3556: How Illumio Is Helping Leaders Rethink Cybersecurity for a World Where Attacks Keep Happening

What happens when we finally admit that stopping every cyberattack was never realistic in the first place? That is the thread running through this conversation, recorded at the start of the year when reflection tends to be more honest and the noise dial is turned down a little. I was joined by returning guest Raghu Nandakumara from Illumio, nearly three years after our last discussion, to pick up a question that has aged far too well. How do organizations talk about cybersecurity value when breaches keep happening anyway? This episode is less about shiny tools and more about uncomfortable truths. We spend time unpacking why security teams still struggle to show value, why prevention-only thinking keeps setting leaders up for disappointment, and why the conversation is slowly shifting toward resilience and containment. Raghu is refreshingly direct on why reducing cyber risk, rather than chasing impossible guarantees, is the only metric that really holds up under boardroom scrutiny. We also talk about the strange contradiction playing out across industries. Attackers are often using familiar paths like misconfigurations, excessive permissions, and missing patches, yet many organizations still fail to close those gaps. The issue, as Raghu explains, is rarely a lack of tools. It is usually fragmented coverage, outdated processes, and a talent pipeline that blocks capable people from entering the field while claiming there is a skills shortage. One of the most practical parts of this conversation centers on mindset. Instead of asking whether an attacker got in, Raghu argues that leaders should be asking how far they were able to go once inside. That shift alone changes how success is measured, how teams prepare for incidents, and how pressure-filled P1 moments are handled when boards want answers every fifteen minutes. We also touch on how legal action, public claims campaigns, and customer lawsuits are changing the stakes after a breach, forcing executives to rethink how they frame cyber investment. From there, Raghu shares how Illumio has been working with Microsoft to strengthen internal resilience at massive scale, and why visibility and segmentation are becoming harder to ignore. This is a conversation about realism, responsibility, and growing up as an industry. If cybersecurity is really about safety and not slogans, what would you want your organization to stop saying, and what would you rather hear instead? Please feel free to upload the podcast. Here are also the links we discussed on the call: Useful Links Connect with Raghu Nandakumara on LinkedIn and Twitter Learn more about Illumio Lateral Movement in Cyberattacks Illumio Podcast  Follow on Facebook, Twitter, LinkedIn, and YouTube   Thanks to our sponsors, Alcor, for supporting the show.

What really happens inside an organization when a cyber incident hits and the neat incident response plan starts to fall apart? That question sat at the heart of my return conversation with Max Vetter, VP of Cyber at Immersive. It has been a big year for breaches, public fallout, and eye-watering financial losses, and this episode goes beyond headlines to examine what cyber crisis management actually looks like when pressure, uncertainty, and human behavior collide. Max brings a rare perspective shaped by years in law enforcement, intelligence work, and hands-on cyber defense, and he is refreshingly honest about where most organizations are still unprepared. We talked about why written incident response plans tend to fail at the exact moment they are needed most. Cyber incidents are chaotic, emotional, and non-linear, yet many plans assume calm decision-making and perfect coordination. Max explains why success or failure is often defined by the response rather than the initial breach itself, and why leadership, communication, and judgment matter just as much as technical skill. Real-world examples from major incidents highlight how competing pressures quickly emerge, whether to contain or keep systems running, whether to pay a ransom or risk prolonged downtime, and how every option comes with consequences. One idea that really stood out is Max's belief that resilience is revealed, not documented. Compliance and audits may tick boxes, but they rarely expose how teams behave under stress. We explored why organizations that rely on annual tabletop exercises often develop a false sense of confidence, and how that confidence can become dangerous when decisions are made quickly and publicly. Max shared why the best-performing teams are often the ones that feel less certain in the moment, because they question assumptions and adapt faster. We also dug into the growing role of crisis simulations and micro-drills. Rather than rehearsing a single scenario once a year, Immersive focuses on repeated, realistic practice that builds muscle memory across technical teams, executives, legal, and communications. The goal is not to predict the exact attack, but to train people to think clearly, collaborate across functions, and make defensible decisions when there are no good options. That preparation becomes even more important as cyber incidents increasingly spill into supply chains, manufacturing, and the physical world. As public scrutiny rises and consumer-led legal action becomes more common after breaches, reputation and response speed now sit alongside forensics and recovery as business-critical concerns. This episode is a candid look at why cyber crisis readiness is a discipline, not a document, and why assuming you will cope when the moment arrives is a risky bet. So if resilience only truly shows itself when everything is on the line, how confident are you that your organization would perform when the pressure is real and the clock is ticking? Useful Links Connect with Max Vetter on Linkedin Learn more about Immersive Labs Follow on LinkedIn, Instagram, Twitter and Facebook Thanks to our sponsors, Alcor, for supporting the show.

What happens when the web browser stops being a passive window to information and starts acting like an intelligent coworker, and why does that suddenly make security everyone's problem? At the start of 2026, I sat down with Michael Shieh from Mammoth Cyber to unpack a shift that is quietly redefining how work gets done. AI browsers are moving fast from consumer curiosity to enterprise reality, embedding agentic AI directly into the place where most work already happens, the browser. Search, research, comparison, analysis, and decision support are no longer separate steps. They are becoming one continuous workflow. In this conversation, we talk openly about why consumer adoption has surged while enterprise teams remain hesitant. Many employees already rely on AI-powered browsing at home because it removes ads, personalizes results, and saves time.  Inside organizations, however, the same tools raise difficult questions around data exposure, credential safety, and indirect prompt injection. Once an AI agent starts reading untrusted external content, the browser itself becomes a new attack surface. Michael explains why this risk is often misunderstood and why the real danger is not internal documents, but external websites designed to manipulate AI behavior. We dig into how Mammoth Cyber approaches this challenge differently, starting with a secure-first architecture that isolates trusted internal data from untrusted external sources. Every AI action, from memory to model connections to data access, is monitored and governed by policy. It is a practical response to a problem many security teams know is coming but feel unprepared to manage. We also explore how AI browsers change day-to-day work. A task like competitive analysis, which once took days of manual research and document comparison, can now be completed in minutes when an AI browser securely connects internal knowledge with external intelligence. That productivity gain is real, but only if enterprises trust the environment it runs in. We touch on Zero Trust principles, including work influenced by Chase Cunningham, and why 2026 looks like a tipping point for enterprise AI browsing. The technology is maturing, security controls are catching up, and businesses are starting to accept that blocking AI outright is no longer realistic. If you are curious to see how this works in practice, Mammoth Cyber offers a free Enterprise AI Browser that lets you experience what secure AI-powered browsing actually looks like, without putting your organization at risk. I have included the link so you can explore it yourself and decide whether this is where work is heading next. So, as AI browsers become the new workflow hub for knowledge workers everywhere, is your organization ready to secure the browser before it becomes your most exposed endpoint, and what would adopting one safely change about how your teams work? If you want to see what an enterprise-grade AI browser looks like when security is built in from day one, Mammoth Cyber is offering free access to its Enterprise AI Browser.  It gives you a hands-on way to experience how agentic AI can automate real work inside the browser while keeping internal data isolated from untrusted external sources. You can explore it yourself and decide whether this is how your organization should be approaching AI-powered browsing in 2026. Useful Links Learn more about the Mammoth Enterprise Browser and try it for free  Connect with Michael Shieh on LinkedIn Thanks to our sponsors, Alcor, for supporting the show.

What happens when engineering teams can finally see the business impact of every technical decision they make? In this episode of Tech Talks Daily, I sat down with Chris Cooney, Director of Advocacy at Coralogix, to unpack why observability is no longer just an engineering concern, but a strategic lever for the entire business. Chris joined me fresh from AWS re:Invent, where he had challenged a long-standing assumption that technical signals such as CPU usage, error rates, and logs belong only in engineering silos. Instead, he argues that these signals, when enriched and interpreted correctly, can tell a much more powerful story about revenue loss, customer experience, and competitive advantage. We explored Coralogix's Observability Maturity Model, a four-stage framework that guides organizations from basic telemetry collection to business-level decision-making. Chris shared that many teams stall on measuring engineering health without connecting that data to customer impact or financial outcomes. The conversation became especially tangible when he explained how a single failed checkout log can be enriched with product and pricing data to reveal a bug costing thousands of dollars per day. That shift, from "fix this tech debt" to "fix this issue draining revenue," fundamentally changes how priorities are set across teams. Chris also introduced Olly, Coralogix's AI observability agent, and explained why it is designed as an agent rather than a simple assistant. We discussed how Olly can autonomously investigate issues across logs, metrics, traces, alerts, and dashboards, enabling anyone in the organization to ask questions in plain English and receive actionable insights. From diagnosing a complex SQL injection attempt to surfacing downstream customer impact, Olly represents a move toward democratizing observability data far beyond engineering teams. Throughout our discussion, a clear theme emerged. When technical health is directly tied to business health, observability stops being a cost center and becomes a competitive advantage. By giving autonomous engineering teams visibility into real-world impact, organizations can make faster, better decisions, foster innovation, and avoid the blind spots that have cost even well-known brands millions. So if observability still feels like a necessary expense rather than a growth driver in your organization, what would change if every technical signal could be translated into a clear business impact, and who would make better decisions if they could finally see that connection? Useful LInks Connect with Chris Cooney Learn more about Coralogix Follow on LinkedIn Thanks to our sponsors, Alcor, for supporting the show.

What does real AI transformation look like when leaders stop chasing prototypes and start demanding outcomes they can actually measure? That question sat at the center of my conversation with Alex Cross, Chief Technology Officer for EMEA at CI&T, alongside Melissa Smith, as we unpacked why so many organizations feel stuck between AI ambition and business reality. There is no shortage of excitement around AI, but there is growing skepticism too, especially from leadership teams who have seen pilots come and go without clear return. This episode focuses on how CI&T is addressing that gap head on. Alex shared how CI&T frames its work as AI-enabled transformation rather than simply layering AI tools onto existing processes. The distinction matters.  Instead of using AI to speed up broken workflows, CI&T reshapes how work gets done so AI becomes part of value creation itself. We explored a standout example from ITAU, the largest bank in Latin America, where deep modernization work helped deliver gains that most executives only ever see in strategy decks.  Productivity rose sharply, digital launch cycles collapsed from years to months, customer satisfaction jumped, and the commercial impact reached hundreds of millions in uplift. These are the kinds of results that change boardroom conversations. A big part of how CI&T gets there is its proprietary Flow platform. Alex explained how Flow gives clients a day-one AI environment, removing the heavy upfront cost and complexity that often slows momentum. Instead of spending months building platforms before any value appears, teams can move from proof of concept to production in as little as six to eight weeks. Flow also plays a second role that many AI programs miss, acting as a measurement layer so performance, efficiency, and ROI are visible rather than assumed. We also talked about why partnerships matter when execution is the goal. CI&T works closely with hyperscalers like AWS and Databricks, combining native tools with its own codified expertise. That combination has helped the company achieve an unusually high success rate in bringing AI initiatives to production, a challenge many organizations still struggle with. For Alex, the difference comes down to a relentless focus on production readiness and collaboration between business and technology teams from day one. Looking ahead, the conversation turned to CI&T's expansion across EMEA and what the company's 30th year represents. Rather than chasing every new trend, the focus is on productizing services around real client problems, whether that is legacy modernization, efficiency, or growth. The goal is to bridge strategy and execution in a way that feels practical, fast, and accountable. If you are leading AI initiatives and wondering why progress feels slower than the hype suggests, this episode offers a grounded perspective from the front lines. So, as organizations head into another year of bold AI plans, the real question becomes this. Are you building faster caterpillars, or are you ready to do the harder work required to turn ambition into something that can truly scale? Useful Links Connect with Alex Cross Connect With Melissa Smith Learn more about CI&T Follow CI&T on LinkedIn and YouTube Thanks to our sponsors, Alcor, for supporting the show.

What does AI-led transformation actually look like when it moves beyond pilots, hype, and slide decks and starts changing how work gets done every day? That question framed my conversation with Venk Korla, CEO of HGS, at a time when many organizations feel both excited and exhausted by AI. Boards want results, teams are buried in proofs of concept, and leaders are under pressure to show progress without breaking trust, budgets, or operations. This episode cuts through that tension and focuses on what it takes to turn ambition into outcomes. Venk shared how HGS thinks about what he calls intelligent experiences, where customer interactions are directly connected to operational follow-through. Instead of treating AI as a front-end layer or a chatbot add-on, HGS links context, data, and fulfillment so the experience continues after the conversation ends. We talked through practical examples, from airlines proactively rebooking stranded passengers before they queue at a desk, to healthcare providers guiding patients step by step before and after surgery with timely, relevant messages. In each case, the value comes from anticipation and execution, not novelty. A big part of our discussion centered on why so many AI initiatives stall. Venk described how organizations often chase technology first, launching pilots without redesigning the underlying process. HGS takes a different route through what they call Realized AI, embedding AI into specific workflows with clear ownership and measurable goals. The focus is on outcomes such as faster processing, higher compliance, and improved customer satisfaction, all proven within a ninety day proof of value. It is a disciplined approach that favors repeatability over experimentation theater. We also spent time on cloud strategy, an area where expectations and reality often collide. Venk was candid about why simple lift-and-shift migrations fail to deliver value. Without re-architecting applications to take advantage of elasticity and serverless compute, cloud spend can grow while performance stalls. He shared how a FinOps mindset, combined with application redesign, helped one client dramatically improve load speeds while reducing costs, reinforcing the idea that transformation requires structural change, not surface movement. Ethics and trust were another thread running through the conversation. Venk emphasized that AI systems are only as reliable as the data, governance, and oversight behind them. Human-in-the-loop design remains central at HGS, ensuring accountability, empathy, and confidence for both customers and employees working alongside AI. This balance between automation and human judgment came up again when we discussed their software-as-a-surface model, where AI and people work together in a carefully orchestrated way, with pricing tied to resolved outcomes rather than activity alone. As the pace of change continues to accelerate, this episode offers a grounded perspective on how to move forward without getting lost in noise. If you are leading transformation and feeling pressure to show progress, the real challenge may not be choosing the right tool, but deciding which outcomes truly matter and redesigning work around them. As AI, cloud, and customer experience continue to converge, are you building systems that look impressive in demos or that deliver predictable results when it counts? Useful Links Connect with Venk Korla Learn more about HGS Follow on LinkedIn  

What if the biggest breakthrough in weight management is not a new diet, but finally seeing how your body responds in real time? That question sat at the center of my conversation with Sharam Fouladgar-Mercer, CEO and co-founder of Signos, a continuous glucose monitoring (CGM) and AI-powered health platform built to help people manage weight by understanding their metabolism. January is when motivation is high and the wellness noise is loud, but it is also when a lot of people realize how hard it is to stick with generic advice that does not fit real life. This episode is about why personalization matters, how metabolic signals can change the way you think about food and exercise, and what happens when health technology shifts from reporting the past to guiding the next decision. Sharam explained how Signos pairs a CGM with an AI-driven experience that turns glucose data into practical actions. The point is not to force people into rigid rules or extreme restrictions. Instead, it is about learning how your body reacts to everyday choices, then using that feedback to reduce spikes, improve consistency, and build habits you can actually live with. We talked about simple interventions, like changing the order of foods in a meal, timing movement more intelligently, and spotting patterns that would otherwise stay invisible. Two personal stories brought the conversation to life. Sharam shared how he lost 25 pounds while increasing his calorie intake, which challenges a lot of assumptions people carry into weight loss. He also shared a story from his family life, where his wife's deep sleep increased from roughly 20 minutes a night to around 60 minutes after focusing on glucose stability, even while total sleep time remained limited during the intense period of raising young kids. It is the kind of detail that hits home for anyone who has ever tried to make healthier choices while exhausted and stretched thin. We also explored why FDA clearance matters for Signos and what that could mean for mainstream access. Over-the-counter availability reduces friction, can lower cost, and opens the door to broader adoption, including potential FSA and HSA eligibility. Looking ahead, Sharam shared a vision that goes beyond weight management, connecting metabolic health to the long arc of prevention and chronic conditions where insulin resistance plays a role. If you have ever felt like you are doing all the "right" things and still not seeing results, this episode will make you rethink what "right" even means. And if you could finally see your metabolism in real time, would it change how you approach food, sleep, exercise, and the habits you want to keep this year? Useful Links Connect with Sharam Fouladgar-Mercer Learn more about Signos Instagram, Facebook, X and YouTube Thanks to our sponsors, Alcor, for supporting the show.  

What if your website could spot its own problems, fix them, and quietly make more money while you focus on building your business? That question sat at the heart of my conversation with Aviv Frenkel, co-founder and CEO of Moonshot AI, and it speaks to a frustration almost every founder and digital leader recognizes. Traffic is expensive, attention is fragile, and even small issues in design or flow can quietly drain revenue for months before anyone notices. Traditional optimization often means long cycles, internal debates, and teams juggling analytics, design tools, and testing platforms while hoping the next experiment moves the needle. Aviv's perspective is shaped by lived experience. Before building Moonshot AI, he ran an e-commerce company that had plenty of visitors but disappointing conversion. Like many founders, he watched teams guess at fixes, wait weeks for tests to run, then struggle to link effort to outcome. Moonshot AI was born from that frustration, with a simple ambition. Let the website diagnose what is broken, generate solutions, test them, and deploy the winner automatically, without the need for a dedicated growth team. In our discussion, Aviv explained how Moonshot focuses on front-end experience and site performance, spotting issues such as unclear value propositions, poorly placed calls to action, or confusing mobile navigation. The platform generates its own design, copy, and code variants, runs live tests, and then rolls out what actually works. The results are hard to ignore. Brands across beauty, fashion, jewelry, and consumer electronics are seeing revenue per visitor lift by thirty to fifty percent within months. One small change to a mobile navigation menu at Hugh Jewelry led to a fifty seven percent increase in revenue per visitor, which is the kind of outcome that gets leadership teams paying attention. We also talked about momentum behind the company itself. A recently announced ten million dollar seed round has given Moonshot AI the resources to scale engineering and go-to-market teams at a time when demand is accelerating fast. But beyond funding and growth charts, what stood out most was Aviv's longer-term view. As more people turn to AI assistants and agents instead of traditional search, websites need to be structured so machines can understand them as clearly as humans. Moonshot is already optimizing for that future, preparing sites for an agent-driven web where the customer might be an algorithm as much as a person. Aviv also shared his personal journey, moving from a successful career as a tech journalist and TV host into the far more humbling world of building companies. Rejection, uncertainty, and hard lessons came with the territory, but so did clarity. His guiding idea, inspired by Jeff Bezos, is a minimum regret mindset, choosing the harder path now to avoid looking back later and wondering what might have been. So as AI moves from tools that assist to systems that act, and as websites become active participants in growth rather than static assets, the big question becomes this. Are you still relying on slow, manual optimization cycles, or are you ready to let your website start improving itself, and what does that shift mean for how you build and scale in the years ahead? Useful Links Connect with Aviv Frenkel Learn More About Moonshot AI Follow on LinkedIn Thanks to our sponsors, Alcor, for supporting the show.

What happens when decades of supply chain planning collide with AI, volatility, and a world that no longer moves at a predictable pace? That question sat at the heart of my conversation with Piet Buyck, a serial entrepreneur whose career spans early optimization engines, cloud-era planning systems, and now AI-driven decision environments. Speaking from Antwerp just days before the holidays, Piet brought a calm, grounded perspective shaped by years inside organizations operating under real commercial pressure. His journey includes building Garvis, an AI-native planning platform later acquired by Logility, which itself became part of Aptean. That arc alone tells a story about consolidation, scale, and where modern planning is heading. We spent time unpacking ideas from Piet's book, AI Compass for Supply Chain Leaders, particularly his view that planning drifted too far into abstract numbers and away from real-world context. Long before AI became a boardroom obsession, he saw how centralized models created distance between decisions and reality. When disruption arrives, whether through pandemics, tariffs, or geopolitical tension, that distance becomes costly. Piet shared vivid examples of how slow, spreadsheet-heavy processes fail precisely when speed and clarity matter most. One thread that kept resurfacing was data. Many leaders believe their data is "good enough" until volatility exposes blind spots. Piet pushed the conversation further, explaining that AI's value goes beyond crunching clean datasets. It can move understanding across silos, surface the reasons behind decisions, and make context visible without endless meetings. That idea of explainable, collaborative AI came up repeatedly, especially as a counterpoint to opaque automation that creates confidence without understanding. We also tackled the human side. There is anxiety around skills erosion and entry-level roles disappearing, but Piet's view was more nuanced. AI shifts where time and energy go, away from gathering information and toward judgment, fairness, and accountability. In his eyes, the real challenge for leaders is choosing the right scope. Projects that are too small fade into irrelevance, while those that are too big stall under their own weight. As we looked ahead, Piet reflected on how leadership itself may change as data becomes accessible to everyone. Authority based on instinct alone becomes harder to defend when assumptions are visible. The leaders who thrive will be those who can explain direction clearly, connect data to purpose, and bring people with them. So after hearing how planning, AI, and leadership are converging in real organizations today, how do you see the balance between human judgment and machine intelligence playing out in your own world, and are we truly ready for what that shift demands? Useful Links Connect with Piet Buyck The AI Compass for Supply Chain Leaders Book Logility Website Follow on LinkedIn  Thanks to our sponsors, Alcor, for supporting the show.  

Today's episode is a conversation with Bret Kinsella, recorded while he was in Las Vegas for CES and preparing to step onto the AI stage. Bret brings a rare combination of long-term perspective and hands-on experience. As General Manager of Fuel iX at TELUS Digital, he operates generative AI systems at a scale most enterprises never see, processing trillions of tokens and delivering measurable business outcomes for global organizations. That vantage point gives him a clear view of both the promise of generative AI and the uncomfortable truths many teams are still avoiding. Together, we unpack why generative AI breaks so many of the assumptions security teams have relied on for decades. Bret explains why these systems are probabilistic rather than deterministic, and how that single shift creates what he calls an unbounded attack surface. Users are no longer limited to predefined buttons or workflows, and outputs are no longer constrained to a fixed database. The same prompt can succeed or fail depending on subtle changes, which makes single-pass testing and checkbox compliance dangerously misleading. If you have ever wondered why an AI system feels safe one day and unpredictable the next, this conversation offers a grounded explanation. We also explore why focusing on the model alone misses the real risk. Bret makes a strong case that the model is only one part of a much larger system shaped by system prompts, connected data sources, tools, and guardrails. Change any one of those elements and behavior shifts. This is why automated, continuous red teaming has become unavoidable. Bret shares how Telus Digital's Fortify AI attack model uncovered hundreds of vulnerabilities in hours, far beyond what human teams could realistically surface on their own. Yet automation is not the end of the story. The final decisions still depend on people who understand context, trade-offs, and business impact. Throughout the discussion, we return to a simple but uncomfortable idea. AI safety is not something you bolt on after deployment. It demands a different mindset, broader testing, repeated validation, and ongoing human judgment. For leaders moving from experimentation to real-world deployment, this episode is a clear-eyed look at what responsible progress actually requires. So, as more organizations rush to deploy agents and autonomous systems in 2026, are we truly prepared for software that learns, adapts, and occasionally surprises us, and what does that mean for how you test and trust AI inside your own business? Useful Links Connect with Bret Kinsella Telus Digital Website Fuel iX Thanks to our sponsors, Alcor, for supporting the show.