The Trust Problem in Cybersecurity — and How to Fix It
Techstrong TV Interviews
•
25m
Ross McKerchar, CISO at Sophos, joins Alan Shimel on TechStrong TV to talk about why trust has become the most important — and most underdeveloped — currency in cybersecurity. Drawing on 19 years inside Sophos and findings from the brand-new 2026 Sophos Trust Reality Report (more than 5,000 organizations across 17 countries), Ross explains why customers struggle to assess vendor trustworthiness and what should replace today's broken supply chain questionnaires.
The conversation covers the breadth of the Sophos portfolio — from endpoint and email to firewall and one of the industry's largest MDR businesses, with more than 30,000 customers — and dives into the radical transparency approach behind Sophos's Pacific Rim report, the Secure by Design tailwind, and why "verifiable artifacts of maturity" like wide-scope bug bounties, fast and technical incident communication, and a credible CNA/CVE program tell you more about a vendor than any survey ever will.
Ross also shares why SBOMs remain a great idea that most buyers cannot yet use effectively, why 62% of respondents now question their vendors' trustworthiness, and what data point in this year's report wasn't on his bingo card.
Learn more at https://www.sophos.com
Up Next in Techstrong TV Interviews
-
Beyond RAG — Inside Pinecone Nexus an...
Jeff Zhu, VP of Product at Pinecone, joins Alan Shimel on TechStrong TV to dig into Pinecone Nexus and KnowQL — Pinecone's biggest bet yet on the shift from human-driven retrieval to agent-driven knowledge infrastructure.
Jeff explains why the access patterns for vector search have fundamentally...
-
Inside the Agentic Red Team — Fightin...
Yigael Berger, Chief AI Officer at Sweet Security, joins Alan Shimel on TechStrong TV to talk about how the new generation of code-aware AI models is rewriting the rules of offensive and defensive security — and to unveil Sweet Attack, Sweet Security's new agentic AI red team service, now general...
-
Behavioral Detection Replaces IOC Wha...
Mike Vizard talks with Nicole Beckwith of Cribl about why security teams need to move beyond indicator-of-compromise detection models built around hashes, IP addresses, domains and signatures. Beckwith explains that attackers can easily rotate low-level indicators, so SOC teams need to shift towa...
