Prioritize Leading Indicators; Lagging Results Follow Naturally
Nice thread but the simple tl;dr is: Focus on leading indicators of performance. If you do this well then the lagging indicators will take care of themselves.
Master Organizational Politics, Leverage Shadow Network for Security Success
Mastering organizational politics to drive your security program and build your team. Work the shadow network not just the formal org chart. https://t.co/hz0tt3Ghyu https://t.co/KMhg6Oe41L
Agentic AI Expands Attack Surface, Prompting Injection Focus
As AI systems become more agentic, we are rapidly expanding the attack surface. Prompt injection isn’t a corner case—it’s a natural outcome of: – untrusted inputs – tool access – delegated autonomy This shifts the question from “does it work?” to “how does it fail...
AI Agents Transform Insider Risk From Alerts to Guidance
Excited to share that Ballistic Ventures led the Series A investment in Above Security, as the company emerges from stealth today with $50M in funding. Insider risk is one of the most persistent - and misunderstood - problems in cybersecurity. It’s...
Master Organizational Politics to Strengthen Your Security Program
Lessons in mastering organization politics for the good of your security program: 1. Decisions are Not Made in Committees 2. Map and Partake in Decision Making Flows 3. Slip Stream Constantly 4. Don’t Let a Crisis Go to Waste 5. Build a Base of Support 6....
Political Savvy, Not Innate Talent, Drives Security Success
What most people get wrong about organizational politics and the security program. Creating and running an enterprise wide security program requires you to navigate, and benefit from, organization politics. This takes influencing skill and executive presence. These aren’t simply innate skills....
NIST Releases DNS Guide; Infoblox Leads Protective DNS
The new NIST Secure Domain Name System (DNS) Deployment Guide is out. Kudos to @Infoblox for helping author this and for also providing imho the world's best protective DNS service. https://t.co/vprZTZ5sfH https://t.co/OxZ0qSLxWK
Native Security Secures Cloud with Unified Policy Controls
Announcing the Series A of Native Security (https://t.co/w7e6BeMXxj) which we (Ballistic Ventures) led. The latest greatest thing to happen to cloud security. Set policy intent and have it translated to native controls in all the major clouds. Exactly what I wanted...
Finance's Quirks: Gold, Coffee, and Glinting Aluminum
Three of my favorite stories (so far) from the highly educational and entertaining Lloyd Blankfein book. 1. Fischer Black’s (as in the Black-Scholes model) observation on gold trading that why not just leave it in the ground and trade on it...
Bring Your Own Agents—The New Unsettling Tech Mantra
The most interesting (and scariest?) phrase I’ve heard so far this year……. “Bring your own agents”
AI Accelerates Vulnerability Fixes, Sparking Dual Optimism
Being at UnpromptedAI conference in SF this week seeing extent of using AI for vulnerability discovery and for accelerating fixes has me want to make a slight correction to this post: 1. I am short term *very* pessimistic 2. I am *even...
Joining Code Armor Board to Accelerate Cybersecurity Innovation
Very pleased to be joining the Board at @code_armor . I’ve worked with them for a long time. What they have built and are building is a vital part of the need for speed in any modern cybersecurity program. https://t.co/v8SGWVKobB
Re‑tool for Speed, Stay Optimistic Amid Wild Change
Things Are Getting Wild: Re-Tool Everything for Speed In the end, despite the short term pessimism, I remain wildly optimistic for the future. https://www.philvenables.com/post/things-are-getting-wild-re-tool-everything-for-speed
Speed Is Defender’s Ultimate Weapon Against AI Threats
Things Are Getting Wild: Re-Tool Everything for Speed The compounding set of changes we are experiencing in cybersecurity is deeply concerning. But this is a transition point. We should be short term pessimistic about the risks we face. At the same...