Catch this episode on YouTube, Apple, Spotify, or Amazon. You can read the show notes here.
It’s mid-February, but somehow, we’ve already been through what feels like a year’s worth of change in the cybersecurity and regulation world. Beyond the standard incidents, outages, and attacks… there have been obvious impacts that have downstream effects. Regardless of regulatory changes, which we’ll cover as those impact our space, AZT brought together a few minds who have thoughts on the year ahead.
To properly kick off season four, we have the privilege of chatting with two wonderful guests:
Lawrence Pingree, VP of Technical Marketing at Dispersive, but you are more likely to know his name from his time at Gartner. However, he has a varied background ranging from CTO to security engineer, so don’t let that marketing line in his title fool you.
Oliver Plante, VP of Support at ThreatLocker, has around 15-20 years of IT under his belt. He also has seen a thing or two when it comes to implementing new cybersecurity strategies
What We Covered
In 2025, these are the elements we see becoming common themes:
Proactive Defense: Shift from detection to automated, preemptive security.
AI Risks & Benefits: AI aids security but also enhances cyber threats.
Zero Trust: Strict access controls are essential.
Quantum Threats: Encryption risks from quantum computing.
Future Security: Passwordless authentication and blockchain for data integrity.
Editor’s Note
This week, Neal and I are off to ThreatLocker’s Zero Trust World (ZTW). We’ll be doing our best to capture episodes, interviews, and other info from the sessions and posting it back here.
From our Sponsor, ThreatLocker
Do zero-day exploits and supply chain attacks keep you up at night? Worry no more, you can harden your security with ThreatLocker. Worldwide, companies like JetBlue trust ThreatLocker to secure their data and keep their business operations flying high.
ThreatLocker takes a deny-by-default approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation is fully supported by their US-based Cyber Hero support team.
Get a free 30-day trial and learn more about how ThreatLocker can help prevent ransomware and ensure compliance. Visit threatlocker.com.
Embracing Preemptive Cyber Defense
Lawrence introduced a compelling argument for shifting the cybersecurity focus from detection and response to preemptive cyber defense. He explained that while detection remains vital, relying solely on it can be a weak point. Instead, there is potential for automated moving target defense and preemptive techniques to predict and prevent cyber threats before they materialize.
The Power and Challenges of AI in Security
There is no doubt an increase in the use of AI and the need to secure it. The multiple flavors typically start around implementing controls to reduce insider risks/threats, such as tossing your proprietary information into an LLM or configuring models not to share information with external audiences.
Both guests underscore the dual-edged sword of AI—its potential to enhance security and its capability to empower attackers. Lawrence shared a study revealing that AI could hack a website with an 80% success rate, emphasizing the urgency for new defense strategies. Neal added that AI has made previously complex tasks accessible, raising both opportunities and concerns within the cybersecurity community.
The Role of Zero Trust and Least Privilege
Oliver underscored the importance of Zero Trust and least privilege in thwarting unauthorized access. By enforcing strict access controls and granting permissions based on necessity, many security breaches could be mitigated. This proactive stance is crucial in a landscape where Zero Trust is no longer a luxury but a necessity.
Quantum Computing: Friend or Foe?
Are we nearing the post-quantum computing stage? If so, what are the potential impacts on cybersecurity? While quantum computing holds the promise of solving complex problems at unprecedented speeds, it also poses challenges, particularly in cryptography. The consensus is that while quantum-safe technologies exist, their true efficacy remains to be tested in real-world scenarios. It’s also likely that as the technology improves, encryption standards will be at risk, as will lower-bit passwords.
Passwordless Environments and Blockchain Applications
The largest tech companies are making it clear that passwords are not the way of the future. Between passkey and other related concepts, we are entering the age of passwordless environments.
As passwords become less secure, the panel suggested a pivot to biometric and alternative authentication methods. Additionally, the use of blockchain technology to ensure data integrity and security in document sharing is explored as a promising development.
Shifting Toward Proactive Efforts
Perhaps it’s a utopia where organizational leaders treat cybersecurity with respect rather than a cost center, and that makes it difficult to do more than treat it like a constant game of whack-a-mole. With how the threat landscape is shaping up, the emphasis on adopting adaptive security policies, such as Zero Trust frameworks, is underscored. As a panel, we agreed that the time for playing catch-up in cybersecurity is over. The focus must shift to preemptive strategies that anticipate and neutralize threats before they arise.
Share this post