RSAC

Many organizations treat GenAI governance as a documentation or compliance exercise. This podcast episode reframes AI governance as a system-design problem and presents control-plane patterns for managing risk, accountability, and compliance across large-scale AI deployments. Speakers: Varun Raj, Associate Partner, Kyndryl Tatyana Sanchez, Senior Content Coordinator, RSAC Kacy Zurkus, Director, Content, RSAC

Guest: JR Williamson, SVP & CISO, Leidos Generative AI is accelerating innovation, but it’s also creating new blind spots. In this episode, we explore how CISOs can manage the rising risk of “shadow AI,” where employees use generative tools without oversight or safeguards. JR Williamson, SVP & CISO at Leidos, joins Dr. Hugh Thompson to share how the defense sector is approaching unauthorized AI use, from detecting activity early to putting practical guardrails around data handling, classification, and ethical use. They discuss how to balance innovation with security, bring unsanctioned tools into the light, and prepare for the emerging GenAI risks on the horizon.

Cyber resilience has become a defining priority for today’s security leaders, but translating the concept into real-world impact isn’t easy. In this episode of Cyber at the Top, Dr. Hugh Thompson is joined by Emma Smith, CISO at Vodafone, to explore what cyber resilience looks like in practice and how it shapes decision-making at scale. Drawing on her experience leading a major global security transformation, Emma shares how organizations can prepare for disruption, reduce impact, and recover more effectively over time. The conversation looks at resilience through the lens of people, culture, operating models, and measurement, and highlights why trust, accountability, and continuous improvement are essential to sustaining resilience in complex, highly regulated environments.

AI-powered impersonation and deepfakes are no longer theoretical—they are changing how trust works in real time. This discussion explores how industry and government can use existing legal frameworks, shared standards, and regulatory intent to move from abstract concern to concrete action, making trust, verification, and accountability explicit as deepfake-driven risk accelerates. Clarissa Cerda, Chief Legal Officer and Corporate Secretary, Pindrop Security Stefanie Fogel, Partner & Vice Chair, Markets & Sectors, DLA Piper Tatyana Sanchez, Senior Content Coordinator, RSAC Kacy Zurkus, Director, Content, RSAC

For years, information security was largely centered on protecting confidentiality. But as our world becomes more digital and increasingly dependent on always-available, trustworthy systems, integrity and availability are taking on equal importance. In this episode of Cyber at the Top, Dr. Hugh Thompson is joined by Bjørn Watne, Global CISO of INTERPOL, to explore how this shift is changing the way security leaders think about risk. Together, they discuss why disruption is becoming a defining threat, how emerging technologies are reshaping security priorities, and what it means to balance all three pillars of information security. The conversation offers a thoughtful look at how CISOs can reframe security as a driver of resilience, reliability, and organizational trust.

Keeping up with the laws and regulations in all the different jurisdictions relevant for your business already feels overwhelming. In this RSAC podcast, we are excited to be joined by two members of the RSAC Program Committee, who will simplify the tangle by highlighting the most important elements of the global legal and regulatory landscape for the cybersecurity community. Tune into this podcast as we explore how organizations can stay ahead of these changes and highlight the key sessions attendees can look forward to regarding regulations at the upcoming RSAC 2026 Conference. Speakers: John Elliott, Principal Consultant, Withoutfire Laura Koetzle, Head of Community Research, RSAC Tatyana Sanchez, Senior Coordinator, Content & Programming, RSAC Kacy Zurkus, Director, Content, RSAC

As digital ecosystems expand, third-party relationships have become both business enablers and critical sources of cyber risk. In this episode, T.J. Patterson, VP and Information Security Officer at STAR Financial Bank, joins Dr. Hugh Thompson to explore how CISOs can navigate the growing complexity of third-party risk management. They discuss practical methods for identifying and prioritizing high-risk vendors, maintaining visibility beyond initial assessments, and driving accountability across the supply chain. From regulatory shifts to the limits of automation, this conversation offers actionable strategies for managing risk at scale.

The use of AI has weakened many of us in the areas of critical thinking and emotional intelligence. We are enticed by the speed of AI responses to our problems but it is our neural pathways that are stunted in growth due to the lack of usage. Tune into this podcast to learn how to bridge neuroscience, emotional and artificial intelligence to enhance and understand how to optimize. This podcast will drawn on the speaker’s research results in how we can effectively use AI to assist us in our professional and even personal lives while keeping our brains exercised. Nancy Yuen, Sr. Director of Global SOX and Audit Compliance, SoFi Technologies Tatyana Sanchez, Senior Coordinator, Content & Programming, RSAC Kacy Zurkus, Director of Content, RSAC

Bridging the gap between cybersecurity and business priorities starts with a common language that explains risk in terms business leaders can relate to. In this episode, Mathias Buecherl, Group CISO at Heidelberg Materials, joins Dr. Hugh Thompson to explore how data-driven measurement is reshaping how organizations communicate, prioritize, and invest in security. They discuss why standardized metrics matter, how to translate cyber threats into financial and business terms, and what it takes to gain executive buy-in. From overcoming resistance to applying financial rigor to building maturity over time, this conversation offers a roadmap for making cyber risk measurable and meaningful.

AI is a friend, but it can be a terrible foe when not properly used. In cybersecurity, we also see AI as an enabler of cyber-criminal activities and security errors. In this podcast, we will focus on what you need to know to defend your enterprise against AI-enabled cyberattacks. We will also discuss how to protect yourself and your company against errors caused by the improper use of AI. Alex Holden, CISO, Hold Security, LLC Tatyana Sanchez, Content & Program Coordinator, RSAC

From busy showroom floors to hyped up vendor marketing claims, security leaders are constantly asked to choose the “right” cybersecurity partner. In this episode, Dr. Hugh Thompson sits down with Tal Arad, former CTO and Group CISO at Carlsberg Group, to unpack how security leaders can cut through the noise and build partnerships that strengthen their organizations. Drawing on his experience, Tal explores how to determine whether a solution truly addresses a real problem, why early technical discussions and proofs of concept matter, and what signals indicate a vendor can be a trusted partner. Ultimately, this episode offers a practical, experience-driven playbook for CISOs looking to choose partners they’ll still trust and want to work with years down the road.

Traditional network security has evolved, and security teams are challenged to understand data flows and how to use AI to help manage modern infrastructures and communications. Whether you are looking to increase resilience, streamline operations, or navigate the challenges of API abuse, RSAC 2026 Conference will help you navigate the shifting threat landscape of Network & Communications Security. Join this podcast to hear more about upcoming sessions you won’t want to miss. Chuck Kesler, Chief Infromation Security Officer, Pendo.io Jennifer Minella, Principal Security Advisor, Viszen Security | CISO Launch Lenny Zeltser, CISO, Axonius Tatyana Sanchez, Content & Program Coordinator, RSAC Kacy Zurkus, Director, Content, RSAC

Zero Trust has become one of the most talked-about frameworks in cybersecurity, but what does it really look like in practice at global scale? And how is it being reshaped by the rise of artificial intelligence? In this episode, Mastercard’s Deputy Chief Security Officer, Alissa “Dr. Jay” Abdullah joins Dr. Hugh Thompson to discuss how Zero Trust is evolving in the age of AI. They explore what it takes to build the right foundation, how to measure progress, and what it takes to align business leaders around the vision. From scaling strategy across a global enterprise to applying Zero Trust principles to AI systems themselves, this conversation unpacks how innovation and security can move forward together.

Most organizations ask questions like, “How do I get ahead of my vulnerabilities?” The reality is we need practical guidance to move past vulnerability debt and start driving risk reduction. With good implementation, modern concepts like CTEM offer an opportunity. Tune into this podcast as we will explore how to shift from counting vulnerabilities to managing what truly matters, so organizations can prioritize, act, and finally get ahead. Steve Ocepek, General Manager, Kroll Tatyana Sanchez, Content & Program Coordinator, RSAC Kacy Zurkus, Director, Content, RSAC

As 5G, IoT, and edge networks expand, secure connectivity defines digital trust. This session presents a practical roadmap for building resilience and governance into connected ecosystems. Using the proven CPD framework, this podcast will explore how leaders can embed commitment, preparedness, and discipline to ensure trust continuity. Dave Chatterjee, Visiting Professor, Pratt School of Engineering, Duke University Tatyana Sanchez, Content & Program Coordinator, RSAC Kacy Zurkus, Director, Content, RSAC