Bridging the Cybersecurity Gap: Leadership, AI, and Real-World Strategies for 2026

Podcast: Play in new window | Download (Duration: 12:09 — 16.7MB)

Subscribe: RSS

Summary

In this episode of Chattinn Cyber, Marc Schein is chattin’ with Mike Armistead, a seasoned cybersecurity expert with over 40 years of experience, including more than 20 years as a vendor in the cybersecurity space. The conversation opens with a discussion about the challenges security leaders face in 2026. Mike highlights the complexity of their role, comparing it to that of a CFO managing financial risk, but notes that cybersecurity leaders often lack the comprehensive management tools that CFOs have. He emphasizes the fragmented nature of cybersecurity tools and the difficulty in stitching together disparate signals to form a coherent security posture.

Mike further explains that the human element is the critical glue in cybersecurity programs. The effectiveness of security teams depends heavily on the leadership and the ability of individuals to contextualize technical signals within the business environment. This need for situational awareness is driving interest in AI technologies, particularly on the defender side, to augment human capabilities and expand the scope and depth of security operations.

The chat then shifts to the role of AI in cybersecurity products. Mike observes that while AI is increasingly integrated into detection tools, the industry has largely shifted focus away from prevention. He advocates for a strategic return to prevention, where AI can play a significant role in helping security leaders develop and implement risk mitigation strategies tailored to their organizations. Mike stresses the importance of a holistic approach that goes beyond real-time detection to include employee training, access control, and disaster recovery.

Addressing the challenges faced by middle-market organizations, Mike points out that these companies are often expected to meet the same cybersecurity standards as large enterprises but with far fewer resources. He advises middle-market CISOs to prioritize protecting their most critical assets—their “crown jewels”—and to have candid conversations with leadership about realistic security goals. This pragmatic approach helps ensure that limited resources are focused on the highest risks rather than attempting to cover every possible threat.

Finally, Mike shares information about a community he helped start called the Security Impact Circle, which focuses on cybersecurity leadership issues such as board engagement. This community facilitates workshops that bring together CSOs and board directors to bridge the communication gap and align security priorities with business needs. Mike encourages listeners to visit securityimpactcircle.org to learn more and get involved.

Five Key Points Covered

Cybersecurity leaders face complex challenges similar to CFOs but lack equivalent management tools.
Human expertise is essential to contextualize technical security signals within the business environment.
AI is increasingly used in detection but should also be leveraged to enhance prevention strategies.
Middle-market organizations must prioritize protecting their most critical assets due to limited resources.
The Security Impact Circle community helps improve communication and alignment between security leaders and boards.

Five Key Quotes from the Conversation

“Security leaders have a tough job… it’s not unlike what a CFO has to think about, right? That risk happens to be financial, and the CISOs really happens to be in cyber.”
“The security teams are really bound by how good not only their leader, but the deputies, the managers, the architects, those individual contributors that really help lead it.”
“I think the opportunity is to swing it back to prevention… AI can really start to help on the prevention strategy side of cybersecurity.”
“Middle-market leaders are expected to do everything that the largest enterprises do, but they don’t have the resources to cover all the ground.”
“We bring in a director from a public company’s audit committee to run workshops… it’s less about what a CSO thinks they should say and more about what the director thinks they need to hear.”

About Our Guest

Mike Armistead brings nearly 40 years of business experience marked by a proven track record of building companies, navigating strategic acquisitions, and leading growth at every stage. As co-founder and CEO of Respond Software, acquired by Mandiant for $200 million, and co-founder of Fortify Software, acquired by HP for $285 million, Mike has played pivotal roles in multiple successful startups, including serving as SVP on the turnaround team at WhoWhere (acquired by Lycos for $133 million) and contributing to Pure Software’s IPO. His post-acquisition leadership includes key roles as VP of Products & UX at Mandiant, Director at Google Cloud, and VP & GM for Fortify and ArcSight business groups at HPE, where he drove significant expansion and over $400 million in revenue impact. Alongside these successes, Mike gained valuable insights from two brief ventures, including leading InLeague through post-9/11 financial challenges and emphasizing product-market fit in another startup. Beginning his career as a Product Manager at HP in the late 1980s, Mike’s multifaceted experience spans diverse industries and company sizes. Today, he remains passionate about building high-performing teams and tackling complex, noble challenges.

Follow Our Guest

About Our Host

National co-chair of the Cyber Center for Excellence, Marc Schein, CIC,CLCS is also a Risk Management Consultant at Marsh McLennan Agency. He assists clients by customizing comprehensive commercial insurance programs that minimize the burden of financial loss through cost effective transfer of risk. By conducting a Total Cost of Risk (TCoR) assessment, he can determine any gaps in coverage. As part of an effective risk management insurance team, Marc collaborates with senior risk consultants, certified insurance counselors, and expert underwriters to examine the adequacy of existing client programs and develop customized solutions to transfer risk, improve coverage and minimize premiums.

Follow Our Host

Website | LinkedIn

February 10, 2026February 9, 2026

Bridging Cybersecurity and Economic Strategy: Insights from Cyber Policy Pioneer Alex Niejelow

Feature image, Alex Niejewlow and Marc Schein chatting

Podcast: Play in new window | Download (Duration: 19:13 — 26.4MB)

Subscribe: RSS

Summary

Today Marc is chattin’ with Alex Niejelow, a respected figure in cybersecurity. The episode opens with Marc highlighting Alex’s unique background growing up in Philly and his diverse career path. Alex shares how his early career as a Durham police officer and later as a lawyer shaped his mindset around public service and supporting people and businesses. He then transitioned into federal and state government roles, including significant positions in the Obama administration and Homeland Security, focusing on trade, customs, and national security issues such as counterfeit semiconductors in supply chains.

They then chat about Alex’s role on the National Security Council, where he worked on the intersection of trade and cybersecurity, a concept that was not widely recognized in the early 2010s but has since become central to government policy. Alex explains his involvement in developing the first-ever cyber sanctions regime, a tool designed to economically disincentivize cybercriminals and nation-states from monetizing stolen intellectual property and trade secrets. This approach was innovative in addressing the asymmetry in cyber threats, where traditional law enforcement and diplomatic tools were insufficient.

The chat then shifts to the challenges Alex faced working across multiple government agencies with differing priorities, which, while complex, ultimately led to better outcomes through collaboration and creative problem-solving. Alex emphasizes the importance of reducing asymmetry in cybersecurity, noting that companies remain vulnerable at their weakest points. He highlights the evolution of the cyber insurance industry, which has become more sophisticated with risk engineers engaging deeply with clients to improve cybersecurity postures and insurance terms.

Alex explains his motivation for founding Hilco Global Cyber Advisors, driven by the need to support middle-market companies that often lack adequate cybersecurity resources despite their sophistication and capital. He critiques the cybersecurity industry’s tendency to self-silo and stresses the importance of aligning cybersecurity solutions with the nature of the products and services businesses provide to increase adoption and effectiveness.

Finally, the chat turns to artificial intelligence (AI) as a major cybersecurity topic in 2025. Alex acknowledges both the threats and opportunities AI presents, noting that threat actors are leveraging AI to scale traditional cyberattacks like phishing. He expresses optimism about the cybersecurity community’s commitment to addressing these challenges and highlights regulatory efforts, such as guidance issued to the insurance industry on AI use in underwriting, to mitigate risks including bias. The episode closes with Alex sharing a personal anecdote from his time at the White House and providing contact information for Hilco Global Cyber Advisors.

Key Points

Alex’s career journey from police officer to cybersecurity expert in public and private sectors
Development of the first-ever cyber sanctions regime to economically deter cybercrime
The importance of collaboration across government agencies to address complex cyber challenges
The evolution and sophistication of the cyber insurance industry in reducing asymmetry
The dual impact of AI on cybersecurity: expanding threats and fostering innovative defenses.

Key Quotes

“The idea that cybersecurity issues and economic issues were actually interconnected was not widely accepted [in 2010]. It was still emerging. Fast forward to today. It is abundantly clear the intersectionality of those issues.”
“Companies are always as weak as their weakest link.”
“If you let the nature of the products and services that are being provided better inform and drive the cybersecurity solutions instead of vice versa, I think there will be a greater adoption.”
“Threat actors are expanding their capacity and capabilities leveraging AI … but it is the speed and scale at which it is becoming exacerbated that I think is most concerning.”

About Our Guest

Alexander Niejelow is Executive Director of Global Cyber Advisors at Hilco Global, bringing deep expertise in cybersecurity, fintech, and digital policy from leadership roles in both the private sector and government. He previously served as Deputy Superintendent for Innovation Policy at the New York Department of Financial Services, leading initiatives on AI and emerging fintech. At Mastercard, he was Senior Vice President for Cybersecurity Coordination and Advocacy, overseeing global cybersecurity and technology policy efforts. Alex also held key government positions, including Director of Cybersecurity Policy at the White House National Security Council and Chief of Staff to the U.S. Intellectual Property Enforcement Coordinator. He began his career as a litigator and holds a JD from the University of Pennsylvania and a BA from Duke University. Alex actively contributes to cybersecurity policy through board roles with the Center for Cybersecurity Policy and Blue Star Families, and has led global coalitions focused on cyber risk reduction and digital protection.

Follow Our Guest

Website | LinkedIn

About Our Host

Follow Our Host

Website | LinkedIn

January 20, 2026February 3, 2026

Context is King: Tailoring Cybersecurity with Courtney Hans

Podcast: Play in new window | Download (Duration: 16:36 — 22.8MB)

Subscribe: RSS

Summary

In this episode of Chattinn Cyber, Marc Schein is chattin’ with Courtney Hans, a seasoned cyber professional with a unique background. Courtney shares that her path into cybersecurity was nontraditional, having started as a literature major and then spending about a decade as an adventure travel guide. She reflects on how the skills she developed during that time—understanding people’s motivations and goals—have been invaluable in her cybersecurity career, particularly in tailoring security strategies to individual organizational contexts.

Courtney emphasizes that cybersecurity is not a one-size-fits-all problem. She explains how, during her time at a SaaS startup, she prioritized cybersecurity investments based on the company’s specific risks and environment, such as focusing on application security over endpoint detection due to budget constraints and business needs. She stresses the importance of context in determining where organizations should focus their people, processes, and technology investments to have the greatest impact.

The chat then shifts to practical advice on how organizations can begin improving their cybersecurity posture, particularly through tabletop exercises. Courtney encourages organizations to leverage resources from their cyber insurance providers, many of which offer free or low-cost training and virtual tabletop exercises. She advises starting simple—having conversations about incident response plans and ensuring everyone knows their role if a cyber incident occurs.

Courtney also discusses the importance of engaging leadership in cybersecurity exercises. She suggests setting clear expectations, respecting executives’ time, and framing tabletop exercises as safe spaces to practice responses without pressure. She highlights that cyber incidents affect the entire organization, not just IT, and that practice builds muscle memory and helps identify gaps before a real crisis occurs.

Finally, Courtney outlines best practices for following up after tabletop exercises, including documenting observations, assigning responsibilities, and setting deadlines to ensure improvements are made. She acknowledges the discomfort some may feel participating in these exercises but stresses that creating a supportive environment where it’s okay to say “I don’t know” is crucial for identifying and addressing security gaps effectively.

Key Points

1. Nontraditional Path to Cybersecurity: Courtney’s background in literature and adventure travel shaped her people skills, which are critical in cybersecurity for understanding motivations and tailoring solutions.

2. Context is King: Cybersecurity solutions must be customized to an organization’s specific risks, environment, and priorities rather than applying generic controls.

3. Value of Tabletop Exercises: These exercises are essential for preparing organizations to respond to cyber incidents, helping build muscle memory and identify gaps in a safe environment.

4. Leveraging Cyber Insurance Resources: Many cyber insurance providers offer free or low-cost resources, including virtual tabletop exercises, which organizations should utilize.

5. Leadership Engagement and Follow-Up:Successful cybersecurity preparedness requires executive buy-in, clear expectations, and diligent follow-up with assigned responsibilities to ensure continuous improvement.

Key Quotes

1. “Context is king… each of our clients, in the insurance space, are different. What their risks are, what their environment looks like, dictates where their investments will have outsized impact.”

2. “Practice builds muscle memory, practice builds an awareness of where the gaps are, and always better to identify the gaps in a safe environment versus a real environment.”

3. “Plans are useless, but planning is indispensable.” — Dwight Eisenhower, quoted by Courtney.

4. “If you see something, say something… make sure people feel comfortable bringing those concerns to light.”

5. “It’s absolutely okay, maybe desirable, to say ‘I don’t know that yet’ because that’s what we’re here to figure out—where our gaps are.”

About Our Guest

Currently the Vice President of Cyber Services for AmTrustCyber, Courtney Hans brings a variety of experience into her work. In her early career, Courtney was an adventure travel guide with a short window to make a strong impression. Curiosity became her superpower as she learned how to uncover the inner motivations of diverse groups of guests. Guiding, just like cybersecurity, requires agility and a cool head during a crisis. Formerly the Head of Security and IT for a growing SaaS startup, Courtney joined AmTrust to help to reduce risk and deepen the relationship between carrier and insured.

Follow Our Guest

Website | LinkedIn

About Our Host

Follow Our Host

Website | LinkedIn

December 18, 2025February 3, 2026

Unveiling the Dark Web: Cyber Threat Intelligence and Forensics with Alyssa Lisiewski

Podcast: Play in new window | Download (Duration: 11:50 — 16.3MB)

Subscribe: RSS

Summary

In this episode of Chattinn Cyber, Marc is chattin’ with Alyssa Lisiewski, Managing Director at Ankura and one of the best known and respected cybersecurity experts in the country. The conversation begins with Alyssa sharing her early introduction to technology, influenced by her father who taught her to take apart and reassemble computers from a young age. Initially interested in forensic crime scene investigations, Alyssa shifted her focus to cybersecurity due to her father’s encouragement and foresight about the field’s growth. She started her career as an intern in diplomatic security’s computer investigations and forensics unit, then pursued a master’s degree while working as a government contractor, honing her skills in cybersecurity and high-tech crime investigations.

Alyssa’s career progressed into the intelligence community, where she specialized in digital forensics from an intelligence perspective, which differed from traditional digital forensics. She later worked at the Department of Defense Cyber Crime Center in Maryland, conducting forensic examinations and testifying in court cases. Transitioning to the private sector, Alyssa led a digital forensics team at a major financial company focusing on insider threats before joining Anchor, where she combines her cyber threat and forensic expertise.

The discussion then shifts to clarifying common internet terminology: the surface web, deep web, and dark web. Alyssa explains that the surface web is the small portion of the internet most people use daily, such as Google and social media. The deep web contains more anonymous and legal content like academic and medical documents, while the dark web is accessed via Tor and is often associated with illicit activities but also hosts legitimate anonymous communications.

Alyssa emphasizes the importance of proactive dark web monitoring for businesses. Beyond just detecting if stolen data is posted, monitoring can reveal chatter among threat actors about industries or competitors, enabling companies to anticipate and mitigate attacks. She shares a real-life example where her team identified a threat actor group’s tactics early, allowing a client to detect an intrusion that had gone unnoticed for a month, demonstrating the value of threat intelligence in incident response.

Finally, Marc and Alyssa chat about the benefits and challenges of incorporating dark web analysis into post-incident investigations. While it can clarify the true impact of a breach and assist in legal mediation, there are limitations due to the trustworthiness of data posted by criminals. Her team validates findings through metadata analysis and breach research. The episode closes with Alyssa inviting listeners to connect with her via email or LinkedIn for further discussion, highlighting her openness to sharing knowledge and engaging with the cybersecurity community.

Key Points

Alyssa’s Journey: Alyssa’s early exposure to technology and career path from forensic interests to cybersecurity and digital forensics.
Web Infrastructure: Explanation of the surface web, deep web, and dark web, including their differences and common misconceptions.
Threat Detection: The strategic value of proactive dark web monitoring for businesses to detect threats and industry chatter before breaches occur.
A real-world example of how threat intelligence helped identify a threat actor’s tactics and detect a breach earlier than usual.
The role of dark web analysis in post-incident investigations, including its benefits, limitations, and methods to validate data.

Key Quotes

“When I was four, my dad taught me how to take apart a computer and put it back together… he made sure I was learning about it from a very young age.”
“The surface web is really only 4 or 5% of the web. The majority of the web is the deep web and the dark web.”
“If you’re not monitoring proactively the dark web, chances are the first time you’re looking at the dark web is after that breach.”
“We knew … the threat actor group… and because of that, we were able to identify the actual true start of the incident, about a month prior to the update we were working on.”
“There are going to be situations where we may not be able to identify if data is out there, or we may identify it but not give any context… that’s why we do other things to try to validate it.”

About Our Guest

Alyssa Lisiewski is a Managing Director at Ankura in Washington, DC, bringing over 14 years of specialized experience in digital forensics, cybersecurity, and insider threat investigations. She has a proven track record of leading and conducting complex cyber investigations that protect critical digital assets across diverse industries including government, financial services, and legal sectors. Alyssa is highly skilled in operating within digital forensic lab environments, adhering to industry standards for evidence handling, and analyzing electronically stored information. She has been qualified as an expert witness in federal and military courts and has played key roles in program leadership, strategic service development, and partner engagement, driving innovation and excellence in cyber risk management.

Follow Our Guest

Website | LinkedIn

About Our Host

Follow Our Host

Website | LinkedIn

November 17, 2025February 3, 2026

AI Unmasked: Navigating Legal Risks and Realities with Cyber Attorney Ryan Steidl

Podcast: Play in new window | Download (Duration: 28:54 — 39.7MB)

Subscribe: RSS

Summary

In this insightful episode of the Chattinn Cyber podcast, host Marc Schein is chattin’with Ryan Steidl, a leading privacy and artificial intelligence attorney, to explore the evolving landscape of AI from a legal and cybersecurity perspective. Ryan shares his journey from Maryland to becoming a respected figure in data privacy and AI law, highlighting the influence of pioneering professors and his early work at Under Armour. He frames AI as an evolutionary technology that builds on existing data privacy and security issues but introduces new complexities due to limited human intervention in its processes.

Their chat delves into the current regulatory environment surrounding AI in the United States, which Ryan describes as a patchwork of state laws with no comprehensive federal framework yet in place. He discusses the recent veto of Virginia’s AI bill and the ongoing debate over a proposed federal moratorium on state AI legislation, emphasizing the tension between innovation and safety. Ryan also notes the role of federal agencies like the FTC and EEOC in shaping AI policy and how shifts in administration priorities—from safety to innovation—impact regulatory approaches.

Ryan advises business leaders to focus on the purpose behind AI adoption, urging them to carefully assess use cases, data needs, and risk tolerance before allowing AI tools in their organizations. He stresses the importance of governance, recommending cross-functional oversight teams and clear ownership at multiple levels—from enterprise governance to tool implementation and output accountability. He also highlights the necessity of rigorous vetting and ongoing risk assessments to manage AI-related risks effectively.

The chat further clarifies the distinctions between open-source AI models, public tools like ChatGPT, and private sandbox environments. Ryan warns against indiscriminate use of public AI models with sensitive data and advocates for controlled environments that offer greater security and customization. He also touches on emerging trends like synthetic data and regulatory sandboxes, which balance innovation with risk mitigation, citing Utah’s AI lab as a pioneering example.

Concluding on the topic of AI’s impact on cyber risk, Ryan offers a nuanced view: AI can both help manage and exacerbate cyber risks depending on how it is used. He underscores the increasing complexity AI introduces and the critical role of human oversight in accountability and enforcement. Ryan predicts that insurers will push organizations toward proactive risk management rather than reactive responses, emphasizing the need for continuous monitoring and anticipation of AI-related pitfalls. He closes by inviting listeners to access further resources and contact his team for guidance.

Key Points

AI as an Evolutionary Technology: AI builds on existing data privacy and security frameworks but introduces new challenges due to limited human intervention in its processes.
Fragmented AI Regulation: The U.S. currently has a patchwork of state-level AI laws with no comprehensive federal legislation, complicated by political debates such as the proposed moratorium on state AI laws.
Governance and Ownership: Effective AI adoption requires clear governance structures, cross-functional oversight, and defined ownership at multiple organizational levels.
Risk Assessment and Documentation: Organizations must implement thorough vetting processes, conduct ongoing risk assessments, and maintain detailed documentation to demonstrate accountability and compliance.
Safe AI Adoption Practices: Businesses should avoid using public AI models with sensitive data, favor sandbox or private instances, and consider synthetic data to mitigate privacy and compliance risks.

Key Quotes

“AI is more evolutionary than revolutionary, at least. It builds on a lot of topics that we’re pretty familiar with, especially in cybersecurity.”
“AI’s processing with limited human intervention heightens potential risk, so we have to dive deep into how we approach, analyze, control, and comply with it.”
“The current AI regulatory landscape in the U.S. is a patchwork, with states like California, Utah, and Colorado leading, but no comprehensive federal law yet.”
“Purpose, purpose, purpose — understanding why you’re using AI and what problem you’re solving is the foundation for managing risk.”
“Humans will need to be involved in AI no matter how much intervention happens … Insurers will demand organizations be proactive, not reactive, in managing AI risks.”

About Our Guest

Ryan Steidl, based in Seattle, Washington, is a member of Constangy’s Cyber Team and part of its compliance advisory group, where he provides strategic guidance on navigating complex data privacy and cybersecurity laws. He advises clients on compliance with diverse state, federal, and international privacy regulations, helping them develop business-focused data protection strategies that minimize legal risk and align with operational goals. Prior to joining Constangy, Ryan spent eight years at Grant Thornton as a founding member of their Cyber Practice and Senior Manager of the Privacy & Data Protection team, leading regulatory risk assessments, privacy program development, and compliance advisory for a broad range of clients including Fortune 500 companies, multinationals, private equity firms, and startups.

Follow Our Guest

Website | LinkedIn

About Our Host

Follow Our Host

Website | LinkedIn

May 28, 2025February 3, 2026

Point. Click. Hack: Snehal Antani on the Future of Autonomous Cybersecurity

Podcast: Play in new window | Download (Duration: 23:33 — 32.4MB)

Subscribe: RSS

Summary

In this insightful episode, Marc Schein interviews Snehal Antani, the CEO and co-founder of Horizon3.ai, about his entrepreneurial journey, the evolution of his company, and the future of cybersecurity. Snehal shares how Horizon3.ai grew from a handful of engineers working in a basement to a cutting-edge firm revolutionizing autonomous penetration testing. He walks listeners through the different startup phases, emphasizing how critical it is to develop a repeatable sales process, retain customers, and build operational excellence at scale.

Snehal discusses the complex challenge of preserving organizational culture during rapid growth, highlighting mistakes made during their first hyper-growth phase and the importance of investing in strong, well-indoctrinated management. He explains how a thoughtful approach to onboarding managers as cultural ambassadors ultimately led to a more stable, scalable team.

He offers a candid perspective on venture funding—detailing both the pitfalls of dealing with inexperienced investors and the value of bringing on seasoned operators as board mentors. Snehal uses his experience with crises, including the collapse of Silicon Valley Bank and the loss of his father, to underline the importance of developing “muscle memory” within leadership teams. He compares this to special operations units, where preparation and planning allow for excellence under pressure.

The episode shifts into technical terrain with a compelling explanation of autonomous penetration testing. Snehal shares how Horizon3.ai developed a system capable of autonomously discovering vulnerabilities and compromising environments without human input—essentially transforming cyber warfare into an algorithmic domain. He compares pen testing to chess, where well-defined opening and closing moves are followed by dynamic midgames.

Finally, Snehal forecasts a future in which cyberattacks will be AI-powered and nearly instantaneous. He warns that most current defensive tools are designed for human-centered responses, which will soon be obsolete. As evidence, he cites Horizon3.ai’s autonomous agent compromising a bank in under five minutes—twice as fast as the previous year. He predicts the first deepseek-enabled cyberattack within 90 days, calling it a wake-up call for the industry.

Key Points

Startup Phases: Snehal outlines the four key startup phases: building value, repeatable sales, scaling operations, and achieving operational excellence.
Culture During Hypergrowth: The key to scaling culture is hiring the right management and giving them time to assimilate before they scale their teams.
Autonomous Pen Testing: Horizon3.ai’s agent can autonomously discover and exploit vulnerabilities without human involvement.
Crisis Leadership: True leadership is tested during crises; muscle memory and planning are essential for executive teams.
AI-Powered Cyber Threats: Snehal predicts that the next wave of cyberattacks will be powered by open-weight AI models capable of adaptive exploitation.

Key Quotes

“You want to build that muscle memory as a CEO as early as possible… so you can stack excellence upon excellence.”
“PowerPoint is cheap. YouTube videos are cheap. Let our results do the talking.”
“My primary competitor is mediocre consultants.”
“Every defensive tool in the market today is designed for humans at the center—and every one of them will be rendered obsolete.”
“The future of cyber warfare will be algorithms versus algorithms, and humans by exception.”

About Our Guest

Snehal Antani is the CEO and co-founder of Horizon3.ai, a pioneering cybersecurity company that leverages artificial intelligence to autonomously conduct penetration testing. Before founding Horizon3, Snehal served as the first Chief Technology Officer for the Joint Special Operations Command (JSOC), where he was instrumental in leading initiatives in data analytics, cloud/edge computing, and cybersecurity as part of the Commander’s executive team. His extensive experience also includes roles as CTO and Senior Vice President at Splunk, multiple CIO positions at GE Capital, and starting his career as a Software Engineer at IBM. Snehal holds a Master’s in Computer Science from Rensselaer Polytechnic University and a Bachelor’s in Computer Science from Purdue University, where he was recognized as their 2023 Distinguished Alumni. With 18 patents to his name, he is driven by a purpose to solve meaningful problems, create significant impact, and foster a culture of continuous learning. His leadership principles emphasize servant leadership, prioritizing business needs over political popularity, and letting results speak for themselves.

Follow Our Guest

LinkedIn | Horizon3.ai

About Our Host

Follow Our Host

Website | LinkedIn

April 22, 2025February 3, 2026

The Currency of Trust: Navigating CMMC with Mark Jackolski

Podcast: Play in new window | Download (Duration: 9:09 — 12.6MB)

Subscribe: RSS

Summary

In this episode of Chattinn Cyber, cybersecurity expert Mark Jackolski, Director of Risk and Compliance at Show Proof, shares his journey from Long Island technician to national leader in cyber compliance. With a foundation in information systems from Stony Brook University, Mark discusses how his passion for technology evolved into a career focused on helping organizations meet rising cybersecurity standards.

The heart of the conversation is the Cybersecurity Maturity Model Certification (CMMC), a framework initiated by the Department of Defense to ensure that contractors protect controlled unclassified information. Mark explains that while compliance with NIST 800-171 has been required since 2017, CMMC introduces verification—organizations must now demonstrate their cybersecurity posture through third-party assessments to remain eligible for federal contracts.

Beyond meeting DoD requirements, Mark describes how CMMC builds reputational credibility, calling it “the currency of trust.” He emphasizes the strategic advantage of showing compliance through a recognized badge rather than repeated explanations, which streamlines the contracting process and establishes confidence with partners and clients.

When asked how organizations should begin preparing, Mark advises starting with people: appointing a program leader, engaging executive buy-in, and mapping where sensitive data flows. He warns against relying on underqualified partners and stresses the importance of assessing technical, administrative, and physical requirements early. Missteps—like poor documentation or unclear scoping—can lead to wasted time and resources.

Finally, Mark highlights the growing relevance of CMMC beyond the DoD. New regulations aim to standardize data protection across all federal agencies, meaning businesses even tangentially involved in government work may soon fall under its scope. As CMMC requirements become embedded in contracts by summer 2025, organizations that prepare now will gain a competitive edge in the expanding defense and government market.

5 Key Points

CMMC Explained: The Cybersecurity Maturity Model Certification verifies that organizations working with the Department of Defense meet NIST 800-171 cybersecurity standards.
Strategic Advantage: Earning CMMC builds trust and provides a significant edge in securing government contracts by signaling a strong cybersecurity posture.
Preparation Starts with People: A successful CMMC journey begins by appointing accountable personnel, securing executive alignment, and clearly mapping the flow of controlled unclassified information (CUI).
Pitfalls and Guidance: Common mistakes include working with unqualified providers and underestimating documentation requirements. Mark recommends finding certified experts through the Cyber AB marketplace.
Growing Scope: CMMC will expand beyond the DoD to other government agencies, making early adoption a strategic move even for subcontractors or non-defense contractors.

5 Key Quotes

“It’s the currency of trust.” – Mark on how CMMC serves as a reputation badge in the defense industry.
“Start by appointing somebody to oversee the entire process.” – On the critical role of leadership in compliance efforts.
“Documentation is key—not just technical controls, but the processes and people behind them.”
“If you’re going to develop a policy or some other procedure, there has to be buy-in from the organization.”
“CMMC started with the DoD, but it’s going to expand to other government agencies. This is just the beginning.”

About Our Guest

Mark Jackolski is a creative and team-oriented cybersecurity professional with a deep-seated passion for technology. He specializes in assisting small to medium-sized businesses in enhancing their security posture and achieving compliance with industry standards. With a persistent drive to deliver exceptional results, Mark offers strategic virtual Chief Information Security Officer (vCISO) services that emphasize risk management, security program development, and regulatory alignment.

Dedicated to continuous learning, Mark is committed to refining his skills and adopting innovative approaches to cybersecurity. He partners with clients to transform cybersecurity from a mere compliance requirement into a competitive advantage. His expertise spans complex frameworks, including HIPAA, ISO 27001, CISv8, NIST, and CMMC 2.0, enabling him to guide organizations through the intricacies of regulatory compliance effectively.

Follow Our Guest

LinkedIn | Website

About Our Host

Follow Our Host

Website | LinkedIn

February 11, 2025February 3, 2026

Navigating Cybersecurity Contracts: Insights from Ken Rashbaum

Podcast: Play in new window | Download (Duration: 20:11 — 27.7MB)

Subscribe: RSS

Summary

In this episode of Chattinn Cyber, Marc Schein welcomes back Ken Rashbaum, a partner at Barton LLP and a professor at Fordham Law School. Ken, a well-respected privacy attorney, shares his journey from being a trial lawyer and prosecutor to becoming a leading figure in data protection and cybersecurity. He discusses how his early work in healthcare law, particularly with the introduction of HIPAA, paved the way for his focus on privacy and cybersecurity on a global scale.

Their chat shifts to the current landscape of data protection regulations in the U.S. Ken explains the fragmented nature of these laws, which primarily exist at the state level, with only limited federal regulations in healthcare and children’s information. He expresses skepticism about significant changes in federal regulation following the recent presidential election, highlighting the philosophical divide between the two major political parties regarding privacy legislation. Ken emphasizes that voters are increasingly concerned about the privacy and security of their personal information, which complicates the regulatory landscape.

Marc and Ken then delve into the importance of cybersecurity provisions in contracts, particularly for midsize businesses. Ken argues that simply stating compliance with applicable laws is insufficient due to the evolving nature of cybersecurity regulations. He advocates for more detailed cybersecurity requirements in contracts to provide clarity and certainty for all parties involved. Ken also addresses the challenges small and mid-sized businesses face when negotiating contracts with larger corporations, suggesting that they assess risks and consider mitigation strategies, such as implementing multi-factor authentication.

The discussion also touches on the implications of the General Data Protection Regulation (GDPR) for businesses that may not operate in Europe but have customers there. Ken advises that companies should be aware of their obligations under GDPR if they market to EU residents, as the global nature of the internet makes it difficult to avoid these regulations. He stresses the importance of transparency and understanding the data protection implications of using artificial intelligence in business agreements, given the rapid development of AI technology.

Finally, Ken highlights the need for continuous learning in the field of cybersecurity and data protection, urging professionals to stay updated on current changes and adapt to the evolving needs of businesses. He concludes by encouraging open communication and collaboration between legal advisors and businesses to ensure that contracts are tailored to meet the specific needs and risks of each party. The episode wraps up with Ken sharing his contact information and resources for listeners seeking further guidance on these critical issues.

Key Points

Fragmented Data Protection Regulations: Ken explains the current state of data protection laws in the U.S., highlighting the lack of comprehensive federal regulations outside of healthcare and children’s information. He notes that most regulations exist at the state level, leading to a complex and inconsistent legal landscape.
Importance of Detailed Cybersecurity Provisions in Contracts: The conversation emphasizes that simply stating compliance with applicable laws in contracts is insufficient. Ken advocates for including specific cybersecurity requirements to provide clarity and certainty for all parties involved, especially given the evolving nature of cybersecurity regulations.
Challenges for Midsize Businesses: Ken discusses the difficulties that small and midsize businesses face when negotiating contracts with larger corporations. He suggests that these businesses assess their risks and consider mitigation strategies, such as implementing cybersecurity measures like multi-factor authentication.
Implications of GDPR: The podcast addresses the relevance of the General Data Protection Regulation (GDPR) for businesses that may not operate in Europe but have customers there. Ken advises that companies should be aware of their obligations under GDPR if they market to EU residents, as the global nature of the internet makes compliance necessary.
Continuous Learning and Adaptation: Ken stresses the importance of continuous learning in the field of cybersecurity and data protection. He encourages professionals to stay updated on current changes and to maintain open communication with businesses to tailor contracts to their specific needs and risks.

Key Quotes

On the State of Data Protection Laws: “We only have national data protection law in the U.S. in healthcare, for public companies, and children’s information. Everything else is at the state level, and the states very much want to keep that prerogative.”
On Cybersecurity Provisions in Contracts: “When you say parties are going to meet applicable law, a good response to that question is, what does that even mean? The law is all over the place… it differs from state to state, from country to country, from industry to industry.”
On GDPR Compliance: “Generally speaking, they are subject to the GDPR if they are marketing to customers who are residents of the European Union… any time you throw up a website, you are basically marketing globally.”
On Continuous Learning in Cybersecurity: “Working in this space requires a dedication to continuous learning… too many advisors think that they are, you know, like Moses with tablets coming down from Mount Sinai. You really have to keep up with current changes.”

About Our Guest

Kenneth N. Rashbaum is a distinguished legal expert specializing in privacy, cybersecurity, and e-discovery, advising multinational corporations, financial services, and life sciences organizations on the complexities of electronic information management. With extensive experience in information governance, he ensures compliance with federal, state, and international laws while navigating the legal and regulatory challenges of e-commerce. Ken is adept at preparing and negotiating technology contracts, including service level and license agreements, and provides guidance on privacy and cyber liability insurance applications. He leads assessments and remediation initiatives for data breaches, develops social media compliance policies, and represents clients in federal and state investigations. An internationally recognized thought leader in electronic discovery, Ken has served as national e-discovery counsel for major pharmaceutical companies and has contributed to legislative efforts in New Jersey regarding privacy and cybersecurity laws. He is also an Adjunct Professor of Law at Fordham University School of Law and has previously taught at Hofstra University. Prior to joining Barton, Ken was a senior litigation partner at Sedgwick LLP, where he co-chaired the E-Discovery, Compliance, and Data Management Practice Groups.

Follow Our Guest

LinkedIn | Website

About Our Host

Follow Our Host

Website | LinkedIn

December 10, 2024February 3, 2026

Navigating Cyber Threats: Insights from New York’s Cybersecurity Advisory Board

Podcast: Play in new window | Download (14.8MB)

Subscribe: RSS

Summary

In this episode of Chattinn Cyber, Marc Schein is chattin’ with Jeremy Shockett, a prominent figure in cybersecurity and former co-chair of the New York State Cyber Security Advisory Board. Mark introduces Jeremy, emphasizing his extensive background, including his previous role as a prosecutor. This introduction sets the stage for a discussion centered on cybersecurity practices, particularly the significance of tabletop and red team exercises in enhancing organizational preparedness against cyber threats.

Jeremy shares his professional journey, detailing his transition from a 24-year career as a prosecutor to his appointment by the governor of New York as the deputy secretary for public safety, where he oversees cybersecurity initiatives. He elaborates on the role of the New York State Cyber Security Advisory Board, which comprises leaders from both public and private sectors. This board advises the governor on cybersecurity policies and plays a crucial role in responding to real-time threats, highlighting the collaborative effort required to address cybersecurity challenges effectively.

The discussion then delves into the differences between tabletop exercises and red team exercises. Jeremy explains that tabletop exercises are hypothetical scenarios where participants discuss responses to simulated threats, helping organizations identify decision-making processes and vulnerabilities. In contrast, red team exercises involve actual simulated attacks conducted by hired experts to test an organization’s defenses in real-time. This distinction underscores the unique purposes and methodologies of each exercise type, emphasizing their importance in a comprehensive cybersecurity strategy.

Jeremy offers practical recommendations for conducting these exercises, advising organizations to start with tabletop exercises to establish decision-making frameworks and identify vulnerabilities before progressing to red team exercises. He outlines key takeaways from both types of exercises, such as understanding strategic decision-making, clarifying roles and responsibilities, and evaluating communication strategies. For red team exercises, he highlights the importance of identifying specific vulnerabilities and assessing the effectiveness of social engineering defenses, providing valuable insights for organizations looking to strengthen their cybersecurity posture.

The conversation concludes with Jeremy sharing a memorable experience from a tabletop exercise where he played the role of the governor. He emphasizes the importance of asking critical questions that challenge the status quo and drive effective responses to threats. Reflecting on his career transition from Miami to New York, Jeremy expresses gratitude for the opportunities he has encountered, reinforcing the value of preparedness and collaboration in the ever-evolving field of cybersecurity.

Key Points

Importance of Preparedness: The discussion emphasizes the necessity of conducting both tabletop and red team exercises to prepare organizations for potential cyber threats. These exercises help identify vulnerabilities and establish effective response strategies.
Differences Between Exercise Types: Jeremy clearly distinguishes between tabletop exercises, which are discussion-based and focus on hypothetical scenarios, and red team exercises, which involve real-time simulated attacks. Understanding these differences is crucial for organizations to implement effective cybersecurity training.
Sequential Approach to Exercises: Jeremy recommends that organizations conduct tabletop exercises first to develop decision-making processes and identify weaknesses before moving on to red team exercises. This sequential approach enhances the effectiveness of the overall cybersecurity strategy.
Key Takeaways from Exercises: The conversation highlights critical insights gained from both types of exercises, such as understanding roles and responsibilities, evaluating communication strategies, and identifying specific vulnerabilities in defenses. These takeaways are essential for improving organizational resilience.
Leadership and Inquiry: Jeremy shares a personal anecdote about a tabletop exercise where he played the role of the governor, underscoring the importance of leadership and asking challenging questions. This approach fosters a culture of inquiry that can lead to more effective crisis management and decision-making in cybersecurity scenarios.

Key Quotes

“Part of public safety is cybersecurity. And part of that job is to be the co-chair of the Cybersecurity Advisory Board.”
“A tabletop exercise is a hypothetical. It’s a pretend threat… you work through in a systematic way how the entity… is going to respond to it.”
“My advice would be the tabletop exercise goes first. You get a real sense of who should be making decisions.”
“You get to learn about your communication strategy… how do you deal with your clients? How do you deal with maybe the press?”
“You can ask a question. Why can’t we fix this within an hour? The people of the state of New York need… fill in the blank.”

About Our Guest

Jeremy Shockett is a shareholder at Anderson Kill’s New York office, where he co-chairs the White Collar Defense group and is a member of the Corporate and Commercial Litigation practice. With extensive experience representing individuals and corporations before various federal agencies, including the DOJ and SEC, Jeremy has a strong background in pre-trial investigations and court proceedings. He previously served as the Deputy Secretary for Public Safety in New York, overseeing public safety and homeland security initiatives, and co-chaired the New York State Cybersecurity Advisory Board. His prior roles include Chief of the Trial Division at the Bronx County District Attorney’s Office, where he led over 200 prosecutors, and Special Assistant U.S. Attorney in the Organized Crime and Gangs Section. Jeremy is also an accomplished lecturer and trainer, having taught law enforcement and legal professionals both domestically and internationally. Outside of his professional pursuits, he has a passion for poker, which he enjoys discussing.

Follow Our Guest

LinkedIn | Website

About Our Host

Follow Our Host

Website | LinkedIn

November 13, 2024February 3, 2026

Unmasking Cyber Threats: The Rise of Spoofing and Phishing with Gideon Hazam

Podcast: Play in new window | Download (Duration: 10:36 — 14.6MB)

Subscribe: RSS

Summary

In this episode of Chattinn Cyber, Marc Schein is chattin’ with Gideon Hazam, a renowned expert in spoofing. The discussion revolves around the challenges faced by organizations in detecting and protecting against phishing attacks on their brands.

Gideon explains that his company spent six months meeting with Chief Information Security Officers (CISOs) from various industries to understand their main challenges related to phishing attacks. They identified three major challenges: detecting phishing attacks quickly, identifying the users exposed to these attacks, and finding ways to protect them.

To address these challenges, Gideon’s company developed a platform that has gained popularity and is now being implemented across sectors and organizations worldwide. The platform helps organizations detect phishing attacks on their customers quickly, identify the users at risk, and implement measures to protect them.

He then goes on to explain the connection between spoofing and phishing. Phishing is the platform used to conduct a cyber takeover, where attackers create fake websites to harvest credentials or steal money. Spoofing, on the other hand, is the technique used to generate these phishing attacks. It involves using spoofing tools to create fake websites or clone existing ones.

The conversation then delves into the susceptibility of different industries to spoofing attacks. Gideon explains that any organization with an online presence and customer interaction is a potential target for hackers. However, industries related to finance and money are particularly vulnerable due to the potential for financial manipulation and theft.

The discussion also touches upon the lifecycle of a phishing attack. It starts with building the phishing site, which is then detected and ideally taken down. However, the exposure window remains until the site is successfully removed. Even after takedown, the harvested credentials can still be exploited, posing a continued threat to organizations.

Gideon predicts that spoofing attacks will become more prevalent in the corporate world due to the increasing reliance on online activities and the availability of numerous spoofing tools in the market. He emphasizes the need for authentication solutions to ensure users are visiting legitimate websites and not falling victim to imposter sites.

The conversation provides valuable insights into the challenges posed by spoofing and phishing attacks, the connection between the two, and the need for robust authentication measures to protect against these threats. The discussion highlights the importance of detecting attacks quickly, identifying at-risk users, and implementing effective protection measures to safeguard organizations and their customers.

Key Points

Organizations face three major challenges when it comes to phishing attacks on their brands: detecting attacks quickly, identifying exposed users, and protecting them.
Spoofing is the technique used to generate phishing attacks, where attackers create fake websites or clone existing ones.
Any organization with an online presence and customer interaction is a potential target for spoofing attacks, with industries related to finance being particularly vulnerable.
The lifecycle of a phishing attack involves building the phishing site, detecting it, and ideally taking it down. However, even after takedown, the harvested credentials can still be exploited.
The prevalence of spoofing attacks is expected to increase due to the growing reliance on online activities and the availability of easy-to-use spoofing tools in the market.

Key Quotes

“Phishing is basically the platform to conduct a counter takeover in one hand. I will build a phishing site in order to harvest as many credentials as possible of any anyone. And secondly, I can use phishing to steal money. Simple as that.”
“The interesting part is that any firm, any organization that has online presence, which require interaction between end user and customer is a target for the hackers, because if they can use their tools to harvest credentials, that would anywhere on each industry or niche…”
“Detection and takedown … are the two major points. But takedown may take days may take weeks. Sometimes it takes even longer. And until the point that this site is down, the customers, the end users are still exposed.”
“The more online activities become, the more spoofing attack will be there. Because this is a huge surface for attackers to exploit … The number of … spoofing tools [that] exist today in the market is numerous.”

About Our Guest

Gideon Hazam is an accomplished senior sales and business professional with a wealth of experience in business operations, development, and strategic sales, complemented by strong technology and managerial skills. As the co-founder and Chief Operation & Security Officer of Memcyco, he leads the charge in addressing a critical cyber blind spot: brand impersonation attacks that jeopardize both companies and their customers. With a unique ability to analyze complex business challenges and devise effective strategies, Gideon emphasizes the importance of protecting users from the rising tide of phishing and social engineering attacks. His extensive background in corporate development and global sales, combined with a collaborative and creative leadership style, positions him as a key player in the cybersecurity landscape. Passionate about safeguarding consumers in an evolving threat environment, Gideon is eager to engage in discussions about enhancing online protection measures against the ever-growing onslaught of cyber threats.

Follow Our Guest:

About Our Host

Follow Our Host:

Website | LinkedIn