Securing the Browser to Protect IT and OT Networks: Part 2 in OT Mini Series

Your Headcount Request Isn't a Staffing Problem — It's a Sales Problem

How to Get an IT Headcount Proposal Approved: Speak in Risk, Value, and Data The hosts discuss how IT leaders can successfully propose adding staff when teams are overextended and work keeps piling up. They emphasize starting with the real problem—unmet business value, security/compliance risk, cyber insurance requirements, ticket backlogs, and burnout/retention risk—then backing the request with data such as project lists, vulnerability and compliance gaps, device and ticket growth, peer staffing comparisons, and feedback from other departments. They advise focusing on responsibilities and business impact rather than job titles, researching comparable organizations carefully, and presenting alternatives like contractors, interns, or part-time roles with true fully loaded costs. The conversation also covers delivery tactics: have an in-person sit-down, be confident and prepared, time the meeting well, seed the narrative in advance, rehearse tough questions (including via AI role-play), and keep a tiered fallback plan with follow-ups if the answer is no. 00:00 Intro 02:04 Keep the List 05:10 Start With the Problem 08:00 Do Your Research 10:19 Responsibilities Over Titles 13:40 Weigh the Alternatives 17:16 The Real Cost of a Hire 18:24 Delivering the Proposal 20:52 Timing the Ask 22:20 Plant the Seeds Early 25:20 Rehearse It (and Use AI) 28:15 Have a Fallback Plan 31:53 Final Thoughts 33:40 Outro Keywords: IT headcount proposal, how to justify new IT staff, IT staffing business case, getting headcount approved, building a business case for hiring, IT budget proposal, IT leadership, IT management, IT workforce planning, understaffed IT team, IT burnout and retention, cybersecurity staffing, compliance risk, cyber insurance requirements, ticket backlog, fully loaded cost of an employee, contractors vs full-time, presenting to leadership, executive buy-in, electric cooperative IT, utility IT, SMB IT, Off the Wire podcast #ITLeadership #Cybersecurity #ITManagement #ITStaffing #ElectricCooperative #SMBIT #ITStrategy #OffTheWire

Hardware Quotes Are Expiring in Hours: What’s Going On?

Why Hardware Prices Are Skyrocketing in 2026 (RAM, SSDs, Servers) — and What You Can Do Hardware budgets are breaking. Quotes that were good for 30 days are now expiring in hours. That $80k workstation quote? It's $160k now. That server quote near $1M? Already $1.3M — and climbing. In this episode, Tanner and Anthony break down what's actually driving the spike in RAM, SSDs, hard drives, servers, and networking gear — and it's not just tariffs. AI data center buildouts are pulling manufacturers toward high-margin HBM memory (roughly 10x the margin of standard DRAM), leaving everything else fighting for supply. With only three major players (Samsung, SK Hynix, Micron) and factory expansions that take 2-3 years, relief isn't coming fast. More importantly — what do you do about it right now? They cover practical steps: faster approval cycles, buying ahead, standardizing hardware, right-sizing, considering refurb and used gear, extended refresh cycles, cloud compute, and leasing. Plus how to brief leadership before the budget conversation catches you off guard. This one's for anyone managing IT budgets at a lean organization — co-op, municipal, small enterprise. The volatility is real and it's not going away anytime soon. 00:00 Truck Price Shock Skit 01:54 Hardware Quotes Going Wild 02:46 Real World Sticker Stories 04:36 Why Memory Costs Surge 07:01 HBM vs DRAM Margins 09:08 Factories Tariffs New Normal 13:44 Beyond RAM Storage Crunch 16:53 Quotes Expire Faster Than Ever 20:23 Practical Ways To Cope 26:36 Refurb Longer Cycles Cloud 32:21 When Relief Might Come 37:01 Wrap Up Lead With Communication Off the Wire is a cybersecurity and IT leadership podcast for practitioners at small-to-medium organizations and electric cooperatives.

The SaaSpocalypse: How AI Is Killing (and Reshaping) SaaS Tools

The SaaSpocalypse: How AI Is Killing (and Reshaping) SaaS Tools In this episode of Off The Wire, Anthony and Tanner discuss the “SaaSpocalypse”—how AI is disrupting and potentially replacing many SaaS products—citing examples like Figma being hit after Claude Design launched, reduced need for Canva due to AI tools, and vulnerable niche apps like Grammarly as Copilot and Google tools bake AI directly into core suites. They debate whether AI pricing is currently subsidized, noting high API, hardware, and power costs that could drive subscriptions much higher over time. They explore how AI could become the primary interface layer, reducing the need for traditional web UIs and even replacing documentation platforms by querying SharePoint-backed datasets through an agent. For IT leaders, they recommend evaluating SaaS at renewal time, starting with narrow tools, moving gradually, and prioritizing cost savings while accounting for change management and human behavior. 00:00 SaaSpocalypse Explained 00:14 Figma And Canva Wakeup Call 01:35 SaaS Vendors Racing To Add AI 02:53 Why AI Pricing Will Rise 07:25 Which Tools Are Most Vulnerable 11:20 AI As The New Interface Layer 16:47 Advice For CIOs And IT Leaders 25:10 LinkedIn And The AI Slop Problem 31:00 Final Takeaways And Wrap Up

Anthropic’s “Mythos” Leak, Project Glasswing, and the 90-Day Patch Countdown

Anthropic’s “Mythos” Leak, Project Glasswing, and the 90-Day Patch Countdown Hosts Tanner and Anthony discuss reports of Anthropic’s new “frontier” general-purpose model, Mythos (Mythos Preview), described as exceptionally strong at finding and exploiting novel security bugs and allegedly sitting on thousands of unpatched zero-days affecting major operating systems and browsers. They review examples cited, including decades-old FreeBSD and OpenBSD flaws and a Linux kernel issue, and note a separate security firm (Aisle) replicated parts of the findings using open-weight models, though Mythos appears better at moving from detection to exploitation. The episode explains how Mythos became public via leaks, then outlines Anthropic’s Project Glasswing: about 50 vendors received 90 days of access plus credits to patch systems, with Mozilla reportedly patching 271 Firefox issues. They close with preparation steps for lean IT teams: asset inventory, vendor outreach, risk-based prioritization, mitigation and isolation, patch validation, workload planning, governance and insurance review, stronger detection controls, least privilege/zero trust, and verifying backups. 00:00 Too Dangerous to Release 01:45 Meet Mythos Preview 02:25 Zero Days Found 05:19 Can Others Replicate It 06:46 Efficiency and Edge Models 08:17 Leaks and Access Blunders 10:42 Project Glasswing Explained 15:10 90 Day Clock and Fallout 16:24 Break and Subscribe 17:05 Prep Plan for IT Teams 19:05 Patching Priorities and Testing 21:00 Controls Backups and Wrap Up 24:02 Final Thoughts and Sign Off

Why OT Monitoring Is Now a Necessity (Tools, Baselines, and Incident Response): OT Security Part 4

OT Security Part 4: Why OT Monitoring Is Now a Necessity (Tools, Baselines, and Incident Response) In this Off the Wire episode, Tanner and Anthony wrap part four of their OT security miniseries by focusing on OT monitoring and why it’s needed, noting that over 90% of small and medium businesses with OT environments lack monitoring and that AI is lowering the time and effort required for attacks. They explain how legacy OT systems were built without security, often use unencrypted or proprietary protocols, and can’t run agent-based tools like EDR, making specialized monitoring essential. The discussion covers how monitoring complements preventive controls, helps establish a communications baseline, flags anomalies (like unexpected east-west traffic), supports forensics and log retention, integrates alerts with email and SIEMs, and validates segmentation and documented exceptions. They also debunk the “air-gapped OT” myth, stress mapping all IT/OT bridges, recommend an OT-specific incident response plan, and list tool options including Malcolm, Security Onion, Dragos (free under $100M revenue), and vendors like Darktrace, Tenable OT, Cisco Cyber Vision, Nozomi, and SCADAfence, alongside drivers like NERC CIP, CMMC, mandates, and cyber insurance. 00:00 Recording The Intro 00:02 Why OT Monitoring Matters 00:31 Small Targets AI Threat 02:31 OT Risks Real World Impact 05:39 OT Is A Different Animal 08:35 Baselines For Segmentation 10:03 Air Gap Myth Bridges 12:09 SCADA Migration Opportunity 13:21 Realistic OT Attack Chain 15:47 What to Monitor in OT 16:11 Five Key Visibility Signals 19:21 OT Incident Response Planning 20:27 Picking Monitoring Tools 22:41 Compliance and Budget Levers 24:13 OT Security Checklist 26:52 Final Thoughts and Next Episode