Building Trust Through Cybersecurity in a Zero Trust World

[00:00:07] - [Speaker 0]
Is cybersecurity still seen as a tax on growth, or has it quietly become one of the strongest trust signals a business can send? Well, in today's episode of the business of cybersecurity podcast, we're gonna dig into a side of security that rarely makes headlines. And it's not about fear, breach counts, or scare tactics. It's about how security choices shape brand credibility, customer confidence, and long term growth. Yeah.

[00:00:39] - [Speaker 0]
I'm not talking about a cost center. I'm talking about value add stuff here. I wanna get you thinking differently about the value of cybersecurity, especially as AI is becoming embedded in nearly every workflow. So if you're building, scaling, or advising a business in a world where trust is the new currency, today's conversation will ask a simple but uncomfortable question. Are you treating cybersecurity as one of those defensive chores and see it as just another cost center, or do you see it as part of how your business earns trust?

[00:01:18] - [Speaker 0]
But before I get my guest on today, I wanna give a quick thank you to my friends at Denodo. Because one of the questions I hear more and more from listeners on this podcast is, why does AI succeed, or why does it fail? Because let's be honest, AI is moving fast, but success is often still elusive. Now most projects fail not because of the AI, but because the data foundation isn't ready. This is why organizations are increasingly turning to Denodo.

[00:01:50] - [Speaker 0]
Denodo delivers trustworthy and AI ready data without the need to copy it everywhere. So if you're ready to understand why your AI projects fail and how to succeed with AI, simply visit donodo.com and take control of your data world. And with that scene perfectly set, I'm gonna officially introduce you to my guest. So a massive warm welcome to the show. For anyone that has missed our previous conversations, could you just remind them with a little about who you are and what you do?

[00:02:25] - [Speaker 1]
Yeah. Thanks for having me, Neil. So Taylor Hersom. I am the the founder of a company called Eden Data. I am a total cybersecurity and compliance nerd and, have, have been in the the industry now for for a little bit and started at Deloitte.

[00:02:39] - [Speaker 1]
I was a chief security officer, and then I got this crazy idea to start a company right in COVID. And, we've been on a awesome growth path. We recently were acquired by a company called Riveron, but we are a cybersecurity consulting firm. We work with a lot of cool venture backed startups all over the world and scale ups and commercial companies and enterprises and everybody in between because everybody seems to care about security these days.

[00:03:05] - [Speaker 0]
They really do. And one of the things I love about your story is you built Eden Data around this idea that security can actually accelerate growth, and it's so refreshing to hear somebody come at it from this angle. So for anybody listening, though, how can compliance and cybersecurity be used as a strategic advantage rather than necessary burden or another cost center? Because it's so much more than that, isn't it?

[00:03:32] - [Speaker 1]
Yeah. I mean, Neil, you probably remember this, but there was that time in in life where cybersecurity was just fear mongering, and it was fear, uncertainty, doubt, FUD everywhere. And I I think that, I was at the right place at the right time to to be in the industry at a time when everybody started to adopt security because they finally started to see that it was important. And so from there, it's like, how how do you how do you use that to your benefit? Because the other big issue in the industry that a lot of cybersecurity professionals can relate to is that security is looked at as a cost center.

[00:04:03] - [Speaker 1]
It's something I spend money on. I don't get any ROI. It's just that kind of begrudgingly, difficult, department in the, in the company. And and so, we wanted to shift that mindset because it's not true. It's you the the problem with security is that when you spend your dollars on it, you don't immediately see an uptick in sales or an immediate, you know, impact to your to your margin or anything like that.

[00:04:31] - [Speaker 1]
But what you do avoid are things like ending up in the news, which do impact your sales, losing customer trust, and therefore losing customer contracts. And so long winded way to answer your succinct question of saying that we started to shift and say, look. You can actually use security to differentiate yourself from your competitors. You can say, look. We have SOC two and ISO 27,001, and they don't.

[00:04:53] - [Speaker 1]
Or, hey. Here are all the things we're doing with AI to make sure that we're entrusting, that we're being entrusted with your data in an appropriate manner and and that we're treating it respectfully. And going out and being proactive about that rather than waiting for someone to ask, those are all ways to build trust with your customer, which then builds loyalty, which then builds sales, then everyone lives happily ever after.

[00:05:16] - [Speaker 0]
And fast forward to 2026, so we're seeing more and more companies adopting generative AI. A lot of talk around it being the era of agentic AI as well. Companies launching thousands of agents out there into the wild. And as an XIT guy, that makes me nervous. But without wanting to further spread further, fear, uncertainty, and doubt, like you mentioned a moment ago, what are the biggest risks that you're seeing when it comes to safeguarding customer data in this increasingly AI first world that we find ourselves?

[00:05:50] - [Speaker 1]
Yeah. It's a it's a solid question. We're in this weird time in in history where AI is this cool shiny new object, but we don't fully understand it. And we certainly don't understand it from a security perspective. So, historically, the reason for cybersecurity and compliance and government regulation around privacy is because of the data that a company collects.

[00:06:11] - [Speaker 1]
Right? The data is the is the gold mine. That is what is people's Social Security numbers and birthdays and and, sensitive information about their shopping habits. Those are the things you need to protect. Right?

[00:06:22] - [Speaker 1]
Well, AI is no different in that it absorbs a massive amount of data in order to make decisions, in order to provide value. And so right now, we're at this point in history where people are absorbing that data. They're using it to train their models, and they're not it's kind of the Wild West in terms of what enforcement is happening to make sure that that data is, one, appropriate to be used in the first place. Two, the customer understands it's being used, and three, that the output on the other end is going to be appropriate for the customer base and and, and not skewed by the data that's being used. And so, right now, there's not a lot of regulation.

[00:06:58] - [Speaker 1]
There's not a lot of enforcement around AI, and we just don't have a full understanding of how to use it in a secure manner, how to make sure that we are appropriately protecting our customers along the way. You're seeing the security industry kinda scramble to build security strategy around AI specifically. And, and so you're you're you're really right now, we're we're kind of in this limbo state where people are using it, but they're not enforcing security around it. And, we're gonna have to play some catch up. And that's, that's kind of a scary thing.

[00:07:30] - [Speaker 1]
That's, we we want I think that there's a lot of implications we still don't understand that are gonna be coming out, and that's not meant to fearmonger, but rather just say that now we're gonna have to kinda scramble and, ensure that we're enforcing more appropriate habits and and see that, encourage customers to to go more towards security around AI and under and help their customers understand that as well.

[00:07:53] - [Speaker 0]
I also found it incredibly refreshing to read that you've mentioned that cybersecurity isn't just IT's job anymore. So how do you help founders and market leaders turn security into that brand differentiate and and set them apart and and build customer trust? How do you do that? It sounds incredibly impressive. I suspect it's a little bit more difficult than, it sounds in a question, but tell me how you do that.

[00:08:19] - [Speaker 1]
Well, first, the the the first part of your your question was actually just so spot on historically in the industry. IT and compliance and cybersecurity, they were all completely isolated from each other. Privacy, you put that in another bucket. Yeah. So now you're starting to see this meld of of these these different, departments come together because the shared responsibility of of cybersecurity falls on each of those departments.

[00:08:45] - [Speaker 1]
And so IT is in charge of a lot of the infrastructure and a lot of the technology and a lot of the access management. Those are very pertinent parts of security, but they're not the entire picture. And so having people that understand cyber security strategy, having people that understand IT, having people understand privacy, those all have to come together. And it makes it harder to build a team, frankly, to find those kinds of skill sets and put them together, but it also, is a beautiful thing because you now have kind of this this team mentality of a bunch of really cool people coming together to build a really robust security program for for companies. But, the in terms of your your question, how to make security a differentiator for a company, especially for founders and and companies that are trying to scale and make it to their next round and such, that process is actually not too difficult.

[00:09:37] - [Speaker 1]
It really is is a few components. One is just informing your customers about what you're doing. So taking action, going towards standards like if you're a software company, a lot of people are going for SOC two these days. That's kind of like the baseline for folks. There's so many other standards out there that you can also go for in order to have a few different frameworks that you work against and that you are audited against, and you can showcase to your customers.

[00:10:02] - [Speaker 1]
Look. We we really have stringent standards. We've been audited by, multiple parties in order to showcase our security strategy. Just by doing that is a huge differentiator in the space. The other thing that we encourage our customers to do is overshare.

[00:10:17] - [Speaker 1]
So what I mean by that is, we we we build a lot of web pages for our customers where they are bragging about their their security. There's a lot of really cool tools out there. We use one called SafeBase a lot that is, now owned by Drata, side note, but they are it's essentially a way to brag about your security on the Internet. Here's my pen test report. Here's my cyber insurance policy.

[00:10:39] - [Speaker 1]
Here's my latest SOC two report. Those kinds of things, sharing that with your customers in the prospect stage is, is a big differentiator as well. And then the the the I I really think that beyond that, it's just helping your customers and, your partners and everybody understand what are you doing with AI? What are you doing with your data in general? Having a way to explain that in layman's terms before your customers ask for it, another huge differentiator.

[00:11:09] - [Speaker 1]
Companies just aren't doing that right now. They're they're kind of, burying their head in the sand hoping that they don't get asked. But if you can just say, look. These are the ways that we're using your data. These are the ways we're not using your data, these are all the controls we have in place to protect your data while using it in our AI in our LLM models.

[00:11:26] - [Speaker 1]
That's a that's a big, big, big move in the right direction, in terms of differentiating yourself.

[00:11:33] - [Speaker 0]
And, of course, the global conversation around AI regulation is intensifying here early in 2026 when we record this. And I'm curious from everything you're seeing and hearing from your perspective, what do you think this new or a set of new international standards for AI security and data protection will look like? What will they evolve into over the next few years? And presumably, with with the global conflict and things have different regulations all around the world, What's it all gonna look like, do you think?

[00:12:05] - [Speaker 1]
Well, I'll start with this. Cybersecurity professionals are definitely known for their theories. Right? And and this is just a theory, and I I certainly don't have all the answers, but I can look at history. And one of the things that The US has lagged behind on compared to international, is that the we we we don't have a lot of regulation around cybersecurity and compliance comparatively to kinda like the EU.

[00:12:29] - [Speaker 1]
They they set the bar. They set the bar for privacy with GDPR, and now they've set the bar for AI because they have various AI, regulations that have been released on how to how to use data appropriately, what what is allowed, what is not, that sort of thing. And so if I look at that, I do think that, one, we're gonna continue to go in that direction. But but, two, I actually think it's gonna be exacerbated comparatively to cybersecurity law because of one thing and and one thing only, which is that with the race for AI, this this kind of, this silicone curtain of every every country racing to have the best LLMs and to have the best functionality around AI, you you have nation states that get along and nation states that don't. And so, really, the criticality of the efficacy of of your, LLMs is the data behind it.

[00:13:19] - [Speaker 1]
And so if we as countries are starting to, compete in that regard, we already are, for for what it's worth. But if we're continuing down that path, I think it's gonna be more imperative than ever to protect those datasets that are training the models. And so because of that, you're going to have more buy in from government entities around the world in order to, ensure that companies are not just sharing that data, especially with nation with nation states inadvertently too, not just, openly sharing. There's very few companies that do that. They don't wanna share their data, but sometimes, you know, nation states get ahold of it regardless.

[00:13:59] - [Speaker 1]
There's gonna be more enforcement for that reason alone, and that's my speculation.

[00:14:05] - [Speaker 0]
And SOC two compliance, that's also something often seen as a a box ticking exercise in organizations. You mentioned a few moments ago about almost bragging, what what boxes they ticked, and it can be used that way. But for startup founders listening, what should they be doing differently to make sure these frameworks actually improve their business operations and their customer experience? Because very often, enterprises are more, those especially the larger enterprises are more interested in the box ticking exercise, whereas the the startup founders have a completely different set of needs, and they just wanna improve things. So how do you see these, this differing here?

[00:14:45] - [Speaker 1]
Yeah. The the first thing I'll say is I I do respect from a a founder's perspective, you're trying to survive.

[00:14:50] - [Speaker 0]
You're in

[00:14:50] - [Speaker 1]
survival mode. The Walmarts of the world are at a state where they are, going for, brand, reputation. So they're they're looking to keep themselves out of the news as much as possible. Startups are just trying to get to that next round. They're trying to sign that next customer.

[00:15:04] - [Speaker 1]
And so how can you take action knowing, that that's kind of the the goal that you want to protect your customers, but it's not like you have limitless budget and and you have other priorities? One of the biggest things here is focusing on the the fundamentals and ensuring that you are not going through the box ticking exercise. I realize that I'm biased being in the industry, but I've seen it now countless times. Just this week, for example, there is a new, one of the GRC platforms. It got discovered that they had been doing a a rubber stamp audit with a nameless firm, and hundreds of companies had gone through it to get their SOC two report that had been reported to the AICPA.

[00:15:46] - [Speaker 1]
It's now under investigation, and all of those SOC two reports are getting thrown out. So you had companies spending x thousands of dollars on this process, the tooling, the audit, everything, just to have nothing to show for it in the end. So one of the things I encourage customers to do is two pronged. One is is building a security program that's not just a rubber stamp. The the idea of this is is to keep you out of the news as much as it is to get that SOC two report.

[00:16:11] - [Speaker 1]
The the SOC two standard is a great baseline and has a variety of controls that that do allow you to reduce your risk as a company. It's not it doesn't require a bunch of money to go buy a bunch of fancy tools in order to enforce better access management, for example, or, better controls around your cloud environment. So focusing on the the fundamentals and ensuring that, that that you are at least incorporating robust security controls is is one thing. The other is you you you have a bunch of rubber stamp auditors out there, and, unfortunately, that process makes it very easy to go through an audit and get a report. That doesn't help anyone.

[00:16:54] - [Speaker 1]
As I mentioned before, going through with an auditor that's actually a a decent partner that is going to to help you prepare for the audit, give you the resources that you need to understand on on what you're gonna need to to meet the expectations, and then also gauging your security posture accurately. That's the entire point of auditors. And, unfortunately, we've gotten to an industry where or gotten to a point in the industry where if an auditor gives you a finding, people throw a temper tantrum, and they just go hire a new auditor. It's crazy. Like, it just completely combats what what we're trying to achieve, which is to to reduce the the risk of of, your your security program and and the security risk that you have across your organization.

[00:17:36] - [Speaker 1]
So those are two things that I would say. Last thing I would say too is is just, being honest with your customers. There's, a lot of security questionnaires that go out. And, so Walmart says, I wanna work with you. Here's a security questionnaire that you need to fill out.

[00:17:51] - [Speaker 1]
Just taking the time to answer those questions in detail rather than just, putting one word answers and and get, misleading your customer, and we've seen it all, unfortunately. Just by spending the time there, it shows to the to the vendor or I'm sorry, to the customer that you're selling to that you have your act together, that you care about this, and that goes a long way. You you, we see that left and right, with with our current customer base and and beyond.

[00:18:18] - [Speaker 0]
Just wanna give a big thank you to my sponsor who is supporting every show, every episode across the Tech Talks network. And this month, I'm proud to be partnering with Alcor. And anyone who's tried to scale an engineering team across borders, they will know firsthand how messy it can get because they deal with endless providers, then there's confusing rules to deal with in each and every region and fees that always seem to surface at the last minute. Now, Elcore, they solve that by acting as a partner rather than just an intermediary. And they focus on tech teams that expand in Eastern Europe and Latin America, and they bring employer of record services together with recruiting.

[00:19:00] - [Speaker 0]
So, essentially, they help you pick the right country, source the right engineers, and assess them properly, and then get them active for you and your company within days. And one of the things that stands out for me is the financial transparency. Around 85% of what you pay goes directly to your engineers. Their fee goes down as your team grows, and if you ever wanted to bring your team in house, you do so with no exit cost. That kind of clarity is why Silicon Valley startups, including several unicorns, have chosen Alcor, and you can find out more by simply going to alcor.com/podcast or follow the link in the show notes below.

[00:19:43] - [Speaker 0]
And I think if anyone listening is scrolling down their news feed or has done over the holidays, they will could think that AI, bots, cybercriminals are all out together and are gonna infiltrate our systems and and, cause data breaches, etcetera. But, of course, although there are elements of truth there, there was no avoiding the fact that many breaches aren't caused by some group of elite hackers, but simple everyday human mistakes that we may make in the workplace. So are there any practical steps that teams can take to build that or improve that genuine culture of cybersecurity awareness and finally retire that once a year annual compliance exercise of just tip ticking a box for thirty minutes, and then, hey. You're done till next year. How can we really improve this culture of cybersecurity awareness?

[00:20:33] - [Speaker 0]
We've been talking about it for over a decade now, but are are you seeing any improvements?

[00:20:39] - [Speaker 1]
Yes. Absolutely. I think, first of all, it's a it's a phenomenal question. Second of all, it's there there's a there's a few ways that I would

[00:20:45] - [Speaker 0]
Yeah.

[00:20:46] - [Speaker 1]
Tackle this. One is we encourage everybody, our our customers especially, that anytime you can remove a human from the loop, you should remove a human from the loop. And what I mean by that is that humans are great at creativity. We're great at, doing things, various tasks and and, building amazing things. We're not so great at, paying attention every single time we open an email to see, you know, who it came from and whether the link looks suspicious and all those things.

[00:21:17] - [Speaker 1]
We just aren't great at paying attention to that kind of detail because half time, people don't care. Like, I I it's not the most riveting topic in the world to constantly be talking about security and compliance. So when you can remove a human, that helps because, the because AI systems are are, AI and systems are better at, at removing risk altogether. And and so to give a rudimentary example is is email. So rather than relying on Betty Sue in HR to pay attention to every email that she ever gets, why don't you adopt a tool?

[00:21:50] - [Speaker 1]
There's countless tools on the Internet now that filter your emails, that actually precheck links in a sandbox to see if they are malicious or not, and then remove that email. She should never see that email if it is suspicious. If and so that's that's one example. On the development side, we still see a lot of developers that are manually checking in and out code, or they're allowing their developers that are developing the code to also approve the code and then move it to production. GitHub, GitLab, all of these great, these software development tools have a functionality where you can avoid all that altogether and systematically, you can check your code automatically.

[00:22:30] - [Speaker 1]
You can make sure that the person that's developing it is not the person promoting it. There's access management, tooling, and that's all available in the licenses that cost, you know, $10 a month. So I encourage people to lean on systems more. And then the last thing I'll say is that monitoring is such a huge function. Monitoring historically was a very expensive process.

[00:22:51] - [Speaker 1]
What I mean by monitoring is just knowing when you have a suspicious new account in your AWS environment or when you have someone that just downloaded your entire code base or whatever the case may be. There there a lot of times, the reason that people we struggled with breaches. I don't know if you remember in the in the teens era where we were talking about, oh, it's takes fifteen months for the average company to even know if they've been breached. It's because there was no monitoring in place. Well, now that that technology is really cheap or or free in some cases.

[00:23:21] - [Speaker 1]
And so AWS, GCP, they have free security tools for monitoring where you can alert to that sort of thing. GitHub, GitLab, all of these do as well. You can buy inexpensive compliance automation tools. There's Drata, Vanta, Secure Frame, Hyperproof. You've got all these these cool companies in the world that will plug into your, various tools and alert you on them, alert you on suspicious activity.

[00:23:45] - [Speaker 1]
And so that's where I really encourage people to focus, just because it's easier than ever to do it.

[00:23:52] - [Speaker 0]
And, of course, AI tools, they're now becoming part of nearly every workflow. And even the businesses that might be listening thinking, well, we don't really use AI. Shadow AI means that your staff are probably using it without you realizing it. But, of course, all these things can introduce hidden risks as well as deliver great value. So how should companies better evaluate and govern their AI usage to stay compliant, stay secure with that shadow AI problem waiting in the wings too?

[00:24:21] - [Speaker 1]
Yeah. Gosh. Darn it. This one is hard because it is so easy to adopt tools on the Internet. That's been going on for a while, which is where shadow IT even you know, where that that terminology is originated from.

[00:24:33] - [Speaker 1]
It's easier than ever to go sign up for a free trial with SaaS. But now that's been exacerbated because everybody and their mother in the SaaS industry has AI components in their platform. And so now you get access to those for free or or for cheap. And and so, really, this is quite a hard problem to solve. One of the biggest things that we encourage, folks to to think about is having kind of a checks and balances for who can adopt tooling.

[00:24:59] - [Speaker 1]
So the first of all, that's that's gonna be an important component. Who who has the ability to pay for tooling? What is your process for approving tooling? So that's one thing, but you can't rely on humans, back to my previous point, to just do everything correctly. And so, there's gonna be a monitoring mechanism to this as well.

[00:25:18] - [Speaker 1]
So there are various platforms out there, including some free features with, like, I think of Google Workspace where you have the ability to check what tools people are connecting their their, email accounts to. So everything is single sign on these days, and so they, you have the ability to to be alerted if someone is adopting a net new tool. And so that's a that's an important component. And then having checks and balances on the finance side, that's a who who can actually go and and pay for something? Because free trials, yes, that's one thing.

[00:25:53] - [Speaker 1]
But having having checks and balances on the finance side, who can pay for it, and then having checks and balances on the side of the dataset itself, who actually has access to be able to upload data or connect our systems to data, limiting those admin rights. You usually have to have be an administrator in a system to be able to connect two systems together. Right? And so those are some easy things that can be done, and they don't cost money. They just takes someone a a little bit of time.

[00:26:20] - [Speaker 0]
And if we were to look ahead, how do you see the role of cybersecurity continuing to evolve as both a a marketing superpower that we don't hear about enough and a a foundation for long term customer relationships? This is the exciting time side of things that we don't talk about. You won't see in your news feeds. But to replace that foot with some optimism, tell me about how you see all this evolving in the future.

[00:26:46] - [Speaker 1]
Absolutely. So I I do think that we are moving towards a state like, everybody craps on AI in the cybersecurity industry, especially. But, all in all, the I I see it being a net positive. It just is a it's with great power comes great responsibility. We have to be able to have appropriate, knowledge around how to use these platforms.

[00:27:09] - [Speaker 1]
But the thing that I'm most excited about is that the cybersecurity industry in general has been plagued with short staff, burnout, not enough specialties for the I mean, there's a 114 different cybersecurity domains that you could specialize in. The the there historically, there's just not been enough humans to solve the problem. And the humans that are in the industry, it it often feels like a thankless job. You've got, you know, the debacles like Uber where the CISO is getting criminally charged, and so it just doesn't it it's it it makes it hard to be in the industry sometimes. I I actually think AI is gonna solve a lot of those problems because a lot of the work that was being done felt overwhelming.

[00:27:52] - [Speaker 1]
Like, there weren't enough bodies to do it, and a lot of that work was also menial. It's scanning through logs. It's paying attention to these these monitoring alerts. It's configuring tools endlessly. Well, as AI gets better, it's already doing those things really, really well.

[00:28:06] - [Speaker 1]
And so leveraging that in security, I think, is gonna be really incredible. And then back to our original topic of how do I use this as a company, being able to brag about that. Be like, not only do we use AI in our platform, and and these are the great ways that we use it and and protect your data, everything we talk about, but we also use AI on the security side to better protect your data, and these are the ways that we do that. So there are some really cool opportunities to be able to really just enhance your security posture by using AI, and that's where all of this is is quite beautiful. The last thing I'll say too is that we finally are seeing a few AI regulations and standards come out.

[00:28:45] - [Speaker 1]
And so just like SOC two took off and was the bragging rights, I I think things like ISO 42,001, which is the the the closest thing to that we have to a a certification that you can hang up on your digital fridge, for, AI security. I I think that companies are gonna adopt that now. Only a couple 100 companies in the world have it right now, which is absurd. But at some point, that's going to take off. That's gonna reach velocity, and people are gonna be able to use that to brag about.

[00:29:13] - [Speaker 1]
And it's a great starting point. It's a great gold star standard for you to be able to build some form of security strategy in AI, and that makes me really, really excited.

[00:29:25] - [Speaker 0]
Oh, absolutely. Love it. It's a pleasure as always to chat with you. But before I let you go, as you know, we do have some unfinished business. I always like to end on a positive note, and we have a book list where I ask my guests to leave a book that we can, the listeners can check out.

[00:29:43] - [Speaker 0]
And equally, there was a Spotify playlist where we can add a song people can listen to. But all I'm gonna ask is what are you gonna add and why?

[00:29:52] - [Speaker 1]
Oh my goodness. Okay. So for the book list, let's oh, this one's hard. I, you know, I actually I recently I love to read, and I try to diversify. And one of the ones I just read that was really impactful for I don't even know why, but it's called the correspondent.

[00:30:12] - [Speaker 1]
And it's a it's a one of the best books of 2025 rated, and it's a fantastic, fictional account of someone that communicates in the form of letters with people in the world and, kinda follows her life, through these letters. And sounds boring, but I promise it was it's such a good book. Such a good book. Very impactful. So

[00:30:32] - [Speaker 0]
Oh, I love it. Well, we'll get that added straight to the Amazon wish list. And dare I ask you for a song? Guilty pleasures are allowed. Any sound

[00:30:40] - [Speaker 1]
like Absolutely. You know, I I love to listen to nonverbal, like, lo fi and instrumental, and I'm a big fan. Gotta give a shout out being from Austin, Texas to, explosions in the sky as the band. And then the, the song is your hand in mine. That's a that's a fantastic song to, jam out to and work to, and, I I I strongly recommend it.

[00:31:07] - [Speaker 0]
Yes. Me too. I had that at my wedding as well. So that's Oh, no way. I love it.

[00:31:13] - [Speaker 1]
This was not scripted.

[00:31:15] - [Speaker 0]
It really wasn't completely. I love it. Well, I'm gonna add it to the Spotify playlist playlist. And finally, for anyone listening, just wanna find out more information about you, your work, carry on this conversation that we started today, where where would you like to point them?

[00:31:31] - [Speaker 1]
Yeah. Well, would be honored to connect with anyone listening in, but I think LinkedIn is the best place to find me. So that's where I'm the most active. I'm not so good on the, the other ones, but love to be on LinkedIn.

[00:31:43] - [Speaker 0]
Awesome. Well, I'll add a link to your LinkedIn and everything that you're doing at Even Day too as well. I'd urge people to check you out, but it's a absolute pleasure as always speaking with you. And, hopefully, we can speak again a little later in the year, but thanks for joining me today.

[00:31:57] - [Speaker 1]
Always a pleasure, Neil, and thanks for having me.

[00:32:00] - [Speaker 0]
I think having listened to my guest today, I think the companies that win trust over the next few years, they won't be the ones with the longest policies or the loudest claims. They'll be the ones that can clearly explain how they protect data, how they think about AI risk, and why their security posture deserves confidence. Because cybersecurity is no longer confined to IT teams, compliance training, and annual audits. It's now showing up in sales conversations, board discussions, and customer relationships. So here is something to think about after listening to the interview today.

[00:32:36] - [Speaker 0]
If a customer asks you today, why should they trust your business with their data? Would your answer feel like a compliance response, a robotic answer, or is it a genuine part of your story? Love to hear your thoughts on what this episode made you rethink, or maybe it didn't. Whatever. Tech blog writer outlook.com.

[00:32:59] - [Speaker 0]
Techtalksnetwork.com. You can find more information there, and you can also leave me an audio message. But I'd love to hear your thoughts on anything that you've heard today and what it made you think and what your experiences are and what you might or might not be doing differently. Let me know. Other than that, I'll be back again soon with another episode.

[00:33:18] - [Speaker 0]
Bye for now.