Risky Business Features Podcast

In this episode, James Wilson is joined by entrepreneur and investor Yaniv Bernstein to discuss Anthropic’s Mythos through the lens of startups and growing businesses. Yaniv is Google’s former VP of Engineering, and is former VP Eng and COO at Airtasker. He’s now an investor and advisor to startups and he co-hosts The Startup Podcast.

In this episode, James Wilson is joined by Brad Arkin who provides a CISO’s perspective on Anthropic’s Mythos. As former CISO at Adobe, Cisco and Salesforce, Brad’s perspective challenges the notion that finding and fixing exploits makes us safer.

In this episode of Risky Business Features, James Wilson chats to professional hacker Jamieson O’Reilly about Anthropic’s Mythos and the impact it could have on offensive security. Jamieson is CEO of DVULN and co-founder of Aether AI. He’s been hacking into organisations for more than a decade, and knows a thing or two about combining AI and offensive security.

In this episode, investigative journalist Geoff White joins James Wilson for a look into the complex machine that is North Korea’s IT worker infiltration scheme. They discuss the interview process, what happens once the workers are actually hired, how value is maximised for the regime, and how the money moves around. It’s even more diabolical than the headlines divulge.

In this episode, James Wilson chats with Brad Arkin (former CISO of Adobe, Cisco and Salesforce) to talk about the mounting pressure that CISOs are under in the AI era. Attackers are operating at unprecedented scale, and internal users are adopting AI faster than security teams can keep up. This requires CISOs to bend on things that would have otherwise been a hard-no in the past, and revisit some fundamental controls that might have seemed too difficult previously.

In this sort-of-solo episode, James Wilson is “joined” by one of his OpenClaw AI agents for a chat about whether or not an LLM can understand, modify or even create a sophisticated nation-state grade iOS exploit kit. Technically this podcast is James having a conversation with himself, but the exchange is illuminating. It turns out LLMs can really help with finding 0day, even in mature code repos like WebKit.

In this interview you’ll hear former NSA executive Rob Joyce and former CIA cyber intelligence leader Andy Boyd talk to host Patrick Gray about how AI is changing the state of art in offensive security.

Recorded in front of a live audience at the Decibel Oasis side event next door to the RSA Conference in San Francisco, the trio also talk about why a series of iOS exploit chain leaks don’t seem to be stirring up a scandal.

In this episode of Risky Business Features, James Wilson and Brad Arkin discuss the attack that devastated medtech company Stryker. It turns out the attackers used Microsoft’s inTune to wipe the company’s devices, but what else could they have weaponised?

This podcast basically turned into an incident review of the Stryker incident. Enjoy!

James Wilson delivers his take on the state of the Model Context Protocol (MCP) in this solo episode of Risky Business Features. Despite MCP being the technology that made Large Language Models useful and AI Agents possible, the models have shown us they want to use something else instead. They want to use the shell directly, and that is going to have serious cybersecurity consequences.

In this podcast James Wilson chats with Brad Arkin about how enterprises can better deal with attackers logging in with valid credentials. Stolen identities, weak special-use credentials, over-scoped API keys are the new zero-day and they’re abundantly available to attackers. Sadly, the solution here isn’t as simple as deploying phishing resistant MFA. Fixing this takes an enterprise identity strategy.