Brian Wagner is at the forefront of shaping how businesses defend against modern cyber threats. A renowned cybersecurity speaker and industry leader, he has served as head of compliance for AWS Financial Services and now leads as CTO at cybersecurity firm Defence.com. Throughout his career, including key roles at Cisco, AWS and Bulletproof, Brian has helped organisations of all sizes build resilient, future-ready security strategies.
We spoke to Brian to explore the next generation of cyber attacks, how businesses can protect themselves in a perimeterless world, and why the human factor remains both the greatest risk and the greatest opportunity in cybersecurity today.
As threat actors continue to evolve their tactics, what do you foresee as the next major style or category of cyber attack that businesses should prepare for?
The next…wow. I think it’s going to come from the strides we’re making in areas like quantum computing and other futuristic technologies. As our computing capabilities become more powerful, there will come a time when our current encryption mechanisms are no longer secure.
I’m not sure it will be the very next threat, but if you look at how we protect digital data today, there’s a not-too-distant future where that protection could be compromised. I wouldn’t say encryption will become obsolete, but it could be broken within a reasonable amount of time by technologies like quantum computing — or simply by more powerful systems.
In what ways did the COVID-19 pandemic shift the cybersecurity landscape, and how has remote work specifically made businesses more vulnerable to attack?
Yes — when you work outside the office, when you work remotely, the difference from a digital perspective is that in the office, you’re at least on a known network or within a known environment. Is it perfect? That varies from business to business. But it’s at least predictable. You know where the perimeter is, how communications flow, and so on.
When you work from home, the perimeter dissolves. There’s no longer a defined boundary. If you think of it like a castle or fortress — you protect the walls, and people inside those walls are trusted to some degree, just by being there. In an office, it’s the same. You’re there physically, so you’ve likely passed some trust threshold — someone recognises you, you’re part of the system.
But when that perimeter disappears, the attack surface expands exponentially. The opportunities for attack multiply. Instead of one centralised target, each individual working remotely becomes a potential point of entry. So rather than breaching a single fortress, an attacker now has many smaller targets. It makes everyone more vulnerable.
What’s the single most important, practical step you believe organisations can take today to strengthen their cybersecurity posture?
I think the absolute top tip — easy to implement and realistic — is to use a password manager. A lot of the breaches we see now come from commonly used passwords or ones that have already been leaked online. So that’s probably the number one easiest way to prevent a breach.
The next thing is email vigilance. Phishing — if you’re unfamiliar with the term — is when someone tricks you into handing over information like login credentials or bank details. In business scenarios, it’s often aimed at stealing login details, which can then be used to access systems. There’s no single action that can solve this, but the takeaway is to be sceptical of all emails.
Another useful step is enabling multi-factor authentication (MFA). Everyone’s using third-party services now – everything is a subscription, and every subscription has a login. With MFA, even if your password is stolen or leaked, the attacker won’t be able to access your account without that second layer of verification. That makes the password effectively useless to them.
In your experience, what is the most common root cause behind data breaches within organisations today?
Sadly, it’s human beings. Humans are inherently trusting — it’s part of who we are. Statistically, it’s clear that phishing plays a huge role in breaches. People are the weak point.
Before email became dominant, the exploits were more physical. For example, someone might walk into a front office, say they’re late for a job interview, and hand over a USB stick with their “CV”, which, once plugged in, delivers the breach.
These days, especially with remote work, phishing is absolutely on the rise. I don’t want to lean on phishing for every answer, but broadly speaking, people remain the weakest link in any organisation when it comes to cybersecurity.
With ransomware attacks growing in both frequency and sophistication, what should a business do if it finds itself being financially extorted by cybercriminals?
Brian: “First of all — do not pay them. That’s the absolute number one rule. The reason we have cybercrime and ransomware is because it’s profitable. If it didn’t make money, no one would bother doing it.
Next, assess the impact. Ideally, if you’ve been backing up and archiving your data properly, a ransomware event should be an inconvenience at worst.
There are a couple of scenarios here. If you have backup data, you won’t theoretically lose anything—even if the encrypted data is never recovered. The inconvenience then is the time it takes to restore everything, which may result in a temporary outage.
But it also depends on what data is being held for ransom. Is it personal information? Customer data? Internal business data? If it’s customer-related and includes things like login credentials or personal details, then you have an obligation — not just under GDPR, but morally — to notify those affected.
As a responsible business, you should reach out and say: “Here’s what happened, and here’s what we believe was taken.” Those individuals need to know so they can protect themselves.
“But again — rule number one — don’t pay.
If you could go back and give your younger self one piece of advice at the start of your cybersecurity journey, what would it be, and why?
Don’t be afraid to fail. Just try things. That’s especially true in the early stages of your career — any career, not just cybersecurity. There’s often a tendency to chase perfection, to feel like you have to get everything right the first time.
And along the same lines, I’d also say: stick with your strengths. Early in their careers, people often try to be people-pleasers. They want to be seen as helpful or indispensable.
Let me give you an example. Say you’re brought in to solve a software issue for a major company, but someone says: “Hey, you’re good with computers – can you fix the printer?” You might feel inclined to say yes, but really, you should feel confident saying, “Actually, I’m here to do this specific job.
When you stay in your lane, you build authority in your area of expertise — and that’s valuable. It shows confidence, and it helps you grow the right way.
This interview with Brian Wagner was conducted by Mark Matthews.
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.
