loader from loading.io

Securing AI Agents with Dave Lewis, Enterprise News, and interviews from Oktane 2025 - Mike Poole, Conor Mulherin, Dave Lewis - ESW #430

Enterprise Security Weekly (Audio)

Release Date: 10/27/2025

Holiday Chat: Local AI datacenter activism, AI can't substitute good taste, and more - ESW #439 show art Holiday Chat: Local AI datacenter activism, AI can't substitute good taste, and more - ESW #439

Enterprise Security Weekly (Audio)

For this week's episode of Enterprise Security Weekly, there wasn't a lot of time to prepare. I had to do 5 podcasts in about 8 days leading up to the holiday break, so I decided to just roll with a general chat and see how it went. Also, apologies, for any audio quality issues, as the meal I promised to make for dinner this day required a lot of prep, so I was in the kitchen for the whole episode! For reference, I made the recipe for from Rick Martinez's cookbook, Mi Cocina. I used the wrong peppers (availability issue), so it came out green instead of red, but was VERY delicious. As for the...

info_outline Internal threats are the hole in Cybersecurity’s donut - Frank Vukovits - ESW #438 show art Internal threats are the hole in Cybersecurity’s donut - Frank Vukovits - ESW #438

Enterprise Security Weekly (Audio)

Interview with Frank Vukovits: Focusing inward: there lie threats also External threats get discussed more than internal threats. There’s a bit of a streetlight effect here: external threats are more visible, easier to track, and sharing external threat intelligence doesn’t infringe on any individual organization’s privacy. That’s why we hear the industry discuss external threats more, though internally-triggered incidents far outnumber external ones. Internal threats, on the other hand, can get personal. Accidental leaks are embarassing. Malicious insiders are a sensitive topic that...

info_outline Illuminating Data Blind Spots, Topic, Enterprise News - Tony Kelly - ESW #437 show art Illuminating Data Blind Spots, Topic, Enterprise News - Tony Kelly - ESW #437

Enterprise Security Weekly (Audio)

Interview Segment: Tony Kelly Illuminating Data Blind Spots As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we’ll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over their most sensitive assets. Our guest will break down how DSPM differs from adjacent technologies like DLP, CSPM, and DSP, and how it integrates into broader Zero Trust and cloud security strategies. We’ll also explore how compliance and...

info_outline Fix your dumb misconfigurations, AI isn't people, and the weekly news - Wendy Nather, Danny Jenkins - ESW #436 show art Fix your dumb misconfigurations, AI isn't people, and the weekly news - Wendy Nather, Danny Jenkins - ESW #436

Enterprise Security Weekly (Audio)

Interview with Danny Jenkins: How badly configured are your endpoints? Misconfigurations are one of the most overlooked areas in terms of security program quick wins. Everyone freaks out about vulnerabilities, patching, and exploits. Meanwhile, security tools are misconfigured. Thousands of unused software packages increase remediation effort and attack surface. The most basic misconfigurations lead to breaches. Threatlocker spotted this opportunity and have extended their agent-based product to increase attention on these common issues. This segment is sponsored by ThreatLocker. Visit to...

info_outline From Misconfigurations to Mission Control: Lessons from InfoSec World 2025 - Marene Allison, Dr. Ron Ross, Ryan Heritage, Patricia Titus, Perry Schumacher, Rob Allen - ESW #435 show art From Misconfigurations to Mission Control: Lessons from InfoSec World 2025 - Marene Allison, Dr. Ron Ross, Ryan Heritage, Patricia Titus, Perry Schumacher, Rob Allen - ESW #435

Enterprise Security Weekly (Audio)

Live from InfoSec World 2025, this episode of Enterprise Security Weekly features six in-depth conversations with leading voices in cybersecurity, exploring the tools, strategies, and leadership approaches driving the future of enterprise defense. From configuration management and AI-generated threats to emerging frameworks and national standards, this special edition captures the most influential conversations from this year’s conference. In this episode: -You Don’t Need a Hacker When You Have Misconfigurations — Rob Allen, Chief Product Officer at ThreatLocker®, discusses how...

info_outline Aligning teams for effective remediation, Anthropic's latest report, and the news - Ravid Circus - ESW #434 show art Aligning teams for effective remediation, Anthropic's latest report, and the news - Ravid Circus - ESW #434

Enterprise Security Weekly (Audio)

Interview with Ravid Circus Ravid will discuss why security and engineering misalignment is the biggest barrier to fast, effective remediation, using data from Seemplicity’s 2025 Remediation Operations Report. This is costing some teams days of unnecessary exposure, which can lead to major security implications for organizations. Segment Resources: Topic Segment: Thoughts on Anthropic's latest security report Ex-SC Media journalist Derek Johnson did a great job writing this one up over at Cyberscoop: There are a number of interesting questions that have been raised here. Some...

info_outline Year of the (Clandestine) Linux Desktop, topic, and the news - Rob Allen - ESW #433 show art Year of the (Clandestine) Linux Desktop, topic, and the news - Rob Allen - ESW #433

Enterprise Security Weekly (Audio)

Segment 1: Interview with Rob Allen It’s the Year of the (Clandestine) Linux Desktop! As if EDR evasions weren’t enough, attackers are now employing yet another method to hide their presence on enterprise systems: deploying tiny Linux VMs. Attackers are using Hyper-V and/or WSL to deploy tiny (120MB disk space and 256MB memory) Linux VMs to host a custom reverse shell and reverse proxy. In this segment, we’ll discuss strategies and mitigations to battle this novel technique with Rob Allen from Threatlocker. Segment Resources: This segment is sponsored by ThreatLocker. Visit to...

info_outline OT Security Doesn't Have to be a Struggle, Spotting Red Flags, Enterprise News - Joshua Hay, Todd Peterson - ESW #432 show art OT Security Doesn't Have to be a Struggle, Spotting Red Flags, Enterprise News - Joshua Hay, Todd Peterson - ESW #432

Enterprise Security Weekly (Audio)

Segment 1: OT Security Doesn’t Have to be a Struggle OT/ICS/SCADA systems are often off limits to cybersecurity folks, and exempt from many controls. Attackers don’t care how fragile these systems are, however. For attackers aiming to disrupt operations, fragile but critical systems fit criminals’ plans nicely. In this interview, we discuss the challenge of securing OT systems with Todd Peterson and Joshua Hay from Junto Security. This segment is sponsored by Junto Security. Visit to learn more! Segment 2: Topic - Spotting Red Flags in Online Posts This week's topic segment is all about...

info_outline Transforming Frontline Workflows with Passwordless Access, AI costs, and the News - Joel Burleson-Davis - ESW #431 show art Transforming Frontline Workflows with Passwordless Access, AI costs, and the News - Joel Burleson-Davis - ESW #431

Enterprise Security Weekly (Audio)

Segment 1: Interview with Joel Burleson-Davis Frontline workers can’t afford to be slowed down by manual, repetitive logins, especially in mission-critical industries where both security and productivity are crucial. This segment will explore how inefficient login methods erode productivity, while workarounds like shared credentials increase risk, highlighting why passwordless authentication is emerging as a game-changer for frontline access to shared devices. Joel Burleson-Davis, Chief Technology Officer of Imprivata, will share how organizations can adopt frictionless and secure access...

info_outline Securing AI Agents with Dave Lewis, Enterprise News, and interviews from Oktane 2025 - Mike Poole, Conor Mulherin, Dave Lewis - ESW #430 show art Securing AI Agents with Dave Lewis, Enterprise News, and interviews from Oktane 2025 - Mike Poole, Conor Mulherin, Dave Lewis - ESW #430

Enterprise Security Weekly (Audio)

Segment 1: Interview with Dave Lewis from 1Password In this week's sponsored interview, we dive into the evolving security landscape around AI agents, where we stand with AI agent adoption. We also touch on topics such as securing credentials in browser workflows and why identity is foundational to AI agent security. This segment is sponsored by 1Password. Visit to learn more! Segment 2: Enterprise News In this week's enterprise security news, one big acquisition, two small fundings not all AI is bad deepfakes are getting crazy good make sure you log what your AI agents do Copilot prompt...

info_outline
 
More Episodes

Segment 1: Interview with Dave Lewis from 1Password

In this week's sponsored interview, we dive into the evolving security landscape around AI agents, where we stand with AI agent adoption. We also touch on topics such as securing credentials in browser workflows and why identity is foundational to AI agent security.

This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more!

Segment 2: Enterprise News

In this week's enterprise security news,

  1. one big acquisition, two small fundings
  2. not all AI is bad
  3. deepfakes are getting crazy good
  4. make sure you log what your AI agents do
  5. Copilot prompt injection
  6. NordVPN tries to pull a jedi mind trick on us
  7. failure rate in AI adoption is a feature not a bug?
  8. using facial recognition to find Tinder profiles
  9. a predictable squirrel story

All that and more, on this episode of Enterprise Security Weekly.

Segment 3: Two interviews from Oktane 2025

Interview with Connor Mulherin of TechSoup

The cybersecurity landscape in the nonprofit sector is evolving quickly, with organizations facing unique challenges due to limited resources, sensitive mission-driven work, and developing policies and training programs. Connor Mulherin, Director and GM of Validation Services at TechSoup, will discuss the industry's need for accessible and collaborative solutions to provide affordable technology leadership and security guidance. It will highlight how nonprofit organizations can build long-term digital resilience and combat these growing challenges.

Segment Resources:

Interview with Mike Poole, Director of Cyber Security at Werner Enterprises

In today's digital landscape, cybersecurity is not just a technical issue—it’s a business imperative. Organizations that prioritize cybersecurity culture see fewer incidents and stronger resilience against evolving threats. But how do you foster a security-first mindset across an organization?

This session will explore the critical components of building and maintaining a robust cybersecurity culture, starting with executive leadership buy-in—a fundamental step in securing resources and driving organizational change. We’ll then dive into the power of monthly phishing exercises, which reinforce awareness and preparedness. Attendees will also learn how to develop effective training programs that engage employees at all levels and create lasting behavioral change. Finally, we’ll discuss the role of cybersecurity-themed events, particularly during Cybersecurity Awareness Month, as a powerful tool to capture attention and reinforce key security principles.

This segment is sponsored by Oktane by Okta. Visit https://securityweekly.com/oktane to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-430