Legacy systems are everywhere, quietly powering core operations in some of the world’s largest enterprises. But behind that familiarity is risk. In this episode of The Business of Cybersecurity, Paul Savill, Global Practice Leader of Networking and Edge Compute at Kyndryl, joins me to break down why aging infrastructure is becoming a major liability in today’s security posture.

We talk candidly about the security implications of 44 percent of enterprise technology being “out of life” and unsupported. Paul shares how that vulnerability becomes even more exposed as IoT devices proliferate and AI-powered attacks grow more sophisticated. It’s no longer a question of whether legacy tech is a problem, but how long organizations can afford to ignore it.

This conversation moves beyond the buzzwords and straight into the operational reality. Paul explains how Kyndryl’s post-IBM spin-off transformation included shifting to a cloud-first, zero trust model—and why that decision was just as much about improving agility and cost control as it was about reducing risk.

We also explore the human side of cybersecurity. Paul outlines how Kyndryl’s internal phishing simulations and scenario-based training have led to a measurable increase in employee-reported incidents. It’s a compelling argument for why building a cybersecurity culture beats any off-the-shelf solution.

From AI-enhanced social engineering threats to the disconnect between IT and OT teams, this episode highlights the practical steps business leaders can take to modernize without compromising day-to-day operations. If your cybersecurity strategy still depends on outdated tools and last year’s training modules, it might be time to rethink the foundation.

For more insight, check out the Kyndryl Readiness Report at kyndryl.com,

Nearly half of all internet traffic is now generated by non-human sources, and a growing share of that activity is driven by increasingly sophisticated bots. In this episode of The Business of Cybersecurity, Neil is joined by Lynn Marks, Senior Product Manager at Imperva, to break down the findings from the latest Bad Bot Report and explore what businesses need to know as these threats accelerate.

Lynn explains why the shift in bot activity is no longer about brute force or exploiting technical vulnerabilities. Today’s attackers are targeting business logic itself. From automated purchasing of high-demand items to manipulating pricing and availability data in the travel sector, bots are now bypassing traditional security tools by taking advantage of how platforms are designed to function.

APIs are particularly vulnerable. Nearly 50 percent of account takeover attacks now target APIs directly, largely because they are abundant, consistently structured, and often poorly monitored. Shadow APIs and lack of cross-functional visibility create significant blind spots for security teams.

Some industries are facing an outsized share of these attacks. Gaming platforms are targeted for their in-game currencies and experience systems, while travel providers contend with constant scraping of flight data and availability. In both cases, attackers are capitalizing on high user demand and competitive pressure to exploit weaknesses in systems that were never built with these threats in mind.

Lynn also discusses the rise of residential proxies and mobile user agents, which make it increasingly difficult to distinguish real users from bad actors. And with a surge in global AI regulation expected in 2025, she outlines what organizations can do to prepare. From understanding internal AI use to implementing layered protection across APIs and mobile applications, Lynn provides practical advice for teams looking to get ahead of the threat curve.

In a digital world where nearly half of all traffic is now synthetic, how confident are you in your ability to spot the difference?

Recorded live at IGEL Now & Next 2025 in Miami, this conversation with John Walsh, Field CTO for Critical Sectors at IGEL, explores how organizations can rethink edge security through a preventative lens. With decades of experience in high-assurance environments,

John shares how zero trust is moving from theory into applied strategy and why endpoint protection is still ground zero in the modern threat landscape. From hybrid work challenges to AI-powered threats, this episode breaks down how IGEL’s immutable OS and collaborative approach are helping secure some of the most sensitive sectors in the world. Are your endpoints ready for what’s next?