Join us TOMORROW, Friday [05-08-26], for "Hacking the End of Compliance"

Join us Friday, May 8th, 2026, for “Hacking the End of Compliance: An hour of critical thinking about the security benefits of moving toward continuous monitoring.”

It all begins at 1 PM ET/10 AM PT tomorrow, with guests Roland Cloutier, former Global CSO TikTok & ByteDance, ADP, and EMC, and Dale Hoak, CISO, RegScale. We'll have fun conversation and games, plus at the end of the hour we'll do our meetup in breakout rooms.

Register for this event on Crowdcast!

Thanks to our Super Cyber Friday sponsor, RegScale

Defense in Depth
Breaking the Reactive Cycle of Cybersecurity

We often frame cybersecurity as an endless reactive process. We've heard the term "cat-and-mouse game" between attackers and defenders. It's a vicious cycle. Is there any way to end it?

Check out this post for the discussion that is the basis of our conversation on this week’s episode, co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Rob Allen, chief product officer, ThreatLocker.

Listen to the full episode here.

The vulnerable stack

The attack cycle persists because the vulnerability spans the length of the stack. Venkat Paruchuri of Deloitte traced the throughline, saying, "Most modern attacks perpetrate through insecure code, whether that is technical, schematic, or logical gaps. To the extent that code can continue to be written in vulnerable ways and compiled and shipped, and run on infra that can be vulnerable too, and connected by vulnerable protocols, we will continue to see this cycle." Ross Young of CISO Tradecraft pointed to the root of that problem. "New technology is usually built by developers, not penetration testing experts, so the code has weaknesses in it." The path forward may run through AI. "We may get to a place where all code is tested by LLMs with every code weakness test going forward."

Changing the structural economics

Detection speed alone won't break the cycle. Archie Jackson of Forcepoint argued the only way out is to change the game's underlying economics. This requires moving to memory-safe architectures and secure-by-design principles that "mathematically eliminate entire classes of vulnerabilities." In addition, use AI to dynamically randomize network topologies rather than relying on static infrastructure, and shift AI from detection engineering to "executing machine-speed isolation." The posture, he said, should assume breach and use immutable infrastructure to "instantly evaporate and replace compromised environments rather than trying to clean them." Victor Font of CyberGovernanceCenter.com didn't mince words about why this perpetuates. "Attackers win when we define security as detection velocity. That guarantees a permanent 'cat and mouse' cycle." We don't win with a faster cat. "It is architectural simplification, enforced governance, and consequence-backed accountability."

Change the terrain

If you can't outrun the adversary, make the ground harder to run on. David Sledge, CISO at Secure Seed Capital, reframed the goal: "Instead of just trying to detect more, why not refocus on driving up attacker friction? If we lean into temporary identities, just-in-time access, and constant revalidation, we break their ability to scale." The win, he said, isn't zero attacks. "It's making the payout so uncertain and the effort so high that their business model falls apart." Richard Wilder of Trace Systems pointed to history as a guide. Memory exploit mitigations reduced classic exploits, TLS limited passive interception, sandboxing reduced impact, and MFA raised the bar on credential abuse. "The next phase should focus less on detecting everything and more on removing attack surface through OS guardrails, identity-centric controls, microsegmentation, crypto agility, and continuous validation," said Wilder.

The cost-benefit equation

There will always be some threat actors incentivized to attack you. "We're not trying to end the race, we're trying to make attacking your environment more expensive," said Eyal Worthalter of Marvell Technology. Cryptography proved that architectural shifts can create asymmetric advantages. The open question is whether zero trust, identity-centric models, or something not yet named, can deliver that kind of durability, "or are we just building faster hamster wheels?" Soumen Bhattacharya of Capital One took an optimistic view of where AI tips that equation. If non-experts can now leverage AI to build attack tools, "technical folks and experts should be better placed to build bulletproof defenses: write and generate code preventing vulnerabilities, continuous intelligent scanning and testing, SOC empowered through AI, automated remediation of vulnerabilities, network security through AI."

Please listen to the full episode on your favorite podcast app, or over on our blog, where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now. 

Huge thanks to our sponsor, ThreatLocker

Subscribe to Defense in Depth podcast

Please subscribe via Apple Podcasts, Spotify, YouTube Music, Amazon Music, Pocket Casts, RSS, or just type "Defense in Depth" into your favorite podcast app.

Stopping Scams in Real Time by Intercepting the Attacker Mid-Conversation with Transmit Security

Seth Ruden, sr. director, Transmit Security, breaks down how AI is sharpening attacker reconnaissance, why the scam economy is booming, and how real-time orchestration can intercept fraud mid-conversation to warn potential victims before money ever moves.

Watch the full video here.

Big thanks to our sponsor, Transmit Security

Cybersecurity Headlines - Department of Know

Our LIVE stream of The Department of Know happens every Friday at 4 PM ET / 1 PM PT with CISO Series producer Richard Stroffolino, and a panel of security pros. Each week, we bring you the cybersecurity stories that actually matter, and the conversations you’ve been having at work all week long.

Friday’s episode will feature Jason Elrod, CISO, MultiCare Health System and Jonathan Waldrop, CISO, Acoustic. Join us on YouTube and catch up on what shaped the week in security.

Thanks to our Cybersecurity Headlines sponsor, Vanta

Participate! Add our live shows to your calendar

Learn more about all of the fun ways you can participate, and add our events to your calendar.

Google Calendar, iCalendar, Outlook, or export an .ics file

Cyber chatter from around the web...
Jump in on these conversations

• "New ransomware is so badly coded it destroys your files instead of holding them hostage" (More here)

• "New critical CVE - Root on Every Major Linux Distribution" (More here)

• "What makes passkeys so special?" (More here)

Join us for future Super Cyber Friday events:

• [05-08-26] - “Hacking the End of Compliance”

• [05-15-26] - “Hacking the Cloud Security Playbook”

• [05-22-26] - No show

Register for and add all of these events to your calendar on our Events Page.

Cybersecurity Headlines - Daily News Shorts

Subscribe to the CISO Series YouTube channel, for daily shorts videos from CISO Series reporter, Rich Stroffolino. You can find all of the stories he’s covered, plus new content every weekday, at the Cybersecurity Headlines Shorts YouTube playlist.

Thank you for supporting CISO Series and all our programming

We don’t just say we appreciate your feedback; we incorporate it into our programming. Learn more about all of the fun ways you can participate.

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing on social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.