Being Exploitable While Your Risk Tolerance Changes and You Unblock Innovation – Myke Lyons – BSW #438
AI has created a dilemma for security teams. Attackers are using AI to develop exploits to newly disclosed vulnerabilities faster than security teams can patch them. Security teams have not fully leveraged the capabilities of AI to autonomously prevent these attacks. Without a radical change in approach, organizations will be exposed to an exponentially increasing attack surface. How long can your organization tolerate being exploitable?
Myke Lyons, CISO at Cribl, joins Business Security Weekly to discuss why organizations need to embrace AI to understand the behavior of attacks to effectively prevent them. For decades, we've focused on the Indicators of Compromise (IoCs) and have played whack-a-mole to try and patch them. Instead, we should focus on the Tactics, Techniques, and Procedures (TTPs) and leverage LLMs to understand the behavior of the attack. Once we understand the behaviors, we can implement preventative controls to minimize exposure. And yes, AI can also help us automate patching, when we're ready to trust it.
In the leadership and communications segment, Your Risk Tolerance Has Changed. Does Your Leadership Team Know That? , The New Leadership Structures that Unblock Innovation, How CISOs can build a resilient workforce, and more!
Myke Lyons is the Chief Information Security Officer (CISO) at Cribl, leading the charge in operational, AI, and corporate security. He oversees governance, risk, and compliance programs, and has been instrumental in guiding Cribl through its FedRAMP journey. With a distinguished career spanning over two decades, Myke has previously held CISO roles at Snyk and Collibra, where he championed security governance and advocated for data and AI products. Prior to that, he spearheaded the security team at ServiceNow.
Security Weekly listeners save $100 on their RSAC 2026 All Access Pass! RSAC 2026 Conference will take place March 23rd to March 26th in San Francisco. To register using our discount code, please visit securityweekly.com/rsac26 and use the code 56U5SECWEEKLY! We hope to see you there!
Matt Alderman
- Your Risk Tolerance Has Changed. Does Your Leadership Team Know That?
Under uncertainty, organizations struggle less with analysis than with coordination. As volatility increases, senior leaders act earlier and faster, often before clarity reaches the top, while priorities shift faster than formal messages can keep up. When senior leaders bypass you, the problem often isn’t defiance but signal confusion. In high-pressure moments, organizations lag behind their leaders. Yesterday’s priorities no longer apply, but the system hasn’t caught up yet. The solution is clearer signals that reduce guesswork, friction, and misalignment. In an era of persistent volatility, leaders who name shifting signals early spend less time correcting behavior and more time building alignment that lasts.
- How to know you’re a real-deal CSO — and whether that job opening truly seeks one
Title inflation in the cybersecurity industry can incur material risk for organizations and distort security leaders’ long-term career trajectories, especially at the executive level where outcomes, governance, and credibility matter more than labels.
- What Being a CISO Taught Me About Security Leadership
A four-point framework to succeeding as a CISO, based on my experiences of building and leading a security program at a high-growth company. It shows how to focus on the defender's advantage and escape the unending cycle of reacting to vulnerabilities, investigating incidents, and responding to attackers' advances.
- The New Leadership Structures that Unblock Innovation
The ability of an organization to innovate over and over again, for the long term, depends on leadership structure, culture, and systems. That’s according to Harvard Business School professor Linda Hill, who has spent years researching the true drivers of innovation, taking lessons from the world’s most successful companies. She explains why today’s leaders need to shift from the focus on decision-making and producing to creating the conditions for collaboration, experimentation, and smart decision-making across teams, silos, and wider ecosystems. She shares examples from Mastercard, Pixar, and more and outlines some newly defined ways of looking at leadership roles: as Architects, Bridgers, and Catalysts. Hill’s new book is Genius at Scale: How Great Leaders Drive Innovation.
- The Einstein Bet: Why “People Performance” & “Leadership” is a Physics Problem
Let’s be honest: Management in 2025 feels like managing a shortage. We have a talent drought, a productivity crisis, and a leadership gap. For decades, the American corporate solution was simple: more people, more hours, more pressure. In other words: More Mass (m).
But looking at the current U.S. economic landscape through the lens of Niclas Steiner’s SME Framework (Sun, Moon, Earth), a hidden logic emerges. Although Steiner doesn’t explicitly cite him, his model is essentially Einstein’s Relativity for HR: E=mc2
In this equation, E is your company’s Energy (Output), m is your Mass (Personnel/Resources), and c is your Culture (The Multiplier).
- AI Won’t Fix Cybersecurity Burnout
A new report finds AI is reshaping cybersecurity roles but failing to reduce workload and burnout among security leaders.
- How CISOs can build a resilient workforce
Resilience has become the organizing principle for the cybersecurity posture of many organizations, but what about cyber workforce resilience?
