Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data?

Justin Hazard, Principal Security Architect at AutoRABIT, joins Business Security Weekly to discuss the security challenges of Salesforce. Justin will discuss how proactive oversight and a strong security posture in Salesforce requires additional capabilities, including:

• Continuous monitoring of your Salesforce environment,
• Strict access controls of Salesforce users, and
• Automated backup of sensitive data.

Think your data in Salesforce is safe and secure, think again.

This segment is sponsored by AutoRABIT. Visit https://securityweekly.com/autorabit to learn more about them!

In the leadership and communications segment, Boards Have a Digital Duty of Care, The CISO's greatest risk? Department leaders quitting, The 15 Habits of Highly Empathetic People, and more!

Show Notes: https://securityweekly.com/bsw-425

While many businesses rely on Microsoft 365, Salesforce and Google Workspace security features, critical blind spots remain—the recent series of high profile SaaS breaches demonstrate this. So what should you do?

Mike Puglia, General Manager of Kaseya Labs, joins Business Security Weekly to discuss the risks in SaaS applications. In this segment, Mike will explore how bad actors are focusing their attacks on SaaS applications, hijacking tokens and how misconfigured integrations are used to bypass traditional defenses. Mike will also discuss how IT leaders can rethink protecting their essential SaaS business applications with tools that go beyond endpoint and MFA strategies to secure the modern user.

This segment is sponsored by Kaseya 365 User. Visit https://securityweekly.com/k365 to learn more about them!

In the leadership and communications segment, The rise of the chief trust officer: Where does the CISO fit?, When Another Company's Crisis Hurts Your Reputation, Effective Workplace Communication Tips, and more!

Show Notes: https://securityweekly.com/bsw-424

The Security Weekly 25 index is back near all time highs as the NASDAQ hits another record high. Funding and acquisitions have shifted to AI as the security industry continues to evolve. We also had a new IPO, Netskope. They will replace CyberArk once the Palo Alto Networks acquisition closes, allowing the index to survive another public company acquisition.

In the leadership and communications segment, Boards Seeking AI Specialists, A CISO's Guide to Navigating the Urgent AI Security Storm, How to Write AI Prompts That Get Results (& Don't Suck), and more!

Show Notes: https://securityweekly.com/bsw-423

It's a topic we discuss often on Business Security Weekly: CISO Burnout. It's real, but how should you manage it?

Dr. Yonesy Núñez, Global Cybersecurity Executive at Chain Bridge Bank and former Managing Director, Chief Cybersecurity Risk Officer, and Chief Information Security Officer at The Depository Trust & Clearing Corporation (DTCC), joins Business Security Weekly to share his personal insights. An advocate of CISO Health and Wellness, Yonesy will discuss how we can "Optimize the Operator" by creating harmony with mind and spirit.

Segment Resources: https://councils.forbes.com/profile/Yonesy-Nunez-Global-Cybersecurity-Executive-Chain-Bridge-Bank/e79e72a5-4b18-48b1-b5ab-8a0afd47d782

In the leadership and communications segment, CISOs are cracking under pressure, How BISOs enable CISOs to scale security across the business, Great Leaders Empower Strategic Decision-Making Across the Organization, and more!

Show Notes: https://securityweekly.com/bsw-422

As AI revolutionizes how we work, it has created a new attack surface with new technologies. One of those new technologies is Model Context Protocol (MCP). MCP has emerged as the standard for connecting AI to external tools, but its flexibility has created security challenges. How do we secure MCP?

Rahul Parwani, Head of Product, Security Solutions at Airia, joins Business Security Weekly to discuss the challenges of MCP and how to secure this new protocol. Rahul will cover how Aria's solutions help you secure your AI development by:

• Centralizing Access Control
• Enforcing Security Policies
• Maintaining Compliance
• Enabling Rapid Response

This segment is sponsored by Airia. Visit https://securityweekly.com/airia to learn more about them!

In the leadership and communications segment, CISO Burnout – Epidemic, Endemic, or Simply Inevitable?, If Trust Is So Important, Why Aren't We Measuring It?, Over one-third of companies plan to replace entry roles with AI, survey says, and more!

Show Notes: https://securityweekly.com/bsw-421

What's the biggest attack vector for breaches besides all of the human related ones (i.e., social engineering, phishing, compromised credentials, etc.)? You might think vulnerabilities, but it's actually misconfiguration. The top breach attack vectors are stolen or compromised credentials, phishing, and misconfigurations, which often work together. So why is it so hard to properly configure your systems?

Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss Defense Against Configurations and how ThreatLocker can automatically identify misconfigurations and map them to your environment's compliance and security requirements. Rob will discuss how ThreatLocker Defense Against Configurations dashboard can:

• Identify misconfigurations before they become exploited vulnerabilities
• Monitor configuration compliance with major frameworks

• Receive clear, actionable remediation guidance

  and more!

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

In the leadership and communications segment, Cybersecurity management for boards: Metrics that matter, The Emotional Architecture of Leadership: Why Energy, Not Strategy, Builds Great Teams, Your Transformation Can't Succeed Without a Talent Strategy, and more!

Show Notes: https://securityweekly.com/bsw-420

Organizations that successfully earn and keep the trust of their customers, employees, and partners experience better business outcomes, more engagement, and competitive differentiation. But what does that trust look like and who's responsible for building and maintaining that trust?

Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research, joins Business Security Weekly to discuss the emergence of the Chief Trust Officer. For organizations that refuse to leave trust to chance, chief trust officers have emerged as the role responsible for shaping their firm's destiny. Jeff will explain why the role has emerged and details its responsibilities, organizational structures, and measures for success.

In the leadership and communications segment, Why must CISOs slay a cyber dragon to earn business respect?, Simon Sinek says the most successful people in the world 'hit zero' or came close to it: Failure is 'the gift', The Remote Leadership Paradox: Why Your Team Feels Micromanaged AND Abandoned (And How to Fix It), and more!

Show Notes: https://securityweekly.com/bsw-419

As the Verizon Data Breach Investigations Report has stated year after year, most breaches start with human error. We've invested a lot in Security Awareness and Training and Phishing solutions, but yet human error is still the top risk. How do we actually reduce human risk?

Rinki Sethi, CSO at Upwind Security, and Nicole Jiang, CEO of Fable Security, share why human risk management is the next frontier for security—and how platforms like Fable Security deliver personalized nudges that help employees build safer habits and stay ahead of threats. Solving human risk starts by changing human behavior. Learn how advancements in Artificial Intelligence (AI) and the application of adtech principles (targeted, personalized, A/B-tested messages delivered when they're most relevant) are delivering faster, more effective behavior change that lasts.

Segment Resources: Five must-haves of modern human risk management: https://fablesecurity.com/ebook-five-must-haves/ Starter RFP for modern human risk management: https://fablesecurity.com/starter-rfp-for-modern-hrm/

This segment is sponsored by Fable Security. Visit https://securityweekly.com/fable to learn more about them!

In the leadership and communications segment, Inside the CISO Mind: How Security Leaders Choose Solutions, 2026 Leadership Strategy: Mastering Agility and Anticipation for Better Decisions, The Most Human, Strategic, Sought-After Tool in Leadership, and more!

Show Notes: https://securityweekly.com/bsw-418

Still managing compliance in a spreadsheet? Don't have enough time or resources to verify your control or risk posture? And you wonder why you can't get the budget to move your compliance and risk programs forward. Maybe it's time for a different approach.

Trevor Horwitz, Founder and CISO at TrustNet joins Business Security Weekly to discuss how the evolution of Agentic AI can automate compliance and risk programs. Move beyond spreadsheets and let the power of AI streamline your compliance and risk program.

In the leadership and communications segment,Is the CISO chair becoming a revolving door?, When Integrity Collides with Bureaucracy: The Price of Leadership in Cybersecurity — and Why Walking Away Can Be the Bravest Act!, Improve Communication With Others By Talking Less — Not More, and more!

Show Notes: https://securityweekly.com/bsw-417

Global spending on cybersecurity products and services will see a strong 14.4% CAGR from 2024 through 2029 and will hit $302.5 billion in 2029, driven by continued concerns around cyberattacks across all verticals and geographies. But where is the spending occuring and how do you prepare?

Merritt Maxim, VP & Research Director at Forrester, joins Business Security Weekly to discuss the Global Cybersecurity Market Forecast, 2024 To 2029 report. Merritt will discuss the findings, including:

• In 2029, 69% of cybersecurity spending will be on software across seven prime functional disciplines of cybersecurity (applications, cloud, data, endpoint, network, identity, and security operations);
• the remaining spending will be allocated to security services, excluding security outsourcing, implementation, and deployment services; and
• AI software spending will grow at a CAGR of 21.2%, from $74.3 billion in 2024 to $194.3 billion by 2029.

See Merritt's blog of the results at https://www.forrester.com/blogs/global-cybersecurity-spending-to-exceed-300b-by-2029/.

In the leadership and communications segment, The problem with cybersecurity is not just hackers – it's how we measure risk, What California's new AI law means for CIOs (and CISOs), The Language of Leadership: How to Set Firm Boundaries Without Sounding Like a Jerk, and more!

Show Notes: https://securityweekly.com/bsw-416

More than four out of ten (41%) Chief Information Officers (CIOs) report cybersecurity as their top concern, yet these same leaders are simultaneously increasing security budgets (77%), expanding cloud infrastructure (68%), and accelerating artificial intelligence (AI) capabilities (67%). According to the new Future Forward: CIO 2025 Outlook report released by Experis, a global leader in IT workforce solutions and part of the ManpowerGroup (NYSE: MAN) family of brands, modern technology leaders are walking a tightrope between protecting their organizations and driving innovation in an era of relentless cyber threats and rapid digital transformation.

Amanda Jack, CTO at Manpower Group, joins Business Security Weekly to share the finding, including:

• 77% of organizations plan to increase cybersecurity budgets in 2025, followed by cloud infrastructure (68%) and AI (67%)
• 76% of IT employers worldwide report difficulty finding skilled tech talent
• 52% of tech leaders are embedding AI skills into existing roles rather than creating new positions
• Relationship with the Chief Operating Officer (COO) is identified as the most important C-suite partnership outside IT
• 56% of IT leaders say senior leadership lacks sufficient knowledge about the CIO role and its responsibilities

Segment Resources: https://www.experis.com/en/cio-outlook

In the leadership and communications segment, Is Your Board Too Collegial?, Cybersecurity, AI, and Economic Uncertainty: How Internal Audit Teams Are Managing 2025's Top Risks, Burnout in the corporate middle: when leadership becomes an issue, and more!

Show Notes: https://securityweekly.com/bsw-415