The Security Strategist

Why Do Most Cyber Breaches Stem from System Failures, Not Human Error?

24 Mar 2026

Contributed by Lukas

Podcast: The Security StrategistHost: Richard Stiennon, Chief Research Analyst at IT-HarvestGuest: Michael Kennedy, Ostra Security FounderFor leaders ...

Are Security Teams Wasting Resources on 99% of Vulnerabilities That Don’t Matter?

20 Mar 2026

Contributed by Lukas

Podcast: The Security StrategistHost: Richard Stiennon, Chief Research Analyst at IT-HarvestGuest: Nathan Rollings, CISO at ZafranThe cybersecurity en...

Are You Testing Cyber Recovery or Just Hoping Your Backups Work

16 Mar 2026

Contributed by Lukas

Podcast series: The Security StrategistGuest: Sam Woodcock, Senior Director of Solutions Architecture at 11:11 SystemsHost: Shubhangi Dua, Podcast Pro...

Unmasking the Invisible Threat: Defend Your APIs Before Attackers Do

11 Mar 2026

Contributed by Lukas

Podcast series: The Security StrategistGuest: Chip Witt, Principal Security Analyst at RadwareHost: Richard Stiennon, Chief Analyst Researcher at IT-H...

Is AI Quietly Breaking Email Security? Are False Positives Now the Real Breach?

11 Mar 2026

Contributed by Lukas

Cybersecurity, for many years, has functioned on an obvious assumption that attacks repeat themselves. For instance, if a phishing email works once, i...

Are CISOs Blind to the Biggest Cloud Attack Surface?

02 Mar 2026

Contributed by Lukas

Podcast series: The Security StrategistGuest: Doug Merritt, Chairperson, CEO, and President of AviatrixHost: Shubhangi Dua, Podcast Host, Producer and...

Lessons from Offensive Security: How Organisations Can Improve Cyber Resilience

24 Feb 2026

Contributed by Lukas

In an environment where cyber threats evolve faster than regulation, UK organisations are being asked to defend themselves with rules written for a di...

The Human Factor in Cybersecurity: Behavioural Interventions That Work

24 Feb 2026

Contributed by Lukas

Cybersecurity often feels like a battle of technologies—firewalls, AI, monitoring tools, but at its core, it’s human. People are both the first li...

From Passwords to Ransomware: What 597 Real-World Breaches Tell CISOs in 2026

24 Feb 2026

Contributed by Lukas

In an era of accelerating digital change, understanding the tactics employed by modern attackers is crucial for organisations doing everything in thei...

How CISOs Can Reduce Enterprise Data Risk Without Slowing the Business

24 Feb 2026

Contributed by Lukas

In an era where enterprise data sprawls across cloud platforms, collaboration tools, and SaaS environments, CISOs are under constant pressure to reduc...

Securing AI-Driven Development in Modern Enterprises

23 Feb 2026

Contributed by Lukas

When code is no longer written solely by humans, the way we think about application security has to change. In a recent episode of the Security S...

How Can Enterprises Secure AI When Data Moves Faster Than Humans Can Track?

16 Feb 2026

Contributed by Lukas

As firms increasingly adopt autonomous AI, a key assumption in cybersecurity seems to be disappearing – data security can be understood through stat...

How Do Attackers Exploit Executives’ Personal Lives to Breach Companies?

05 Feb 2026

Contributed by Lukas

Cybersecurity has traditionally focused on strengthening corporate networks, cloud systems, and devices. However, in the recent episode of The Securit...

Why Are AI Agents Forcing CISOs to Rethink Identity Security Architecture?

04 Feb 2026

Contributed by Lukas

For decades, identity security relied on the assumption that identities are static, predictable, and mostly human. However, the growing scale and comp...

From Data to Insight: How Enterprises Are Making IoT Secure and Actionable

30 Jan 2026

Contributed by Lukas

Organisations continue to struggle with device management data and fragmented architectures while facing pressure from business and regulators. As the...

Human-Led, AI-Driven: The Next Chapter of Security Operations

29 Jan 2026

Contributed by Lukas

Security leaders are rethinking how detection and response work in practice in 2026 owing to growing complexities in cybersecurity technology and the ...

Why Are Vulnerability Backlogs Still Growing Despite Better Detection?

28 Jan 2026

Contributed by Lukas

Podcast: The Security StrategistGuest: John Amaral, Co-Founder & CTO, Root.ioHost: Chris Steffen, VP of Research, Enterprise Management Associates...

What Happens to API Security When AI Agents Go Autonomous?

16 Jan 2026

Contributed by Lukas

As companies speed up their adoption of AI, an old but increasingly serious problem is resurfacing: lack of visibility. In the recent episode of The S...

Why AI Agents Demand a New Approach to Identity Security

23 Dec 2025

Contributed by Lukas

AI agents are evolving into capable collaborators in cybersecurity, acting as operational players. These agents read sensitive data, trigger workflows...

Is Your Holiday Traffic Human—or AI-Driven and Under Attack?

23 Dec 2025

Contributed by Lukas

As businesses approach the holiday season, security teams feel the pressure while online activity increases. At the same time, AI is quickly changing ...

From IoT to AIoT: Operational and Security Challenges for Modern Enterprises

22 Dec 2025

Contributed by Lukas

Industrial enterprises are undergoing significant transformation as connected devices reshape the way they operate. IoT platforms provide new opportun...

Overcoming Regulatory, Infrastructure, and Operational Challenges When Scaling Tech Globally

19 Dec 2025

Contributed by Lukas

Scaling technology globally is one of the most complex challenges for Chief Technology Officers and enterprise leaders. It requires balancing infrastr...

How Can MSPs Move From Defense to Full Cyber Resilience?

15 Dec 2025

Contributed by Lukas

In this final episode with N-able, the guests answer a pressing challenge for today’s MSPs: How to transform security operations into genuine cyber ...

What If We Could Fix Vulnerabilities Faster Than We Find Them?

15 Dec 2025

Contributed by Lukas

In the recent episode of The Security Strategist Podcast, host Richard Stiennon, Chief Research Analyst at IT-Harvest, sat down with Jo...

Can Identity Security Close the AI Governance Gap?

10 Dec 2025

Contributed by Lukas

As AI tools proliferate inside enterprises, often faster than security teams can track or govern them, a new class of risks are emerging. In this...

EDR, XDR, or MDR - What’s the Real Difference and Why Does It Matter?

08 Dec 2025

Contributed by Lukas

In the recent episode of The Security Strategist podcast, Jim Waggoner, VP of Product Strategy at N-able, and Joe Ferla, one of N-able’s H...

Securing Assets in a Complex IT Landscape: Deterministic Automation in ITAM

25 Nov 2025

Contributed by Lukas

Modern enterprises face a growing challenge in managing thousands of devices, applications, and identities across increasingly complex IT environments...

How Can Businesses Address Guardrails for Autonomous AI Agents with Permissions?

19 Nov 2025

Contributed by Lukas

“People love the idea that an agent can go out, learn how to do something, and just do it,” Jeff Hickman, Head of Customer Engineering, Ory, said....

Is Current DLP Failing Data Security in the Age of Generative AI?

18 Nov 2025

Contributed by Lukas

With more and more organisations adopting AI as part of their operations, a new layer of data risk has begun to emerge. In the recent episode of&...

The Zero Trust Conundrum: How Intelligent Friction Boosts Business Velocity

10 Nov 2025

Contributed by Lukas

In this episode of The Security Strategist podcast, host Jonathan Care, Lead Analyst at KuppingerCole Analysts, speaks with Sudhir Redd...

Universal Privileged Access Authorization: Securing Humans, Machines, and Agentic AI

07 Nov 2025

Contributed by Lukas

Can your organization truly trust every identity, human, machine, and AI?The traditional security perimeter is no longer a reliable boundary. As enter...

How Can MSPs Stay Competitive with Managed Detection and Response (MDR)?

06 Nov 2025

Contributed by Lukas

In today’s cybersecurity industry, Managed Service Providers (MSPs) who do not adapt risk falling behind. In the recent episode of The Sec...

Are Your Keys Safe? Why HSMs Are Now Essential for Cloud, Quantum, and AI Security

29 Oct 2025

Contributed by Lukas

"You have to think about how the online world really operates and how we make sure that data is secure. How can we trust each other in the digital wor...

Is Your CIAM Ready for Web-Scale and Agentic AI? Why Legacy Identity Can't Secure Agentic AI

15 Oct 2025

Contributed by Lukas

"With any new technology, there's always a turning point: we need something new to solve the old problems,” states Jeffrey Hickman, Head o...

AI-Powered Scam Factories: The Industrialisation of Fake Shops & Online Fraud

14 Oct 2025

Contributed by Lukas

"The harsh reality is the site wasn't real. The ad was fake. The reality is you've clicked through to a steward ad that's taken you to a fake site. Th...

Why Are 94% of CISOs Worried About AI, and Is Zero Trust the Only Answer?

01 Oct 2025

Contributed by Lukas

Identity fabric, a contemporary, flexible identity and access management (IAM) architecture, should “be involved at every stage of authent...

Fast, Safe, and Automated: Bridging DevOps and SecOps in the Age of Engineering Excellence

01 Oct 2025

Contributed by Lukas

Enterprises can no longer afford the old trade-off between speed and safety. Developers are under constant pressure to release code faster. At the sam...

What Does the Rise of Agentic AI Mean for Traditional Security Models?

30 Sep 2025

Contributed by Lukas

In an era of AI, it’s no longer a question of whether we should use it, but instead, we need to understand how it should be used effectively, convey...

Container Security Uncovered: Lessons from NIST SP 800-190

25 Sep 2025

Contributed by Lukas

It has been eight years since the NIST Special Publication 800-190: Application Container Security Guide was published, and its recommendations r...

AI and the New Age of Cyber Threats

23 Sep 2025

Contributed by Lukas

AI is rapidly changing how cybercriminals operate. Social engineering, once easy to spot, has entered a new era. Phishing emails that used to be riddl...

How to Build a Secure Development Workflow in an Era of AI?

19 Sep 2025

Contributed by Lukas

"What we're seeing as a response to coding agents is one of the biggest risks in security vulnerabilities to date,” said Jaime Jorge, Founder and CE...

How Do You Stop an Encrypted DDoS Attack? How to Overcome HTTPS Challenges

10 Sep 2025

Contributed by Lukas

"When you're encrypting the traffic and giving the keys only to the owner of the traffic, it provides a specific door for attackers to walk right in,”...

Preemptive Defense with AI-powered Deception: Outsmarting the AI-driven Adversary

09 Sep 2025

Contributed by Lukas

“For a long time, we focused on defending the perimeter and thought that was enough to keep businesses safe,” stated Ram Varadarajan, CEO and Co-f...

Phishing-Resistant Authentication: A Strategic Imperative for CISOs

04 Sep 2025

Contributed by Lukas

Passwords remain one of the weakest links in enterprise security. Despite advances in multi-factor authentication (MFA), recent data breaches show tha...

Is Your Workforce Ready for AI-Driven Cyber Threats?

04 Sep 2025

Contributed by Lukas

"With every technological wave, technology weaponises very quickly. You can create targeted attacks at an unprecedented scale, a human-centric attack ...

What is a Hardware Security Module (HSM) and Why Does it Matter for Your Cybersecurity?

01 Aug 2025

Contributed by Lukas

When cybercriminals breach an organization, they're not just after one piece of data - they're hunting for the keys that unlock everything."Think of H...

How Can Global Marketplaces Master Payment Security and Combat Fraud?

29 Jul 2025

Contributed by Lukas

"In this technology-centric world, where we see new advantages, new paths, new adventures, at the end of the day, the other side of the screen is alwa...

From Prompt Injection to Agentic AI: The New Frontier of Cyber Threats

07 Jul 2025

Contributed by Lukas

Artificial intelligence (AI) is on everyone’s mind, and its impact doesn't escape the cybersecurity industry. The industry experts acknowledge not j...

Why Fraud Prevention Silos Are Holding Your Business Back

26 Jun 2025

Contributed by Lukas

"The thing to challenge is the fact that fraud prevention is a vertical by itself," says Guido Ronchetti, CTO at XTN Cognitive Security. He stresses t...

Beyond Traditional IAM: Are You Prepared for Identity Convergence and the Rise of Agentic AI?

23 Jun 2025

Contributed by Lukas

"What we're seeing now is a lot of the vendors that were traditionally one of the identity pillars are kind of expanding into other pillars,” says K...

Is Your Attack Surface a Swiss Cheese? Solving Attack Surface Management (ASM) Challenges

29 May 2025

Contributed by Lukas

In this episode of The Security Strategist podcast, host Richard Stiennon, industry analyst and author, speaks to Craig Roberts, Principal S...

Quantum Computing, AI, & Ransomware: Inside Infosecurity Europe 2025 Key Themes

28 May 2025

Contributed by Lukas

Infosecurity Europe, Europe's leading cybersecurity event, is celebrating its 30th anniversary from June 3rd to 5th at ExCeL London. This year's confe...

Is Your Current Security Strategy Enough to Stop Sophisticated Cybersecurity Attacks?

21 May 2025

Contributed by Lukas

“The types of attacks that we're seeing today are malicious in nature. They go to the very heart of the functioning of businesses,” stated Brett L...

The Never-Ending Chess Game in Personnel Security

16 May 2025

Contributed by Lukas

Takeaways#Personnelsecurity is crucial for organisations and individuals.There is a significant talent shortage in the #cybersecurityindustry.#AI can ...

Beyond The App Store: Cloud Marketplace Security

16 May 2025

Contributed by Lukas

Takeaways#Cloudmarketplaces function like a digital mall for various services.Continuous monitoring and detection of threats are essential.Legislation...

Data Backups: The Digital Safety Deposit Box

15 May 2025

Contributed by Lukas

Takeaways#Databackups are essential for business continuity.The 3-2-1 backup #strategy is crucial for data protection.Testing backup systems is necess...

DDoS Demystified: Understanding the Threat

15 May 2025

Contributed by Lukas

Takeaways#DDoS can mimic legitimate traffic, making detection difficult.#Botnets are often created from compromised IoT devices.Motivations for DDoS a...

Is Traditional Client-Based Access Obsolete? Rethinking Internal Security

01 May 2025

Contributed by Lukas

"If you envision a world where what would be the most ideal way to make access management IAM decisions, to enable people to access internal things, y...

Can You Afford to Ignore Exploitability?

30 Apr 2025

Contributed by Lukas

Takeaways#ExposureManagement involves assessing multiple factors, not just single scans.Organisations must optimise their remediation capacity due to ...

From Peacetime to Wartime: Is Your Cloud Secure?

28 Apr 2025

Contributed by Lukas

Takeaways#Peacetimesecurity is no longer sufficient in modern cloud environments.AI and automation are essential for effective security management.Rea...

How to Streamline IT Operations and Enhance Security with RMM and Automation

24 Apr 2025

Contributed by Lukas

Remote Monitoring and Management (RMM) solutions are quite ambitious, promising to identify the issues before they have a chance to impact your IT ope...

Can You Stop an API Business Logic Attack?

17 Apr 2025

Contributed by Lukas

Application Programming Interface (API) is one of the most critical components of software applications which mediates communication between diff...

The Critical Role of MDM in Safeguarding Dedicated Devices

25 Mar 2025

Contributed by Lukas

In this episode of the Security Strategist podcast, Chris Steffen speaks with Sudhir Reddy, the CTO of Esper, about the imperative balance between sec...

Meeting of the Minds: State of Cybersecurity in 2025 Part II

25 Mar 2025

Contributed by Lukas

Welcome back to Meeting of the Minds, a podcast series that brings industry leaders together for the most engaging conversations of the year. In our i...

Why Cyber Needs to Rebrand from a Boys Club

20 Mar 2025

Contributed by Lukas

Andrea Cullen discusses her extensive experience in cybersecurity, focusing on the gender imbalance and cultural stereotypes that have historically do...

Reducing Risk with Effective Exposure Management in Enterprise Tech

19 Mar 2025

Contributed by Lukas

“Continuous threat exposure management is the new phrase for what we used to call vulnerability management programs," said J.J. Guy, CEO and Co-Foun...

The Evolving Cyber Threat Space: A Geopolitical Perspective

20 Feb 2025

Contributed by Lukas

In today's deeply connected world, cybersecurity is no longer just a technical issue—it's deeply intertwined with geopolitics. This episode explores...

Diversity in Cybersecurity: A Key to Innovation

12 Feb 2025

Contributed by Lukas

In this conversation, Rob Demain shares his extensive background in cybersecurity and discusses the importance of neurodiversity in the field. He emph...

Is AI and Zero Trust the Future of Cyber Warfare?

07 Feb 2025

Contributed by Lukas

The digital warground is constantly advancing, with increasingly sophisticated malware and attack vectors challenging traditional cybersecurity defenc...

Meeting of the Minds: State Of Cybersecurity in 2025

06 Feb 2025

Contributed by Lukas

The state of cybersecurity is rapidly and constantly evolving, and the future is not necessarily certain. In the first episode of Meeting of the Minds...

Navigating Cybersecurity: Insights from Jim Liddle

20 Jan 2025

Contributed by Lukas

This conversation explores the critical and ever-evolving relationship between data infrastructure and cybersecurity, shining a light on the necessity...

Unlocking the Power of APIs in AI

15 Jan 2025

Contributed by Lukas

Today, organisations are grappling with the critical challenge of securing APIs in an era dominated by AI integration and increasing cyber threats. AP...

The AI Shift: Transforming Roles and Securing IT Systems

08 Jan 2025

Contributed by Lukas

In this podcast, Sascha Giese discusses the evolving role of AI in IT teams, addressing employee perceptions, the need for regulations, and the import...

Unified Defences: Why CDR Matters

18 Dec 2024

Contributed by Lukas

The shift to cloud computing has transformed how businesses operate, offering unmatched flexibility, scalability, and cost efficiency. However, as org...

Supply Chain Survival: How to Dodge Disasters and Stay Ahead of the Curve

18 Dec 2024

Contributed by Lukas

Effective supply chain risk management is no longer optional—it is essential for long-term business success. Disruptions from natural disasters, geo...

Passwords Are So Last Year: Biometrics, Deepfakes, and the Passwordless Revolution

09 Dec 2024

Contributed by Lukas

Today, organisations face relentless cybersecurity threats, with phishing attacks and poor password management leading the charge. These vulnerabiliti...

The Cyber Game: Simulations, Ranges, and Digital Twins

04 Dec 2024

Contributed by Lukas

Governments and institutions face unprecedented cyber threats challenging national infrastructure, sensitive data security, and public services. To st...

Why Tracking Your Digital Risk is a Big Deal

02 Dec 2024

Contributed by Lukas

Digital risk protection has become a cornerstone of organisational security. Proactive measures are essential to defend against cyber risks, from safe...

The Psychology of Security: Empowering People to Protect

27 Nov 2024

Contributed by Lukas

Understanding human behaviour is critical in creating secure environments, as human actions, decisions, and vulnerabilities often determine the effect...

How do Hackers Collect Intelligence on their Victims?

18 Nov 2024

Contributed by Lukas

Hackers today rely on sophisticated techniques to collect information about their targets, combining digital stealth, social engineering, and data min...

Drive by Diplomacy: Cybersecurity in the Age of Chinese EVs

13 Nov 2024

Contributed by Lukas

As Chinese electric vehicles (EVs) rapidly gain market share across Europe, cybersecurity has become a key focus for regulators, manufacturers, and co...

Closing the Cloud Gap: CDR vs. Traditional Security in the Fight for Resilience

06 Nov 2024

Contributed by Lukas

With cloud attacks rising, Cloud Detection and Response (CDR) is becoming a crucial focus in modern security operations. But what exactly is CDR, and ...

Courage & Resilience: Bringing FBI Grit to Cybersecurity

06 Nov 2024

Contributed by Lukas

When it comes to decision-making, courage is paramount. Cybersecurity professionals must navigate high-stakes environments where swift, bold decisions...

Ransom-Repeat: How to Stop Funding Your Favorite Hackers!

23 Oct 2024

Contributed by Lukas

Ransomware attacks increasingly force organisations to pay ransom due to the significant impact on operations, data loss, and the fear of reputational...

The Innovation Paradox: Security and Productivity in a Regulatory World

16 Oct 2024

Contributed by Lukas

Companies are constantly pushing for innovation to stay competitive. Whether adopting new technologies or streamlining processes, innovation is key to...

Ransomware: A Battle for Cyber Security

16 Oct 2024

Contributed by Lukas

Ransomware has become a pervasive threat, targeting organisations of all sizes and industries. The complexities of recovery after an attack are enormo...

Top Findings from ISMS.Online’s “State of Information Security” Report: What You Need to Know

16 Oct 2024

Contributed by Lukas

In this episode, Luke Dash, CEO of ISMS.online, speaks to Paulina Rios Maya, Head of Industry Relations, about the current state of information securi...

Hackers: Heroes vs Villains – The Code Wars

14 Oct 2024

Contributed by Lukas

Ethical hacking, or penetration testing, plays a key role in protecting businesses from cyber threats by identifying vulnerabilities before malicious ...

Identity - a quick win in your Zero Trust roadmap

10 Oct 2024

Contributed by Lukas

Traditional security models are no longer enough. Identity and Zero Trust have become essential pillars of modern information security strategies. By ...

Infiltration Insights: Red Team Operations

09 Oct 2024

Contributed by Lukas

Red teaming is a proactive cybersecurity approach where ethical hackers simulate real-world attacks to test an organisation’s defences. Unlike tradi...

AI and Data Security: How to Protect What’s Powering the Future

04 Oct 2024

Contributed by Lukas

Protecting sensitive data requires a robust approach, with Data Security Posture Management (DSPM) and Data Loss Prevention (DLP) at the forefront. DS...

Fraud Rings and Crypto Scams: How to Outsmart the Bad Guys

26 Sep 2024

Contributed by Lukas

Fraud networks are becoming more sophisticated, posing a significant threat to the financial, iGaming and crypto sectors. As fraudsters’ tactics evo...

Neural Networks at Risk: AI and Cyber Threats

25 Sep 2024

Contributed by Lukas

New cybersecurity risks threaten critical data and systems as organisations increasingly adopt AI-driven technologies, particularly neural networks an...

Authenticating Users with Traditional SSO is Not Enough

20 Sep 2024

Contributed by Lukas

Traditional workforce access methods are increasingly vulnerable to account takeovers, highlighting the urgent need for zero-trust access. Infini...

SCION: The Future of Critical Infrastructure Defence

17 Sep 2024

Contributed by Lukas

As the number of connected devices grows, so does the vulnerability of our digital infrastructure. Traditional security measures need help to keep up ...

How is Proactive CDR Revolutionising Cloud Security

16 Sep 2024

Contributed by Lukas

As cloud adoption accelerates, the demand for effective cloud threat detection solutions is snowballing. Organisations face increasing challenges in s...

Defend Like a Pro: Comprehensive Threat Detection & Response with Proactive Risk Management

11 Sep 2024

Contributed by Lukas

Critical Start's Managed Detection and Response (MDR) service is designed to provide24x7x365 monitoring, human-driven threat investigation, an...

Cutting Through the Noise: Redefining Detection and Response With Secureworks

04 Sep 2024

Contributed by Lukas

When looking for the right cybersecurity to keep your organization safe, it’s easy to get overwhelmed by the acronyms and solutions on the market to...

What Would 1% Do to Your Business: ML for Optimal Security Strategies

23 Aug 2024

Contributed by Lukas

Understanding the key differences between approaches in the EU and the US can help unlock maximum value with the right security strategies. Traditiona...

Rethinking Security in the Age of Zero Trust

21 Aug 2024

Contributed by Lukas

In the post-pandemic world, relying solely on perimeter-based identity security is no longer sufficient. Increased cloud adoption, expanded access per...