In this episode, John Funge, Managing Director at DataTribe, and I discuss the Global IT Outage caused by a flawed update to CrowdStrike's cloud-based security software. We also review DataTribe's recently published report on cybersecurity trends and predictions for 2024. In closing, John shares some tips and recommendations for those seeking cybersecurity funding. Action Items and Discussion Highlights Organizations need to incentivize and spend more time and effort hardening the QA cycles.Continue to focus on building secure software through tools/processes that embrace best practices.Assess the concentration of risks and take proactive mitigation steps.Take malware at scale, reverse engineer it, and look inside the malware to use that as training for AI models that can detect and mitigate entire classes of malware.Create a set of tooling that can monitor what happens in CICD (Continuous Integration & Continuous Delivery) pipelines, create the necessary evidence to help enforce process and risk management compliance, and make the software development process much more transparent.Cybersecurity trends include quantum computing, security for serverless architecture, operational technology (OT) security, autonomous defenses, passwordless authentication, AppSec 2.0, and AI SOC Analyst. Time Stamps  00:02 -- Introduction 01:44 -- Guest's Professional Highlights 06:33 -- Global IT Outage Fiasco -- Lessons 08:11 -- Hardening QA Cycles 10:41 -- Software Malfunction in an AI-Driven World -- Corrective Action 15:50 -- Reviewing Cyber Trends -- Quantum Computing, AI-Enabled Autonomous Defenses, AI SOC Analyst, AppSec Scans, etc. 25:30 -- Cybersecurity Governance Process Improvements and Innovations 31:18 -- What does DataTribe, a cyber foundry, look for when evaluating potential investment opportunities? 34:35 -- Cyber Predictions 36:44 -- Closing Thoughts Memorable John Funge Quotes/Statements "Software is just really brittle and creaky. Over time, there's been a combination of incentives toward speed of delivery and time to market rather than spending more effort hardening QA cycles." "Within the security industry, there's this sort of patch advice: Just keep your systems patched, etc. There isn't much discussion in that conversation about how we can engineer the software so it's more secure with fewer bugs." "It's unclear whether we are increasing the hardness of many software tools and systems at the same time that their responsibility is increasing." "At the end of the day, AI is really a tool for consolidating training data and creating a decision mechanism based on that." "Security is just so rich with data. So, if you follow the data, you really do start to see interesting opportunities to potentially create predictive models that allow you to increase your security performance and efficacy." "There is this opportunity to create a set of tooling that can monitor what goes on in CICD (Continuous Integration and Continuous Deployment) pipelines and create all the necessary evidence that can help enforce process and give confidence to auditors risk management compliance, and essentially take what's going on inside the software development process, and making it much, much more transparent." "AI models and the data science teams that work on them represent a bit of a black box, and it can be challenging to...