In this episode, Jeffrey Wheatman sits down with Paul Guckian, former BISO at Lloyd’s of London and author of Systemic Cyber Resilience: Why CISOs Can’t Fix Cybersecurity. They unpack why the traditional security model is broken, how systemic risk is the real enemy, and why putting the weight of an entire ecosystem on a single CISO sets everyone up for failure. From resilient thinking to lessons from fire safety and finance, Paul brings an academic lens—and a pragmatic mindset—to a critical conversation.

Link to Paul’s book.

Jeffrey Wheatman sits down with Cary Johnson, founder of Phishbusters Audit and Consulting, to expose the failures of traditional phishing simulations. They discuss why standard metrics fall short, how self-assessment distorts results, and what it really takes to track — and influence — behavioral change in security awareness programs.

In this episode of Risk & Reels, Jeffrey Wheatman sits down with RJ Friedman, CEO of Dayone Cyber, to talk frameworks, risk, and leadership. RJ shares how his start in sales shaped his approach as a CISO, why CIS 18 remains his go-to, and how mapping frameworks to business goals makes all the difference. It's a sharp, honest look at what makes cybersecurity leadership actually work.