The Cyber Business Podcast

In this episode… Shane Wilson shares what makes the IT landscape in academia so distinct—and so difficult. At Centre College, 1,400 students bring over 3,500 personal devices onto the campus network. While most businesses can control their endpoints, higher education must prioritize openness and access. Shane explains how technologies like AI-based endpoint detection and response (EDR) and anomaly detection allow institutions to preserve academic freedom while maintaining data integrity. Shane also walks us through a rare and prestigious experience: hosting the Vice Presidential Debates in both 2000 and 2012. From coordinating with Secret Service to enabling IT infrastructure for over 3,500 journalists and representatives from 18 countries, Shane describes how the college pulled off a national broadcast with limited resources and an incredible team. These leadership challenges not only enhanced his confidence but also paved the way for his current CIO role. Beyond the event, Shane speaks passionately about the importance of aligning IT with institutional mission. He emphasizes that Centre College isn’t a cybersecurity firm or a data hosting center—it’s a school, and IT should serve that mission. His advice for those entering the field is pragmatic and empathetic: start anywhere you can, build professional empathy, and never stop learning.

In this episode… Thomas Berrington shares how his unconventional path from managing restaurants to becoming CIO of a major home builder reflects a broader trend: industries once lagging in tech are now actively seeking data-first leadership. At French Brothers Homes, building 200 homes annually demanded a shift from spreadsheets and manual input to clean, structured systems that could support scalability. Thomas details how he helped transition the company by optimizing its ERP usage, standardizing reporting with Power BI, and integrating data pipelines for better decision-making across operations. He also dives into how AI and Copilot tools are improving efficiency—from rephrasing customer communication to detecting quality assurance issues in home photos using machine learning. These innovations not only reduce delays but improve the homeowner experience. Looking ahead, Thomas is exploring AI-assisted project scheduling for semi-custom builds, aiming to dynamically adjust trade workflows and reduce downtime. In his advice to aspiring IT professionals, Thomas emphasizes the value of strategic thinking and industry focus. He notes that while sectors like development are crowded, underserved industries like construction offer massive opportunities for tech-driven professionals to stand out and drive transformation. His message is clear: structure is the backbone of technology—and with the right approach, you don’t need to be in Silicon Valley to make a major impact.

In this episode… In this episode of the Cyber Business Podcast, Matthew sits down with Fred Teumer to explore Grove’s role in Web3 and the transformative potential of the Pocket Network. Fred unpacks how their decentralized infrastructure allows developers to anonymously and securely access blockchain data—without relying on centralized cloud providers like AWS. By leveraging token-based incentives, the network scales to meet demand while maintaining privacy and redundancy. Fred dives into Grove’s focus on making Web3 usable for developers and enterprises alike. Their API portal mimics familiar Web2 tools, easing the transition to a decentralized environment. But Grove isn’t stopping with blockchain; they’re also piloting support for privacy tools like Signal and Tor, as well as LLM services that could one day rival offerings from OpenAI and Anthropic—at a fraction of the cost. The conversation also explores the harsh reality of security in decentralized environments. Fred highlights how Web3 presents new SoC2 compliance challenges and why most vulnerabilities don’t come from code, but from humans—citing social engineering as a persistent threat. He emphasizes the need for an open-source, community-driven security posture—something Grove embraces through its bounty program and open development model. Finally, Fred shares his unconventional career path—from building StarCraft maps as a kid, to leading infrastructure strategy at Grove. He talks about the thrill and volatility of startups, the importance of aligned incentives, and why crypto is not for the faint of heart—but offers massive upside for those willing to embrace the chaos.  

In This Episode Jason Scott reveals why automation isn't just a convenience — it's a necessity. As certificate lifespans shrink to 90 and even 47 days, manual management is becoming unsustainable. Jason explains how Sectigo’s innovations allow organizations to automatically manage certificates across diverse environments, ensuring resilience against modern cyber threats. Jason also dives into his inspiring transition from 35 years of military service to corporate cybersecurity leadership. He shares how lessons from building and leading Army teams translate directly into developing resilient cybersecurity teams in the private sector. His approach focuses heavily on understanding the business first, building authentic relationships, and ensuring that security policies align with real operational needs. Moreover, Jason warns of an even greater challenge on the horizon: post-quantum cryptography. He stresses that organizations must prepare now to handle the massive shifts coming with the deprecation of RSA algorithms. Drawing a parallel to the urgency of Y2K, Jason highlights the magnitude of work needed to overhaul certificate infrastructures — and why waiting is not an option. Throughout the conversation, Jason emphasizes the importance of foundational IT experience for aspiring cybersecurity professionals. His advice? Start at the help desk to build technical expertise, customer service skills, and the people-first mindset necessary to lead in cybersecurity.

In this episode… Building a company that runs smoothly without constant supervision is the dream of every business owner—but few achieve it. Adi Klevit reveals how documenting and implementing the right processes can transform a fast-growing company from chaotic to calm. She breaks down her eight-step system, starting with the leadership mindset needed to drive process adoption and ending with regular reviews to keep everything current and relevant. Adi shares real-world stories of businesses that struggled with disorganization until they invested in creating a process culture. From working with seasoned sales teams to onboarding new hires faster, she highlights how proper documentation, accessible cloud-based systems, and hands-on training make all the difference. Throughout the conversation, Adi emphasizes the critical link between process adherence and measurable business outcomes, such as increased collections and reduced turnover. The episode also dives into the importance of getting team buy-in early, leveraging multiple learning modalities (video, audio, visual) to improve training, and building scorecards to track process effectiveness. Adi’s insights are a must-listen for any founder or leader serious about scaling their company efficiently and sustainably.

In This Episode Mark Rosa opens with an overview of Mohegan Gaming and Entertainment’s massive reach, from Connecticut to Korea. Despite global expansion, the organization remains deeply rooted in its tribal culture—the Spirit of Aquai—which emphasizes cooperation, respect, and community. This spirit doesn’t just guide guest services; it’s woven into the fabric of how Mohegan approaches security and resilience. Mark shares how cybersecurity became his top focus when he moved from audit to IT leadership. Knowing the casino industry is a prime target, he immediately restructured leadership, deployed best-of-breed tools, and implemented zero trust principles. However, Mark is quick to point out that true resilience isn’t just about technology—it's about continuous testing, training, and preparation. He discusses their “live-fire” cybersecurity exercises that tested the organization’s recovery processes under pressure, offering rare insights into how large-scale organizations can practice incident response realistically. Transparency emerges as a critical theme. Mark explains that within the gaming industry, CIOs and CISOs often collaborate behind closed doors to share lessons learned from breaches like MGM’s. Even though legal limitations can restrict public disclosures during an active incident, post-mortem knowledge-sharing has become essential to raising the cybersecurity bar for everyone in the sector. Finally, the conversation turns to AI. Mark is cautiously optimistic about AI’s role across operations—from digital guest assistants reducing call center load to cybersecurity tools enhancing threat detection. However, in a highly regulated industry like gaming, careful deployment is key. Mark shares how Mohegan is embracing AI internally while maintaining strict control over security and compliance. His goal: not just to keep pace, but to lead.

In this episode… When most people think of an airport, they picture terminals and gates. Chris Crist sees a city with its own infrastructure, challenges, and tempo—one that runs 24/7 and can’t afford downtime. In this conversation, he walks us through the airport’s ambitious new fiber loop project, a $110M initiative designed to create redundancy across systems that power everything from Wi-Fi and CCTV to badge access and parking. But infrastructure is only one part of the equation. Chris discusses how biometric boarding is gaining traction beyond Delta, soon expanding across all international gates. He explains how facial recognition, backed by Customs and Border Protection, not only accelerates boarding but enhances security—allowing for a smoother, more intelligent travel experience. On the cybersecurity side, Chris is refreshingly candid about the pressure. From real-time threats to massive surface exposure, the airport’s IT systems are a prime target. His response? Run penetration tests, invite third-party audits, and even shut down critical concourses overnight to validate failovers. It’s an aggressive approach, but one he believes is necessary to build true resilience. Chris also opens up about the real-life challenge of staying ahead in a space evolving at breakneck speed. With AI, autonomous vehicles, computer vision, and smarter surveillance systems all on the horizon, he talks about what it means to lead a tech strategy that can scale with the future of aviation.

In this episode… David and Matthew share the internal evolution of Mesa Airlines' approach to technology and cybersecurity. With Mesa being a contract carrier for United Airlines, the IT team's role is pivotal to ensuring seamless operations in a high-demand, thin-margin industry. David discusses how his team has transitioned from being perceived as a cost center to a trusted partner that delivers business solutions. Matthew provides deep insight into the unique cybersecurity challenges faced by airlines, particularly as the TSA becomes more involved in regulating cybersecurity. He explains the importance of focusing on systems that could be "operationally disruptive" and why compliance frameworks like NIST CSF are becoming critical for the aviation sector. The conversation explores how government entities, like the TSA and CISA, are still finding their footing in defining cybersecurity mandates for aviation. Meanwhile, Mesa is proactively helping shape this dialogue by balancing compliance with real-world application. From implementing intelligent awareness training through KnowBe4 to piloting AI solutions, the Mesa team is focused on staying agile. David highlights the significance of using AI to enhance operational efficiencies and strengthen security, while Matthew underscores the importance of secure AI deployments with strong data governance. Both guests emphasize that cybersecurity isn’t just about tools—it’s about people. Through consistent communication, training, and collaboration with business units, they are building a culture where security is a shared responsibility.

In this episode… Rich Bates dives into the reality of federal cybersecurity requirements, offering a grounded look at how CMMC and NIST 800-171 are reshaping government contracting. He shares how Zeiders navigates the “woolly mammoth” of compliance by focusing on policies that are both thorough and adaptable. Rather than bogging down in static documentation, Rich keeps his System Security Plan evergreen, linking out to living procedures that evolve with tools and systems—ensuring agility in audits without sacrificing structure. For contractors wrestling with cloud and remote work, Rich breaks down the value of enclave environments, particularly Microsoft GCC Moderate and High. He emphasizes that even call centers—once considered too complex for secure remote deployment—are becoming more viable thanks to FedRAMP-approved platforms and integrated encryption. His biggest caution? Don’t let program offices over-secure projects to the point of eliminating good vendors: “If IL2 is good, IL4 isn’t necessarily better—it’s just more restrictive.” Beyond technical controls, Rich shines in communicating with everyday users. In company-wide standups, he avoids jargon and delivers “news you can use,” like how to create strong, memorable passwords or why phishing emails now look indistinguishable from legitimate ones. He teaches with humor (“I’m going to manufacture a keyboard with a built-in whiteboard for sticky notes”) but his message is serious: cyber starts at the keyboard, and the people behind it matter most. Finally, Rich offers a compelling call to action for future cybersecurity professionals: focus on threat hunting. He shares why puzzle-solvers, neurodivergent thinkers, and those drawn to pattern analysis are uniquely equipped to succeed in this field. For young people—or parents of kids interested in cyber—he recommends exploring free labs, SANS resources, and even military cyber commands as a launchpad into the world of defense-grade cybersecurity.

In this episode… Randall Jackson shares his unconventional journey from desktop publishing in the late '80s to leading cybersecurity in a modern financial services firm. Starting out on early Macintosh systems and troubleshooting AppleTalk networks, Randall quickly became the go-to IT expert in his organization. After his role was outsourced, he transitioned into the MSP space, gaining experience in systems engineering and eventually leading entire IT operations. Randall highlights the need for scalable and repeatable security processes within managed services, emphasizing the shift from ad-hoc solutions to industry-standard tools like ticketing systems and RMM platforms. His leadership journey includes developing custom ticketing systems, building career paths for IT staff, and transitioning from reactive support to proactive security services. He also addresses the rise of AI-generated phishing emails and the battle of AI vs AI in email gateways. Randall shares how his team combats these threats through live and video-based security training, helping employees recognize and report suspicious activity. The episode closes with practical advice for those entering IT: start on a help desk, learn how systems work, and build strong troubleshooting skills.