Home Podcasts Risky Business Features
Risky Business Features

Risky Business Features

Risky Business Media 23 Episodes Jun 30, 2026

Join reformed CTO James Wilson as he dives deep on cybersecurity topics through an enterprise lens. From solo content and interviews with CISOs and researchers to vendor and startup deep dives, James does a bit of everything.

Episodes

Mythos on your desk? Using local LLMs for code reviews Jun 30, 2026 4289 In this podcast episode James Wilson chats with Karsten Nohl about his research into using local LLMs to replace cloud AI in security code reviews. In essence, Karsten created a hybrid code reviewing system where both cloud and local models are used to orchestrate, triage outputs, and write reports. In this system, only the local LLMs have source code access, with t
Pitching security startups to VCs in the AI era Jun 23, 2026 2114 In this podcast Patrick Gray and James Wilson chat with Decibel Partners founder and Managing Partner Jon Sakoda to talk about pitching cybersecurity startups to VC firms in the AI age. Coding agents and large language models have made it easier than ever to create software products, but despite this, the bar for what interests an investor is still largely the same.
How using open weight models can blow up in your face Jun 19, 2026 2585 In this podcast episode James Wilson and Brad Arkin talk about how to safely use open weight large language models in the enterprise. The cost of frontier models was already driving interest in freely available open weight models like DeepSeek, Kimi and Qwen. But now the US government is forcing Anthropic to pull its Fable and Mythors models from the market, the argu
The state of the art in AI model jailbreaks Jun 16, 2026 3159 In this solo podcast episode, James Wilson breaks down the current state of AI model jailbreaks. If you’ve somehow missed the story, last week Anthropic released its Fable 5 and Mythos 5 models to the public. In the name of safety, both models were guardrailed up the wazoo, but that didn’t stop a bunch of jailbreakers from figuring out how to bypass at least some of
Why NPM v12 won’t stop supply chain attacks Jun 12, 2026 2312 In this podcast episode, James Wilson is joined by Open Source Malware Security co-founder Paul McCarty to talk about the supply chain attack mitigations coming in NPM v12. NPM disabling (by default) auto-run install scripts and dynamic dependencies is a positive step forward… but it’ll take years for this new version to be adopted, and these changes do nothing to p
Everything is getting much worse, much faster Jun 5, 2026 1382 In this podcast Brad Arkin joins James Wilson to talk about how the fear of being left behind in the AI era means enterprises are taking risks that would have been considered insane just a couple of years ago. Fears around outages or being hacked have been trumped by fears of being labelled an AI laggard. So where are we all going? Say hello to tech debt-riddled, v
Solo podcast: A deep dive on TeamPCP Jun 2, 2026 3841 In this solo episode, James Wilson takes a detailed look at TeamPCP. It started off by launching clumsy attacks against misconfigured Kubernetes clusters in September 2025. But by February this year, TeamPCP had skilled up and was smashing global software supply chains in the highest profile attacks of 2026. TeamPCP upskilled and turned the software development eco
How to survive supply chain attacks May 25, 2026 2211 In this podcast James Wilson chats with Brad Arkin about why software supply chain attacks have gone from rare, once-in-a-while disasters to an operational problem affecting mainstream enterprises almost daily. AI has made attackers faster, and “vibe coding” means the number of environments pulling packages from the internet has gone to the moon. It also means legac
How the CopyFail disclosure went sideways May 21, 2026 1136 In this episode, Theori’s Brian Pak and Andrew Wesie join James Wilson to discuss why the CopyFail exploit was publicly disclosed before Linux distributions had their patches ready. As you’ll hear in this episode, mistakes were made and lessons learned. It’s worth a podcast, too, because in our opinion this incident foreshadows the inevitable problems that open sourc
NCSC’s Ollie Whitehouse on surviving the "bugpocalypse" May 18, 2026 1765 In this edition of Risky Business Features Ollie Whitehouse, the CTO of the UK’s National Cyber Security Centre, joins Patrick Gray and James Wilson to talk about why “patch faster” will only get organisations so far in the face of the AI “bugpocalypse”. As Ollie explains, organisations will need to reduce internet-facing attack surface and make better architecture
What a great agentic AI deployment plan looks like May 12, 2026 2399 In this podcast James Wilson and Brad Arkin workshop the advice they think the industry needs to hear when it comes to deploying agentic AI in the enterprise. Relegating agentic AI to non-sensitive and low-risk tasks doesn’t deliver value, and avoiding all risk stalls progress. James and Brad discuss the phases of AI adoption and contrast what a great plan looks lik
Mythos smythos! How to find 0day with lesser models May 8, 2026 5273 In this podcast James Wilson chats with Niels Provos about his research into using older AI models to successfully hunt for 0day vulnerabilities. Niels has had a long and prolific career in cybersecurity, having worked as a Distinguished Engineer at Google and then heading up security at Stripe. His interest in AI bug hunting was piqued recently when one of the Myth

Recommended