Enterprise Security Weekly (Audio)

Interview with Kara Sprague - The AI Fix for Infrastructure's Oldest Security Risks.
Critical infrastructure, often built on decades-old systems and legacy code, remains vulnerable to cyberattacks. From pipelines and energy grids to transportation networks, we break down where critical infrastructure is vulnerable and how AI could potentially help strengthen defenses.
Interview with Mike Privette - The State of the Cybersecurity Market
Here at ESW, we use Mike Privette's Security, Funded newsletter to prepare for every news segment. His newsletter covers the latest fundings, acquisitions, public market performance, layoffs, and other pertinent market details every week. We particularly enjoy the weekly Vibe Check.
In this interview, he joins us for the third year in a row, to discuss the most interesting insights from his annual State of Market Report.
Post recording Adrian here: Whooooo, so this conversation was SO good, I decided to punt the news segment in favor of a part 2 with Mike, so enjoy!
Also, though I punted the news segment, I did collect these stories and annotated them, so I think there's still some value in leaving them in the show notes. Scroll down for the links and my comments on each of these!
Weekly Enterprise News
Finally, in the enterprise security news,
funding announcements seem to be ramping up before RSA
Should security architects be shifting right?
How McKinsley's AI platform got hacked… by AI
Amazon is having a bad time with AI lately
Europe announces a Google Workspace/Microsoft 365 replacement
Robot dogs are apparently guarding datacenters now
Some much needed security humor in our squirrel stories before we all fly to San Francisco and lose our minds for a week
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-451

Interview with Jeremy Snyder from FireTail about AI Governance
Death by a thousand cuts: the AI shadow IT problem
I think the best description of the AI governance problem during this interview was the title of the award-winning movie, Everything, Everywhere, All At Once. Generative AI has been disrupting businesses, products, and vendor risk management for a few years now. FireTail is one of the companies trying to address this problem for enterprises, so we check in with Jeremy Snyder to see how things are going.
Segment 1 Resources:
https://www.firetail.ai/ai-breach-tracker
Interview with Allie Mellen about her new book, Code War: How Nations Hack, Spy, and Shape the Digital Battlefield
We're VERY excited to check out Allie's new book, which will be released on St. Patrick's Day 2026! The timing could not be better, as her book is perfectly positioned to provide some much needed perspective on the cyber aspects of the ongoing war in Iran.
Is it normal to see the use of wipers on healthcare companies in the midst of the conflict? Is there any precedent for hyperscaler datacenters getting targeted (some of AWS's EMEA regions are still recovering)? Check out the conversation to find out!
Pick up the book!
from Wiley
from Barnes & Noble
from Amazon
Allie's personal website
The Weekly Enterprise News
Finally, in the enterprise security news,
Vibes and funding!
Starting to see some disruption in the vuln mgmt space (finally!)
Tons of new free tools
lots of essays
lots of reports
logs of breaches
the talks our hosts are giving at RSAC conference
and someone is selling an actual cone of silence???
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-450

Interview with Anna Pham
Breaking in with ClickFix: Anatomy of a modern endpoint attack
Cybersecurity company Huntress just published a report on a new ClickFix variant they've discovered, which they've dubbed CrashFix. This technique was developed by KongTuke to serve as the primary lure within a new custom malicious browser extension also created by the group.
In short, the team observed the threat actors using KongTuke's malicious browser extension to display a fake security warning, claiming the browser had "stopped abnormally" and prompting users to run a "scan" to remediate the threats. Upon "running the scan," the user is presented with a fake "Security issues detected" alert and instructed to manually "fix" the issue by opening the Windows Run dialog, pasting from their clipboard, and pressing Enter.
The malicious extension silently copies a PowerShell command to the clipboard, disguised as a legitimate repair command. From there, they execute the malicious command.
Segment Resources:
BLOG - Dissecting CrashFix: KongTuke's New Toy
Interview with David Zendzian
Continuous compliance and real security lifecycle management
Supply chain attacks are not just on the rise; attackers are learning from the past, making these attacks even more effective and dangerous than before. It was just over a month ago when the Shai-Hulud attack first impacted NPM packages, forcing enterprises around the world into lockdown. While only 187 packages were compromised in that initial incident, it served as a wake-up call for many: an accurate inventory of systems is good, but a clear, real-time Software Bill of Materials (SBOM) for applications is non-negotiable.
In this world of manifest based infrastructure and container based applications with (real) "devsecops", the dream of continuous upgrades of OS/Runtime/Stack/App and App Dependencies is very mature and there are solid examples of companies and federal entities managing this at scale without thousands of teams and people.
Segment Resources:
BLOG - Supply Chain Security: How accurate SBOMs can deliver proactive threat mitigation
Interview with Jacob Horne
CMMC Phase 1 Enforcement — What the November 10 Deadline Means for the Defense Supply Chain
With the upcoming CMMC Phase 1 enforcement on November 10, cybersecurity teams across the defense and federal supply chain are facing new compliance requirements that directly affect contract eligibility and data-protection standards. Jacob Horne, Chief Cybersecurity Evangelist at Summit 7, can break down what this milestone means for enterprise security leaders, MSPs/MSSPs, and contractors preparing for audits.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-449

Interview - Ben Worthy from Airbus Protect
The current state of OT security and business resilience
In this episode of Enterprise Security Weekly, we sit down with Ben Worthy, OT Security Specialist at Airbus Protect, to explore the evolving landscape of business resilience in safety-critical sectors. With over 25 years of experience across aerospace, nuclear, water, oil & gas, and other industries, Ben shares insights on how organizations are adapting to the surge in disruptive cyberattacks—from ransomware targeting operational technology to GPS spoofing and supply chain incidents. We discuss major cases including the Boeing/LockBit ransom demand, the Jaguar Land Rover production shutdown, and the SITA passenger data breach, examining how aviation and other critical infrastructure sectors are separating safety risk from business continuity risk.
Ben also breaks down the regulatory changes reshaping the industry, including EASA's October 2025 and February 2026 deadlines that tie cyber assurance directly to safety oversight, and what ENISA's latest numbers reveal about hacktivism and ransomware trends. Whether you're in aviation, nuclear, or any safety-critical sector, this conversation offers practical lessons on building resilience that keeps operations moving while addressing threats in real time.
This segment is sponsored by Airbus Protect. Visit https://securityweekly.com/airbusprotect to learn more about them!
Topic: Where are the business incentives to build secure products and software?
"It's the right thing to do," so of course businesses will make their products secure, right? Well, it turns out that breaches and vulnerabilities don't traditionally hurt financial performance all that much. Stocks recover, insurance covers the bulks of the losses, fines are paid, and lawsuits are settled. Most businesses can comfortably absorb the impact, so the threat of reputational harm or financial losses just aren't slowing them down.
In the case of Ivanti, where the reputational harm was extreme, the company's companies continue to get hacked as critical vulnerabilities keep getting discovered in their products.
https://www.bloomberg.com/news/features/2026-02-19/vpn-used-by-us-government-failed-to-stop-china-state-sponsored-hackers
In this topic segment, we don't aim to provide solutions to this problem, just the awareness that ethics, doing the right thing, and even signing the Secure by Design pledge don't seem to be enough to change vendor behavior when it comes to securing products.
The Weekly Enterprise Security News
Finally, in the enterprise security news,
RSA Innovation Sandbox hot takes
Did AI solve cyber?
fundings and acquisitions
a free app to warn you about smart glasses
deep thoughts about OpenClaw
replacing US tech with EU equivalents is hard
should you turn off dependabot?
accidentally taking over 7000 robot vacuums
the director of AI Safety at Meta loses her email somehow
should you go back to using a blackberry?
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-448

Segment 1 - Interview with Tim Morris
Bringing intelligence to assets
You've been through 6 CMDB projects in the last decade. None of them came close to the original goals, the CMDB was already out-of-date long before the project had any hopes of completing. Is building an asset inventory just too ambitious a project for most organizations, or is there a better way?
Tim Morris shares a different approach with us today. It might require some convincing and some courage, but it seems much more likely to succeed than any of your past CMDB efforts…
Segment Resources
Trusted automation: Building autonomous IT with confidence
This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them!
Segment 2 - Topic: the new White House cybersecurity strategy
In this segment, we explore some early details about the White House's new, but yet unreleased cybersecurity strategy. It appears that drafts have been shared (or leaked) to the press, so there's plenty to discuss here!
Segment 3 - News
Finally, in the enterprise security news,
Massive amounts of funding and acquisitions as we get close to RSA
Open source registries need help
Microsoft Copilot reads email marked as DO NOT READ
Don't use an LLM to generate passwords
is prompt injection a vulnerability
defining risks
AI changes the build versus buy equation
the scammer's perspective
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-447