PodcastsBusinessRazorwire Cyber Security & InfoSec Insights

Razorwire Cyber Security & InfoSec Insights

Razorthorn Security | Cybersecurity & InfoSec
Razorwire Cyber Security & InfoSec Insights
Latest episode

101 episodes

  • Razorwire Cyber Security & InfoSec Insights

    From ISDN to AI - Two Veterans on How Defence in Depth Has Changed

    2026/07/01 | 51 mins.
    Defence in depth has evolved every time the technology landscape has shifted. The internet, virtualisation, cloud, SaaS. AI is the next shift, and the old model isn't keeping up.
    Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, I'm joined once again by Martin Voelk, co-founder of SpartanX and an ethical hacker with nearly 26 years in cybersecurity.
    Every major technology shift has forced security teams to rethink how they protect their organisations. The internet moved data outside the building. Virtualisation and cloud meant infrastructure was no longer yours to control. Each time, defence in depth had to evolve. AI is the latest shift, and it may be the one that breaks the model entirely.
    We trace the journey from on-prem data centres and ISDN routers through to a world where AI agents act autonomously, supply chains are built on unverified code and the offensive side of AI is outpacing the defensive side at a rate security teams can't match. They get into why every AI agent needs its own identity, why shadow AI is a problem most organisations haven't begun to address and why the only realistic answer to AI-powered attacks is AI-powered defence.
    Three key talking points:
    Defence in depth has always evolved, but this time it's different:
    Every previous technology shift gave security teams time to catch up. AI isn't offering that. The pace of change is faster than most organisations can respond to, and the defensive tooling hasn't kept pace with what the offensive side can already do.
    AI agents need to be treated like people:
    Every AI agent needs its own identity, authentication and authorisation policies. Without that, a compromised agent can act under a human user's name with no way to tell the difference. The legal and forensic implications are enormous and largely unsolved.
    The offensive side is winning:
    AI is finding vulnerabilities faster than teams can fix them. Alert volumes are overwhelming SOCs, attackers are using AI-generated noise to mask real attacks and human in the loop is becoming unworkable at scale. The only realistic counter is defensive AI, but it isn't mature yet.
    Defence in depth has survived every technology shift so far. AI is testing it in ways we haven't seen before. If you're responsible for securing an organisation that's adopting AI, this is the conversation to listen to.
    On why security teams are always one step behind:
    "We don't have the ability to figure out what's going on until it's already happened. We don't have that technology yet."
    James Rees
    Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
    In this episode, we covered the following topics:
    The Evolution of Defence in Depth
    From ISDN and on-prem data centres to cloud and SaaS, we trace how defence in depth has evolved with every major technology shift.
    Why AI Is Different
    Previous shifts gave security teams time to adapt. We discuss why AI isn't offering that luxury.
    Supply Chain Risk and Unverified Code
    Open source code from GitHub, AI skills downloaded from the web, integrations nobody has reviewed. Discover why the modern supply chain is built on foundations most organisations haven't verified.
    Third Party Risk Management Is Broken
    AI fills in vendor questionnaires and AI reviews the answers. We get into why the current TPRM process is fundamentally flawed.
    Shadow AI
    Learn why unapproved AI usage is one of the hardest risks to detect and why most organisations have no way of monitoring it.
    Continuous Authentication
    Single sign-on isn't enough anymore. We discuss why continuous authentication is becoming essential in environments where AI agents operate alongside human users.
    AI Agent Identity and Accountability
    Find out why every AI agent needs its own identity and access controls, and what happens when a compromised agent acts under a human user's name.
    Alert Fatigue as an Attack Vector
    Flooding a SOC with noise to mask a real attack isn't new, but AI makes it possible at a scale that's almost impossible to manage.
    Prompt Injection via Log Files
    Find out how a prompt injection hidden in a standard HTTP header was used to trick a summarisation agent into exfiltrating data.
    The Case for Defensive AI
    Offensive AI is outpacing the defensive side. We discuss why AI-powered defence is the only realistic answer and why it isn't mature yet.

    Resources Mentioned
    SpartanX
    Martin Voelk - LinkedIn
    Kali Linux
    Docker
    Ollama
    Hugging Face
    DeepSeek
    CrowdStrike
    GitHub

    Connect with your host James Rees
    Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.
    Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.
    With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.
    For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.
    If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.
    LinkedIn: Razorthorn Security
    YouTube: Razorthorn Security
    TikTok: Razorwire Podcast
    Instagram: Razorwire Podcast
    Twitter: @RazorThornLTD
    Website: www.razorthorn.com
    All rights reserved. © Razorthorn Security LTD 2025
  • Razorwire Cyber Security & InfoSec Insights

    Daybreak and the Battle for AI Security: The Arms Race Accelerates

    2026/06/17 | 50 mins.
    AI used to be something security vendors built into their own products. Now OpenAI is going direct, positioning itself as the layer that security runs on. What does that mean for the rest of the industry?
    Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, I'm joined again by Jon Care, Head of the AI Practice at KuppingerCole, to unpack OpenAI's launch of Daybreak.
    OpenAI launched Daybreak on 11 May 2026. It's not a security product, it's a platform play designed to embed AI-driven security directly into the development lifecycle, with a three-tier access model and a partner programme that includes Cisco, CrowdStrike, Palo Alto and a dozen other major vendors. This is OpenAI's bid to become the infrastructure that security runs on.
    But the governance questions are enormous. Who counts as a "verified defender"? Who decides? What happens when someone with access changes jobs or gets laid off? And when the same model families sit on both sides of the equation, how do you govern dual use? Jim and Jonathan argue the industry urgently needs an independent regulatory body to oversee access to these capabilities. The conversation also gets into China's response to Western chip restrictions and why the idea that any one country can control AI capability is already looking outdated.

    Three key talking points:
    Daybreak isn't a product, it's a platform land grab: OpenAI isn't selling to security vendors the way AI has traditionally been integrated into the market. It's going direct to CISOs and development teams, bypassing the existing vendor layer entirely. This episode gets into what that means for the security market and why the major vendor partnerships may not be enough to mask the disruption.
    The governance gap nobody has answered: Daybreak gates access based on "verified defender" status, but there's no public specification of what that means, no independent auditing and no appeals process. This episode raises the uncomfortable questions about who qualifies, what happens when access follows a person rather than an organisation and what model could end up benefitting the industry the most.
    You can't contain capability: China's response to Western chip restrictions has been to develop its own hardware at pace, certifying nine domestically designed AI processors for state procurement. The assumption that any single country can control access to frontier AI capability is already looking outdated and that has serious implications for everything from dual use governance to the future of the AI arms race.

    Daybreak launched on the same day Google confirmed the first AI-built zero day. If you care about where the security market is heading, this is the conversation to listen to.

    On who controls access to AI security capability:
    “OpenAI sets the criteria, OpenAI approves or denies and OpenAI monitors usage. For those of you who noticed, I said OpenAI three times in that past sentence. That was deliberate.”
    Jon Care
    Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
    In this episode, we covered the following topics:
    What Daybreak Actually Is Find out what OpenAI's Daybreak initiative involves and why it's being positioned as infrastructure rather than a product.
    A Platform Land Grab Explore why Daybreak is OpenAI's bid to own the security developer toolchain and what that means for the existing vendor ecosystem.
    Partner Asymmetry Major vendors get early and deeper access. We discuss what that means for everyone else.
    Who Counts as a "Verified Defender"? There's no public specification, no independent auditing and no appeals process. We get into why that's a problem.
    Dual Use Governance The same models are being used for offence and defence. Discover why that raises questions nobody has answered yet.
    Credential Portability What happens when someone with access to the most permissive tier gets laid off or changes jobs?
    The Case for Independent Regulation We discuss why the industry needs an equivalent of PCI DSS for AI security access, independent of any single government or vendor.
    AI vs AI Daybreak launched the same day Google confirmed the first AI-built zero day. We discuss what that signals about where the arms race is heading.
    China's Hardware Response Huawei unveiled Logic Folding and China certified nine domestically designed AI processors. The assumption that any country can gate AI capability is already outdated.
    Human in the Loop Is Dying The speed of AI development is outpacing human decision-making. We discuss why this concept may already be obsolete.

    Resources Mentioned
    OpenAI Daybreak
    Anthropic Mythos / Project Glasswing
    Microsoft MDASH
    CyberGym benchmark
    Google first AI-built zero day
    Huawei LogicFolding / Tau Scaling Law
    PCI DSS / PCI Security Standards Council
    KuppingerCole
    Bank of Dave (film)
    Snyk
    Socket
    Endor Labs
    GitHub Advanced Security

    Connect with your host James Rees
    Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.
    Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.
    With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.
    For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.
    If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.
    LinkedIn: Razorthorn Security
    YouTube: Razorthorn Security
    TikTok: Razorwire Podcast
    Instagram: Razorwire Podcast
    Twitter: @RazorThornLTD
    Website: www.razorthorn.com
    All rights reserved. © Razorthorn Security LTD 2025
  • Razorwire Cyber Security & InfoSec Insights

    Third Party Risk in the Age of AI. A Spotlight on Black Kite

    2026/06/03 | 50 mins.
    Your vendors are adopting AI faster than you can assess them. What does that mean for your third party risk?
    Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this Spotlight on Technology episode, I'm joined by Jeffrey Wheatman, Senior Vice President and Cyber Risk Strategist at Black Kite. Jeffrey previously spent over a decade as an analyst VP at Gartner where he launched their third party cyber risk management coverage.
    Third party risk management used to be fairly straightforward. If finance was happy and legal had done their redlining, you signed the contract and moved on. That world is gone. Organisations are now dependent on layers of vendors, suppliers and service providers, and the chain goes deeper than most security teams can see. When a logistics company can go from operational to out of business in five months after a ransomware attack, and one incident at Jaguar Land Rover can measurably affect UK GDP, the question isn't whether third party risk matters. It's whether your programme can keep up.
    This episode covers how the old model of spreadsheets and questionnaires is giving way to intelligence-led continuous monitoring, why AI has made the problem exponentially harder and how Black Kite is helping organisations cut through the complexity, from mapping supply chain connectivity and scoring ransomware susceptibility to cutting a 500-question vendor questionnaire down to 30.

    Three key talking points:
    You can't protect what you can't see: Most organisations know who their biggest vendors are. Beyond that, it gets murky fast. This episode gets into why even mature organisations still struggle to see past the first or second layer of their supply chain, why figuring out which vendors actually matter is harder than it sounds and why Jeffrey always tells people to solve their third party problem before worrying about their fourth.
    AI just made your third party programme ten times harder: Your vendors are already using AI, whether they've told you or not. The person you're speaking to may not even know, because it could be embedded two or three layers down. Meanwhile the market is flooded with AI solution claims and attackers are using it to move faster than ever. This episode covers the three ways AI is complicating third party risk and why most organisations haven't even begun to get their AI governance right.
    From questionnaires to continuous intelligence: The old model of sending out hundreds of questions, hoping for honest answers and filing the results is finished. This episode covers how the industry is moving from periodic assessment to continuous monitoring, why real data beats self-reported questionnaires and how platforms like Black Kite are helping organisations focus on the vendors that actually pose a risk.

    If your third party risk programme is still running on spreadsheets and annual reviews, this episode will make you uncomfortable. And it should.

    On why most organisations don't know which vendors matter most:
    “I always badly paraphrase Animal Farm by George Orwell. All your vendors are equal, but some vendors are more equal than others. And most people don't really know how to figure that out.”
    Jeffrey Wheatman
    Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
    In this episode, we covered the following topics:
    When a Vendor Goes Down, You Go Down With Them We discuss why the conversation has shifted from data protection to operational resilience.
    The Nth Party Problem Most organisations can't see past the first or second layer of their supply chain. The web of interconnected vendors is far more complex than it looks – we talk about where to start if you haven't solved your third party basics yet.
    Concentration Risk and Single Points of Failure Heavy reliance on a handful of major cloud providers creates risks that can't easily be mitigated. We explore what you can realistically do about it.
    Three Ways AI Is Complicating Third Party Risk Discover why AI isn't just changing the threat landscape for your own organisation but fundamentally altering how you need to think about every vendor in your supply chain.
    Shadow AI in Your Supply Chain Learn why shadow AI in your vendor ecosystem is a growing risk when most organisations' AI governance isn't anywhere near ready to deal with it.
    The AI Vendor Bubble Find out why many AI companies are currently selling their services at a loss, and what this means for organisations that have built critical processes around vendors that might not survive when the economics catch up.
    Moving Beyond Spreadsheets and Questionnaires Find out why self-reported questionnaires and periodic assessments can't keep up anymore, and what's replacing them.
    How Black Kite Approaches Third Party Risk Explore what an intelligence-led approach to third party risk actually looks like in practice and why it's a fundamentally different model to what most organisations are used to.
    The Ownership Problem No two organisations agree on who owns third party risk. Find out why this inconsistency creates serious governance gaps and why it matters more than ever as the scope of the problem grows.
    Resources Mentioned
    Black Kite
    Jeffrey Wheatman on LinkedIn
    Black Kite's Third Party Risk podcast
    K&P Logistics / Knights of the Old (ransomware case study)
    Jaguar Land Rover (supply chain breach impact)
    DORA (EU banking regulation)
    MITRE ATT&CK
    OpenFair (cyber risk quantification)
    GA3 framework (Black Kite's AI governance add-on)
    Threat Tracev (Black Kite's NetFlow-based offering)
    RSA Conference
    Project Glasswing / Mythos (Anthropic)
    OpenAI Daybreak
    All rights reserved. © Razorthorn Security LTD 2025
  • Razorwire Cyber Security & InfoSec Insights

    Deeper Deepfakes - Why You Can No Longer Trust What You See

    2026/05/20 | 50 mins.
    It took 10 minutes and a free online tool to deepfake Jim's voice, with no expertise and no cost involved.
    Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, I'm joined again by Alexandra Jorissen from identifAI, alongside Lorenzo Zoffoli, a cybersecurity professional with 12 years of experience. Following the huge response to our first deepfakes episode, which set a bit of a channel record with the number of views, we go further into the technology, the threats and what organisations can actually do about it.
    The episode opens with a deepfake of Jim's voice, created by Lorenzo using a free online tool and 5 seconds of audio from our YouTube channel. It took 10 and cost nothing. That sets the tone for a conversation that goes well beyond what was covered in the first episode, into the industrialisation and scalability of deepfake attacks, the personalisation that makes them almost impossible to spot and why visual and audio content can no longer be treated as proof of truth.
    From a Dutch bank discovering 46 fraudulent accounts opened by one person using deepfakes, to personalised attacks targeting family members and high net worth individuals, the threat has moved well beyond the boardroom. This episode gets into what organisations can actually do about it, from how detection technology works and where it fits in a security stack, to why verifying identity in digital spaces needs to become as normal as challenging someone without a badge in a physical office.
    Three key talking points:
    The industrialisation of deepfake attacks: Creating a convincing deepfake used to take time, expertise and significant effort. That barrier has almost disappeared. Attacks can now be generated, refined and reused across hundreds of targets at speed and at almost no cost, using nothing more than publicly available social media content and free online tools.
    It's not just organisations at risk anymore: The first episode focused on corporate threats like fake board meetings and expense fraud. This one goes further into the personal risk, from deepfaked voice messages impersonating family members to compromising images generated from a single photograph. The technology doesn't care whether the target is a CISO or someone's mum.
    Why detection is now part of defence in depth: Deepfake detection needs to sit alongside email security, EDR and the rest of the standard security stack. This episode gets into how detection works at a pixel and byte level, why results are probabilistic rather than binary and what happens if smaller organisations are priced out of access.

    If you caught the first episode, this one goes further. If you didn't, take a look! Either way, deepfakes aren't just on their way. They're already here.

    On why the real problem is what we're not catching:
    “We need to put doubt in any digital media we handle and get used to trying to verify if content coming from unknown sources can be manipulated or completely generated by AI tools.”
    Lorenzo Zoffoli
    Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
    In this episode, we covered the following topics:
    The Industrialisation of Deepfake Attacks Understand why deepfake attacks are no longer handcrafted for single targets but can be generated, refined and deployed at scale across hundreds of victims simultaneously.
    46 Fake Bank Accounts at a Major Dutch Bank How one person used deepfakes to open 46 fraudulent accounts at ABN AMRO and why it was only caught because of a fluke.
    Personalised Social Engineering at Scale Discover how AI-driven attacks are now tailored to individual targets using publicly available data, making phishing attempts feel familiar, urgent and highly credible.
    The Personal Risk: Family, VIPs and Romance Scams Explore the extent to which deepfake threats extend beyond corporate targets, from cloned voice messages impersonating family members to compromising images generated from a single photograph.
    Why Seeing Is No Longer Believing Find out why visual and audio content can no longer be treated as proof of truth and why human senses alone are no longer enough to detect manipulation.
    How Deepfake Detection Actually Works We discuss how detection tools analyse images and video, why results are expressed as probabilities rather than certainties and why organisations need to determine their own thresholds for action.
    Liveness Checks Are Already Being Bypassed Find out why the "turn your head left, turn your head right" verification that banks and identity platforms rely on is already being beaten by newer deepfake models.
    Normalising Verification in Digital Spaces Explore why challenging a suspicious video call or email needs to become as normal as stopping someone without a badge in a physical office.
    Deepfake Detection as Part of Defence in Depth Understand why deepfake detection now needs to sit alongside email security, EDR and the rest of the standard security stack.

    Resources Mentioned
    identifAI
    ABN AMRO deepfake bank account fraud
    Mobile World Congress Barcelona
    Nanobanana (image generation tool referenced for realism)
    Will Smith spaghetti meme (referenced for AI quality progression)
    Google badge policy (referenced by Alex as example of normalised verification)

    Connect with your host James Rees
    Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.
    Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.
    With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.
    For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.
    If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.
    LinkedIn: Razorthorn Security
    YouTube: Razorthorn Security
    TikTok: Razorwire Podcast
    Instagram: Razorwire Podcast
    Twitter: @RazorThornLTD
    Website: www.razorthorn.com
    All rights reserved. © Razorthorn Security LTD 2025
  • Razorwire Cyber Security & InfoSec Insights

    Useful or Spam? A CISO's Guide to Vendor Outreach

    2026/05/06 | 54 mins.
    Why do so many vendors still get it wrong when selling to security leaders?
    Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, I'm joined by Marius Poskus, CISO at a fintech organisation and host of the Cyber Diaries podcast, and Simon Woods, co-founder of One Compliance and a salesperson who's been working in cybersecurity sales for over 15 years.
    If you're a CISO, you already know how this goes. The same regurgitated emails, the "just 30 seconds of your time" cold calls, the pitches that lead with product features instead of understanding what problem you're actually trying to solve. It's one of the most complained about topics on LinkedIn and in this episode we sit down with a CISO who gets sold to every day and also someone who does the selling to talk about why so much of it is broken.
    The conversation covers why persistence without research is just spam, why the best vendor relationships take years to build, why AI-generated outreach is making things worse and what salespeople actually need to do differently if they want to get through the door. Whether you're on the receiving end of the hundredth cold approach this week or you're a vendor trying to work out why nobody's responding, there's something in this for both sides.

    Three key talking points:
    Why most sales approaches fail before they even start: Sales in cybersecurity has a low barrier to entry, and it shows. We talk why the industry seems to have settled into a cycle of lazy, templated outreach that treats every CISO the same. We cover why this isn't just annoying for the people on the receiving end but how it actively damages the reputation of vendors who might genuinely have something useful to offer.
    Relationships over transactions: The best vendor relationships in cybersecurity don't start with a sale. They start with genuine engagement, understanding someone's challenges and being useful before there's any commercial benefit. This episode makes the case that the salespeople who build real connections, who act as a first port of call rather than a product pusher, are the ones who eventually get through the door.
    What good actually looks like: So what does getting it right look like? We break down the practical habits and mindset shifts that separate the salespeople who get responses from the ones who get blocked, and why the answer has far less to do with product knowledge than most people think.

    If you've ever wanted to tell a salesperson exactly where they're going wrong, this episode does it for you. And if you're the salesperson, consider this a free masterclass.

    On what every salesperson should think about before hitting send:
    “Salespeople are not trying to understand the problems that CISOs face. It's all about selling features and product instead of understanding where the pain points are."
    Marius Poskus
    Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
    In this episode, we covered the following topics:
    Why Your Inbox Is Full of Rubbish Find out why so many vendor approaches are lazy, untargeted and AI-generated, and why the low barrier to entry in cybersecurity sales means it's unlikely to improve any time soon.
    What Makes a Vendor Worth Your Time Discover the signs that a vendor has actually done their homework, understands your challenges and is worth a conversation, versus the ones who are just working through a list.
    How to Spot a Vendor Who's Out of Their Depth Learn the warning signs that someone is bluffing through a technical conversation rather than being honest about what they know and don't know, and why that should affect your procurement decisions.
    What You Can Tell From a Single Email Understand why the first approach from a vendor tells you almost everything you need to know about whether they're worth engaging with, and what the red flags look like.
    Why Vendors Keep Getting It Wrong Find out why so much sales outreach in cybersecurity follows the same broken playbook, and why understanding the mechanics behind it helps you filter faster.
    It's Not Just Vendors Explore why recruiters, lead generation companies and adjacent industries are all guilty of the same lazy outreach, and why CISOs are getting hit from every direction, not just product sales.
    When a Vendor Relationship Actually Pays Off Find out what a genuinely useful vendor relationship looks like from the buying side and how to recognise when someone is investing in you rather than just your budget.
    Managing the Noise So You Don't Miss What Matters Understand why the sheer volume of bad outreach creates a real risk of filtering out the vendors who could genuinely help, and how to build a process that catches the good ones without drowning in the rest.

    Resources Mentioned
    Never Split the Difference by Chris Voss
    One Compliance
    RMI Cyber
    Cyber Diaries podcast
    CTRL+ALT+DEFEND
    Connect with your host James Rees
    Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.
    Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.
    With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.
    For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.
    If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.
    LinkedIn: Razorthorn Security
    YouTube: Razorthorn Security
    TikTok: Razorwire Podcast
    Instagram: Razorwire Podcast
    Twitter: @RazorThornLTD
    Website: www.razorthorn.com
    All rights reserved. © Razorthorn Security LTD 2025
More Business podcasts
About Razorwire Cyber Security & InfoSec Insights
Cybersecurity is evolving — and so should you. Razorwire brings the open conversations that give you the edge. Welcome to the Razorwire podcast — your resource for practical advice, expert insights, and real-world conversations on cybersecurity, information security (InfoSec), risk management, governance, security leadership, human factors, and industry trends. Our mission is to help you build a stronger cybersecurity career while supporting a dynamic, agile community of professionals committed to continuous improvement. Each episode brings you actionable advice and real experiences from your host, James Rees — an information security specialist with over 25 years of experience — and from a range of respected guests across the cybersecurity industry. Together, we explore everything from technical strategies and compliance challenges to security culture, communication skills, and leadership development. James Rees is the founder of Razorthorn Security, providing expert consultancy and testing services to a wide range of organisations, including many Fortune 500 companies. His practical, no-nonsense approach helps organisations manage cybersecurity risks effectively while strengthening resilience. The Razorwire podcast is designed for cybersecurity professionals who want to stay ahead, sharpen their skills, and confidently respond to the challenges of today's evolving threat landscape. We believe collaboration is key to stronger security — and Razorwire gives you the conversations that help you achieve it. For more information about us, or if you have questions you'd like discussed on the show, email podcast@razorthorn.com or visit www.razorthorn.com.
Podcast website

Listen to Razorwire Cyber Security & InfoSec Insights, Aspire with Emma Grede and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features