Vigilance, by The Roundtable Network

Hosted by Pam Brodt

TechnologyInterviews guests

Website RSS feed

Episodes

Latest episode

Nov 2025

Language

About the show

"Vigilance" is a new, thought-provoking podcast and content series designed for Fortune 500 Chief Information Security Officers (CISOs), delving deep into the multifaceted and ever-evolving realm of corporate cybersecurity. This series, expertly hosted by Pam Brodt, founder of The Roundtable Network, is more than just a discussion on cybersecurity; it's an exploration of strategic foresight and actionable intelligence in a space where vigilance is non-negotiable. Each episode of Vigilance will tackle pressing questions and explore emerging trends in cybersecurity, from the defensive and offen

Listen to episodes

10 recent

November 11, 202531 min

Impersonation Is Out of Control. How Doppel Finds It Before You Even Know It’s Happening

Fake LinkedIn profiles. Deepfake audio. WhatsApp scams. Your CEO being impersonated on BlueSky.Most security tools never even see it.In this episode, Kevin Tian (CEO & co-founder of Doppel) joins me to break down how modern impersonation campaigns actually work — and why traditional takedown tools aren’t enough.We dig into:Real-world impersonation campaigns targeting F500 execsHow Doppel maps entire threat infrastructures from a single phone numberWhy your SOC team is blind without cross-channel visibilityThe new threat vector keeping Kevin up at night: fake job candidatesThis is one of the most eye-opening conversations I’ve had about modern social engineering. Watch it now.—Timestamps:00:00 – Intro01:17 – Doppel’s origin story and growth02:45 – What makes the platform different04:32 – One thread → full threat graph05:17 – Real customer story: phone number → LinkedIn → inbox07:37 – Traditional tools vs emerging attack channels09:30 – Why takedown speed and success still matter12:18 – How Doppel takes threats down in minutes14:05 – Building evidence across multiple platforms15:04 – Executive protection: proactive vs reactive17:33 – Detecting threats before the enterprise knows19:05 – Fake political content from execs on BlueSky20:41 – Finding encrypted channel links (WhatsApp, Telegram)23:08 – Where impersonation is headed next: insider threats25:05 – Doppel’s newest product: deepfake simulation27:09 – Security awareness meets detection28:42 – Doppel’s vision: detect, disrupt, simulate29:14 – How to get in touch with Kevin

September 10, 202533 min

How Delta Airlines Reimagined Cybersecurity Awareness for 100,000+ Employees, with CISO Deborah Wheeler

What if security awareness training was something your employees looked forward to?In this episode of Vigilance, Delta Airlines CISO Deborah Wheeler joins Pam Brodt to share how she turned one of the most overlooked areas of cybersecurity—employee awareness—into a cultural movement inside a global enterprise.With a workforce of over 100,000, Deborah had to ditch fear-based training, design for a diverse range of roles (including flight crews), and build a program that empowers people at home and at work.What she and her team built is remarkable:A gamified phishing derby with 50,000+ entries and company-wide excitementSecurity training that starts with personal safety, not corporate policyTailored, role-specific delivery formats to meet people where they areA measurable drop in phishing click-through rates and a surge in reportingAwareness campaigns run by a team of just three peopleWhether you’re a CISO, awareness program owner, or enterprise leader—this conversation is a masterclass in human-first security strategy.🎧 Watch the full episode to learn:How to scale employee engagement across a massive enterpriseWhy storytelling and incentives work better than fearHow to measure behavior change beyond compliance checkboxesWhy your awareness team shouldn’t come from cybersecurity

July 22, 202532 min

The Hidden Threat Inside Every Enterprise: What CISOs Are Missing in the Software Supply Chain, with Koi’s Amit Assaraf

CISOs, are you watching the front door while attackers slip in through the side?In this episode of Vigilance, Pam Brodt sits down with Amit Assaraf, co-founder and CEO of Koi, to expose a massive blind spot in modern enterprise security: the unmonitored sprawl of extensions, registries, app stores, and marketplaces powering your software supply chain.Amit recounts how a simple experiment—uploading a lookalike VS Code extension—landed them inside Fortune 500 environments in under 7 days, undetected.The same path is being used by nation-state actors like Lazarus Group to breach global enterprises.We cover:Why auto-updates and ownership transfers are critical (and overlooked) attack vectorsHow trusted platforms like Chrome, NPM, PyPi, and Hugging Face are being exploitedWhy EDRs and AppSec tools fail to detect these threatsHow Koi is using AI-driven risk engines to monitor and secure 30+ marketplaces—without deploying a single new agentIf you’re a security leader balancing productivity and protection, this conversation will change how you think about supply chain risk.🔒 Don’t miss this one—it’s the conversation every enterprise CISO needs to hear.Chapters:0:00 Intro2:00 The origin of Koi: a marketplace experiment gone viral8:00 Why marketplaces are the next major attack surface13:00 The auto-update problem (Cyberhaven breach case study)18:00 Most abused platforms: IDEs, browsers, registries22:00 How Koi scales with automation and AI27:00 No agents, no friction: how Koi integrates30:00 Final thoughts for CISOs on balancing risk and velocity

January 20, 202536 min

Why 98% of Your Vulnerability Management is a Waste, with Nadir Izrael

In the latest episode of the Vigilance podcast, Nadir Izrael, CTO and Co-Founder of Armis, talks about the following: Threat intelligence Groundbreaking insights on the evolution of honeypots in the age of generative AI Challenges faced by CISOs and security organizations when it comes to threat intelligence How Armis' Actional Threat Intelligence (ATI) is changing the game

November 13, 202431 min

How Enterprise Browsers Are Streamlining Security, with Mike Fey from Island

Mike Fey, co-founder and CEO of Island, joins Vigilance to explore how enterprise browsers are reshaping cybersecurity, IT modernization, and the future of work. In this clip, Mike shares a pivotal market signal - four of the top five banks adopting enterprise browsers in a single quarter. It's a rare example where CISOs and CIOs find perfect alignment, as initial deployments quickly expand from tactical solutions to strategic platforms. Watch as Mike discusses this turning point in enterprise technology as well as topics like zero trust implementation, VDI reduction, and managing emerging technologies like GenAI.

August 29, 202449 min

Demystifying AI Security, With Omar Khawaja

In this episode of Vigilance, Pam Brodt sits down with Omar Khawaja, a seasoned CISO turned AI security expert, to unpack the complexities of securing artificial intelligence in the enterprise. Omar, drawing from his extensive experience as a CISO and his current role at Databricks, offers a unique perspective on the challenges and opportunities AI presents for security professionals. He introduces a groundbreaking framework for understanding and securing AI systems, likening it to the structured approach of medical education. Key highlights include: • The current state of AI adoption and why CISOs are often left out of critical AI discussions • A breakdown of AI systems into 12 core components and 3 subsystems for easier comprehension • An exploration of 55 key AI risks and how to map them to specific controls • The importance of understanding data operations, model operations, and DevSecOps in AI security • Practical advice for CISOs on where to start with AI security, including focusing on specific use cases • The Databricks AI Security Framework (DASF) - a free, comprehensive resource for AI security Omar emphasizes the need for CISOs to move beyond the extremes of either avoiding AI altogether or treating it like traditional applications. He advocates for a balanced approach that acknowledges AI's risks while recognizing that it can be securely managed and implemented. The episode provides actionable insights for security professionals looking to get up to speed on AI security, offering a clear roadmap for responsible AI adoption. Omar's parting advice encourages CISOs to embrace AI's challenges, asserting that with the right framework and understanding, organizations can indeed "have their cake and eat it too" when it comes to AI security. Whether you're a CISO grappling with AI security concerns, a technology leader interested in responsible AI adoption, or simply curious about the intersection of AI and cybersecurity, this episode offers invaluable insights and a practical framework for navigating the complex world of AI security.

June 20, 202439 min

Over 45% of Your Employees Are Using Gen AI, With Archana Vemulapalli

In this episode of the Vigilance podcast, host Pam Brodt welcomes Archana Vemulapalli, a seasoned technology executive, to explore the transformative impact of generative AI on cybersecurity. As AI advances at an unprecedented pace, CISOs must navigate the challenges and opportunities presented by this game-changing technology. Archana shares her insights and practical advice for security leaders looking to enable their organizations to harness the power of generative AI: — Develop a strategic approach to leveraging generative AI — Enable teams through education and governance frameworks — Engage early in cross-functional AI initiatives — Extend existing data usage and privacy controls to generative AI — Invest in secure computing environments to protect data — Adopt nimble organizational structures to keep pace with AI innovation — Identify high-value use cases to drive meaningful outcomes — Foster a culture of continuous learning and experimentation — Partner with technology providers that prioritize security in AI offerings While the generative AI landscape is rapidly evolving, CISOs can apply proven methodologies and governance practices to manage risks while enabling innovation. Archana also highlights the importance of using AI and generative AI to enhance an organization's own security posture. Whether you're a CISO at a Fortune 500 company or a cybersecurity professional seeking to stay ahead of the curve, this episode offers valuable insights and actionable steps to begin your generative AI journey. The time to embrace this transformative technology is now.

May 8, 202453 min

Will You Be Ready For Quantum? With Tom Patterson — MD of Emerging Technology Security at Accenture

In this episode of Vigilance, host Pam Brodt sits down with Tom Patterson, Managing Director for Emerging Technology Security at Accenture, to discuss the critical issue of quantum security. As quantum computers advance rapidly, the encryption methods that secure most of today's digital information and communication are at risk of becoming vulnerable. Tom breaks down what organizations need to know about this emerging threat and outlines a process to start preparing now: — Develop a quantum security strategy — Discover where vulnerable encryption exists across the enterprise — Engage with your technology ecosystem and vendors — Design a crypto-agile security architecture — Set up quantum-safe encryption test environments — Run limited trials of quantum-safe solutions — Roll out quantum-safe encryption more broadly — Transition to steady-state quantum security management While the exact timeline is uncertain, experts advise starting the multi-year quantum security transition process immediately. Tom also discusses new cryptographic standards on the horizon, leveraging AI to accelerate the process, and an open maturity model to help benchmark progress. Whether you're a CISO at a Fortune 500 company or a cybersecurity professional looking to learn more, this episode provides a wealth of knowledge and practical steps to begin quantum-proofing your organization. The time to start is now. ___ Vigilance is presented by The Roundtable Network Produced by Thursday Labs

April 10, 202435 min

Not All Security Metrics Are KPIs, with Jim Routh

On the latest episode of the Vigilance podcast, I had the pleasure of speaking with Jim Routh. Jim is a renowned cybersecurity expert with a wealth of experience, including: — Serving as CISO at six different organizations — Board memberships at FS-ISAC and H-ISAC — Advising roles with cybersecurity and IT companies — Teaching cybersecurity at NYU — Mentoring CISOs He brings unique insights to the conversation through his expertise in: — Applying risk management discipline to global enterprises — Designing security controls using innovation and data science During our discussion, Jim shared a powerful perspective on decision-making for CISOs: Better decisions stem from facts. While facts are becoming increasingly elusive in today’s world, it is a non-negotiable for cybersecurity experts. KPIs are fact-based and provide a clear picture of reality by design. KPIs: — Measure progress at a specific moment in time — Help you make informed decisions and take action When a KPI indicates a process is performing optimally, no action is needed. But when the results fall short, it's time for change. This is an opportunity to discuss improvements and support the process owner. By helping them implement necessary changes, we enhance security. KPIs help us rally stakeholders to avoid acting based on speculation. This approach ensures that: — Efforts are grounded in reality — Resources are allocated effectively — The right actions are prioritized In a world where facts are often obscured, KPIs provide clarity. ___ Vigilance is presented by The Roundtable Network Produced by Thursday Labs

March 12, 202443 min

Do US SEC Legal Actions Put CISOs at Risk? with Shamla Naidoo

Welcome to the inaugural episode of Vigilance, our new podcast and content series designed for Fortune 500 Chief Information Security Officers (CISOs). Every month, we’ll be diving deep into the multifaceted and ever-evolving realm of corporate cybersecurity. This series is more than just a discussion on cybersecurity; it's an exploration of strategic foresight and actionable intelligence in a space where vigilance is non-negotiable. I’m thrilled to be joined by Shamla Naidoo in our first episode to discuss how the US SEC legal actions put CISOs at risk. Here is a quick outline of what we’ll cover in this article and episode: - The impact of the SEC’s legal action on CISOs - Understanding the risks and liabilities of a CISO role - The importance of clear job descriptions - Balancing professional & personal accountabilities - The role of indemnity in protecting CISOs - The Importance of Documenting Decisions and Actions - Effective Communication and Reporting Strategies With over 42 years working in the tech sector, Shamla has served as a CISO for major corporations, gaining first-hand knowledge of the role's complexities. In addition to her CISO background, she holds a law degree, giving her an invaluable legal perspective on the regulatory and liability issues confronting security leaders. Currently, Shamla serves on the boards of public companies, leveraging her seasoned understanding of both corporate governance and cybersecurity dynamics. She also advises an emerging cybersecurity startup, staying actively involved with innovative technologies. Additionally, she teaches courses on technology law and policy at the University of Illinois Chicago, helping shape future business leaders and policymakers. With her diverse background spanning CISO leadership, legal expertise, corporate board experience, and academic roles, Shamla brings unparalleled insights to any conversation on cybersecurity.