Why Most Hackers Get In Through the Basics
Show notes
In this episode, I'm joined by Ryan Tappis, Co-Founder of NR Labs, a pure-play cybersecurity firm that serves federal and commercial clients. After more than a thousand pen tests, Ryan explains why most attackers still get in through the basics, like weak passwords, missing multi-factor authentication, and old software that never got patched, and why good cyber hygiene beats any Hollywood hacking scene. We get into how AI is changing both sides of the fight, from attackers finding zero-days faster to continuous AI red teaming on defense, and what the new moat looks like for a business when anyone can vibe code. Ryan also breaks down what separates a great CISO from an average one, how NR Labs grew from 40 to 90 people and won four prime contracts in a single year, and why he treats revenue as a byproduct of hiring the smartest people in the room. We close on the myth he most wants gone: that cybersecurity is just hackers in hoodies.