On the 27th episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal AI, talk with Gareth Packham, Chief Information Security Officer at Save the Children International. Save the Children is one of the world's largest nonprofit organizations focused on protecting the rights and well-being of children. Operating in over 100 countries, it delivers healthcare, education, and emergency response programs—often in high-risk, conflict-affected areas. In this conversation, Gareth shares insights on the life-or-death stakes of cybersecurity in humanitarian work, the rising danger of AI-powered impersonation and fraud, and why driving behavioral change—not just awareness—is the next frontier in protecting global organizations.

Quick hits from Gareth:

On the real-world consequences of cybersecurity failures at Save the Children: “Without sounding glib or flippant—it really isn't. It can be a matter of life and death. We have information on children and families… in the wrong hands, that could put them at risk of physical harm.”

On the threat of AI-generated impersonation: “A few years ago, we were seeing business email compromise attempts asking to approve invoices. Now, it’s shifted to things like deepfake video. When someone says, ‘Let’s jump on a call,’ and you see a video of someone that looks and sounds like your CEO, you really need to challenge that.”

On the limits of awareness training: “The challenge with a lot of awareness programs is that they’re static. People might remember the right answer on a quiz, but it doesn't mean they’ll act the right way under pressure. We need to stop checking boxes and start measuring actual behavior change.”

Book Recommendation: Flow by Mihaly Csikszentmihalyi

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 26th episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Kirsten Davies, former Chief Information Security Officer at The Estée Lauder Companies and Unilever and founder of The Institute for Cyber. Kirsten's storied career has given her a front-row seat to understanding the complexities of securing global organizations. In this conversation, Kirsten shares insights on the scale of enterprise cyber operations, the hidden challenges of AI-powered security innovation, and how human risk is still the biggest concern in the age of AI.

Quick hits from Kirsten:

On how AI is redefining attacker capabilities: “The sophistication of whaling, spear phishing—AI is being used very smartly, and it’s bypassing a lot of those traditional filters that we had back in the day. Now it feels like all of the email-based attacks are super sophisticated, very targeted, and they have really major repercussions on the back end.”

On the need to rethink digital identity defense: “Think of how many service accounts there are now. They exploded in numbers—larger than people. The number of service and machine identities we have is astronomical… This is where the opportunity is on the defense side, where you don’t even have people involved anymore.”

On why people are still the frontline: “It still goes back to relationships with people… good old-fashioned communication capability… It's still about building awareness. The human element of risk—that will never go away. That’s one of the reasons I started The Institute—so everyday citizens can have safer experiences while they traverse the digital universe.”

Book Recommendation: Imagine Heaven by John Burke

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 25th episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Joshua Brown, former Vice President and Chief Information Security Officer at H&R Block. H&R Block is one of the largest tax preparation companies in the United States, with tens of millions of customers relying on its services each year. Managing security for a global tax enterprise requires defending against large-scale fraud, identity theft, and AI-powered social engineering attacks—all while ensuring compliance with strict regulatory requirements. In this conversation, Joshua discusses how AI is accelerating cyber attacks, the challenges of using AI for fraud detection in financial services, and the impact of automation on the next generation of cybersecurity teams.

Quick hits from Joshua:

On the state of fraud in financial services and how AI can help: “If you're talking about a normal year, you might see a thousand potentially fraudulent returns, and then suddenly it jumps up to a million or more. You don’t have enough analysts to look through that. It’s not possible. You have to do something with machine learning or AI to be able to narrow that down and help make faster decisions.”

On balancing the need for efficiency and the need for future talent in cybersecurity: “I think businesses are so hungry for efficiency that they risk gutting their talent pipelines. If we’re not careful, we’re going to end up with a senior workforce and no way to develop new security talent.”

On leadership strategy in security: “How you motivate a team is by connecting them with the why of what they’re doing and letting them figure out the how. That’s why you hire people smarter than you, right? It’s not so that everybody does things the way you do it.”

Book Recommendation: Right Kind of Wrong by Amy Edmondson

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 24th episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Michael Baker, Vice President and Chief Information Security Officer at DXC Technology. DXC is a global IT services leader, providing infrastructure, consulting, and cybersecurity solutions for nearly half of the Fortune 500. With 125,000 employees operating across 70 countries, DXC delivers a vast portfolio of managed services. Securing both its own infrastructure and customer environments, DXC must defend against a rapidly evolving threat landscape while ensuring seamless global operations. In this conversation, Michael discusses how DXC manages its massive attack surface, the role of AI in automating SOCs, threat hunting & vulnerability management, and the future of AI-enhanced cybersecurity.

Quick hits from Michael:

On the rise of multimodal cyberattacks and AI-driven threats: “AI is just making [cyberattacks] harder and harder to spot. It’s not just email—it’s multimodal. We’re seeing it through WhatsApp, text, and email, all coming at once.”

On how AI is lowering the barrier to entry for malware creation: “We’re seeing the democratization of malware development. AI has enabled coders everywhere. We can basically have citizen development of malware.”

On the trending use of AI agents and automation in cybersecurity: “2025 is really the year we’re going to see AI agents start working across different functions, not just siloed within organizational components.”

Book Recommendation: The Speed of Trust by Stephen M. R. Covey

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at www.enterprisesoftware.blog.

Enterprise AI Defenders is produced by Josh Meer.

On the 23rd episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Matt Modica, Vice President and Chief Information Security Officer at BJC HealthCare. BJC HealthCare is one of the largest non-profit healthcare organizations in the United States, operating 14 hospitals across Missouri and Illinois. BJC has over 30,000 employees and over 4,200 doctors across its network. In this conversation, Matt discusses the unique challenges of securing patient privacy in a digital world, new opportunities and risks in healthcare with recent AI advancements, and aligning security practices with an AI-enabled future.

Quick hits from Matt:

On the increasing effectiveness of AI powered attacks: “Voice technology and mimicking a person got very good. Pretending to be somebody else and trying to get credential access or compromise credentials, it's not just executives anymore. It's anybody with a credential. So the credential is valuable and they're being sold. It's just a matter of how criminals can best get the ID and password to be able to sell.”

On critical areas where AI allows us to focus more attention: “We have time to do the things we've always talked about wanting to do. We've talked about wanting to do more threat hunting, about wanting to do more risk quantification. We've always talked about wanting to do a better job and be more proactive in shifting security left in our, in our agile environment, our workflows and things. So we have some time to do that now because we're making some of those things either automated or more efficient.”

On the maintained need for humans in the loop with enterprise AI: “ When you're running a large enterprise, uptime is of utmost importance. If I change a firewall rule that blocks something legitimate, I'm going to hear about that. If that was done because it was a low security risk, but the automation decided to do that, then there’s a lot of ramifications there. I don't know if we'll ever get to a hundred percent full automation. I think we're always going to have to have someone validating accuracy. And the models and making sure that our risk tolerance as an organization is taken into consideration as we instrument those things or allow those things to take action on our behalf.”

Book Recommendation: The One Minute Manager by Ken Blanchard and Spencer Johnson

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 22nd episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Joe Silva, former Chief Information Security Officer at Jones Lang LaSalle. JLL is a commercial real estate company operating in 84 countries worldwide. The company has over 100,000 employees, $20 billion dollars in annual revenue, and ranks #193 on the Fortune 500. Managing billions of square feet of property worldwide, JLL delivers a full suite of services, including — property management, leasing, capital markets, and real estate technology solutions. In this conversation, Joe dives into the realities versus the hype of AI in cybersecurity, AI’s role in shifting the balance between human judgment and automated systems, and AI’s potential to solve long-standing defender blind spots.

Quick hits from Joe:
On the new attack surface presented by AI: “If I look at how corporate functions at large enterprises, HR, finance, they were using RPAs (robotic process automations) to automate so much of this work, and now you look at AI agents as essentially hyper aware RPAs. It's a natural evolution. RPAs, which themselves created a massive attack surface and now we just start moving all of that to AI because we're completely taking the human out of the loop.”

On the increasing negative impact of AI cyberthreats: “Criminals can leverage AI to create highly bespoke and tailored fraud to individuals whose identities they can stitch together across multiple data sets. Organizations will start feeling the impact of AI abetting criminal activity, and that will raise the consequences.”

On areas that AI is moving the needle: “Gen AI is making it a lot easier for providers to make more information accessible and provide more context in tools…Where we see Gen AI being helpful is the ability to train machine learning models, and actually get more utility out of machine learning. We've been hearing ML and AI for the last 10 years as buzzwords associated with products and the utility of ML has improved due to AI.”

Book Recommendation: Five Years to Freedom by James N. Rowe

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 21st episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Tony Taylor, Chief Information Security Officer at Land O'Lakes. Land O'Lakes is an American member-owned agricultural cooperative. The co-op has 9,000 employees who process and distribute products for about 300,000 agricultural producers. Land O Lakes handles 12 billion pounds of milk annually and is one of the largest producers of butter and cheese in the United States. In this conversation, Tony shares his thoughts on AI transforming the cyber threat landscape, the paradox of AI empowering defenders while enabling attackers, and strategies for cyber defense in an AI-driven world.

Quick hits from Tony:

On the oversaturation of AI as a marketing term: “You can’t talk to a vendor today where they don’t talk about their AI. Everybody’s got an AI engine. For me as a consumer of that technology, I go, well, show me how that AI works.”

On how AI can help address the talent shortage in cybersecurity: “We need to be able to bring in less mature or less experienced people and let them build that experience because the workforce isn’t there. I can’t go hire senior engineers all over the place because they’re not available.”

On AI elevating the nature of work in cybersecurity: “AI will reduce workload, and I think it’s going to reduce the workload that nobody wants to do anyway...It’s going to allow people to work at a higher level.”

Podcast Recommendation: SANS Stormcast by Johannes B. Ullrich

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.

On the 20th episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Gene Sun, Vice President and Chief Information Security Officer at FedEx. FedEx is a multinational courier delivery services company with over $90 billion in annual revenue and more than 500,000 employees globally. With billions of packages delivered every year, using the world’s largest cargo fleet, FedEx uses sophisticated technology to provide a unique delivery service to customers across the globe. In this conversation, Gene discusses industry shifts from isolated point solutions to powerful, AI-driven platform strategies, AI as a growing tool for attackers and defenders, and predictions for the future of AI-powered cyber defense.

Quick hits from Gene:

On the evolving workforce adapting to AI integration: “There is some kind of fear in society that AI will replace all the human beings doing the work. I have this saying, AI will not replace your job. People who know how to use AI will replace your job.”

On consolidation and innovation in AI-driven cybersecurity: “There’s only so many players who can afford to stay in the AI race. I think only a couple of large cyber security platforms will survive and they will provide the fundamental platform for any additional innovation that will be created for security related AI models.”

On AI lowering barriers for fraud: “Cybercriminals are using AI to generate counterfeit FedEx shipping labels. Previously, to create a counterfeit FedEx shipping label you needed to have programming skills to decode our tracking numbers to be able to generate readable barcodes. Now, AI has removed those technology requirements and criminals are increasing their velocity to perpetrate those crimes.”

Recent Book Recommendation: Guns, Germs, and Steel by Jared Diamond

--

Like what you hear? Leave us a review and subscribe to the show on Apple, Google, Spotify, Stitcher, or wherever you listen to podcasts.

Enterprise AI Defenders is a show where top security executives share how moves to the cloud have created an evolved threat landscape that requires new tools to protect against cybercrime. Find more great lessons from tech leaders and enterprise software experts at https://www.enterprisesoftware.blog/

Enterprise AI Defenders is produced by Josh Meer.