Security Weekly Podcast Network (Video)

Key emerging risks include cybersecurity (41%) and Generative AI (Gen AI) (35%), both of which present challenges in skill development and retention. The growing reliance on external providers reflects these gaps. In two years, strategic risk has fallen 10% as technological advancements have shifted auditors' attention away from strategy. So what are the top concerns?
Tim Lietz, National Practice Leader Internal Audit Risk & Compliance at Jefferson Wells, joins Business Security Weekly to discuss the shifting priorities for internal audit leaders, with technology, business transformation and digitization remaining central amid rising economic uncertainty. This reflects the broader economic challenges and uncertainties that organizations are facing in the current environment. Tim will discuss the need for enhanced skills inAI, cybersecurity and digital transformation and why Internal Audit is increasingly seen as a strategic partner in navigating transformation within their organizations.
Segment Resources: - https://www.jeffersonwells.com/en/internal-audit-report-2025
In the leadership and communications segment, Conventional Cybersecurity Won't Protect Your AI, Will Cybersecurity Budgets Increase in 2026?, To Execute a Unified Strategy, Leaders Need to Shadow Each Other, and more!
Show Notes: https://securityweekly.com/bsw-431

Carla the Ogre, extensions, Crashfix, Gemini, ChatGPT Health, Dark AI, MCP, Joshua Marpet, and More on the Security Weekly News.
Show Notes: https://securityweekly.com/swn-548

MongoBleed and a recent OWASP CRS bypass show how parsing problems remain a source of security flaws regardless of programming language. We talk with Kalyani Pawar about how these problems rank against the Top 25 CWEs for 2025 and what it means for relying on LLMs to generate code.
Show Notes: https://securityweekly.com/asw-366

Segment 1 with Beck Norris - Making vulnerability management actually work
Vulnerability management is often treated as a tooling or patching problem, yet many organizations struggle to reduce real cyber risk despite heavy investment. In this episode, Beck Norris explains why effective vulnerability management starts with governance and risk context, depends on multiple interconnected security disciplines, and ultimately succeeds or fails based on accountability, metrics, and operational maturity.
Drawing from the aviation industry—one of the most regulated and safety-critical environments—Beck translates lessons that apply broadly across regulated and large-scale enterprises, including healthcare, financial services, and critical infrastructure.
Segment 2 with Ryan Fried and Jose Toledo - Making incident response actually work
Organizations statistically have decent to excellent spending on cybersecurity: they have what should be sufficient staff and some good tools. When they get hit with an attack, however, the response is often an unorganized, poorly communicated mess! What's going on here, why does this happen???
Not to worry. Ryan and José join us in this segment to offer some insight into why this happens and how to ensure it never happens again!
Segment Resources:
[Mandiant - Best practices for incident response planning]
(https://services.google.com/fh/files/misc/mandiantincidentresponsebestpractices_2025.pdf?linkId=19287933)
Beyond Cyberattacks: Evolution of Incident Response in 2026
Segment 3 - Weekly Enterprise News
Finally, in the enterprise security news,
Almost no funding…
Oops, all acquisitions!
Changes in how the US handles financial crimes and international hacking
Mass scans looking for exposed LLMs
The state of Prompt injection
be careful with Chrome extensions
and home electronics from unknown brands
Is China done with the West?
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-442

Miss Cleo, Whisperpair, Fortisiem, REDVDS, Google, Spying, Rob Allen from Threatlocker, and More on this episode of the Security Weekly News.
Segment Resources: https://www.cybersecuritydive.com/news/telecom-ransomware-spike-cyble/809224/
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!
Show Notes: https://securityweekly.com/swn-547