In the leadership and communications segment, Lack of board access: The No. 1 factor for CISO dissatisfaction, Pressure on CISOs to stay silent about security incidents growing, The Secret to Building a High-Performing Team, and more!
Jackie McGuire sits down with Chuck Randolph, SVP of Strategic Intelligence & Security at 360 Privacy, for a gripping conversation about the evolution of executive protection in the digital age. With over 30 years of experience, Chuck shares how targeted violence has shifted from physical threats to online ideation—and why it now starts with a click.
From PII abuse to unregulated data brokers, generative AI manipulation, and real-world convergence of cyber and physical risks—this is a must-watch for CISOs, CSOs, CEOs, and anyone navigating modern threat landscapes. Hear real-world examples, including shocking stories of doxxing, AI-fueled radicalization, and the hidden dangers of digital exhaust.
Whether you're in cyber, physical security, or executive leadership, this interview lays out the urgent need for converged risk strategies, narrative control, and a new approach to duty of care in a remote-first world. Learn what every security leader needs to do now to protect key personnel, prevent exploitation, and build a unified, proactive risk posture.
This segment is sponsored by 360 Privacy. Learn how to integrate privacy and protective intelligence to get ahead of the next threat vector at https://securityweekly.com/360privacybh!
In this exclusive Black Hat 2025 interview, CyberRisk TV host Matt Alderman sits down with Tom Pore, AVP of Sales Engineering at Pentera, to dive into the rapidly evolving world of AI-driven cyberattacks. What’s happening?
Attackers are already using AI and LLMs to launch thousands of attacks per second—targeting modern web apps, exploiting PII, and bypassing traditional testing methods. Tom explains how automated AI payload generation, context-aware red teaming, and language/system-aware attack modeling are reshaping the security landscape. The twist? Pentera flips the script by empowering security teams to think like an attacker—using continuous, AI-powered penetration testing to uncover hidden risks before threat actors do. This includes finding hardcoded credentials, leveraging leaked identities, and pivoting across systems just like real adversaries.
To learn more about Pentera's proactive Ransomware testing please visit: https://securityweekly.com/penterabh
Charles “Chuck” Randolph is Senior Vice President for Strategic Intelligence and Security at 360 Privacy, bringing over 30 years of expertise in corporate, intelligence, and military operations. In the private sector, Chuck previously served in executive roles at Microsoft, Ontic, and AT-RISK International, spearheading global risk management, executive protection, and intelligence strategies. He specializes in converging cyber and physical security to enhance organizational resilience.
Thomas Pore is the AVP of Sales Engineering at Pentera, where he helps organizations close real-world security gaps through automated validation and offensive expertise. With over 20 years in network security, his background spans NDR, encrypted traffic analysis, ethical hacking, and hands-on incident response. His insights come from the front lines—uncovering how attackers succeed and helping defenders take back control.
Join us for InfoSec World 2025 — October 27 to 29 in sunny Lake Buena Vista, Florida at Disney’s Coronado Springs Resort! Workshops run October 25–26 and October 29–30. The premier cybersecurity conference is here — save 25% with code ISW25-SW at securityweekly.com/ISW2025!
Matt Alderman
- Cybersecurity Now a Boardroom Priority Under EU’s NIS 2 Directive
The European Union’s NIS 2 Directive (EU 2022/2555) marks a pivotal shift in cybersecurity governance, expanding regulatory obligations to a broader range of sectors and enhancing enforcement mechanisms to address modern cyber threats. The directive, which became effective for member states by October 2024, imposes mandatory cybersecurity risk management and incident reporting obligations on both “essential” and “important” entities. These entities span high-criticality sectors such as energy, transport, banking, and public administration, as well as critical services like digital infrastructure, cloud computing, and postal services. Notably, NIS 2 broadens the scope beyond traditional infrastructure providers to include organizations that may play a less central but still vital role in digital ecosystems.
- Lack of board access: The No. 1 factor for CISO dissatisfaction
As C-level executives, CISOs are accountable for anything that goes wrong but are not given the same C-level treatment and access that would help them execute their functions with authority. Cybersecurity leaders agree that they must engage with the board at their organizations to do their jobs. In reality, board engagement lags, and that disconnect drags down CISOs’ job satisfaction.
- Qantas CEO, top executives lose $522,000 in pay for major cyber breach
Qantas Airways Ltd. Chief Executive Officer Vanessa Hudson and her top leadership team were docked A$800,000 ($522,000) in pay for a cyberbreach that impacted millions of customers, as the airline attempts to show it’s taking a harder line on accountability and governance.
Hudson forfeited A$250,000 in compensation, while the airline’s five executive managers lost a combined A$550,000, Qantas said in its annual report, released Friday. Hudson’s total remuneration still climbed to A$6.31 million for the 12 months ended June, up from A$4.38 million a year earlier.
- The Rise Of The Cyber-Savvy CEO
From regulation to investor confidence, cybersecurity now defines market access and competitive standing. AI heightens both the opportunities and the risks, forcing boards and CEOs to rethink resilience as a condition of growth.
- Pressure on CISOs to stay silent about security incidents growing
A recent survey found that 69% of CISOs have been told to keep quiet about breaches by their employers, up from 42% just two years ago. CISOs are coming under increased pressures to keep quiet about security incidents because concerns about corporate reputation often outweigh adherence to regulatory compliance.
- CISO Essentials: Attracting, Retaining Top Cybersecurity Talent
When incoming chief information security officers (CISOs) take the reins, there is a brief window to demonstrate credibility, formulate a strategy, and demonstrate the business value of the role as they see it.
One of the key capabilities that new CISOs will likely need during their first year is the ability to effectively manage talent. While some incoming CISOs may step into a well-functioning cyber organization with minimal changes required, it’s more common for a CISO to inherit an organization that needs some form of improvement and restructuring to keep pace with the company’s evolving needs.
- The Secret to Building a High-Performing Team
Your team members have the ability to be courageous to do hard things. But they face a fundamental clash between the requirements of high performance and how their brains try to protect them. Your job is to create the conditions—the culture—so they can perform at their best and achieve results that matter.
