The Cyber Executive

The Cyber Executive

The Cyber Executive host is Marc Ashworth and has over 30 years of technology, security and business experience and leads the discussions with top executives and industry leaders on the topics of cyber security, technology, risk and business.

  1. Ep 32: Navigating AI Security: The TEST Framework Explained

    FEB 10

    Ep 32: Navigating AI Security: The TEST Framework Explained

    In this episode of the Cyber Executive Podcast, host Marc Ashworth welcomes Terry Green-Mason, Vice President of Technology at Elevate, to discuss the critical intersection of AI and cybersecurity. Teri introduces her innovative framework, TEST, which stands for Touch, Execute, Store, and Trust, designed to help organizations navigate the complexities of AI security. She highlights the prevalent gap between the excitement surrounding AI and the reality of its associated risks, emphasizing the need for organizations to ask the right questions about data handling and AI interactions. Teri explains how her framework simplifies AI security without oversimplifying it, allowing organizations to proactively manage risks while still embracing technological advancements. Throughout the conversation, Teri shares insights on common mistakes organizations make when integrating AI tools, the importance of human oversight in AI decision-making, and the necessity of understanding data retention and context. She also discusses her children's book aimed at teaching ethics in AI, showcasing her commitment to educating the next generation about technology. The episode concludes with a call to action for security leaders to adopt the TEST framework to enhance their risk management strategies and ensure a secure AI implementation. Takeaways ​"The gap between AI excitement and security reality is significant."​"Trust is not blind faith in the vendor; it's about understanding the model's behavior."​"AI doesn't live in isolation; it interacts with workflows and APIs, which can lead to unexpected risks."​"Organizations need to ask better questions about data handling and AI interactions."​"We must ensure human oversight in AI decision-making processes."​"The TEST framework simplifies AI security without oversimplifying it."​"Education on AI ethics is crucial for the next generation."​"AI should only have read-only access, not execute permissions."​"We need to reframe how we think about ongoing risks in cybersecurity."​"Trust in AI requires due diligence and understanding of the model's dependencies."

    33 min

  2. JAN 20

    Ep 31: Securing Vibe Coding with Shahar Bahat of Pluto Security

    Are you ready to embrace the future of coding?  AI is democratizing development, allowing anyone to create software! But with this power comes new risks. 🔒  In the latest episode of #TheCyberExecutive, host Marc Ashworth and Shahar Bahat of Pluto Security dive into how AI coding can change our security landscape! What are your thoughts? Is the risk worth the reward?

    35 min

  3. 12/16/2025

    Ep: 30 Building Trust in Cybersecurity and AI with Kristi Cook of Peabody Energy

    In this episode of the Cyber Executive, host Marc Ashworthand guest Kristi Cook, Director of Global Cybersecurity at Peabody Energy, discuss the intersection of cybersecurity, data protection, and AI. They emphasize the importance of foundational data protection as the basis for secure AI implementation, the need for organizations to identify and classify their data, and the significance of building relationships between security teams and business units. The conversation also covers the challenges of balancing security with AI adoption, the necessity of preventing data leakage, and the evolving landscape of vendor relationships and regulatory changes. Takeaways 1.    Data protection is the foundation of AI security. 2.   Organizations must identify and classify their data. 3.   Small, manageable steps can lead to significant security improvements. 4.   Tagging and labeling data is essential for effective protection. 5.    Security should enable AI adoption rather than hinder it. 6.    Building relationships within the business enhances security conversations. 7.    Understanding risk is crucial for data governance. 8.    Monitoring regulatory changes is vital for compliance. 9.    Automated rules can simplify data protection processes. 10.  Engaging with stakeholders fosters a culture of security awareness.

    29 min
  4. Ep 29: Transforming Threats: AI in Cybersecurity with Tina Lampe of DirectTV

    12/02/2025

    Ep 29: Transforming Threats: AI in Cybersecurity with Tina Lampe of DirectTV

    In this episode of the Cyber Executive Podcast, host Marc Ashworth and guest Tina Lampe with DirectTV as they explore the transformative impact of AI on cybersecurity, highlighting how it lowers the barrier for sophisticated attacks, erodes digital identity foundations, and introduces new attack vectors. Tina Lampe discusses the implications of AI-generated malware, data mining for intellectual property, and AI-powered social engineering, emphasizing the need for heightened awareness and adaptation in the cybersecurity landscape. Takeaways AI lowers the bar for sophisticated attacks.Technical expertise is no longer a prerequisite for attacks.AI is eroding the foundations of digital identity.AI-generated malware poses new threats.Data mining for intellectual property is facilitated by AI.AI-powered social engineering is becoming prevalent.New attack vectors are emerging with AI.Efficiency of attacks has increased due to AI.Cybersecurity must adapt to AI-driven threats.The landscape of cybersecurity is fundamentally changing.

    31 min

  5. 11/12/2025

    Ep 28: Legacy Vulnerabilities: The Old Threats That Persist with Dr. Johannes Ulrich

    In this episode of the Cyber Executive podcast, host Marc Ashworth engages with Dr. Johannes Ulrich, a professor at the SANS Institute and host of the ISE Stormcast podcast. They discuss the persistent threat of legacy vulnerabilities, the importance of operationalizing threat intelligence, and the challenges small organizations face in cybersecurity. The conversation also touches on the evolving role of AI in security, the need for better sharing of actionable intelligence, and insights gained from honeypots. Dr. Ulrich emphasizes the importance of learning from past mistakes and adapting to new threats while keeping security operations simple and effective. Takeaways Legacy vulnerabilities continue to pose significant risks.Organizations often focus on what's new rather than what's old.Operationalizing threat intelligence is crucial for effective security.Small organizations should keep their IT architecture simple.Education in cybersecurity should focus on foundational knowledge.MSSPs can provide valuable support for small businesses.AI is a double-edged sword in cybersecurity.Actionable intelligence should be prioritized over noise.Honeypots reveal the volume and nature of attacks.Communication and notification of victims can improve global security posture.

    34 min

  6. 10/28/2025

    Ep 27: Navigating the Risks of AI Security with James Pham of Opsin Security

    In this episode of the Cyber Executive Podcast, host Marc Ashworth speaks with James Pham, CEO of Opsin, about the pressing challenges and opportunities in securing AI systems. They discuss the unique risks associated with AI, including data poisoning and the need for robust governance. The conversation also covers the importance of collaboration across the cybersecurity industry, the evolving role of AI in security, and the balance between innovation and responsible oversight. Pham emphasizes the need for organizations to adapt to the rapidly changing landscape of AI security and the importance of cultivating a culture of transparency and collaboration within teams. To learn more about Opsin, go to www.opsinsecurity.com Takeaways AI security is fundamentally different from traditional IT security.Data poisoning poses significant risks to AI models.Governance in AI security is a shared responsibility.Supply chain attacks present unique challenges in AI.The nature of AI makes it both powerful and easy to misuse.Collaboration across the industry is still in its early stages.Organizations must evolve with the changing AI landscape.Transparency and communication are key to bridging skill gaps.AI agents could introduce new privacy concerns.The security industry needs to be more tolerant of failures.

    40 min

  7. 10/07/2025

    Ep 26: Navigating communications during a crisis with Kelly Miller

    In this episode of the Cyber Executive Podcast, host Marc Ashworth and guest Kelly Miller discuss the intersection of AI, data privacy, and crisis management. They explore the risks AI poses to organizations, the importance of balancing innovation with public trust, and the necessity of transparency in AI communications. Kelly emphasizes the need for organizations to prepare for public scrutiny and to embed privacy resilience into their brand strategy. The conversation also covers the evolving reputational risks associated with AI and cybersecurity, the importance of effective crisis communication, and the need for collaboration among legal, technical, and communication teams during AI-related crises. Takeaways AI creates a black box effect leading to trust erosion.Organizations should treat trust as a strategic asset.Transparency in AI communications is crucial for credibility.Crisis management plans must include AI-related scenarios.Public scrutiny over AI practices is increasing.Privacy policies should be more than just legal jargon.AI crises will require quick and transparent responses.Collaboration between teams is essential during crises.Early signs of AI crises often come from employee concerns.Regular communication about AI usage is necessary for employees.

    39 min

  8. 09/16/2025

    Ep 25: Navigating Complexity in Cybersecurity with Nathan Reller

    In this episode of The Cyber Executive, host Marc Ashworth and guest Nathan Reller with Ginger Cybersecurity discuss the complexities of cybersecurity, focusing on unnecessary complexity in IT systems, the challenges faced by SOC analysts, and the benefits of immutable infrastructure. They explore the implications of non-deterministic systems, the importance of applying the principle of least privilege, and the role of AI in enhancing cybersecurity practices. The conversation also touches on the need for better integration of software engineers in the security field and the ongoing challenges posed by misconfiguration errors and container security. Takeaways Unnecessary complexity in IT systems adds operational overhead and risk.Detection of hacks is complicated by the sheer volume of files.Applying the principle of least privilege can limit the impact of hacks.Non-deterministic systems create unpredictability in cybersecurity.SOC analysts deal with a high volume of alerts and mixed signals.Mutable infrastructure increases the risk of security breaches.Immutable systems provide a predictable environment for security.Application allow listing can prevent unauthorized code execution.Misconfiguration errors account for a significant percentage of security incidents.AI can enhance the efficiency of cybersecurity analysts.

    32 min
See All (32)

Ratings & Reviews

5
out of 5
6 Ratings

About

The Cyber Executive host is Marc Ashworth and has over 30 years of technology, security and business experience and leads the discussions with top executives and industry leaders on the topics of cyber security, technology, risk and business.

Information

  • Creator
    The Cyber Executive
  • Years Active
    2025 - 2026
  • Episodes
    32
  • Rating
    Clean
  • Copyright
    © The Cyber Executive
  • Show Website
    The Cyber Executive