Can Security be “Agile”? with Brian Wagner

In this comprehensive interview, Brian Wagner, CTO at Revenir and former AWS security executive, shares insights from his new book "Redefining Information Security" and explains why the cybersecurity industry needs a fundamental shift in approach. With over 20 years of experience leading security transformations across enterprise organizations, Wagner presents a practical framework for moving beyond reactive security models.

About the Guest:

Brian Wagner brings extensive C-suite experience from Amazon Web Services, Moody's RMS, Bulletproof, and Defense.com. Based in London, he speaks globally on cloud security, AI-driven solutions, and security transformation. His latest book "Redefining Information Security" introduces a three-level maturity framework that's gaining attention from security leaders worldwide.

Key Discussion Points:

• The Security Maturity Framework: Wagner outlines his three-level approach—Reactive, Proactive, and Adaptive security—explaining how organizations can assess their current position and plan strategic improvements. He emphasizes that most companies remain stuck in reactive mode, responding to threats after damage occurs.
• From Cybersecurity to Information Safety: The conversation explores Wagner's concept of treating security as "information safety" rather than traditional cybersecurity. This cultural shift makes digital protection everyone's responsibility, transforming potential vulnerabilities into defensive assets.
• AI in Security Applications: Drawing from his work at Revenir, where the company handles sensitive financial and personal data across international borders, Wagner discusses practical AI implementations for pattern recognition, fraud detection, and compliance monitoring. He explains why AI excels at identifying normal versus abnormal patterns in security contexts.
• Security as Business Enabler: Wagner demonstrates how security can function as a competitive advantage rather than a cost center. He shares strategies for communicating security value to go-to-market teams and integrating security features into product development cycles.
• Compliance vs. Security Balance: The discussion addresses the relationship between regulatory compliance and actual security, with Wagner explaining how compliance represents minimum standards while effective security requires ongoing investment and adaptation.
• Open Source and Democratic Security: Wagner advocates for open source collaboration in cybersecurity, arguing that community-based approaches provide more transparent and accessible security solutions, especially important given recent changes in vulnerability disclosure programs.

Practical Implementation: 

The conversation includes real-world examples, from detecting sophisticated employment fraud schemes to integrating security practices into agile development workflows. Wagner emphasizes incremental improvements and measurable outcomes.

Book Recommendation:

"Redefining Information Security" offers a strategic approach to security leadership, focusing on cultural transformation and business alignment rather than purely technical solutions. The book provides frameworks for security professionals and business leaders looking to modernize their approach to digital protection.

Link to the book: https://www.koganpage.com/risk-compliance/redefining-information-security-9781398620018

This interview provides valuable insights for cybersecurity professionals, technology leaders, and anyone interested in understanding how AI and modern approaches are reshaping enterprise security practices.

#Cybersecurity #InformationSecurity #AI #SecurityMaturity #AWS #CloudSecurity #CTO #CISO #ThreatDetection #SecurityCulture #CyberThreats #SecurityLeadership