When your firewall forgets to buckle up, the crash doesn’t happen in the network first, it happens in your blindspots.

In this episode, Ron is joined by returning guest Chris Hughes, Co-Founder of Aquia and host of the Resilient Cyber podcast. Chris helps reframe vulnerability work as exposure management, connect technical risk to human resilience, and break down the scoring and runtime tools security teams actually need today. Expect clear takeaways on EPSS, reachability analysis, ADR, AI’s double-edged role, and the one habit Chris swears by as a CEO. This episode fuses attack-surface reality with mental-attack-surface strategy so you walk away with both tactical moves and daily practices that protect systems and people.

Impactful Moments:
00:00 - Intro
02:00 - Breaking: Fortinet WAF zero-day & visibility lesson
05:00 - Meet Chris Hughes: CEO, author, Resilient Cyber host
08:00 - Mental attack surface explained and why it matters
18:00 - From CVSS to EPSS, reachability, and ADR realities
21:00 - AI as force-multiplier for attackers and defenders
24:30 - Exposure vs vulnerability naming, market trends
26:00 - Chris’s book & how to follow his work
30:00 - Ron’s solo: 3 pillars to patch your mindset
34:00 - Closing takeaways and subscribe reminder

Links:
Connect with our guest, Chris Hughes, on LinkedIn: https://www.linkedin.com/in/resilientcyber/

Check out the article on the Fortinet exploit here: https://www.helpnetsecurity.com/2025/11/14/fortinet-fortiweb-zero-day-exploited/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/