From ISDN to AI - Two Veterans on How Defence in Depth Has Changed
Defence in depth has evolved every time the technology landscape has shifted. The internet, virtualisation, cloud, SaaS. AI is the next shift, and the old model isn't keeping up.
Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, I'm joined once again by Martin Voelk, co-founder of SpartanX and an ethical hacker with nearly 26 years in cybersecurity.
Every major technology shift has forced security teams to rethink how they protect their organisations. The internet moved data outside the building. Cloud meant infrastructure was no longer yours to control. Each time, defence in depth evolved. AI is the latest shift, and it may be the one that breaks the model entirely.
We trace the journey from on-prem data centres and ISDN routers through to a world where AI agents act autonomously, supply chains are built on unverified code and the offensive side of AI is outpacing the defensive side at a rate security teams can't match. The conversation explores why every AI agent needs its own identity, why shadow AI is a problem most organisations haven't begun to address and why the only realistic answer to AI-powered attacks may be AI-powered defence.
Three key talking points:
- Defence in depth has always evolved, but this time it's different
- AI agents need to be treated like people
- The offensive side is winning
Defence in depth has survived every technology shift so far. AI is testing it in ways we haven't seen before. If you're responsible for securing an organisation that's adopting AI, this is the conversation to listen to.
On why security teams are always one step behind:
"We don't have the ability to figure out what's going on until it's already happened. We don't have that technology yet."
James Rees
Listen to this episode on your favourite podcasting platform:(https://razorwire.captivate.fm/listen)
In this episode, we covered the following topics:
- The Evolution of Defence in Depth
- Why AI Is Different
- Supply Chain Risk and Unverified Code
- Third Party Risk Management Is Broken
- Shadow AI
- Continuous Authentication
- AI Agent Identity and Accountability
- Alert Fatigue as an Attack Vector
- Prompt Injection via Log Files
- The Case for Defensive AI
⸻
For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.
If you need consultation, visit (https://www.razorthorn.com). We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.
⸻
Follow us online:
LinkedIn: (https://www.linkedin.com/company/razorthorn-security)
YouTube: (https://www.youtube.com/c/RazorthornSecurity)
TikTok: (https://www.tiktok.com/@razorwire.podcast)
Instagram: (https://www.instagram.com/razorwire.podcast)
X: (https://x.com/RazorThornLTD)
Website: (https://www.razorthorn.com)