Defending with the Same AI That’s Coming for You with Chris Cochran
The Cyber Leaders podcast featured Chris Cochran, a former Marine, NSA and Cyber Command veteran now serving as Field CISO at SANS. He discussed his eclectic career, from threat‑intelligence work at Netflix to creating a graphic novel, "Scotty Threat Hunter," that dramatizes AI‑driven cyber‑warfare. Cochran highlighted how generative AI models, exemplified by the emerging tool Mythos, can rapidly perform static code analysis and uncover vulnerabilities, giving defenders a speed advantage—but the same capability could be weaponized by adversaries if models are widely released. He warned that today’s controlled releases may soon become indistinguishable from the open‑source models that attackers will exploit. He emphasized the power of community: building inclusive forums where CISOs, researchers, and newcomers share tactics, because diverse problem‑solving approaches are essential against an "AI autonomous attack storm." He also noted his involvement in UN‑backed AI red‑line initiatives and the American Society for AI, underscoring the need for policy coordination. For security leaders, the takeaway is clear: invest in robust community networks, advocate for responsible AI governance, and prepare defenses that leverage AI without handing the same tools to threat actors. The conversation signals that the next cyber‑security frontier will be defined by how well the industry balances innovation with restraint.
She Convinced the Pentagon to Let Hackers In. Legally. With Katie Moussouris
The podcast spotlights Katie Moussouris, a former teenage hacker who rose to become a leading figure in vulnerability research and policy, famously persuading the Pentagon to allow legal hacker penetration testing. Moussouris coordinated Microsoft’s rapid patch response to Dan Kaminsky’s 2008...
Still Getting Cloud Wrong. Here’s What to Fix. With Simon Vernon
The latest episode of Cyber Leaders features Simon Vernon, a veteran SANS instructor, CTF architect, and chief security officer for a data‑center firm. Vernon’s résumé spans early hobbyist hacking, automotive electronics, and a decade of designing hands‑on cloud‑security curricula. Vernon stresses...
Cyber Leadership, Trust and the Human Dimension with Jitender Arora
The Cyber Leaders podcast hosts Kieran Martin and James Line sit down with Jitender “Jit” Arora, a veteran CISO who now oversees cyber‑security strategy for Deloitte across North and South Europe. The conversation traces his unlikely path from a Hindi‑medium...
Lightning Talk: MCP Under Attack: Securing Control Plane
The talk warns that the Model Context Protocol (MCP), the standardized plumbing that lets AI agents run tools, access data and execute code, is being deployed without a security policy, turning it into a privileged access point. Because MCP delegates trust...
Lightning Talk: Predictive AI Shrinks Takedown Cycles
The talk highlighted how predictive artificial intelligence can dramatically accelerate the takedown of malicious online content. Signify, a global manufacturer with a massive external attack surface, was drowning in hundreds of daily alerts—many of them false positives—and experienced weeks‑long delays...
Bringing AI Securely Online with Florence Mottay
The episode marks a leadership transition at SANS, with James Lyne stepping in as CEO and continuing the Cyber Leaders podcast. Host Ciaran Martin welcomes the 2025 Dutch CISO of the Year, Florence Mottet, now chief information security officer at Zalando, to discuss...
Building Your 2026 Cybersecurity Audit Plan
James Trella, a veteran SANS instructor and cyber‑risk specialist, opened the webcast by framing the 2026 cybersecurity audit plan as a strategic imperative for any organization seeking to protect its mission. He highlighted his decades of experience authoring CIS Controls...
Trust Your Vendors, Do You?
The webcast hosted by veteran CISO Yan focused on the escalating challenge of third‑party risk management in today’s hyper‑connected enterprises. He outlined how reliance on thousands of external vendors expands the attack surface and why organizations must rethink traditional oversight. Yan...
How to Make a Mission & Vision for Your Security Team in 60 Minutes or Less
The webinar walks security leaders through creating a concise mission and vision for their teams in under an hour. It stresses that while companies often have corporate statements, security groups rarely do, leaving a strategic gap. The presenter outlines the...
Keynote: Not a Forecast: AI-Enabled Cyber, 12 Months On
Jacob Klein, head of Anthropic’s threat intelligence, opened his keynote by charting how AI‑enabled cyber threats have evolved dramatically over the past twelve months. He walked the audience through three representative incidents—March’s rudimentary ransomware‑as‑a‑service built with Claude, May’s Russian‑linked extortion...
SANS Critical Advisory: BugBusters - AI Vulnerability Discovery Hype versus Reality
The SANS Critical Advisory webcast tackled the growing hype surrounding Anthropic’s new Mythos model and its alleged ability to automatically discover and exploit software vulnerabilities. Industry leaders, including the U.S. Treasury and the Federal Reserve, have convened emergency meetings, while...
Failed a Cybersecurity Exam? Here’s What Happened Next
The video chronicles a professional’s journey through the SANS cybersecurity certification track, a master‑level program that expects participants to earn three credentials within roughly twelve months. After breezing through the first two exams, the speaker fell short on the third...
Breaking Into Cybersecurity After 30
The video chronicles a man in his late thirties who left two full‑time jobs to enroll in a cybersecurity workforce academy, seeking a career pivot that would give him more time with his family. He describes the grind of working 7 a.m....
How Secure by Design and Public Partnerships Drive Deterrence: A Conversation with Jen Easterly
The podcast features a deep‑dive conversation with Jen Easterly, former Army lieutenant colonel and current chief executive of the RSA Conference, about how secure‑by‑design engineering and public‑private partnerships shape U.S. cyber deterrence. Easterly recounts her early immersion in cyber while deployed...