Human Element

Maltego
  • 5.0 (3)
  • TECHNOLOGY

Welcome to Human Element, a podcast by Ben April, CTO at Maltego, focused on exploring the experiences and perspectives that shape cybersecurity leadership. In each episode, we speak with industry leaders to uncover the challenges they’ve encountered, the pivotal decisions that have influenced their careers, and the human dynamics that continue to shape the cybersecurity landscape beyond the technical domain.

  1. Cequence's William Glazier on Building Teams through Operational Connection

    JAN 27

    Cequence's William Glazier on Building Teams through Operational Connection

    The hardest part of security leadership isn't building better detection systems; it's staying connected enough to the daily work that you can still recognize when something doesn't make sense. William Glazier, Director of Engineering - Threat Research & Machine Learning at Cequence Security, refuses to detach from the operational reality his team faces. He's still in the on-call rotation, still debugging production issues, still analyzing customer data to understand how real investigations unfold. William discusses why mental agility matters more than formal credentials when building security teams and how protecting space for people to follow their curiosity creates culture that outlasts any individual leader. He shares his framework for building trust through selective transparency about decision-making, why writing everything down during incidents prevents repeating the same mistakes, and how to recognize when you're letting emotions rather than data drive your responses. Stories We’re Telling Today:  Building SOCs from scratch and scaling them as threat landscapes evolve from simple bot attacks to sophisticated AI agents The practice of comprehensive documentation during security incidents, turning false positives into trust-building opportunities  Screening for mental agility over credentials, by testing candidates’ willingness to adjust when given with contradictory evidence Creating team cultures where people teach each other across disciplines, enabling understanding across security contexts Maintaining operational connection as a leader by staying in on-call rotations and debugging alongside team members The strategic use of AI tools for documentation and transcription while avoiding the trap of outsourcing critical thinking Why customer obsession requires vendors to use their own products exactly as customers do, including friction points, to maintain perspective Too busy; didn’t listen:  Stay operationally connected with actions like remaining in on-call rotations and debugging alongside engineers to maintain and build trust. In hiring, screen for people who change their minds when presented with contradictory evidence rather than forcing conclusions to fit initial assumptions. This shows mental agility. Comprehensive documentation during security incidents transforms potential failures into trust-building opportunities. The biggest risk of AI tools isn't replacement but outsourcing critical thinking before you've struggled through enough problems to recognize when AI-generated answers don't make sense. Skip to the Highlight of the episode:  [33:30-33:56] “If you have a relationship with someone that's generally based on not being afraid to trade ideas and “Actually I disagree with you here. I disagree with this. What about this? What about that?” And then that stops. That's another red flag. And how do you build it? It's relying on you, again, having some North star that you've got to keep. People have to know some goal they're working towards, some broad vision.” 40:51-51:22 Speaker William Glazier, Director of Engineering - Threat Research & Machine Learning, Cequence Security William Glazier has built, scaled, and managed security operations while developing machine learning models for bot detection. His background includes everything from early threat intelligence work on residential proxy services to current challenges distinguishing good AI agents from malicious ones. Listen to more episodes:  Apple  Spotify  YouTube Website

    49 min
  2. HUMAN Security's Lindsay Kaye on Why Empathy Is Non-negotiable

    JAN 22

    HUMAN Security's Lindsay Kaye on Why Empathy Is Non-negotiable

    Lindsay Kaye's career turned on a single decision: someone taught her reverse engineering despite her lack of experience, shaping her leadership philosophy around giving others similar opportunities. As VP of Threat Intelligence at HUMAN Security, she maintains hands-on technical work not as a compromise but as a strategic choice that builds credibility, prevents over-promising on timelines, and ensures she understands what her distributed team confronts daily tackling sophisticated ad fraud campaigns. Lindsay also discusses her evolution from firm-deadline enforcement to empathy-driven management, her trust bucket framework that evaluates patterns rather than individual mistakes, and how she actively prevents hub-and-spoke isolation by encouraging peer-to-peer collaboration across six time zones.  Stories We’re Telling Today:  Maintaining hands-on technical work as a leader to build credibility, prevent over-promising, and understand team challenges firsthand Trying on different leadership styles early in your career creates authentic leadership rather than forcing predetermined molds Building trust across globally distributed teams through peer-to-peer one-on-ones and rotating collaboration partners The trust bucket framework for evaluating team performance over time rather than making judgments based on individual missed deadlines Why saying "I don't know" and asking for help demonstrate leadership strength rather than weakness in technical security environments How the evolution from firm deadline enforcement to empathy-driven management improves team performance and psychological safety Managing complex investigations across six time zones by time-boxing days for meetings versus deep technical work Creating real-world impact narratives that motivate teams beyond just internal company benefits Mentoring junior analysts into reverse engineering by emphasizing that repeated failure is the learning path rather than something to avoid Too busy; didn’t listen:  Maintain hands-on reverse engineering work as a leader because technical credibility prevents over-promising timelines and builds authentic leadership. Empathy-driven management recognizes that transparency and understanding life circumstances improve team performance. Distributed teams can avoid hub-and-spoke isolation by encouraging peer-to-peer one-on-ones, rotating collaboration partners, and time-boxing days for meetings. A trust bucket framework treats team performance as cumulative rather than judging individuals on single missed deadlines. Skip to the Highlight of the episode:  [17:12-17:22] “I think that making sure that they get to do work that they enjoy that benefits the company and then helping them understand how the things that they do actually benefit the company is really important.”  Speaker Lindsay Kaye, VP of Threat Intelligence, HUMAN Security Lindsay Kaye is an expert malware analyst and reverse engineer who loves taking on technical challenges of all kinds. She speaks regularly at international conferences such as REcon, Disobey, SEC-T, FIRST, and numerous BSides events. In addition to speaking, she leads training sessions and workshops that help others develop skills in the technical aspects of cybersecurity. Lindsay currently leads the Threat Intelligence team at HUMAN, building on her career from software engineer to reverse engineer to technical team leadership. A New York City native, Lindsay obtained her BS in Engineering from Olin College of Engineering before receiving her MBA from Babson College. She is also the author of Dissecting the Dark Web.   Listen to more episodes:  Apple  Spotify  YouTube Website

    40 min
  3. LastPass's Alex Cox on Turning Vulnerability Into Leadership Strength

    JAN 7

    LastPass's Alex Cox on Turning Vulnerability Into Leadership Strength

    The best security leaders don't pretend to know everything; they build teams where admitting knowledge gaps becomes a competitive advantage. Alex Cox, Lead of Artificial Intelligence Working Group at LastPass, has spent two decades proving that vulnerability creates stronger security organizations than technical heroics ever could. His approach to leadership, forged through military service and high-stakes security incidents, prioritizes trust and psychological safety over individual expertise. Ben and Alex discuss how commander's intent from military planning translates to empowering security teams, why hiring for stress management capabilities matters more than technical credentials, and how AI is blurring the lines between individual contributor and management skills. Alex also shares his framework for spot feedback, his philosophy on when to lean on others' expertise, and why the transition from IC to manager remains one of the hardest career shifts in security. Stories We’re Telling Today:  Applying military commander's intent principles to security team management by defining mission outcomes Why hiring veterans and former law enforcement provides natural stress management capabilities The strategic value of deep IT backgrounds for security roles: natural pattern recognition for detecting anomalies and suspicious activity How AI is transforming individual contributor work to require management-level strategic thinking Building psychological safety by modeling that voicing disagreement or admitting overwhelm won't result in retaliation Implementing spot feedback rather than formal mentorship structures, rather than waiting for scheduled reviews or structured programs Using tone calibration in text-based communication through emoji and message structure to prevent misunderstandings in abbreviated high-pressure exchanges across Slack and similar platforms Evaluating security technology decisions by understanding industry trajectory rather than just current needs Too busy; didn’t listen:  Build security teams around admitting knowledge gaps and leaning on others' expertise, making vulnerability a leadership strength. There is value in prioritizing hiring veterans and former law enforcement for stress management capabilities over technical credentials. Using commander's intent to create space for unexpected approaches and building trust through autonomy. AI is making management skills essential for individual contributors, as effective prompting requires the same strategic thinking and problem decomposition traditionally reserved for leading teams. Psychological safety matters more than technical expertise; teams that can voice disagreement or admit being underwater solve problems faster than those protecting leadership egos. Skip to the Highlight of the episode:  [14.47-15:07] “That's another favorite part of the job is to have a task and have one of my posts come back and go, “Hey, look at this!” And I'm like, “Man, I never thought of it that way. Or that's a really unique approach.” And showing it off to some of the other managers, seeing if you can apply the approaches in different places. That's a really fun part of managing a security team in general, because, like I said, it tends to produce people that think outside the box.”  Listen to more episodes:  Apple  Spotify  YouTube Website

    39 min
  4. Evershed Sutherland's Patrick Gilman on How Revenue Follows Purpose Instead of Driving It

    12/23/2025

    Evershed Sutherland's Patrick Gilman on How Revenue Follows Purpose Instead of Driving It

    Patrick Gilman, Lawyer, Partner, & Co-Head of National Security Practice at Eversheds Sutherland, points to a disconnect between how professional services firms measure success and what actually drives sustainable team performance. Instead of P&L and billable hours, Patrick focuses on whether his team receives diverse, challenging work that develops broad problem-solving capabilities across multiple legal domains rather than creating narrow subject matter experts. Patrick discusses the structural reasons lawyers fail at leadership. They transition from team member to team leader without formal training, law schools provide no leadership curriculum, and revenue pressure makes team development secondary to billing. He also explains his framework for difficult decisions through second- and third-order effects analysis, why he stopped reactive management behaviors after recognizing they produced no useful outcomes, and how he empowers junior associates to screen and approve hiring candidates before they join the team. Stories We’re Telling Today:  Why competitive professional environments create poor leaders by teaching individual performance without transition frameworks Defining success through team utilization, skill diversity, and sense of purpose to create sustainable performance The framework for evaluating difficult decisions by mapping second- and third-order effects rather than optimizing for immediate outcomes  Why empowering junior team members to screen, interview, and approve hiring candidates creates stronger team cohesion How removing misaligned team members prevents ripple effects that destroy team dynamics Building trust through radical transparency and honest communication even when it's uncomfortable  Why crisis-focused practices make daily routines ineffective and demand different operational frameworks Formal mentorship programs vs. mentorship through regular feedback, honest assessment, and helping individuals understand their failures Too busy; didn’t listen:  Law and other professional programs don't teach team management, leaving professionals to transition from individual contributor to team leader without understanding the fundamental shift in roles. Defining success by team utilization, skill diversity, and sense of purpose rather than billable hours or P&L; when those elements align properly, traditional metrics become trailing indicators. Mapping second- and third-order effects for decisions, empowering junior staff to control hiring decisions, and immediately removing misaligned team members to protect cohesion. Preparation prevents disaster, and the distinction between difficult and easy decisions compresses with experience. Skip to the Highlight of the episode:  [4:15-4:40] “But the difference between the two is lawyers, when they're operating, they're not brought up to operate a team. They're brought up to be a part, as a junior lawyer, to be part of a team. And as you grow through the ranks, you go from being a part of a team to leading a team without really understanding the transition and the roles and responsibilities of doing that.”  Listen to more episodes:  Apple  Spotify  YouTube Website

    42 min
  5. ConnectWise's Bryson Medlock on Leading without a Universal Playbook

    12/16/2025

    ConnectWise's Bryson Medlock on Leading without a Universal Playbook

    Bryson Medlock's path to Threat Intelligence Evangelism Director, CW Research Unit at ConnectWise positioned him to address what actually creates high-performing security teams: treating people as individuals, maintaining psychological safety during crises, and building systems that eliminate months of manual work. Bryson shares how his leadership philosophy draws from a bit of nerdiness, including nearly two decades of running D&D campaigns where managing group dynamics requires constant attention to who's speaking and who needs encouragement to contribute. These frameworks translate directly into security team management, where recognizing that a fresh graduate needs hands-on guidance while a 15-year veteran needs autonomy and trust determines whether teams thrive or fracture. The conversation explores how Bryson transformed ConnectWise's threat intelligence operations from months of manual spreadsheet work into automated systems that generate insights instantly. He also touches on conducting difficult conversations by focusing on observable facts rather than assumed intentions, building trust through recognizing individual needs rather than applying uniform management styles, and why panic accomplishes nothing in security operations where most situations aren't actually life-or-death. Stories We’re Telling Today:  Why the most important step after any failure is simply the next one, and how this shapes hiring decisions for people who return after rejection Transforming threat intelligence operations from months of manual spreadsheet work into automated systems Building trust by recognizing individual experience levels and adjusting management style accordingly Conducting difficult conversations by focusing on observable facts and giving people the benefit of the doubt regarding their intentions Why curiosity about why systems work matters more than memorizing commands or collecting certifications How running D&D campaigns teaches essential leadership skills, including managing group dynamics Creating psychological safety during security emergencies by recognizing that panic doesn’t help unless it’s life or death Why kindness isn't soft but rather creates competitive advantage through better team performance and reduced turnover Too busy; didn’t listen:  The most important step after any failure is the next one; some of Bryson's best hires were people initially rejected who demonstrated growth and returned changed. Effective leadership requires treating team members according to their individual experience levels, not applying uniform management styles. Curiosity about why systems work separates career-long security professionals from those who plateau. Building trust involves conducting difficult conversations by focusing on observable facts rather than assumed intentions, then giving people the benefit of the doubt. Kindness in leadership creates competitive advantage through better team performance, reduced turnover, and environments where people actually want to contribute their best work Skip to the Highlight of the episode:  [13:44-13:58] “You have got to be able to know when to trust, and when to delegate. I think a lot of it comes down to just recognizing that what it means to be a human, everybody is an individual. Everybody's got individual needs and wants and desires” Listen to more episodes:  Apple  Spotify  YouTube Website

    39 min
  6. CPPS' Jameson Ritter on Why 98% of Violence Prevention Starts with Human Behavior

    12/09/2025

    CPPS' Jameson Ritter on Why 98% of Violence Prevention Starts with Human Behavior

    The biggest security failures don't happen because teams miss warning signs in the data; they happen because no one reported the warning signs in the first place. Jameson Ritter, Director of Behavioral Threat Assessment and Management at CPPS, discovered this truth after years responding to terrorism events and workplace violence as a law enforcement officer. His transition from the Joint Terrorism Task Force to corporate security revealed a consistent pattern: in nearly every tragedy, people knew something was wrong but never reported it. The gap wasn't in security infrastructure or threat assessment capabilities, it was in organizational culture and human behavior. Jameson’s background also shaped his approach to building violence prevention programs that actually work. He discusses why 98% of effective prevention happens in the human sphere rather than through physical security measures, how to create multidisciplinary teams that leverage diverse perspectives, and why leaders need to embrace the "80% solution" when dealing with imperfect information about human behavior. He also explores the challenges of maintaining team mental health in a field that deals with tragedy and the importance of building trusted professional networks. Stories We’re Telling Today:  Transitioning from a response-focused mindset to a prevention-first approach reveals the true gaps in violence prevention Building threat assessment teams that integrate HR, legal, mental health, and security perspectives to understand human behavior The "80% solution" framework for making informed decisions with imperfect information, then evolving as new data emerges Investing in behavioral change delivers better prevention outcomes for physical security infrastructure than technology alone Creating organizational cultures where reporting warning signs becomes natural rather than relying on "see something, say something"  Embracing contrarian voices and red team thinking to prevent groupthink and identify blind spots that could lead to tragedy Maintaining mental health for threat assessment teams that regularly deal with difficult subject matter and organizational tragedies Leveraging professional networks to solve high-risk cases by accessing diverse expertise and geographic knowledge Why passion and authenticity drive organizational buy-in more effectively than fear-based messaging or compliance requirements Too busy; didn’t listen:  Violence prevention is 98% human behavior and organizational culture, not physical security infrastructure. The "80% solution" framework means making the best decision with available information now, then evolving as you learn more. Building multidisciplinary threat assessment teams with HR, legal, mental health, and security perspectives prevents blind spots.  Welcoming contrarian voices stops the groupthink that causes teams to miss critical warning signs. Most tragedies don't happen because teams failed to act but because they never knew there was a problem. Skip to the Highlight of the episode:  [24:44-25:07] “I think they use the word passionate and that's not patting myself on the back, but I wear it on my sleeve. When I talked about the common thread line for me is this thread line of service. And now I've settled into this role of violence prevention and threat assessment. If you can speak authentically to things that you're passionate about and be knowledgeable on it, but also passionate, and that comes through in how you talk and engage with other people.” Listen to more episodes:  Apple  Spotify  YouTube Website

    45 min
  7. N-able's Kevin O'Connor on Why Hiring Smarter Than Yourself Scales Security Teams

    12/04/2025

    N-able's Kevin O'Connor on Why Hiring Smarter Than Yourself Scales Security Teams

    Kevin O’Connor's decade at the NSA taught him that the path to effective security leadership runs counter to most instincts: hire people smarter than yourself, let experts drive decisions in their domains, and focus on empowering careers beyond your team rather than confirming what you already believe. As Director of Threat Research at N-able, Kevin now applies this bottom-up approach to protecting small and medium businesses.  Ben and Kevin explore how mission-driven environments shape leadership styles that prioritize purpose over compensation, why mistakes become valuable only when you own the outcome and manage the recovery process, and how the transition from individual contributor to team leader represents the most challenging shift in any security career. Kevin also shares his framework for turning organizational roadblocks into opportunities, why project management skills separate effective leaders from those who struggle under competing priorities, and how to build team cultures where people actually want to spend time together beyond work obligations. Stories We’re Telling Today:  How mission-driven environments shape leadership approaches that prioritize empowering experts over top-down command structures Why hiring people smarter than yourself accelerates team growth and organizational capability Taking immediate ownership, keeping leadership informed of evolving risks, and focusing on impact reduction rather than blame avoidance Transforming organizational nos into yeses by identifying the real issue, providing education, and demonstrating mission-critical value Why project management and organizational skills matter more than technical expertise once you move into leadership positions Managing the transition from individual contributor to team leader and establishing appropriate boundaries with former peers Too busy; didn’t listen:  Kevin O'Connor's leadership philosophy centers on hiring people smarter than himself and letting domain experts drive decisions, an approach developed during a decade at the NSA where mission mattered more than compensation. Effective mistake management focuses on how you stick the landing: take ownership immediately, keep leadership informed of evolving risks, and reduce impact rather than hide problems. Small and medium businesses now face the same threat surface as large enterprises due to cloud services and third-party integrations, making them increasingly attractive targets for E-crime actors seeking multiple smaller ransoms. The transition from individual contributor to team leader represents the hardest shift in security careers, requiring new boundaries with former peers and learning to empower rather than execute. Foundational skills like networking remain critical despite AI advances, while daily news consumption and strong professional networks provide the currency that keeps security leaders relevant. Skip to the Highlight of the episode:  [2:51-3:15] “And then I think also just being around that top talent, the people who were just so smart, I'm not the smartest guy in the room, but I'm pretty quick. But some of the guys I worked with, the guys and girls, they were just next level, next tier. And that always just drove me to make sure that I was never the smartest person in the room. That's the way you grow. If you're hiring to confirm what you're thinking or your mindset, you're never going to get anywhere.”  Listen to more episodes:  Apple  Spotify  YouTube Website

    37 min
  8. GetReal's Tom Cross on Goal Orientation That Sabotages First-Time Managers

    11/25/2025

    GetReal's Tom Cross on Goal Orientation That Sabotages First-Time Managers

    The transition from individual contributor to manager destroys more promising security leaders than any technical challenge they'll face. Tom Cross, Head of Threat Research at GetReal, learned this while managing IBM's X-Force Research team, where his instinct to achieve goals directly conflicted with his responsibility to develop people until he harnessed that perspective. Tom reflects on why vulnerability researchers need dedicated time for self-directed projects independent of business priorities, and how that balance creates environments where people give 120% because they're doing what they love. Tom and Ben also explore how Dunning-Kruger effects create friction between security teams and IT organizations, and how professional networks built over 25 years become almost everything about senior leadership opportunities. Stories We’re Telling Today:  The incompatibility between manager time and maker time in software engineering organizations. Why vulnerability researchers require structured time for personal projects independent of business priorities to maintain engagement. How distributed team management demands deliberate communication structures to replace information osmosis, including weekly one-on-ones and context-rich updates. Transitioning from individual contributor to manager requires abandoning goal achievement orientation in favor of coaching people. How Dunning-Kruger effects create persistent friction where IT professionals overestimate their security understanding. Recognizing when people aren't aligned with their roles and creating mutual agreement about misalignment before off-boarding. Emotional detachment from organizational bureaucracy as a critical survival skill for security leaders dealing with constant obstacles. Too busy; didn’t listen:  Technical managers who hire people smarter than themselves build more powerful organizations; those who maintain authority through expertise create weaker teams. Software engineering productivity requires uninterrupted “maker time.” A 30-minute meeting can destroy an entire afternoon because the cognitive reload is so expensive. The transition from individual contributor to manager demands abandoning goal achievement orientation for people coaching, accepting that work won't be done as well or as quickly as you would do it yourself. Professional networks built across 25 years of security leadership become almost everything about senior opportunities, with alumni relationships from early career positions creating recruiting pipelines decades later. Skip to the Highlight of the episode:  [37:58-38:27] “You end up in this management role, but you still have this goal orientation where you want to see the work get done and you have these people that you delegate the work to who may not be as good as you are at achieving those goals. And it's really hard to shift your mindset from focusing on achieving the goal to focusing on coaching the person that's there to the point where they achieve the goal.” Listen to more episodes:  Apple  Spotify  YouTube Website

    41 min
See All (24)

Ratings & Reviews

5
out of 5
3 Ratings

About

Welcome to Human Element, a podcast by Ben April, CTO at Maltego, focused on exploring the experiences and perspectives that shape cybersecurity leadership. In each episode, we speak with industry leaders to uncover the challenges they’ve encountered, the pivotal decisions that have influenced their careers, and the human dynamics that continue to shape the cybersecurity landscape beyond the technical domain.

Information

  • Creator
    Maltego
  • Years Active
    2025 - 2026
  • Episodes
    24
  • Rating
    Clean
  • Copyright
    © Copyright 2025 All rights reserved.
  • Show Website
    Human Element