What's Hot from This Kitchen?

John Herrema has spent his career in security product. At this point, he has one conviction above all others: the most worthwhile security strategy is resilience. And the ability to snap back fast, or better yet, never go down in the first place.

Aftab Banth has spent his career on the other side of that argument, as the person who has to actually execute under pressure. His conviction is simpler: the technical challenges are the easy part. You put smart people at a whiteboard and they figure it out. What they can't figure out on a whiteboard is muscle memory. That's what fails when things get real.

Together, they make a compelling case that resilience isn't a product category. It's a discipline.

Joining them in the kitchen is host Rick Howard, CEO of the Cybersecurity Canon Project, keeping things moving between the stove and the big questions.

John is making lasagna, and he's not shy about the metaphor. Each layer he builds maps directly to a layer of the resilience framework: firmware at the base, visibility and control, security controls, self-healing, patching, and a rehydrate capability on top that can bring an entire OS back from bare metal in under 30 minutes. Aftab's chicken fried rice is its own kind of lesson: every ingredient prepped, every step rehearsed, and when the moment comes, you execute.

‍

What You’ll Learn

• "The leaky bucket": Aftab's term for what actually undermines security programs; technical gaps are fixable, but the process and muscle memory gaps are where things fall apart when the pressure is on
• Resilience as the endgame: John's conviction after a full career in security: prevention will never be perfect, detection gets close to real time, but the thing you'll actually be measured on is downtime; resilience is the strategy worth building
• Rehydrate: how Absolute Security's firmware-embedded agent can perform a surgical repair or restore an entire OS from bare metal, remotely, in under 30 minutes, even after a device has been wiped or tampered with
• The AI native employee: Aftab's term for the new generation building tools with AI without formal coding backgrounds, and what that shift means for how security teams hire, train, and operate
• The AGI inflection point: John's 3 to 5 year warning: when AI agents can do everything as well as or better than people, the identity and trust problem becomes the central security challenge; teams using AI-era tools now will be in a different position than those who aren't

‍

Links for More Delicious Bits

SUBSCRIBE to our YOUTUBE channel here

‍Reserve a table on Cooking with CISOs

‍Check out our media kit for more sponsorship information

Watch why security leaders LOVE this experience more than other formats

Follow behind-the-apron moments on Instagram

‍

‍