How do you secure environments that are constantly changing, distributed, and increasingly difficult to see? Today’s guest is a forward-thinking cybersecurity leader focused on tackling modern visibility and infrastructure challenges. Introducing Clete Taylor, Senior Security Architect at Frost. Clete joins hosts Ernie Anderson and Graeme Payne to explore how evolving environments are reshaping the way organizations approach security.He shares how the shift to cloud and hybrid infrastructure has created blind spots that traditional tools struggle to address. The conversation dives into why visibility is foundational to security, how attackers exploit gaps in awareness, and what organizations must do to adapt. Clete also highlights the importance of proactive strategy, continuous monitoring, and aligning security practices with how modern systems actually operate. Takeaways:• You cannot secure what you cannot see. Modern environments are dynamic and distributed, making visibility the foundation of any effective security strategy. Without clear insight into systems and access, risk increases significantly.• Traditional security models are falling behind. Perimeter-based approaches were built for static environments. Today’s cloud and hybrid infrastructures require adaptive, continuously evolving security strategies.• Complexity creates opportunity for attackers. As systems grow more complex, gaps naturally emerge. Attackers are increasingly targeting these blind spots where monitoring and control are weakest.• Continuous monitoring is no longer optional. Security must operate in real time. Point-in-time assessments are not enough to detect or respond to threats in fast-moving environments.• Alignment between infrastructure and security is critical. Security strategies must reflect how systems are actually built and used. Misalignment creates inefficiencies and increases vulnerability.• Proactive thinking outperforms reactive defense. Organizations that anticipate risks and design for them early are far better positioned than those constantly reacting to incidents.Quote of the Show:“If you don’t have visibility, you’re making decisions in the dark.” - Clete TaylorLinks:LinkedIn: https://www.linkedin.com/in/cletetaylor13/Website: cletustaylor.comBook Link: https://www.amazon.com/dp/B0GG5VL3MQWays to Tune In:Spotify: https://open.spotify.com/show/5LuXXqbK9k9rrVRFsdGzl0 Apple Podcasts: https://podcasts.apple.com/podcast/cyber-smokehouse/id1872442297 Amazon Music: https://music.amazon.com/podcasts/40a6c0da-242f-404b-8bd3-9f4997f19c47 iHeart Radio: https://iheart.com/podcast/319629841/ Podchaser: https://www.podchaser.com/podcasts/cyber-smokehouse-6356550 

How do organizations stay secure when identity, access, and infrastructure are more distributed than ever before? Today’s guest is a seasoned cybersecurity leader focused on modern identity and cloud security challenges. Introducing Joe Mendygral, Senior Director at TBD Cyber. Joe joins hosts Ernie Anderson and Graeme Payne to explore how identity has become the core battleground in cybersecurity. He also delves into how cloud environments, AI, and evolving attack methods are forcing organizations to rethink how they detect and respond to threats.Joe shares practical insights on visibility, detection, and why traditional security approaches are struggling to keep up with modern environments. The conversation highlights the growing importance of understanding user behavior, securing identities, and building adaptive security strategies that evolve alongside threats.Takeaways:• Identity is now the primary attack surface. As organizations move to cloud-first environments, attackers are increasingly targeting identities instead of infrastructure. Securing who has access is now more important than securing where access happens.• Visibility gaps create the biggest risks. Many organizations lack a clear understanding of who has access to what across systems. Without visibility, it becomes nearly impossible to detect or respond to threats effectively.• Detection must evolve beyond traditional methods. Signature-based and perimeter-focused security models are no longer sufficient. Modern environments require behavior-based detection that can identify anomalies in real time.• Cloud complexity increases security challenges. As infrastructure becomes more distributed, security becomes harder to manage. Organizations must adapt their strategies to account for dynamic environments and decentralized access.• AI is changing both offense and defense. AI is enabling faster detection and response, but it is also being used by attackers to scale and automate threats. Security teams must evolve just as quickly to stay ahead.• Security requires continuous adaptation. There is no static solution to cybersecurity. Organizations must continuously refine their strategies, tools, and processes to keep up with an ever-changing threat landscape.Quote of the Show:“If you don’t understand identity and behavior, you don’t understand your risk.” - Joe MendygralLinks:LinkedIn: https://www.linkedin.com/in/joe-mendygral-0846a82/Website: https://www.tbdcyber.comWays to Tune In:Spotify: https://open.spotify.com/show/5LuXXqbK9k9rrVRFsdGzl0 Apple Podcasts: https://podcasts.apple.com/podcast/cyber-smokehouse/id1872442297 Amazon Music: https://music.amazon.com/podcasts/40a6c0da-242f-404b-8bd3-9f4997f19c47 iHeart Radio: https://iheart.com/podcast/319629841/ Podchaser: https://www.podchaser.com/podcasts/cyber-smokehouse-6356550 

How do cybersecurity leaders manage risk, talent, and rapid innovation as AI transforms both threats and defenses? Today’s guest is a seasoned cyber intelligence leader and strategic risk advisor. Introducing Steve Bay, Vice President of Cybersecurity and Chief Information Security Officer at Coretelligent. Steve joins hosts Ernie Anderson and Graeme Payne to share how AI is reshaping the cybersecurity landscape and what leaders must do to stay ahead. He also delves into talent challenges, evolving threat dynamics, and the importance of balancing innovation with governance in a rapidly changing environment.Steve shares insights from his journey into cybersecurity, his experience in intelligence and enterprise security, and his perspective on how organizations can navigate uncertainty while building resilient security programs. Takeaways:AI is the biggest disruptor in cybersecurity today:AI is transforming how both defenders and attackers operate. Organizations must understand how employees are using AI tools and how threat actors are leveraging them to exploit vulnerabilities.Governance of AI is critical but complex:Banning AI is not realistic and can create more risk than it solves. Leaders must focus on thoughtful governance that enables innovation while protecting data and systems.The cybersecurity talent market is evolving rapidly:There is a disconnect between hiring expectations and market reality. Companies want experienced talent at entry-level cost, while skilled professionals still struggle to find the right roles.AI may reshape entry-level career paths:As AI automates more foundational work, organizations must rethink how they develop junior talent and build future cybersecurity leaders.Cost pressure is forcing smarter security strategies:Organizations must balance delivering high-quality security with tight budgets. This requires prioritization, efficiency, and a clear understanding of business risk.Curiosity and adaptability are essential for leaders:Steve highlights that the pace of change requires continuous learning. Leveraging tools like AI for daily awareness can help leaders stay informed without being overwhelmedQuote of the Show:“We need to figure out how to harness AI and maximize it for the good of society, not try to ban it.” - Steve BayLinks:LinkedIn: https://www.linkedin.com/in/steven-bay-8005865/Website: https://www.core.techWays to Tune In:Spotify: https://open.spotify.com/show/5LuXXqbK9k9rrVRFsdGzl0 Apple Podcasts: https://podcasts.apple.com/podcast/cyber-smokehouse/id1872442297 Amazon Music: https://music.amazon.com/podcasts/40a6c0da-242f-404b-8bd3-9f4997f19c47 iHeart Radio: https://iheart.com/podcast/319629841/ Podchaser: https://www.podchaser.com/podcasts/cyber-smokehouse-6356550 

How can cybersecurity leaders translate technical threats into real business decisions without losing executive alignment or strategic clarity? Today’s guest is a thoughtful cybersecurity strategist and business-focused security leader. Introducing Jimmy Lummis, Director and Business Information Security Officer at IHG Hotels & Resorts. Jimmy joins hosts Ernie Anderson and Graeme Payne to discuss how modern security leaders must bridge the gap between technical teams and executive leadership. He also explores the realities of cyber risk quantification, the role of AI in modern threat landscapes, and why translating cybersecurity into business language is essential for effective decision making.TakeawaysCybersecurity is ultimately about managing risk, not eliminating it. Jimmy explains that no organization can achieve perfect security. The real responsibility of leaders is determining what level of risk the business is willing to accept and aligning security investments accordingly.Cyber risk must be translated into business language. Technical discussions about vulnerabilities and controls do not resonate with executives. Effective security leaders frame cyber threats in terms of financial impact, operational disruption, and strategic risk.AI introduces both opportunity and new threat vectors. Organizations are racing to adopt AI, but threat actors are also leveraging these tools. Security leaders must balance innovation with responsible oversight and risk awareness.Traditional cybersecurity problems still matter. While emerging technologies grab headlines, many breaches still occur due to longstanding issues like identity management, patching, and basic security hygiene.Security leaders must act as translators between worlds. Jimmy emphasizes the importance of bridging the gap between engineers and executives. Leaders who can interpret technical realities in business terms help organizations make better strategic decisions.Cyber risk quantification helps prioritize security investments. Quantifying risk allows organizations to make informed tradeoffs about where to allocate resources and which threats pose the greatest potential impact.Quote of the Show:“Cybersecurity is not about eliminating risk. It’s about deciding what level of risk the business is willing to accept” - Jimmy LummisLinks:LinkedIn: https://www.linkedin.com/in/jimmylummis/Website: http://www.ihgplc.comWays to Tune In:Spotify: https://open.spotify.com/show/5LuXXqbK9k9rrVRFsdGzl0 Apple Podcasts: https://podcasts.apple.com/podcast/cyber-smokehouse/id1872442297 Amazon Music: https://music.amazon.com/podcasts/40a6c0da-242f-404b-8bd3-9f4997f19c47 iHeart Radio: https://iheart.com/podcast/319629841/ Podchaser: https://www.podchaser.com/podcasts/cyber-smokehouse-6356550 

In this episode of Cyber Smokehouse, hosts Ernie and Graeme sit down with David Nolan, Principal Advisor at Apex Advisors, to explore how organizations must rethink cybersecurity as digital environments grow more complex and interconnected.David shares why the traditional concept of a network perimeter is rapidly disappearing as organizations adopt cloud platforms, distributed workforces, and connected technologies. As a result, security leaders must move beyond reactive defense and focus on building resilience, visibility, and strategic alignment across the entire digital ecosystem. The conversation explores how cybersecurity must evolve from a purely technical discipline into a business leadership priority, how organizations can anticipate emerging threats, and why security culture plays a critical role in protecting modern systems.Takeaways:Cybersecurity Must Be a Business Priority: Security is no longer confined to the IT department. Organizations that integrate cybersecurity into strategic decision making are better positioned to manage risk and protect critical operations.The Network Perimeter Has Disappeared: With cloud infrastructure, remote work, and third-party integrations becoming the norm, organizations must move beyond perimeter-based security models and focus on identity, access control, and system visibility.Visibility Is the Foundation of Protection: Leaders cannot defend systems they cannot see. Strong monitoring, telemetry, and system awareness allow organizations to detect vulnerabilities and respond faster to emerging threats.Security Culture Starts at the Top: Effective cybersecurity depends on leadership setting expectations around accountability, awareness, and responsible behavior across the organization.Proactive Security Prevents Major Failures: Organizations that prioritize threat modeling, risk assessments, and preventative controls reduce the likelihood and impact of security incidents.Collaboration Strengthens Defense: Cybersecurity today requires coordination between leadership, technology teams, operational stakeholders, and external partners to protect complex digital ecosystems.Quote of the Show:“Security cannot be an afterthought. It has to be built into the way organizations design systems, processes, and culture from the beginning.” - David NolanLinks:LinkedIn: https://www.linkedin.com/in/david-c-nolan/Ways to Tune In:Spotify: https://open.spotify.com/show/5LuXXqbK9k9rrVRFsdGzl0 Apple Podcasts: https://podcasts.apple.com/podcast/cyber-smokehouse/id1872442297 Amazon Music: https://music.amazon.com/podcasts/40a6c0da-242f-404b-8bd3-9f4997f19c47 iHeart Radio: https://iheart.com/podcast/319629841/ Podchaser: https://www.podchaser.com/podcasts/cyber-smokehouse-6356550