In the leadership and communications segment, Lack of board access: The No. 1 factor for CISO dissatisfaction, Pressure on CISOs to stay silent about security incidents growing, The Secret to Building a High-Performing Team, and more!

Jackie McGuire sits down with Chuck Randolph, SVP of Strategic Intelligence & Security at 360 Privacy, for a gripping conversation about the evolution of executive protection in the digital age. With over 30 years of experience, Chuck shares how targeted violence has shifted from physical threats to online ideation—and why it now starts with a click.

From PII abuse to unregulated data brokers, generative AI manipulation, and real-world convergence of cyber and physical risks—this is a must-watch for CISOs, CSOs, CEOs, and anyone navigating modern threat landscapes. Hear real-world examples, including shocking stories of doxxing, AI-fueled radicalization, and the hidden dangers of digital exhaust.

Whether you're in cyber, physical security, or executive leadership, this interview lays out the urgent need for converged risk strategies, narrative control, and a new approach to duty of care in a remote-first world. Learn what every security leader needs to do now to protect key personnel, prevent exploitation, and build a unified, proactive risk posture.

This segment is sponsored by 360 Privacy. Learn how to integrate privacy and protective intelligence to get ahead of the next threat vector at https://securityweekly.com/360privacybh!

In this exclusive Black Hat 2025 interview, CyberRisk TV host Matt Alderman sits down with Tom Pore, AVP of Sales Engineering at Pentera, to dive into the rapidly evolving world of AI-driven cyberattacks. What’s happening?

Attackers are already using AI and LLMs to launch thousands of attacks per second—targeting modern web apps, exploiting PII, and bypassing traditional testing methods. Tom explains how automated AI payload generation, context-aware red teaming, and language/system-aware attack modeling are reshaping the security landscape. The twist? Pentera flips the script by empowering security teams to think like an attacker—using continuous, AI-powered penetration testing to uncover hidden risks before threat actors do. This includes finding hardcoded credentials, leveraging leaked identities, and pivoting across systems just like real adversaries.

To learn more about Pentera's proactive Ransomware testing please visit: https://securityweekly.com/penterabh

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-413

With volatility now the norm, security and risk leaders need practical guidance on managing existing spending and new budgetary necessities. Where should they look?

Jess Burn, Principal Analyst at Forrester Research, joins Business Security Weekly to discuss Forrester's Budget Planning Guide 2026: Security And Risk. This data-and-insights-driven report provides spending benchmarks and recommendations that will help you budget for an unpredictable near term while enabling the business and mitigating the most critical risks facing your organization. If you're preparing your 2026 budgets, don't miss this interview where you'll learn where to invest, divest, and experiment.

From the buzzing floors of BlackHat 2025 in Las Vegas, CyberRisk TV brings you an exclusive sit-down with Danny Jenkins, CEO & Co-Founder of ThreatLocker. In this high-energy interview, host Doug White dives deep into the real-world challenges of FedRAMP compliance, the million-dollar prep lessons, and the critical importance of secure configurations.

Danny shares unfiltered insights into Defense Against Misconfigurations — ThreatLocker’s new approach that helps organizations lock down endpoints, enforce application control, and spot hidden risks before attackers do. From Russian-made 7Zip to Chinese coupon clippers lurking in browsers, the conversation reveals shocking examples of threats hiding in plain sight.

Whether you’re a cybersecurity pro, IT leader, or compliance specialist, this interview offers a rare, behind-the-scenes look at the pain, process, and payoff of operating at the highest security standards in the industry.

Segment Resources: https://threatlocker.com/platform/defense-against-configuration?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=blackhat25q325&utmcontent=blackhat25&utm_term=podcast

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerbh to learn more about them!

Live from the CyberRisk TV studio at Black Hat 2025 in Las Vegas, host Matt Alderman sits down with Matt Muller, Field CISO at Tines, for a deep-dive into how Security Operations Centers must evolve. From blowing up the outdated tier system to empowering junior analysts with AI, this conversation uncovers the real strategies driving next-gen cyber defense.

Muller explains why traditional SOC models create burnout, how AI can flatten team structures, and why measuring the right metrics—like Mean Time to Detect—is critical for success. They tackle the balance of human + AI orchestration, the security challenges of non-human identities, and how to rethink access controls for a machine-augmented future.

If you care about SOC transformation, AI-driven security workflows, and cyber resilience at scale, this is the conversation you can’t afford to miss. Watch until the end for practical insights you can start applying today in your own security operations.

This segment is sponsored by Tines. Visit https://securityweekly.com/tinesbh to learn more about them!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-412

The cybersecurity industry is undergoing a consolidation wave that is moving far faster than many realize. This isn’t at all about CISOs wanting fewer tools as much as some would like to think - the changes are happening at the macro level. Ross Haleliuk joins BSW to present the most comprehensive illustration ever made of how our industry has consolidated over the past 20 years, showing how 200 companies turned into just 11.

Then we cover our quarterly Security Money segment. The markets are on a high, but the Security Weekly 25 index dips. What's up? We'll dig into the latest earnings and news for both the public and private security markets.

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-411

Securing top-tier cybersecurity leadership is not just a necessity but a significant challenge, especially when working within budget constraints. Should you hire a full-time CISO or outsource to a vCISO provider?

Brian Haugli, CEO at SideChannel, joins BSW to discuss how organizations can hire a Virtual CISO (vCISO) to benefit from their expertise without the costs and resource requirements of a full-time hire. Brian will share:

• Current vCISO trends
• What to look for in vCISO services
• Who fits/doesn't fit as a vCISO

vCISOs can be an effective solution for organizations that need to enhance their security program or respond to a breach, but know what to look for. If you're in the market for vCISO services or want to become a vCISO, don't miss this interview.

In the leadership and communications segment, Boards should bear ultimate responsibility for cybersecurity, From WannaCry to AI: How CISOs Became Strategic Leaders, The Best Leaders Edit What They Say Before They Say It, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-410

The industry is obsessed with vulnerabilities. From vulnerability assessment to vulnerability management to exposure management and even zero days, we love to talk about vulnerabilities. But what about misconfiguration? By definition it's a vulnerability or weakness, but it doesn't have a CVE (common vulnerability enumeration). Should we ignore it?

Danny Jenkins, CEO and Founder at ThreatLocker, joins BSW to discuss why misconfigurations matter. Simply, you can prevent many cyberattacks by eliminating your misconfigurations. That's why ThreatLocker released Defense Against Configurations (DAC). Danny will discuss the benefits of DAC, including:

• Immediate visibility into system misconfigurations before they become vulnerabilities
• Compliance transparency, showing exactly where systems fall short of industry standards
• One unified view, with filters by criticality, system, and framework
• Actionable insights, updated weekly and delivered straight to customers’ inboxes

Segment Resources:

• https://www.threatlocker.com/press-release/threatlocker-launches-dac-empowering-organizations-with-real-time-visibility-into-configuration-risks-and-compliance-gaps
• https://www.threatlocker.com/platform/defense-against-configurations

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

In the leadership and communications segment, CEO Blind Spots That Put Your Company at Risk, The CISO Mindset Shift: From Risk Defender to Business Accelerator in the Age of AI, When “Yes, and…” Backfires, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-409

As brands grow more digital, the threats grow more personal. Attackers impersonate executives, spin up fake websites, and leak sensitive data — hurting business reputations and breaking customer trust. How do you defend your organization's reputation and customers' trust?

Santosh Nair, Co-Founder and CTO at Styx Intelligence, joins Business Security Weekly to discuss how to defend trust and reputation in the age of AI. Santosh will cover both the company and executive challenges of defending against the latest AI attacks, including:

• Impersonations and Deepfakes
• Employee Scams
• Financial Fraud

Segment Resources: - https://styxintel.com/blog/what-is-brand-protection/ - https://styxintel.com/blog/brand-impersonation-hurts-business/ - https://styxintel.com/blog/social-engineering-tactics/

In the leadership and communications section, Mind the overconfidence gap: CISOs and staff don’t see eye to eye on security posture, Your AI Strategy Needs More Than a Single Leader, Avoid These Communication Breakdowns When Launching Strategic Initiatives, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-408

Recent findings of AI ecosystem insecurities and attacks show the importance of needing AI governance in the supply chain. And this supply chain is rapidly expanding to include not only open-source software but also collaborative platforms where custom models, agents, prompts, and other AI resources are used. And with this expansion of third-party AI component and services use comes an expanded security threat often not included in traditional supply chain management processes. It's time to update our supply chain management process to include AI governance. Easier said than done.

In this Say Easy, Do Hard segment, we invite three CISOs to discuss the challenges of AI and the supply chain, including:

• Data privacy concerns
• Flaws and malicious code in AI dependencies
• Lack of security tools to test for AI
• Vibe coding risks

and more. But we also do the hard part, by discussing the changes needed to your supply chain management process to address these concerns.

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-407

In the leadership and communications section, The CISO code of conduct: Ditch the ego, lead for real, The books shaping today’s cybersecurity leaders, How to Succeed in Your Career When Change Is a Constant, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-406