In this episode of The Security Strategist podcast, host Richard Stiennon, industry analyst and author, speaks to Craig Roberts, Principal Software Engineer at Rapid7, about digital exposure and the increasing challenges of Attack Surface Management (ASM).

The conversation peels back the layers of hidden vulnerabilities and misconfigurations that plague today’s digital world. The speakers offer expert advice into how businesses can better understand, prioritise, and manage their expanding attack surfaces.

"It's all about the kind of different steps an attacker takes. The attack surface simply means when an attacker can exploit to get to my goal and align to my mission," says Craig Roberts, Principal Software Engineer at Rapid7.

Also the Co-founder of Noetic (acquired by Rapid7), Roberts’ journey into attack surface management began from a practical observation. He found that many cybersecurity incidents came from overlooked assets. Such incidents could be unmonitored servers or lack of Endpoint Detection and Response (EDR). 

"We set out to raise that hygiene bar through preventative controls," he explains. The typical view of an attack surface is often limited to external website scans. "That's only a small piece of it these days. It's often where an attacker will start. It’s an initial foothold. Everything past that point is also still an attack surface." 

Emphasising the diverse nature of attack vectors, Roberts adds, "We don't have a homogenous way. Attackers both initially gain access and then start moving towards their target." This means that a single misstep or vulnerability across any of these areas can allow an attacker to achieve their objective.

Looking ahead, Roberts recommends CISOs to focus on having all enterprise data and understanding their environment across all assets. These assets are – cloud, users, and traditional infrastructure. 

Then, layer on an understanding of "exposures" rather than just Common Vulnerabilities and Exposures (CVEs). This includes cloud misconfigurations, identity-related issues like MFA misconfigurations, and, zero-days.

"Treat those in a similar way because at the end of the day, we need to prioritise those exposures because the attacker isn't going to care about the weapon they use," Roberts concludes. This holistic approach, built on foundational trust in shared data across various security vendors and tools. 

Such a strategy is crucial for gaining a central view of risk and efficiently mitigating the diverse threats facing modern enterprises.

A key takeaway from the discussion is the importance of understanding an organisations’ assets and how critical each is. Roberts argues that, while organisations may spend significant effort on re-scoring and building "vulnerability intelligence pipelines," it’s not often known which critical assets those vulnerabilities reside on.

"The asset is a really important thing. How important that is to your business, and what data and mitigations it has in it hugely affects the risk of that vulnerability," he stresses.

• Understanding the attack surface is crucial for effective cybersecurity.
• Attackers exploit various vulnerabilities to achieve their goals.
• Prioritization of vulnerabilities is essential due to the overwhelming number of CVEs.
• Zero-day vulnerabilities pose significant risks that require immediate attention.
• IoT devices present unique challenges in vulnerability management.
• Effective management of attack surfaces can deter opportunistic attackers.
• Visibility into assets and their configurations is key to risk management.
• Collaboration between security vendors enhances data sharing and threat response.
• Organisations must treat all exposures equally, regardless of their nature.
• A proactive approach to security can reduce the likelihood of successful attacks.

00:00 Introduction to Attack Surface Management

03:02 Understanding the Evolving Attack Surface

05:55 Types of Attackers and Their Motivations

08:52 Prioritizing Vulnerabilities and Exposures

12:09 Zero-Day Vulnerabilities and IoT Challenges

15:04 Management Strategies for Attack Surfaces

17:56 The Importance of Asset Visibility

20:57 Key Takeaways for CISOs

Rapid7, Inc. (NASDAQ: RPD) is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7’s comprehensive security solutions help more than 11,000 global customers unite cloud risk management and threat detection to reduce attack surfaces and eliminate threats with speed and precision. For more information, visit our website, check out our blog, or follow us on LinkedIn or X.

Infosecurity Europe, Europe's leading cybersecurity event, is celebrating its 30th anniversary from June 3rd to 5th at ExCeL London. This year's conference is setting the stage for major moments in the enterprise tech space. The event aims to foster collaboration and promises to showcase the top cutting-edge cybersecurity solutions.

In this episode of the Security Strategist podcast, host Shubhangi Dua speaks with Saima Poorghobad, Portfolio director RX Global, the organiser of Infosecurity Europe about the upcoming Infosecurity Europe conference. 

They discuss the significance of the event, which celebrates its 30th anniversary, and explore key topics such as quantum computing, AI, and ransomware that will be highlighted this year. Saima shares insights into new features and innovations at the conference, emphasizing the importance of networking and preparation for attendees.

"What we're really passionate about at Infosecurity Europe is building a safer cyber world for everyone," says Poorghobad. "We support this mission by giving the community somewhere that they can combine innovation with insights, with relationships." 

Over the past three decades, Infosecurity Europe has served as a crucial cornerstone for the cybersecurity community, evolving alongside the rapidly changing threat scenarios, from the early internet to the rise of cloud and AI.

One emerging theme at Infosecurity Europe 2025 is expected to be quantum computing. Once a distant prospect but now quantum computing is a near-term horizon. The conference will kick off with a headline keynote from Professor Brian Cox, exploring how black holes and quantum mechanics hold the answer to the future of computing and cybersecurity. 

This will be followed by a panel discussion moderated by BBC cyber correspondent Joe Tidy, focusing on immediate actions organisations should take. 

Poorghobad emphasising the practical applications of this says, "teaming up that session with Professor Brian Cox followed by that panel kind of gives you that overarching theory and view of the overarching threat to see how we can actually implement and what should we be doing today and make it really practical?"

Geopolitics is another major driver of cyber. For this, Rory Stewart, former diplomat, politician, and host of "The Rest Is Politics," will speak at the event on global power dynamics. He plans to particularly discuss how shifting alliances, emerging threats, and potential global trade wars could impact access to essential hardware and software for cybersecurity. 

AI and Generative AI continue to be a key theme. Despite their initial hype, they remain at the forefront of cyber concerns. Cited as the most pressing threat in Infosecurity Europe's annual Trends Report, AI lowers the barrier to entry for bad actors and enhances capabilities for skilled attackers. A keynote session titled "Calling BS on AI" will bring together AI experts to provide insights on defending against AI threats, particularly deepfakes and AI-powered social engineering campaigns.

For more details on the event and some surprises planned, watch the full podcast.

• Infosecurity Europe is a leading gathering of cybersecurity professionals.
• The conference has evolved significantly over the past 30 years.
• Quantum computing poses a near-term threat to existing encryption protocols.
• AI is a pressing concern for cybersecurity professionals.
• Ransomware continues to be a major threat in the cyber landscape.
• New exhibitors and innovative formats are introduced each year.
• Networking opportunities are crucial for building relationships in the industry.
• Preparation is essential for maximizing the conference experience.
• Attendees can expect hands-on master classes and exclusive sessions.
• The 30th anniversary celebration will include special events and recognitions.

00:00 Introduction to Infosecurity Europe

02:45 The Evolution of Cybersecurity Over 30 Years

06:04 Key Topics for Infosecurity Europe 2025

09:12 Emerging Threats: Quantum Computing and Geopolitics

11:56 AI and Ransomware: Current Challenges

15:11 New Features and Innovations at Infosecurity Europe

22:03 Leveraging Opportunities at the Conference

“The types of attacks that we're seeing today are malicious in nature. They go to the very heart of the functioning of businesses,” stated Brett Ley, VP, Global Technical Sales at A10 Networks.

This observation from Ley sets the stage for a crucial discussion on The Security Strategist podcast. Shubhangi Dua, podcast producer and Tech journalist at EM360Tech sits down to talk about the critical need for a strong and unified approach to safeguarding digital assets against threats like DDoS attacks.

Expanding on the pervasive nature of these threats, Ley emphatically agrees that no organisation can afford to be complacent. Whether a large or small organisation and no matter where you are in the world, “everybody with IT data, employee data, application data, intellectual property of your product” faces potential risks.

Alluding to a common pitfall in security strategies, Ley points out that "a lot of people believe it's a technology only problem”. However, he explains that it’s actually a “people processing technology issue”. 

He stresses that effective cybersecurity isn't solely about the tools deployed, but also about clear roles and responsibilities, questioning "who owns the accountability within the company?” Is it everyone or is it one person or team in particular?

This leads him to advocate for the vital role of strong CISOs within organisations.

• DDoS attacks are increasingly sophisticated and varied.
• A unified security platform enhances visibility and control.
• Granular detection is essential to differentiate between good and bad traffic.
• Organisations often underestimate their exposure to cyber attacks.
• AI is becoming a crucial tool in fighting cyber threats.
• Human expertise is vital in deploying and managing security technologies.
• Continuous penetration testing helps identify vulnerabilities.
• Cybersecurity is a shared responsibility across all levels of an organisation.
• Smaller organisations need to leverage external expertise for security.
• Proactive measures are essential to prevent potential cyber threats.

00:00 Introduction to Cybersecurity Challenges

03:06 Understanding DDoS Attacks

05:45 The Importance of Unified Security Platforms

09:05 Granular Detection in Cybersecurity

12:09 Real-World DDoS Mitigation Examples

15:07 AI in Cybersecurity: The New Frontier

17:59 The Human Element in Cyber Defense

20:12 Common Misconceptions About DDoS

23:56 Proactive Cybersecurity Measures

26:51 Future Cyber Threats and Nightmares

A10 Networks provides security and infrastructure solutions for on-premises, hybrid cloud, and edge-cloud environments. Their offerings help over 7000 customers, including global large enterprises and communications, cloud, and web service providers, ensure that business-critical applications and networks are secure, available, and efficient.

A10 Networks was founded in 2004 by Lee Chen and is based in San Jose, California. Lee Chen served as CEO until late 2019. The current CEO and President of A10 Networks is Dhrupad Trivedi, who assumed the role in December 2019.

• #Personnelsecurity is crucial for organisations and individuals.
• There is a significant talent shortage in the #cybersecurityindustry.
• #AI can enhance security measures but cannot replace human instinct.
• Outsourcing security functions can be beneficial for smaller organisations.
• The pressure on cybersecurity roles is immense and can lead to high turnover.
• AI will play a larger role in automating security responses in the future.
• Understanding the risks of outsourcing versus insourcing is vital for businesses.

On this episode of #TheSecurityStrategist, host Keyari Page welcomes Tony King, Senior Vice President of International Sales at NETSCOUT. They discuss what personnel security is and why it's important for individuals and organisations to prioritise it. 

To explain this, King introduces the concept of “knowledgeable instinct.” This means using both what people know and what AI can do to find and deal with cyber threats. 

He emphasises that AI’s role is to be an extra “12th” player on your “football team,” making the defense that much stronger. 

Listeners will gain a deeper perspective on the dynamic nature of the threat landscape, including the ways in which malicious actors leverage AI, and the continuous necessity for proactive threat prediction and prevention measures. 

Tune in to understand the need for ongoing education and continuous skill development in a “never-ending chess game” of personnel security.

For the latest tech insights visit: em360tech.com

• #Cloudmarketplaces function like a digital mall for various services.
• Continuous monitoring and detection of threats are essential.
• Legislation like NIST 2 and Dora impacts cloud security practices.
• Zero trust methodology is advised in securing cloud connections.
• Regular penetration testing and vulnerability management are necessary.
• Data strategy is key when implementing #AI in cloud services.
• Centralising identity management can limit security risks.

On the #SecurityStrategistpodcast, host Keyari Page delves into the dynamic world of cloud marketplace ecosystems with Mostyn Thomas, Senior Director of Security at Pax8. 

Listeners can gain a comprehensive understanding of these digital hubs where IT professionals and managed service providers (MSPs) can select from a diverse range of services.

Imagine a digital "mall," that's essentially a cloud marketplace. Within it, organisations can find "stores" that offer everything from identity and access management and cutting-edge API security.

The conversation also explores the crucial challenge of establishing secure cloud connections, where Thomas emphasises the importance of a "zero trust" security model. 

This approach requires a diligent verification process for every connection and user within the cloud environment, regardless of location or perceived trustworthiness.

Tune in to learn its potential and evolving security challenges that must be addressed to ensure a safe and reliable experience for all stakeholders.

For the latest tech insights visit: em360tech.com

• #Databackups are essential for business continuity.
• The 3-2-1 backup #strategy is crucial for data protection.
• Testing backup systems is necessary to ensure data recovery.
• Businesses should back up all critical data sets.
• #AI can assist in data classification for backups.
• Avoid keeping backups in the same location as primary data.
• Understanding when data became corrupted is vital for recovery.

Join host Keyari Page as she welcomes Jon Fielding, Managing Director of Apricorn to discuss data backups. 

They break down the basics of what data backups are and explain why they are so critical for businesses, especially in today's world of frequent ransomware attacks.

This episode offers practical guidance on setting up a good backup system. You'll discover how to identify your key data, prioritise its protection and avoid errors that could compromise your information.

Fielding also shares the valuable 3-2-1 backup strategy – a simple but powerful rule to minimise risk. 

The discussion even touches on the potential role of AI in data backups, exploring both its benefits and the importance of maintaining human oversight.  

This podcast provides actionable insights and expert guidance to help you protect your valuable data and ensure business continuity. 

Tune in to gain the knowledge and confidence you need to navigate the complexities of data security!

For the latest tech insights visit: em360tech.com

• #DDoS can mimic legitimate traffic, making detection difficult.
• #Botnets are often created from compromised IoT devices.
• Motivations for DDoS attacks range from hacktivism to personal grievances.
• Residential IP proxy networks complicate DDoS defense.
• #AI is increasingly being used in both attacks and defenses.
• The future of cybersecurity will require AI-assisted solutions.
• Organisations must understand their traffic to defend effectively.

In this episode of The Security Strategist podcast, host Keyari Page leads an engaging conversation with David Warburton, Director of Threat Research at F5 Labs, focusing on Distributed Denial of Service (DDoS) attacks.

DDoS attacks are “one of the oldest cybersecurity attacks”. It’s an attempt to incapacitate a network, server, or website by overwhelming it with huge amounts of traffic.

However, despite their long history, DDoS attacks remain a significant problem. This is due to the fact that they “look like really popular, busy websites” which can lead to legitimate traffic being generated.

Warburton explains that they could be employed for a number of reasons, such as hacktivism, gaming-related conflicts, and geopolitical manipulation. A key example is of a Russian operation which used a digital attack to mimic a French protest against pension reform. This spread disinformation and created real world tension.

Tune into the latest episode to hear Warburton’s advice to businesses on tackling DDoS attacks.

For the latest tech insights visit: EM360Tech.com

"If you envision a world where what would be the most ideal way to make access management IAM decisions, to enable people to access internal things, you'd want to do a few things,” reflects Bobby DeSimone, Founder and CEO at Pomerium.

In this episode of The Security Strategies Podcast, host Alejandro Leal, cybersecurity expert and senior analyst at KuppingerCole Analysts AG speaks with DeSimone about the shifting focus in security to internal access solutions, particularly in identity and access management [IAM].

DeSimone emphasises the importance of simplifying typically complex internal access management IAM solutions. He suggests directing focus on the foundational need for secure and user-friendly access among other recommendations.

Additionally, he shares insights from his journey in the privileged access management space, discussing the limitations of traditional perimeter-based security and the need for a more comprehensive approach to identity and access.

The conversation also explores the challenges posed by client-based access solutions, the importance of context-driven access, and how Pomerium's clientless approach to device health is reforming internal access management IAM.

As threats become more sophisticated and workforces more distributed, the once impenetrable "castle and moat" approach leaves organisations vulnerable in terms of identity and access. As such, this podcast addresses the limitations of conventional access management IAM solutions and explores a modern, context-driven approach to securing internal assets.

DeSimone argues that the numerous acronyms like SASE, CASB, and PAM, while representing different facets of privileged access, ultimately fall under the umbrella of "just actually one big market under it, which is the internal identity and access market". The core challenge lies in moving beyond login-based authorization to a more granular, context-driven access model.

Watch the podcast to learn more about how to overcome traditional complexities and approach a more modern and relevant internal access management IAM solution.

• Bobby's journey in security began with privileged access management.
• Traditional perimeter-based security has significant limitations.
• Organisations struggle with internal access despite strong outer defenses.
• Client-based access solutions introduce administrative burdens and vulnerabilities.
• Context-driven access is essential for modern security solutions.
• Pomerium supports clientless device identity for easier access management.
• The security landscape is evolving towards a more integrated internal access market.
• Real-world applications of Pomerium show its effectiveness across industries.
• CISOs should prioritize securing internal assets without traditional complexities.
• Pomerium offers a flexible approach to access control on organisational terms.

00:00 Introduction to Security Strategies Podcast

01:02 Bobby's Journey in Security and PAM

03:01 Challenges of Traditional Client-Based Access Solutions

05:53 Market Segmentation and Context-Driven Access

09:02 Pomerium's Approach to Device Health and Clientless Access

12:03 Beyond the Perimeter: Real-World Applications of Pomerium

16:51 Key Takeaways for CISOs

Pomerium is a zero-trust reverse proxy that helps enterprises manage secure application access. Authenticate, authorise, monitor, and secure user access to any application without a VPN. Access is driven by identity and context.

Pomerium allows you to use your existing identity provider, such as Okta, Active Directory, Google, Gsuite, or OneLogin to add single-sign-on authentication to any application. It enables you to add access control to any app, providing a standardised interface to do so whether an application itself has authorisation or authentication baked-in. This allows developers to focus on their apps, rather than reinventing access control mechanisms.

Takeaways

• #ExposureManagement involves assessing multiple factors, not just single scans.
• Organisations must optimise their remediation capacity due to limited resources.
• Visibility is crucial, but finding the most important exposure is essential.
• #TraditionalVulnerability management programs are becoming ineffective.
• Exploitability is the key criterion for prioritising remediation efforts.
• Automated scanning can provide rapid insights into vulnerabilities.
• Time taken to remediate is critical for effective security management.

Summary

In this episode of the Security Strategist, Richard Stiennon, Chief Research Analyst at IT Harvest and industry leader, speaks with Marc Gaffan, the CEO of IONIX.

They explore the core challenges facing #cybersecurity professionals — particularly in a rapidly evolving digital landscape — and discuss innovative approaches to attack surface management.

Gaffan explains exposure management isn't just about looking at one scan, vulnerability, or way an organisation could be exploited. Instead, it takes a holistic approach to understand what "exposure" means for organisations.

Listen to the full conversation on how to adapt your security strategy to today's potential threats. Gaffan's expertise provides valuable guidance for any security professional looking to stay ahead of the curve.

For more tech insights visit EM360Tech.com

Takeaways

• #Peacetimesecurity is no longer sufficient in modern cloud environments.
• AI and automation are essential for effective security management.
• Real-time security platforms can prevent breaches before they occur.
• Integrating security into the development process is crucial for success.
• Key metrics include mean time to detect and remediate vulnerabilities.
• A unified #dataarchitecture is vital for effective security operations.
• Automation can significantly reduce analyst workload and alert fatigue.
• Organisations should evaluate vendors based on their ability to adapt to evolving threats.

Summary

Is your organisation still relying on outdated “peacetime” security solution strategies in the face of rapidly evolving #cloudthreats? Host Brad LaPorte explores answering this question with guest Ory Segal, Technical Evangelist of Cortex Cloud, Palo Alto Networks. They  discuss how the dynamic nature of modern cloud environments and increasing adoption of AI are compelling organisations to move beyond traditional "peacetime" network security measures.

In this episode of the Security Strategist, Segal explains the difference between securing traditional monolithic applications and modern cloud-native applications. “Modern cloud native applications, beyond the fact that it's deployed to the cloud, entails something completely different,” Segal states, stressing the complexity of various technological layers in cloud services.

Join the conversation as we discuss the shift from static security models to dynamic, real-time protection, and leveraging #AI to mitigate cloud security threats and strengthen network protection. Learn what this means for your organisation and how to adapt your cloud security solutions.

For the latest tech insights visit: EM360Tech.com