Charles Payne and Olivia Phillips join us to explore the evolving relationship between CISOs and BISOs, examining how business-focused security leadership is transforming cybersecurity from a technical function to a strategic business enabler.

• BISOs serve as the "Swiss army knife" of the CISO, bringing deeper business knowledge to security decisions
• The BISO role bridges the gap between technical security requirements and business objectives
• Both guests agree BISOs are well-positioned to become future CISOs due to their business acumen
• Quantifying security risks in financial terms changes board-level conversations (e.g., a $50K fix preventing a $6M loss)
• Business silos create hidden security costs when departments purchase redundant tools without coordination
• Transitioning from technical to strategic leadership requires learning to delegate and trust team members
• Strategic security leadership means focusing on business outcomes rather than getting lost in technical details
• AI will likely reshape junior security roles but also create opportunities for professional growth

Connect with our guests on LinkedIn: Olivia Phillips (#simplyolivia) and Charles Payne (#NYLCharlesPayne). Subscribe to the Cybernomics newsletter and YouTube channel for more insights on how security and business intersect.

Josh's LinkedIn

We explore organizational theory applications to AI agents and examine the transformation of Security Operations Centers through artificial intelligence solutions.

• Traditional organizational structures like military-style hierarchies are being applied to AI agent systems in cybersecurity
• Matrix organizations with multiple reporting lines have parallels in how specialized security agents might be organized
• Hierarchical structures appear most stable for organizing both human and AI behavior
• Conflict resolution between AI agents can be handled through trusted arbitrators or voting systems
• The SOC market is consolidating, with Zscaler recently acquiring Red Canary
• Companies with sensitive security needs will maintain internal SOCs while others may outsource
• Career opportunities are booming for prompt engineers and applied AI architects
• AI-assisted education shows remarkable efficiency compared to traditional learning methods
• Despite concerns about hallucinations, AI provides more reliable information than many human sources

Find Richard on LinkedIn or at his Substack (steenan.substack.com). Check out IT-Harvest.com and their AI solutions at HarvestIQ.ai.

Josh's LinkedIn

Josh Bruyning and Richard Stiennon explore how AI agents are fundamentally changing the SaaS industry and traditional software models. They discuss the shift from feature-based to outcome-based solutions and why companies must adapt to survive.

• Richard Stiennon shares insights about Security Yearbook 2025 and IT Harvest's database tracking over 4,340 cybersecurity vendors
• Introduction to Compliance Aid, a disruptive platform supporting 366 global compliance frameworks through conversational AI
• Analysis of why traditional SaaS companies must incorporate AI agents to remain competitive
• Discussion of the "agentification" trend: adding AI capabilities to specialized software platforms
• Exploration of how specialized knowledge maintains value when combined with AI capabilities
• Deep dive into AI's impact on employment, particularly for future graduates
• Warning for educational institutions that resist AI adoption instead of embracing it
• Comparison of the AI revolution to other technological transformations like desktop publishing

Check out IT Harvest at it-harvest.com and connect with Josh Bruning on LinkedIn to stay on the cutting edge of technology and AI.

Josh's LinkedIn

EU's complex regulatory environment creates both challenges and opportunities for businesses navigating data privacy, financial services, and healthcare regulations across member states.

• Significant differences exist between EU-wide regulations and country-specific implementations
• Large companies like Meta and Uber have faced multi-million Euro fines for GDPR violations
• Financial institutions struggle with innovation due to contradictory and slow-moving regulations
• Healthcare organizations often have regulations but lack enforcement, creating security risks
• AI adoption faces resistance similar to the US, though its implementation is transforming industries
• Traditional banks create separate "baby banks" with modern infrastructure to work around regulatory limitations
• Companies often underestimate marketing costs when entering EU markets due to privacy restrictions
• Red teaming employees creates privacy concerns that must be balanced with security needs
• Local legal expertise is essential when entering European markets to avoid costly compliance mistakes
• Every regulatory challenge also presents strategic opportunities for companies who understand the landscape

To learn more about Bruning Media and our services, visit bruning.com.

Josh's LinkedIn

Marcus Peet, Senior Director of Information Security at PT Solutions, shares his unique perspective as both a cybersecurity expert and father of three on navigating the complex world of digital parenting. His "growth with guardrails" philosophy demonstrates how parents can protect their children online while allowing them the freedom to develop necessary digital literacy skills.

• When children should get their first phone (Marcus recommends age 13, but with flexibility based on family circumstances)
• Smart alternatives like GPS watches for younger children who need location tracking
• Understanding the hidden costs of giving children smartphones, particularly the time investment
• Tools for monitoring children's devices including Bark, Family Link, and built-in parental controls
• Creating accounts properly within family ecosystems rather than standalone accounts
• The importance of establishing trust while still verifying children's activities
• Balancing protection with independence to avoid children seeking workarounds
• Navigating platforms like Roblox safely through supervision rather than prohibition
• Recognizing generational communication differences (like how a thumbs-up emoji can be perceived as passive-aggressive)
• Practical strategies for verifying online friends' real-world identities

Remember, the phone is a privilege, not a right. Be transparent about monitoring with your children while still giving them space to make small mistakes and learn from them.

Josh's LinkedIn

Kyle and I dive into the reality of the RSA Conference experience, exploring how the security industry's biggest event has transformed into a vendor-dominated spectacle with declining CISO attendance.

• The conference atmosphere is overwhelmingly loud with vendors everywhere and marketing materials covering every available surface
• San Francisco completely transforms during RSA, with security company logos plastered on restaurant windows and hotels taken over for exclusive events
• CISOs are increasingly skipping RSA, with many security leaders openly avoiding the conference
• The "sales to sales" dynamic dominates the floor, with vendors primarily connecting with other vendors rather than actual buyers
• Having a presence at RSA remains an unwritten requirement for security companies hoping to work with enterprise clients
• Strategic attendees focus on off-site meetings, invitation-only lunches, and smaller gatherings rather than the main conference floor
• The true value comes from face-to-face connections with people from around the world who have gathered in one location

Kyle's LinkedIn

Pensar's LinkedIn

Josh's LinkedIn

AI agents equipped with computer use capabilities will transform the cybersecurity landscape within the next year, shifting from augmenting to potentially replacing human SOC analysts with systems that can perform 100% alert triage. The investment landscape reflects this shift, with 78% of venture capital reportedly flowing into AI companies despite many firms simply adopting AI terminology without substantive implementation.

• Computer use abilities allowing AI to operate systems like humans will be the next major advancement
• Within 12 months, expert AI agents will function like "super employees" in security operations
• Ephemeral AI agents that complete specific tasks before dissolving enable unprecedented workforce elasticity
• Traditional valuation metrics based on headcount are becoming obsolete as AI reduces staffing requirements
• Companies running operations with 75%+ AI support can scale without proportional employee growth
• The MSSP community appears slow to adopt AI capabilities despite clear operational benefits
• AI systems will increasingly handle complete alert triage, potentially displacing human analysts
• Vendors typically avoid discussing workforce displacement, focusing instead on productivity gains
• Open-source AI innovations are accelerating development cycles across the industry

Innovations in AI security are happening rapidly. Follow the speakers on social media to stay updated - Randy Blasik (@BlasikRandy on Twitter and Compliance Aid on LinkedIn), Richard Stiennon (@Stiennon on Twitter and LinkedIn), and Josh Bruyning on LinkedIn.

Josh's LinkedIn

Ever wonder what happens when centuries-old legal practices collide with cutting-edge technology? Dean Sapp, CISO at FileVine, pulls back the curtain on the digital transformation revolutionizing law firms worldwide.

Beyond just modernizing paperwork, Dean reveals why attorneys have become prime targets for sophisticated hackers and nation-states. "Law firms are data aggregators of some of the most valuable information on the planet," he explains, detailing how insider knowledge of M&A deals, patents, and major developments makes legal data irresistible to cybercriminals. With attacks from Russia, China, and North Korea occurring daily, the stakes couldn't be higher.

The conversation takes a fascinating turn when Dean shares how purpose-built AI is dramatically reshaping legal processes. Tasks that once took legal teams 4-6 weeks now complete in a single day. Immigration paperwork that required 4-6 hours now finishes in under an hour. These aren't minor improvements—they're transformative shifts in how legal services can scale to help more people.

What sets this discussion apart is the rare glimpse into the specific security challenges of government legal agencies. With FileVine serving approximately 40 government agencies that require FedRAMP certification, Dean offers insights few security professionals ever witness. The intersection of legal compliance, national security, and political implications creates a security environment unlike any other.

Whether you're a legal professional wondering how to stay ahead of technology trends, a security expert curious about specialized industry challenges, or simply fascinated by how AI is reshaping traditional professions, this episode delivers eye-opening perspectives on the future of legal services.

Ready to discover how your organization can better protect sensitive information while dramatically improving efficiency? Join us for this revealing conversation about the technologies reshaping an entire profession.

Josh's LinkedIn