In this episode of the Secure by Design podcast, host Daniel Kulig engages with Horatio Morgan, a digital innovation expert, to explore the intricate relationship between big data, AI, and cybersecurity. They discuss the importance of data governance, the challenges organizations face in balancing data scale with security and privacy, and the emerging threats in AI.
Horatio shares insights on the key stakeholders in AI governance, influential regulatory frameworks, and practical tools for ensuring privacy. The conversation also covers case studies of successes and failures in data governance, predictions for the future of AI, and advice for organizations and professionals navigating this complex landscape.
Takeaways
In this episode of Secure by Design, host Daniel Kulig and guest Christopher Buch from Nimblr Security discuss the often-overlooked human aspect of cybersecurity.
They explore how human behavior plays a critical role in cybersecurity, the psychological triggers that lead to phishing attacks, and the importance of effective cybersecurity awareness training.
The conversation emphasizes the need for ongoing training, fostering a security culture within organizations, and the role of leadership in promoting cybersecurity awareness. They also touch on future challenges, including the impact of AI on phishing attacks and the necessity for organizations to adapt their approaches to different cultures and age groups.
takeaways
In this episode of Secure by Design, host Daniel sits down with Sandamali to explore the rapidly evolving intersection of AI, cybersecurity, and governance. From AI's role in risk amplification to the evolving responsibilities of the CISO, they dive into the challenges and opportunities of governing AI in today's digital landscape.
Sandamali shares insights into how Governance, Risk, and Compliance (GRC) is adapting to handle AI, along with real-world use cases and pitfalls that companies should watch out for. Plus, learn how organizations can build an AI-ready, security-first culture and prepare for the future of AI governance. Don’t miss this engaging conversation on navigating AI’s sharp edges while securing the digital future.
In this episode of Secure by Design, we dive deep into the shadowy world of vulnerability discovery and exploitation. From zero-days to n-days, bug bounty programs to advanced persistent threats, we unpack how security researchers, red teamers, and adversaries find flaws in software—and how those flaws are weaponized.
You’ll learn:
The lifecycle of a vulnerability—from discovery to public disclosure or underground sale.
Techniques used to uncover bugs (fuzzing, reverse engineering, source code review, etc.
Real-world stories of critical CVEs and how they were exploited
The difference between ethical disclosure and weaponization
How organizations can detect, respond to, and stay ahead of exploitation attempts
Whether you're a security professional, developer, or tech enthusiast, this episode offers a front-row seat to the high-stakes hunt for vulnerabilities that shape our digital security landscape.
Software supply chain attacks are on the rise — from dependency hijacking to CI/CD compromise. In this session, we dive into how the SLSA (Supply-chain Levels for Software Artifacts) framework helps you secure the integrity of your builds, detect tampering, and implement end-to-end trust in your development pipeline.What you'll learn:The anatomy of modern software supply chain attacksAn overview of the SLSA framework and its levels (1–4)How to integrate SLSA into your CI/CD workflowsReal-world breaches and how they could’ve been preventedPractical steps for developers, DevOps, and security teamsWhether you're an engineer, CISO, or DevSecOps practitioner, this session will give you a clear roadmap for hardening your software delivery process.📌 Subscribe for more content on secure development, DevSecOps, and emerging threats in the software ecosystem.