#482 The Browser Is The New Battleground: John Carse On Securing The Modern Endpoint The CTO Show With Mehmet Gonullu podcast

#482 The Browser Is the New Battleground: John Carse on Securing the Modern Endpoint

3M ago 49:37

اشتراک گذاری

محتوای ارائه شده توسط Mehmet Gonullu. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Mehmet Gonullu یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

In this episode of The CTO Show with Mehmet, we’re joined by John Carse, Field CISO at SquareX, to explore a fast-emerging shift in cybersecurity: the browser as the new endpoint. John shares why traditional tools like EDR and CASB are no longer sufficient, how modern threats are bypassing enterprise defenses, and what CISOs need to prioritize in a SaaS-first, GenAI-driven world.

With decades of leadership across Dyson, Rakuten, Expedia, and the U.S. Navy, John brings both a practitioner’s lens and a future-forward vision to security.

💡 What You’ll Learn

• Why the browser is now the most targeted endpoint

• How unsanctioned SaaS apps increase attack surface

• The growing importance of browser-based detection and response

• Where AI is accelerating both attackers and defenders

• Practical advice for CISOs prioritizing browser security today

⸻

🔑 Key Takeaways

• Over 60% of cyberattacks now begin in the browser.

• Legacy tools like EDR, CASB, and DLP often miss context at the browser layer.

• Browser extensions can now enforce enterprise-grade policies with minimal user friction.

• AI is a dual-edged sword—accelerating threats but also helping defenders respond faster.

• SquareX helps convert any browser into a secure enterprise environment with deep visibility, policy control, and threat mitigation.

👤 About the Guest

John Carse is Field CISO at SquareX, a browser security company redefining how enterprises protect their workforce. He previously served as Global CISO at Dyson and Rakuten, and led security operations at JP Morgan Chase and Expedia. John blends deep hands-on expertise with strategic insight into emerging threat landscapes and CISO priorities.

https://www.linkedin.com/in/johncarse/

https://www.securityweek.com/industry-moves/feb-24-2025/

https://sqrx.com/

Episode Highlights

[00:03:00] – What is a Field CISO and John’s role

[00:06:00] – Why the browser has quietly become the new endpoint

[00:10:00] – How detection and response works inside the browser

[00:18:00] – The real threats: browser-based social engineering, sync jacking, and polymorphic extensions

[00:24:00] – Why EDR and SASE tools are not enough

[00:32:00] – Balancing security and user experience in browser-based defense

[00:40:00] – What excites John about the future of browser security and GenAI

511 قسمت