What if the biggest weakness in cybersecurity isn't the technology, but the way defenders communicate with each other?
Cybercriminals openly exchange techniques, vulnerabilities, and attack methods, constantly learning from one another. Meanwhile, many organizations remain reluctant to share details of breaches, investigations, or lessons learned. In this episode, I sit down with Lee Sult, Chief Investigator at Binalyze, to discuss why that imbalance is creating an advantage for attackers and what the industry can do to change it.
Drawing on almost two decades in digital forensics and incident response, including work with Palantir, law enforcement agencies, and government organizations, Lee explains why cybersecurity should learn from industries such as aviation and emergency services, where every major incident becomes an opportunity for everyone to improve. We discuss why incident response needs to move beyond reacting to alerts, how proactive threat hunting can reduce attacker dwell time, and why repeatable investigation processes are becoming just as important as the security tools themselves.
We also explore the growing influence of AI, not because it is making attackers dramatically smarter, but because it is lowering the barrier to entry and increasing the volume of attacks security teams must handle. Lee shares why automation is becoming essential for investigators, how organizations can move from hours to minutes when responding to threats, and why cybersecurity is steadily becoming a boardroom issue rather than simply an IT concern.
If cybersecurity is truly an information war, what would happen if defenders became just as collaborative as the attackers they face every day? After listening, I'd love to hear your thoughts. Should organizations be more open about cyber incidents if it helps strengthen security for everyone?