Reimagining Cyber - real world perspectives on cybersecurity

In this episode of Reimagining Cyber, host Rob Aragao sits down with Eric McAlpine, Founder and CEO of Momentum Cyber, to break down what’s really happening inside today’s cybersecurity market.
Drawing from insights in the latest Momentum Cyber Almanac, Eric shares a behind-the-numbers look at:
The rise of a two-tier cybersecurity market — the “haves” and the “have-nots”
Why we may be in the middle of a cybersecurity supercycle
How AI-native startups are reshaping funding, innovation, and deal activity
The surge in M&A and what it signals for the future
What vendor consolidation means for security leaders and enterprise buyers
Why hyperscalers and frontier AI companies could be the next major power players
With record capital flows, accelerating innovation cycles, and trillion-dollar companies eyeing security, the stakes have never been higher.
If you want to understand where the cybersecurity market is headed in 2026 — and how to navigate the transformation — this episode delivers the strategic context you need.
Contact Eric McAlpine at  [email protected].
As featured on Million Podcasts'
Best 100 Cybersecurity Podcasts
Top 50 Chief Information Security Officer CISO Podcasts
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]

Two weeks ago on Reimagining Cyber, we explored how agentic AI could become the next major security choke point. Since then, things have escalated.
Enterprises are restricting — even banning — AI agents. Security teams are scrambling to regain visibility. Vendors are rushing out “agent security” features. And early warning signs are already surfacing.
In this episode, Tyler Moffitt answers the critical question: Did agentic AI just move from innovation to crisis?
What changed in just a matter of weeks?
This discussion breaks down:
Why AI agents are fundamentally different from traditional automation and service accounts
How autonomous reasoning + persistent system access creates a new attack paradigm
The identity and API sprawl problem most organizations didn’t realize they had
Why compromised agents could give attackers automation at scale
The growing wave of enterprise bans — and what they signal
Whether regulation or a high-profile incident is likely to come first
Tyler explains how agents don’t just generate responses — they take action. They hold API keys, access internal systems, modify code repositories, interact with cloud infrastructure, and execute workflows. When deployed without guardrails, logging, or least-privilege controls, they can quietly multiply an organization’s attack surface overnight.
The core issue isn’t that AI is malicious — it’s that AI has become an acceleration layer. And when autonomy meets overprivileged access, traditional security models break.
You’ll also hear practical, immediate steps security teams should be taking now — from credential rotation and agent inventories to sandboxing and behavioral monitoring.
This isn’t an anti-AI episode. It’s a maturity wake-up call.
Because the organizations that build guardrails now will move faster and safer. The ones that don’t may learn the hard way.
If you’re a CISO, security architect, developer experimenting with agents in production, or executive evaluating AI adoption — this is a conversation you can’t afford to miss.
As featured on Million Podcasts'
Best 100 Cybersecurity Podcasts
Top 50 Chief Information Security Officer CISO Podcasts
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]

One year after the Digital Operational Resilience Act (DORA) came into force, what has actually changed?
In this follow-up episode of Reimagining Cyber, Rob Aragao welcomes back Dominic Brown of Graveslight Consulting to assess the reality of DORA in practice. Last time, the regulation was looming. Now, firms across the EU — and global financial institutions operating within it — have been living with it.
The conversation explores:
Why DORA was designed as a systemic risk regulation — not just a compliance exercise
Where firms struggled during year one, from immature ICT governance to gaps between policy and practice
How regulators have responded — and why patience may be running out
The impact of Level 2 Technical Standards, including threat-led penetration testing under the TIBER-EU methodology
What ICT third-party risk management really means for cloud providers and subcontracting chains
Why resilience is becoming both a supervisory priority and a competitive differentiator
Why DORA may set a precedent for future resilience regulation worldwide
The impact on organisations with a global footprint
With enforcement expectations rising and supervisory scrutiny intensifying, year two marks the shift from preparation to proof. Boards, CISOs, and technology providers alike will need to demonstrate that operational resilience works in practice — not just on paper.
If year one was about Europe adapting to DORA, year two is about the world responding to it.
As featured on Million Podcasts'
Best 100 Cybersecurity Podcasts
Top 50 Chief Information Security Officer CISO Podcasts
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]

Agentic AI is moving fast — and it’s changing how risk shows up inside modern organizations.
Autonomous AI agents are no longer just answering questions. They’re wired into cloud consoles, internal tools, ticketing systems, and finance platforms, acting on our behalf with real permissions and real consequences. And in the rush to automate, many teams are quietly centralizing access in ways security models were never designed to handle.
In this episode, Ben sits down with Tyler Moffitt to break down what’s actually happening with agentic AI, why security teams are raising red flags, and how incentives around speed, automation, and scale are reshaping risk. They explore over-permissioned agents, token hygiene failures, broken separation of duties, and why AI agents are becoming the new security choke point.
The conversation also looks at how attackers are already using agentic AI to operate at machine speed — and what defenders can do now to design systems that assume compromise rather than perfection.
If you’re building, deploying, or securing AI agents, this is a conversation you can’t afford to miss.
As featured on Million Podcasts'
Best 100 Cybersecurity Podcasts
Top 50 Chief Information Security Officer CISO Podcasts
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]

AI has officially moved from experimentation to execution—and regulation is racing to catch up.
In this episode of Reimagining Cyber, Tyler Moffitt is joined by Matt Aldridge to unpack what the rapidly evolving AI regulatory landscape means for security teams, businesses, and managed service providers heading into 2026.
From the EU AI Act and GDPR to California’s CPRA and emerging rules around automated decision-making, they explore how governments are trying to balance innovation with safety, privacy, and accountability. The conversation dives into the real-world security implications of agentic AI, autonomous decision-making, biased training data, and the growing risks of AI systems operating with minimal oversight.
Whether you’re an enterprise security leader, an SMB, or an MSP supporting multiple customers, this episode breaks down why AI regulation is no longer a future concern—and what practical steps organizations should be taking now to reduce risk, protect data, and responsibly govern AI adoption.
As featured on Million Podcasts'
Best 100 Cybersecurity Podcasts
Top 50 Chief Information Security Officer CISO Podcasts
Top 70 Security Hacking Podcasts
This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]