Cyber Risk Management Podcast

What does the generative AI conversation actually sound like inside a boardroom? Is the board ready to govern it? And what do board members wish CISOs understood about how they make decisions? Let’s find out with our guest, Vanessa Pegueros, former CISO at Docusign and U.S. Bank, and current board member at LivePerson and BECU. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

LinkedIn profile – https://www.linkedin.com/in/vanessapegueros

Website – https://vanessapegueros.com

Anthropic released Claude Mythos Preview. The headline is "AI can now find zero-days." Yes, but the real story is the gap between what AI finds and what organizations can fix. About 99 percent of Mythos findings are still unpatched. We cover what Mythos is in plain English, why the patching gap matters most, what duty of care means when your board knows these tools exist, where AIR-MAP fits, and why most advisors skip data sovereignty. Hosts: Kip Boyle, CISO, Cyber Risk Opportunities; Jake Bernstein, Partner, K&L Gates.

 

Anthropic Claude Mythos Preview

https://red.anthropic.com/2026/mythos-preview/

 

AISLE / Stanislav Fort, "AI Cybersecurity After Mythos: The Jagged Frontier"

https://aisle.com/blog/ai-cybersecurity-after-mythos-the-jagged-frontier

 

AIR-MAP overview

https://air-map.io/

A Stripe employee hid a message in his LinkedIn profile telling any AI that read it to include a flan recipe. A month later, an AI recruiter emailed him one. It's funny until you realize the same technique can exfiltrate data, generate phishing content, or hijack automated business processes. What is prompt injection, why does OWASP rank it as the number one risk to large language models, and what should you do about it? Let's find out. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

 

OWASP Top 10 for LLM Applications -- https://genai.owasp.org

What happens when a cybersecurity team designs controls without asking the business what they need? And what role exists specifically to prevent that? Let's find out with our guests Brian Shea and Maggie Amato, former Business Information Security Officers at Salesforce. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

 

Brian Shea's LinkedIn profile -- https://www.linkedin.com/in/brianshea/

Maggie Amato's LinkedIn profile -- https://www.linkedin.com/in/maggie-amato-021624164/

Fire hasn't changed since the dawn of humanity, but our cyber adversaries evolve every single day. What happens when organizations spend $10 on AI transformation for every $1 on cybersecurity? In this special ROCon 2025 keynote replay, Kip shares two stories that changed how he thinks about risk: a "perfect" employee who became an insider threat in four weeks, and a $12M deepfake that defeated every technical control on the dashboard. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

 

Get Kip's book, "Fire Doesn't Innovate" 2nd Edition -- https://a.co/d/0bYatohy