Month: May 2025

Posted on

Point. Click. Hack: Snehal Antani on the Future of Autonomous Cybersecurity

image of Antani and Schein

Podcast: Play in new window | Download (Duration: 23:33 — 32.4MB)

Subscribe: RSS

Summary

In this insightful episode, Marc Schein interviews Snehal Antani, the CEO and co-founder of Horizon3.ai, about his entrepreneurial journey, the evolution of his company, and the future of cybersecurity. Snehal shares how Horizon3.ai grew from a handful of engineers working in a basement to a cutting-edge firm revolutionizing autonomous penetration testing. He walks listeners through the different startup phases, emphasizing how critical it is to develop a repeatable sales process, retain customers, and build operational excellence at scale.

Snehal discusses the complex challenge of preserving organizational culture during rapid growth, highlighting mistakes made during their first hyper-growth phase and the importance of investing in strong, well-indoctrinated management. He explains how a thoughtful approach to onboarding managers as cultural ambassadors ultimately led to a more stable, scalable team.

He offers a candid perspective on venture funding—detailing both the pitfalls of dealing with inexperienced investors and the value of bringing on seasoned operators as board mentors. Snehal uses his experience with crises, including the collapse of Silicon Valley Bank and the loss of his father, to underline the importance of developing “muscle memory” within leadership teams. He compares this to special operations units, where preparation and planning allow for excellence under pressure.

The episode shifts into technical terrain with a compelling explanation of autonomous penetration testing. Snehal shares how Horizon3.ai developed a system capable of autonomously discovering vulnerabilities and compromising environments without human input—essentially transforming cyber warfare into an algorithmic domain. He compares pen testing to chess, where well-defined opening and closing moves are followed by dynamic midgames.

Finally, Snehal forecasts a future in which cyberattacks will be AI-powered and nearly instantaneous. He warns that most current defensive tools are designed for human-centered responses, which will soon be obsolete. As evidence, he cites Horizon3.ai’s autonomous agent compromising a bank in under five minutes—twice as fast as the previous year. He predicts the first deepseek-enabled cyberattack within 90 days, calling it a wake-up call for the industry.

Key Points

  1. Startup Phases: Snehal outlines the four key startup phases: building value, repeatable sales, scaling operations, and achieving operational excellence.
  2. Culture During Hypergrowth: The key to scaling culture is hiring the right management and giving them time to assimilate before they scale their teams.
  3. Autonomous Pen Testing: Horizon3.ai’s agent can autonomously discover and exploit vulnerabilities without human involvement.
  4. Crisis Leadership: True leadership is tested during crises; muscle memory and planning are essential for executive teams.
  5. AI-Powered Cyber Threats: Snehal predicts that the next wave of cyberattacks will be powered by open-weight AI models capable of adaptive exploitation.

Key Quotes

  1. “You want to build that muscle memory as a CEO as early as possible… so you can stack excellence upon excellence.”
  2. “PowerPoint is cheap. YouTube videos are cheap. Let our results do the talking.”
  3. “My primary competitor is mediocre consultants.”
  4. “Every defensive tool in the market today is designed for humans at the center—and every one of them will be rendered obsolete.”
  5. “The future of cyber warfare will be algorithms versus algorithms, and humans by exception.”

About Our Guest

Snehal Antani is the CEO and co-founder of Horizon3.ai, a pioneering cybersecurity company that leverages artificial intelligence to autonomously conduct penetration testing. Before founding Horizon3, Snehal served as the first Chief Technology Officer for the Joint Special Operations Command (JSOC), where he was instrumental in leading initiatives in data analytics, cloud/edge computing, and cybersecurity as part of the Commander’s executive team. His extensive experience also includes roles as CTO and Senior Vice President at Splunk, multiple CIO positions at GE Capital, and starting his career as a Software Engineer at IBM. Snehal holds a Master’s in Computer Science from Rensselaer Polytechnic University and a Bachelor’s in Computer Science from Purdue University, where he was recognized as their 2023 Distinguished Alumni. With 18 patents to his name, he is driven by a purpose to solve meaningful problems, create significant impact, and foster a culture of continuous learning. His leadership principles emphasize servant leadership, prioritizing business needs over political popularity, and letting results speak for themselves.

Follow Our Guest

LinkedIn | Horizon3.ai

About Our Host

National co-chair of the Cyber Center for Excellence, Marc Schein, CIC,CLCS is also a Risk Management Consultant at Marsh McLennan. He assists clients by customizing comprehensive commercial insurance programs that minimize the burden of financial loss through cost effective transfer of risk. By conducting a Total Cost of Risk (TCoR) assessment, he can determine any gaps in coverage. As part of an effective risk management insurance team, Marc collaborates with senior risk consultants, certified insurance counselors, and expert underwriters to examine the adequacy of existing client programs and develop customized solutions to transfer risk, improve coverage and minimize premiums.

Follow Our Host

Website | LinkedIn

Posted on

Beyond MFA: How Deepfakes Are Hacking Humans

image of Aaron and Marc on screen

Podcast: Play in new window | Download (Duration: 12:10 — 16.7MB)

Subscribe: RSS

Summary

On this episode of Chattinn Cyber, Marc is chattin’ with Aaron Painter, a seasoned enterprise tech executive with years at Microsoft and experience leading operations in China and the UK, shares the origin story of his company, Nametag. After observing the rise in identity theft among friends and family, Aaron was struck by how outdated and vulnerable identity verification processes had become—especially the ease with which attackers could answer common security questions using publicly available data.

The conversation turns to the evolution of cyber threats, particularly social engineering and deepfake-enabled attacks. Painter outlines a disturbing trend where attackers bypass even sophisticated technological protections like multi-factor authentication (MFA) by exploiting weak points in human processes, such as IT help desks. One example he highlights is the MGM breach, where a phone-based social engineering tactic led to significant damage.

Painter emphasizes that many organizations’ defenses rely on trust in video verification—such as Zoom or Teams calls—but that these platforms are now susceptible to real-time deepfake emulation. Attackers can impersonate employees or candidates using advanced visual spoofing tools, bypassing traditional verification methods and gaining access to critical systems.

To address these vulnerabilities, Nametag offers a mobile-first identity verification solution that leverages smartphone cryptography and biometric tools to take three-dimensional selfies and securely scan IDs. This process ensures stronger identity proofing, even under conditions that would normally be vulnerable to deepfake deception or impersonation.

The episode concludes with Painter warning HR professionals about the increasing threat of hiring fraud—where bad actors impersonate real candidates using deepfakes. He advises that companies don’t need to replace existing systems like Workday or Okta but should instead implement layered solutions that complement current infrastructure and close critical security gaps.

Key Points

  • Cybersecurity Gaps Are Human, Not Just Technical: Despite widespread use of MFA, social engineering attacks targeting help desk personnel remain a primary threat vector.
  • Deepfakes Are Evolving Rapidly: Attackers increasingly use deepfake technologies to impersonate employees or job applicants on video calls, rendering basic visual verification untrustworthy.
  • Nametag’s Mobile-First Approach: Nametag strengthens identity verification by using mobile devices’ cryptographic and biometric capabilities to combat real-time deepfake impersonation.
  • Hiring Fraud Is a Growing Threat: Criminals, sometimes state-sponsored, use deepfake tools to impersonate legitimate job candidates, gain access to internal systems, and cause serious security breaches.
  • Enterprise Integration Over Replacement: Painter advocates for bolting on new security layers rather than replacing entire systems—filling in gaps while preserving operational continuity.

Key Quotes

  • “All you have to do is call and pretend to be the account holder and say you were locked out. Then there’s a clear vulnerability. And that vulnerability is a social one or human one.”
  • “The platforms weren’t really built to prevent against deepfakes… You’ve got that person showing up completely different on the video call.”
  • “95% of the background check providers do it with a Social Security number and no identity verification.”
  • “We invented the same concept of scan your ID and take a selfie—but we do it exclusively on mobile.”
  • “I knew identity verification was a hot area. I had no idea it would be this hot.”

About Our Guest

Aaron Painter is the visionary CEO of Nametag Inc., the pioneering identity verification platform dedicated to protecting users from impersonators and AI-generated deepfakes. With a mission to enhance online authenticity and foster trusted relationships, Nametag has emerged as the go-to solution for leading companies aiming to combat fraud and streamline account security. Aaron’s commitment to user-centered security is deeply personal, stemming from his own experiences with online fraud and identity theft, which inspired him to assemble a team of security experts to revolutionize account protection. A global leader with a rich background, Aaron has lived and worked across six countries on four continents, and he is the author of the best-selling book *LOYAL*, where he emphasizes the importance of cultivating a culture of listening in leadership. His impressive career includes serving as CEO of Cloudreach, a top multi-cloud solutions provider, and holding various leadership roles at Microsoft. A Fellow at the Royal Society of Arts and a member of the Forbes Business Council, Aaron is also a sought-after speaker and advisor, known for his ability to blend international practices with local insights to build innovative, high-performing teams.

Follow Our Guest

LinkedIn | Website

About Our Host

National co-chair of the Cyber Center for Excellence, Marc Schein, CIC,CLCS is also a Risk Management Consultant at Marsh McLennan. He assists clients by customizing comprehensive commercial insurance programs that minimize the burden of financial loss through cost effective transfer of risk. By conducting a Total Cost of Risk (TCoR) assessment, he can determine any gaps in coverage. As part of an effective risk management insurance team, Marc collaborates with senior risk consultants, certified insurance counselors, and expert underwriters to examine the adequacy of existing client programs and develop customized solutions to transfer risk, improve coverage and minimize premiums.

Follow Our Host

Website | LinkedIn