From DFIR Godfather to AI Risk Advocate: Rob T. Lee on Cybersecurity’s Crossroads | RSA 2025
Audio is streamed directly from the publisher (media.transistor.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
In this special RSA Conference edition of The Professional CISO Show, host David Malicoat sits down with Rob T. Lee—Chief of Research at SANS Institute and a foundational figure in cybersecurity. With nearly three decades of experience spanning the Air Force, Mandiant, and SANS, Rob shares his insights on the evolving challenges of the CISO role, the toxicity of today’s security environments, and the urgent need for AI literacy across the industry.
Rob dives deep into the accelerating threat landscape, the need for cyber safe harbors, and why he believes we’re on the verge of normalizing breaches as the cost of doing business. He also makes the case for rewarding defenders and rethinking how we define cybersecurity success.
Key Highlights:
- Why most CISOs say “never again”—and what needs to change
- Why Rob coined DFIR and CTI (and the story behind it)
- The CISO “zero-sum game” and how toxic cultures persist
- Rob’s 4-part personal health mantra: Sleep, Diet, Exercise… and AI
- A call to “Learn AI daily”—for security pros and business leaders alike
- What boards should be doing—and why every board needs a cyber voice
- Rob’s RSA keynote preview: cyber safe harbors and AI velocity imbalance
Guest:
👤 Rob T. Lee – Chief of Research, SANS Institute
🔗 https://www.sans.org/profiles/rob-t-lee/
Host:
🎙️ David Malicoat, The Professional CISO Show
Listen & Subscribe:
🔊 Spotify: The Professional CISO Show on Spotify
🍎 Apple Podcasts: The Professional CISO Show on Apple
📣 Hashtags: #Cybersecurity #TheProfessionalCISO #RSA2025 #RobTLee #SANS #DFIR #AIinSecurity #CyberRisk #CISOLeadership #CTI #CyberSafeHarbor #LearnAIDaily #IncidentResponse #AIThreats #CyberCulture