KBKAST

Richard Stiennon is Chief Research Analyst for IT-Harvest, the firm he founded in 2005 to cover the 3,051+ vendors that make up the IT security industry. He has presented on the topic of cybersecurity in 31 countries on six continents. He was a lecturer at Charles Sturt University in Australia. He is the author of Surviving Cyberwar (Government Institutes, 2010) and Washington Post Best Seller, There Will Be Cyberwar.  Stiennon was Chief Strategy Officer for Blancco Technology Group, the Chief Marketing Officer for Fortinet, Inc. and VP Threat Research at Webroot Software. Prior to that he was VP Research at Gartner. He has a B.S. in Aerospace Engineering and his MA in War in the Modern World from King’s College, London. His latest book Security Yearbook 2022 was released in June, 2022. Get a copy here.

Data is exploding. Environments are getting noisier and the line between observability and security, it’s basically gone. Search isn’t just a feature anymore, it’s infrastructure. It’s how you see, how you detect, and ultimately how you defend from ai, power detection, engineering to unified visibility across logs, metrics, t races and security telemetry. We’re officially in a world where if you can’t search it in real time, you can’t secure it.

This bonus episode features Mandy Andress, CISO at Elastic, live from Elastic{ON} Sydney 2026. As Australia navigates its unique, sector-led approach to AI regulation, Karissa Breen and Mandy Andress explore the challenges—and opportunities—facing CISOs on the front lines of the agentic AI revolution.

Mandy Andress is currently the CISO of Elastic and has a long career focused on information risk and security.‬ Prior to Elastic, Mandy led the information security function at MassMutual and established and built information security programs at TiVo, Evant, and Privada. She worked as a security consultant with Ernst & Young and Deloitte & Touche, focusing on energy, financial services, and Internet technology clients with global operations. She also founded an information security consulting company with clients ranging from Fortune‬ 100 companies to start up organizations.‬

‭She is a published author, with her book Surviving Security having two editions and used at multiple‬ universities around the world as the textbook for foundation information security courses. Mandy also tested‬ and reviewed information security products for multiple publications as well as serving as the author for the weekly InfoWorld security column. She has been a sought after expert in the field, speaking at signature‬ security conferences such as BlackHat and Networld+Interop. In addition, she has taught a graduate level‬ Information Risk Management course for UMass Amherst in the College of Information and Computer‬ Sciences.‬

Mandy has a JD from Western New England University, a Master’s in Management Information Systems from Texas A&M University, and a B.B.A in Accounting from Texas A&M University. Mandy is a CISSP, CPA, and‬ member of the Texas Bar.‬

In this episode, we sit down with Simon Cook, Director of New Offerings at Genetec, as he discusses the convergence between physical and cybersecurity, and the impact of global standards such as GDPR and IRAP on industry practices. Simon details the shift from siloed teams to collaborative approaches, highlighting how increased connectivity and advancements like generative AI have expanded the attack surface, making cyber risks a broader business concern. He explores the ongoing challenges of device security—from consumer cameras to enterprise solutions—and the market’s growing awareness of attack vectors stemming from seemingly innocuous network devices. Simon also unpacks the complexities of privacy legislation, especially the right to be forgotten, emphasizing the need for technology providers to embed privacy and trust by design at every stage of product development. Finally, he offers insight into the future direction of physical security, predicting the acceleration of proactive, technology-driven systems and deeper integration of compliance frameworks worldwide.

Simon is a highly motivated, innovative and creative security professional with almost 20 years’ experience in the Pre-Sales and design space working with hardware, software and cloud solutions. Leadership experience and a proven track record of success growing and evolving teams in both medium and large organisations and on a global scale. Accustomed to speaking up to C- Level, in public forums and to press. A commercial techie that is inspired by good products, and passionate and motivated people.

In this episode, we sit down with Omar Khawaja, Vice President of Security and Field CISO at Databricks, as he explores the intersection of data, AI, and cybersecurity defense. Omar addresses the real fatigue facing CISOs amidst rising AI hype, emphasizing that combining high-quality data with AI—not just AI alone—is pivotal to effective cyber defense. He shares insights on the growing need for organizations to get their data in order, challenges in adapting operating models for AI, and the importance of reducing security tool sprawl through robust, unified platforms. Omar also discusses the increasing role of AI agents in automating routine tasks, the evolving skills required to leverage AI securely, and why mature frameworks and a growth mindset are critical as organizations navigate the complexities and risks of AI adoption.

Omar Khawaja is the VP, Field CISO at Databricks where he gets to work with CISOs to help them securely shepherd their organisations’ data+AI journey. He leads Databricks’ Field Security practice globally, teaches at Carnegie Mellon’s CISO program, sits on the boards of HITRUST and FAIR Institute, spent 9 years as CISO of a $26B enterprise and is leading a team that developed an actionable AI security framework for 11,000 enterprise data platform customers at Databricks.

In this episode, we sit down with Lisa Black, Director of Public Sector at Aeon Nexus Corporation, as she shares her perspectives on crisis leadership and organizational resilience when critical systems fail. Lisa draws from her extensive background leading government operations to highlight how real risk in a crisis is often less about technology and more about maintaining trust, clear communication, and effective decision-making under pressure.

We explore the pitfalls of traditional and predictable crisis training, the importance of cross-training team members, and the value of embedding continuous improvement and consequence-based learning into daily operations. Lisa also discusses the crucial role of cadence in incident communications, the need to manage rumor mills and public scrutiny, consequences of over-reliance on technology, and why true collaboration between public and private sectors is essential to strengthen defenses against modern threats.

Lisa Black is the Director of Public Sector at Aeon Nexus Corporation where she consults with government clients who are committed to enhancing justice through modernizing technology. Utilizing Aeon’s legal case management solution to deliver a single, secure, centralized, cloud-based system to public sector entities Lisa and her company work with public safety agencies, the offices of District Attorneys, Public Defenders, mediators and courts throughout the US.

With over two decades of government experience, Lisa previously served as the Chief Deputy County Executive in Suffolk County, NY. There she managed the daily operations of a local government that served 1.5 million residents with a $4 Billion budget and a workforce of approximately 12,000 staff. Lisa has also held leadership roles with two NY State Senate Majority Leaders, two New York City Mayors and a NY Governor serving as Senior Advisor at the NYS Division of Homeland Security and Emergency Services.

Lisa’s advantage in serving in both republican and democratic governments has been instrumental in her ability to communicate across the aisle where she has been involved in crisis and emergency management for over half of her career. Formerly trained in emergency management and operational decision-making during crisis, Lisa has also earned certificates in Government Leadership and Cybersecurity Policy and Technology from the JFK School of Government at Harvard University Executive Education Program. Importantly, her skills and training helped her lead the Unified Command Incident Response to a 2022 countywide ransomware attack including incident identification, containment, eradication and operational recovery.

She has spoken publicly about the experience at conferences and forums across the US including those with the NY State Association of Counties (NYSAC), the US Secret Service Cyber Fraud Task Force, NY State Local Government Information Technology Directors Association (NYSLGITDA), the National Federation of Municipal Analysts (NFMA), the International Association of Emergency Manager’s (IAEM) Region II Inaugural Conference, the National Association of Counties (NACo) Chief Information Officer Forum, the FBI & Fordham Law School’s International Cyber Security Summit and the 2020Partners Counterterrorism, Counter-Narcotics & Cyber Security Miami Conference.