
Sign up to save your podcasts
Or


Send us Fan Mail
A champagne bottle, a blade, and a clean strike turns into one of the clearest cybersecurity conversations we’ve had. We’re joined by attorney and cyber contracting veteran Drew Tharp, with Todd Wilkinson stepping in as guest host, and we use swords and fencing to unpack why breaches happen and why “just add more tools” rarely fixes the root problem.
Drew walks us through the four quadrant fencing model (active vs passive, offense vs defense) and how most security programs camp out in the obvious corners. We connect the overlooked zones to modern cybersecurity strategy: applying steady pressure that limits attacker options, building aggressive defensive moves that anticipate human behavior, and spotting the “seam” where urgency and confusion let a threat actor land one clean strike. If you work in healthcare cybersecurity, we also dig into why ransomware and business email compromise keep hitting so hard and how internal business pressure makes incidents worse.
On the legal and vendor risk side, we get real about cyber insurance requirements, unlimited liability, and how BAAs and data sharing agreements can smuggle in heavy terms that the wrong reviewer might sign. Then we pivot to AI in legal work, including Harvey AI, and explain the key limitation that matters for both lawyers and CISOs: AI can speed up review, but it cannot understand business context, risk appetite, or which deal is worth the exception.
If you liked this one, subscribe for more practical cybersecurity conversations, share it with a teammate who lives in contracts or incident response, and leave us a review with your biggest “how did that term get in there” story.
🔗 Connect with Us & Get in Touch
Tune in to Simplifying Cyber wherever you get your podcasts, or watch exclusive video content right here on the channel. Subscribe for hot takes on emerging technologies, tips and tricks for everyone looking to stay secure, and in-depth conversations about complex cybersecurity topics.
No gatekeeping and no BS. We’re here to simplify.
Official Website: www.revealrisk.com
LinkedIn: https://www.linkedin.com/company/reveal-risk
🤘 Stay Secure with Us
If this content helped you understand cybersecurity better, please give it a thumbs up, subscribe to our channel for more expert insights, and hit the notification bell so you don't miss our latest updates.
Reveal Risk delivers cybersecurity results, not just reports.
By Aaron Pritz, Cody Rivers5
1717 ratings
Send us Fan Mail
A champagne bottle, a blade, and a clean strike turns into one of the clearest cybersecurity conversations we’ve had. We’re joined by attorney and cyber contracting veteran Drew Tharp, with Todd Wilkinson stepping in as guest host, and we use swords and fencing to unpack why breaches happen and why “just add more tools” rarely fixes the root problem.
Drew walks us through the four quadrant fencing model (active vs passive, offense vs defense) and how most security programs camp out in the obvious corners. We connect the overlooked zones to modern cybersecurity strategy: applying steady pressure that limits attacker options, building aggressive defensive moves that anticipate human behavior, and spotting the “seam” where urgency and confusion let a threat actor land one clean strike. If you work in healthcare cybersecurity, we also dig into why ransomware and business email compromise keep hitting so hard and how internal business pressure makes incidents worse.
On the legal and vendor risk side, we get real about cyber insurance requirements, unlimited liability, and how BAAs and data sharing agreements can smuggle in heavy terms that the wrong reviewer might sign. Then we pivot to AI in legal work, including Harvey AI, and explain the key limitation that matters for both lawyers and CISOs: AI can speed up review, but it cannot understand business context, risk appetite, or which deal is worth the exception.
If you liked this one, subscribe for more practical cybersecurity conversations, share it with a teammate who lives in contracts or incident response, and leave us a review with your biggest “how did that term get in there” story.
🔗 Connect with Us & Get in Touch
Tune in to Simplifying Cyber wherever you get your podcasts, or watch exclusive video content right here on the channel. Subscribe for hot takes on emerging technologies, tips and tricks for everyone looking to stay secure, and in-depth conversations about complex cybersecurity topics.
No gatekeeping and no BS. We’re here to simplify.
Official Website: www.revealrisk.com
LinkedIn: https://www.linkedin.com/company/reveal-risk
🤘 Stay Secure with Us
If this content helped you understand cybersecurity better, please give it a thumbs up, subscribe to our channel for more expert insights, and hit the notification bell so you don't miss our latest updates.
Reveal Risk delivers cybersecurity results, not just reports.

8,051 Listeners

10,182 Listeners