Ep. 82 – Security Tools Are Failing: Lessons from the 2025 Microsoft Vulnerability Report

Paula Januszkiewicz is the Founder and CEO of CQURE and CQURE Academy, which she established back in 2008. She is also an Enterprise Security MVP, honorable Microsoft Regional Director, and a world-class cybersecurity expert, consulting Customers worldwide. In 2017, Paula graduated from Harvard Business School. She delivers keynotes and sessions at the biggest world conferences such as RSA, Black Hat, Microsoft Ignite, SecTor Canada, Australian Cyber Conference, GISEC, GITEX, LEAP, and many others. She is often a top-rated speaker, including being chosen the No. 1 Speaker at Microsoft Ignite (among 1,100 speakers at a conference with 26,000 attendees) and at Black Hat Asia 2019. At the RSA Conference, two of her sessions were among the top 5 best rated. Paula is known for her unique stage presence that is always well-received among diverse audiences, often gathering thousands of people!

Paula has over 19 years of experience in the cybersecurity field, performing penetration tests, architecture consulting, trainings, and seminars. Every year, she takes over 200 flights to provide cybersecurity services for CQURE’s Customers. Paula and her Team also design security awareness programs for various organizations, including awareness sessions for top management. Together, they create various security tools (CQTools) supporting penetration tests, incident response, and forensics, which are shared with the community. Paula is a member of the Technical Advisory Board at the Royal Bank of Scotland/Natwest. And to top it all off, she has access to the source code of Windows!

Sami Laiho is one of the world’s leading professionals in the Windows OS and Security. Sami has been working with and teaching OS troubleshooting, management, and security since 1996. In 2019 Sami was chosen by TiVi-magazine as one of the top 100 influencers in IT in Finland. He is the 11th most followed person in his field in Finland.

At Ignite 2018, Sami’s “Behind the Scenes: How to build a conference winning session” and “Sami Laiho: 45 Life Hacks of Windows OS in 45 minutes” sessions were ranked as #1 and #2 out of 1708 sessions!! This was the first time in the history of the conference that anyone has been able to do this. Before that, at Ignite 2017, the world’s biggest Microsoft event, Sami was evaluated as the Best External Speaker! Also, Sami’s sessions were evaluated as the Best session in TechEd North America, Europe and Australia in 2014, and Nordic Infrastructure Conference in 2016, 2017 and 2019.

Kip Boyle is the Chief Information Security Officer (CISO) for several companies. He's the co-host of the "Cyber Risk Management Podcast" at https://cr-map.com/podcast. He helps senior decision-makers manage unlimited cyber risks through rigorous prioritization. He's served as a Captain with the F-22 program in the US Air Force. In the private sectors he was a CISO for an insurance company, credit card processor, bank, credit union, and IT Managed Service Provider. He lives in Seattle with his wife and six kids. 

Charles Henderson, Coalfire’s Executive Vice President of Cyber Security Services, is a seasoned executive who specializes in leading teams that test, monitor, respond to, and secure organizations around the world. Throughout his career, Charles and the teams he has managed have specialized in threat intelligence, incident response, penetration testing, adversary simulation, vulnerability management, and vulnerability research. Formerly leading IBM X-Force and Trustwave SpiderLabs, his teams' clients range from governments, to the largest on the Fortune lists, to small and midsized companies interested in improving their security posture or in need of assistance handling a security incident.

Charles is also an enthusiastic member of the information security community and an advocate of vulnerability research. He serves on the BlackHat review board, has been a featured speaker at various conferences around the world on various subjects relating to security testing and incident response - including Black Hat, DEFCON, RSA, and SXSW. He has also appeared on or in CBS Evening News, NBC Nightly News, The Today Show, CNN, BBC, The Wall Street Journal, The New York Times, Forbes, USA Today, The Register, SC Magazine, Engadget, eWeek, Reuters, Car & Driver, and various other media outlets.