Catch this episode on YouTube, Apple, Spotify, or Amazon. You can read the show notes here.
As organizations push return-to-office (RTO) mandates and chase efficiency, many security teams are quietly accumulating debt they don’t know how to unwind.
In this episode, we are joined by Lea Cure Thorpe and Kayne McGladrey to unpack the less-discussed consequences of recent security decisions: RTO exposure, endpoint blind spots, tooling overload, analyst burnout, and the slow erosion of junior talent (thanks AI).
Rather than going too crazy on hot takes and obvious trends, we focus in on operational reality, business risk, and what security leaders need to confront before these issues compound further.
Where to Skim
02:00 – 06:30 | Is the perimeter really dead?
Challenging the perimeter is gone narrative and why AI hasn’t created new problems, just reprioritized old ones.06:30 – 12:30 | RTO fallout and the return of local network risk
How return-to-office mandates exposed neglected infrastructure, VPN risk, and why edge devices are back in attackers’ sights.12:30 – 18:30 | Endpoint sprawl, dirty devices, and SOC fatigue
The reality of unmanaged laptops, log overload, EDR/XDR fatigue, and why more telemetry isn’t the same as better security.18:30 – 26:00 | Cloud tooling, visibility gaps, and false assurances
Why SOC 2 reports don’t equal real visibility, the limits of cloud logging, and the growing disconnect between control and insight.26:00 – 33:30 | AI adoption: risk appetite vs. reality
Blocking vs. observing AI use, data leakage concerns, contractual controls, and why AI security is often just relabeled AppSec.33:30 – 41:00 | Identity, agentic AI, and trust amplification risk
New trust relationships, decision delegation, and why detecting misuse becomes harder.41:00 – 50:30 | Workforce erosion and the efficiency trap
Junior analyst displacement, automation myths, and why eliminating entry-level roles creates long-term security debt.50:30 – 58:30 | The business math CISOs can’t avoid
Efficiency vs. productivity, cost centers vs. value creation, and how security leaders need to frame impact in financial terms.58:30 – 1:05:00 | Career development, communication, and relevance
Why business context matters for analysts, how to avoid irrelevance, and the role of security leaders as translators.
Security debt didn’t disappear
Much of what security teams are struggling with today isn’t new. The rapid shift to remote work, followed by equally some-what rapid return-to-office mandates, forced organizations to make short-term tradeoffs that were never fully unwound. Local network defenses were deprioritized, endpoints became personal devices by default, and VPNs were treated as a sufficient control layer long after that assumption stopped holding.
In many cases this has led to unresolved decisions that now compound each other.
More tools haven’t translated into more clarity
Across endpoints, cloud services, and identity platforms, teams are drowning in telemetry while still lacking confidence in what actually matters. Logging gaps, limited visibility into SaaS platforms, and vendor assurances that replace real monitoring have created an environment where alert volume increases but understanding does not.
Tooling fatigue isn’t about having too many products so much as it’s about losing the thread between signal, context, and action.
Efficiency pressure is reshaping security teams in the wrong direction
As organizations push for efficiency gains, security teams are increasingly evaluated as cost centers rather than risk mitigators. Automation and AI are frequently positioned as ways to eliminate low-level work, but removing junior roles breaks the pipeline that produces senior expertise. And in a world where cybersecurity will never really be entry level, we are creating a scenario for our future selfs.
Short-term efficiency gains may look attractive on a spreadsheet, but they introduce long-term operational and workforce risk that is harder to reverse.
