In this episode of Chasing Entropy, Dave Lewis sits down with longtime friend and industry veteran Bill Brenner, Senior VP and Head of Content at Cyber Risk Alliance. Bill has been shaping the cybersecurity narrative for over two decades, from his early reporting days at TechTarget to his leadership roles at Akamai, Sophos, IANS, and now Cyber Risk Alliance.

From Newsrooms to Cybersecurity

Bill shares how his career began in traditional journalism, with a pivotal moment after 9/11 pushing him toward B2B reporting. A role at SearchSecurity marked his entry into cybersecurity, where he quickly established himself as a respected interviewer, writer, and—eventually—a storyteller within the security community.

The OCD Diaries & Mental Health Advocacy

A major part of Bill’s journey has been his candid writing in The OCD Diaries, a personal blog turned community resource. What started as a therapeutic exercise evolved into a touchstone for many in security facing similar struggles. Today, Bill continues that advocacy through his work with CyberMinds, developing tools and resources to support the mental health of cyber defenders, who often face burnout, PTSD-like stress, and relentless alert fatigue.

Storytelling, Security, and Leadership

Reflecting on his time at Akamai, Bill discusses how being embedded in a security team during the Heartbleed and Shellshock era shaped his understanding of communication, trust, and leadership. He and Dave revisit their collaboration on reports, vulnerability advisories, and how content can influence both internal teams and the wider industry.

AI, Content, and the Human Element

Bill and Dave dive into the current disruption caused by artificial intelligence. While many companies mistakenly see AI as a replacement for people, Bill argues it must be used as an enhancer—freeing humans from repetitive tasks while preserving creativity, critical thinking, and authenticity. His own work at Cyber Risk Alliance now includes experimenting with AI to streamline workflows without losing the human voice.

Looking Ahead

Bill emphasizes the importance of resilience, humility, and staying focused on the human side of security. Whether through mental health advocacy, building stronger content strategies, or mentoring the next generation, his mission remains clear: tell stories that matter and help the community thrive in an increasingly chaotic digital world.

👉 Where to find Bill:

• The OCD Diaries (archived blog with evergreen posts)
• Bill on LinkedIn (active writing and insights)
• SC Media / SC World (ongoing journalism and leadership work)

In this episode of the Chasing Entropy Podcast, host Dave Lewis welcomes industry analyst and long-time cybersecurity veteran Fernando Montenegro for a far-ranging and refreshingly honest discussion about the evolution of security, the realities of AI, and the human stories that shape our digital defenses.

Fernando shares his origin story from math and fractals in Brazil to cryptography and bulletin boards, and ultimately to a career that has spanned consulting, sales engineering, and now research and analysis. Along the way, he highlights the importance of community spaces like TASK (Toronto Area Security Klatsch) and B-Sides as pivotal launchpads for industry newcomers.

The conversation dives deep into artificial intelligence and its nuanced role in cybersecurity:

• Security for AI: Helping organizations safely adopt AI tools.
• AI for Security: Using AI to enhance defense mechanisms.
• Security against AI: Preparing for AI-augmented attacks and fraud.

Fernando advocates for viewing AI through an economic and socio-technical lens rather than blindly trusting in its promise. As both he and Dave agree, AI isn't magic—it's math. It can augment work, but replacing human judgment, strategy, and contextual understanding is far from reality.

They also touch on the dangers of layoffs fueled by AI hype, calling out examples like Klarna’s public misstep, and drawing parallels to earlier cloud-related downsizing miscalculations. Both stress the importance of understanding what workers actually do before trying to replace them with automation.

As the episode wraps, Fernando delivers sage advice for those entering or pivoting into cybersecurity:

• Leverage your prior experience, whether from hospitality or marketing, it has value.
• Seek mentorship from peers 2–5 years ahead of you for tactical guidance.
• Don’t be discouraged by gatekeeping; curiosity and kindness go a long way in this relationship-driven field.

Whether you're a seasoned professional or just getting started, this episode is a candid reminder that cybersecurity is as much about people as it is about technology and that chasing entropy means embracing complexity, not avoiding it.

In this special "Summer Camp" edition of Chasing Entropy, Dave Lewis sits down with longtime friend and cyber risk veteran Jeffrey Wheatman. From their early DEF CON gooning days to leading board-level security conversations, Dave and Jeffrey explore how cybersecurity professionals navigate entropy—when systems unravel, and chaos creeps in.

Jeffrey, a former VP at Gartner and now a cyber risk strategist, brings 30 years of experience to the mic. They dive deep into the human and organizational aspects of risk management, effective communication with executive leadership, and how the security industry can stop "solutioning" with tech and instead focus on solving real problems.

Key Topics That We Covered:

• From Hardware Store to Cyber Risk Strategist: Jeffrey’s unconventional path into cybersecurity and early lessons learned about clarity, communication, and not working in retail.
• Tech for Tech’s Sake?: Why the obsession with new tools misses the point—and how reframing security in terms of solving business problems is the real game changer.
• Communicating with Boards: Strategies for helping CISOs resonate with executives, plus tips on improving board-level metrics and engagement.
• AI in Cybersecurity: Cautious optimism, practical concerns, and philosophical musings. Both Dave and Jeffrey agree: AI is no silver bullet. But with thoughtful integration and strong scenario planning, it can be a powerful partner—especially for edge cases and pattern recognition.
• Speaking to Your Audience: Whether you're in front of a board or a DEF CON hallway track, Jeffrey shares hard-won lessons about adjusting your message, avoiding condescension, and using metaphors that land.

Memorable Quotes

Where to Find Jeffrey

• LinkedIn: The only “Jeffrey Wheatman”
• Speaking soon at: SANS Security Awareness, ISACA GRC, Black Hat, and PDA PRISM Conference
• Fun fact: At DEF CON, you’ll know him as “Mnkey.”

Listen now, share widely, and join us again next week as we continue Chasing Entropy in a world full of chaos and credentials.

Don’t forget to like, subscribe, and spread the entropy.