Security You Should Know

All links and images can be found on CISO Series.
In this episode, Alastair Paterson, CEO and co-founder at Harmonic Security, explains how Harmonic Protect addresses these challenges by securing workforce AI adoption through browser-based visibility, endpoint agents, and MCP gateways. Joining him are Ross Young, co-host at CISO Tradecraft, and Johna Till Johnson, CEO and founder at Nemertes.
Want to know:

Why are enterprises still struggling with AI governance despite years of motivation to solve it?
How does Harmonic keep pace with 50,000+ AI products when the landscape changes monthly?
What's the difference between visibility, coaching, and blocking in AI governance?
How do you implement AI controls without creating thousands of new alerts for security teams?
Where does Harmonic fit in the multi-step process of setting policy, monitoring compliance, and enforcement?
How can CISOs measure the ROI of AI governance tools and benchmark against industry peers?
What's Harmonic's strategy with secure AI browsers?
Why should AI browsers be blocked by default in the enterprise?
What should CISOs prioritize for AI security in 2026?

Huge thanks to our sponsor, Harmonic Security

As every employee adopts AI in their work, organizations need control and visibility. Harmonic Security delivers AI Governance and Control, the intelligent control layer that secures and enables the AI-First workforce. By understanding user intent and data context in real time, Harmonic gives security leaders all they need to help their companies innovate at pace. Learn more at www.harmonic.security.

In this episode, Peter Worth, founder, president, and CEO at Athena Security, explains how their security operations platform addresses these challenges through unified detection and response. Joining him are Jason Taule, CISO at Luminous Health, and Will Gregorian, head of security at Galileo Medical.

Want to know:

Why are security teams still struggling with alert fatigue despite decades of awareness?
How does security product fragmentation create blind spots in enterprise defense?
What's the difference between indicators of compromise and indicators of attack?
How do AI anomaly detection systems avoid declaring malicious activity "normal"?
What strategies prevent model drift and adversarial poisoning in AI-based threat detection?
Why does each client need their own behavioral baseline model?
How do open source foundations impact enterprise security platform reliability?
Why are CISOs increasingly held personally accountable for security incidents?
Huge thanks to our episode sponsor, Athena Security Group
 
Athena Security Group delivers a best in class, AI enabled, Cyber Defense solution (SIEM, EDR, XDR & MDR) on top of Wazuh's award winning open-source SIEM/EDR platform, synthesizing and consolidating cyber security alert management and response across the entire security operations landscape, facilitating intelligent and efficient cybersecurity decision making and response for the modern enterprise, table stakes in the age of AI.

In this episode, Franz Fiorim, field CTO at Trend Micro, explains how Trend Vision One consolidates multiple cloud security tools across AWS, GCP, Azure, Oracle Cloud, and Alibaba Cloud to streamline management, automate controls, and reduce integration overhead. Joining him are Nick Espinosa, host of the Deep Dive Radio Show, and Jason Shockey, CSO at Cenlar FSB.
Want to know:
Why do organizations still struggle with cloud visibility despite years of cloud adoption?
How does Trend Micro reconcile security visibility with privacy laws across different jurisdictions?
What security frameworks does Trend Micro use to measure and define acceptable risk?
How does cyber risk quantification tie technical security metrics to business impact analysis?
What questions help determine the financial impact of potential security incidents?
How long does implementation take for fully cloud versus hybrid environments?
What safeguards prevent overdependence on a single security vendor?
Where does Trend Micro draw the line between automated decision-making and human oversight?
How does Trend Micro protect AI infrastructure and prevent sensitive data exposure in prompts?
Huge thanks to our sponsor, Trend Micro

 
Cloud risk never sleeps. That's why there's Trend Vision One™ Cloud Security. Gain comprehensive visibility and control over your multi-cloud and hybrid environments. Streamline compliance, manage risks proactively, and enhance operational efficiency with real-time risk assessments, automated vulnerability management, and centralized dashboards. Ensure robust protection and peace of mind for your cloud assets with the trusted leader in CNAPP.

All links and images can be found on CISO Series.
In this episode, Benny Lakunishok, co-founder and CEO at Zero Networks, explains how their automated approach to microsegmentation addresses these challenges by putting a network bubble around every asset, from clients and servers to OT devices and cloud resources, without requiring agents or breaking existing environments. Joining him are Shaun Marion, vp and CSO at Xcel Energy, and Doug Mayer, vp and CSO at WCG.
Want to know:
Why does complexity make lateral movement such a persistent problem despite years of awareness?
How can microsegmentation be deployed at scale without becoming a massive science project?
How does Zero Networks handle MFA and privileged access management across all asset types?
What happens if there's already a threat living in your environment during the learning phase?
How to segment OT environments that use different protocols beyond standard IT systems?
Can automated learning really create accurate policies without extensive human intervention?
How does network segmentation fit into AI capabilities and hybrid cloud strategies?
What's the real-world experience of customers who've deployed automated microsegmentation?
Huge thanks to our sponsor, Zero Networks


Zero Networks enables organizations to dynamically microsegment 90%+ of their networks in 90 days. The result? A self-defending, resilient network where defenders act with confidence, auditors gain clear assurance, and business operations continue uninterrupted. Step into the Era of the Defender with Zero – get a demo HERE.

All links and images can be found on CISO Series.
Traditional identity systems authenticate credentials and devices, but they can't verify who's actually behind them. Attackers use AI-generated IDs and deepfake videos to pass background checks, then clone voices to reset MFAs at the help desk. Identity has become the primary attack surface, and existing IAM platforms still trust the human layer far too easily.
In this episode, Fernanda Sottil, Senior Director of Strategy at Incode Technologies, explains how their solution adds a real-world identity layer that integrates seamlessly with existing IAM systems. Joining her are Nick Espinosa, host of the Deep Dive radio show and Bozidar Spirovski, CISO at Blue Dot.

Questions answered on the show:

How does Incode comply with GDPR when training AI models on employee facial data?
What happens when legitimate users get blocked, especially job candidates?
How does Incode maintain accuracy across 4,600 document types in 200 countries?
Can organizations see error rates and override the system when needed?
How quickly can Incode patch new attack vectors as adversarial threats evolve?
Huge thanks to our sponsor, Incode Technologies

Incode Workforce helps enterprises stop deepfakes, prevent fraud, and secure every identity moment. By matching an ID to a selfie with AI-powered biometrics, Incode confirms the real person behind each IAM interaction, safeguarding onboarding, access, and recovery with frictionless verification that ensures workforce security and trust at scale.