Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security teams are drowning in new models, new features and new failures faster than humans can meaningfully respond. Human in the loop sounds sensible, until the volume of AI generated findings and constant change leaves even experienced practitioners unsure where this is all heading.

What happens when an AI model can find more vulnerabilities in a day than a red team could find in a year? Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I’m Jim and in this episode, I’m joined by Martin Voelk, penetration tester and AI red teamer, and Jonathan Care, lead analyst at KuppingerCole covering AI and cybersecurity.

This episode looks at what happens when AI starts finding vulnerabilities at scale, restricted access creates market imbalance, and security teams struggle to keep pace. It covers fragile infrastructure, bug brokers, overloaded analysts, CISO fear, and the growing sense that cyber defence is entering a faster and harsher era.

Every organisation depends on data, which makes information security central to how the business survives and grows. The clip argues that security leaders should stop shrinking themselves in front of boards, stop catastrophising without answers, and take their place as serious decision makers.

The future is bigger than arguments between cyber, privacy, AI and business continuity specialists. Organisational resilience offers a clearer way to think about protection, bringing these competing disciplines together under one practical goal.

Anthropic's Project Glasswing and Mythos Preview model represent a seismic shift in cybersecurity. This AI is specifically tuned for vulnerability discovery, code review and security hardening at unprecedented speed. In this episode of Razorwire Raw, Jim Rees breaks down what Project Glasswing actually means for information security professionals and the concerns nobody's talking about yet.

Security teams often buy tools the way someone buys marathon gear, hoping the equipment alone will make them ready. Real security needs commitment, routine, leadership and follow through, because preparation is what matters when the hard day arrives.

Claims about being GDPR compliant often come from people selling certainty where none exists. The point is not to buy a magic fix or a shiny platform, but to recognise that data protection is ongoing work, not a finished state you can simply declare.

People entering InfoSec face a flood of opinions, hot takes and polished content from voices who have not done the real work. The clip calls out false prophets and influencers who sound credible online, while making it harder for newcomers to tell genuine expertise from noise.

One of the biggest security problems is speed, not a lack of tools. Constant pressure, tired judgement and endless cognitive load make people more likely to miss phishing, mishandle data and make poor decisions, so slowing down becomes a practical security control.