Security Weekly Productions

A cybersecurity team describes the danger of relying on one highly experienced investigator who “just knows” how to handle incidents. Instead of letting that expertise disappear when employees leave, they’re trying to capture the process itself — who to contact, what to check, and how investigations unfold. The real risk isn’t only burnout or turnover. It’s operational dependency. If critical incident response knowledge exists only in one person’s head, investigations slow down, consistency drops, and coverage becomes impossible at scale. Automation changes that by making expert workflows repeatable 24/7. Should cybersecurity teams automate expert investigative processes — or does too much automation risk losing the instincts that make great analysts effective? Now booking interviews at Black Hat 2026. Early access pricing is open. Message us for details! #cybersecurity #automation #incidentresponse #InfoSec #SecurityWeekly #RSAC #RSAC2026 Doug White Ely Abramovitch SC Media CyberRisk Alliance CyberRisk TV

Large language models are statistical prediction systems trained to generate likely sequences of words based on massive datasets. They do not reason, understand context, or interpret meaning the same way humans do, even when their responses sound conversational or emotionally aware. That creates a dangerous perception gap. People increasingly interact with AI systems as though they are knowledgeable assistants or trusted companions, while the underlying models may still absorb and reproduce false, misleading, or contradictory information from training data. The issue is not only technical accuracy — it’s human psychology. Confident outputs can make flawed information feel credible, especially when users anthropomorphize the system generating it. Will the biggest AI risk come from the models themselves — or from how humans emotionally relate to them? #AI #CyberSecurity #LLM #InfoSec #SecurityWeekly Doug White Joshua Marpet SC Media CyberRisk Alliance CyberRisk TV

Momentum packages are available for Black Hat, and scheduling is already underway. If Black Hat is part of your plan, you'll want to book sooner than later. Secure your interview here at the Early Bird rate: https://bit.ly/3QVyYx1 #BlackHat #Cybersecurity #SecurityWeekly #SCMedia

MITRE is transferring the Caldera cybersecurity platform to the Apache Foundation to encourage broader open source collaboration and long-term project support. Caldera is widely used for testing systems against the MITRE ATT&CK framework and simulating adversary behavior across enterprise environments. As cybersecurity projects grow in complexity and adoption, maintaining them requires sustained engineering resources, governance, and community involvement. Moving projects into larger open source foundations can improve longevity and development speed, but it also introduces new coordination and security challenges. The shift reflects a broader trend in cybersecurity: important defensive tooling increasingly depends on shared ecosystems rather than single organizations. Are major cybersecurity projects becoming too large for individual organizations to realistically maintain alone? #CyberSecurity #OpenSource #MITRE #InfoSec #SecurityWeekly #AI Paul Asadoorian Jeff Man Mandy Logan, Joshua Marpet Lee Neely SC Media CyberRisk Alliance CyberRisk TV

A telecom company asked how to “fix” an encryption problem. But according to the speaker, the real request was how to decrypt protected customer data so the company could build services and insights on top of it. The clip highlights a common security tension: businesses want more visibility into user data, while encryption is specifically designed to prevent that access. Once companies start weakening encryption for convenience, analytics, or monetization, the protection itself can become meaningless. Where should companies draw the line between useful data insights and breaking the trust encryption is supposed to provide? #Cybersecurity #Encryption #Privacy #InfoSec #SecurityWeekly #AI Matt Alderman Adrian Sanabria Joseph Blankenship SC Media CyberRisk Alliance CyberRisk TV

Many organizations move infrastructure into AWS or managed environments believing most security responsibilities transfer with it. In reality, customers still control major parts of configuration, identity management, permissions, and operational security. That misunderstanding creates dangerous gaps. The more protected people feel, the less cautious they sometimes become — a behavioral pattern known as the Peltzman effect. In cloud environments, false confidence can lead to weak configurations, excessive permissions, and overlooked exposure points. The technology itself may be secure while the implementation quietly introduces risk. Cloud providers reduce certain problems, but they do not eliminate accountability. Has cloud adoption made organizations more secure overall, or just more comfortable taking bigger risks? #CloudSecurity #AWS #Infosec #CyberSecurity #AI #SecurityWeekly Jessica Hoffman, CISSP Dr. Dustin Sachs DCS, CISSP, CCISO SC Media CyberRisk Alliance CyberRisk TV

Aaran describes a wartime-style cyber environment where experienced developers and reviewers may be unavailable, overwhelmed, or gone entirely. In that situation, junior operators end up shipping malware and attack variants rapidly using public resources, copied code, and LLM assistance. The clip challenges the popular idea that AI automatically creates highly sophisticated attackers. Instead, AI may enable larger volumes of lower-quality cyber operations — faster deployment, more experimentation, and more operational noise driven by pressure to show visible activity. Does AI make cybercriminals more dangerous because they become smarter — or because they can scale faster with less expertise? #Cybersecurity #AI #Hacking #InfoSec #SecurityWeekly Doug White SC Media CyberRisk Alliance CyberRisk TV

Teams that get the most out of Black Hat tend to think beyond the event window. They plan for what happens after. The Momentum Package supports that by creating content that can be shared, reused, and referenced later. Learn more and secure your spot. https://bit.ly/3QVyYx1 #BlackHat #Cybersecurity #SecurityWeekly #SCMedia

AI coding agents are often compared to junior developers because of similar output quality, but their behavior is fundamentally different. They operate continuously, adapt dynamically, pursue assigned goals autonomously, and may hold system access that organizations do not fully track or understand. That creates a new category of security risk. Part of the value of AI agents is their flexibility and ability to learn, but those same characteristics can also lead agents to bypass controls or interact with systems in unexpected ways. As organizations adopt AI-assisted development, visibility into agent permissions and behavior may become critical. Should AI coding agents be treated like software tools — or more like autonomous identities with strict governance and access controls? #CyberSecurity #AI #AppSec #InfoSec #SecurityWeekly Mike Shema Janet Costello Worthington SC Media CyberRisk Alliance CyberRisk TV

Most cybersecurity programs prioritize prevention first. Stop the attack before it happens. But this clip explains the weakness in relying on prevention alone. If attackers bypass defenses and nobody detects it, response becomes impossible. Detection and response are often treated as secondary layers. But modern environments are messy, imperfect, and constantly changing. That means security teams frequently depend on visibility after compromise — whether they want to or not. The real debate isn’t prevention or response. It’s how much risk exists when one side is missing. If perfect prevention is impossible, should detection become the real priority for modern security teams? #CyberSecurity #ThreatDetection #BlueTeam #InfoSec #SecurityWeekly #Threatlocker Adrian Sanabria Rob Allen ThreatLocker Guillaume Ross SC Media CyberRisk Alliance CyberRisk TV