On the 20th episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Gene Sun, Vice President and Chief Information Security Officer at FedEx. FedEx is a multinational courier delivery services company with over $90 billion in annual revenue and more than 500,000 employees globally. With billions of packages delivered every year, using the world’s largest cargo fleet, FedEx uses sophisticated technology to provide a unique delivery service to customers across the globe. In this conversation, Gene discusses industry shifts from isolated point solutions to powerful, AI-driven platform strategies, AI as a growing tool for attackers and defenders, and predictions for the future of AI-powered cyber defense.

Quick hits from Gene:

On the evolving workforce adapting to AI integration: “There is some kind of fear in society that AI will replace all the human beings doing the work. I have this saying, AI will not replace your job. People who know how to use AI will replace your job.”

On consolidation and innovation in AI-driven cybersecurity: “There’s only so many players who can afford to stay in the AI race. I think only a couple of large cyber security platforms will survive and they will provide the fundamental platform for any additional innovation that will be created for security related AI models.”

On AI lowering barriers for fraud: “Cybercriminals are using AI to generate counterfeit FedEx shipping labels. Previously, to create a counterfeit FedEx shipping label you needed to have programming skills to decode our tracking numbers to be able to generate readable barcodes. Now, AI has removed those technology requirements and criminals are increasing their velocity to perpetrate those crimes.”

Recent Book Recommendation: Guns, Germs, and Steel by Jared Diamond

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 19th episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Eric Brohm, Chief Information Security Officer at Wyndham Hotels & Resorts. Wyndham is the world's largest hotel group, offering nearly 10,000 properties in 95 countries across 24 global brands. In this conversation, Eric shares his thoughts on how AI is fast becoming an indispensable tool for cybersecurity teams, the potential of AI in risk-based decision-making, and the growing trend of cybercriminals using AI.

Quick hits from Eric:

On the speed of AI adoption between attackers and defenders: “Attackers take up tools quicker than we do. They don't need to worry about test environments and, politically, selling the tools’ ROI for the business, right? They just go and they use it.”

On AI as a tool to enhance security: “The industry of adversary emulation has been really big. I can point AI at my environment and it knows what security controls I have on the back end. It knows what my vulnerabilities are on the front end and says, “If I were an attacker, this is probably what I would do.” So that helps us drive smart investment based on AI helping us with those risks.”

On the need for collaboration in cybersecurity: “Community is a key piece of why I love being in cybersecurity so much, and that collaboration is what we need to stay ahead of, or at least try to keep pace with whatever tools the attackers are using.”

Recent Book Recommendation: Questions Are the Answer by Hal Gregersen

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 18th episode of Enterprise Software Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Stephen Harrison, Senior Vice President and Chief Information Security Officer at MGM Resorts International. MGM Resorts International is a global hospitality and entertainment leader, operating some of the most iconic destinations in Las Vegas and beyond. MGM boasts an annual revenue of over $16 billion and employs more than 70,000 people worldwide. In this conversation, Stephen shares his thoughts on cybersecurity complexities in the entertainment sector, the deployment of AI – in both safeguarding systems and enhancing attack methods, and the escalation of automated attacks targeting human error.

Quick hits from Stephen:

On the rapid pace of technology change and AI: “It's hard when we're at a period of time where there's never been faster acceleration of technology. And whatever you thought was cutting-edge AI last week, well, just check Twitter this week. You're probably wrong.”

On adapting to rapid technological change: “If you’re running an enterprise security and you’re sort of putting up this gridiron fence saying, ‘No, our company is not going to use AI at a professional knowledge worker level.’ I think you’re probably doing a disservice.”

On the evolving threat landscape: “Every innovation that comes out is also empowering threat actors…you have ransomware as a service right now. And I would expect by next year, sometime to see ransomware as a service evolve and become more like AI as a service for threat actors.”

Recent Book Recommendation: Dare to Lead by Brené Brown

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise Software Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise Software Defenders is produced by Josh Meer.

On the 17th episode of Enterprise Software Defenders, host Evan Reiser (Abnormal Security) talks with Mark Ferguson, Chief Information Security Officer at Bombardier. Bombardier is a Canadian multinational aircraft company best known for producing premium business jets. It has over 17,000 employees and over $8 billion in annual revenue. In this conversation, Mark shares his thoughts on Bombardier's impressive scale, the complexities of cybersecurity in the aviation industry, and the role of AI in enhancing security operations.

Quick hits from Mark:

On cybercriminals using generative AI: “Cybercriminals’ work is all about volume. So it's about keeping the cost as low as possible and spreading the threat to the biggest volume possible. That's where AI will help them because it's going to enable them to widen the net for potential targets they can go after.”

On the rise of sophistication in cybercrime: “The most sophisticated criminals are using company’s own people and IT systems. It's way easier now to trick someone and log in to a corporate system, versus break through the firewall or hack a satellite.”

On AI Copilot’s ability to assist with cybersecurity: “Copilot came back within seconds and said this change happened by this person to this end point on this date and we were able to narrow in on what the change was and who made the change.”

Recent Book Recommendation: Jan Ullrich: The Best There Never Was by Daniel Fribe

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise Software Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise Software Defenders is produced by Josh Meer.

On the 16th episode of Enterprise Software Defenders, host Evan Reiser (Abnormal Security) and special guest host Steve Ward (Former CISO at The Home Depot and TIAA) talk with Roland Cloutier, former Global Chief Security Officer at TikTok. Roland is a seasoned cybersecurity expert who has led security programs at major organizations, including EMC, ADP, and, most recently, TikTok. Roland's journey from military aerospace defense to becoming a top CISO offers valuable insights into the evolving landscape of cybersecurity and the critical role of AI in enhancing security operations. In this conversation, Roland shares his thoughts on the evolution of cybersecurity in the AI era, the transformative impact of AI on security operations, and a glimpse into the future of converged security programs.

Quick hits from Roland:

On AI’s ability to assist enterprise security posture management: “Why do I have really smart people doing things like writing scripts that go across logs? That is insanity. We're going to get to deeper insight faster through AI. So as a practitioner, we're going to have better weapons to understand what's going on to apply defensive postures quicker.”

On AI copilot’s enabling safer code creation: “There's massive hope in the use of AI around code defense. Code is going to be created differently and it'll be created with AI and with constructs. Therefore we have the opportunity to put security control capabilities or quality measures in capabilities at the time of code. It's going to automatically do privacy by design and security by design in a way we’ve never seen before. So from a compliance perspective, we're going to be able to operate as businesses in a much better way.”

On the true impact of auto defense capabilities: “AI is going to now show up and code is going to be generated by the time someone thinks about it. But it doesn't have to go in a queue for us to check. We don't have to wait till something gets checked in. We can instrument the AI with our capabilities that says to automatically remove any OS pipe turning, and tell us what you did. Think about the modeling capabilities on a per second basis it can provide when it evaluates code.”

Recent Book Recommendation: The Mission, The Men, and Me by Pete Blaber

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise Software Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise Software Defenders is produced by Josh Meer.

On the 15th episode of Enterprise Software Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Tomás Maldonado, Chief Information Security Officer at The National Football League. The NFL, comprising 32 franchises, is the world's most valuable sporting league, with over 20 billion dollars in annual revenue and a growing global brand. In this conversation, Tomás shares his thoughts on the vital role of cybersecurity in the NFL, the impact of AI on emerging security threats, and his optimism on the potential for AI-driven incident response.

Quick hits from Tomás:

On AI advancing the malicious potential of threat actors: “Now, adversaries don't need to know whatever language you speak to attack. They can go into open generative AI platforms and say ‘Create a message that sounds like this in the language X.’ Then put whatever payload they want in there, and then they can mass mail that to people.”

On the impact of AI to assist the efficacy of security professionals: “There's so much data to cull through to figure out who was patient zero and how it actually happened. If you're correlating all of that information into a centralized location, why not have AI spit out a timeline that says this is how Jane Doe's account was compromised? We know that these are the usual next steps for someone being compromised. Let’s help the user make better decisions.”

On how AI might improve communication for security professionals: “There's a real opportunity for incident response and this division of communication, how to communicate effectively externally. There's a real path for interacting with users and helping them make better decisions as they interact with data and share that information.”

Recent Book Recommendation: Start with Why by Simon Sinek

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise Software Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise Software Defenders is produced by Josh Meer.

On the 14th episode of Enterprise Software Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Noah Davis, Vice President & Chief Information Security Officer at Ingersoll Rand. Ingersoll Rand is a Fortune 500 global industrial manufacturing company with over 18,000 employees and 7 billion dollars of annual revenue. For over 160 years, Ingersoll Rand has been a leader in innovative air, fluid, energy, and medical technologies, providing mission-critical solutions to increase industrial productivity. In this conversation, Noah shares his thoughts on navigating the human threats of AI in cybersecurity, the duality of AI for attackers and defenders, and how AI is shaping the in-demand skills for the next generation of cybersecurity professionals.

Quick hits from Noah:

On how threat actors are using AI in new attacks: "They're going to take advantage of cyber savviness, or lack thereof. There was the one incident that happened in Hong Kong where they actually did a video conference call and it was a 25 million payout because he thought he was on the phone with the CFO and there was a video of it. And it was really convincing."

On how enterprise defenses will evolve in response to AI: "What I have faith in is that the good guys will find ways to interject, to be able to identify [malicious threat attempts], determine the patterns if it seems scripted. And give you some percentage of confidence on, ‘we think this is fake,’ versus, ‘No, that's, that's definitely your CFO.’ You might even get a copilot to have you prompt like, ‘You should ask this question to see if this is a legitimate human.’

On keeping talented security professionals engaged in their work: "It's by taking out the noise of having to respond to every little bit and automating out the high volume, low value stuff. And then what we're actually dealing with, we're laser focused on the highest risk. The highest risk is fun, because that's where you see the new stuff, [like] the polymorphic malware that makes it past a bunch of other defenses. That's what gets my team jazzed up to look at."

Recent Book Recommendations: Essentialism By Greg McKeown, Effortless by Greg McKeown, The Obstacle is the Way by Ryan Holiday, and Extreme Ownership by Jocko Willink and Leif Babin

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise Software Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise Software Defenders is produced by Josh Meer.

On the 13th episode of Enterprise Software Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Jeremy Smith, Vice President and Information Security Officer at Avery Dennison. Avery Dennison is a multinational materials science company with over 34,000 employees and over $8 billion in annual revenue. They manufacture and distribute a variety of sophisticated branding labels and adhesives, including high-tech RFID inlays. In this conversation, Jeremy shares his thoughts on the evolution of cybersecurity at Avery Dennison, the advantages of AI-powered security tools, and how cutting-edge technology enables a successful defensive strategy.

Quick hits from Jeremy:

On threat actors use of AI: “You can do an investigation of a whole C suite in seconds with an AI chat bot, where before you'd have to go to a website and crawl it and search. Now you can find out so much information at the touch of your fingertips and the speed the attackers are going to be able to leverage with AI is going to have to be combated.”

On the future of Enterprise AI: “I've seen a bunch of existing vendors in the security space that are now buying AI companies to just leverage that talent internally to develop their products further. It was a CEO of one company that we work with that was just saying there's going to be two kinds of companies. Ones that leverage AI and companies that are out of business.”

On the true impact of AI: “Whether it be your network, your authentication and login activity, you kind of combine all of those data sets together and look for patterns of what's typical versus what is deviating from there, and I think that really is going to be the power of AI. Being able to analyze large quantities of data at scale and analyze it in ways that we've never been able to do before and give us insights we've never had before.”

Recent Book Recommendation: Atomic Habits by James Clear

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise Software Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise Software Defenders is produced by Josh Meer.