Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

72% of security budgets still go to detection and response, not prevention. That is the thread running through the latest episode of The Security Strategist, where EM360Tech's Shubhangi Dua talks with Garrett Hamilton, CEO of Reach Security, and Jay Wilson, CIO and CISO at Insurity. With the majority of budgets still pointed at detection and response, the conversation makes the case for swinging the pendulum back toward prevention, and why the tech can finally back it up.

"What's the problem, and how do I fix it?" Most security tools can't answer that. Reach can, for every misconfiguration in your Netskope deployment. It analyzes your web, SaaS, and data protection policies, flags what's drifted, and hands your team the exact fix ranked by risk and all powered by AI models. No guesswork, no 40-tab config audit.

The Cybersecurity Connection! Cocktails, tacos, and a pool table, beachfront in Huntington Beach. Reach Security, Cloudflare, and JetStream are hosting a happy hour at The Bungalow on Wednesday, June 24. Security and IT leaders, two hours, no agenda. Come unwind, meet the team, and lose a game of pool to someone you just met. Wednesday, June 24, 5 to 7 PM. The Study at The Bungalow.

"Usually it's not a question of if the bad guys get in. It's a question of what happens when they do." Jay Wilson, CISO and CIO at Insurity, and Garrett Hamilton, CEO of Reach, joined Shubhangi Dua on The Security Strategist from EM360Tech to talk about why the controls you already own are where exposure quietly builds up. That's Jay's line, and one every security leader has lived. Defense in depth only holds if every inner layer is configured the way you think it is. The outer door gets the attention. The inner doors are where incidents actually get stopped, or don't.

How do CISOs feel about drift? Misconfigurations rarely look like incidents. A setting shifts, posture weakens, and nothing announces it until it already matters. That is a hard seat for whoever owns posture. Without a clear view of what changed, you are working secondhand, leaning on the team to tell you what moved and whether it hurt.

At Black Hat last year, Garrett Hamilton asked Nicole Perlroth what she wanted the next five years of security to look like. She didn't give the optimistic answer. She said she was genuinely terrified. Zero-day exploitation at scale, fully automated. Attackers turning AI into infrastructure of their own. A year isn't five. But it's enough to check the tape.

Offense is running on AI. Defense has to as well. That's the throughline of Garrett Hamilton's conversation with Jay Wilson, CIO and CISO at Insurity, on The Security Strategist, hosted by Shubhangi Dua at EM360Tech. What they get into.

Nancy Phillips, Chief Information Security Officer (CISO) at Ensemble Health, discusses how Reach Security provides her team with continuous assurance that the team's security controls are operating as intended.