The Cyber Business Podcast

In this episode… Thomas Berrington shares how his unconventional path from managing restaurants to becoming CIO of a major home builder reflects a broader trend: industries once lagging in tech are now actively seeking data-first leadership. At French Brothers Homes, building 200 homes annually demanded a shift from spreadsheets and manual input to clean, structured systems that could support scalability. Thomas details how he helped transition the company by optimizing its ERP usage, standardizing reporting with Power BI, and integrating data pipelines for better decision-making across operations. He also dives into how AI and Copilot tools are improving efficiency—from rephrasing customer communication to detecting quality assurance issues in home photos using machine learning. These innovations not only reduce delays but improve the homeowner experience. Looking ahead, Thomas is exploring AI-assisted project scheduling for semi-custom builds, aiming to dynamically adjust trade workflows and reduce downtime. In his advice to aspiring IT professionals, Thomas emphasizes the value of strategic thinking and industry focus. He notes that while sectors like development are crowded, underserved industries like construction offer massive opportunities for tech-driven professionals to stand out and drive transformation. His message is clear: structure is the backbone of technology—and with the right approach, you don’t need to be in Silicon Valley to make a major impact.

In this episode… In this episode of the Cyber Business Podcast, Matthew sits down with Fred Teumer to explore Grove’s role in Web3 and the transformative potential of the Pocket Network. Fred unpacks how their decentralized infrastructure allows developers to anonymously and securely access blockchain data—without relying on centralized cloud providers like AWS. By leveraging token-based incentives, the network scales to meet demand while maintaining privacy and redundancy. Fred dives into Grove’s focus on making Web3 usable for developers and enterprises alike. Their API portal mimics familiar Web2 tools, easing the transition to a decentralized environment. But Grove isn’t stopping with blockchain; they’re also piloting support for privacy tools like Signal and Tor, as well as LLM services that could one day rival offerings from OpenAI and Anthropic—at a fraction of the cost. The conversation also explores the harsh reality of security in decentralized environments. Fred highlights how Web3 presents new SoC2 compliance challenges and why most vulnerabilities don’t come from code, but from humans—citing social engineering as a persistent threat. He emphasizes the need for an open-source, community-driven security posture—something Grove embraces through its bounty program and open development model. Finally, Fred shares his unconventional career path—from building StarCraft maps as a kid, to leading infrastructure strategy at Grove. He talks about the thrill and volatility of startups, the importance of aligned incentives, and why crypto is not for the faint of heart—but offers massive upside for those willing to embrace the chaos.

In This Episode Jason Scott reveals why automation isn't just a convenience — it's a necessity. As certificate lifespans shrink to 90 and even 47 days, manual management is becoming unsustainable. Jason explains how Sectigo’s innovations allow organizations to automatically manage certificates across diverse environments, ensuring resilience against modern cyber threats. Jason also dives into his inspiring transition from 35 years of military service to corporate cybersecurity leadership. He shares how lessons from building and leading Army teams translate directly into developing resilient cybersecurity teams in the private sector. His approach focuses heavily on understanding the business first, building authentic relationships, and ensuring that security policies align with real operational needs. Moreover, Jason warns of an even greater challenge on the horizon: post-quantum cryptography. He stresses that organizations must prepare now to handle the massive shifts coming with the deprecation of RSA algorithms. Drawing a parallel to the urgency of Y2K, Jason highlights the magnitude of work needed to overhaul certificate infrastructures — and why waiting is not an option. Throughout the conversation, Jason emphasizes the importance of foundational IT experience for aspiring cybersecurity professionals. His advice? Start at the help desk to build technical expertise, customer service skills, and the people-first mindset necessary to lead in cybersecurity.

In this episode… Building a company that runs smoothly without constant supervision is the dream of every business owner—but few achieve it. Adi Klevit reveals how documenting and implementing the right processes can transform a fast-growing company from chaotic to calm. She breaks down her eight-step system, starting with the leadership mindset needed to drive process adoption and ending with regular reviews to keep everything current and relevant. Adi shares real-world stories of businesses that struggled with disorganization until they invested in creating a process culture. From working with seasoned sales teams to onboarding new hires faster, she highlights how proper documentation, accessible cloud-based systems, and hands-on training make all the difference. Throughout the conversation, Adi emphasizes the critical link between process adherence and measurable business outcomes, such as increased collections and reduced turnover. The episode also dives into the importance of getting team buy-in early, leveraging multiple learning modalities (video, audio, visual) to improve training, and building scorecards to track process effectiveness. Adi’s insights are a must-listen for any founder or leader serious about scaling their company efficiently and sustainably.

In This Episode Mark Rosa opens with an overview of Mohegan Gaming and Entertainment’s massive reach, from Connecticut to Korea. Despite global expansion, the organization remains deeply rooted in its tribal culture—the Spirit of Aquai—which emphasizes cooperation, respect, and community. This spirit doesn’t just guide guest services; it’s woven into the fabric of how Mohegan approaches security and resilience. Mark shares how cybersecurity became his top focus when he moved from audit to IT leadership. Knowing the casino industry is a prime target, he immediately restructured leadership, deployed best-of-breed tools, and implemented zero trust principles. However, Mark is quick to point out that true resilience isn’t just about technology—it's about continuous testing, training, and preparation. He discusses their “live-fire” cybersecurity exercises that tested the organization’s recovery processes under pressure, offering rare insights into how large-scale organizations can practice incident response realistically. Transparency emerges as a critical theme. Mark explains that within the gaming industry, CIOs and CISOs often collaborate behind closed doors to share lessons learned from breaches like MGM’s. Even though legal limitations can restrict public disclosures during an active incident, post-mortem knowledge-sharing has become essential to raising the cybersecurity bar for everyone in the sector. Finally, the conversation turns to AI. Mark is cautiously optimistic about AI’s role across operations—from digital guest assistants reducing call center load to cybersecurity tools enhancing threat detection. However, in a highly regulated industry like gaming, careful deployment is key. Mark shares how Mohegan is embracing AI internally while maintaining strict control over security and compliance. His goal: not just to keep pace, but to lead.

In this episode… When most people think of an airport, they picture terminals and gates. Chris Crist sees a city with its own infrastructure, challenges, and tempo—one that runs 24/7 and can’t afford downtime. In this conversation, he walks us through the airport’s ambitious new fiber loop project, a $110M initiative designed to create redundancy across systems that power everything from Wi-Fi and CCTV to badge access and parking. But infrastructure is only one part of the equation. Chris discusses how biometric boarding is gaining traction beyond Delta, soon expanding across all international gates. He explains how facial recognition, backed by Customs and Border Protection, not only accelerates boarding but enhances security—allowing for a smoother, more intelligent travel experience. On the cybersecurity side, Chris is refreshingly candid about the pressure. From real-time threats to massive surface exposure, the airport’s IT systems are a prime target. His response? Run penetration tests, invite third-party audits, and even shut down critical concourses overnight to validate failovers. It’s an aggressive approach, but one he believes is necessary to build true resilience. Chris also opens up about the real-life challenge of staying ahead in a space evolving at breakneck speed. With AI, autonomous vehicles, computer vision, and smarter surveillance systems all on the horizon, he talks about what it means to lead a tech strategy that can scale with the future of aviation.

In this episode… David and Matthew share the internal evolution of Mesa Airlines' approach to technology and cybersecurity. With Mesa being a contract carrier for United Airlines, the IT team's role is pivotal to ensuring seamless operations in a high-demand, thin-margin industry. David discusses how his team has transitioned from being perceived as a cost center to a trusted partner that delivers business solutions. Matthew provides deep insight into the unique cybersecurity challenges faced by airlines, particularly as the TSA becomes more involved in regulating cybersecurity. He explains the importance of focusing on systems that could be "operationally disruptive" and why compliance frameworks like NIST CSF are becoming critical for the aviation sector. The conversation explores how government entities, like the TSA and CISA, are still finding their footing in defining cybersecurity mandates for aviation. Meanwhile, Mesa is proactively helping shape this dialogue by balancing compliance with real-world application. From implementing intelligent awareness training through KnowBe4 to piloting AI solutions, the Mesa team is focused on staying agile. David highlights the significance of using AI to enhance operational efficiencies and strengthen security, while Matthew underscores the importance of secure AI deployments with strong data governance. Both guests emphasize that cybersecurity isn’t just about tools—it’s about people. Through consistent communication, training, and collaboration with business units, they are building a culture where security is a shared responsibility.

In this episode… Rich Bates dives into the reality of federal cybersecurity requirements, offering a grounded look at how CMMC and NIST 800-171 are reshaping government contracting. He shares how Zeiders navigates the “woolly mammoth” of compliance by focusing on policies that are both thorough and adaptable. Rather than bogging down in static documentation, Rich keeps his System Security Plan evergreen, linking out to living procedures that evolve with tools and systems—ensuring agility in audits without sacrificing structure. For contractors wrestling with cloud and remote work, Rich breaks down the value of enclave environments, particularly Microsoft GCC Moderate and High. He emphasizes that even call centers—once considered too complex for secure remote deployment—are becoming more viable thanks to FedRAMP-approved platforms and integrated encryption. His biggest caution? Don’t let program offices over-secure projects to the point of eliminating good vendors: “If IL2 is good, IL4 isn’t necessarily better—it’s just more restrictive.” Beyond technical controls, Rich shines in communicating with everyday users. In company-wide standups, he avoids jargon and delivers “news you can use,” like how to create strong, memorable passwords or why phishing emails now look indistinguishable from legitimate ones. He teaches with humor (“I’m going to manufacture a keyboard with a built-in whiteboard for sticky notes”) but his message is serious: cyber starts at the keyboard, and the people behind it matter most. Finally, Rich offers a compelling call to action for future cybersecurity professionals: focus on threat hunting. He shares why puzzle-solvers, neurodivergent thinkers, and those drawn to pattern analysis are uniquely equipped to succeed in this field. For young people—or parents of kids interested in cyber—he recommends exploring free labs, SANS resources, and even military cyber commands as a launchpad into the world of defense-grade cybersecurity.

In this episode… Randall Jackson shares his unconventional journey from desktop publishing in the late '80s to leading cybersecurity in a modern financial services firm. Starting out on early Macintosh systems and troubleshooting AppleTalk networks, Randall quickly became the go-to IT expert in his organization. After his role was outsourced, he transitioned into the MSP space, gaining experience in systems engineering and eventually leading entire IT operations. Randall highlights the need for scalable and repeatable security processes within managed services, emphasizing the shift from ad-hoc solutions to industry-standard tools like ticketing systems and RMM platforms. His leadership journey includes developing custom ticketing systems, building career paths for IT staff, and transitioning from reactive support to proactive security services. He also addresses the rise of AI-generated phishing emails and the battle of AI vs AI in email gateways. Randall shares how his team combats these threats through live and video-based security training, helping employees recognize and report suspicious activity. The episode closes with practical advice for those entering IT: start on a help desk, learn how systems work, and build strong troubleshooting skills.

In This Episode: Nastaran Bisheban shares how she leads VetStrategy’s IT team in supporting veterinary clinics across Canada. With responsibility for infrastructure, cybersecurity, service desks, digital platforms, and data analytics, her team ensures seamless support for clinics so veterinarians can focus on caring for animals. She explains VetStrategy’s buy-and-build approach to technology and how her teams create custom tools when off-the-shelf solutions don’t align with business needs or timelines. Nastaran’s leadership philosophy centers on operational excellence driven by human behavior. She emphasizes the importance of knowing team members’ strengths, interests, and motivations to align work with passion—igniting productivity and satisfaction. She describes creative ways to inspire her team, from push-up challenges before software releases to competitive Lego builds and baking contests. These initiatives foster collaboration, reduce stress, and create an engaging environment where team members thrive. Throughout the conversation, Nastaran shares how fun and discipline can be powerful allies in leadership, and how leaders must master the ability to zoom in for tactical support while zooming out for strategic vision. Her passion for people-first IT leadership offers valuable insights for anyone managing diverse, distributed teams—especially in high-pressure environments like technology and healthcare.

In This Episode: Greg Tsirulnik discusses his unique role as CIO of Creative Home Ideas, a leading home textile company with operations in the U.S., China, Turkey, India, Pakistan, and more. From bedding and rugs to towels and curtains, the company produces and distributes both licensed and in-house brands found in major retailers like Costco, Walmart, and Target. Greg shares how his background in fashion and manufacturing allowed him to seamlessly transition into the IT space, leveraging his deep understanding of business operations to solve technical challenges. Throughout the conversation, Greg emphasizes the importance of passion, resilience, and continuous learning. He recounts his path from helping his father in a Soviet-era cooperative to managing a complex IT infrastructure for a global enterprise. He also shares his philosophy on leadership—treating people with respect, maintaining a sense of humor, and always showing up for the job you want, not just the job you have. Beyond IT, Greg dives into his personal development journey, revealing details about his upcoming book, The Lens of Possibility, a daily guide to inspiration and transformation tailored for IT professionals and executives facing burnout. The discussion touches on the pressures of being an IT leader, the stigma around admitting mistakes, and the need for better communication and support within organizations to prevent isolation.

In this episode… David Epperson’s career has been anything but ordinary. After 20 years in the military and another two decades in federal cybersecurity, he transitioned into the private sector, bringing his expertise to H2O.ai, an AI company that emphasizes trust, accuracy, and security. David shares how H2O.ai differs from traditional AI companies by focusing on open-source AI models, hiring the world’s top data scientists, and ensuring AI is explainable, which is a critical factor for government and enterprise adoption. He discusses the challenge of third-party AI validation, where competitors validate AI models to ensure fairness, accuracy, and transparency. Transitioning from a structured federal environment to a fast-paced private sector was both exciting and challenging for David. He reflects on the differences in leadership, stability, and decision-making between government agencies and AI startups. He also highlights the importance of corporate culture in cybersecurity, explaining how great companies are defined not just by their products but by how they treat their employees and clients. Finally, David shares valuable advice for cybersecurity professionals looking to navigate AI-driven security landscapes. He emphasizes that there is no single path to success in cybersecurity and AI, and that curiosity, adaptability, and integrity are key.

In this episode… In this insightful conversation, Billy Spears discusses the intersection of AI and cybersecurity, emphasizing how companies need to embrace AI-driven solutions to detect and mitigate threats faster than ever. He shares how Teradata's AI Unlimited platform is helping organizations automate threat detection and analyze massive amounts of security data at scale. Billy also breaks down the importance of cyber hygiene, comparing it to everyday habits like brushing your teeth—small, consistent actions that prevent major problems. He discusses the rise of social engineering attacks, particularly the recent surge in smishing attacks involving toll road scams, where hackers exploit fear tactics to deceive victims. Beyond technology, Billy emphasizes the value of spirited debate and open conversations in cybersecurity. He highlights the diverse roles within security, from governance to engineering, and why collaboration across teams is essential for building effective security frameworks. For professionals looking to build a presence online, Billy shares how he grew his LinkedIn following, offering practical advice on consistency, authenticity, and audience engagement.

In this episode… Chris Crist’s career trajectory is a testament to how adaptability and continuous learning can pave the way for success in IT leadership. Raised in a large Hispanic family, Chris never envisioned himself in a high-profile technology role. It wasn’t until he joined the U.S. Air Force that he realized his potential. Initially enlisting as a combat medic, he discovered his passion for technology through mentorship and hands-on experience. Encouraged by his supervisors, he pivoted to IT operations within the Air Force hospital system, eventually leading a large-scale technology department. His transition to the civilian sector was met with challenges, including the cultural shift from military to corporate IT. As the CIO of a hospital system at just 25 years old, Chris quickly learned the importance of strategic communication. Early setbacks, such as failing to convince executives about critical IT upgrades, taught him that influencing decision-makers is as vital as technical expertise. At ATL, Chris now oversees critical IT infrastructure, cybersecurity, and innovation to ensure smooth airport operations. He highlights how AI and automation are transforming aviation IT, from real-time data analytics to enhanced security measures. His leadership philosophy revolves around mentorship, hiring for cultural fit, and fostering innovation in IT teams.

In This Episode: Legal firms handle some of the most sensitive client data, making them prime targets for cyber threats. Adrian Ciocan, CIO of Lerners LLP, has worked diligently to transform his firm’s security posture, moving from a reactive to a proactive approach. He discusses how cybersecurity is no longer just a technical issue—it’s a business risk that requires buy-in from leadership. With cyber threats, particularly business email compromise and ransomware, on the rise, Adrian emphasizes that education is the most effective line of defense. His team runs comprehensive security awareness training programs, ensuring everyone—from receptionists to partners—understands the risks and knows how to respond. But security isn’t the only focus. Adrian shares how he’s built a culture of mentorship and leadership within his IT team, drawing from his own experiences. He believes the best way to develop IT leaders is to empower them to think strategically, not just technically. His approach fosters trust, collaboration, and growth, proving that IT can be a business enabler, not just a support function. Finally, we dive into the future of IT in law firms, discussing AI, automation, and security innovations that are reshaping the industry. Adrian explains how AI-driven security tools are helping organizations stay ahead of cybercriminals, making IT teams more efficient and proactive.

In this episode… Daniel Ford discusses the evolving landscape of cybersecurity in financial institutions and the importance of fostering a positive security culture. He shares how Jovia Financial Credit Union has integrated cybersecurity into its strategic planning, treating it as a top-tier business risk rather than an IT function alone. With a focus on proactive and predictive security measures, Daniel outlines how Jovia uses phishing tests, cybersecurity champions, and gamification to engage employees and enhance security awareness. Beyond cybersecurity, Daniel delves into his leadership philosophy, emphasizing the importance of continuous learning, adaptability, and mentorship. His belief in developing strong teams through education and positive reinforcement has led to an environment where employees actively participate in cybersecurity initiatives rather than viewing them as burdensome requirements. Daniel also discusses his passion for leadership development, which extends beyond cybersecurity. As the founder of Echelon Orchid, he helps executives and professionals refine their leadership skills, encouraging a mindset of constant growth and adaptability. Additionally, he shares insights from his entrepreneurial venture, Dragon’s Mouth Distillery, where he applies the same principles of innovation and quality to craft unique spirits. His perspective on leadership is deeply rooted in discipline, self-improvement, and accountability, principles that have guided him through his career in cybersecurity and beyond. Whether in IT security, business management, or entrepreneurship, Daniel’s approach revolves around a commitment to excellence, learning from setbacks, and continuously striving for improvement.

In This Episode... Matthew Connor sits down with Kevin Hall to discuss IT’s evolving role from a support function to a strategic driver of business growth. Kevin shares how Westconsin Credit Union has shifted IT beyond the traditional “fix-it” mindset, emphasizing business enablement, internal development, and cross-department collaboration. A key focus is breaking down IT gatekeeping by empowering frontline employees with technical knowledge, fostering a culture where technology is embraced rather than feared. This approach has allowed Westconsin Credit Union to promote internally for IT roles, ensuring a strong cultural fit while strengthening the organization’s technological foundation. Kevin also highlights the transformation of cybersecurity from a regulatory necessity to a business enabler. By integrating security into broader business discussions and framing it as a risk mitigation strategy, organizations can move beyond the outdated “department of no” mentality. Additionally, Kevin explores AI’s role in financial services, noting its potential to automate processes, enhance fraud detection, and provide personalized financial guidance to members. As the conversation wraps up, Kevin encourages IT professionals to embrace change, collaborate across departments, and take advantage of non-traditional paths into the industry. By combining technical expertise with business awareness, IT can drive meaningful innovation and long-term success.

In this episode… Nagesh Anupindi shares his journey from data warehousing to founding Apoorva, a company focused on helping SaaS businesses stabilize, optimize, and grow. He discusses how bad data can break a business, the risks of hiring the wrong development teams, and why many companies turn to Apoorva when their software is in trouble. One of the most compelling aspects of Apoorva’s approach is their revenue-sharing model. Instead of demanding large upfront costs, they align their success with their clients' revenue growth—making them an ideal partner for SaaS businesses looking to scale. This model was born out of necessity when a company in crisis had no cash to pay for development. The result? A win-win solution that helped both companies thrive. Nagesh also breaks down why many SaaS founders make costly mistakes—from hiring offshore developers without understanding software foundations to choosing cloud hosting solutions that don’t scale effectively. Apoorva steps in to fix these issues, whether it’s through rescuing failing projects, rebuilding platforms, or offering a more cost-effective cloud hosting solution than AWS and Azure. Finally, Nagesh introduces Apoorva’s D9 framework, a nine-phase software development methodology that ensures projects are delivered on time and with high quality. He also shares why they only hire employees with an IQ of 120 or higher, emphasizing the importance of critical thinking in software development.

In this episode… Vlad Podoliako shares his journey from an entry-level IT position to founding Belkins, a top B2B acquisition agency. He explains how Belkins grew into a multi-company ecosystem, solving critical business challenges like email deliverability through its product, Folderly. Vlad’s approach to entrepreneurship is rooted in solving problems for his own team and clients, leading to innovative solutions that branch out into entirely new businesses. He emphasizes the value of teamwork, highlighting how his co-founder dynamic and strategic hiring process have been instrumental in managing 14 businesses. Vlad discusses the challenges and rewards of building a strong organizational culture that prioritizes individual growth, stating, “If people grow, everything flourishes.” Vlad also details the technicalities of email marketing, from optimizing deliverability through tools like SPF and DKIM to refining outreach strategies for diverse industries. He shares examples of surprising success in industries like furniture manufacturing and nonprofits, proving that with the right strategy, even traditional sectors can achieve outstanding results. For entrepreneurs, Vlad offers practical advice on time management, leveraging co-founders, and staying opportunistic, while reinforcing the idea that strong teams and innovative problem-solving are key to sustainable growth.

In This Episode Matt Huff shares his remarkable journey from factory work to becoming the CIO of Tanner LLC, one of the premier accounting firms in Utah. Matt discusses how Tanner has embraced cybersecurity as a core offering, providing services such as SOC 2 compliance, ISO 27001 audits, and penetration testing. He explains how his pragmatic approach to IT helps simplify complex systems and align them with business objectives. Matt delves into his philosophy of keeping things simple and focusing on core business outcomes, emphasizing the importance of balancing security with usability. He highlights the significance of vendor security in today's SaaS-driven world and offers insights into how companies can evaluate their vendors' cybersecurity posture beyond just certifications. Listeners will also gain valuable insights into how IT professionals can better communicate the value of security to business stakeholders and why understanding business objectives is crucial for IT success. Matt underscores the need for IT leaders to position themselves as enablers of growth rather than obstacles, ensuring that security measures support rather than hinder business operations.