Qohash
Future of Data Security
Welcome to Future of Data Security, the podcast where industry leaders come together to share their insights, lessons, and strategies on the forefront of data security. Each episode features in-depth interviews with top CISOs and security experts who discuss real-world solutions, innovations, and the latest technologies that are shaping the future of cybersecurity across various industries. Join us to gain actionable advice and stay ahead in the ever-evolving world of data security.
Author
Qohash
Category
Podcast website
Latest episode
Jun 2, 2026
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
EP 37 — Digital Turbine's Vivek Menon on Why Shadow AI Has Lapped Shadow IT 02.06.2026 28:46
Vivek Menon's board stopped asking about patching schedules and vulnerability counts. Their questions now center on AI risk posture, and the governance tools meant to answer them lag one to two months behind at best. Vivek, CISO and Head of Enterprise Data at Digital Turbine, tells Jean how he runs AI SOC agents that compressed a 10-person workload to 4 while holding headcount flat from this p...
EP 36 — ruby's George Al-Koura on why 15 certifications still won't save you in a live SOC scenario 20.05.2026 51:43
George Al-Koura refuses to let AI agents run in his production environment. As CISO at ruby, the parent company of Ashley Madison, he's protecting data where a breach doesn't just expose PII but reveals people's most private thoughts and relationships across a global user base. George tells Jean why the hardest data security challenge is still foundational: too many leaders in the space can't dist...
EP 35 — Snyk's Kate Helin on Governing Agentic AI before the Regulatory Guidance Catches Up 05.05.2026 26:02
Kate Helin , Legal Director of Privacy & Data Security at Snyk , argues that agents have already become the biggest security risk in most enterprise tech stacks, and that most organizations are not set up to address it. The core problem is not a lack of controls. It is that no single function has full visibility into how agents behave. Kate's approach is to convene legal, security, R&D...
EP 34 — Cyderes’ Stephen Fridakis on Ephemeral Credentials and Just-in-Time Access 21.04.2026 29:06
Stephen Fridakis , CISO in Residence at Cyderes , comes to this conversation with a framework that cuts against how most security teams still operate: stop thinking about perimeters, start thinking about consequences. His argument is that the question of "are we secure or not" is not just unhelpful, it's the wrong unit of measurement entirely, and he offers a more honest alternative...
EP 33 — TELUS’ Jesslyn Dymond on the Gap between AI Use and AI Literacy in Enterprise Adoption 07.04.2026 49:08
TELUS didn't wait for generative AI to arrive before building governance infrastructure. Jesslyn Dymond , Director of AI Governance & Data Ethics, joined the company in 2019 to stand up responsible AI practices alongside the machine learning teams building them, which meant that when generative AI hit, the governance scaffolding was already there. Jesslyn walks through the specific structu...
EP 32 — Polymer's Yasir Ali on Team Composition over Talent When Scaling Interdependent Platforms 24.03.2026 28:19
Polymer's runtime security approach operates at the file and message level, intercepting content in real-time within workflows like Slack and Zendesk to redact, block, or grant granular access based on specific entities found inside documents. This contrasts with traditional perimeter-based security where access is binary: you're either in the club or out. Yasir Ali , Founder & CEO of...
EP 31 — Arbor Memorial's Teij Janki on why adding AI before fixing process amplifies weaknesses 10.03.2026 23:34
Teij Janki , CISO & Director of IT Governance Risk & Compliance at Arbor Memorial , has spent 30 years moving through the full stack of security, and his view is that the sequencing most teams follow is backwards. His principle is that technology does not solve processes, it amplifies them. That means deploying a tool before fixing the underlying process weakness just scales the problem. T...
EP 30 — Postman's Sam Chehab on Three Unteachable Traits He Hires For 24.02.2026 27:52
At Postman 's scale of 40 million developers generating billions of API requests, Sam Chehab , Head of Security & IT, centers on three enforcement domains: authenticated and encrypted data paths, zero-trust inter-service communication, and runtime instrumentation. His vendor evaluation is just as precise, cutting past feature lists to one demand: show me the architecture diagram and walk t...
EP 29 — Age of Learning's Carl Stern on Why Certifications Are Side Effects, Not Final Goals 10.02.2026 29:45
Carl Stern , VP of Information Security at Age of Learning , explains why forcing controls into place without executive alignment guarantees you'll fight uphill battles every single day, as people begin to see security as a blocker rather than a business enabler. Instead, he starts with identifying crown jewels and acceptable risk levels before selecting any frameworks or tools, ensuring the p...
EP 28 — National Bank's Andre Boucher on Managing AI without Shadow IT Friction 27.01.2026 38:59
André Boucher , SVP Technology and Information Security (CTO/CISO) at National Bank of Canada , managed the transition from commanding Canadian Forces Cyber Command to leading security at a systemically important financial institution by recognizing that governance expertise matters more than technical depth at scale. His approach to shadow AI involves enabling experimentation early with secure pl...
EP 27 — Turntide's Paul Knight on Zero Trust for Unpatchable Production Systems 15.01.2026 25:32
When manufacturers discover their IP and other valuable data points have been encrypted or deleted, the company faces existential risk. Paul Knight , VP Information Technology & CISO at Turntide , explains why OT security operates under fundamentally different constraints than IT: you can't patch legacy systems when regulatory requirements lock down production lines, and manufacturer obsolesce...
EP 26 — Handshake's Rupa Parameswaran on Mapping Happy Paths to Catch AI Data Leakage 19.12.2025 24:49
Rupa Parameswaran , VP of Security & IT at Handshake , tackles AI security by starting with mapping happy paths: document every legitimate route for accessing, adding, moving, and removing your crown jewels, then flag everything outside those paths. When vendors like ChatGPT inadvertently get connected to an entire workspace instead of individual accounts (scope creep that she's witnessed firs...
EP 25 — Cybersecurity Executive Arvind Raman on Hand-in-Glove CDO-CISO Partnership 02.12.2025 21:38
Arvind Raman — Board-level Cybersecurity Executive | CISO roles at Blackberry & Mitel , rebuilt cybersecurity from a compliance function into a business differentiator. His approach reveals why organizations focusing solely on tools miss the fundamental issue: without clear data ownership and accountability, no technology stack solves visibility and control problems. He identifies the critical...
EP 24 — Apiiro's Karen Cohen on Emerging Risk Types in AI-Generated Code 30.10.2025 20:22
AI coding assistants are generating pull requests with 3x more commits than human developers, creating a code review bottleneck that manual processes can't handle. Karen Cohen , VP of Product Management of Apiiro , warns how AI-generated code introduces different risk patterns, particularly around privilege management, that are harder to detect than traditional syntax errors. Her research shows th...
EP 23 — IBM's Nic Chavez on Why Data Comes Before AI 14.10.2025 31:34
When IBM acquired Datastax, they inherited an experiment that proved something remarkable about enterprise AI adoption. Project Catalyst gave everyone in the company — not just engineers — a budget to build whatever they wanted using AI coding assistants. Nic Chavez , CISO of Data & AI, explains why this matters for the 99% of enterprise AI projects currently stuck in pilot purgatory: technica...
EP 22 — Databricks' Omar Khawaja on Why Inertia Is Security's Greatest Enemy 18.09.2025 31:34
What if inertia — not attackers — is security's greatest enemy? At Databricks , CISO Omar Khawaja transformed this insight into a systematic approach that flips traditional security thinking on its head and treats employees as assets rather than threats. Omar offers his T-junction methodology for breaking organizational inertia: instead of letting teams default to existing behaviors, he creates...
EP 21 — Sendbird's Yashvier Kosaraju on Creating Shared Responsibility Models for AI Data Security 28.08.2025 20:40
Sendbird had AI agents take backend actions on behalf of customers while processing sensitive support data across multiple LLM providers. This required building contractual frameworks that prevent customer data from training generic models while maintaining the feedback loops needed for enterprise-grade AI performance. CISO Yashvier Kosaraju walks Jean through their approach to securing agentic...
EP 20 — MoonPay's Doug Innocenti on The Gut Instinct Gap in AI Security Operations 14.08.2025 22:36
What happens when you scale a crypto company across 160+ countries while maintaining the same security standards as Wells Fargo? At MoonPay , it meant rethinking how traditional banking security translates to high-velocity fintech environments. Doug Innocenti , CISO, breaks down how his team achieved PCI, SOC 2 Type 2, and regulatory licenses like BitLicense and MiCA without slowing product develo...
EP 19 — Cribl's Myke Lyons on Data Hierarchies That Cut Security Costs 31.07.2025 28:51
Myke Lyons brings an unconventional background to cybersecurity leadership, having trained as a chef before discovering his passion for breaking and rebuilding IT systems. As CISO at Cribl , he applies culinary principles like mise en place to security operations while solving the fundamental economics problem facing every security team. The math is unforgiving, he tells Jean : data volumes grow...
Ask Jean – Why Doesn't 100% Data Coverage Equal 100% Protection? 17.07.2025 2:41
Welcome to a special edition of Future of Data Security, where our host Jean Le Bouthillier answers the top questions our listeners have asked us. In today's episode, Jean addresses why 100% data coverage doesn’t equal 100% protection. Would you like to have Jean answer one of your questions in a future episode? Email podcast@qohash.com with your question and a short summary of why you're looki...
Ask Jean – How Does Data Visibility Transform Crisis into Calm? 27.06.2025 2:22
Welcome to a special edition of Future of Data Security, where our host Jean Le Bouthillier answers the top questions our listeners have asked us. In today's episode, Jean addresses how data visibility can turn crisis into calm. Would you like to have Jean answer one of your questions in a future episode? Email podcast@qohash.com with your question and a short summary of why you're looking for an...
EP 18 — GW Law’s Robert Kang on Why Moving Too Slow With AI Creates Shadow Adoption 19.06.2025 29:16
Robert Kang , Professorial Lecturer of Cybersecurity & National Security, The George Washington University Law School , has been building enterprise cybersecurity programs since 2009, making him one of the “OG” practitioners when most organizations didn't even have dedicated cyber counsel. His unique perspective comes from protecting both critical infrastructure and social media platforms, hig...
Ask Jean - What's The Fastest Way To Reduce Data Security Risk? 12.06.2025 2:27
Welcome to a special edition of Future of Data Security, where our host Jean Le Bouthillier answers the top questions our listeners have asked us. In today's episode, Jean addresses the fastest way to reduce data security risk. Would you like to have Jean answer one of your questions in a future episode? Email podcast@qohash.com with your question and a short summary of why you're looking for a...
EP 17 — Modern Health’s Michael Hensley on Healthcare Security Beyond HIPAA Compliance Checkboxes 05.06.2025 26:29
The healthcare industry's digital transformation has created unprecedented opportunities for patient care delivery, but it's also introduced complex security challenges that extend far beyond traditional compliance frameworks. Michael Hensley , Director of Cyber Security at Modern Health , brings a unique perspective to protecting private — and heavily regulated — health data while maintaining the...
Ask Jean - How Does GenAI Reshape Data Security Risk? 27.05.2025 2:38
Welcome to a special edition of Future of Data Security, where our host Jean Le Bouthillier answers the top questions our listeners have asked us. In today's episode, Jean addresses how GenAI is reshaping data security risk. Would you like to have Jean answer one of your questions in a future episode? Email podcast@qohash.com with your question and a short summary of why you're looking for an ans...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.