What does the UK’s new Cyber Security and Resilience Bill actually mean for mid-sized businesses that sit quietly inside complex supply chains, often assuming the rules are aimed at someone else?

In this episode of Business of Cybersecurity, I sit down with Jason Revill, Global Security Practice Technology Lead at Avanade, to unpack why this legislation represents a genuine shift in how cyber risk will be judged, enforced, and felt across the UK mid-market. While much of the public debate has focused on critical national infrastructure, Jason explains why managed service providers and mid-sized firms are now firmly in scope, particularly those that underpin larger enterprises. Mandatory incident reporting, tougher expectations, and turnover-based penalties are changing cyber resilience from a technical concern into a board-level business issue.

We explore why outsourcing cybersecurity no longer reduces accountability, even though nearly half of UK mid-market firms rely on third parties to manage their defenses. Jason shares real-world insight into how supply chain vulnerabilities are driving a growing share of breaches, why identity and access management has become a weak link, and how attackers increasingly exploit trust between organizations rather than technical flaws alone. The conversation also looks at the rising threat of legal action following breaches, with group claims against well-known UK brands signaling a wider shift in public and regulatory expectations.

Crucially, this is not a fear-driven discussion. Jason offers a grounded perspective on how mid-sized organizations can move beyond checkbox compliance and embed security into everyday operations without grinding the business to a halt. We talk openly about cost, trade-offs, and why resilience planning only works when it is owned by the whole organization, not just the security team. For leaders heading into a new year facing tighter scrutiny and higher stakes, this episode offers clarity on what good looks like in practice and how to start building it.

If cyber resilience is quickly becoming a license to operate rather than an optional safeguard, how prepared is your organization for the expectations that customers, regulators, and even the public are about to place on it, and what would it take to get ahead of that curve rather than react after the fact?

Useful Links

• Connect With Jason Revill
• Learn More About Avanade
• Cyber Security and Resilience Bill

Tech Talks Network is sponsored by Denodo

How do you protect factory floors, utilities, and critical infrastructure when IT and OT finally run on the same nervous system? That is the challenge at the heart of my latest conversation with John Walsh, Field CTO at IGEL Technology, recorded live at the IGEL Now and Next event in Frankfurt.

Back in March in Miami, John and I talked about zero trust as an ecosystem rather than a product, a way to bring unified management and strong policy enforcement to the endpoint. This time, we take that thinking to the operational technology world, where the stakes feel very different. When a cyberattack hits a factory, it is not only data at risk. It can stop production lines, damage equipment, and cost millions in downtime. John explains how a prevention first mindset, backed by IGEL’s immutable OS, Universal Management Suite, and OEM ready integrations, is helping manufacturers and OEMs move security out to the edge where attacks actually begin.

Across the episode, John lifts the lid on IGEL’s work with partners such as Intel, Honeywell, Zscaler, and others who see OT as a growth frontier. We talk about US Department of Defense zero trust 2.0 requirements, European regulation, and what it really takes to extend zero trust thinking from the office to the plant. From dark industrial networks to containerized workloads at the edge, from sensor attestation to the kill chain, this is a grounded look at how endpoint security, confidential compute, and sovereign architectures are reshaping industrial resilience.

This one is for anyone who cares about the future of secure infrastructure, whether you work in manufacturing, utilities, or simply want a clearer view of where zero trust is heading as AI powered threats accelerate. Do you believe prevention first security can truly keep pace with autonomous attacks, or are we still leaning too heavily on detection and response thinking from an older era of cyber? I would love to hear your thoughts.

What does business continuity really mean when thousands of devices across a hospital or enterprise go dark? In this episode, Jason Mafera, Chief Technology Officer for Healthcare at IGEL, joins me at the Now and Next event in Frankfurt to explore why endpoint resilience has become one of the most overlooked priorities in cybersecurity.

Jason explains why hospitals and healthcare providers have zero tolerance for downtime, and how the same principle applies across every industry where endpoint failure halts operations. He breaks down how IGEL’s prevention-first approach and its Business Continuity and Disaster Recovery solution can restore access within minutes, even during a ransomware event that would otherwise take weeks or months to recover from.

For cybersecurity analysts evaluating endpoint protection, Jason offers valuable insight into what a prevention-first model looks like in practice. He describes how secure-by-design, read-only operating systems, dual boot capabilities, and layered recovery options create an architecture that is both lightweight and resilient. Analysts looking to compare endpoint strategies will find this discussion useful for understanding how organizations can combine operational uptime, rapid recovery, and measurable ROI without adding complexity or cost.

We also discuss how prevention-first design changes the economics of IT. Jason shares examples of how organizations are cutting costs, improving patient safety, and aligning endpoint strategy with Zero Trust frameworks to strengthen both security and productivity.

It is a fascinating look at how the business of cybersecurity is changing, and why protecting the endpoint is no longer optional. Are enterprises finally ready to treat endpoint continuity as part of their core business strategy? I would love to hear your thoughts after the episode.

Useful Links

• Connect with Klaus Oestermann on LinkedIn
  • Learn more about IGEL
  • Follow on LinkedIn, Twitter and YouTube

Tech Talks Daily is Sponsored by NordLayer:

Get the exclusive Black Friday offer: 28% off NordLayer yearly plans with the coupon code: techdaily-28. Valid until December 10th, 2025. Try it risk-free with a 14-day money-back guarantee.

In today’s digital battlefield, prevention is no longer enough. Firewalls and endpoint protection might keep the doors locked, but attackers are slipping in through the windows. In this episode of Tech Talks Daily, I sit down with Brian Dye, CEO of Corelight, to explore how the cybersecurity game has changed and why network detection and response (NDR) has become the new frontline of digital defense.

Brian brings an extraordinary track record from senior roles at Symantec, McAfee, and Citrix, giving him a rare perspective on how cyber strategy has evolved from antivirus software to AI-driven network intelligence. As he explains, “The days of when things were nice and loud and easy to find have come and gone.” Attackers now live off the land, using legitimate IT tools like PowerShell to hide in plain sight, while generative AI accelerates the weaponization of new exploits in hours instead of weeks.

We discuss why Corelight’s open-source heritage gives it a unique edge in the GenAI era, how automation is reshaping response workflows, and what it really takes to achieve sub-15-second threat response. Brian also opens up about leadership lessons learned from his years in the industry, Corelight’s growth from startup to global scale, and the cultural principles that keep innovation alive through rapid expansion.

This conversation goes far beyond cybersecurity buzzwords. It is a candid look at the reality facing modern defenders, where data is readiness, visibility is power, and resilience is built one decision at a time. Whether you are a CISO, developer, or business leader, this episode offers a grounded, human perspective on the future of cyber defense and what it means to truly understand what went “bump in the night.”

Experian’s Chief Product Officer for Identity and Fraud in the UK and Ireland, Paul Weathersby, joins me to unpack how criminals are using generative tools to fabricate documents, clone voices, perfect phishing at scale, and stitch together synthetic identities. We dig into the sharp rise in SIM swap attacks, why eSIM provisioning can accelerate takeovers, and how coordinated crews now treat fraud like a business with playbooks and orchestration.

Paul explains what works on the defensive side right now. Think adaptive, multilayered authentication that reacts to real risk signals, mobile network checks to identify recent SIM changes, behavioral biometrics, enhanced document and liveness detection, and AI that accelerates investigations while reducing false positives and compliance costs. We also look at more innovative data use, graph analytics to expose fraud rings, cross-industry intelligence sharing, and the FCA’s supersized sandbox that helps teams test models at high volume.

If you care about stopping account takeovers without breaking customer experience, this conversation is a practical blueprint for 2026 and beyond.

SIM swapping increased by over 1,000%

How to protect yourself from SIM swapping

*********

Visit the Sponsor of Tech Talks Network:

Land your first job in tech in 6 months as a Software QA Engineering Bootcamp with Careerist

https://crst.co/OGCLA

Qualys CEO Sumedh Thakar joins me to unpack what cyber risk management really looks like when budgets are tight, signals are noisy, and AI is changing the game. Sumedh’s journey started in Pune with parents who prized education above everything. He arrived in the US with one hundred dollars, joined Qualys as one of its first software engineers, and two decades later is leading a global platform that helps banks, governments, and enterprises protect their digital infrastructure.

We dig into why compliance keeps tripping companies up, why the impact of digital crime now dwarfs many physical crimes, and how leaders can talk about cyber in a language boards actually understand. Sumedh explains the shift from counting exposures to quantifying business risk, and why the Security Operations Center is giving way to a Risk Operations Center that prioritizes what truly matters, accepts what must be accepted, and transfers the rest through insurance.

We also explore the cloud security market’s next phase as AI workloads pour into public and private clouds, why “attack surface” is not the same as “risk surface,” and how to weigh AI opportunity against model and data uncertainty. Sumedh closes with hard-won leadership lessons on time, teams, and defining success, and recommends Marshall Rosenberg’s Nonviolent Communication for anyone who wants to communicate beyond the words and lead with clarity.

Visit the Sponsor of Tech Talks Network:

Land your first job in tech in 6 months as a Software QA Engineering Bootcamp with Careerist

https://crst.co/OGCLA

What happens when there are 100 machine identities for every human one in your organisation? This is not a prediction for the future. It is the world we are already operating in, and the implications are profound.

In this episode of Business of Cybersecurity, I speak with David Higgins, Senior Director at CyberArk, about how AI agents, autonomous systems, and the sheer scale of machine credentials in the enterprise are reshaping identity security. We discuss why password reuse, unsecured personal devices, and skipped updates remain stubbornly common even though awareness training has been around for decades. David explains that the issue is rarely laziness. Instead, it is often a lack of secure and practical alternatives that still fit the way people work.

We dig into how phishing and social engineering tactics have evolved, with AI enabling deepfake audio and video that can pass casual inspection, and how attackers are increasingly bypassing tech-savvy users entirely by targeting helpdesks and third-party support teams. We also look at the commoditisation of stolen credentials and why buying access on the dark web can now be easier than running a phishing campaign.

A major theme in our conversation is the role of culture in security. David challenges the outdated idea that humans are always the weakest link, arguing instead for a more collaborative approach that blends security objectives with user experience. We explore strategies like adaptive authentication, behavioural context analysis, and just-in-time privilege models that reduce risk without slowing down legitimate work.

The discussion then turns to the identity challenges created by agentic AI. These are AI-driven systems that can interpret goals, adapt, and communicate directly with other AI agents and human colleagues. Unlike traditional machine identities, their behaviour changes over time, creating an entirely new category of security risk. David outlines how organisations can begin to secure these identities now, rather than deferring the problem until it becomes unmanageable.

By the end of this episode, you will have a clear view of why identity-first security is essential in a machine-dominated environment, what practical steps can be taken to close gaps without adding unnecessary friction, and why aligning identity strategy with your organisation’s digital roadmap is no longer optional.

In this episode, I sat down with Mike Britton, CIO at Abnormal AI to explore the increasingly urgent overlap between AI governance and cybersecurity. With AI accelerating faster than regulation, and attackers already using these tools for harm, Mike offers a pragmatic take on what needs to happen next.

We dig into the realities of regulating AI in a fragmented world, drawing comparisons between Europe’s application-based approach and the US’s patchwork of state-level initiatives. Mike shares why he believes regulation should focus on context and application, not just model size, and why human oversight must stay part of the loop.

We also cover:

• How Abnormal uses behavioral AI to catch phishing and email attacks before they hit inboxes
• Why sandboxes and risk-based regulation can protect innovation without losing control
• The threat of over-regulation pushing innovation toward regimes with fewer ethical safeguards
• The challenge of navigating AI vendors at security events, where almost everyone claims AI capabilities
• The real-world risks of AI bias, misuse, and geopolitical influence in open-source models

Mike also shares practical guidance for CIOs and CISOs on model validation, audit trails, kill switches, and how to distinguish genuine AI value from marketing spin.

🧠 One key takeaway: Attackers are already using AI. If security teams don’t fight fire with fire, they’re at risk of falling behind.

🔗 For more, check out abnormal.ai or connect with Mike on LinkedIn.