Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cybersecurity is pricing itself out of reach. Over the past eight years, private equity and VC acquisitions have driven massive price increases across security consulting, vendor products, pentesting and compliance services. SMBs are struggling with vendor renewals climbing up to 40% while security budgets can't keep pace. From endpoint security to SIEM solutions, baseline cybersecurity is becoming unaffordable for the organisations that need it most.

Security leaders are not ignored because governance or risk no longer matter, they are sidelined because speed and efficiency are treated as the only metrics that count. AI is sold as a competitive edge, so any warning about second order effects sounds like friction, even though speed without control creates asymmetric risk that grows out of sight.

In this episode of The New CISO, host Steve Moore speaks with Manuel "Manu" Ressel, CISO at SAUTER Group, about his unconventional journey from classroom teacher to cybersecurity leader—and why the "Four Cs" of modern education provide a powerful framework for building effective security programs. Drawing from years as both a teacher and school principal in Germany, Manu introduces Critical Thinking, Communication, Collaboration, and Creativity as essential leadership skills that fundamentally challenge how the industry approaches awareness training and incident response.

The Network is Complex. Operating It Shouldn't Be. Forward AI transforms network operations by reducing manual analysis, expert dependency, and guesswork. By combining conversational interaction with a mathematically accurate digital twin, teams can validate intent, understand actual network behavior, and act with confidence across even the most complex environments.

AI agents don't think. They pattern-match. Critical to understand: Generative AI (ChatGPT, Claude, etc.) does NOT reason like humans. It: The API Security problem: When you give an AI agent access to an API, it will: AI agents can't reason. They recreate patterns based on weights. You need to be very careful: data in, data out. Practical example: text User: "Show me the account balance for user" AI agent → calls GET /api/account/123 API → returns { balance: 5000, name: "John", SSN: "123-45-6789" } AI agent → outputs EVERYTHING to user (including SSN!)

Software release cycles are now too fast for traditional security tools. Rapid iterations and reliance on open-source and cloud-native tech increase vulnerabilities, challenging AppSec teams to keep up. Attackers are taking advantage, targeting applications and exploiting misconfigurations, excessive permissions, and vulnerable plug-ins.