Why Cybersecurity is as much Art as Science

September 26, 2025

Facebook
X (Twitter)
Pinterest
fb-share-icon

In this kickoff episode of The Art of Cybersecurity, host Cheri Hotman shares why this podcast exists and what listeners can expect. Cyber isn’t just science or technology — it’s art. It’s messy, constrained, people-driven, and ultimately about mitigating risk to protect people and data.

Cheri cuts through the noise of “easy button” tools, audit-passing mentalities, and checkbox compliance to talk about what security really is: designing programs that work, tackling people and process challenges, and aligning solutions to business goals.

You May Like These Posts

Security Awareness Training – Verizon 2025 Data Breach Investigations Report

In this 15-minute training, the HG team breaks down the most critical findings from Verizon’s 2025 Data Breach Investigations Report (DBIR)—and what they mean for real-world security programs. We cover the sharp rise in third-party breaches, the growing threat of GenAI misuse, and the continued dominance of ransomware and credential-based attacks. You’ll walk away with […]
Read more

Why Maturity Matters: Overcoming GRC Cognitive Overload with the Maturity Model

Please join Kayne McGladrey, author of the GRC Maturity Model and Cheri Hotman as they explore the GRC (Governance, Risk, and Compliance) Maturity Model, a powerful tool for organizations to assess and enhance their cybersecurity practices. Achieving maturity in GRC is crucial for navigating complex regulatory landscapes and boosting overall effectiveness. Through self-assessments, organizations can […]
Read more

Where Compliance Meets Security: Doing Both the Right Way

Compliance and cybersecurity are often seen as separate priorities—but the truth is, good compliance reduces risk when done right. So how do you effectively integrate both for a stronger security posture? In this session, we’ll break down the intersection of compliance and cybersecurity, share best practices, and walk through real-world examples of organizations that have […]
Read more

Building Customer Trust in the Digital Age: Evolution, Importance, and Observations from the Field

In today’s digital age, customer trust is more crucial than ever. Join us as we explore the evolution of customer trust, highlighting its importance in building strong customer relationships. We’ll delve into how trust became so important and some of the pivotal moments that shaped its current state. Looking ahead, we’ll discuss emerging trends and […]
Read more

Securing AI: Balancing Innovation, Risk, and Reality

AI adoption is exploding—but so are the risks. From data exposure and prompt injection to unregulated model training, most organizations are using AI without fully grasping where their data lives or how it’s being secured. In this session, we’ll unpack the real meaning of “securing AI,” exploring how risk, governance, and innovation must coexist. You’ll […]
Read more

What Operationalized GRC Actually Looks Like: From Silos to Systems

Many organizations believe their GRC program is operational because audits are passing and tools are in place. In reality, operationalized GRC behaves very differently. Risk has clear ownership. Information flows across teams. Gaps surface early instead of being hidden. In this session, Cheri Hotman and Peter Spier walk through what an operationalized GRC program actually […]
Read more

Security Questionnaires: You Can’t Just Blame the Intern

Let’s face it—no one enjoys security questionnaires. They are tedious and time-consuming, and it’s easy to question their real effectiveness in mitigating security risks, especially since they’re often a check-the-box exercise. However, in today’s digital landscape, they are unavoidable for building and maintaining trust with customers. Join us as we confront this harsh reality: despite […]
Read more

Real Life GRC Horror Stories: Top Mistakes Haunting Your Program

Just in time for Halloween, we’re pulling back the curtain on the Top 10 GRC Nightmares plaguing organizations today. From programs that only exist to “pass the audit,” to treating compliance as a checkbox exercise, these haunting mistakes can leave your organization more vulnerable than you realize. In this session, we’ll identify the most common […]
Read more

A Practical Approach to Choosing the Right GRC Tool

With countless GRC tools on the market, how do you know which one is the right fit for your organization? The wrong choice can lead to wasted resources and unmet security goals. In this session, we’ll walk through real-world cases, breaking down why specific tools were chosen and how they were successfully implemented. You’ll learn […]
Read more

Post A Comment

Leave a Reply

Your email address will not be published.

Endless audits and customer demands were never supposed to replace real security.
We build, implement, and run Cyber GRC programs that reduce risk, protect the business, and still pass audits.

Hotman Group is a certified

woman-owned business (WOSB)

Hotman Group, LLC

Fort Worth, TX

Privacy Policy | Terms of Service | All Rights Reserved © Hotman Group, LLC