Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This episode looks at how supplier cyber posture affects your business, why spreadsheets and questionnaires no longer cut it, and how AI is making third party risk harder to see and faster to spread. It covers resilience, shadow AI, vendor collapse, supply chain impact and the reality that you are only as strong as your weakest link.

Government legislation on online safety, age verification and encryption is being written without consulting cybersecurity professionals. The result is legislation that doesn't work and creates massive security risks. Age verification companies are failing spectacularly - people bypass them with smiley faces on thumbs and AI face-meshing. Encryption backdoors don't just let governments in, they let malicious actors in too. VPN age verification is technically impossible. OS-level age verification would require banning Linux, which runs most of the internet.

Should organisations pay ransomware demands? Canvas recently paid after a breach exposed student data. Now US Congress is questioning whether payments should be illegal. In this episode of Razorwire Raw, James Rees tackles the ransomware payment dilemma. Ransomware groups operate like commercial organisations - if they don't honour agreements to delete data after payment, nobody would pay them. Some negotiators have been caught telling attackers what insurance payouts will cover.

It took 10 minutes and a free online tool to deepfake Jim’s voice, with no expertise and no cost involved.

Cyber warfare is no longer theoretical. Nation states are actively targeting critical infrastructure, utilities and government systems. AI is accelerating offensive capabilities and most organisations aren't prepared. In this episode of Razorwire Raw, James Rees discusses the reality of cyber warfare and what's coming. State-sponsored attacks and government-backed cyber operations are already happening at scale.

People stop answering the phone when every call sounds like the same recycled script pushed through the same tired sequence. Different buyers want different approaches, so if you cannot explain your value clearly and naturally, the call is over before it starts.

OpenAI just announced Daybreak, their cybersecurity AI model with three tiers of access. GPT-5 handles general work. GPT-5.5 does secure code reviews, vulnerability triage, malware analysis and patch validation. GPT-Cyber handles red teaming and penetration testing. In this episode of Razorwire Raw, James Rees explains what Daybreak means for the cybersecurity industry and why vulnerability scanning companies, pentesting firms and security tool vendors should be concerned.

Sales desperation often starts higher up the chain, where investor pressure, weak go to market planning and unrealistic growth targets shape bad behaviour. When companies measure the wrong things, they create scripted, frantic sales motions that annoy buyers and burn trust fast.

Technical skill opens doors, but communication is what gets ideas accepted by leadership. In cybersecurity, the real challenge is often turning complex risk into clear business language that a CEO, CTO or CFO understands straight away.

Bad sales habits often come from low effort, low curiosity and people who stop learning once they land the role. When sales becomes lazy, every decent salesperson has to fight twice as hard to rebuild trust with buyers who are already tired of being spammed.