Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data?

Justin Hazard, Principal Security Architect at AutoRABIT, joins Business Security Weekly to discuss the security challenges of Salesforce. Justin will discuss how proactive oversight and a strong security posture in Salesforce requires additional capabilities, including:

• Continuous monitoring of your Salesforce environment,
• Strict access controls of Salesforce users, and
• Automated backup of sensitive data.

Think your data in Salesforce is safe and secure, think again.

This segment is sponsored by AutoRABIT. Visit https://securityweekly.com/autorabit to learn more about them!

In the leadership and communications segment, Boards Have a Digital Duty of Care, The CISO's greatest risk? Department leaders quitting, The 15 Habits of Highly Empathetic People, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-425

While many businesses rely on Microsoft 365, Salesforce and Google Workspace security features, critical blind spots remain—the recent series of high profile SaaS breaches demonstrate this. So what should you do?

Mike Puglia, General Manager of Kaseya Labs, joins Business Security Weekly to discuss the risks in SaaS applications. In this segment, Mike will explore how bad actors are focusing their attacks on SaaS applications, hijacking tokens and how misconfigured integrations are used to bypass traditional defenses. Mike will also discuss how IT leaders can rethink protecting their essential SaaS business applications with tools that go beyond endpoint and MFA strategies to secure the modern user.

This segment is sponsored by Kaseya 365 User. Visit https://securityweekly.com/k365 to learn more about them!

In the leadership and communications segment, The rise of the chief trust officer: Where does the CISO fit?, When Another Company's Crisis Hurts Your Reputation, Effective Workplace Communication Tips, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-424

The Security Weekly 25 index is back near all time highs as the NASDAQ hits another record high. Funding and acquisitions have shifted to AI as the security industry continues to evolve. We also had a new IPO, Netskope. They will replace CyberArk once the Palo Alto Networks acquisition closes, allowing the index to survive another public company acquisition.

In the leadership and communications segment, Boards Seeking AI Specialists, A CISO's Guide to Navigating the Urgent AI Security Storm, How to Write AI Prompts That Get Results (& Don't Suck), and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-423

It's a topic we discuss often on Business Security Weekly: CISO Burnout. It's real, but how should you manage it?

Dr. Yonesy Núñez, Global Cybersecurity Executive at Chain Bridge Bank and former Managing Director, Chief Cybersecurity Risk Officer, and Chief Information Security Officer at The Depository Trust & Clearing Corporation (DTCC), joins Business Security Weekly to share his personal insights. An advocate of CISO Health and Wellness, Yonesy will discuss how we can "Optimize the Operator" by creating harmony with mind and spirit.

Segment Resources: https://councils.forbes.com/profile/Yonesy-Nunez-Global-Cybersecurity-Executive-Chain-Bridge-Bank/e79e72a5-4b18-48b1-b5ab-8a0afd47d782

In the leadership and communications segment, CISOs are cracking under pressure, How BISOs enable CISOs to scale security across the business, Great Leaders Empower Strategic Decision-Making Across the Organization, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-422

As AI revolutionizes how we work, it has created a new attack surface with new technologies. One of those new technologies is Model Context Protocol (MCP). MCP has emerged as the standard for connecting AI to external tools, but its flexibility has created security challenges. How do we secure MCP?

Rahul Parwani, Head of Product, Security Solutions at Airia, joins Business Security Weekly to discuss the challenges of MCP and how to secure this new protocol. Rahul will cover how Aria's solutions help you secure your AI development by:

• Centralizing Access Control
• Enforcing Security Policies
• Maintaining Compliance
• Enabling Rapid Response

This segment is sponsored by Airia. Visit https://securityweekly.com/airia to learn more about them!

In the leadership and communications segment, CISO Burnout – Epidemic, Endemic, or Simply Inevitable?, If Trust Is So Important, Why Aren't We Measuring It?, Over one-third of companies plan to replace entry roles with AI, survey says, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-421

What's the biggest attack vector for breaches besides all of the human related ones (i.e., social engineering, phishing, compromised credentials, etc.)? You might think vulnerabilities, but it's actually misconfiguration. The top breach attack vectors are stolen or compromised credentials, phishing, and misconfigurations, which often work together. So why is it so hard to properly configure your systems?

Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss Defense Against Configurations and how ThreatLocker can automatically identify misconfigurations and map them to your environment's compliance and security requirements. Rob will discuss how ThreatLocker Defense Against Configurations dashboard can:

• Identify misconfigurations before they become exploited vulnerabilities
• Monitor configuration compliance with major frameworks

• Receive clear, actionable remediation guidance

  and more!

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

In the leadership and communications segment, Cybersecurity management for boards: Metrics that matter, The Emotional Architecture of Leadership: Why Energy, Not Strategy, Builds Great Teams, Your Transformation Can't Succeed Without a Talent Strategy, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-420

Organizations that successfully earn and keep the trust of their customers, employees, and partners experience better business outcomes, more engagement, and competitive differentiation. But what does that trust look like and who's responsible for building and maintaining that trust?

Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research, joins Business Security Weekly to discuss the emergence of the Chief Trust Officer. For organizations that refuse to leave trust to chance, chief trust officers have emerged as the role responsible for shaping their firm's destiny. Jeff will explain why the role has emerged and details its responsibilities, organizational structures, and measures for success.

In the leadership and communications segment, Why must CISOs slay a cyber dragon to earn business respect?, Simon Sinek says the most successful people in the world 'hit zero' or came close to it: Failure is 'the gift', The Remote Leadership Paradox: Why Your Team Feels Micromanaged AND Abandoned (And How to Fix It), and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-419

As the Verizon Data Breach Investigations Report has stated year after year, most breaches start with human error. We've invested a lot in Security Awareness and Training and Phishing solutions, but yet human error is still the top risk. How do we actually reduce human risk?

Rinki Sethi, CSO at Upwind Security, and Nicole Jiang, CEO of Fable Security, share why human risk management is the next frontier for security—and how platforms like Fable Security deliver personalized nudges that help employees build safer habits and stay ahead of threats. Solving human risk starts by changing human behavior. Learn how advancements in Artificial Intelligence (AI) and the application of adtech principles (targeted, personalized, A/B-tested messages delivered when they're most relevant) are delivering faster, more effective behavior change that lasts.

Segment Resources: Five must-haves of modern human risk management: https://fablesecurity.com/ebook-five-must-haves/ Starter RFP for modern human risk management: https://fablesecurity.com/starter-rfp-for-modern-hrm/

This segment is sponsored by Fable Security. Visit https://securityweekly.com/fable to learn more about them!

In the leadership and communications segment, Inside the CISO Mind: How Security Leaders Choose Solutions, 2026 Leadership Strategy: Mastering Agility and Anticipation for Better Decisions, The Most Human, Strategic, Sought-After Tool in Leadership, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-418