In This Episode

Anthony shares how an early brush with an APT shaped his entire security career. At the time, he was managing infrastructure for a global business when federal agents revealed that his organization had been compromised. That launched a one-year investigation that taught him more than any course ever could. The APT used subtle techniques like PowerShell commands and login impersonation to bypass detection. These tactics were formative, shifting Anthony’s mindset toward purple teaming—offensive and defensive practices combined.

Now at Weight Watchers, Anthony draws on that background to anticipate how attackers operate and how defenders can stay one step ahead. He warns that the next generation of cyberattacks will be driven by agentic AI—tireless, intelligent systems that don’t need rest or make human mistakes. Unlike simple generative AI, these autonomous agents can continuously probe, learn, and exploit weaknesses at scale.

Despite the daunting threat landscape, Anthony remains pragmatic. He encourages companies to adopt continuous threat exposure management (CTEM) solutions and to treat AI like a tireless assistant, not a threat. Drawing from his teaching experience and real-world war stories, Anthony recommends cloud security as a smart entry point for those breaking into the field. His advice is clear: get hands-on, embrace infrastructure, and leverage AI to scale—not replace—your human potential.

Rick Scot recounts his unexpected path to cybersecurity leadership, beginning with tech support at Disney and evolving into high-level roles at Bank of America and Bank of New York Mellon. He highlights how his passion for continuous learning and pattern recognition made data and threat intelligence natural fits, eventually landing him leadership roles tackling global cybercrime and even representing his organization in international forums like Europol and the G7.

Rick also opens up about the dark side of cybercrime—particularly elder fraud—and shares a personal story of how a scam disrupted his own family. He breaks down how fraud tactics have evolved and underscores how AI is lowering the barrier to entry for cybercriminals, enabling even novices to launch attacks with sophisticated tools.

On the defensive side, Rick offers actionable advice on how AI can be strategically used to cut down on false positives and streamline operations in Security Operations Centers (SoCs). By monitoring patterns such as badge swipes and IP mismatches, organizations can gain deeper behavioral context without overwhelming analysts. Rick stresses the importance of testing and monitoring AI tools rigorously and calls for updates to vendor contracts to account for AI usage and data protections.

Sai opens the conversation by offering insight into the scale and strategy behind YNCU’s cybersecurity posture—supporting 50,000+ members with just 300 employees. He explains how the credit union maintains the same core infrastructure as major banks while relying on collaboration, efficient vendor partnerships, and agile leadership to stay secure on a tighter budget. Sai emphasizes that in the credit union space, collaboration is not just helpful—it’s foundational. Sharing knowledge and best practices with peer institutions allows them to stay ahead of threats and innovate safely.

Matthew and Sai explore the evolution of the tech landscape over the last 30 years, touching on the growing impossibility of being a subject matter expert in every domain. Sai walks through his early days designing PCBs and managing data centers, explaining how every role—from firmware programming to vendor management—shaped his leadership style. His reflections on starting at the help desk and his strong belief in the value of cross-functional learning offer actionable advice to anyone entering or navigating a cybersecurity career.

The conversation then pivots to education—both technical and interpersonal. Sai makes a compelling case for pursuing advanced degrees like an MBA to improve business communication, leadership alignment, and long-term ROI. He also offers an honest critique of most cybersecurity training programs and shares his approach: prioritizing fundamental security concepts over checklist awareness campaigns. He advocates for live, interactive training sessions that use relatable scenarios to make threats feel real and urgent.

Sai closes by sharing his passion for financial literacy and mentorship. Through YNCU’s internal “YNCUniversity” initiative, he champions structured education programs to help members understand their own finances and security risks better. Whether it's mentoring aspiring professionals or leading board-level simulations, Sai brings clarity, empathy, and strategic foresight to every layer of the cybersecurity conversation.

Trent Johannesson brings a unique voice to cybersecurity—one shaped by decades of field experience and a determination to learn from the ground up. In this conversation, he explains how Phoenix Energy’s broad service portfolio led to hosting client data and prompted the need for internal reorganization, ultimately landing him in the CSO role. With honesty and humor, Trent discusses being “CISO Light,” balancing critical security responsibilities with a growing company’s operational demands, and how his journey from instrumentation tech to executive was fueled by asking the right questions and seizing hidden opportunities.

As the conversation unfolds, Trent and Matthew dive into the ethical implications of AI in security—from its potential to automate attack detection to its misuse in crafting nearly flawless phishing emails. Trent shares insights from a Public Safety Canada hacking lab where he learned firsthand how easily industrial systems can be breached—a moment he describes as an awakening. This first-hand understanding of operational risk drives his passion for merging practical safety culture with cyber readiness.

Toward the end of the episode, Trent addresses the compliance challenges facing small and mid-sized companies. He warns that many executives acknowledge the importance of cybersecurity without dedicating sufficient resources. He emphasizes the importance of finding internal champions—executives who can amplify cybersecurity concerns to the board—and advocates treating cyber not as a one-off IT project, but as a core competency and integrity program embedded in company culture. With real-world anecdotes and candid reflections, Trent offers a roadmap for how industrial companies can protect themselves in an age of rising digital threats.

Bryan Finney walks through the massive IT and business transformation he’s spearheading at Vector Security—an organization rooted in legacy infrastructure, complex acquisitions, and a fast-evolving physical security market. He breaks down how he unified siloed teams across two companies into “One IT,” introduced enterprise architecture practices, and began reshaping the tech stack for resilience, scale, and customer responsiveness. His story highlights how seemingly mundane systems like phone platforms can become mission-critical—and how strategic decisions must sometimes be re-evaluated midstream to ensure failover readiness in high-stakes industries.

A key theme throughout the conversation is Bryan’s philosophy of “outsourcing responsibly.” Rather than overburden a lean team with 24/7 tasks, he explains how he leverages trusted vendors for device provisioning, phone management, and security operations—freeing his internal staff to focus on exceptions, innovation, and user support. This pragmatic approach lets him deploy Microsoft Autopilot and Copilot, optimize for cloud-first transformation, and architect for business continuity in a world where a single tech failure can cascade into widespread disruption.

Bryan also dives into his untraditional path to CIO, sharing how early roles in retail IT, innovation labs, and e-commerce taught him the importance of thinking like a business partner, not just a technologist. From launching curbside pickup platforms to surviving FedEx’s WannaCry response, his experience shaped a leadership style that centers trust, flexibility, and results. As he now mentors others, Bryan emphasizes soft skills, curiosity, and being "present in the moment"—especially in a hybrid work world where casual conversations can spark career-defining opportunities.