Enterprise Security Weekly (Audio)

Interview with Jeremy Snyder from FireTail about AI Governance
Death by a thousand cuts: the AI shadow IT problem
I think the best description of the AI governance problem during this interview was the title of the award-winning movie, Everything, Everywhere, All At Once. Generative AI has been disrupting businesses, products, and vendor risk management for a few years now. FireTail is one of the companies trying to address this problem for enterprises, so we check in with Jeremy Snyder to see how things are going.
Segment 1 Resources:
https://www.firetail.ai/ai-breach-tracker
Interview with Allie Mellen about her new book, Code War: How Nations Hack, Spy, and Shape the Digital Battlefield
We're VERY excited to check out Allie's new book, which will be released on St. Patrick's Day 2026! The timing could not be better, as her book is perfectly positioned to provide some much needed perspective on the cyber aspects of the ongoing war in Iran.
Is it normal to see the use of wipers on healthcare companies in the midst of the conflict? Is there any precedent for hyperscaler datacenters getting targeted (some of AWS's EMEA regions are still recovering)? Check out the conversation to find out!
Pick up the book!
from Wiley
from Barnes & Noble
from Amazon
Allie's personal website
The Weekly Enterprise News
Finally, in the enterprise security news,
Vibes and funding!
Starting to see some disruption in the vuln mgmt space (finally!)
Tons of new free tools
lots of essays
lots of reports
logs of breaches
the talks our hosts are giving at RSAC conference
and someone is selling an actual cone of silence???
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-450

Interview with Anna Pham
Breaking in with ClickFix: Anatomy of a modern endpoint attack
Cybersecurity company Huntress just published a report on a new ClickFix variant they've discovered, which they've dubbed CrashFix. This technique was developed by KongTuke to serve as the primary lure within a new custom malicious browser extension also created by the group.
In short, the team observed the threat actors using KongTuke's malicious browser extension to display a fake security warning, claiming the browser had "stopped abnormally" and prompting users to run a "scan" to remediate the threats. Upon "running the scan," the user is presented with a fake "Security issues detected" alert and instructed to manually "fix" the issue by opening the Windows Run dialog, pasting from their clipboard, and pressing Enter.
The malicious extension silently copies a PowerShell command to the clipboard, disguised as a legitimate repair command. From there, they execute the malicious command.
Segment Resources:
BLOG - Dissecting CrashFix: KongTuke's New Toy
Interview with David Zendzian
Continuous compliance and real security lifecycle management
Supply chain attacks are not just on the rise; attackers are learning from the past, making these attacks even more effective and dangerous than before. It was just over a month ago when the Shai-Hulud attack first impacted NPM packages, forcing enterprises around the world into lockdown. While only 187 packages were compromised in that initial incident, it served as a wake-up call for many: an accurate inventory of systems is good, but a clear, real-time Software Bill of Materials (SBOM) for applications is non-negotiable.
In this world of manifest based infrastructure and container based applications with (real) "devsecops", the dream of continuous upgrades of OS/Runtime/Stack/App and App Dependencies is very mature and there are solid examples of companies and federal entities managing this at scale without thousands of teams and people.
Segment Resources:
BLOG - Supply Chain Security: How accurate SBOMs can deliver proactive threat mitigation
Interview with Jacob Horne
CMMC Phase 1 Enforcement — What the November 10 Deadline Means for the Defense Supply Chain
With the upcoming CMMC Phase 1 enforcement on November 10, cybersecurity teams across the defense and federal supply chain are facing new compliance requirements that directly affect contract eligibility and data-protection standards. Jacob Horne, Chief Cybersecurity Evangelist at Summit 7, can break down what this milestone means for enterprise security leaders, MSPs/MSSPs, and contractors preparing for audits.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-449

Interview - Ben Worthy from Airbus Protect
The current state of OT security and business resilience
In this episode of Enterprise Security Weekly, we sit down with Ben Worthy, OT Security Specialist at Airbus Protect, to explore the evolving landscape of business resilience in safety-critical sectors. With over 25 years of experience across aerospace, nuclear, water, oil & gas, and other industries, Ben shares insights on how organizations are adapting to the surge in disruptive cyberattacks—from ransomware targeting operational technology to GPS spoofing and supply chain incidents. We discuss major cases including the Boeing/LockBit ransom demand, the Jaguar Land Rover production shutdown, and the SITA passenger data breach, examining how aviation and other critical infrastructure sectors are separating safety risk from business continuity risk.
Ben also breaks down the regulatory changes reshaping the industry, including EASA's October 2025 and February 2026 deadlines that tie cyber assurance directly to safety oversight, and what ENISA's latest numbers reveal about hacktivism and ransomware trends. Whether you're in aviation, nuclear, or any safety-critical sector, this conversation offers practical lessons on building resilience that keeps operations moving while addressing threats in real time.
This segment is sponsored by Airbus Protect. Visit https://securityweekly.com/airbusprotect to learn more about them!
Topic: Where are the business incentives to build secure products and software?
"It's the right thing to do," so of course businesses will make their products secure, right? Well, it turns out that breaches and vulnerabilities don't traditionally hurt financial performance all that much. Stocks recover, insurance covers the bulks of the losses, fines are paid, and lawsuits are settled. Most businesses can comfortably absorb the impact, so the threat of reputational harm or financial losses just aren't slowing them down.
In the case of Ivanti, where the reputational harm was extreme, the company's companies continue to get hacked as critical vulnerabilities keep getting discovered in their products.
https://www.bloomberg.com/news/features/2026-02-19/vpn-used-by-us-government-failed-to-stop-china-state-sponsored-hackers
In this topic segment, we don't aim to provide solutions to this problem, just the awareness that ethics, doing the right thing, and even signing the Secure by Design pledge don't seem to be enough to change vendor behavior when it comes to securing products.
The Weekly Enterprise Security News
Finally, in the enterprise security news,
RSA Innovation Sandbox hot takes
Did AI solve cyber?
fundings and acquisitions
a free app to warn you about smart glasses
deep thoughts about OpenClaw
replacing US tech with EU equivalents is hard
should you turn off dependabot?
accidentally taking over 7000 robot vacuums
the director of AI Safety at Meta loses her email somehow
should you go back to using a blackberry?
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-448

Segment 1 - Interview with Tim Morris
Bringing intelligence to assets
You've been through 6 CMDB projects in the last decade. None of them came close to the original goals, the CMDB was already out-of-date long before the project had any hopes of completing. Is building an asset inventory just too ambitious a project for most organizations, or is there a better way?
Tim Morris shares a different approach with us today. It might require some convincing and some courage, but it seems much more likely to succeed than any of your past CMDB efforts…
Segment Resources
Trusted automation: Building autonomous IT with confidence
This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them!
Segment 2 - Topic: the new White House cybersecurity strategy
In this segment, we explore some early details about the White House's new, but yet unreleased cybersecurity strategy. It appears that drafts have been shared (or leaked) to the press, so there's plenty to discuss here!
Segment 3 - News
Finally, in the enterprise security news,
Massive amounts of funding and acquisitions as we get close to RSA
Open source registries need help
Microsoft Copilot reads email marked as DO NOT READ
Don't use an LLM to generate passwords
is prompt injection a vulnerability
defining risks
AI changes the build versus buy equation
the scammer's perspective
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-447

Segment 1: Interview with Mathias Katz
What if you had enterprise-grade network security protections traveling with your users' laptops? What if it could be built into the laptop, but still stay safe even if the laptop OS and firmware were entirely compromised?
Mathias and his company, Byos have built such a thing, and BOY do we have some questions for him.
Segment 2: Interview with Wolfgang Goerlich
Addressing the nuanced, nefarious threats of AI
Sure, we need to worry about AI prompt injection and AI data leakage, but what about the threats to our BRAINS? Seriously, as we start to have daily conversations with this technology, how are they going to shape how we think? What inherent biases in the training, fine tuning, guardrails, or lack of guardrails are going to affect our decisions or how we work?
Wolfgang is concerned about this, so he performed a human/AI experiment. With almost 1000 people partaking in the experiment, the results are sure to be intriguing.
Segment 3: This week's enterprise security news
Finally, in the enterprise security news,
survey results on how folks are feeling about openclaw
some hidden drama discovered in KEV updates
some new KEV tools
is AI replacing traditional code scanning tools?
remote code execution in notepad
no, not notepad++, NOTEPAD.EXE
you know, the one that ships preinstalled on Windows
the RSAC innovation sandbox finalists
dealing with legacy vulnerabilities
Don't accept OpenClaw Mac Minis from strangers!
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-446