Security Bloggers Network 
SBN

From Burnout to Breakthrough: How Cybersecurity Leaders See 2025 and Beyond

by Evan Powell on March 25, 2025

In the last few weeks, I’ve done some learning in public, interviewing three of our advisors and making those interviews public on YouTube for all to see.

I chatted with Steve Zalewski, former CISO at Levi Strauss (LinkedIn); Julie Tsai, former CISO at Roblox (LinkedIn); and Brennan Lodge, Director of Information Security at Manhattan Institute and founder of Blogic (LinkedIn) — to discuss what’s on the horizon, challenges we are all facing in cyber, and possible paths forward.

What struck me most from these conversations was their optimism in our collective ability to elevate cybersecurity through new approaches. They have each experienced challenging times in cyber, and yet they retain their compassion for the practitioners and curiosity about new approaches. I came away inspired, and I think you will too.

Feel free to jump over to our YouTube channel to see these and other interviews for yourself, along with some snazzy shorts we’ve put together in case you want to share highlights:
https://youtube.com/playlist?list=PLAA_X4q5lQvvs3oAT9f9-kZIg0SxWKVh1&si=vm-C-fWnmdE_yXOY

Here are some common themes from my conversations with Steve, Julie, and Brennan.

Ye old wordcloud — data seems important

1. The Limits of Legacy: Rethinking Signature-Based Security

Across the board, our conversations pointed to a shift away from purely signature-based security models. Steve Zalewski noted candidly that “attackers have weaponized AI,” rapidly overcoming traditional detection methods. “They’re using AI to fuzz faster, quicker, and more dramatically,” he explained, highlighting the diminishing effectiveness of signature-based detections in a world where adversaries evolve faster than rules can keep up.

Brennan Lodge echoed this sentiment but also acknowledged signatures’ lingering necessity: “You can’t completely discard signature-based detections — they serve a purpose — but they’re static. The world isn’t.” Brennan emphasized the importance of real-time anomaly detection powered by AI, something we’re focused on at DeepTempo.

Julie Tsai crystallized the importance of better tooling to manage false positives and false negatives, emphasizing that legacy tools too often inundate teams rather than empower them. As she put it, “the promise around automation and AI was always about raising the level at which we operate, not throwing more human bodies at machine-scale problems.”

2. Efficiency vs. Effectiveness: The Human Element

Cybersecurity is a human problem as much as a technological one, something each leader underscored. Steve Zalewski put it clearly: “Business demands effectiveness, not just efficiency.” The role of cybersecurity teams isn’t merely to run faster but to achieve actual resilience and containment — turning “what has happened” into actionable insights about “what is happening right now.”

Julie Tsai expanded on the human toll of poorly managed security tooling: burnout. “You can’t burn the candle at both ends 100% of the time,” she warned. “You’ll lose great people.” Her call for better automation isn’t merely technological — it’s deeply humane, rooted in a desire to sustain careers and mental health while boosting operational excellence.

Brennan Lodge also emphasized the importance of equipping analysts with context-rich data and actionable insights. For Brennan, tools should lighten, not add to, the cognitive load on analysts. Better context and explainability aren’t nice-to-haves; they’re foundational for sustainable security operations.

3. Proactive Security: Moving Left, Seeing Sooner

In our discussions, all three emphasized the shift toward early detection and proactive mitigation strategies. Brennan and Julie discussed the imperative to detect threats early, well before exploitation or significant lateral movement. Julie’s vivid depiction — “catching attacks when they’re loud, shallow, and recoverable” — paints a clear picture of what success looks like in proactive security.

Steve highlighted the pivot we must make from after the fact log analysis to proactive threat containment that is made available by understanding behaviors in near real time: “We need to shift from identifying vulnerabilities already exploited, to identifying threats that are materially exploitable right now.”

At DeepTempo, this insight resonates deeply: Our work in mapping incidents rapidly and accurately to the MITRE ATT&CK framework helps security teams not just react, but anticipate. Recently we also started enabling users to see a cascade of similar patterns of behavior across their systems, an approach that is impractical with traditional rules and ML based systems.

4. Foundation Models and Contextual Intelligence: New Tools for New Challenges

Finally, all three leaders expressed excitement around foundation models in cybersecurity — specifically, the type of deep-learning-driven log language models (LogLMs) we’re developing at DeepTempo.

Julie Tsai articulated how targeted, transparent, and data-driven models promise to provide greater accuracy and interpretability than generalized AI solutions. For her, these innovations not only improve detection quality but can significantly reduce infrastructure and operating costs, addressing compliance and privacy concerns along the way.

Similarly, Brennan Lodge stressed the importance of integrating AI-driven detections with frameworks like MITRE ATT&CK to help analysts quickly understand and respond to threats. Steve Zalewski further reinforced this point, emphasizing the urgency for AI-powered tools to move from simply augmenting analysts to actively driving more of the detection and containment process. In hindsight I should have drilled into this thread a little more — because at least as I see it, it does call into question the heavy and overlapping funding of AI SOC companies, which attempt to apply AI to improve the operation of a cyber security system without addressing the failing foundations.

Final Thoughts: From Survival to Strategic Advantage

Our dialogues reinforced that we’re faced with both more advanced threats and also great opportunities to bolster our defenses through deep learning. The choice is clear: adapt proactively or fall further behind adversaries who already leverage AI aggressively.

Many thanks to Steve Zalewski, Julie Tsai, and Brennan Lodge — not just for sharing their insights, but for their ongoing contributions to DeepTempo’s journey and their leadership of the broader cybersecurity industry. Our vision of collective defense via deep learning requires teamwork and curiosity, and deep empathy for the challenges of SOC operations which Steve, Julie, and Brennan each obviously possess.

Together, as Julie said, “the potential for solutions exists between the chair and the keyboard.” It’s up to us to ensure we put powerful, humane, intelligent tools in those hands.

A huge thank-you again to Steve, Julie, and Brennan for sharing their time and insights.

If you’re curious about what we’re building at DeepTempo — leveraging deep learning and collective defense to change the game in cybersecurity — reach out directly or visit our website and try us out on Snowflake.

Onward!
 — Evan

From Burnout to Breakthrough: How Cybersecurity Leaders See 2025 and Beyond was originally published in DeepTempo on Medium, where people are continuing the conversation by highlighting and responding to this story.

*** This is a Security Bloggers Network syndicated blog from Stories by Evan Powell on Medium authored by Evan Powell. Read the original post at: https://medium.com/deeptempo/from-burnout-to-breakthrough-how-cybersecurity-leaders-see-2025-and-beyond-76d285b4705d?source=rss-36584a5b84a------2

Evan Powell , ,