Razorwire Cyber Security Insights

• The Psychological Toll of Working in Cybersecurity - When You Can't Unsee What You've Seen

  Are you prepared for the psychological toll that comes with handling disturbing content in the cybersecurity world?Welcome to Razorwire, where today we’re exploring into the realities behind a career in cyber, from technical warfare to the often-overlooked human cost. In this episode, I’m joined by therapist and consultant Eve Parmiter to examine the real psychological impact of repeated exposure to distressing material that many of us face during incident investigations, content moderation and threat research.Eve draws on her background in trauma therapy and real-world experiences both inside and outside of cybersecurity. Together, we discuss why even seasoned professionals struggle to talk about their experiences, how secondary trauma manifests in our daily lives and what can actually help in environments that don’t provide enough support.If you've ever had to investigate colleagues, review disturbing material, or make impossible decisions under pressure, this conversation will resonate. We don't shy away from hard truths, but we do focus on practical ways to build resilience and find some measure of satisfaction in doing the right thing - even when it's difficult.In this episode:1. Understand the true impact of secondary trauma in cyber roles.We break down the difference between stress, burnout and trauma specific to cybersecurity professions, exploring how exposure to disturbing content changes your outlook - and why it’s not a personal weakness.2. Learn why most pros don’t talk about their struggles and how to break the silence.Eve explains why lacking the right language keeps many from processing what they experience and offers insight into building peer support systems and practical organisational responses.3. Discover tested strategies for coping and recovery.You’ll leave with actionable advice straight from the worlds of therapy and cyber on how to protect yourself, when to seek help and the importance of cultivating supportive communities.Tune in for a genuine, valuable discussion that puts the mental health of cybersecurity professionals front and centre and find out how to make a tough job more sustainable for yourself and your team.Why Self Care Isn't Enough for Trauma"You can't self care your way out of trauma. There is no amount of bubble baths or ice baths that are going to remove certain images or certain experiences."Eve ParmiterListen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:The Psychological Impact of Difficult Materials. Why exposure to traumatic or distressing digital content leads to anxiety, depression and long term negative outlooks.Challenges Discussing Trauma in Cybersecurity. How professionals can overcome their reluctance to discuss experiences when they lack the language or organisational support.Primary vs Secondary Traumatic Stress. Learn how to identify when direct and indirect exposure to disturbing content creates real psychological effects that often resemble PTSD.Addressing Vicarious Trauma and Worldview Shifts. How to cope when repeatedly witnessing other people's trauma changes how you perceive the world and interact with your environment.Moral Distress and Injury in Decision Making. Find out how to manage situations where you face ethical dilemmas...

  --------  

  57:20

  --------

  57:20
• Hacking AI: The Risks for Businesses

  Understanding AI security threats before they become your next crisisOn this episode of Razorwire, I explore the emerging frontier of AI security with leading experts Jonathan Care and Martin Voelk. We examine the latest risks, show you how adversaries are exploiting AI systems and share practical advice for professionals working with these rapidly advancing technologies.We move past the marketing speak to reveal how attackers are using generative AI, what it really takes to test these complex systems and what the rise of agentic, self-operating AI means for defenders. Security leaders, penetration testers and anyone implementing business technology need to understand these threats before committing to new AI solutions.This conversation addresses real incidents, examines practical realities and highlights why many enterprises are dangerously unprepared for what's ahead in AI security.Key TopicsInside the Mind of the Attacker: Learn how both ethical hackers and financially motivated criminals are already using AI to automate attacks, spread misinformation and create new vulnerabilities. Martin and Jonathan share examples of prompt injection, data poisoning and “model jailbreaking” - all tactics reshaping the cyber threat landscape right now.Pen Testing AI: What’s Different and What’s Still the Same: Go behind the scenes with insights into penetration testing for large language models and agentic AI. The episode discusses fresh attack surfaces, why classic testing skills are still vital and the new OWASP Top 10 for LLMs. If you’re considering buying AI-powered tools, take away concrete advice on how to stress-test these systems before attackers do.Business Risk, Legal Headaches and What to Demand from Vendors: With AI now touching everything from customer bots giving dodgy medical advice to autonomous agents able to cause chaos, the conversation gives practical advice about reputational, legal and operational risks. Listen for the must-ask questions every business should take to their vendors as well as new regulatory requirements that mean robust AI testing can’t be left as an afterthought.If you want to stay ahead of AI and cybersecurity developments and avoid building tomorrow's biggest headache, this episode is essential listening.AI Model Bias Debate: " 77% of enterprises are reporting at least one AI related security incident. 62% of enterprises lack any dedicated testing programme.”Jonathan CareListen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:Test Your AI Before Attackers Do - With 77% of enterprises already hit by AI security incidents but 62% lacking testing programmes, discover what specific vulnerabilities to check for and how to implement proper AI red teaming.Stop AI Hallucinations From Damaging Your Business - Understand how AI systems fabricate information and create legal liability, plus practical steps to identify and mitigate these risks before they affect customers or operations.Protect Against Medical and Legal AI Disasters - Learn from real cases where AI gave dangerous advice and created legal obligations, including what liability questions you need to address with vendors and internal teams.Secure Agentic AI That Can Take Real Actions - Discover why AI agents that can invoke APIs, modify data

  --------  

  56:28

  --------

  56:28
• Streamlining the Compliance Journey - An End-to-End Approach

  Is your compliance strategy making life easier or just adding more chaos?Welcome to Razorwire, where we take you to the heart of cybersecurity with voices that have seen it all. I’m Jim, your host and in this episode, I’m joined by Martin Davies (Audit Alliance Manager at Drata) and Patrick Sullivan (VP of Strategy and Innovation at A-LIGN). Together, we explore how to cut the compliance overhead, eliminate duplication across multiple frameworks and turn compliance into a competitive advantage that actually speeds up sales cycles.Compliance is rarely anyone’s favourite topic, yet it’s unavoidable and organisations are under more pressure than ever to do it well. We explore why compliance keeps getting more complex, what’s actually driving value and how the right blend of people, processes and technology can transform it from a painful cost centre into a genuine strategic asset.Key topics:Cutting Compliance Overhead: Discover practical ways to avoid duplication of effort, map overlapping controls across frameworks and use technology to bring order to compliance chaos.Compliance as a Value Generator, Not Just a Cost: Hear real world perspectives on shifting the mindset around compliance, from being a necessary evil to a competitive differentiator that can support new business, speed up sales cycles and add commercial value.The Road Ahead: Continuous Monitoring and Emerging Pressures: Explore the shift from annual audits to ongoing assurance, the impact of AI on compliance frameworks and the new reality of management liability in regulations like DORA and NIS2.If you’re ready to rethink compliance and turn it into a source of strategic advantage, this is an episode you won’t want to miss.On duplication of effort: "The words ‘compliance overhead’ - when I hear that, I hear duplication of effort. If someone's doing the same control twice, that's objectively a bad thing." Martin DaviesListen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:How to tackle the complexity of compliance - Understand why compliance requirements keep growing and discover strategies for managing multiple frameworks without getting overwhelmed.How to turn compliance from cost centre to value generator - Learn practical approaches for positioning compliance as a competitive advantage that can speed up sales cycles and create business value.Practical ways to streamline your compliance processes - Discover methods to eliminate duplication of effort, reduce time waste and support more agile business operations.How to identify and eliminate overlap across frameworks - Learn techniques for mapping overlapping standards and consolidating controls to avoid doing the same work twice.How to leverage technology and GRC tools effectively - Understand how platforms like Drata can transform evidence management, reduce audit stress and bring order to compliance chaos.What auditors actually look for during assessments - Learn why auditors focus on intent and sound processes rather than box-ticking, and how to prepare effectively for audits.When to shift from annual to continuous monitoring -...

  --------  

  58:15

  --------

  58:15
• Venture Capital's Cybersecurity Crisis: No Money, No Innovation, No Future?

  Why venture capitalists have abandoned cybersecurity and what this means for real innovationWelcome to Razorwire, the podcast where we go beyond the headlines to dig into what really matters in information security. I'm your host, James Rees and this week we're pulling back the curtain on the world of venture capital in cybersecurity. The brutal truth is that VC money has dried up, innovation has stalled and according to this week’s special guest, we're mostly seeing "the same crap with AI on it." VCs are having layoffs, funds are frozen at 13-14 years with no exits and genuine breakthroughs are nowhere to be found.In this episode, I sit down with cybersecurity expert Oliver Rochford to dissect the state of VC investment in information security in 2025. We break down why funding is tightening, where the "innovation" is really happening (or not) and how security start-ups can survive in a changing landscape. If you're tired of jargon and want to know what's really happening behind the scenes, from market consolidation through to the real world impact on practitioners and products, this one's for you.3 key talking points you won’t want to miss:Why VC money is slowing and what that means for innovationWe explore the shifting strategies of venture capital in the security industry: what’s drying up, where the smart bets are moving and whether this environment is strangling real progress.The reality behind “consolidation” and the myth of the mega-vendorOliver unpicks the idea of market consolidation and explains why, despite the headlines, the security market remains fragmented and why there’s unlikely to be a handful of companies owning it all.What start-ups really need to survive in the current marketWe talk through the pitfalls, survival tactics and realities facing new security vendors. From the importance of business fundamentals to why flashy tech might not be enough, you’ll get practical insight into turning great ideas into sustainable businesses.Tune in for a realistic look at the business side of cybersecurity, packed with lessons directly from the experts.The Startup Funding Struggle:"No one's getting any money. Not the investors, not the VCs. They've had rounds of layoffs in the VC industry, which you can imagine, the people with money have had layoffs."Oliver RochfordListen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, you’ll learn:Why VC Funding Has Hit Crisis Point: Discover why venture capital investment has frozen in cybersecurity, with VC funds now at 13-14 years (well beyond the typical 10-year lifecycle) and no viable exits in sight and why even VCs themselves are having layoffs.How Major Vendors Are Replacing Traditional VCs: Learn why Cisco, Okta and Zscaler have established their own investment arms and how this shift is concentrating power whilst reducing diversity in startup selection.What's Really Happening Behind the Scenes: Understand how silent fire sales are occurring and why limited partners are refusing to invest further, stalling new cybersecurity ventures.Why "Consolidation" Is Actually a Myth: Learn why the cybersecurity vendor landscape remains highly fragmented despite headlines suggesting otherwise and why no single vendor will ever dominate.How Cybersecurity Compares to Other Tech Markets: Discover why the total...

  --------  

  42:41

  --------

  42:41
• The SME Cybersecurity Revolution: How Coro Cracked the Code

  Are small and medium-sized businesses finally getting the cybersecurity solutions they deserve - or is the market still leaving them exposed?Welcome back to Razorwire, the podcast where I investigate the real world challenges and breakthroughs in cybersecurity, bringing you the stories and advice of the industry’s leading minds. I’m Jim, and in this episode, I’m sitting down with Piers Morgan - no, not that Piers Morgan - who serves as Senior Vice President and General Manager for EMEA at Coro cybersecurity. We’re exploring the future of endpoint security for small and medium-sized businesses and why this sector is seeing a big shift in how security is delivered, priced and managed.In our conversation, we get frank about the tangled mess of security tools, why dashboards are driving everyone mad and how the industry’s obsession with complexity has left the “forgotten” mid-market crying out for help. Piers shares how Coro is shaking up the space with unified, affordable security, without the vendor lock-in and upsell traps that so often sting growing businesses.Key Talking Points:The end of the dashboard nightmare: Discover why having “one pane of glass” for your entire security stack has become more than just marketing hype for smaller firms, and how Coro is actually delivering on this long standing promise.Security without breaking the bank: We dig into the true cost of endpoint protection and how most businesses are burning cash on complex tools they barely use. Learn what a flat rate, scalable approach really looks like in practice.What’s next in SME security: Hear how Coro’s approach to AI and automation is giving small businesses access to enterprise-grade defences, along with Piers’ view on where the market is heading, the threats reshaping mid-sized risk and why managed services are becoming the new frontline for the channel.If you’re a cybersecurity professional, consultant or MSP grappling with SME security demands, you’ll hear practical insights and perhaps question a few of your own assumptions about what’s possible for the “forgotten middle” of our industry.On the cost burden for smaller businesses:"It can go up to fifteen hundred dollars a seat a year. Now, when you're timesing that by a few hundred licences and users, that's a significant amount of cash. We can manage it in one single platform... we can do it up to a tenth of the cost of what they're currently using today."Piers Morgan (Coro)Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:Escape the multiple dashboard trap Learn why juggling numerous disconnected security platforms creates operational chaos and discover practical approaches to streamline your security operations. Right-size security solutions for smaller organisations Understand how to match your security investments to your actual needs and resources, avoiding the enterprise-focused tools that often overwhelm smaller teams. Implement unified security platforms effectively Discover how to evaluate and deploy consolidated security solutions that deliver enterprise-grade protection without the complexity or cost. Calculate the true cost of your security stack Learn to audit your current security spending and identify where you're paying for unused capabilities or redundant tools. Adapt your security strategy to...

  --------  

  40:29

  --------

  40:29

More Business podcasts

Trending Business podcasts

About Razorwire Cyber Security Insights