Security Weekly Podcast Network (Video)

Most organizations view security as a cost center, a "check-the-box" expense rather than a strategic investment. This mindset leads to chronic underfunding, reactive, panic-driven decision-making, and high staff turnover. It also hampers innovation, strategic initiatives, and customer trust. What if security was viewed as a business enabler, not a cost center?
Elyse Gunn, CISO at Nasuni, joins Business Security Weekly to discuss how to make security a business enabler, turning security from a cost center into a profit center. Elyse discusses why aligning security initiatives to business drivers is the key to addressing trust, both internally and externally, and how it solves the biggest security priorities for organizations, including:
Data Privacy
AI Security, and
Nth Party Risk
In the leadership and communications segment, With CISOs stretched thin, re-envisioning enterprise risk may be the only fix, To Lead Through Uncertainty, Unlearn Your Assumptions, Leaders, Consider Pausing Before Acting on Employee Feedback, and more!
Show Notes: https://securityweekly.com/bsw-436

Infinite AI Monkeys, Ploutus, Serv-U, Fortinet, Cyberwar, COBOL, NIST, Dr. Strangelove, Aaran Leyland, and More on the Security Weekly News.
Show Notes: https://securityweekly.com/swn-558

Journalists put a lot of effort into collecting information and protecting their sources, but everyone can benefit from having a digital environment that's more secure and more privacy protecting. Runa Sandvik shares her experience working with journalists and targeted groups to craft plans for how they use their devices and manage their information. And she also makes the point that the burden of security should not be just for users -- platforms and software providers should be evaluating secure defaults and secure designs that improve protections for everyone.
Resources
https://techcrunch.com/2025/03/13/apples-lockdown-mode-is-good-for-security-but-its-notifications-are-baffling/
https://www.glitchcat.xyz/p/lessons-learned-from-the-2021-arrest
https://gijn.org/resource/introduction-investigative-journalism-digital-security/
https://cpj.org/
Show Notes: https://securityweekly.com/asw-371

Segment 1 - Interview with Tim Morris
Bringing intelligence to assets
You've been through 6 CMDB projects in the last decade. None of them came close to the original goals, the CMDB was already out-of-date long before the project had any hopes of completing. Is building an asset inventory just too ambitious a project for most organizations, or is there a better way?
Tim Morris shares a different approach with us today. It might require some convincing and some courage, but it seems much more likely to succeed than any of your past CMDB efforts…
Segment Resources
Trusted automation: Building autonomous IT with confidence
This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them!
Segment 2 - Topic: the new White House cybersecurity strategy
In this segment, we explore some early details about the White House's new, but yet unreleased cybersecurity strategy. It appears that drafts have been shared (or leaked) to the press, so there's plenty to discuss here!
Segment 3 - News
Finally, in the enterprise security news,
Massive amounts of funding and acquisitions as we get close to RSA
Open source registries need help
Microsoft Copilot reads email marked as DO NOT READ
Don't use an LLM to generate passwords
is prompt injection a vulnerability
defining risks
AI changes the build versus buy equation
the scammer's perspective
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-447

The Code of Hammurabi, Rockyou, MimicRat, Google, Trustconnect, Introsort, AI, Josh Marpet, and More on this episode of the Security Weekly News.
Show Notes: https://securityweekly.com/swn-557