
Segment resources:
Ayman's personal guide for getting into security
https://www.wicys.org/wp-content/uploads/2025/10/WiCyS-Pathways-in-Cyber-PDF-9.24.25.pdf
News
Finally, in the enterprise security news,
Fundings and acquisitions still strong in 2026!
Santa might be done delivering gifts, but not protecting Macs!
ClickFix attacks
Weaponized Raspberry Pis
MongoDB incidents for Christmas
Top 10 Cyber attacks of 2025
US gets tough on nation state hackers?
Brute force attacks on Banks
An AI Vending Machine
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-441

For our first episode of the new year, we thought it would be appropriate to dig into some cybersecurity predictions.
First, we cover the very nature of predictions and why they're often so bad. To understand this, we get into logical fallacies and cognitive biases.
In the next segment, we cover some 2025 predictions we found on the Internet.
In the final segment, we discuss 2026, drop some of our own predictions, and talk about what we hope to see this year.
SPOILER: Please fix session hijacking, okay tech industry?
Segment resources:
A great site for better understanding logical fallacies and cognitive biases
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-440