Bourbon & Bytes

Cape Endeavors
  • 0.0 (0)
  • TECHNOLOGY
  • UPDATED WEEKLY

Spirited conversation and sharp insights, exploring cybersecurity, national security, AI threats, and personal journeys—all over a glass of bourbon.

Episodes

  1. From Chaos to Command: Tony Kirtley of IBM’s X-Force on Leading Cyber Incident Response

    SEP 30

    From Chaos to Command: Tony Kirtley of IBM’s X-Force on Leading Cyber Incident Response

    When a cyber crisis hits, the difference between chaos and recovery often comes down to preparation, leadership, and clear communication. In this episode of *Bourbon & Bytes*, Cape Endeavors CEO Terry McGraw sits down with Tony Kirtley, Global Leader of IBM’s X-Force Incident Response, to share hard-won lessons from some of the world’s largest cyber incidents. They emphasize the need for organizations to have robust incident response plans, effective communication strategies, and the role of incident commanders in managing crises. The conversation also highlights the significance of understanding business risks, especially in relation to supply chains and data breaches, and the necessity of practicing response strategies to mitigate emotional responses during incidents. 🔎 *What you’ll learn: ✅ The top attack vectors that still dominate breaches today ✅ Why asset management and privilege access remain weak points ✅ How AI is (and isn’t) changing the threat landscape ✅ The role of incident commanders in high-stakes ransomware cases ✅ The “grief cycle” of cyber breaches and how leaders can push their teams to acceptance faster ✅ Practical steps executives should take before the worst day happens If you’re in cybersecurity, leadership, or risk management, this conversation is packed with insights that can help your organization prepare, respond, and recover. 👉 Subscribe for more expert conversations on cybersecurity, compliance, and leadership from the frontlines. #IncidentResponse #Cybersecurity #CMMC #DataBreach #IBM #BourbonAndBytes

    47 min
  2. Why Your Business Isn’t CMMC Ready (And How to Fix It Fast)

    SEP 10

    Why Your Business Isn’t CMMC Ready (And How to Fix It Fast)

    In this Bourbon & Bytes conversation, Terry McGraw of Cape Endeavors sits down with Koren Wise, founder of Wise Technical Innovations and a C3PAO with hands-on experience guiding defense contractors through CMMC. Koren shares how she got started in IT, why she became an early believer in CMMC, and the hard truths she sees every day when companies think they’re ready for an assessment but aren’t. From scoping mistakes to relying on the wrong MSP, she explains why so many defense contractors stumble — and what separates those who pass from those who don’t.If your business handles Controlled Unclassified Information (CUI) and you’re aiming for CMMC Level 2 compliance, this episode is packed with practical lessons you won’t want to miss. Practical Guidance for CMMC ReadinessBoundaries are EssentialCMMC is highly technical. You need real network and systems engineering expertise to build proper boundaries around CUI. Thinking “cloud replaces boundaries” is a major misconception. Scoping Mistakes are Common - Many contractors don’t understand how scoping really works. If a laptop is used to view CUI, it’s in scope unless protected by an authorized VDI. Failing to scope properly pulls in devices and networks you may not expect. Training Matters - Companies often show up for assessments without anyone who has been through training. Without someone who understands the 110 controls and 320 objectives, it’s challenging to be truly ready. Endpoints Can Sink Compliance - Some vendors claim their solutions make CMMC compliance easy while leaving endpoints in scope. If endpoints aren’t properly managed, attackers can harvest credentials and compromise CUI, no matter how strong your enclave is. Empty Enclaves = False Claims Risk - Building a compliant enclave but leaving CUI scattered across old systems is not just a mistake — it could be seen as a false claim if you attest to compliance. CMMC is Both Protection and Advantage - Beyond DoD requirements, following NIST 800-171 and CMMC protects your business from ransomware and gives you a competitive edge in winning contracts. Continuous Compliance is Necessary - Compliance doesn’t end at assessment. Without ongoing monitoring and updating, companies risk slipping out of compliance and losing contract eligibility. Choose Compliance Partners Carefully - An MSP or RPO that downplays CMMC or says “it will go away” is a red flag. Look for providers with CCP/CCA credentials and a record of helping companies pass. Like, comment, and follow: https://www.youtube.com/@CapeEndeavors

    49 min
  3. Navigating Supply Chain Risks in a World of Constant Disruption

    AUG 19

    Navigating Supply Chain Risks in a World of Constant Disruption

    In this episode of Bourbon & Bytes, Cape Endeavors CEO Terry McGraw sits down with Jenna Wells, CEO of Supply Wisdom‬ to explore the evolving landscape of business risk management in an increasingly volatile world. From her early career as a Marine Corps officer and NSA-trained intelligence officer to leading a cutting-edge risk intelligence platform, Jenna shares insights on: ➡️ Identifying and managing location risk in global supply chains ➡️ Navigating regulatory requirements like DORA, GDPR, and forced labor prevention acts ➡️ Mitigating upstream and downstream vulnerabilities in today’s interconnected economy ➡️ Preparing for the next wave of AI regulations and responsible AI adoption Whether you’re a defense contractor, a supply chain leader, or an executive looking to strengthen your organization’s resilience, this conversation delivers actionable strategies to turn risk management from reactive to proactive. 📌 Learn how to protect your business from disruptions, avoid costly compliance failures, and make informed decisions in a complex global environment.

    53 min
  4. CMMC Compliance Without the BS – Real Talk from 3 Experts Who've Been There

    AUG 11

    CMMC Compliance Without the BS – Real Talk from 3 Experts Who've Been There

    In this episode of Bourbon & Bytes, host Terry McGraw sits down with Dewayne Alford (COO) and Andy Paul (CTO & Lead CMMC Assessor) of Cape Endeavors to pour a glass of Blanton’s and break down what really matters when it comes to CMMC compliance. Forget the framework fluff—this is an unfiltered conversation packed with real-world insights from a team that’s successfully brought 23 companies through CMMC assessment with a perfect score of 110. 🧠 What you'll learn: Why “CUI is everywhere” is a myth that’s costing contractors time and money How skipping scoping leads to failed assessments—and what to do instead The three practical paths to CMMC compliance (hint: not everyone needs to lift their whole environment) What most “CMMC-ready” tools and vendors won’t tell you Why enclaves are often the fastest, cheapest, and most secure solution How false claims, overscoping, and poor tooling increase risk and burn budgets What to ask any RPO or assessor before you sign anything 💡 Plus: A deep dive into Teramis, a purpose-built CUI discovery tool born from real-world experience with post-breach response and assessment prep. Whether you’re just getting started with CMMC, already on the journey, or cleaning up someone else’s mess—this episode is a must-watch. 🔗 Learn more at https://www.capeendeavors.com 📥 Explore Teramis CUI discovery at https://www.teramis.us 👉 Like, subscribe, and drop a comment to let us know what CMMC topics you'd like to see in future episodes.

    1h 8m
  5. Cybersecurity in the Cloud: Navigating AI, Quantum Threats, and Supply Chain Risks

    AUG 5

    Cybersecurity in the Cloud: Navigating AI, Quantum Threats, and Supply Chain Risks

    In this episode of Bourbon & Bytes, host Terry McGraw (CEO of Cape Endeavors) welcomes Chris Perry, Head of Cybersecurity Product Management at Google Cloud AI Compute Infrastructure. The conversation spans critical cybersecurity and infrastructure issues facing both cloud providers and regulated industries. Topics include: ➡️ Cybersecurity in Cloud Computing ➡️ AI’s Impact and Opportunities ➡️ Software Supply Chain Security ➡️ Quantum Computing and Encryption ➡️ Ransomware-as-a-Service and the Cyber Threat Landscape Perry also shares practical guidance for CFOs, CISOs, and technology leaders on where to focus now and what to demand from vendors as quantum and AI capabilities evolve. If you work in cybersecurity, cloud infrastructure, national defense, or critical infrastructure, this episode is packed with insight you won’t want to miss. #Cybersecurity #CloudSecurity #AIInfrastructure #QuantumComputing #GoogleCloud #CMMC #ThreatIntelligence #SharedResponsibilityModel #Ransomware #Compliance #NationalSecurity #CapeEndeavors #BourbonAndBytes #CloudSovereignty #AIandSecurity #PostQuantumEncryption

    41 min
  6. AI Meets the Battlefield: Mike Weigand on the Future of AI, Cybersecurity and Defense Innovation

    JUL 28

    AI Meets the Battlefield: Mike Weigand on the Future of AI, Cybersecurity and Defense Innovation

    Join Terry McGraw on Bourbon and Bytes as he sits down with Mike Weigand, a former Army Ranger, cyber officer, and defense-tech entrepreneur. In this compelling episode, Mike shares his journey from securing military systems at Shift5 to founding Aventra, a defense-tech startup tackling the future of long-range precision systems. Weigand shares how his military roots as a West Point grad, Ranger, and cyber officer shaped his entrepreneurial approach to defense innovation. He discusses how today's battlefield is defined not by mass but by speed, autonomy, and software-driven advantage—and how tools like AI are shrinking OODA loops, enabling rapid prototyping, and completely changing what’s possible in modern conflict. ▶️ Topics covered in this episode: Securing operational technology (OT) systems AI's Transformative Impact on Defense Innovation The Reindustrialization Imperative Speed as the New Competitive Advantage Whether you care about AI, defense innovation, or American industrial resilience, this is a conversation that connects dots few others can. 👉 Subscribe to Bourbon & Bytes for more conversations with top tech leaders—diving into cybersecurity, national security, AI threats, and the personal journeys behind the innovation. #DefenseTech #Cybersecurity #AI #IndustrialBase #OODAloop #AutonomousWeapons #AmericanManufacturing #CapeEndeavors #BourbonAndBytes

    46 min
  7. Breaking Barriers and Battling Cybercrime: Wendy Thomas on Galvanizing Leadership and the Future of Security

    JUL 18

    Breaking Barriers and Battling Cybercrime: Wendy Thomas on Galvanizing Leadership and the Future of Security

    In this powerful episode of Bourbon & Bytes, host Terry McGraw, CEO of Cape Endeavors, sits down with Wendy Thomas—former CEO of Secureworks and current board director at Marketta and IonQ—for a wide-ranging conversation that explores the shifting frontlines of cybersecurity, artificial intelligence, and leadership. Wendy unpacks how quantum and AI are reshaping the cyber landscape, including the opportunities (like democratized security and new AI forensics roles) and risks (from model drift to deepfakes). The two dive into the explosive growth of cybercrime—now topping $10.5 trillion—and discuss the need for new public-private accountability models, secure software mandates, and a "lifestyle approach" to legislation. Beyond tech, Wendy reflects on the evolution of diversity in leadership, the limitations of traditional higher education, and what it really takes to lead a company through IPOs, acquisitions, and cultural change. Insightful, strategic, and deeply human—this is a conversation you don’t want to miss. Learn more about Cape Endeavors: https://www.capeendeavors.com #Cybersecurity #AI #QuantumComputing #Deepfakes #AICybersecurity #CyberRisk #ThreatLandscape #SecureSoftware #SecureWorks #WomenInTech #BoardLeadership #TechLeadership #Marqeta #IONQ #BourbonAndBytes #CapeEndeavors

    56 min
  8. Mapping the Cyber Battlefield: Jason Kaplan on Attack Surfaces, CMMC, and the Startup Grin

    JUL 16

    Mapping the Cyber Battlefield: Jason Kaplan on Attack Surfaces, CMMC, and the Startup Grin

    In this episode of Bourbon & Bytes, host Terry McGraw sits down with Jason Kaplan, CEO of SixMap, for a spirited conversation that cuts across startup life, cybersecurity mandates, and the rapidly evolving threat landscape. Kaplan shares his unconventional journey from finance to fitness tech to cybersecurity, offering a founder’s-eye view of how SixMap is redefining External Attack Surface Management (EASM). The two dive deep into the cost-benefit debate around CMMC 2.0, the importance of secure-by-design infrastructure, and why "waiting" is the most expensive strategy of all. They also explore how SixMap uses AI to provide high-fidelity scans of enterprise exposure—mapping vulnerabilities across IPv4/IPv6, ports, and corporate hierarchies. From ransomware fallout to deepfake dangers, and from bourbon reviews to rapid-fire startup advice, this episode blends strategic insight with real-world urgency.

    41 min
  • 8 Episodes

About

Spirited conversation and sharp insights, exploring cybersecurity, national security, AI threats, and personal journeys—all over a glass of bourbon.

Information

  • Creator
    Cape Endeavors
  • Years Active
    2K
  • Episodes
    8
  • Rating
    Clean
  • Copyright
    © Cape Endeavors
  • Show Website
    Bourbon & Bytes