What does a cybersecurity score of 76 really mean?

In this episode of Security Boulevard, Tom Hollingsworth, Fernando Montenegro, and Jay Cuthrell tackle one of the most persistent challenges in cybersecurity: reducing complex risk to a single number on a dashboard.

They unpack why so many security scores lack context, give a false sense of precision, and often mislead the very executives they’re meant to inform. The discussion dives into the pitfalls of oversimplified risk scoring models, the risks of relying on color-coded dashboards, and why metrics like CVSS often fail without proper business and environmental context.

The panel also contrasts proprietary “secret sauce” scoring systems with more defensible approaches to risk quantification, including frameworks like FAIR.

From misleading executive dashboards to the real challenge of communicating cyber risk in business terms, this episode provides a clear, critical look at why effective security metrics require much more than just a number.

#Cybersecurity #RiskManagement #CISO #CVSS #FAIR #SecurityBoulevard

NVIDIA is no longer just selling chips—it is becoming a central force in the future of AI infrastructure and security.

On this episode of the Security Boulevard podcast, Tom Hollingsworth, Alan Shimel, and Mitch Ashley break down NVIDIA’s growing security ecosystem and what it means for the enterprise.

The conversation explores NVIDIA’s partnerships with major players including CrowdStrike, HPE, and Cisco, and why the company’s role as an AI infrastructure provider puts it at the center of the next wave of cybersecurity strategy.

The trio also examines the urgent need to secure both AI development pipelines and AI-generated outcomes, as organizations race to deploy models, agents, and new AI-driven workflows. They also discuss the promise of NVIDIA OpenClaw and what toolkits like it could signal for the future of secure AI operations.

As AI adoption accelerates, one question becomes impossible to ignore: who will secure the infrastructure powering it all?

#Cybersecurity #AI #NVIDIA #AISecurity #EnterpriseAI #SecurityBoulevard

Is the era of "wild west" AI development finally coming to an end, or are we just building taller fences?

In this episode of the Security Boulevard Podcast, Tom Hollingsworth, Mitch Ashley, and Fernando Montenegro dive into why AI regulation has shifted from a "nice-to-have" ethical debate to an urgent cybersecurity mandate.

As the industry prepares to descend on San Francisco, the trio breaks down the high-stakes collision between lightning-fast innovation and the tightening grip of global governance. They examine the growing need for explicit, enforceable rules in a world of autonomous agents and "Shadow AI." Emerging standards like ISO 42001 and the NIST AI Framework are becoming the new blueprints for enterprise trust, and why traditional law continues to struggle with the velocity of tech.

From the economic pressures of global compliance to the grassroots power of community-led safety, this discussion provides a definitive roadmap for navigating today’s most complex security landscape.

See why "trust but verify" has evolved from a simple catchphrase into the ultimate survival strategy for the intelligence era.

#SecurityBoulevard #Cybersecurity #AIRegulation #AIGovernance #EnterpriseAI #AIRisk #ResponsibleAI #RSAC #TechPolicy

Is the era of "wild west" AI development finally coming to an end, or are we just building taller fences?

In this episode of the Security Boulevard Podcast, Tom Hollingsworth, Mitch Ashley, and Fernando Montenegro dive into why AI regulation has shifted from a "nice-to-have" ethical debate to an urgent cybersecurity mandate.

As the industry prepares to descend on San Francisco, the trio breaks down the high-stakes collision between lightning-fast innovation and the tightening grip of global governance. They examine the growing need for explicit, enforceable rules in a world of autonomous agents and "Shadow AI."

Emerging standards like ISO 42001 and the NIST AI Framework are becoming the new blueprints for enterprise trust, and why traditional law continues to struggle with the velocity of tech. From the economic pressures of global compliance to the grassroots power of community-led safety, this discussion provides a definitive roadmap for navigating today’s most complex security landscape.

See why "trust but verify" has evolved from a simple catchphrase into the ultimate survival strategy for the intelligence era.

#SecurityBoulevard #Cybersecurity #AIRegulation #AIGovernance #EnterpriseAI #AIRisk #ResponsibleAI #RSAC #TechPolicy

If we can't see what AI is actually doing, how can we ever hope to secure it?

In this episode of the Security Boulevard Podcast, hosts Tom Hollingsworth, Mitch Ashley, and Fernando Montenegro break down the complex intersection of Artificial Intelligence and modern cybersecurity.

As AI continues to reshape software development, the team explores why observability has become the critical foundation for establishing accountability and trust in automated systems. They dive into the challenges of governing autonomous agents, the necessity of building "observability-native" architectures, and why transparency is often the missing link in current AI operations.

Whether you're a developer, a security practitioner, or a tech leader, this conversation provides essential insights into integrating security into the DNA of AI-driven environments to ensure that as we innovate, we remain in control.

For more cybersecurity content, visit the Security Boulevard website and subscribe on YouTube.

#SecurityBoulevard #Cybersecurity #ArtificialIntelligence #Observability #SecurityPodcast #InfoSec #TechGovernance #SoftwareDevelopment #AIPathways

AI agents are accelerating discovery, automation, and operational change—but enterprise security teams are still operating on human-speed processes.

In this episode of Security Boulevard, Mitch Ashley joins Tom Hollingsworth and Fernando Montenegro to examine what happens when AI-driven systems begin operating at machine speed while traditional security workflows remain constrained by governance, patch cycles, and change management controls.

The conversation explores:

• How AI agents compress vulnerability discovery timelines
• Why automation without operational maturity increases risk
• Whether enterprise security programs are structurally prepared for AI-era velocity
• The growing tension between innovation and control

As AI capabilities expand, the real challenge isn’t just technical—it’s organizational. Security leaders must rethink processes, prioritization, and response frameworks to avoid widening exposure. AI is scaling. Is your security program?

Subscribe to Security Boulevard for weekly enterprise cybersecurity analysis.

#SecurityBoulevard #CyberSecurity #AI #ArtificialIntelligence #EnterpriseSecurity #SecurityLeadership #Automation #AIagents #CISO #SecurityStrategy #SecurityBoulevard #DigitalTransformation #RiskManagement #Infosec #TechPodcast #Governance

AI is no longer just assisting security teams — it’s actively finding vulnerabilities humans missed.

In this episode of Security Boulevard, Tom Hollingsworth, Alan Shimel, and Fernando Montenegro examine the real-world implications of AI-driven vulnerability discovery after Anthropic allowed Claude to conduct large-scale scanning across open-source projects.

The result? More than 600 vulnerabilities identified — including a long-standing issue in Ghostscript that traditional research had missed for years. The discussion goes beyond headlines.

The panel analyzes:

• Whether AI can outperform human threat researchers • How iterative model reasoning changes vulnerability discovery
• The risks of AI-powered offensive security • What this means for DevSecOps and open-source maintainers •
• Whether AI shifts the balance between defenders and attackers

As AI systems begin to reason across version histories, patch gaps, and architectural inconsistencies, cybersecurity teams face a new reality: automation at machine scale. Is this a breakthrough for defenders — or the beginning of a new attack surface?

If AI can audit every version of your software in seconds, what does that mean for your security posture? Subscribe and join the conversation.

Read More:

• Son of Moltbot vs. Claude Opus
• OpenClaw, Cows and Free Milk
• Is Claude Opus 4.6 the Best Security Researcher Ever?

#SecurityBoulevard #CyberSecurity #AIThreatHunting #AISecurity #Anthropic #ClaudeAI #VulnerabilityManagement #OpenSourceSecurity #ThreatIntelligence #CVE #AppSec #SecurityResearch #ResponsibleDisclosure #SecurityOperations #Ghostscript

Cybersecurity failures increasingly originate inside the software supply chain.

In this episode, Tom Hollingsworth, Event Lead at Tech Field Day and Networking Industry Analyst, joins Mitch Ashley, Vice President and Practice Lead, Software Lifecycle Engineering at Techstrong Research, along with Steve Puluka, Network & Security Engineer and Network Architect, Tech Field Day Delegate.

They examine supply chain compromises, including incidents involving Notepad++ and software update distribution mechanisms. The conversation highlights why secure code distribution must be treated as an architectural control, not an operational afterthought.

As software ecosystems grow more interconnected, accountability now spans developers, hosting providers, infrastructure operators, and security teams. The traditional shared responsibility model must evolve to address increasingly complex dependency chains and third-party exposure.

The discussion also explores how artificial intelligence is reshaping networking operations, why observability has become foundational to modern security strategy, and how transparency and proactive incident response reduce systemic risk.

Security today is lifecycle discipline across the entire software delivery chain.

#Cybersecurity #SupplyChainSecurity #DevSecOps #AIinNetworking #Observability #SecurityLeadership