The Segment

The Monday Microsegment for the week of March 30. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast. ShinyHunters scales up its Salesforce extortion campaign, hitting major targets around the globe. Zero-day exploits aren’t cool. Do you know what’s cool? Negative-day exploits. And it’s sunshine and cyber alerts for the Golden State as California municipalities face disruptive attacks. And Gary Barlet joins us to unpack RSAC 2026 and the AI buzz.  Head to The Zero Trust Hub: hub.illumio.com Get the Industry’s First Vendor-Neutral Zero Trust Certification: https://www.illumio.com/zero-trust-certification   

Social engineering attacks may evolve with new technology, but the core tactic hasn’t changed in decades: exploiting human trust. In this episode of The Segment, host Raghu Nandakumara sits down with Timothy Kromphardt, Senior Threat Researcher at Proofpoint to explore how modern scams actually work behind the scenes. Tim spends his days engaging directly with threat actors—sometimes for months at a time—to understand how fraud campaigns operate, how scammers build trust, and how they ultimately convince victims to hand over money or sensitive information. Together, they unpack the mechanics of today’s most common scams, including TOAD (telephone-oriented attack delivery) attacks, business email compromise, and the increasingly sophisticated “pig butchering” investment scams that can drain victims’ life savings after months of relationship-building. Together, Raghu and Tim unpack: Why social engineering continues to succeed—even as security technology improves   How pig butchering scams build trust over months before stealing massive sums   What happens when researchers directly engage with scammers   Why AI is helping attackers scale operations—but not necessarily replace humans   Practical steps organizations and individuals can take to reduce their risk   If you’ve ever wondered how scammers actually operate—or why even highly successful professionals sometimes fall victim—this episode offers a rare inside look at the human side of cybercrime.   Stay Connected with our host, Raghu on LinkedIn For more information about Illumio, check out our website at illumio.com 

The Monday Microsegment for the week of March 23. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast. The 3.4 million records exposed in massive healthcare tech breach Federal officials hunt for answers in the wake of Iran’s attack on Stryker Why cybercriminals are ditching malware for phone calls And Christer Swartz joins us for a Boos and Bravos segment!  Head to The Zero Trust Hub: hub.illumio.com Register for Hard Truths in Cybersecurity: Fear, Liability, and the Industry’s Biggest Lies: https://www.illumio.com/resources/events/rsac-2026-registration

The Monday Microsegment for the week of March 16. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast. As many as two hundred thousand devices wiped clean by Iranian hackers. A new class of malware uses AI to rewrite its own source code. And confidence vs. reality: New research shows that most security teams can’t stop a breach in real-time. And John Kindervag argues that most cybersecurity incidents aren’t caused by a lack of technology — they’re caused by bad policy. Read his full article here: https://www.linkedin.com/pulse/cybersecurity-has-resilience-problem-tool-john-kindervag-hyxaf/?trackingId=jguODXNgCbhRZs5puz%2B18Q%3D%3D Head to The Zero Trust Hub: hub.illumio.com Register for Hard Truths in Cybersecurity: Fear, Liability, and the Industry’s Biggest Lies: https://www.illumio.com/resources/events/rsac-2026-registration

AI is moving faster than any technology shift we’ve seen before—but security is still being treated as an afterthought.   In this episode of The Segment, host Raghu Nandakumara sits down with Joshua Woodruff, Founder & CEO of Massive Scale AI, to explore what it really takes to adopt AI, especially agentic AI, without putting your business at risk. Josh brings nearly 30 years of experience across security, cloud, and IT transformation, advising organizations from startups to Fortune 100 enterprises. As a zero trust thought leader, co-lead of the Cloud Security Alliance Zero Trust Working Group, and author of Agentic AI + Zero Trust, Josh shares why AI isn’t just another tools-led transformation—it’s a fundamental re-engineering of how work gets done. Together, Raghu and Josh unpack: Why AI should be viewed as “commoditized intelligence,” not a human replacement   The unique security challenges of stochastic, non-deterministic AI systems   How Zero Trust provides a business-aligned foundation for securing AI and data   What it means to treat AI agents like digital employees—with identities, guardrails, and codes of conduct   Real-world examples of AI agents going off the rails—and how to prevent it   Josh’s five-question “Agentic Trust Framework” for securing autonomous AI systems   Why security teams have a rare opportunity to become true enablers of AI-driven transformation If you’re a business leader, technologist, or security professional grappling with how to move fast on AI without breaking trust, this episode offers a clear, practical, and grounded roadmap for doing AI right—securely, responsibly, and at scale.     Resources Mentioned: https://www.amazon.com/Agentic-AI-Zero-Trust-Business-ebook/dp/B0FL2WJQVQ   Stay Connected with our host, Raghu on LinkedIn For more information about Illumio, check out our website at illumio.com 

The Monday Microsegment for the week of March 9. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast. Google unmasks an advanced — maybe government-leaked — exploit kit targeting Apple devices. Iran’s Muddy Waters hacking group is shaping up to be a clear threat to U.S. networks. And the White House signals that the best cyber defense might be cyber offense. And Aishwarya Ramani on this year’s International Women’s Day theme — and why empowering women in cybersecurity gives the entire industry momentum.  Head to The Zero Trust Hub: hub.illumio.com Register for Hard Truths in Cybersecurity: Fear, Liability, and the Industry’s Biggest Lies: https://www.illumio.com/resources/events/rsac-2026-registration    

The Monday Microsegment for the week of March 2. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast. Security leaders brace for an epic backlash to U.S. and Israeli attacks on Iran. Meanwhile, Iran’s domestic internet cutoff provides a threat intel goldmine for defenders. And CISA gets a new leader as the agency navigates more than a year of internal turmoil. And Christer Swartz joins us to bust a cybersecurity myth!   Head to The Zero Trust Hub: hub.illumio.com Join us at RSAC in San Francisco: https://www.illumio.com/resources/events/rsac-2026-registration

What separates organizations that pass audits from those that survive real incidents? In this episode of The Segment, host Raghu Nandakumara sits down with Phil Park, global cybersecurity and risk leader at IBM. With more than 25 years advising financial institutions across the U.S., Europe, and Asia-Pacific, Phil brings a practical perspective on how supervision is rapidly evolving from compliance checklists to real-world operational readiness. Together, Raghu and Phil unpack the industry’s biggest mindset shift: regulators no longer ask “Are you protected?” — they ask “Can you operate through disruption?” They explore why prevention alone is no longer enough, why containment and recovery now define security maturity, and how CISOs are moving from siloed operators to enterprise-wide risk leaders accountable to boards and regulators alike. The conversation also dives into: Why regulators evaluate response quality rather than technical perfection   How organizations are turning tabletop exercises into realistic resilience testing   The growing pressure created by third-party and supply-chain dependencies   Why evidence and outcomes matter more than policies and frameworks   How overlapping reporting requirements are reshaping incident response playbooks   The double-edged role of AI in both defense and attack, including deepfake risks   Why security fundamentals matter even more in the AI era   This episode is a must-listen for security leaders and executives navigating a world where passing the audit is no longer the goal — proving you can withstand disruption is. Also, if you’re attending FSISAC, join Illumio, IBM, and Palo Alto Networks for an exclusive dinner at Capital Grille! Save your seat here: https://lp.illumio.com/20260302-Steak-And-Security-Dinner.html?utm_medium=email&utm_source=marketo

The Monday Microsegment for the week of February 23. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast. Hackers hijack nearly half a million dollars in New York school fraud. Government agencies breached after attackers exploit Ivanti zero-day vulnerability. And state-backed hackers weaponize generative AI to sharpen cyber operations. And Christer Swartz joins us to unpack this month's Boos and Bravos.  Head to The Zero Trust Hub: hub.illumio.com Join us at RSAC in San Francisco: https://www.illumio.com/resources/events/rsac-2026-registration

The Monday Microsegment for the week of February 16. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.Hackers hijack nearly half a million dollars in New York school fraud.Government agencies breached after attackers exploit Ivanti zero-day vulnerability.And state-backed hackers weaponize generative AI to sharpen cyber operations.And Michael Adjei explains why the cybersecurity “talent shortage” might actually be an allocation problem.Head to The Zero Trust Hub: hub.illumio.comJoin us at RSAC in San Francisco: https://www.illumio.com/resources/events/rsac-2026-registration