# From Misconfigurations to Mission Control: Lessons from InfoSec World 2025 - Rob Allen, Perry Schumacher, Marene Allison, Ryan Heritage, Patricia Titus, Dr. Ron Ross - ESW #435 Page: https://stenobird.com/podcast/enterprise-security-weekly-video-787162/from-misconfigurations-to-mission-control-lessons-from-infosec-world-2025-rob-allen-perry-schumacher-marene-allison-ryan-heritage-patricia-titus-dr-ron-ross-esw-435 Text version: https://stenobird.com/podcast/enterprise-security-weekly-video-787162/from-misconfigurations-to-mission-control-lessons-from-infosec-world-2025-rob-allen-perry-schumacher-marene-allison-ryan-heritage-patricia-titus-dr-ron-ross-esw-435.md Podcast: [Enterprise Security Weekly (Video)](https://stenobird.com/podcast/enterprise-security-weekly-video-787162) Published: 2025-12-01T10:00:00+00:00 Episode link: https://eswvideo.libsyn.com/from-misconfigurations-to-mission-control-lessons-from-infosec-world-2025-rob-allen-perry-schumacher-marene-allison-ryan-heritage-patricia-titus-dr-ron-ross-esw-435 Audio file: https://dts.podtrac.com/redirect.mp3/traffic.libsyn.com/secure/eswvideo/ESW_435_1--86f7a419-c26c-460a-a4e3-6744e6b2df3f--sd-converted--6445b9ef-b0e1-454c-9198-e0f5b033f17f.mp4?dest-id=376667 Processing state: not_requested JSON: https://stenobird.com/v1/public/podcasts/enterprise-security-weekly-video-787162/episodes/from-misconfigurations-to-mission-control-lessons-from-infosec-world-2025-rob-allen-perry-schumacher-marene-allison-ryan-heritage-patricia-titus-dr-ron-ross-esw-435 Duration seconds: 6203 ## Resource Live from InfoSec World 2025, this episode of Enterprise Security Weekly features six in-depth conversations with leading voices in cybersecurity, exploring the tools, strategies, and leadership approaches driving the future of enterprise defense. From configuration management and AI-generated threats to emerging frameworks and national standards, this special edition captures the most influential conversations from this year's conference. In this episode: -You Don't Need a Hacker When You Have Misconfigurations — Rob Allen, Chief Product Officer at ThreatLocker®, discusses how overlooked settings and weak controls continue to be one of the most common causes of breaches. He explains how Defense Against Configurations (DAC) helps organizations identify, map, and remediate configuration risks before attackers can exploit them. -Security Challenges for Mid-Sized Companies — Perry Schumacher, Chief Strategy Officer & Partner at Ridge IT Cyber, explores the evolving security challenges facing mid-sized organizations. He discusses how AI is becoming a competitive advantage, how mobility and third-party reliance complicate defenses, and what steps these organizations can take to improve resilience and efficiency. -The Rise of Security Control Management: Secure by Design, Not by Chance — Marene Allison, former CISO of Johnson & Johnson, introduces Security Control Management (SCM), a new software category that unifies control selection, mapping, validation, and enforcement. She explains how SCM transforms fragmented compliance programs into proactive, embedded defense. -Engineered for Protection: The Rise of Security Control Management — Ryan Heritage, Advisor at Sicura, continues the discussion on SCM, explaining how organizations can operationalize this approach to move fr… ## Actions - request_transcript: `POST https://stenobird.com/v1/public/podcasts/enterprise-security-weekly-video-787162/episodes/from-misconfigurations-to-mission-control-lessons-from-infosec-world-2025-rob-allen-perry-schumacher-marene-allison-ryan-heritage-patricia-titus-dr-ron-ross-esw-435/transcription-requests` — Idempotently request low-priority transcript generation for this episode. - read_markdown: `GET https://stenobird.com/podcast/enterprise-security-weekly-video-787162/from-misconfigurations-to-mission-control-lessons-from-infosec-world-2025-rob-allen-perry-schumacher-marene-allison-ryan-heritage-patricia-titus-dr-ron-ross-esw-435.md` — Read the agent-friendly Markdown representation of this episode resource. A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed. ## Transcript Full transcripts are not published on public pages unless there is a clear rights basis.