Articles by Jim
Activity
29K followers
-
Jim Routh posted thisCybersecurity professionals never wish cyber incidents on anyone, but we do our best to learn from publicized incidents to benefit other enterprises, potentially lowering the probability of significant impact across the industry. The recent Axios incident (this past Tuesday, March 31) reinforced a particularly harsh reality: our collective tolerance for the use of session tokens, stored browser credentials, and even FIDO2 Passkey implementations is based on end-user convenience wrapped around a camouflaged password. Our current approach adds a layer of authentication security while insulating the end user from the friction of remembering a password. However, the industry’s willingness to tolerate an underlying password simply because the user is shielded from it —creates a massive blind spot. Cyber criminals, including nation-state threat actors, actually prefer using compromised credentials because they provide the path of least resistance. North Korean hackers (Lazarus Group /UNC1069) leveraged compromised credentials to exploit the widely-used Axios software package. By pushing malicious updates, they deployed malware across multiple platforms, exposing thousands of additional credentials. As a leading open-source software library used in the majority of cloud environments (with over 100 million weekly downloads), the stakes are massive; approximately 3% of Axios users downloaded the tainted software and are now exposed. The pursuit of user convenience has resulted in a "middle ground" of authentication measures that are appreciated by users and threat actors for the exact same reason: they are easy to use. Threat actors recognize that compromised credentials make it easier to traverse networks undetected, escalate privileges, and exfiltrate data for profit. The irony is that true passwordless authentication methods and products are currently available—solutions that eliminate the probability of password compromise without increasing user friction. Why are enterprises not embracing these capabilities? Furthermore, methods exist to contain credentials within the software supply chain by creating vaults that prevent "secret sprawl" into runtimes, environments, or configurations. This approach eliminates the likelihood of software engineers leaving secrets exposed in code across various environments. Perhaps it is easier for enterprises increasingly dependent on SaaS systems to use the de facto authentication standard offered by the largest SaaS providers. It is clearly not easy for enterprises to take the necessary recovery steps from significant cyber incidents like the one last Tuesday. The use of passwordless authentication methods combined with secure password vaults for engineers will not increase friction for end users and will substantially increase friction for cyber threat actors sponsored by nation-states. Let’s pursue these alternative paths going forward.
-
Jim Routh shared thisHey- join me for a fun Pickleball Tournament on Wednesday. Every day is better when you begin it with Pickleball! https://lnkd.in/eYAhuNZg
-
Jim Routh shared thisEvery day is a good day when you start with pickleball!Jim Routh shared thisThink you’ve got game? Step off the #RSAC show floor next week and onto our pickleball court for a chance to take on David Lee and Jim Routh from our executive team 🎾. Whether you’re a seasoned player or simply want to trade booth traffic for backhands, our pickleball tournament is the perfect opportunity to connect with fellow security leaders. Bring your sneakers and a smile, we’ll provide the rest. 📍 Bay Club Drumm Street, San Francisco 🗓️ March 25th ⏰ 7:00-9:00AM Save your space ➡️ https://lnkd.in/ei78bZkM RSAC Conference #RSAC2026 RSAC
-
Jim Routh reposted thisAre you attending RSAC this year? If yes, then have some fun playing Pickleball! The second annual RSAC Pickleball event! https://lnkd.in/eYAhuNZg
-
Jim Routh shared thisIf you are attending RSAC- please join me for Pickleball! The second annual RSAC Pickleball Tournament is on Wednesday of RSAC week. The second annual RSAC Pickleball Tournament is on Wednesday morning from 7:00 AM - 9:00 AM PCT. Please join me and register https://lnkd.in/eYAhuNZg
-
Jim Routh shared thisAre you attending RSAC this year? If yes, then have some fun playing Pickleball! The second annual RSAC Pickleball event! https://lnkd.in/eYAhuNZg
-
Jim Routh shared thisI feel the need for speed!Jim Routh shared thisThings Are Getting Wild: Re-Tool Everything for Speed What’s coming: a tidal wave of vulnerabilities exploited by more industrialized attackers, in a hall of fake mirrors, with agents running amok. What’s needed: relentlessly enforced strong baseline controls, finding and fixing vulnerabilities ahead of attackers, wholesale elimination of entire classes of vulnerabilities, AI-driven red teaming and an enterprise agentic control plane. Above all: optimize for speed. https://lnkd.in/eGqg4npb
-
Jim Routh shared thisJoey “nailed it!”Jim Routh shared thisJust a quick note to say how grateful I am for our holistic cyber security community. Things happen fast in our world. And they go to the very top of the corporate flagpole quickly. We're expected to have readiness and answers for things no one saw coming, no matter what. And you know what?... We do it. WE do it as a community. A community of practitioners, from CISOs to architects to engineers to analysts. A community of vendor solution providers who are hyper-focused on solving specific problems, and come together when times are tough. A community of VCs who are actually earnestly engaged in solving problems proactively. A community of shared knowledge like we have in the ISACs. A community of thought leadership think tank groups that pull together thought leaders on short notice to keep us informed and aligned. A community of VARs who are there to support us when we don't have the answers, and they have the resources. A community of outright competitors across all of those fronts who still come together and align for the greater good when the need arises. These communities seamlessly bridge traditional lines of challenge around cultures, political views, areas of differentiating opinions. Because at the end, we're all in this together. And we rely on each other. This is very very unique to cyber. None of us can do it alone. I came up in this industry learning. And now, it feels odd that occaisionally I'm looked to as a leader. But every day, still just learning, listening....And so grateful for this community. Those of you who engage with me directly, you know who you are- Practitioners, CISOs, product founders, VC leaders, consultancy groups, ISACs...I'm grateful for you. I'm not gonna drop any hashtags, or links, or anything. I could. I’m not gonna call out any one person or group specifically. I could. There’s too many making truly positive impacts. That’s what makes this work. I'm not looking for views or likes. I'm just thanking this community for being present. Anyone reading this knows the current firestorms going on. And there will be a new one soon. And this community will be there through it. And I will be there for this community. It's an ecosystem. Thank you Though I would encourage you, that if there are individuals, groups, mentors, etc that have and continue to impact you, please give them recognition here in the comments section.
-
Jim Routh shared thisAI has changed software engineering. It’s time to mature secure development practices by eliminating the need for credential management for developers.Jim Routh shared thishttps://lnkd.in/guGHDCh7 Matthew Roger Robert Jim Brett Dustin Jeff Bob Paul M. Sue Shane John Luke This analysis from the Google Threat Intelligence team sums up the what that Codezero Technologies Inc. is solving for. Critically, this isn't just about AI as AI simply takes a wrecking ball to our existing software development security practices (or rather lack there-of) but, because of the automation → scale → capabilities of AI, it exposes the proverbial "little dutch boy" that every software development & security team contends with. More succinctly, we're seeing decades of brittle software development practices, solutions, architectures, and incentives exposing the inherent weaknesses of our overall security & software development. As Reed recently outlined: "Here's the shift: Instead of storing credentials better, we need to remove them from the execution path entirely. At Codezero Technologies Inc., we've built network-layer orchestration that injects credentials in-flight, they never touch agent memory, developer environments, or application code. Zero-knowledge architecture. Your existing vault stays as the source of truth and your current identity provider and policy engine stay connected. We're the invisible secure courier that ensures credentials exist only in transit, for microseconds, then vanish." 👉 "Threat Actors Abusing AI API Keys: While legitimate AI services remain popular tools for threat actors, there is an enduring market for AI services specifically designed to support malicious activity. Current observations of English- and Russian-language underground forums indicates there is a persistent appetite for AI-enabled tools and services, which aligns with our previous assessment of these platforms...This setup leverages a key abuse vector: the integration of multiple open-source AI products—specifically Crush, Hexstrike AI, LibreChat-AI, and Open WebUI—opportunistically leveraged via Model Context Protocol (MCP) servers to build an agentic AI service upon commercial models. In order to misuse LLMs services for malicious operations in a scalable way, threat actors need API keys and resources that enable LLM integrations. This creates a hijacking risk for organizations with substantial cloud resources and AI resources. In addition, vulnerable open-source AI tools are commonly exploited to steal AI API keys from users, thus facilitating a thriving black market for unauthorized API resale and key hijacking, enabling widespread abuse, and incurring costs for the affected users. For example, the One API and New API platform, popular with users facing country-level censorship, are regularly harvested for API keys by attackers, exploiting publicly known vulnerabilities such as default credentials, insecure authentication, lack of rate limiting, XSS flaws, and API key exposure via insecure API endpoints."GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use | Google Cloud BlogGTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use | Google Cloud Blog
-
Jim Routh liked thisIt's not a new threat but wow, the risk profile has ramped recently and will continue to do so. Identity verification and the effectiveness off your up and down stream Identity Security controls take on more importance daily. Are you doing enough to guard your data and systems and how much do you understand about your supplier and partner ecosystem and how robust their ID verification process is before you grant access to your systems. #identitysecurity #supplychainrisk #identityverificationJim Routh liked thisThe issue of defending against recruitment as the attack surface is the subject of a recent feature published by The Stack. Sharing his observations on the issue, is Simon G., field CIO of identity and governance provider Saviynt. You can read Simon's views - and the article - here: https://lnkd.in/eVequC2pNorth Korea fake IT workers threat persist, defence adviceNorth Korea fake IT workers threat persist, defence advice
-
Jim Routh liked thisJim Routh liked thisThe photos are starting to come in, and for a moment, it feels like we’re still there Huge shoutout to my partners Dor Knafo and Shirley Hermann for pulling this off at such a high level to Sapir Goldstof , Ayala Naveh & Ohad Berger who produced this amazing event to Shahed Fakhari Allston Segale Emma Flannery and Michelle Van Wyk who were with us from the very first idea to the final applause , making sure everything was executed to the highest standard Heading back home, wondering when Sting’s songs will stop playing in my head
-
Jim Routh liked thisJim Routh liked thisMy problems started at an early age. Most of my friends were imaginary, and I was cooped up with bad influences. But I've always liked cute chicks!
-
Jim Routh liked thisCouldn’t be prouder of how we are pushing the boundaries with AI to help secure every remote transaction for our customers. This recognition highlights just that. #pindrop #deepfakedetection #fraudprotection #mfaJim Routh liked thisPindrop just landed on Fast Company’s 2026 Most Innovative Cybersecurity Companies list 🎉 🎊 🎉 Not long ago, identity checks were confined to one moment in time. Now the ground is shifting, and it's shifting fast. The pressure to stay ahead of AI-driven threats is only growing, and continuous identity verification is moving from nice-to-have to the new enterprise standard. This award feels like a recognition of that monumental shift in cybersecurity. Proud of the team for building for the future. We're just getting started. See the full list: https://lnkd.in/dWzNf2ua
-
Jim Routh liked thisJim Routh liked thisI’m starting to hear the narrative that the browser is the new endpoint. The fundamental argument is that as work moves to SaaS and AI copilots, the browser becomes the primary execution surface. Control the browser and you control the risk. There’s truth in that. But when it comes to #agenticAI, I think this framing misses the bigger risk. Most AI agents don’t live in browsers. They live in cloud runtimes, operate through tools, APIs, orchestration systems and backend services. Here’s how AI agents are functioning inside enterprises today: 1. Agent reads CRM data from Salesforce 2. Decides to call a Snowflake query 3. Updates a ServiceNow ticket 4. Finally triggers a remediation workflow in the cloud. None of that involves a browser. Autonomous agents, which are quickly emerging, behave differently: 1. Agent receives a goal 2. Breaks the goal down into actionable steps 3. Calls multiple APIs 4. Executes actions across systems Those actions happen service-to-service, not within browser tabs. If we focus security solely on the browser, we protect the human interface to AI, but not the AI itself. The real challenge is that AI agents don’t follow deterministic workflows. They pursue goals, adapt their behavior, and call tools dynamically. So how do we control what an AI agent is allowed to do at runtime? I’m not just talking about where it runs. I’m talking about: what device it uses, which browser session it came from, what action it is about to perform, what data it is trying to access and most importantly whether that action aligns with its intended purpose The security boundary may not be the browser. It may be the API call, or the tool invocation, or the intent behind an action. This is why runtime authorization for AI agents is the cornerstone of #identitysecurity for AI. It goes far beyond identity or device posture — it’s about enforcing intent-aware control over what agents actually do. The browser will absolutely be an important control point, but it may not be THE control point. Curious how others are thinking about this. Are we over-indexing on the browser as the primary security boundary for #AI, or do autonomous agents require us to rethink where enforcement truly belongs? Nupur Goyal Namyoon Han Greg Liewer Indigo Wilmann Suresh Sridharan Mahmoud Matouk Sreejith Rajkumar Deepak Anekal Pramod Vemulapalli Rekha Das Manish Acharya Vinit Shah Shreyas K N John Wang Santhana Krishnasamy Amarinder Jassal Sachin K Nayyar Paul Zolfaghari Jeff Margolies Ajay Garg
-
Jim Routh liked thisJim Routh liked thisHow Saviynt uses AWS for identity security with generative AI | LinkedIn https://bit.ly/3LR0pWGHow Saviynt uses AWS for identity security with generative AI | Saviynt posted on the topic | LinkedInHow Saviynt uses AWS for identity security with generative AI | Saviynt posted on the topic | LinkedIn
-
Jim Routh liked thisJim Routh liked thisTo my friends, former colleagues and extended network who got impacted by Oracle’s rif, Saviynt is hiring: https://lnkd.in/gUyPqTmF If you find something you like, please let me know. 💚 And if you need help by the way of introductions to someone on my network, just message me. #iam #jobs #hiring #careers
-
Jim Routh liked thisJim Routh liked thisLegit is proud to be included in the new Enterprise AI Security Handbook by TAG Infosphere! ☺️ As AI takes the driver's seat in software development, organizations must ensure that these systems are developed and deployed securely. The handbook will help organizations manage the security risks associated with enterprise AI adoption. Legit’s inclusion reflects the growing importance of securing the AI-enabled software supply chain. By providing visibility and protection across AI-first development pipelines, Legit helps organizations prevent vulnerabilities and maintain trust in AI-powered applications deployed at scale. Download the full report - link in comments! #vibecoding #securedevelopment #DevSecOps #AICodeSecurity #AppSec
-
Jim Routh liked thisJim Routh liked thisCelebration of a Life Well Live: J. T. (Ted) Childs, Jr. Yesterday, March 28, 2026, hundreds of us gathered together to pay beautiful tribute to a man who clearly lived a life of immense consequence. Ted Childs, Jr. was more than just a pioneer in corporate diversity; he was a "catalyst for change" and a "family patriarch" who touched countless lives. A Life of Impact - The service reflected the "four full hours" of respect and love, celebrating a career and life defined by: · Corporate Trailblazing: During his 39 years at IBM, Ted redefined the workplace by spearheading corporate resource and referral services for working families. · Inclusion for All: He famously expanded the definition of diversity to include everyone, establishing employee constituency groups that included white men alongside traditionally underrepresented communities. · Public Service: Ted advised President Bill Clinton on national dependent care strategies and worked with Admiral Mike Mullen to support military families. · Lifelong Brotherhood: A proud "Omega Man," Ted helped charter the Phi Nu Chapter of Omega Psi Phi and took great pride in a four-generation family legacy within the fraternity. Family and Legacy - Despite his global influence, Ted never lost sight of his "fourth quarter"—his role as a devoted grandfather. · Survivors: He is survived by his children, J. Tiffany Childs and John T. Childs, III, and his three beloved grandchildren: AJ, John IV, and Kiersten (Kiki). · The Childs Foundation: For those wishing to honor his memory, donations can be made to The Childs Foundation. Ted’s life was guided by his mother’s advice to "reach for the stars," a journey that took him far beyond the mountaintop. As his final manuscript suggests, he leaves us with a challenge: to keep asking "What is possible?" and to work with unshakeable perseverance to make it happen. You can view the 4-hours celebration service on YouTube and/or click the document to keep a copy of Ted's life story. https://lnkd.in/eNDfYzHN #ALifeWellLived #LegacyOfTransformation #DiversityPioneer #OmegaPsiPhi #ReachForTheStars #TheFourthQuarter
Licenses & Certifications
-
CSSLP
IC2
Issued -
CISM
ISACA
Issued Expires
Volunteer Experience
Publications
-
Third Party Governance: Digital Identity
ICIT
See publicationThis is for those that want a risk-management approach to third party risk management (TPRM) suitable for today’s attack surface and specific to the software supply chain. Identity management for cloud accounts used in software engineering are essential as a core component of third party risk.
-
The Role of a CISO in Shaping Trust in the Age of Artificial Intelligence
ICIT
See publicationThe Chief Information Security Officer (CISO) plays a vital role in AI governance, balancing risk management with seizing business opportunities. This paper defines the CISO's role in establishing an enterprise-specific AI Governance Framework and offers insights into the challenges and options for effective implementation.
-
Identity as a First Line of Defense
IDS Alliance
See publicationIdentity has evolved as a primary line of defense for cyber security and data science has emerged as a foundational component of digital identity management for an enterprise. Identity and Access Management (IAM) programs tend to lurk in the shadows until something goes wrong. But enterprises now have capabilities that haven’t yet been applied to cybersecurity, and IAM within cybersecurity, fueled by data science fundamentals. Identity is being widely discussed as the next generation of the…
Identity has evolved as a primary line of defense for cyber security and data science has emerged as a foundational component of digital identity management for an enterprise. Identity and Access Management (IAM) programs tend to lurk in the shadows until something goes wrong. But enterprises now have capabilities that haven’t yet been applied to cybersecurity, and IAM within cybersecurity, fueled by data science fundamentals. Identity is being widely discussed as the next generation of the perimeter as businesses transform from legacy-based, on-premises environments to cloud-hosted and Software as a Service (SaaS) applications. The design of enterprise controls has to keep pace and evolve away from on-prem to cloud-native apps, using data science to drive model-driven security.
The shift also fundamentally changed enterprise controls as on-premises IAM capabilities were substituted for access control in a cloud or SaaS deployment. However, threat actors also adjusted their approach, which meant the core IAM controls had to evolve with the tech. That saw the introduction of edge protection controls, such as using secure browsers rather than the traditional approach of virtual private network (VPN) tunnels.
The use of identity for continuous risk management and verification is well established in fraud management within financial services. But what’s new is the maturity of machine learning algorithms, which enable enterprises to apply identity in a near real-time model.
Traditionally, IAM practices relied on human labor to do the heavy lifting. Managers would have to approve employees’ access to resources, which created delays and workflow challenges and frustrated users. But a model-based approach reduces dependency on human behavior and increases reliance on models or near real-time decision-making to remove human involvement.
The benefits are significant as IAM controls improve while the productivity of the entire workforce improves. -
The Role of Cybersecurity Leaders as Educators
The Institute for Critical Infrastructure Technology
See publicationThe market for cyber security talent is getting scarcer every year yet the current practices in place by enterprises reflect an employment model that has been obsolete for many years. Cyber security leaders have to adjust their recruiting practices along with their leadership skills demonstrating a solid commitment to talent development to deal with the current market conditions. Unconventional techniques can enable cyber security leaders to both attract and grow diverse talent to meet the…
The market for cyber security talent is getting scarcer every year yet the current practices in place by enterprises reflect an employment model that has been obsolete for many years. Cyber security leaders have to adjust their recruiting practices along with their leadership skills demonstrating a solid commitment to talent development to deal with the current market conditions. Unconventional techniques can enable cyber security leaders to both attract and grow diverse talent to meet the future needs of the enterprise without increasing compensation or recruiting fees. The key is to consistently demonstrate a commitment developing talent and make adjustments to roles enabling employees to have an opportunity to learn and master new skills that they choose.
Cyber leaders have to collaborate with HR professionals to apply un-conventional techniques that are essential for the current and future market conditions. Enterprises can't hire cyber security professionals when they are needed due to the constraints of the limited supply of talent. The key is to shift the paradigm to hire top, diverse talent when you find it...not necessarily when you need it. Leaders should expand their networks and consistently recruit talent for loosely defined job categories with a minimum of requirements and encourage their teams to conduct exploratory interviews designed to understand what skills the candidate wishes to master. Top talent should be offered a role that is partially designed to give them an opportunity to learn what they wish to learn.
Cyber leaders should spend 30% of their time each week on talent development for their employees. CSO/CISOs should identify the development needs for their stakeholders and design curriculums for all of their stakeholders. This demonstrates a shift toward CISOs as educators to provide a multifaceted curriculum for all stakeholders in addition to a demonstrated commitment to talent development for all employees. -
The Growing Obsolescence of Passwords
ICIT Fellows Publication
See publicationIt's time for enterprises to develop an approach to eliminate the use of passwords. They served us well for 60+ years but digital consumers have too many digital assets to remember passwords for. Enterprises have an opportunity to shrink the attack surface, improve the digital experience and lower costs by implementing behavioral based authentication capabilities.
-
Why Data Science is Foundational for an Advanced Cyber Program
FS-ISAC Insights
See publicationThere are hundreds of new controls available when applying data science to cybersecurity control design within any enterprise. Most of these new controls don’t require a human action to initiate a risk management task or outcome. Models identify and track behavioral patterns using data streaming. Deviation from the patterns can be measured triggering a threshold of deviation that initiates an automated workflow to mitigate risk in milli seconds without a human involved. Cyber professionals…
There are hundreds of new controls available when applying data science to cybersecurity control design within any enterprise. Most of these new controls don’t require a human action to initiate a risk management task or outcome. Models identify and track behavioral patterns using data streaming. Deviation from the patterns can be measured triggering a threshold of deviation that initiates an automated workflow to mitigate risk in milli seconds without a human involved. Cyber professionals enhance their analytic capabilities and adjusts control points based on transaction trends.
-
Successful Women In Cybersecurity Podcast
CSO Magazine & IT Security ONE2ONESummits-Reed Exibitions
-
FS-ISAC 3rd Party Software Security Working Group
FS-ISAC
White paper on 3 additive controls for a 3rd party vendor governance program specific to software security
-
Beautiful Security
O'Reilly Media
Chapter 11
Other authors -
Honors & Awards
-
CSO Hall of Fame
CSO Magazine
Award winner for CSO Hall of Fame for 2020
-
Shared Assessments Lifetime Achievement Award
Shared Assessments
Honorees recognized for the contribution to cyber security resiliency over the course of their professional careers
-
Evanta 2017 Break Away Leadership Award
Evanta
This honor, built on peer recognition, spotlights CISOs who are revolutionizing their organization’s competitive position in the marketplace through visionary leadership and business transformation.
-
ISE Luminary Award
ISE
Founded in 2005, the ISE® Luminary Leadership Award is conferred on annual basis to an extraordinary industry executive at the ISE® North America Awards Gala. This prestigious award showcases and honors an outstanding leader and industry practitioner for their distinguished service, stewardship and contributions in advancing the information security industry.
-
Information Security Executive of the Year Award 2014 North America- Healthcare
T.E.N.
-
BITS Leadership Award
BITS
Recognition for leadership of cross sector working group on Supply Chain Security
-
ISE Northeast Award 2009
T.E.N.
Organizations
-
NYU
Adjunct Faculty Member
- PresentI design cybersecurity related content for the Tandon School of Business for NYU
Recommendations received
55 people have recommended Jim
Join now to viewOther similar profiles
Explore more posts
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.
View top content