Sign up to save your podcasts
Or
Share Why $50 Bribes Are Breaching Enterprises - Ep64 - Michael Waite, Dune Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Why $50 Bribes Are Breaching Enterprises - Ep64 - Michael Waite, Dune Security
On this episode of Cyber Security Matters, hosts Harry Baldwin and Matt Rose sit down with Michael Waite, Co-founder and CTO of Dune Security. Michael shares his journey from enterprise consulting to building a venture-backed startup tackling one of security's stickiest problems: the human element.
Episode Summary
Michael discusses how traditional security awareness training fails to change human behaviour and why the threat landscape has shifted dramatically toward off-channel attacks via WhatsApp and encrypted apps. He reveals how attackers are using AI-powered voice cloning and open-source intelligence to launch sophisticated social engineering campaigns, and shares his personal security practices. Michael also explains how Dune Security uses AI defensively to quantify individual risk and drive targeted interventions that achieve a two-order-of-magnitude improvement in employee security posture.
Key Topics Covered
The transition from hands-on-keyboard building to strategic leadership as a startup scales
How Dune's CISO Advisory Council shaped the product from day one
Why soft skills and curiosity matter more than technical expertise in hiring
The shift from email phishing to off-channel attacks on personal devices
Real-world examples including the MGM breach and $50 bribes in lower-cost delivery centres
Personal security practices anyone can adopt
Using AI defensively for individual-level risk quantification
Chapters
00:00 – Introduction
01:12 – How Michael got into cybersecurity
04:43 – Key influences and leadership lessons from consulting
07:05 – Mindset shift from consultant to co-founder/CTO
09:05 – Building the CISO Advisory Council
10:59 – Talent acquisition strategy and team building
13:51 – The skills shortage debate and what really matters in hiring
16:58 – The state of enterprise security and the human element
19:42 – Off-channel attacks and the WhatsApp threat
23:03 – What motivates attackers: bribes, data, and disruption
25:00 – Why no business is safe from AI-powered attacks
27:00 – Personal security tips
29:24 – AI on the defensive side: how Dune Security uses it
32:47 – Changing the "tick the box" compliance mindset
35:42 – Advice for those entering cybersecurity
Guest Bio
Michael Waite is the Co-founder and CTO of Dune Security, a company focused on protecting enterprises from modern social engineering threats. His career spans building secure platforms, leading large-scale cloud migrations, and scaling security solutions for Fortune 50 organisations. Under his technical leadership, Dune Security has raised $8 million in pre-seed and seed funding.
View all episodes
By The Cyber Security Matters PodcastOn this episode of Cyber Security Matters, hosts Harry Baldwin and Matt Rose sit down with Michael Waite, Co-founder and CTO of Dune Security. Michael shares his journey from enterprise consulting to building a venture-backed startup tackling one of security's stickiest problems: the human element.
Episode Summary
Michael discusses how traditional security awareness training fails to change human behaviour and why the threat landscape has shifted dramatically toward off-channel attacks via WhatsApp and encrypted apps. He reveals how attackers are using AI-powered voice cloning and open-source intelligence to launch sophisticated social engineering campaigns, and shares his personal security practices. Michael also explains how Dune Security uses AI defensively to quantify individual risk and drive targeted interventions that achieve a two-order-of-magnitude improvement in employee security posture.
Key Topics Covered
The transition from hands-on-keyboard building to strategic leadership as a startup scales
How Dune's CISO Advisory Council shaped the product from day one
Why soft skills and curiosity matter more than technical expertise in hiring
The shift from email phishing to off-channel attacks on personal devices
Real-world examples including the MGM breach and $50 bribes in lower-cost delivery centres
Personal security practices anyone can adopt
Using AI defensively for individual-level risk quantification
Chapters
00:00 – Introduction
01:12 – How Michael got into cybersecurity
04:43 – Key influences and leadership lessons from consulting
07:05 – Mindset shift from consultant to co-founder/CTO
09:05 – Building the CISO Advisory Council
10:59 – Talent acquisition strategy and team building
13:51 – The skills shortage debate and what really matters in hiring
16:58 – The state of enterprise security and the human element
19:42 – Off-channel attacks and the WhatsApp threat
23:03 – What motivates attackers: bribes, data, and disruption
25:00 – Why no business is safe from AI-powered attacks
27:00 – Personal security tips
29:24 – AI on the defensive side: how Dune Security uses it
32:47 – Changing the "tick the box" compliance mindset
35:42 – Advice for those entering cybersecurity
Guest Bio
Michael Waite is the Co-founder and CTO of Dune Security, a company focused on protecting enterprises from modern social engineering threats. His career spans building secure platforms, leading large-scale cloud migrations, and scaling security solutions for Fortune 50 organisations. Under his technical leadership, Dune Security has raised $8 million in pre-seed and seed funding.