The State of Enterprise IT Security

33 Episodes
Subscribe

By: Brad Bussie

The State of Enterprise IT Security is the show for technology leaders looking for actionable and approachable guidance in the security landscape. The show features Brad Bussie, the CISO of e360, a premier technology solutions provider. In each episode, Brad covers 3 timely topics in each episode impacting the enterprise security landscape.

EP. 31 - AI in Manufacturing, Tariff Impacts, and Smarter Supply Chains
#31
Yesterday at 10:04 PM

In this episode, Brad Bussie and field CISO Mark Aksel explore how AI is transforming manufacturing, from predictive maintenance to advanced supply chain strategies. They break down the real impacts of tariffs and share how companies can future-proof operations with smarter AI-driven decisions.

## Topics Covered

* Using AI for predictive maintenance and real-time quality control on manufacturing lines
* Navigating global trade challenges and tariff impacts on supply chains
* Security considerations and data readiness for AI adoption in industrial environments

## Key Takeaways

* Many manufacturers are still operating on outdated equipment, making...


Ep. 30 - Google Cloud Next Recap - Security, AI Solutions
#30
04/22/2025

Opening Summary:
In this episode, Brad Bussie and Mark Aksel unpack the key security takeaways from Google Cloud Next 2025. From AI-powered threat detection to innovative SecOps integrations and game-changing cyber insurance developments, this episode gives enterprise security leaders the insights they need to stay ahead.

Topics Covered:

Google’s Unified Security Platform: Merging Mandiant, Siemplify, Chronicle, and VirusTotal into a single, AI-powered SecOps ecosystem.Agentic AI in Threat Detection: How Google is using AI agents to empower, not replace, analysts.Security Posture & Insurance: Google's partnerships with Beazley and Chubb to reduce premiums based on real-time se...


EP. 29 - Unlocking the Future of Google SecOps: Automation, AI, and the Evolution of SIEM
#29
10/14/2024

In this episode, Brad Bussie is joined by Svetla Yankova, CEO of Citreno, to discuss the evolution of Google SecOps. They dive deep into how automation, AI, and cloud-native solutions are transforming security operations and the promise (and limitations) of SIEM solutions.


Topics Covered:

The evolution of Google SecOps and the role of Chronicle and SiemplifyWhat is SecOps? A Simplified ExplanationThe Broken promise of SIEM and how SecOps is evolvingBest practices for implementing effective SecOps in modern enterprisesThe Future of SecOps: AI and Cloud-Native Solutions

Key Takeaways:

Google SecOps integrates advanced threat intel...


EP 28: AI is Moving Fast in Business—Security Teams Need to Move Faster
#28
08/19/2024

In this episode, we explore the rapid rise of AI in businesses and the pressing need for security teams to stay ahead of the curve. As organizations increasingly adopt AI technologies, the potential for Shadow AI and other security risks grows. Brad Bussie, Chief Information Security Officer at e360, discusses how security leaders can navigate this wild west environment, protect their organizations from unseen threats, and ensure that AI innovations don't outpace security measures. Tune in to learn practical strategies for balancing AI adoption with robust security practices.

Topics Covered:

The rapid adoption of AI in...


Ep. 27: From Updates to Outages: A Deep Dive into CrowdStrike's Recent Issue
#27
07/25/2024

Ep. 27: From Updates to Outages: A Deep Dive into CrowdStrike's Recent Issue

In this episode of "The State of Enterprise IT Security," Brad Bussie, Chief Information Security Officer at e360, is joined by Erin Carpenter, Sr. Director of Digital Marketing. They dive deep into the recent CrowdStrike incident, discussing its implications and broader cybersecurity themes.

Topics Covered:

The CrowdStrike incident and its impact on organizationsBroader implications for other cybersecurity platformsStrategies for ensuring cyber resiliency

Key Takeaways:

Understand the details and scale of the CrowdStrike incident and how it...


Ep. 27: From Updates to Outages: A Deep Dive into CrowdStrike's Recent Issue
#27
07/25/2024

In this episode of "The State of Enterprise IT Security," Brad Bussie, Chief Information Security Officer at e360, is joined by Erin Carpenter, Sr. Director of Digital Marketing. They dive deep into the recent CrowdStrike incident, discussing its implications and broader cybersecurity themes.

Topics Covered:

The CrowdStrike incident and its impact on organizationsBroader implications for other cybersecurity platformsStrategies for ensuring cyber resiliency

Key Takeaways:

Understand the details and scale of the CrowdStrike incident and how it affected organizations globally.Learn about the broader implications for other cybersecurity platforms and the importance of cyber resiliency...


Ep 26: Crime Reporter Identities Leaked, Cybersecurity Concerns in Automotive, Untrained Users Weaken Defense
#26
07/08/2024

In this episode of the State of Enterprise IT Security Edition, Brad Bussie, Chief Information Security Officer at e360, discusses three critical topics affecting today's cybersecurity landscape.

Topics Covered:

Data Breach in Baltimore: The identities of residents who reported crimes were leaked, highlighting severe risks to privacy and public safety. Brad explores the importance of protecting personal data, particularly in public services, and offers measures to prevent such breaches.Cybersecurity in the Automotive Industry: A new study finds cybersecurity as the top concern among automotive manufacturers. With the rise of connected cars and autonomous driving, Brad...


Ep. 25: Top Risks for CISOs in 2024, Recovering from AI Initiative Failures, and Benefits of Tuning Threat Intelligence to Your Business
#25
07/01/2024

In this episode of The State of Enterprise IT Security, Brad Bussie dives into the crucial aspects and risks of being a Chief Information Security Officer (CISO). Explore why AI initiatives often fail and learn how to tailor threat intelligence to your business vertical for enhanced security.

Topics Covered:

Risks involved with being a Chief Information Security OfficerReasons behind the failure of AI initiatives and next stepsBenefits of tuning threat intelligence to your business vertical

Key Takeaways:

CISO Challenges: The immense responsibilities and pressures CISOs face, including legal, regulatory, and reputational risks.AI Initiative...


EP 24: Healthcare Edition: Securing Patient Data, AI vs. Traditional Cybersecurity, IoT Challenges in Healthcare
#24
06/17/2024

In this FAQ-style episode of the State of Enterprise IT Security Podcast, Brad Bussie answers key questions in healthcare - securing patient data, the pros and cons of AI-based cybersecurity tools versus traditional methods, and how to tackle the complex challenges of securing IoT devices in patient care. Tune in to gain valuable insights that can help safeguard sensitive healthcare information.


Topics Covered:

Best practices for securing patient data in healthcare settingsAdvantages and disadvantages of AI-based cybersecurity tools versus traditional toolsChallenges and strategies for securing IoT devices used in patient care


<...


Ep. 23: Healthcare Edition: Hidden Costs of Upgrading Legacy Systems, Top Cybersecurity Solutions, Common Cybersecurity Challenges
#23
06/10/2024

Healthcare organizations face a unique set of cybersecurity challenges, from protecting patient privacy under regulations like HIPAA to managing the hidden costs of upgrading legacy systems. In this episode, Brad Bussie dives into these critical issues and offers actionable insights for healthcare providers.

Topics Covered:

Hidden Costs of Upgrading Legacy SystemsHighly Rated Cybersecurity Solutions for Healthcare OrganizationsCommon Cybersecurity Challenges in Healthcare


Key Takeaways:

Hidden Costs of Upgrading Legacy Systems:

Compatibility issues between new security solutions and older software.Potential downtime and learning curves impacting day-to-day operations.Integration challenges and...


Ep. 22: Zoom Preps Post-Quantum Encryption, Rockwell: ICS Devices & Cyber Threats, Thwarted cyberattack at Library of Congress
#22
06/03/2024

In this episode, Brad Bussie covers three crucial topics in the realm of cybersecurity. Zoom is gearing up for a quantum future with post-quantum encryption, Rockwell advises disconnecting internet-facing industrial control systems due to rising cyber threats, and the Library of Congress successfully thwarts a cyberattack using multi-factor authentication (MFA). Join us as we delve into these significant developments and their implications for IT security leaders.


Topics Covered:

Zoom's implementation of post-quantum encryption to secure digital communications.Rockwell Automation's advisory to disconnect vulnerable ICS devices amid cyber threats.How multi-factor authentication helped the Library of...


S1 EP. 21 Security Expertise Gap, U.S. Pumps $50mm into Better Healthcare Cyber Resilience, YouTube Latest Phishing Battleground
#21
05/27/2024

In this episode, Brad Bussie discusses the critical gap in cybersecurity expertise, the U.S. government's $50 million investment to bolster healthcare cyber resilience, and the emerging threat of YouTube as the latest phishing battleground. Stay tuned to uncover the latest insights and expert analysis on these pressing issues in the world of IT security.


Topics Covered:

The widening cybersecurity expertise gap and its implications.U.S. investment in Better Healthcare cyber resilience.YouTube's rise as a phishing battleground.

Key Takeaways:

Expertise Gap: The shortage of skilled cybersecurity professionals is a growing concern, affecting...


S1 EP. 20 Google's Multilayered Cloud Defense and SecOps Innovations
#20
05/20/2024

Join Brad Bussie, Chief Information Security Officer at e360, as he explores Google's innovative approach to cloud security in today's episode. Focusing on how Google has revolutionized security operations with a multilayered defense strategy, Brad discusses the integration of AI and threat intelligence to enhance cybersecurity measures in the cloud era.


Topics Covered:

Google's Approach to Cloud Security: An overview of how Google tackles the complexities of cybersecurity with advanced technologies and strategies.The Role of AI and Automation in SecOps: Examining how Google utilizes artificial intelligence to streamline threat detection, investigation, and response.Integrating...


S1 EP. 19: New CISA Guidelines, Kaiser Data Leak, Okta Credential Stuffing Attacks
#19
05/13/2024

In Episode 19 of The State of Enterprise IT Security, Brad Bussie tackles critical issues affecting the cybersecurity landscape. From new CISA guidelines aimed at protecting critical U.S. infrastructure to major data leaks impacting millions, this episode dives deep into the challenges and strategies for securing our digital world.

Topics Covered:

CISA Guidelines for AI in Critical Infrastructure: Discussion on new measures to enhance the security of U.S. critical infrastructure against AI-related threats.Kaiser Data Leak: Examination of a significant data breach affecting 13.4 million Kaiser members, including the inadvertent sharing of data with advertisers.Okta...


S1 EP. 18 Building a Cyber Resilience Vault with Zerto, Discssions with Zerto Global Field CTO Shariq Aqil
#18
04/29/2024

In this episode, Brad Bussie, Chief Information Security Officer at e360, is joined by Shariq Aqil, Field CTO from Zerto, an HPE company. They delve into the critical topic of building a cyber resilience vault, providing valuable insights into creating robust defenses against cyber threats.


Topics Covered:

Introduction to Cyber Resiliency:Definition and importance of cyber resiliency in modern business environments.Strategies for achieving cyber resilience, including proactive and reactive measures.Exploring the Cyber Resiliency Vault Concept:Detailed explanation of what a Cyber Resiliency Vault is and the problems it addresses.Discussion on how Zerto’s...


S1 EP. 17: United Healthcare Post-Attack Update, Cloud Security Investments, Brad's Thoughts on AI tools Hume & HeyGen.
#17
04/25/2024

Brad Bussie, Chief Information Security Officer at e360, hosts the State of Enterprise IT Security Edition podcast, where he delves into three main topics aimed at making IT security more approachable for technology leaders. 

The first segment reflects on the aftermath of a ransomware attack on United Health and Change Healthcare, highlighting the sobering realization that paying ransoms does not guarantee the safety of stolen data, as evidenced by Change Healthcare's loss of sensitive patient information despite a $22 million ransom payment. 

The second segment discusses cloud security, questioning the substantial investment in cloud technology and ex...


EP. 01: GenAI turns security landscape on its head, risks of unused identities, and ransomware attacks surge
#16
04/18/2024

Navigating Emerging Threats and Innovations in IT Security

In this episode of the State of Enterprise IT Security Edition, host Brad Bussie discusses three main topics relevant to technology leaders today. Firstly, he addresses the growing adoption of Multi-Factor Authentication (MFA) and its vulnerabilities, including MFA fatigue, SIM swapping, and session cookie theft, providing strategies to mitigate these risks. Next, Bussie talks about a recent emergency directive from the U.S. Cybersecurity Agency (CISA) in response to a Russian APT's infiltration of Microsoft's network and theft of sensitive correspondence, emphasizing the importance of federal agencies hunting for...


S1 EP. 16: Attackers bypass MFA, U.S. Gov’t Goes After Russian Hackers in Microsoft Case, Google Next Highlights
#16
04/16/2024

Navigating the Complex Landscape of IT Security: MFA, Russian Hackers, and Google's Innovation

This video explores the current state of enterprise IT security, emphasizing the widespread adoption of multi-factor authentication (MFA) and its vulnerabilities, including MFA fatigue, SIM swapping, and session cookie theft. It discusses a recent emergency directive by CISA in response to Russian hackers stealing sensitive correspondence from Microsoft, underlining the importance of immediate action by federal agencies to secure their systems. Additionally, the video highlights announcements from the Google Next Conference, particularly focusing on the new AI-driven cybersecurity solutions like Gemini for cloud and...


S1 EP. 15: Hotel Check-In Kiosk Exposes Room Access Codes, Microsoft Introduces Red Team Augmentation, AT&T Breach
#15
04/08/2024

In the 15th episode of the State of Enterprise IT Security Edition, Brad Bussie, the Chief Information Security Officer at e360, discusses critical vulnerabilities and innovations within the IT security landscape. 

The episode covers a range of topics from a security breach at a budget hotel chain, Microsoft's AI-driven red team augmentation, to the massive AT&T breach impacting 70 million users. Bussie emphasizes the importance of secure coding practices, the potential of AI in cybersecurity, and actionable steps for individuals and organizations to protect against breaches.

Timestamps:
[00:01:00] Hotel Self Check-In Kiosk Vulnerability:
- A...


S1 EP. 14 CISA Alert on SharePoint Server Attacks, Chinese Hacking Plot Exposed, Ray AI Framework Under Siege
#14
04/01/2024

In the 14th episode of the State of Enterprise IT Security, Brad Bussie, Chief Information Security Officer at e360, goes over CISA Alert on SharePoint Server Attacks, Chinese Hacking Plot Exposed, Ray AI Framework Under Siege and more.

Timestamps:
[00:01:10] CISA warns that hackers are actively attacking a SharePoint server vulnerability
[00:03:30] Millions of Americans caught up in a Chinese hacking plot
[00:14:00] Thousands of servers hacked in an ongoing attack targeting Ray AI framework

Episode Summary: 

In the latest installment of "The State of Enterprise IT Security Edition," host Brad Bussie, CISO a...


S1 EP. 13: Credo AI's Risk Management, OT Cyberattack Impact, Atlassian's Critical Patch
#13
03/25/2024

In the 13th episode of the State of Enterprise IT Security, Brad Bussie, Chief Information Security Officer at e360, goes over Credo AI's Risk Management, OT Cyberattack Impact, Atlassian's Critical Patch and more.

Timestamps:
[00:57.3] - Credo AI's Risk Management
[04:13.6] - OT Cyberattack Impact
[08:04.7] - Atlassian's Critical Patch 

Don't miss out on this insightful episode filled with actionable advice and cutting-edge information. Stay ahead in the ever-evolving world of IT security!

📲 Follow Us:
LinkedIn
Facebook
X (Twitter)

About the Show:
The State of Enterprise IT Secu...


S1 EP. 12: House Votes to Ban TikTok, AI Regulated by EU, Cars Tracking and Reporting Driving Habits and more
#12
03/18/2024

In the 12th episode of the State of Enterprise IT Security, Brad Bussie, Chief Information Security Officer at e360, goes over the House voting to ban TikTok, The EU regulating AI, and modern cars tracking and reporting driving habits and more.

Timestamps:

[00:01:00] The House Bans TikTok - A bill passed by the U.S. House could lead to a TikTok ban, prompted by security concerns and a controversial pop-up notification strategy.

[00:04:30] EU Regulating AI - Details on the European Parliament's overwhelming approval of the Artificial Intelligence Act, setting forth strict AI regulations.

<...


S1 EP. 11: Change Healthcare Ransomware Payment, Apple’s Update for Zero-Day Attacks, CrowdStrike CEO on Cyber Criminals Leveling Up
#11
03/11/2024

In the 11th episode of the State of Enterprise IT Security, Brad Bussie, Chief Information Security Officer at e360, the Change Healthcare ransomware attack, the importance of Apple’s latest iOS update, and how AI is revolutionizing cybersecurity tactics.

Timestamps:
[00:54] - [07:56] Change Healthcare Ransomware Attack:
[08:00] - [10:27] Apple Blunts Zero-Day Attacks with iOS 17.4 Update:
[10:27] - [17:42] Cybercriminals Leveling Up – CrowdStrike CEO's Insights:

Don't miss out on this insightful episode filled with actionable advice and cutting-edge information. Stay ahead in the ever-evolving world of IT security!

📲 Follow Us:
LinkedIn
Facebook
X (Twit...


S1 EP. 10: Chinese Hacking Documents, Vending Machine Face Image Database, NIST Releases Version 2.0
#10
03/04/2024

In this episode of "State of Enterprise IT Security Edition," host Brad Bussey, Chief Information Security Officer at e360, discusses key issues in cybersecurity, focusing on recent developments that provide insight into state surveillance, privacy concerns, and updates to cybersecurity frameworks.

Episode Highlights:

[00:00-05:12] An insider leak from a company suspected of conducting cyber espionage for the Chinese government offers a rare glimpse into state surveillance and hacking activities.

[05:12-09:18] A vending machine error at the University of Waterloo revealed a secret database of facial images, raising privacy concerns.

[09:18-17:39] NIST...


S1 EP. 09: International Hackers Using OpenAI, Audio Deepfake Detection Tool, Biden Administration's AI Executive Order
#9
02/26/2024

In episode nine of the State of Enterprise IT Security podcast, host Brad Bussie, Chief Information Security Officer at E360, covers the utilization of open AI systems by hackers from nations like China and Russia for cyberattacks, the introduction of Pindrop's real-time audio deep fake detection tool named Pindrop Pulse, and the potential implications of the Biden administration's new executive order on AI for cybersecurity.

Episode Highlights:

[00:03.116] In episode nine of the State of Enterprise IT Security podcast, host Brad Bussie, Chief Information Security Officer at E360, delves into the use of open AI systems...


S1 EP. 08: Google Fosters AI in Cybersecurity, AI-Generated Election Trickery, and Shadow AI
#8
02/20/2024

In this episode of the State of Enterprise IT Security podcast, Brad Bussie  gets into the rapidly evolving landscape of artificial intelligence (AI) within the realm of cybersecurity. The episode covers three critical topics: Google's initiatives to incorporate AI in cybersecurity, the collective efforts of tech giants to mitigate AI-generated election interference, and the challenges posed by Shadow AI in corporate environments.

Episode Highlights:

[00:00 - 02:49] The Role and Challenges of AI in Cybersecurity: Discussion on Google's proactive approach to fostering AI in cybersecurity, aiming to leverage AI for improved threat detection and response. Despite these a...


S1 EP. 07: MIT PhD Student Hacks Apple Vision Pro, Chlorox Cyberattack, CloudFlare Security Incident
#7
02/12/2024

In this episode of the State of Enterprise IT Security podcast, Brad Bussie dives into pressing cybersecurity topics that technology leaders can't afford to miss. With his expert insight, Brad unpacks a recent discovery by an MIT Ph.D. student of a critical vulnerability in the Apple Vision Pro, explores the aftermath and lessons learned from Clorox's costly cyberattack, and celebrates Cloudflare's successful handling of a security incident over Thanksgiving 2023.

Episode Highlights:

[00:55-01:15] MIT Ph.D. Student Uncovers Apple Vision Pro Vulnerability: Discover how days after its release, a significant security flaw was identified...


S1 EP. 06: Ivanti Patches Zero-Days, Confirms New Exploit, China Threat Targets Critical Infrastructure, Congress Confronts Security with Hill’s AI use
#6
02/05/2024


In this insightful episode of the State of Enterprise IT Security, host Brad Bussie, Chief Information Security Officer at e360, explores pressing cybersecurity issues affecting businesses and governments. Brad brings his expertise to the forefront, discussing significant topics ranging from Ivanti's latest patches for zero-day vulnerabilities to the evolving landscape of cyber threats between the US and China, and Congress's approach to AI security risks.

Topics Covered:

Ivanti’s response to zero-day vulnerabilities and new exploits.The US government's actions against Chinese cyber threats and the ongoing risks.The US Congress's cautious approach towards the in...


S1 EP. 05: Facebook Monitoring Users, 26 Billion Record Data Leak, Microsoft Security Breac
#5
01/29/2024

đź”’ Are you safeguarding your digital identity? Tune in to Episode 5 of the State of Enterprise IT Security podcast where Brad Bussie, e360's Chief Information Security Officer, navigates the intricate web of digital security.


📌 Topics Covered

Facebook's Data Monetization: Explore how Facebook monitors user activities, sharing data with thousands of companies, and the implications for personal privacy.Massive Data Breaches: Delve into the alarming reality of 26 billion records exposed, including sensitive information like email addresses and social security numbers, and the resultant social engineering threats.Microsoft's Network Security Breach: A deep dive into the breach of Mic...


S1 EP. 04: ChatGPT Team Licenses, ChatGPT Store Risks, Have I been Pwned?
#4
01/24/2024

In the 4th episode of the State of Enterprise IT Security, Brad Bussie, Chief Information Security Officer at e360, discusses three critical topics that are shaping the landscape of technology and security:


Topics Covered

OpenAI's New Team Feature.Chat GPT Store IntroductionHave I Been Pwned?

Timestamps:

01:44 Teams Option for Privacy06:58 Introduction of the Chat GPT Store09:50 Potential Problems for Enterprises with OpenAI's ChatGPT Store18:50 Have I been Pwned?21:49 Importance of Multi-Factor Authentication23:47 Moving Towards Passwordless Login

Don't miss out on this insightful episode filled with actionable advice and...


S1 EP. 03: Top AI Security Risks, 23andMe Data Breach, Antivirus Software Effectiveness
#3
01/16/2024

🔍 Exploring AI security risks, dissecting the 23andMe data breach, and evaluating antivirus software - how effective is it truly?

📝 Topics Covered:

Current Top AI Security Risks23andMe Data Breach: A Case of User Negligence?The Real Effectiveness of Antivirus Software


⏰ Time Stamps:

[00:00] - Introduction to the episode's topics: AI Security Risks, 23andMe Data Breach, Antivirus Effectiveness.[02:04] - Discussion on top AI security risks and OWASP top 10 for LLM.[07:16] - Analysis of insecure output handling and other AI vulnerabilities.[12:14] - Deep dive into 23andMe data breach and user negligence.[17:32] - Examination of potential misuse of 23and...


S1 EP. 02: Cybersecurity and TikTok, Cybersecurity Breaches, MITRE ATT&CK Framework Influence
#2
01/15/2024

In this episode of the State of Enterprise IT Security Edition, Brad Bussie discusses three topics: the safety of cybersecurity experts using TikTok, the potential increase in cybersecurity breaches this year, and the influence of the MITRE ATT&CK framework.


📝 Topics Covered:

1. Can cybersecurity experts safely use TikTok? 

2. What's the outlook for cybersecurity breaches this year? 

3, How influential is the MITRE ATT&CK framework?


⏰ Time Stamps:

00:00 - Introduction with Brad Bussie

01:23 - Can Cybersecurity Experts Safely Use TikTok?

08:59...


S1 EP. 01: GenAI and CISOs, Risk of Unused Identities, Ransomware Attacks Surge
#1
01/14/2024

In the first episode of the State of Enterprise IT Security Podcast, e360’s Brad Bussie focuses on the transformative impact of GenAI on cybersecurity, particularly for CISO roles. The episode highlights the dual nature of GenAI in creating sophisticated phishing attacks, raising both opportunities and challenges. 


Brad also delves into the risks of unused identities and the importance of robust identity management. The tactics of ransomware groups are likened to guerrilla warfare, with a call for a comprehensive, automated approach to cybersecurity. 


Last, Brad concludes the show by advo...