Razorwire Cyber Security & InfoSec Insights

Your vendors are adopting AI faster than you can assess them. What does that mean for your third party risk?
Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this Spotlight on Technology episode, I'm joined by Jeffrey Wheatman, Senior Vice President and Cyber Risk Strategist at Black Kite. Jeffrey previously spent over a decade as an analyst VP at Gartner where he launched their third party cyber risk management coverage.
Third party risk management used to be fairly straightforward. If finance was happy and legal had done their redlining, you signed the contract and moved on. That world is gone. Organisations are now dependent on layers of vendors, suppliers and service providers, and the chain goes deeper than most security teams can see. When a logistics company can go from operational to out of business in five months after a ransomware attack, and one incident at Jaguar Land Rover can measurably affect UK GDP, the question isn't whether third party risk matters. It's whether your programme can keep up.
This episode covers how the old model of spreadsheets and questionnaires is giving way to intelligence-led continuous monitoring, why AI has made the problem exponentially harder and how Black Kite is helping organisations cut through the complexity, from mapping supply chain connectivity and scoring ransomware susceptibility to cutting a 500-question vendor questionnaire down to 30.

Three key talking points:
You can't protect what you can't see: Most organisations know who their biggest vendors are. Beyond that, it gets murky fast. This episode gets into why even mature organisations still struggle to see past the first or second layer of their supply chain, why figuring out which vendors actually matter is harder than it sounds and why Jeffrey always tells people to solve their third party problem before worrying about their fourth.
AI just made your third party programme ten times harder: Your vendors are already using AI, whether they've told you or not. The person you're speaking to may not even know, because it could be embedded two or three layers down. Meanwhile the market is flooded with AI solution claims and attackers are using it to move faster than ever. This episode covers the three ways AI is complicating third party risk and why most organisations haven't even begun to get their AI governance right.
From questionnaires to continuous intelligence: The old model of sending out hundreds of questions, hoping for honest answers and filing the results is finished. This episode covers how the industry is moving from periodic assessment to continuous monitoring, why real data beats self-reported questionnaires and how platforms like Black Kite are helping organisations focus on the vendors that actually pose a risk.

If your third party risk programme is still running on spreadsheets and annual reviews, this episode will make you uncomfortable. And it should.

On why most organisations don't know which vendors matter most:
“I always badly paraphrase Animal Farm by George Orwell. All your vendors are equal, but some vendors are more equal than others. And most people don't really know how to figure that out.”
Jeffrey Wheatman
Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
In this episode, we covered the following topics:
When a Vendor Goes Down, You Go Down With Them We discuss why the conversation has shifted from data protection to operational resilience.
The Nth Party Problem Most organisations can't see past the first or second layer of their supply chain. The web of interconnected vendors is far more complex than it looks – we talk about where to start if you haven't solved your third party basics yet.
Concentration Risk and Single Points of Failure Heavy reliance on a handful of major cloud providers creates risks that can't easily be mitigated. We explore what you can realistically do about it.
Three Ways AI Is Complicating Third Party Risk Discover why AI isn't just changing the threat landscape for your own organisation but fundamentally altering how you need to think about every vendor in your supply chain.
Shadow AI in Your Supply Chain Learn why shadow AI in your vendor ecosystem is a growing risk when most organisations' AI governance isn't anywhere near ready to deal with it.
The AI Vendor Bubble Find out why many AI companies are currently selling their services at a loss, and what this means for organisations that have built critical processes around vendors that might not survive when the economics catch up.
Moving Beyond Spreadsheets and Questionnaires Find out why self-reported questionnaires and periodic assessments can't keep up anymore, and what's replacing them.
How Black Kite Approaches Third Party Risk Explore what an intelligence-led approach to third party risk actually looks like in practice and why it's a fundamentally different model to what most organisations are used to.
The Ownership Problem No two organisations agree on who owns third party risk. Find out why this inconsistency creates serious governance gaps and why it matters more than ever as the scope of the problem grows.
Resources Mentioned
Black Kite
Jeffrey Wheatman on LinkedIn
Black Kite's Third Party Risk podcast
K&P Logistics / Knights of the Old (ransomware case study)
Jaguar Land Rover (supply chain breach impact)
DORA (EU banking regulation)
MITRE ATT&CK
OpenFair (cyber risk quantification)
GA3 framework (Black Kite's AI governance add-on)
Threat Tracev (Black Kite's NetFlow-based offering)
RSA Conference
Project Glasswing / Mythos (Anthropic)
OpenAI Daybreak
All rights reserved. © Razorthorn Security LTD 2025

It took 10 minutes and a free online tool to deepfake Jim's voice, with no expertise and no cost involved.
Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, I'm joined again by Alexandra Jorissen from identifAI, alongside Lorenzo Zoffoli, a cybersecurity professional with 12 years of experience. Following the huge response to our first deepfakes episode, which set a bit of a channel record with the number of views, we go further into the technology, the threats and what organisations can actually do about it.
The episode opens with a deepfake of Jim's voice, created by Lorenzo using a free online tool and 5 seconds of audio from our YouTube channel. It took 10 and cost nothing. That sets the tone for a conversation that goes well beyond what was covered in the first episode, into the industrialisation and scalability of deepfake attacks, the personalisation that makes them almost impossible to spot and why visual and audio content can no longer be treated as proof of truth.
From a Dutch bank discovering 46 fraudulent accounts opened by one person using deepfakes, to personalised attacks targeting family members and high net worth individuals, the threat has moved well beyond the boardroom. This episode gets into what organisations can actually do about it, from how detection technology works and where it fits in a security stack, to why verifying identity in digital spaces needs to become as normal as challenging someone without a badge in a physical office.
Three key talking points:
The industrialisation of deepfake attacks: Creating a convincing deepfake used to take time, expertise and significant effort. That barrier has almost disappeared. Attacks can now be generated, refined and reused across hundreds of targets at speed and at almost no cost, using nothing more than publicly available social media content and free online tools.
It's not just organisations at risk anymore: The first episode focused on corporate threats like fake board meetings and expense fraud. This one goes further into the personal risk, from deepfaked voice messages impersonating family members to compromising images generated from a single photograph. The technology doesn't care whether the target is a CISO or someone's mum.
Why detection is now part of defence in depth: Deepfake detection needs to sit alongside email security, EDR and the rest of the standard security stack. This episode gets into how detection works at a pixel and byte level, why results are probabilistic rather than binary and what happens if smaller organisations are priced out of access.

If you caught the first episode, this one goes further. If you didn't, take a look! Either way, deepfakes aren't just on their way. They're already here.

On why the real problem is what we're not catching:
“We need to put doubt in any digital media we handle and get used to trying to verify if content coming from unknown sources can be manipulated or completely generated by AI tools.”
Lorenzo Zoffoli
Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
In this episode, we covered the following topics:
The Industrialisation of Deepfake Attacks Understand why deepfake attacks are no longer handcrafted for single targets but can be generated, refined and deployed at scale across hundreds of victims simultaneously.
46 Fake Bank Accounts at a Major Dutch Bank How one person used deepfakes to open 46 fraudulent accounts at ABN AMRO and why it was only caught because of a fluke.
Personalised Social Engineering at Scale Discover how AI-driven attacks are now tailored to individual targets using publicly available data, making phishing attempts feel familiar, urgent and highly credible.
The Personal Risk: Family, VIPs and Romance Scams Explore the extent to which deepfake threats extend beyond corporate targets, from cloned voice messages impersonating family members to compromising images generated from a single photograph.
Why Seeing Is No Longer Believing Find out why visual and audio content can no longer be treated as proof of truth and why human senses alone are no longer enough to detect manipulation.
How Deepfake Detection Actually Works We discuss how detection tools analyse images and video, why results are expressed as probabilities rather than certainties and why organisations need to determine their own thresholds for action.
Liveness Checks Are Already Being Bypassed Find out why the "turn your head left, turn your head right" verification that banks and identity platforms rely on is already being beaten by newer deepfake models.
Normalising Verification in Digital Spaces Explore why challenging a suspicious video call or email needs to become as normal as stopping someone without a badge in a physical office.
Deepfake Detection as Part of Defence in Depth Understand why deepfake detection now needs to sit alongside email security, EDR and the rest of the standard security stack.

Resources Mentioned
identifAI
ABN AMRO deepfake bank account fraud
Mobile World Congress Barcelona
Nanobanana (image generation tool referenced for realism)
Will Smith spaghetti meme (referenced for AI quality progression)
Google badge policy (referenced by Alex as example of normalised verification)

Connect with your host James Rees
Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.
Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.
With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.
For more information about us or if you have any questions you would like us to discuss email [email protected].
If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.
LinkedIn: Razorthorn Security
YouTube: Razorthorn Security
TikTok: Razorwire Podcast
Instagram: Razorwire Podcast
Twitter: @RazorThornLTD
Website: www.razorthorn.com
All rights reserved. © Razorthorn Security LTD 2025

Why do so many vendors still get it wrong when selling to security leaders?
Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, I'm joined by Marius Poskus, CISO at a fintech organisation and host of the Cyber Diaries podcast, and Simon Woods, co-founder of One Compliance and a salesperson who's been working in cybersecurity sales for over 15 years.
If you're a CISO, you already know how this goes. The same regurgitated emails, the "just 30 seconds of your time" cold calls, the pitches that lead with product features instead of understanding what problem you're actually trying to solve. It's one of the most complained about topics on LinkedIn and in this episode we sit down with a CISO who gets sold to every day and also someone who does the selling to talk about why so much of it is broken.
The conversation covers why persistence without research is just spam, why the best vendor relationships take years to build, why AI-generated outreach is making things worse and what salespeople actually need to do differently if they want to get through the door. Whether you're on the receiving end of the hundredth cold approach this week or you're a vendor trying to work out why nobody's responding, there's something in this for both sides.

Three key talking points:
Why most sales approaches fail before they even start: Sales in cybersecurity has a low barrier to entry, and it shows. We talk why the industry seems to have settled into a cycle of lazy, templated outreach that treats every CISO the same. We cover why this isn't just annoying for the people on the receiving end but how it actively damages the reputation of vendors who might genuinely have something useful to offer.
Relationships over transactions: The best vendor relationships in cybersecurity don't start with a sale. They start with genuine engagement, understanding someone's challenges and being useful before there's any commercial benefit. This episode makes the case that the salespeople who build real connections, who act as a first port of call rather than a product pusher, are the ones who eventually get through the door.
What good actually looks like: So what does getting it right look like? We break down the practical habits and mindset shifts that separate the salespeople who get responses from the ones who get blocked, and why the answer has far less to do with product knowledge than most people think.

If you've ever wanted to tell a salesperson exactly where they're going wrong, this episode does it for you. And if you're the salesperson, consider this a free masterclass.

On what every salesperson should think about before hitting send:
“Salespeople are not trying to understand the problems that CISOs face. It's all about selling features and product instead of understanding where the pain points are."
Marius Poskus
Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
In this episode, we covered the following topics:
Why Your Inbox Is Full of Rubbish Find out why so many vendor approaches are lazy, untargeted and AI-generated, and why the low barrier to entry in cybersecurity sales means it's unlikely to improve any time soon.
What Makes a Vendor Worth Your Time Discover the signs that a vendor has actually done their homework, understands your challenges and is worth a conversation, versus the ones who are just working through a list.
How to Spot a Vendor Who's Out of Their Depth Learn the warning signs that someone is bluffing through a technical conversation rather than being honest about what they know and don't know, and why that should affect your procurement decisions.
What You Can Tell From a Single Email Understand why the first approach from a vendor tells you almost everything you need to know about whether they're worth engaging with, and what the red flags look like.
Why Vendors Keep Getting It Wrong Find out why so much sales outreach in cybersecurity follows the same broken playbook, and why understanding the mechanics behind it helps you filter faster.
It's Not Just Vendors Explore why recruiters, lead generation companies and adjacent industries are all guilty of the same lazy outreach, and why CISOs are getting hit from every direction, not just product sales.
When a Vendor Relationship Actually Pays Off Find out what a genuinely useful vendor relationship looks like from the buying side and how to recognise when someone is investing in you rather than just your budget.
Managing the Noise So You Don't Miss What Matters Understand why the sheer volume of bad outreach creates a real risk of filtering out the vendors who could genuinely help, and how to build a process that catches the good ones without drowning in the rest.

Resources Mentioned
Never Split the Difference by Chris Voss
One Compliance
RMI Cyber
Cyber Diaries podcast
CTRL+ALT+DEFEND
Connect with your host James Rees
Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.
Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.
With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.
For more information about us or if you have any questions you would like us to discuss email [email protected].
If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.
LinkedIn: Razorthorn Security
YouTube: Razorthorn Security
TikTok: Razorwire Podcast
Instagram: Razorwire Podcast
Twitter: @RazorThornLTD
Website: www.razorthorn.com
All rights reserved. © Razorthorn Security LTD 2025

What happens when an AI model can find more vulnerabilities in a day than a red team could find in a year?
Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, I'm joined by Martin Voelk, penetration tester and AI red teamer, and Jonathan Care, lead analyst at KuppingerCole covering AI and cybersecurity.
Anthropic recently announced Mythos, a security-focused AI model reportedly capable of discovering vulnerabilities that have gone undetected for decades, including a 27-year-old bug in OpenBSD. But how much of this is genuine breakthrough and how much is marketing? This episode cuts through the hype and asks what Mythos actually means for the cybersecurity industry, from the arms race it signals between AI model providers to the competitive implications of restricting access to a small group of US-based companies.
The conversation goes well beyond Mythos itself, into the reality that AI-powered hacking at scale is already happening, that existing models have already been used to compromise government infrastructure, and that open source and non-Western alternatives are freely available to anyone who wants them. With 80% of code now being vibe coded with minimal security checks, jailbreaking tools available on the open web and CISOs unable to keep pace with the speed of adoption, the question isn't whether AI will change cybersecurity. It's whether the industry can adapt fast enough to survive what's already here.
Three key talking points:
The Mythos hype vs the reality of AI-powered hacking: Anthropic's announcement made headlines, but the capability to find and exploit vulnerabilities at scale already exists in models available to anyone. This episode asks whether Mythos is really the breakthrough it's been presented as, or whether the industry should be more concerned about what's already out there, including a recent attack on the Mexican government carried out entirely using standard AI models.
The competitive and geopolitical implications of restricted AI models: Mythos has been restricted to a small group of US-based companies, giving at least one major EDR vendor a significant edge over every competitor. But by announcing the capability publicly, Anthropic has effectively told the rest of the world it's possible to build. With Chinese, Russian and open source models already filling the gap, the question is whether restricting access to Western models actually contains anything at all.
Why security practitioners can't keep up and what comes next: The pace of AI development has outstripped the ability of security teams to keep up. Even full-time practitioners can't stay on top of the daily volume of new models, new vulnerabilities and new attack techniques. If the people doing this for a living are struggling, what chance does an SMB with a part-time security person have? And where does it end? Possibly with offensive and defensive AI agents fighting it out at scale, with humans increasingly on the sidelines.

Whether Mythos lives up to the hype or not, the arms race it signals is already underway. If you want to understand what that means for cybersecurity, this is the conversation to listen to.

On the implications of restricting AI security models:
“Anthropic may be doing this, but for those of us who are not lucky enough to be Anthropic's friend, other countries, other organisations are not so circumspect.”
Jonathan Care
Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
In this episode, we covered the following topics:
Anthropic's Mythos Announcement Find out what Anthropic is claiming about Mythos, why it reportedly found a 27-year-old vulnerability in OpenBSD and why not everyone is convinced it's the breakthrough the headlines suggest.
AI-Powered Vulnerability Discovery at Scale Understand why the ability to find and exploit vulnerabilities at machine speed already exists and why Mythos may be less of a leap forward than it first appears.
The Mexican Government Hack Hear how standard, publicly available AI models were used to compromise multiple government entities and exfiltrate massive amounts of sensitive data over a matter of weeks, without any zero days involved.
Restricted Access and Competitive Advantage Explore why limiting Mythos to a handful of US-based companies raises questions about competitive fairness and what it means when one EDR vendor gets capabilities that nobody else has access to.
The Open Source and Non-Western Model Landscape Discover why restricting Western models may not contain much at all, with Chinese, Russian and uncensored open source alternatives already being used by security researchers and attackers worldwide.
Vibe Coding and Unchecked AI-Generated Code Find out why an estimated 80% of code is now vibe coded, why most of it isn't being properly tested and what that means for the attack surface organisations are unknowingly building.
Jailbreaking and Uncensored Models Learn why tools that can jailbreak frontier models on the fly are freely available on the open web and what that tells us about the limits of trying to restrict AI capability.
The CISO's Impossible Position Understand why CISOs are caught between an industry that's moving faster than they can govern and organisations that want to adopt AI regardless of whether the security is ready.
Keeping Up With the Pace of Change Explore why even full-time security practitioners are struggling to stay on top of the daily volume of new developments and what that means for organisations with fewer resources.
The Future: Agent vs Agent Hear why the near future of cybersecurity may look less like humans defending networks and more like offensive and defensive AI agents battling it out at scale, with practitioners increasingly in a supervisory role.

Resources Mentioned
Anthropic – Mythos/Project Glasswing
Mexican Government Cyberattack
GodMode AI / Pliny the Prompter (jailbreaking harness)
Hugging Face (uncensored models)
OpenClaw
DeepSeek (Chinese AI model)
KuppingerCole
SpartanX Technologies / SpartanX AI
Connect with your host James Rees
Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.
Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.
With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.
For more information about us or if you have any questions you would like us to discuss email [email protected].
If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.
LinkedIn: Razorthorn Security
YouTube: Razorthorn Security
TikTok: Razorwire Podcast
Instagram: Razorwire Podcast
Twitter: @RazorThornLTD
Website: www.razorthorn.com
All rights reserved. © Razorthorn Security

What happens when your organisation adopts AI faster than your security strategy can keep up?
Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim, and in this episode, I'm joined by Martin Voelk, penetration tester and AI red teamer, and Jonathan Care, lead analyst covering the intersection of AI, cybersecurity and identity.
We started out planning to talk about the rise of CTEM (Continuous Threat Exposure Management) and why traditional pentesting and vulnerability scanning can't keep up anymore. But the conversation quickly went further than that, into the real security risks of AI agents, prompt injection, vibe coding and the speed at which organisations are adopting AI without thinking about what happens when it goes wrong.
Martin shares examples from his red teaming work of how AI agents can be tricked into exfiltrating data and executing malicious code, Jonathan makes the case for why identity needs to become a first class attack surface in any CTEM programme; and all three of us end up genuinely concerned about what happens when CISOs are expected to govern technology that's moving faster than anyone can keep up with. This one ended up not going quite as planned, and it's all the better for it.
Three key talking points:
Why traditional security testing can't keep up with AI and agent-driven attacks: Annual pentests and periodic vulnerability scans were built for a world where things changed slowly. Martin and Jonathan explain why that model is no longer suitable when new AI vulnerabilities are emerging daily, most of them without a CVE number attached, and why CTEM as a continuous programme rather than a one-off exercise is becoming essential.
How prompt injection and invisible exploits are rewriting the rules of risk: Martin shares examples from his red teaming work where AI agents were tricked into exfiltrating data through a fake spellchecker and downloading malicious code disguised as a support tool. He and Jonathan discuss why prompt injections are so difficult to defend against, how they can be hidden in emails, PDFs, code and even voice, and why traditional security tools don't detect them.
What CISOs and tech leaders must face as responsibility and risk escalate: Organisations are adopting AI faster than security teams can govern it, and CISOs are caught between being seen as obstructionist if they slow things down or negligent if they let things through. Jonathan and Martin get into the legal grey areas around who's responsible when an AI agent causes harm and why the lack of clear legislation makes this even harder to navigate.

If your organisation is adopting AI and your security model hasn't changed to match, this is a conversation worth listening to.

On why traditional security testing no longer works:
“You have new releases and new technology popping up almost on a daily basis. And you have vulnerabilities popping up on a daily basis as well. The traditional model we have in place with regular penetration testing, once every three months, once every year, that doesn't cut it anymore.”
Martin Voelk
Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
In this episode, we covered the following topics:
The Acceleration of AI Adoption Find out why organisations are pushing AI adoption at a pace that's leaving security teams behind and why the pressure from upper management to automate is creating serious blind spots.
Continuous Threat Exposure Management (CTEM) Evolution Learn why CTEM is a programme not a product, how it differs from traditional vulnerability management and why it focuses on what an attacker can actually exploit right now rather than theoretical CVE scores.
Limitations of Traditional Security Testing Understand why annual pentests and periodic vulnerability scans were built for a different era and why they can't keep up with a landscape where new AI vulnerabilities emerge daily.
The Changing Nature of Exploits Discover why many of the attacks hitting AI systems don't have a CVE associated with them at all, and why the traditional model of scoring and prioritising vulnerabilities is falling short.
Prompt Injection Risks Learn how prompt injections work, why they can be embedded in almost anything from emails and PDFs to code comments and voice, and why they're so difficult to defend against compared to traditional injection attacks.
Agentic AI and Chained Attacks Find out why compromising a single AI agent in an orchestrated system can have a knock-on effect across the entire ecosystem, and why the blast radius is far greater than with traditional vulnerabilities.
Visibility and Explainability Understand why maintaining oversight of AI systems matters, why security teams risk rubber-stamping AI-driven decisions they don't fully understand and why explainability is becoming a critical requirement.
Supply Chain and Third-Party AI Concerns Explore how the use of open source models, third-party AI agents and tools like OpenClaw is exposing organisations to indirect vulnerabilities they may not even know about.
Identity as the New Attack Surface Learn why misconfigured identities, over-privileged service accounts and weak authentication between AI agents are becoming primary targets, and why CTEM programmes need to treat identity as a first class concern.
Regulatory and Legal Accountability Find out why jurisdictions are still divided on who's responsible when an AI agent causes harm, from the Air Canada chatbot ruling to the question of what accountability looks like when AI is making autonomous decisions.

Resources Mentioned
Gartner
OpenClaw
PCI DSS
Tenable
Nessus
Anthropic
Claude
Claude Secure Code
Groq
Air Canada - AI Lawsuit
Engineering Council of Great Britain
11 Labs
Voicebox
SpartanX Technologies
SpartanX AI
Mexican Government Cyberattack
Connect with your host James Rees
Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.
Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.
With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.
For more information about us or if you have any questions you would like us to discuss email [email protected].
If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.
LinkedIn: Razorthorn Security
YouTube:

• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8
• 9
• 10
• 11
• 12
• 13
• 14
• 15
• 16
• 17
• 18
• 19
• 20