Security Weekly Podcast Network (Video)

Interview - Ben Worthy from Airbus Protect The current state of OT security and business resilience In this episode of Enterprise Security Weekly, we sit down with Ben Worthy, OT Security Specialist at Airbus Protect, to explore the evolving landscape of business resilience in safety-critical sectors. With over 25 years of experience across aerospace, nuclear, water, oil & gas, and other industries, Ben shares insights on how organizations are adapting to the surge in disruptive cyberattacks—from ransomware targeting operational technology to GPS spoofing and supply chain incidents. We discuss major cases including the Boeing/LockBit ransom demand, the Jaguar Land Rover production shutdown, and the SITA passenger data breach, examining how aviation and other critical infrastructure sectors are separating safety risk from business continuity risk. Ben also breaks down the regulatory changes reshaping the industry, including EASA's October 2025 and February 2026 deadlines that tie cyber assurance directly to safety oversight, and what ENISA's latest numbers reveal about hacktivism and ransomware trends. Whether you're in aviation, nuclear, or any safety-critical sector, this conversation offers practical lessons on building resilience that keeps operations moving while addressing threats in real time. This segment is sponsored by Airbus Protect. Visit https://securityweekly.com/airbusprotect to learn more about them! Topic: Where are the business incentives to build secure products and software? "It's the right thing to do," so of course businesses will make their products secure, right? Well, it turns out that breaches and vulnerabilities don't traditionally hurt financial performance all that much. Stocks recover, insurance covers the bulks of the losses, fines are paid, and lawsuits are settled. Most businesses can comfortably absorb the impact, so the threat of reputational harm or financial losses just aren't slowing them down. In the case of Ivanti, where the reputational harm was extreme, the company's companies continue to get hacked as critical vulnerabilities keep getting discovered in their products. https://www.bloomberg.com/news/features/2026-02-19/vpn-used-by-us-government-failed-to-stop-china-state-sponsored-hackers In this topic segment, we don't aim to provide solutions to this problem, just the awareness that ethics, doing the right thing, and even signing the Secure by Design pledge don't seem to be enough to change vendor behavior when it comes to securing products. The Weekly Enterprise Security News Finally, in the enterprise security news, RSA Innovation Sandbox hot takes Did AI solve cyber? fundings and acquisitions a free app to warn you about smart glasses deep thoughts about OpenClaw replacing US tech with EU equivalents is hard should you turn off dependabot? accidentally taking over 7000 robot vacuums the director of AI Safety at Meta loses her email somehow should you go back to using a blackberry? All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-448

Brainstorm, SonicWall, Junos, Glienicke Brücke, Burger King, Claude, Josh Marpet, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-559

First up is a technical segment called "Paul's Linux Hacks". I finally got around to releasing a bunch of scripts and tutorials for Linux that I've created over the years. We'll go over scripts that can give you a supply chain security report and help you update your Arch-based Linux systems and the tutorial for using Linux KVM/Qemu/Libvirt. Repo is here: https://github.com/pasadoorian/Linux_Hacks Next up is the security news: Controlling 7,000 robot vacuums Curl finds not all AI is bad Palo Alto says "These are not the ties to China you were looking for" Bloomberg writes an article that sheds light on Ivanti Looking for BLE is a trend Don't use AI to generate you passwords New research on hacking Samsung TVs Its not all about gadgets Ring's new bug bounty Paul will be voted in as Prime Minister of Denmark? Hacking AI, AI does some hacking, and hackers are talking about AI Show Notes: https://securityweekly.com/psw-915

Most organizations view security as a cost center, a "check-the-box" expense rather than a strategic investment. This mindset leads to chronic underfunding, reactive, panic-driven decision-making, and high staff turnover. It also hampers innovation, strategic initiatives, and customer trust. What if security was viewed as a business enabler, not a cost center? Elyse Gunn, CISO at Nasuni, joins Business Security Weekly to discuss how to make security a business enabler, turning security from a cost center into a profit center. Elyse discusses why aligning security initiatives to business drivers is the key to addressing trust, both internally and externally, and how it solves the biggest security priorities for organizations, including: Data Privacy AI Security, and Nth Party Risk In the leadership and communications segment, With CISOs stretched thin, re-envisioning enterprise risk may be the only fix, To Lead Through Uncertainty, Unlearn Your Assumptions, Leaders, Consider Pausing Before Acting on Employee Feedback, and more! Show Notes: https://securityweekly.com/bsw-436

Infinite AI Monkeys, Ploutus, Serv-U, Fortinet, Cyberwar, COBOL, NIST, Dr. Strangelove, Aaran Leyland, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-558

Journalists put a lot of effort into collecting information and protecting their sources, but everyone can benefit from having a digital environment that's more secure and more privacy protecting. Runa Sandvik shares her experience working with journalists and targeted groups to craft plans for how they use their devices and manage their information. And she also makes the point that the burden of security should not be just for users -- platforms and software providers should be evaluating secure defaults and secure designs that improve protections for everyone. Resources https://techcrunch.com/2025/03/13/apples-lockdown-mode-is-good-for-security-but-its-notifications-are-baffling/ https://www.glitchcat.xyz/p/lessons-learned-from-the-2021-arrest https://gijn.org/resource/introduction-investigative-journalism-digital-security/ https://cpj.org/ Show Notes: https://securityweekly.com/asw-371

Segment 1 - Interview with Tim Morris Bringing intelligence to assets You've been through 6 CMDB projects in the last decade. None of them came close to the original goals, the CMDB was already out-of-date long before the project had any hopes of completing. Is building an asset inventory just too ambitious a project for most organizations, or is there a better way? Tim Morris shares a different approach with us today. It might require some convincing and some courage, but it seems much more likely to succeed than any of your past CMDB efforts… Segment Resources Trusted automation: Building autonomous IT with confidence This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them! Segment 2 - Topic: the new White House cybersecurity strategy In this segment, we explore some early details about the White House's new, but yet unreleased cybersecurity strategy. It appears that drafts have been shared (or leaked) to the press, so there's plenty to discuss here! Segment 3 - News Finally, in the enterprise security news, Massive amounts of funding and acquisitions as we get close to RSA Open source registries need help Microsoft Copilot reads email marked as DO NOT READ Don't use an LLM to generate passwords is prompt injection a vulnerability defining risks AI changes the build versus buy equation the scammer's perspective All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-447

The Code of Hammurabi, Rockyou, MimicRat, Google, Trustconnect, Introsort, AI, Josh Marpet, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-557

AI says that this is the show where we turn coffee into threat intelligence and cigar smoke into packet captures. This week: a firmware backdoor living its best life inside Android tablets a fresh BeyondTrust RCE that already has scanners circling like seagulls over a french fry. Lenovo Vantage reminds us that "preinstalled convenience" is just another way to spell "attack surface." Texas is taking a swing at TP-Link supercomputers with a 20-year-old Munge bug that still has teeth. Your AI coding assistant might be quietly squirreling away secrets macOS gets a visit from an infostealer delivered as helpful add-ons Chrome extensions allegedly spy on millions open source maintainers drowning in AI-generated nonsense Windows flirting with smartphone-style permission prompts. Put your passwords in a vault, not in a repo, and stay tuned for Paul's Security Weekly! Show Notes: https://securityweekly.com/psw-914

The Security Weekly 25 index and the NASDAQ diverge. Funding and acquisitions continue shift to AI. Are security stocks out of favor? Netskope enters the index, but does not replace CyberArk, as Thoma Bravo buys Verint. We'll dig into all of this and more! The index is now made up of the following 25 stocks: SAIL Sailpoint Inc PANW Palo Alto Networks Inc CHKP Check Point Software Technologies Ltd RBRK Rubrik Inc GEN Gen Digital Inc FTNT Fortinet Inc AKAM Akamai Technologies Inc FFIV F5 Inc ZS Zscaler Inc OSPN Onespan Inc LDOS Leidos Holdings Inc QLYS Qualys Inc NTSK Netskope Inc CYBR Cyberark Software Ltd TENB Tenable Holdings Inc OKTA Okta Inc S SentinelOne Inc NET Cloudflare Inc CRWD Crowdstrike Holdings Inc NTCT NetScout Systems Inc VRNS Varonis Systems Inc RPD Rapid7 Inc FSLY Fastly Inc RDWR Radware Ltd ATEN A10 Networks Inc Show Notes: https://securityweekly.com/bsw-435