In this conversation, Mehmet is joined by Gerald Beuchelt and Subu Rao, two cybersecurity leaders from Acronis, to unpack the evolving threat landscape, the rise of AI in both offense and defense, and why cyber resilience has become a board-level priority.

They break down what CISOs need to know, how MSPs can create new value, and what frameworks actually work in the real world. If you want a clear and practical blueprint for building resilience, this episode is for you.

👤 About the Guests

Gerald Beuchelt

Chief Information Security Officer at Acronis, with more than 14 years of experience securing global environments across multiple industries. Gerald leads cybersecurity, IT infrastructure, and corporate security strategy, with deep knowledge in AI-driven defense, risk management, and enterprise resilience.

https://www.linkedin.com/in/beuchelt/

Subu Rao

Senior Manager of Cybersecurity Solutions Strategy at Acronis, focused on cyber resilience for MSPs and mid-market organizations. Subu brings over 15 years of experience in identity security, cloud security, and resilience engineering across global security vendors.

https://www.linkedin.com/in/raos/

https://www.acronis.com/en/

💡 Key Takeaways

• Cyber resilience and cybersecurity are not the same. One focuses on protection, the other on recovery and adaptation.

• AI is already used by attackers and defenders. Ignoring it increases risk.

• MSPs have a major opportunity to monetize resilience, not just protection.

• Most breaches still start with basic failures like weak passwords and unpatched systems.

• Boards do not want CVE numbers. They want business risk in plain language.

• The right balance between risk appetite and risk tolerance shapes the entire security program.

• Backups alone are not enough. Tested, measurable recovery plans are essential.

• Availability is often the forgotten piece of the CIA triad.

⸻

🎧 What Listeners Will Learn

• The current global threat landscape

• How AI is changing cyber offense and defense

• The difference between cybersecurity and cyber resilience

• What MSPs should do today to serve customers better

• How CISOs can communicate risk to non-technical boards

• Practical frameworks for resilience and business continuity

• Why regional exposure influences risk strategy

• The most common mistakes companies still make in 2025

⸻

⏱️ Episode Highlights & Timestamps

00:00 Introduction and welcome

01:00 Meet Gerald and Subu

04:00 The real state of cyber threats today

05:30 Why basic hygiene failures still cause most breaches

08:30 How attackers are using AI

10:00 The future of automated SOCs

12:00 Are threat patterns different by geography

15:00 Why every company is a target

16:00 Cybersecurity vs cyber resilience explained in simple terms

18:00 How to build resilience without enterprise budgets

21:00 MSPs and the opportunity to lead resilience consulting

24:30 Understanding crown jewels and business impact

26:00 How Acronis-style failover models change the game

29:00 Where boards should start with security frameworks

32:00 Risk appetite vs risk tolerance

36:00 Why security cannot decide in isolation

40:00 Compliance, mandates, and real world frameworks

45:00 How MSPs can craft resilience offerings

48:00 Final advice for CISOs and MSPs

51:00 Closing thoughts and wrap up