Enterprise Security Weekly (Audio)

Forrester's AEGIS Framework, the weekly news, and interviews with Fortra and Island - Jeff Pollard, Rohit Dhamankar, Michael Leland - ESW #424


Listen Later

Segment 1 - Interview with Jeff Pollard

Introducing Forrester’s AEGIS Framework: Agentic AI Enterprise Guardrails For Information Security

For this episode’s interview, we’re talking to Forrester analyst Jeff Pollard. I’m pulling this segment’s description directly from the report’s executive summary, which I think says it best:

As AI agents and agentic AI are introduced to the enterprise, they present new challenges for CISOs. Traditional cybersecurity architectures were designed for organizations built around people. Agentic AI destroys that notion. In the near future, organizations will build for goal-oriented, ephemeral, scalable, dynamic agents where unpredictable emergent behaviors are incentivized to accomplish objectives. This change won’t be as simple or as straightforward as mobile and cloud — and that’s bad news for security leaders who in some cases still find themselves challenged by cloud security.

Segment 2 - Weekly News

Then, in the enterprise security news,

  1. there’s funding and acquisitions, but we’re not going to talk about them
  2. AI’s gonna call the cops on you
  3. and everyone’s losing money on it
  4. and Anthropic agreed to pay for all the copyright infringement they did when training models
  5. and Otter.ai got sued for recording millions of conversations without consent
  6. Burger King got embarrassed and their lawyers didn’t like it
  7. NPM package mayhem
  8. certificate authority hijinks
  9. AI darwin awards

All that and more, on this episode of Enterprise Security Weekly.

Segment 3 - Executive Interviews from Black Hat 2025

Interview with Rohit Dhamankar from Fortra

Live from Black Hat 2025 in Las Vegas, Matt Alderman sits down with Rohit Dhamankar, VP of Product Strategy at Fortra, to dive deep into the evolving world of offensive security. From red teaming and pen testing to the rise of AI-powered threat simulation and continuous penetration testing, this conversation is a must-watch for CISOs, security architects, and compliance pros navigating today's dynamic threat landscape.

Learn why regulatory bodies worldwide are now embedding offensive security requirements into frameworks like PCI DSS 4.0, and how organizations can adopt scalable strategies—even with limited red team resources. Rohit breaks down the nuances of purple teaming, AI-assisted red teaming, and the role of BAS platforms in enhancing defense postures.

Whether you’re building in-house capabilities or leveraging external partners, this interview reveals key insights on security maturity, strategic outsourcing, and the future of cyber offense and defense convergence.

This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more!

Interview with Michael Leland from Island

At BlackHat 2025 in Las Vegas, Matt Alderman sits down with Michael Leland, VP Field CTO at Island, to tackle one of cybersecurity’s most urgent realities: compromised credentials aren’t a possibility — they’re a guarantee. From deepfakes to phishing and malicious browser plug-ins, attackers aren’t “breaking in” anymore… they’re logging in.

Michael reveals how organizations can protect stolen credentials from being used, why the browser is now the second weakest link in enterprise security, and how Island’s enterprise browser can enforce multi-factor authentication at critical moments, block unsanctioned logins in real time, and control risky extensions with live risk scoring of 230,000+ Chrome plug-ins.

Key takeaways:

  • Why credential compromise is inevitable — and how to stop credential use
  • How presentation layer DLP prevents data leaks inside and outside apps
  • Real-time blocking of phishing logins and unsanctioned SaaS access
  • Plug-in risk scoring, version pinning, and selective extension control
  • Enabling BYOD securely — even after a catastrophic laptop loss
  • Why many users never go back to Chrome, Edge, or Safari after switching

Segment Resources:

  • https://www.island.io/blog/how-the-enterprise-browser-neutralizes-the-risks-of-compromised-credentials

This segment is sponsored by Island. Visit https://securityweekly.com/islandbh to learn more!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-424

...more
View all episodesView all episodes
Download on the App Store

Enterprise Security Weekly (Audio)By Security Weekly Productions

  • 4.9
  • 4.9
  • 4.9
  • 4.9
  • 4.9

4.9

14 ratings


More shows like Enterprise Security Weekly (Audio)

View all
Security Now (Audio) by TWiT

Security Now (Audio)

1,998 Listeners

Windows Weekly (Audio) by TWiT

Windows Weekly (Audio)

881 Listeners

Risky Business by Patrick Gray

Risky Business

369 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

639 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

369 Listeners

Hacked by Hacked

Hacked

183 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,017 Listeners

Smashing Security by Graham Cluley

Smashing Security

320 Listeners

Click Here by Recorded Future News

Click Here

416 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,958 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

174 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

188 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

134 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

43 Listeners