On the 22nd episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Joe Silva, former Chief Information Security Officer at Jones Lang LaSalle. JLL is a commercial real estate company operating in 84 countries worldwide. The company has over 100,000 employees, $20 billion dollars in annual revenue, and ranks #193 on the Fortune 500. Managing billions of square feet of property worldwide, JLL delivers a full suite of services, including — property management, leasing, capital markets, and real estate technology solutions. In this conversation, Joe dives into the realities versus the hype of AI in cybersecurity, AI’s role in shifting the balance between human judgment and automated systems, and AI’s potential to solve long-standing defender blind spots.

Quick hits from Joe:
On the new attack surface presented by AI: “If I look at how corporate functions at large enterprises, HR, finance, they were using RPAs (robotic process automations) to automate so much of this work, and now you look at AI agents as essentially hyper aware RPAs. It's a natural evolution. RPAs, which themselves created a massive attack surface and now we just start moving all of that to AI because we're completely taking the human out of the loop.”

On the increasing negative impact of AI cyberthreats: “Criminals can leverage AI to create highly bespoke and tailored fraud to individuals whose identities they can stitch together across multiple data sets. Organizations will start feeling the impact of AI abetting criminal activity, and that will raise the consequences.”

On areas that AI is moving the needle: “Gen AI is making it a lot easier for providers to make more information accessible and provide more context in tools…Where we see Gen AI being helpful is the ability to train machine learning models, and actually get more utility out of machine learning. We've been hearing ML and AI for the last 10 years as buzzwords associated with products and the utility of ML has improved due to AI.”

Book Recommendation: Five Years to Freedom by James N. Rowe

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 21st episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Tony Taylor, Chief Information Security Officer at Land O'Lakes. Land O'Lakes is an American member-owned agricultural cooperative. The co-op has 9,000 employees who process and distribute products for about 300,000 agricultural producers. Land O Lakes handles 12 billion pounds of milk annually and is one of the largest producers of butter and cheese in the United States. In this conversation, Tony shares his thoughts on AI transforming the cyber threat landscape, the paradox of AI empowering defenders while enabling attackers, and strategies for cyber defense in an AI-driven world.

Quick hits from Tony:

On the oversaturation of AI as a marketing term: “You can’t talk to a vendor today where they don’t talk about their AI. Everybody’s got an AI engine. For me as a consumer of that technology, I go, well, show me how that AI works.”

On how AI can help address the talent shortage in cybersecurity: “We need to be able to bring in less mature or less experienced people and let them build that experience because the workforce isn’t there. I can’t go hire senior engineers all over the place because they’re not available.”

On AI elevating the nature of work in cybersecurity: “AI will reduce workload, and I think it’s going to reduce the workload that nobody wants to do anyway...It’s going to allow people to work at a higher level.”

Podcast Recommendation: SANS Stormcast by Johannes B. Ullrich

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 20th episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Gene Sun, Vice President and Chief Information Security Officer at FedEx. FedEx is a multinational courier delivery services company with over $90 billion in annual revenue and more than 500,000 employees globally. With billions of packages delivered every year, using the world’s largest cargo fleet, FedEx uses sophisticated technology to provide a unique delivery service to customers across the globe. In this conversation, Gene discusses industry shifts from isolated point solutions to powerful, AI-driven platform strategies, AI as a growing tool for attackers and defenders, and predictions for the future of AI-powered cyber defense.

Quick hits from Gene:

On the evolving workforce adapting to AI integration: “There is some kind of fear in society that AI will replace all the human beings doing the work. I have this saying, AI will not replace your job. People who know how to use AI will replace your job.”

On consolidation and innovation in AI-driven cybersecurity: “There’s only so many players who can afford to stay in the AI race. I think only a couple of large cyber security platforms will survive and they will provide the fundamental platform for any additional innovation that will be created for security related AI models.”

On AI lowering barriers for fraud: “Cybercriminals are using AI to generate counterfeit FedEx shipping labels. Previously, to create a counterfeit FedEx shipping label you needed to have programming skills to decode our tracking numbers to be able to generate readable barcodes. Now, AI has removed those technology requirements and criminals are increasing their velocity to perpetrate those crimes.”

Recent Book Recommendation: Guns, Germs, and Steel by Jared Diamond

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 19th episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Eric Brohm, Chief Information Security Officer at Wyndham Hotels & Resorts. Wyndham is the world's largest hotel group, offering nearly 10,000 properties in 95 countries across 24 global brands. In this conversation, Eric shares his thoughts on how AI is fast becoming an indispensable tool for cybersecurity teams, the potential of AI in risk-based decision-making, and the growing trend of cybercriminals using AI.

Quick hits from Eric:

On the speed of AI adoption between attackers and defenders: “Attackers take up tools quicker than we do. They don't need to worry about test environments and, politically, selling the tools’ ROI for the business, right? They just go and they use it.”

On AI as a tool to enhance security: “The industry of adversary emulation has been really big. I can point AI at my environment and it knows what security controls I have on the back end. It knows what my vulnerabilities are on the front end and says, “If I were an attacker, this is probably what I would do.” So that helps us drive smart investment based on AI helping us with those risks.”

On the need for collaboration in cybersecurity: “Community is a key piece of why I love being in cybersecurity so much, and that collaboration is what we need to stay ahead of, or at least try to keep pace with whatever tools the attackers are using.”

Recent Book Recommendation: Questions Are the Answer by Hal Gregersen

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 18th episode of Enterprise Software Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Stephen Harrison, Senior Vice President and Chief Information Security Officer at MGM Resorts International. MGM Resorts International is a global hospitality and entertainment leader, operating some of the most iconic destinations in Las Vegas and beyond. MGM boasts an annual revenue of over $16 billion and employs more than 70,000 people worldwide. In this conversation, Stephen shares his thoughts on cybersecurity complexities in the entertainment sector, the deployment of AI – in both safeguarding systems and enhancing attack methods, and the escalation of automated attacks targeting human error.

Quick hits from Stephen:

On the rapid pace of technology change and AI: “It's hard when we're at a period of time where there's never been faster acceleration of technology. And whatever you thought was cutting-edge AI last week, well, just check Twitter this week. You're probably wrong.”

On adapting to rapid technological change: “If you’re running an enterprise security and you’re sort of putting up this gridiron fence saying, ‘No, our company is not going to use AI at a professional knowledge worker level.’ I think you’re probably doing a disservice.”

On the evolving threat landscape: “Every innovation that comes out is also empowering threat actors…you have ransomware as a service right now. And I would expect by next year, sometime to see ransomware as a service evolve and become more like AI as a service for threat actors.”

Recent Book Recommendation: Dare to Lead by Brené Brown

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise Software Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise Software Defenders is produced by Josh Meer.

On the 17th episode of Enterprise Software Defenders, host Evan Reiser (Abnormal Security) talks with Mark Ferguson, Chief Information Security Officer at Bombardier. Bombardier is a Canadian multinational aircraft company best known for producing premium business jets. It has over 17,000 employees and over $8 billion in annual revenue. In this conversation, Mark shares his thoughts on Bombardier's impressive scale, the complexities of cybersecurity in the aviation industry, and the role of AI in enhancing security operations.

Quick hits from Mark:

On cybercriminals using generative AI: “Cybercriminals’ work is all about volume. So it's about keeping the cost as low as possible and spreading the threat to the biggest volume possible. That's where AI will help them because it's going to enable them to widen the net for potential targets they can go after.”

On the rise of sophistication in cybercrime: “The most sophisticated criminals are using company’s own people and IT systems. It's way easier now to trick someone and log in to a corporate system, versus break through the firewall or hack a satellite.”

On AI Copilot’s ability to assist with cybersecurity: “Copilot came back within seconds and said this change happened by this person to this end point on this date and we were able to narrow in on what the change was and who made the change.”

Recent Book Recommendation: Jan Ullrich: The Best There Never Was by Daniel Fribe

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise Software Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise Software Defenders is produced by Josh Meer.

On the 16th episode of Enterprise Software Defenders, host Evan Reiser (Abnormal Security) and special guest host Steve Ward (Former CISO at The Home Depot and TIAA) talk with Roland Cloutier, former Global Chief Security Officer at TikTok. Roland is a seasoned cybersecurity expert who has led security programs at major organizations, including EMC, ADP, and, most recently, TikTok. Roland's journey from military aerospace defense to becoming a top CISO offers valuable insights into the evolving landscape of cybersecurity and the critical role of AI in enhancing security operations. In this conversation, Roland shares his thoughts on the evolution of cybersecurity in the AI era, the transformative impact of AI on security operations, and a glimpse into the future of converged security programs.

Quick hits from Roland:

On AI’s ability to assist enterprise security posture management: “Why do I have really smart people doing things like writing scripts that go across logs? That is insanity. We're going to get to deeper insight faster through AI. So as a practitioner, we're going to have better weapons to understand what's going on to apply defensive postures quicker.”

On AI copilot’s enabling safer code creation: “There's massive hope in the use of AI around code defense. Code is going to be created differently and it'll be created with AI and with constructs. Therefore we have the opportunity to put security control capabilities or quality measures in capabilities at the time of code. It's going to automatically do privacy by design and security by design in a way we’ve never seen before. So from a compliance perspective, we're going to be able to operate as businesses in a much better way.”

On the true impact of auto defense capabilities: “AI is going to now show up and code is going to be generated by the time someone thinks about it. But it doesn't have to go in a queue for us to check. We don't have to wait till something gets checked in. We can instrument the AI with our capabilities that says to automatically remove any OS pipe turning, and tell us what you did. Think about the modeling capabilities on a per second basis it can provide when it evaluates code.”

Recent Book Recommendation: The Mission, The Men, and Me by Pete Blaber

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise Software Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise Software Defenders is produced by Josh Meer.

On the 15th episode of Enterprise Software Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Tomás Maldonado, Chief Information Security Officer at The National Football League. The NFL, comprising 32 franchises, is the world's most valuable sporting league, with over 20 billion dollars in annual revenue and a growing global brand. In this conversation, Tomás shares his thoughts on the vital role of cybersecurity in the NFL, the impact of AI on emerging security threats, and his optimism on the potential for AI-driven incident response.

Quick hits from Tomás:

On AI advancing the malicious potential of threat actors: “Now, adversaries don't need to know whatever language you speak to attack. They can go into open generative AI platforms and say ‘Create a message that sounds like this in the language X.’ Then put whatever payload they want in there, and then they can mass mail that to people.”

On the impact of AI to assist the efficacy of security professionals: “There's so much data to cull through to figure out who was patient zero and how it actually happened. If you're correlating all of that information into a centralized location, why not have AI spit out a timeline that says this is how Jane Doe's account was compromised? We know that these are the usual next steps for someone being compromised. Let’s help the user make better decisions.”

On how AI might improve communication for security professionals: “There's a real opportunity for incident response and this division of communication, how to communicate effectively externally. There's a real path for interacting with users and helping them make better decisions as they interact with data and share that information.”

Recent Book Recommendation: Start with Why by Simon Sinek

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise Software Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise Software Defenders is produced by Josh Meer.