Be Fearless Podcast by SquareX

In this episode of the Be Fearless Podcast, StickmanCyber’s Founder Ajay Unni sits down with SquareX Field CISO John Carse to discuss the personal side of building a global cybersecurity brand. Ajay reveals how a failure in his 12th-grade exams in India became the catalyst for his first software company. He explains his leadership philosophy, which integrates meditation and ethical business growth, proving that you don't have to be greedy to succeed in the high-stakes world of tech. They also touch upon why the web browser has become the primary attack surface for modern hackers and despite heavy in...

In this episode of the Be Fearless Podcast, Gautam "Gotham" Sharma, Executive Director, Cybersecurity Education and Training at AccessCyber, sits down with SquareX Field CISO John Carse to discuss why cybersecurity education and hiring are broken. The conversation explores nontraditional cyber career paths, why certifications alone don’t get candidates hired, and how hands-on projects prepare people for real-world security roles. Gautam breaks down browser security, SaaS sprawl, zero trust, and why defending the browser is essential for modern enterprises. He debunks viral AI ransomware statistics and explains why the industry needs better skepticism and even satire. 

00:00 Fou...

In this episode of the Be Fearless Podcast, Larry Whiteside Jr, Co-Founder and President of Confide, sits down with SquareX Field CISO John Carse to discuss the real risks facing today’s CISOs. Drawing from three decades of experience across the U.S. military, the Pentagon, and Fortune 500 leadership roles, Larry explains why the CISO role is the most exposed and misunderstood position in the C-suite. They dive into cybersecurity governance, power dynamics with executives, vendor hype, regulatory pressure, AI disruption, and why security leaders are often blamed despite lacking authority.

00:00 How a Pentagon analyst role turned ou...

Field CISO John Carse of SquareX sits down with Jeremy Ladner of The CISO Signal to discuss the critical art of storytelling in cybersecurity leadership. In this episode of Be Fearless podcasts, Jeremy reveals why facts alone fail in the boardroom and how AI is rewriting the rules of social engineering and fraud. The conversation covers why hackers operate like aggressive marketing teams and the dangers of "almost secure" infrastructure. 

00:00 Why the cybersecurity industry is actually a "True Crime" universe
5:17 Spy vs Spy
13:50 The Hero's Journey and how to tell a story
24:42 Most cyber b...

Host John Carse, Field CISO of SquareX sits down with James W., Valens Global Analyst and creator of the Smoke Signal Newsletter and Burn Signal Podcast. In this episode of The Be Fearless podcast, they discuss the concept of "digital exhaust" and how invisible data trails are weaponized into "weapons of mass disruption". James shares insights from his FBI career, discussing the intersection of human psychology and cybersecurity. They explore the unique challenges CISOs face with employees' consumer behavior impacting corporate security , the future of AI processing on devices , and actionable advice for translating technical complexity into control.
<...

Host John Carse, Field CISO at SquareX, sits down with Andrew Crotty aka GingerHacker. In this episode of the Be Fearless podcast, Andrew provides insights into his role advising Army commanders, the evolving security landscape regarding AI agents and hallucinations, and the specific vulnerabilities found in web browsers. Andrew details the mission behind the Ginger Hacker Initiative, a non-profit helping newcomers get certified for free, and his involvement with DEF CON. He also dives into the failures he had to endure before landing his first gig in Cyber. 

00:00 Multiple paths of getting into cybersecurity
8:11 The importance o...

Host John Carse, Field CISO at SquareX, sits down with Patrick Gorman, Founder of InfosecPat. In this episode of The Be Fearless podcast, they discuss Patrick's incredible journey from a rough upbringing in Queens and working in construction to becoming a renowned cybersecurity educator with over 100,000 YouTube subscribers. Patrick gets real about the misconceptions of the industry, specifically regarding entry-level salaries and the "get rich quick" mentality. He also shares deep insights on the importance of mastering IT fundamentals before attempting to hack, and why building a personal brand is crucial for career longevity.

00:00 Pivoting to cybersecurity...

Frost & Sullivan’s Swetha Krishnamoorthi joins Audrey Adeline from SquareX Founder's Office to unpack emerging browser-based threats, including AI-driven phishing, encrypted last-mile exploits, malicious digital assets, and the rise of autonomous AI agents. She explains how Zero Trust browsers evolve beyond isolation, what organizations overlook today, and the security capabilities that will soon be table-stakes. She also shares how she moved to cybersecurity after multiple pivots, including her beginning as a Biotechnology engineer. 

00:00 The industry's different approaches to browser security
7:19 The "legacy infrastructure gap" and budget constraints
12:19 The evolution of endpoint security
16:34 The most com...

In this episode of Be Fearless, Aleksandra Melnikova from the SquareX founder’s office speaks with Jim Rutt, CIO and CISO of the Dana Foundation. Jim traces his 25-year journey from marketing to data analytics to leading technology strategy in a major nonprofit, sharing how cybersecurity has shifted from HIPAA compliance to tackling AI-driven threats, why the decision to go all-in on cloud migration became a turning point for resilience, and what leaders should consider when balancing outsourcing with in-house security. He also breaks down essential insights on data protection, risk management, and AI ethics, concluding with his predictions fo...

Host Aleksandra Melnikova of Founder's Office at SquareX sits down with John Rojas, Vice President, IT, of Air Lease. In this episode of The Fearless Podcast, they discuss John's fascinating transition from Marine Corps communications to managing cybersecurity for one of the world's largest aircraft leasing companies. John shares insights on protecting billions in assets, the unique challenges of securing global business travelers, and his pragmatic approach to managing AI risks within the enterprise. He also emphasizes on the need to build a culture of security by putting people first and the necessity of training employees to be the...

In this episode of the Be Fearless podcast, SquareX Field CISO John Carse sits down with Girard Kavelines and discusses how starting out on the help desk gave him fresh perspectives and practical insights that later shaped his work as a Network/Security Engineer. Girard also elaborates on other topics, schaas  how blogging and content creation at TechHouse570 helped him build an engaged audience, how excited he is about the potential of SquareX and its ability to fill critical gaps left by traditional EDR/XDR, address browser security blind spots, and tackle rising Shadow SaaS risks. In the end, h...

In this episode of Be Fearless podcast, Adcubum AG Group CISO Michael Ruppe sits down with Aleksandra Melnikova from SquareX Founder's Office and shares how he moved from law and business into cybersecurity and became a CISO in his twenties. He breaks down how industry certifications (of which he has 30) helped him bridge theory and practice, stand out to recruiters, and accelerate into leadership roles. Michael explains what it means to secure a core health insurance software platform, manage supply chain risk, and structure an effective security team. He also dives into browser and AI security, data loss prevention...

Knowing your incidence response playbook is one thing, but is it ingrained deeply enough in your team for execution when disaster strikes?

Tiffiny Bryant, Co-Host of the Stats on Stats Podcast and Information Security Analyst at Shipt, shares her powerful journey from the military into cybersecurity, and how she now raises awareness about the field through her podcast. In this episode, Tiffiny shares her experience being inside the Pentagon at 9/11 and how it  shaped her approach to incident response; the importance of understanding user motivations in security; and how, despite all obstacles, one must keep showing up. Duration: 00:57:23

Vriti Magee, Founder and Principal of Mawa:ga Consulting, sits down with John Carse to explore the collision between AI innovation and enterprise security. In this episode, Vriti and John discuss the journey toward autonomous SOCs, the real risks of new browser AI agents like OpenAI's Atlas,  and how innovation and governance mature each other instead of being at odds.

0:00 How Vriti uses the Zachman Framework in enterprise architecture
18:17 On automation replacing traditional security roles
22:42 Vriti's research on autonomous SOCs
31:02 AI browser attack vectors and sidebar spoofing
37:17 Scaling tech innovation without compromising governance Duration: 00:43:05

Tim Anderson shares two decades of cybersecurity expertise — starting with business continuity work to his current role protecting millions of digital identities as Deputy CISO of ID.me. In this episode, he breaks down why identity has become the new perimeter in security architecture, why browser security remains mission-critical for enterprise environments, and how decomposing problems—not just solutions—accelerates your career.

0:00 Building security programs and technical governance
14:53 Integrating security controls into UX workflows
19:38 Evaluating AI browser security and vulnerabilities
24:09 Working with a mission-driven mindset
30:41 The importance of deep expertise

🔔 Follow Tim and A...

Mohana Balakrishnan, Chief Technology Officer at Schools Insurance Authority, shares his remarkable journey as a geophysicist discovering chromite deposits in Canada to leading technology and security for California schools. In this conversation, Mo opens up about why he transitioned from CISO to CTO, shares his philosophy on AI adoption and discusses why security leaders should be peers to CTOs, not subordinates.

0:00 Breaking into a new field field, even without qualification
17:00 Working together with the CISO, as a CTO
22:00 Balancing enterprise AI adoption with data control and oversight
36:33 On building a successful cyber career
<...

Adrian Sanabria, Principal Researcher at The Defenders Initiative joins Field CISO John Carse to dissect why security keeps failing despite massive investments in tools and compliance frameworks. In this episode, John turns the tables and puts Adrian (also the Main Host of Enterprise Security Weekly) in the hot seat — discussing why focusing on checklists keeps defenders perpetually behind, how cyber insurance might force real change and why AI has become the attacker's number one accomplice in 2025.

0:00 On mission-driven security
14:10 Cyber insurance as the next control enforcement
25:35 Why ransomware is a great framework for attackers
33:54 Pr...

Royce Markose, CISO at Vistrada, shares his journey from breaking apart computers as a kid to leading cybersecurity for billion-dollar organizations. He dives into why hackers are shifting from endpoints to SaaS and browser attacks, how AI is transforming security risks, and how vendors should best pitch to CISOs and pull them into the conversation.

00:00 Leading a security team with limited resources
10:21 The mistake vendors make when selling to CISOs
16:07 Building cybersecurity strategies at Vistrada
25:10 The browser is the new battleground for breaches
29:41 Redefining the CISO’s role as a business partner
Duration: 00:36:21

Alfredo Ramirez IV, Senior Director Analyst, Emerging Technologies & Trends at Gartner, sits with Audrey Adeline from the SquareX Founder’s Office to discuss the latest market trends from his vantage point: “agent washing” where vendors rebrand simple automation as AI agents, why machine identities are becoming the fastest-growing attack surface, and how both deepfakes and deepfake detection are rapidly evolving.

0:00 Lessons from the metaverse bust
13:41 When AI agents become insider threats
21:22 How AI has transformed disinformation security
25:45 Deepfakes don't just cover humans
31:46 Alfredo's outlook for the next year
37:50 Emerging threats shaping the future...

Bithal Bhardwaj, CEO at Gramax, spent over two decades as a cybersecurity leader across GE and GMR Group before making the leap to CEO. In this conversation, he reveals why the transition was surprisingly seamless, shares war stories from managing a 48-hour coordinated attack on critical infrastructure, and explains why security vendors shouldn't rely on marketing jargon. 

0:00 Making the leap from CISO to CEO
15:13 "Contextualize cyber threats from a geography standpoint"
23:35 Why crisis management must be muscle memory beyond just a document
26:32 What seasoned CISOs look for in vendors
33:16 Advice for CISOs who w...

Marian Newsome, Founder of Ethical Tech Matters and an IEEE CertifAIEd Lead Assessor (Top 100 Globally), sits down with SquareX Field CISO John Carse to unpack why most organizations are dangerously unprepared for AI governance. They dive into real-world failures, discuss the three fundamental principles for AI governance, and why browser security should be on your threat model right now. 

0:00 AI innovation should not outpace governance
12:25 Three principles for AI governance
21:55 Compliance should not be complex
30:22 Procurement can be a gateway into enterprise data leakage
44:39 Closing and Marian's podcasting experience

🎙️ Listen On:
Ap...

J Wolfgang Goerlich, CISO for Oakland County Michigan Government, shares his unconventional path from wanting to be a hacker after watching the movie "Hackers" to leading government cybersecurity. In this conversation, Wolfgang breaks down why LLMs are surprisingly easy to manipulate using the same social engineering tactics that work on humans, why he believes good security starts with people not technology, and his fascinating approach to building security culture one conversation at a time. He also reveals how peer pressure made an AI image generator go rogue and why government employees might actually care more about security than private...

Kane Narraway, Head of Enterprise Security at Canva, shares how he went from digital forensics in UK law enforcement to protecting millions of users' creative workflows today. He breaks down why marketing and sales teams are more vulnerable than engineers to attacks, his framework for balancing security with velocity and culture, and why security awareness training should “only do the required amount, and then tailor that to the individuals”. 

0:00 Every country’s cybersecurity quirks are different
9:59 Canva's unique security challenge: data protection in physical printing
14:21 Stealer malware and mitigation with device-bound session credentials
24:05 Why most ac...

Join us as Dr. Nathan Fisk, Associate Professor of Cybersecurity Education of USF and Cyber Florida Academic Director, discusses the importance of community in cybersecurity education. In this episode, Nathan explains how formal education has drifted away from the hacker culture that actually builds effective security professionals. He shares insights on why passion beats certifications, how community connections trump degrees, and what parents need to know about their kids' shrinking attention spans in the age of AI.

0:00 How a computer infection got Nathan into his career
5:32 Generational differences in approaching cybersecurity
11:38 The decline of the "...

Cezary Piekarski, Group CISO at Standard Chartered, joins us to share hard-earned wisdom from 25+ years securing financial institutions globally. In this episode of the Be Fearless podcast, Cezary shares how Standard Chartered scales security without becoming a bottleneck, draws fascinating parallels between today's AI security challenges and buffer overflow attacks and why curiosity is the hallmark of all great CISOs.

0:00 Scaling security without bottlenecks
7:19 How the browser (and browser security) has evolved
14:13 AI security parallels to buffer overflow attacks of the past
16:16 Outsourcing accountability to users doesn’t work
20:56 Why crisis communication must ta...

Eric Mizell, Field CTO and VP Field Engineering at Keyfactor, breaks down why digital certificates are the security blind spot most companies don't know they have. From his early days fixing Novell networks to helping enterprises manage millions of IoT identities, Eric shares war stories about expired certificates that couldn't send breach alerts, private keys stored in network folders with the same password, and how AI is intelligently helping threat actors make decisions on how to attack. 

0:00 PKI hierarchies matter for enterprise security
14:09 Expired code signing certificates are still risky
17:53 Should you run your own C...

Ben Waugh, BISO at Datavant, drops some hard truths about healthcare security - like how the most damaging breaches aren't from sophisticated nation-state actors, but from attackers exploiting basic gaps while security teams obsess over complex threats. With nearly two decades securing critical infrastructure at companies like Redox and Twilio, Ben shares war stories from the trenches, explains why browser-managed medical devices are becoming a new entry point for attackers, and reveals how AI can both 10x both productivity and shadow IT chaos. 

0:00 Why hospitals keep getting hacked by “basic” attacks
14:21 Phishing 2.0 and how AI is turni...

Sandip Wadje, Managing Director and Global Head of Emerging Technology Operational Risks & Intelligence at BNP Paribas, reveals the hidden challenges of securing one of the world's largest banks in an AI-driven world. From his unconventional journey starting in a TV factory to now influencing global regulatory guidelines, Sandip shares how the browser is a gigantic attack surface for banks, the harmfulness of redundant security controls and how communication is the most important soft skill one should have. 

0:00 Security for AI and AI for security come hand in hand
13:41 Threat actors aren't just targeting privileged users
21:33 U...

Martin Holzworth, CISO at UnitingCare Queensland, brings 25 years of cybersecurity to this episode of the Be Fearless Podcast. In this conversation with Aleksandra Melnikova, Martin shares hard-won insights about protecting patient data, managing supply chain risks in healthcare, and why securing browsers has become non-negotiable in today’s threatscape. He discusses the unique challenges of healthcare security where patient safety is at stake and offers practical advice for building security culture — from teaching password hygiene through song lyrics to taking business leaders on the security journey.

0:00 The unique challenges of healthcare cybersecurity
13:43 "Take your business on the...

Brad Berkson, CEO of Miles Space, sits down with John Carse to discuss his journey from McKinsey partner to serving as a former Pentagon senior official operations, to now pioneering space technology. Brad shares eye-opening insights about how most security breaches come from basic housekeeping failures rather than sophisticated attacks, his dot-com startup experience and why aerospace and defense face fundamentally different security stakes where it's not just about money — it's about national security and lives. 

0:00 Leaving a seven figure job to join the defense industry
12:16 New innovations in signal enhancement
23:02 Cybersecurity stakes in defense tha...

With years directing cyber operations in the United States Air Force as a Cyber Officer, Sarah Cleveland brings a unique perspective to cybersecurity. In this conversation with John Carse, she discusses how military risk calculation differs from corporate approaches, shares practical insights on selling cybersecurity to federal agencies, why nation-state actors are becoming more in-your-face and what figure skating taught her about resilience. 

0:00 Sarah’s experience leading C4 (Command, Control, Communications, Computers) in the military
13:40 Selling to the government: understanding federal procurement and budget cycles
21:24 The shift from network defense to browser-based threats
35:07 Nation-state hac...

Drawing from her experience at Dell and Infosys, Security Engineer Yaamini Mohan breaks down why getting your security basics right — boring stuff like passwords, patching, and MFA— will move the needle much more than any expensive AI-powered solution. In this conversation with SquareX Field CISO John Carse, she also discusses how the shift to cloud and SaaS has expanded our attack surface, why most security work should be boring, and the myth of gender imbalance in the industry.

0:00 Security is not a 9 to 5 job
18:04 The importance of building a good cybersecurity foundation
27:46 How not getting the...

Morgan Svensson and Stefan Tapper, CIO and CISO of Grant Thornton Sweden respectively, reveal how they navigate the constant tension between business innovation and security requirements. From their shared history at a Scandinavian airline to their current roles protecting one of Sweden's largest professional services firms, they discuss the intricacies of Swedish regulations on AI usage, building a security culture where employees take shared responsibility, and why the Nordic approach to flat organizational structures gives them an edge in cybersecurity.

0:00 Balancing work demands with security requirements
22:33 The process behind evaluating new security solutions
27:37 Unique Nordic...

Felicita Sandoval, CEO/Founder of Sentient Perspectives (SENP-X) and security professional at LiveRamp, breaks down how to navigate the rapidly changing world of AI and cybersecurity. In this episode, Felicita shares practical insights on building security-first AI adoption in enterprises. She discusses the challenges of browser AI agents accessing corporate data, why diverse perspectives are crucial for innovation, and how companies can implement governance processes for the flood of AI tools hitting the market — all while juggling entrepreneurship, a corporate role, and co-founding Latinas in Cyber.

0:00 Sentient Perspectives and protecting yourself in the age of emerging tech Duration: 00:52:38

Martin Hinton, award-winning journalist and Executive Editor of Cyber Insurance News & Information, (https://www.youtube.com/@CyberInsuranceNews) breaks down why companies are dangerously unprepared for today’s modern threatscape.

Drawing from his 30+ years in media and his deep dive into cyber insurance, Martin shares insights about  the devastating Marks & Spencer hack that shut down operations, why shadow AI is creating massive vulnerabilities most businesses don't even know they have and how every employee contributes to security.

0:00 Cyber insurance is active, unlike personal insurance
12:11 The Marks & Spencer hack that cost £300 million
22:56 We are in the...

Join Chidi Alams, CIO at Just Born (makers of PEEPS®, HOT TAMALES®, and MIKE AND IKE®), as he breaks down how a 100-year-old candy company navigates digital transformation in the 21st century. In this episode of the Be Fearless Podcast, Chidi shares hard-won insights from his journey across Fortune 500 companies, including why manufacturing lines are more connected than you'd think, how how to spot hidden talent already in your organization, and why observability beats resistance when it comes to AI adoption.

0:00 Digital transformation in a 100 year CPG brand
11:23 Security challenges in the manufacturing/CPG industry
20:00 Hyb...

Stan Lee didn't start in cybersecurity - he has a biochemistry degree from UCLA and worked his way up from IT helpdesk to becoming CISO at major companies like PayPal, Palo Alto Networks, and now EarnIn. His unique journey across industries gives him a perspective that most security leaders don't have, especially when it comes to the speed differences between B2B and B2C security challenges.

In this conversation, Stan shares the challenges of building B2B vs B2C security, how browser-based attacks are becoming the norm (especially extensions) and why security professionals can't afford...

Craig Taylor, Founder and CEO of CyberHoot, joins us to explain why traditional phishing tests that punish employees are fundamentally broken. Drawing from his decades-long cybersecurity career, Craig shares the story of a $24,000 gift card scam that inspired him to build CyberHoot - a platform that rewards good security behaviors instead of punishing mistakes. He breaks down why engagement drops when people fail phishing tests, how hackers exploit new employees' eagerness to please, and why teaching cyber literacy in schools could give countries a strategic advantage.

0:00 The $24,000 gift card scam that inspired CyberHoot
12:34 The problem with "...

Clint Kehr brings a unique perspective to cybersecurity, having gone from training personnel in dark web investigations as a former federal agent to transforming penetration testing in one of America's biggest banks. Now a Senior Instructor and Cybersecurity Architect, Clint shares stories from his undercover work, bridging the gap between security teams and developers and what Groundhog Day taught him about leadership and teamwork.

0:00 Creating the Dark Web Recognition Guide for law enforcement
17:20 Making security training engaging for developers
31:29 How browsers are a primary workspace vulnerability
38:29 Cloud migration's impact on enterprise security
42:59 Building...

Travis Farral, Vice President and CISO at Archaea Energy, joins us to share hard-earned wisdom from securing everything from oil giants to renewable energy startups. In this episode, Travis shares how even non-nation-state actors are getting stronger, the need for browser-level protection and why hiring the wrong person hurts more than not hiring at all. 

0:00 What working at large enterprises teaches you about security
15:30 On dealing with APTs
20:28 Essential security practices the energy industry needs
25:25 Why browser security matters when most work happens online
30:42 “Pay attention and be creative” and other leadership lessons
<...

Tom Hollingsworth, the "Networking Nerd" and Tech Field Day's Event Lead, sits down with SquareX Field CISO John Carse to share his 20+ year journey in enterprise networking and how he helped build one of tech's most influential community events. From troubleshooting school networks to orchestrating conversations between vendors and independent thought leaders, Tom reveals the story behind Tech Field Day's creation, what makes certain technical presentations legendary, and why asking "why" instead of "how" transformed his career from hands-on engineering to strategic advisory.

0:00 Building the "Networking Nerd" brand and the origin story of Tech Field Day
12:16...

Olivia Heslinga, founder of AI for Good Denmark and AI literacy consultant, joins SquareX Field CISO John Carse to discuss the (security) implications of AI's rapid evolution. They dive into how browser AI agents can compromise your entire digital life with just basic permissions, why third-party AI tools are essentially viruses infiltrating organizations, and the alarming cognitive debt we're accumulating by outsourcing our thinking to AI. Olivia shares her unique perspective bridging technology, business, and society from Copenhagen, explaining why AI literacy isn't just about using tools properly — it's about understanding on a deeper level and how they affect di...

Patrick Benoit, President and Virtual CISO of Cyber Risk Insights, breaks down three decades of cybersecurity evolution and reveals why most organizations keep making the same fundamental mistakes. From protecting global enterprises like Brink's across 53 countries to small manufacturers, Patrick shares insights about the shift from perimeter thinking to zero trust. 

0:00 The evolution from perimeter to endpoint security
11:03 The four key areas that address 80% of security gaps
20:39 Why browsers need to evolve for better security visibility
29:39 Hiring for character over skills in cybersecurity
35:15 Top 4 lessons from 30 years of experience

🔔 Follow Patrick and...

Clea Ostendorf, co-founder of Wolfpack Security, breaks down why security programs fail to get developer buy-in and shares her journey from sales to building a security consultancy. She reveals the real problems behind vulnerability management chaos, explains why most pentesting findings are just "boring" basics like outdated versions and hardcoded passwords, and discusses how AI is already disrupting security roles. Clea also dives into the practical challenges of making security work for engineering teams without slowing them down, plus her take on building security communities and the future of the industry.

0:00 Building Wolfpack Security with angel investors<...

Stephen Bennett, Global CISO at Domino's Pizza, shares his unconventional journey from getting electrocuted while tinkering with TVs as a kid to protecting one of the world's largest pizza brands across 12 markets and millions of digital transactions. He discusses unique cybersecurity challenges like credential stuffing attacks, managing security across diverse cultures from Japan to Malaysia, and his famous Netflix phishing test that fooled even his own marketing team.

0:00 From art dreams to accidental tech career beginnings
10:52 Unique attack vectors targeting Domino's and customer data
15:38 Managing cybersecurity across 12 global markets and cultures
19:26 Stephen's most successful...

Eric Gray,  BeLux CISO at Kyndryl, shares his unique journey from Royal Bank of Canada to becoming one of only two Canadians living in Luxembourg. In this episode, he also discusses the cybersecurity landscape across highly regulated European environments, the critical importance of supporting women in cybersecurity as a board member of Women Cyber Force, and why AI agents are creating unprecedented security challenges. 

0:00 Eric's cybersecurity journey and moving halfway across the globe
8:00 Advancing women in cybersecurity as a male advocate
15:18 Breaking down barriers in STEM education
23:39 War stories in security incident preparedness and br...

John Dunne, Head of Security at Grant Thornton UK, shares his remarkable 30-year journey from training as a chef to becoming one of the UK's most experienced cybersecurity leaders. John reveals why recruiting people from hospitality backgrounds makes better security professionals than traditional tech graduates, and explains why the decades-old Nigerian 419 scam is still fooling people today. He breaks down balancing security with business productivity and offers practical advice for breaking into cybersecurity.

0:00 From chef to cybersecurity: John's unexpected career pivot
7:34 Breaking into cybersecurity without a technical background
12:34 Browser security challenges and AI-powered attacks
20:15...

Grace Yu, Director of Cyber Risk and Policy, GRC at Hewlett Packard Enterprise, shares her unconventional journey from handling a live TV crisis in Singapore to becoming a cybersecurity leader in Silicon Valley. Among the topics discussed are how AI agents are creating new security vulnerabilities, the competitive reality of the U.S. job market and why cybersecurity is like a horror movie with a happy ending.

0:00 Grace's unexpected entry into cybersecurity and bridging the technical skills gap
14:23 AI replacing jobs and losing our ability to write
23:03 Browser security and AI agents clicking malicious links<...

Coleen Coolidge, ex-CISO of Segment and Twilio and startup advisor, didn't start in cybersecurity - she was a new project manager who got thrown into the deep end, but that discomfort launched an 18-year career that would see her build security teams from scratch at companies like Segment and Twilio. Now advising early-stage startups, Coleen shares insights about why security teams fail, how to actually talk to executives about risk, and why most founders are solving the wrong problems.

0:00 Coleen’s cybersecurity origin story
5:40 Transforming security chaos into a reusable security blueprint
19:27 Pull in key bu...

Guy Segal, Head of Corporate Development at Sygnia, takes us through his journey from military intelligence to building cybersecurity teams across Asia. Guy reveals why ransomware thrives despite decades of security knowledge, shares war stories from actual negotiations and breaks down why AI is making language barriers irrelevant for cybercriminals targeting global markets.

0:00 Military to corporate sector and cultural differences of cyber attacks across Asia
13:24 Why ransomware persists despite decades of security knowledge
26:44 Inside actual ransomware negotiations and psychological warfare
40:23 Browser security — "a completely different nightmare" — and the death of network perimeters
49:53 The huma...

Tal Arad, former CTO at Carlsberg Group, accidentally fell into cybersecurity after telling his military commander he knew computers from working at a shop. In this episode, Tal shares hard lessons about building trust with existing teams, why blocking AI always fails, and stories about Carlsberg's famous beer perks that fill the office every Tuesday.

0:00 From computer shop worker to accidental military security officer
8:46 Overcoming security hurdles in a traditional company
18:31 “User experience is as important as security controls”
25:55 New macro trends in security
32:30 Dropping security gatekeeping and the importance of diverse teams
...

Rathi Murthy, CTO at Varo Bank and former CTO of Expedia, Gap, & Verizon, shares her journey from software engineer to C-level executive across Fortune 500 companies. She reveals how curiosity drives career growth, why browser security is now critical for all organizations, and how AI is democratizing intelligence. Rathi also discusses finding an authentic leadership voice, Art of Living breathing techniques and offers practical advice for women entering technology leadership.

0:00 From software engineer to CTO: the journey of solving complex problems
7:14 Adapting leadership skills across startup and enterprise environments
17:22 AI adoption strategies and the security implications<...

Konrads Klints, CISO at Rajah and Tann Asia, shares his journey from hacker to leading cybersecurity for one of Asia's most prestigious law firms. In this episode of the Be Fearless Podcast, Konrads reveals why law firms top ransomware target lists, how business email compromise attacks plague the legal industry, and cultural cybersecurity challenges across the Baltics, London, and Singapore. 

0:00 Cybersecurity culture shock moving from Europe to Singapore
10:13 Why law firms struggle with cybersecurity leadership decisions
28:05 Browser security and the new authentication gateway reality
38:00 Building cybersecurity teams in Asia's competitive market
47:02 Getting law f...

Alfredzo Nash, Co-Founder/CEO of the Cyber Coffee Hour podcast and Principal Information Security Analyst at the American Red Cross, explains how his "Say Hello, Coffee Makers" podcast bridges professionals and enthusiasts with expert-level cyber defense.In this episode, Alfredzo opens up about sleepless nights from incident response, his military-inspired threat hunting approach, and why nature's ecosystem holds keys to better cybersecurity strategies. 

0:00 The evolution from data centers to global cloud security
15:16 Why antiquated systems are cybersecurity's biggest challenge
22:17 Balancing incident response stress with mental health
32:50 How the military mindset shapes cyber defense strategies Duration: 01:00:59

Jack Poller, founder and principal analyst of Paradigm Technica, breaks down why traditional cybersecurity marketing is failing. With 30 years of experience from Carnegie Mellon to cyber strategy, Jack reveals how cloud and SaaS have fundamentally changed the threat landscape and yet most security tools remain stuck in castle-and-moat thinking. He explains why the browser has become the real endpoint needing protection, how buyer behavior has evolved beyond fear-based selling, and why conventional wisdom about passwords and perimeters is actually dangerous. 

0:00 The biggest positioning mistake cybersecurity companies make
22:29 Browser security risks that organizations are underestimating
38:38 Critical q...

Tom Sweet, CIO of Industrial Refrigeration Pros and cybersecurity veteran with over 20 years of experience, shares his journey from civil engineering to leading IT security at a private equity-backed company. Tom discusses the unique challenges of building security from scratch, why he believes IT leadership needs to be technologically competent and the cultural complexities of implementing security controls without causing “death by a thousand cuts”.

0:00 Career transitions: civil engineering to cybersecurity, PE companies vs large enterprises
13:41 Leading with influence while implementing security controls
27:56 On working with and taking over from MSPs
35:03 Browser security evolution and...

Chief Evangelist Agnidipta Sarkar from ColorTokens breaks down why traditional cybersecurity approaches are failing despite massive industry investments. With 30 years of experience, Agni explains how companies should shift from trying to prevent every breach to building "breach-ready cyber defense" systems that can contain attacks and maintain business operations. He discusses zero trust architecture, micro-segmentation as the foundation of modern defense, and how browsers have become the new attack surface that most organizations ignore. Agni reveals how businesses can define their minimum viable digital operations and prepare for the inevitable rather than living in denial about cyber threats.

0:00...

Kenneth Ellington went from making sandwiches at Publix to founding Ellington Cyber Academy after discovering the gap in cybersecurity training. He breaks down why expensive programs don't necessarily prepare students for real corporate environments and how he's helping professionals boost salaries, sometimes up to $40K+. Kenneth reveals what Fortune 100 companies actually use, discusses browser security as the next major threat vector, and explains why your "why" matters more than technical skills when breaking into cybersecurity.

0:00 From business management to cybersecurity by accident
12:28 Why $15k training programs miss the mark
18:46 Real world cyber investigations and browser...

Jesse Scott, Cybersecurity Executive and VC Advisor,  has lived quite the journey - from NATO to building security teams at three unicorns including $3B+ Databricks. In this episode, he breaks down why current security operations are fundamentally broken and need a revamp, why browser security is becoming critical and how founders’ passion is contagious.

0:00 From NATO to cybersecurity: the unconventional path
4:39 Why Jesse’s Databricks stint was called “mission impossible”
9:34 The square peg approach and the importance of seeing things end-to-end
17:08 Browser security: the new Wild West nobody's talking about
22:45 Creating exciting new framework...

Kevin Qiu, Staff Security Engineer at Shiftsmart and their first security hire, breaks down the realities of building security programs from scratch. In this episode, he discusses the risk that comes with using work devices for personal purposes, why everyone wins when companies get paid AI tools and why the industry's obsession with hiring only senior talent is creating a dangerous skills gap.

0:00 How Kevin entered the field from a stint in consulting
8:13 What no one tells you about being the first security hire at a startup
18:28 The first thing security leads should do starting...

Julia Dudenko, Group CISO at Haniel, oversees cybersecurity strategy for 11 portfolio companies spanning everything from manufacturing to kindergartens. In this conversation, she reveals why enterprises need to watch out for attacks that target APIs and supply chains, whether we need “cybersecurity for AI” rather than just “AI for cybersecurity,” and examines the concept of "Enkelfähig" - building systems that can survive for generations.

0:00 Managing cybersecurity from kindergartens to tech
12:28 New threats to watch out for in API and code security
16:16 Adopting AI is a challenge traditional industries must face
20:20 Is cybersecurity for AI or is AI...

Prasanna Kanagasabai (PK), CISO, Dkatalis (Bank Jago), started his career as a network engineer and before becoming a pentester-turned-CISO. In this episode, Prasanna explains why breaking systems first is crucial for building robust defenses, the unique challenges of securing a digital-first bank, the role of browser security in protecting sensitive data, and how AI is reshaping both offensive and defensive security strategies.

0:00 Prasanna’s journey from network engineer to cybersecurity
4:39 “A good offense is your best defense”
14:18 Browser security and data protection in cloud platforms
23:46 Utilizing AI tools and understanding their risks
29:18 How securi...

Sabika Ishaq, CISO at Grant Thornton Luxembourg and President of Women Cyber Force, shares her journey from the United Nations to becoming a cybersecurity leader. In this episode, Sabika reveals insights on AI integration in cybersecurity, why preparedness is the ultimate cybersecurity superpower and how cognitive diversity is as critical as security controls.

0:00 How humanitarian work led Sabika into cybersecurity
4:30 Even your front desk contributes to security
10:40 Hidden cybersecurity risks in heavily regulated financial markets
20:36 Securing where your team actually works: Inside the browser
26:51 100% security is impossible — preparedness is your superpower
34:38 Hiring di...

Ashish Garg, founder and managing partner at Riga Cyber, sits down to discuss his two-decade journey in cybersecurity and the massive shifts he's witnessed since his early days in the field. In this conversation, Ashish shares insights on how attackers have evolved from script kiddies to well-funded, sophisticated adversaries, why browsers have become the primary attack vector and the stark differences in cybersecurity approaches across North America, Europe, and Asia.

0:00 Ashish’s cybersecurity journey
6:01 Navigating the maze of security tools
13:30 Browsers are the new blindspot in enterprise security
17:43 How cybersecurity strategies differ across regions Duration: 00:35:54

Kush Sharma, Founder of KnightSpectre and Inaugural CISO of the City of Hamilton, has advised organizations worth over $2.5 trillion and knows exactly why most CISOs fail when talking to boards. From his experience being Toronto's inaugural CISO to overseeing a $34 billion railway merger, he shares his insights on government vs enterprise security, why small municipalities are cyber sitting ducks, and how AI-powered browser extensions are a massive security blind spot. 

0:00 How an SAP internship created a cybersecurity powerhouse
4:29 Security challenges in government and enterprise
12:25 The trick to explaining security needs to the board level
17:32 W...

Bryson Bort, CEO and founder of Scythe and West Point graduate, breaks down the uncomfortable truths about modern cybersecurity that most vendors won't tell you. From real purple team stories to the "NSA problem" plaguing enterprises, Bryson explains why understanding post-access behavior matters more than prevention. If you're tired of security theater, this conversation will change how you think about defending your organization.

0:00 From West Point to cybersecurity: the early days of "information assurance" and building offensive cyber capabilities
17:10 Why industrial control systems are just old computers that change the physical world
31:46 How AI revolutionizes...

Perry Young brings 25 years of cybersecurity expertise across three continents, from network engineering to serving as Director and ASEAN CISO at Kyndryl. In this conversation with SquareX Field CISO John Carse, he discusses CISOs challenges, why CISOs must be technically competent and why continuous learning is critical.

0:00 Episode highlights and Perry's career journey and the biggest challenge for CISOs
19:18 When network security people don't understand networks
27:09 Perry's work, Center for Internet Security (CIS) and the concept of secure by default
38:16 Why Perry chose to go back to formal education
48:25 AI in cybersecurity and...

This episode of the Be Fearless Podcast features Evgeniy Kharam, Chief Strategy Officer at Discern Security and Security Architecture Podcast host. With 25+ years in cybersecurity—from Navy networking to enterprise consulting—Evgeniy explains why traditional security fails in today's browser-first world. He reveals shadow SaaS proliferation realities, describes how we've shifted from protecting a "needle" to a "desert" of attack surfaces, and shares practical enterprise security adaptation strategies.

0:00 From Navy networking to CheckPoint
13:04 Evgeniy's work at Discern Security
16:34 Compliance doesn't always equal security
32:34 The Shadow SaaS Crisis and Browser Security Gaps
43:28 Common mistakes secu...

Satyen Desai, VP of Sales for Asia Pacific at ColorTokens, discusses enterprise cybersecurity's evolution and why traditional security approaches fail. With over 25 years at IBM, SAP, Cisco, Oracle, and Cloudflare, he explains why organizations must shift from preventing breaches to being "breach ready." Satyen shares insights on micro-segmentation, building trust with seasoned CISOs and what it takes to succeed in enterprise security sales.

0:00 Satyen's cybersecurity journey
4:41 What is micro-segmentation and why it matters
15:27 The difference between enterprise security sales and tech sales
30:03 Winning over tough customers and entering new markets
44:04 Why AI and...

Brian Fricke's cybersecurity journey started with fixing a malware outbreak that crippled his Marine squadron. Fast forward two decades, and he's now the CISO of City National Bank of Florida, protecting millions in assets while managing both physical and cyber security programs. This conversation dives deep into how Brian transformed from an avionics technician to the cybersecurity domains, the link between physical security and cybersecurity, and why the best leaders make decisions with only 70% of the information they'd like to have.

0:00 Introduction and how a Marine Corps initiative launched Brian's cyber career
14:39 The link between physical...

Nicholas Muy's cybersecurity journey started with a six-year-old's rebellion against his father's TV timer, leading him from the Department of Homeland Security to securing billions in travel transactions at Expedia, and now to his role as CISO at Scrut Automation. In this conversation with Aleksandra, Nicholas shares his experience securing massive e-commerce platforms, and navigating the fast-paced startup world and understanding the business is key to choosing the right security solutions. 

0:00 From childhood hacking to a cybersecurity career
7:19 From the Department of Homeland Security to securing Expedia's massive platform
17:22 Working in large enterprises vs cybersecurity s...

Jon Baker, Director & Co-founder of MITRE's Center for Threat-Informed Defense (CTID) joins us for a deep dive into the beginnings of the eponymous concept. In this episode, Jon shares how he started his journey in MITRE, discusses the intricacies of protecting the browser and practical advice on building threat-informed defense programs.

0:00 Episode highlights and how the CTID started and how the concept of threat-informed defence came about
8:45 Why chasing vulnerabilities is a losing battle
15:24 Getting started with a threat detection cycle
24:53 How MITRE ATT&CK became the industry standard and how it’s evolved Duration: 00:52:16

One of security’s most well-known figures, Anton Chuvakin, coined the term EDR (Endpoint Detection and Response) during his stint at Gartner, pioneering the “DR” naming convention we’re all familiar with today. Now Senior Security Staff at Google’s Office of the CISO, he shares his thoughts on securing the cloud, the need for observability with browsers, how AI has shifted from “helpful” to “indispensable” and more.

0:00 Anton’s work in cybersecurity
5:27 Securing the cloud and how “it’s a different beast”
9:02 Evolution from EDR to XDR and the “something-DR” naming trend
15:19 What constitutes "Detention and Res...

Dr. Chenxi Wang, Founder and General Partner of Rain Capital, has fascinating patterns in cybersecurity investing that most people miss. In this conversation, we dive deep into the mismatch between what founders are building versus what CISOs actually need, female representation amongst cyber founders and why being fearless isn't just a podcast name - it's a practice to incorporate into your very life.

0:00 Chenxi’s accidental start to cybersecurity in academia
4:17 A rising trend in cybersecurity: securing AI and AI agents
9:23 Unpacking the founder-investor mismatch
15:37 Breaking barriers for women in cybersecurity
21:48 Being data-driven an...

Christopher Ahlberg, CEO and co-founder of Recorded Future (which was recently acquired by Mastercard), breaks down the evolving cybersecurity landscape with SquareX's field CISO John Carse. From his journey building Spotfire to creating the world's largest threat intelligence company, Ahlberg shares critical insights on nation-state actors today, the challenges facing modern CSOs, and why predictive threat intelligence is no longer a luxury in today’s world. 

0:00 How a computer scientist went to hunt cyber criminals
14:46 Your network is NOT safe if your neighbour’s isn’t
27:43 How adversaries always find the weakest link
39:26 “Some of the be...

Luke Shoberg took an unconventional path from studying biology to becoming Global CISO at Sequoia Capital. In this conversation, Luke explains what makes VC security uniquely challenging, why being "professionally paranoid" is essential in security, and how startups can implement scale-appropriate security without killing innovation. 

0:00 Introduction and Luke’s path to cybersecurity in VC
4:38 The unique challenge of cybersecurity in VC
9:33 The common thread across cyber incidents
15:31 Luke’s transition to Latacora
19:04 What is ‘scale-appropriate security' for startups?
25:56 The rise of browser-based attacks and stolen credentials
34:02 Tailoring cybersecurity for diverse business models...

In this episode, we sit down with Vijay Jajoo, a partner at KPMG with over two decades of experience in cyber data and tech containment. Vijay shares his unique journey into cybersecurity, the biggest challenges facing large organisations today, and the best leadership advice he ever received.

0:00 The Flyer that Led to a Cybersecurity Career
11:20 The qualities necessary for a cybersecurity consultant
20:24 How attack surfaces have evolved over the years
24:07 How the browser is now a prime target, Vijay’s approach to browser security
30:12 The 3 elements attackers exploit the most
34:37 Contributing via th...

Cecil Su, Director of Cybersecurity and CTI at BDO Advisory and co-lead of OWASP Singapore Chapter, brings nearly two decades of experience from his start in hospitality systems to becoming the cybersecurity leader he is today. In this episode, Cecil breaks down why the browser has become the new perimeter, insights on Singapore's vibrant cybersecurity community, red flags that signal poor security posture, and why prevention-first thinking needs to evolve into resilience-first strategy.

0:00 How a hospitality tech role led Cecil into cybersecurity
10:36 Inside Singapore's small but thriving cyber network
14:41 How localizing the OWASP Testing Guide...

Andrea Bergamini, VP and CIO of Orbia, started as a telco engineer 20 years ago when cybersecurity barely existed, but went into the field due to his audit work at GE, which sparked his fascination with risk and controls. Fast forward to today, and he's not just the VP and CISO at Orbia—a $8 billion purpose-driven company—but he recently made the leap to CIO as well, adding infrastructure to his security responsibilities. In this conversation, we dive deep into the balance between friction and protection being part of a purpose-driven company, and the importance of taking calculated risks.

...

Aamir Niazi, Executive Director and CISO at SMBC Capital Markets, shares his unfiltered 18-year journey from engineer to leading cybersecurity teams in financial services. Aamir gets honest about hiring mistakes, building remote teams during COVID, browser security challenges, getting executive buy-in, and the challenges of transitioning from hands-on practitioner to strategic leader.

0:00 Transiting from IT engineer to cybersecurity
6:14 “You must build the team that has integrity”
12:24 Emerging cybersecurity tech and browser security
20:47 Getting the buy-in for cybersecurity tools
27:18 Compliance does not equate to sound security

🔔 Follow Aamir and Aleksandra on:
https...

What if most organizations are testing their security tools against the wrong threats entirely?

As the leader behind the industry standard program that helps organizations understand how security tools perform against real-world threats, William Booth, General Manager and Director of MITRE's ATT&CK Evaluations, shares common misconceptions in adversary emulation, the gap between compliance and actual security effectiveness, and practical advice for security leaders trying to make sense of vendor claims and build truly effective defense strategies.

0:00 Episode highlights and introduction
0:56 How a money laundering investigation inspired William to enter the field
6:11 What...

Dr. Aleksandr Yampolskiy, cofounder and CEO of SecurityScorecard, went from being a 14-year old immigrant to America to building SecurityScorecard — the security ratings platform now used by over 3,000 companies. In this conversation with SquareX founder Vivek Ramachandran, Aleksandr breaks down the real challenges of category creation, his playbooks on entrepreneurship and the importance of understanding the customer. 

0:00 Introduction to Aleksandr
1:22 Aleksandr’s origin story: from Prince of Persia to cybersecurity
6:57 Transitioning from academia to being entrepreneurship
9:30 The market gap discovery that led to SecurityScorecard
16:56 The playbook for creating categories
21:08 “Always think you’re buildi...

Meet Dr. Brian Gardner, who secured the City of Dallas for over 7 years before moving to Austin as the City’s CISO. In this episode of the Be Fearless Podcast, Brian shares war stories from managing critical infrastructure, how he grew Dallas's cybersecurity budget from 2.3% to nearly 10% of the IT spend, and dives into the unique challenges cities face with shadow SaaS and browser security.

0:00 Episode highlights and introduction
5:43 On crisis recovery and resilience
14:29 Wearing multiple hats from CIO to CTO to CISO
19:49 Growing cyber budgets alongside cyber programs
25:22 Defending critical infrastructure such as...

What does it take to protect a beloved cultural institution like PBS? In this episode, Jimmy Benoit, CISO of PBS, discusses how he transitioned from military service to cybersecurity, balancing security requirements with business objectives, and why building relationships across the organization matters more than any single technology solution. 

0:00 The journey from college to the military to private cybersecurity
10:50 Balancing security needs with business goals
14:22 Using the right-sized solution to combat threats and improve cyber resilience
23:08 Building intra-organization relationships is the key to security success
29:03 The three core messages for communicating security projects e...

Mandy Andress brings over two decades of cybersecurity leadership experience to this conversation, including her current role as CISO at Elastic and her 13-year tenure at MassMutual where she led a $50 million strategic security investment initiative. In this episode, Mandy shares candid insights about prioritizing security gaps by focusing on core risks and security fundamentals, the challenges of browser-based threats, and why curiosity and adaptability matter more than technical certifications. 

0:00 Why a cybersecurity lead studied law and accounting first
7:00 How going out of your comfort zone pays off in your career
11:04 Understanding core risks when s...

Cybersecurity Co-Founder and ex-Venture Capitalist Zain Rizavi breaks down what really happens behind closed doors in cybersecurity investing. From his unconventional journey from political science  to backing the next generation of security companies, Zain reveals why most founders get product-market fit completely wrong and what it really takes to build a security company that VCs actually want to fund. 

0:00 Introduction and Zain's journey from political science to tech VC
10:32 Zain Rizavi’s “Surfer Analogy" to decoding startup potential
14:50 Upcoming cybersecurity investment trends
20:56 The browser as the new endpoint & data leakage risks in the era of AI<...

If you’re in the cybersecurity field, HD Moore, runZero founder and creator of Metasploit, needs no introduction — his work has fundamentally changed how the security industry thinks about vulnerabilities. 

In this candid conversation, HD shares the story behind building the world's most widely used penetration testing framework, war stories from the early days of cybersecurity, and how his Month of Browser Bugs Project (which inspired our own Year of Browser Bugs Initiative) spelled the end of ActiveX.

0:00 Introduction, the story behind creating Metasploit
6:42 Transitioning from researcher to founding runZero, trends in exposure management
1...

Sangram Dash has spent over two decades in cybersecurity, from witnessing the massive eBay breach response to leading security at companies like PayPal and Square. In this episode, he breaks down his practical "3 buckets" framework that every security team should follow, shares lessons from previous incidents and why the human element of incident response will never be fully automated.

0:00 Introduction to Sangram and his work
5:51 Sangram’s playbook to building security culture
16:46 The 3 Buckets of Cybersecurity Framework
26:43 On securing the browser
39:42 War Story: Lessons from eBay’s Breach
45:02 Common mistakes in browser secu...

In this episode, SquareX Field CISO John Carse sits down with Jayesh, founder of Cloud Village and CEO of Cloudurance Security, to explore the growing threat of browser-based attacks in cloud environments. Jayesh shares practical insights on product security, the importance of "enrollment conversations" with stakeholders, and why browsers have become the primary attack surface for modern threats.

0:00 Introduction to Jayesh and Cloud Village
14:12 Ensuring that security doesn’t become an afterthought in development
29:30 How security leaders can influence cloud adoption decisions
38:13 Approaching browser-based attack surfaces in organizations
55:06 Challenges of implementing auto remediation in...

Join us as we welcome Sid Trivedi (Partner at Foundation Capital) and Ross Haleliuk (Founder of a Stealth Security Startup and Author of Cyber for Builders), co-hosts of the "Inside the Network" podcast! In this conversation, they share investor and operator perspectives on cybersecurity trends and its evolution from technical obscurity to mainstream concern. Sid and Ross also explore how major incidents have changed public perception, why browsers are becoming critical battlegrounds, and what separates lasting innovation from opportunistic ventures in the security landscape.

0:00 About Sid and Ross
4:07 How cybersecurity awareness has evolved over 5 years
8:42...

Jeff Moss, founder of the famed DEF CON and Black Hat conferences,  joins Vivek Ramachandran for another episode of the Be Fearless Podcast. Jeff reveals how DEF CON’s new one-roof strategy at the Las Vegas Convention Center has transformed the conference experience, while preserving its unique hacker culture that has endured for decades. He explains why browsers have become the prime battleground for attackers - with everyone using browsers, it's a numbers game where “somebody somewhere is going to click on something.”
The conversation covers everything from mesh networks connecting the hacker community year-round to the emerging threat...

In this episode of the Be Fearless Podcast, Yu Long (Tyler) Tang, Director of Enterprise Information Security Strategy at softScheck APAC, joins us to share his journey from martial arts to cybersecurity and how the protection mindset carried over.

A highly qualified speaker and Secretary and Certified Mentor with the ISC2 Singapore Chapter, Yu Long (Tyler) covers browser security, his work as a volunteer and mentor, and why past security performance can't predict future threats. 

0:00 Yu Long (Tyler)'s journey from martial arts to cybersecurity
7:22 Yu Long (Tyler)'s work in security by design Duration: 00:54:08

Ever wondered how professional hackers think? SquareX Field CISO John Carse sits down with Abhijith B R, Founder/Head of security consulting at BreachSimRange, and Adversary Village at DEF CON, who also has a wealth of ethical hacking experience. 

In this episode, Abhijith pulls back the curtain on the hacker mindset, shares his war stories from previous engagements, thoughts on browser security and why basic security hygiene still matters more than fancy products. This conversation is packed with practical advice for strengthening your security posture by thinking like the attackers who are targeting your organization.

0:00 I...

In this episode, SquareX field CISO John Carse speaks with Mike Cunningham, R&D Program Manager at MITRE's Center for Threat-Informed Defense. Mike brings his unique background from the Navy and NSA to discuss how organizations can better defend against cyber threats by understanding adversary behaviors, browser security challenges and more. If you ever wanted to know more about MITRE, its ATT&CK framework and the good work they do — this is an episode you won’t want to miss.

0:00 Introduction and Mike's cybersecurity journey
5:33 The MITRE ATT&CK framework and threat-informed defense
15:01 On the thre...

In this International Women's Day special episode, Evelyn Lam, CISO of Trust Wallet, shares her journey from traditional banking at Morgan Stanley to the cutting edge of Web3 security. She breaks down the fundamental differences between Web2 and Web3, explaining why security is even more critical in a decentralized environment where users control their own assets without centralized oversight. Evelyn discusses the Bybit hack, the transformative role of AI in blockchain security, and offers practical advice for staying safe in the crypto world. She also shares insights on how the unique meritocracy of Web3 can create opportunities for women...

Ever wondered what it really takes to lead security at a crypto company? In this episode, we sit down with Pasi Koistinen, CISO at Coinhako, who's spent more than two decades in the cybersecurity trenches. Pasi gets real about why being technically brilliant isn't enough anymore - you've got to speak the language of business to succeed as a CISO.

He also shares insights on browser security blind spots, why crypto companies face unique threats, and what he looks for when hiring security talent. If you're struggling to communicate security risks to executives or trying to figure...

This special International Women's Day episode features Elcin Biren, security leader, Founder and CEO of SwissCyberSmart. With nearly two decades of cybersecurity experience spanning roles from ethical hacker to CISO, Elcin shares her journey and mission to protect families online.

Elcin discusses her groundbreaking work with the world's first cybersecurity parents’ bootcamp, her perspective on browser-based attacks, and how she's applying her knowledge of neuroscience to combat social engineering. She also addresses the challenges women face in cybersecurity and offers practical advice for creating a more diverse and effective industry.

0:00 Introduction to Elcin and her cy...

Ever wondered what it takes to reach the top tier of cybersecurity leadership? In this candid conversation, Darren Argyle shares his remarkable path from being a bar manager in the UK to becoming a recognized global CISO and cybersecurity educator. You’ll learn Darren’s 5 principles for reaching a $1M cybersecurity salary, why browser security has become a critical concern for enterprises, and why taking bold risks—like Darren's move from the UK to Australia—can transform both your life.

0:00 Darren's unique career journey from bar owner to cybersecurity
8:18 Five principles to reach a $1M cybersecurity salary Duration: 00:44:02

“You don't have to wait for permission. You don't have to wait for someone to see you, recognize you or whatever. I firmly believe that the world is your oyster.”

Join us for an insightful and inspiring conversation with Jane Frankland MBE, a globally recognized cybersecurity leader and author of "INSecurity." In this episode of the Be Fearless Podcast, you’ll hear about Jane’s journey from textile design to cybersecurity, and learn about the importance of diversity in strengthening enterprise security. Jane also shares invaluable insights on current threats, including browser-based attacks, identity security, and the evolving...

As the founder of Software Analyst Cyber Research (SACR), Francis Odum has built a name for himself in cybersecurity research, cutting through the noise with in-depth analyses that resonate across the industry. In this episode with Aleksandra, he breaks down what makes security research impactful, why browser security is becoming an urgent priority for enterprises, and how AI is reshaping security policies and challenges CISOs are facing. 

0:00 How Francis got started in cybersecurity and founding SACR
5:13 Francis on his research going viral
10:25 How AI can help (and harm enterprises)
12:46 Mitigating threats with browser-native security Duration: 00:32:33