By Brett Ewing<\/p>\n
Gem City Tech Conference 2025<\/p>\n
<\/p>\n
Before we had GPS, radar, or satellites, sailors crossed oceans by reading the sky.<\/p>\n
They didn\u2019t follow step-by-step directions\u2014they followed patterns.<\/p>\n
The shape of the clouds. The movement of birds. The alignment of the stars.<\/p>\n
They watched for subtle signs that told them if they were on course\u2014or drifting into danger.<\/p>\n
They were navigators of the unknown.<\/p>\n
And they didn\u2019t sail alone.<\/p>\n
Navigation was a team effort. One person watched the sky. Another manned the rudder. Someone else listened to the sea.<\/p>\n
That\u2019s us now.<\/p>\n
In cybersecurity, no one sails solo. We have cloud engineers, CISOs, junior analysts, compliance officers\u2014and ethical hackers.<\/p>\n
All reading different patterns. All trying to keep the organization on course.<\/p>\n
And just like those early navigators, we\u2019re learning to trust not just what we see\u2014but each other.<\/p>\n
Today, in the age of AI, we are once again navigating an ocean that doesn\u2019t have a map.<\/p>\n
But this time, the patterns aren\u2019t in the stars or waves.<\/p>\n
They\u2019re in data. Behavior. Communication. Trust.<\/p>\n
And just like those early navigators, we as ethical hackers are reading those patterns.<\/p>\n
We\u2019re looking not for what\u2019s broken\u2014but for where trust has been misaligned.<\/p>\n
We are all navigating new terrain.<\/p>\n
But here's the difference: in the past, the patterns were natural. Now, they're digital.<\/p>\n
And ethical hackers?<\/p>\n
We're not just sailors.<\/p>\n
We're the ones leaning over the edge of the ship, watching for the signs no one else notices.<\/p>\n
Because today\u2019s cyber threats don\u2019t arrive with thunder and lightning\u2014they arrive quietly, disguised as trust.<\/p>\n
<\/p>\n
[Ethical Hacking is About Trust, Not Code | 3.5 minutes]<\/p>\n
When most people hear \"ethical hacking,\" they imagine someone in a hoodie, fingers flying, breaking into systems.<\/p>\n
But that\u2019s not what we do.<\/p>\n
We don\u2019t break systems.<\/p>\n
We test trust.<\/p>\n
Because most of the time\u2026 systems aren\u2019t broken.<\/p>\n
They\u2019re doing exactly what they were built to do\u2014communicate, cooperate, trust one another.<\/p>\n
And that\u2019s exactly where the danger lies.<\/p>\n
Let me walk you through the spectrum of what we do.<\/p>\n
We start with vulnerability assessments. This is a technical scan\u2014a report card of what\u2019s out of date, what\u2019s exposed.<\/p>\n
Then there\u2019s penetration testing. That\u2019s where we ask:<\/p>\n
\u201cIf an attacker really wanted to get in\u2014how far could they go? And what would it cost the business?\u201d<\/p>\n
But then comes the Red Team.<\/p>\n
This is where we simulate a true adversary.<\/p>\n
We don\u2019t set off alarms. We use the same tools your employees use: PowerShell. Cloud CLIs. Admin consoles.<\/p>\n
We blend in.<\/p>\n
<\/p>\n
<\/p>\n
We move laterally, patiently, quietly.<\/p>\n
We don\u2019t exploit your systems. We trust them\u2014just like your users do.<\/p>\n
We live off the land.<\/p>\n
Take the SolarWinds breach.<\/p>\n
The attackers didn\u2019t break the system\u2014they became part of it.<\/p>\n
They used trusted tools, signed software, familiar infrastructure.<\/p>\n
They didn\u2019t exploit the tech.<\/p>\n
They exploited the trust baked into every part of the supply chain.<\/p>\n
And that\u2019s why ethical hacking is about trust. Not just code.<\/p>\n
<\/p>\n
[What AI Changes \u2013 And What It Doesn\u2019t | 4 minutes]<\/p>\n
Quick show of hands\u2014how many of you are already using AI tools in some way at work?<\/p>\n
And how many of you are still figuring out how to fit AI into your workflows\u2014or how to keep it from disrupting them?<\/p>\n
AI is changing the game.<\/p>\n
Not because it\u2019s replacing us\u2014but because it\u2019s revealing what matters most.<\/p>\n
AI speeds us up.<\/p>\n
It reduces false positives.<\/p>\n
It finds patterns in mountains of data.<\/p>\n
But the real gift of AI?<\/p>\n
It gives us time to be more human.<\/p>\n
When an engineer doesn\u2019t have to manually triage 500 alerts\u2026<\/p>\n
When they don\u2019t have to format 80 pages of reports\u2026<\/p>\n
They can actually talk to the people they\u2019re trying to help.<\/p>\n
Whether we\u2019re using LLMs like ChatGPT to write technical summaries, or anomaly detection platforms like Darktrace to surface behavioral outliers\u2014these tools are helping us see faster, decide faster, and act smarter.<\/p>\n
We can now deliver role-based insights:<\/p>\n
\u00b7 A CISO gets business-level risk analysis.<\/p>\n
\u00b7 A cloud engineer gets precise remediation tasks.<\/p>\n
\u00b7 A Help Desk tech gets what they need to fix the issue\u2014nothing more, nothing less.<\/p>\n
That\u2019s not less human. That\u2019s more.<\/p>\n
AI isn\u2019t replacing the human relationship\u2014it\u2019s enhancing it.<\/p>\n
Because now, we can meet people where they are:<\/p>\n
\u00b7 In their role.<\/p>\n
\u00b7 In their language.<\/p>\n
\u00b7 In their level of technical understanding.<\/p>\n
And when people feel seen\u2014when they feel understood\u2014they engage.<\/p>\n
They take ownership. They become part of the solution.<\/p>\n
That\u2019s where real security posture starts: in the human connection.<\/p>\n
I remember working with a client whose head of IT was brand-new\u2014three weeks on the job.<\/p>\n
He was sharp. He was technical. But he had no idea what the last team had done. No documentation. No handoff.<\/p>\n
Thanks to AI-augmented tooling, we were able to show him a narrative of what had happened in the environment over the past six months\u2014what changed, what stayed the same, what needed attention.<\/p>\n
He didn\u2019t just get a report\u2014he got clarity.<\/p>\n
That conversation? It built trust. And that trust changed how we worked together from that day forward.<\/p>\n
That\u2019s what this is all about\u2014equipping people to make better decisions, faster. With confidence.<\/p>\n
<\/p>\n
[The People Investment We Must Make | 2.5 minutes]<\/p>\n
But here\u2019s where we need to be honest with ourselves.<\/p>\n
We cannot navigate this new AI-augmented world without investing in our people.<\/p>\n
Training is no longer optional.<\/p>\n
Certifications, ongoing education, skill refreshers\u2014this isn\u2019t \u201cnice to have.\u201d It\u2019s survival.<\/p>\n
Because the speed of AI development is outpacing traditional training models.<\/p>\n
And if we don\u2019t empower our teams to learn and adapt, we will lose the one thing that makes cybersecurity work: trust in our people.<\/p>\n
Let\u2019s stop thinking of education as a perk. It\u2019s infrastructure.<\/p>\n
You want resilience? Train your people.<\/p>\n
You want speed? Certify your people.<\/p>\n
You want trust? Invest in your people.<\/p>\n
Let me ask you\u2014how many of you in this room have had to self-fund your certifications?<\/p>\n
Or take courses on your own time?<\/p>\n
Or learn a new tool from a Reddit thread at 1 a.m.?<\/p>\n
That can\u2019t be the standard.<\/p>\n
If we want defenders who are prepared for an AI-accelerated world, we can\u2019t rely on passion alone.<\/p>\n
We need to resource our people the way we resource our tech.<\/p>\n
And for the record\u2014yes, \u201clearned how to use a new SIEM from a YouTube comment section\u201d should absolutely count as continuing education.<\/p>\n
<\/p>\n
[The Mirror Test: What AI Reflects | 2 minutes]<\/p>\n
There\u2019s a quote I keep coming back to from my data scientist, Connor Rem. He says: \u201cAll models are wrong. Some are useful.\u201d<\/p>\n
It sounds simple. But it\u2019s profound.<\/p>\n
The geocentric model\u2014Earth at the center\u2014was wrong. But it helped us navigate.<\/p>\n
<\/p>\n
The heliocentric model\u2014better, still flawed\u2014but more useful.<\/p>\n
Our AI models today? They\u2019re wrong too.<\/p>\n
They hallucinate.<\/p>\n
They reflect our biases.<\/p>\n
They sometimes mislead us.<\/p>\n
But if we design them wisely\u2014and surround them with the right checks and balances\u2014they are incredibly useful.<\/p>\n
They don\u2019t just automate action. They reflect our values.<\/p>\n
AI won\u2019t tell us who we are.<\/p>\n
But it will show us what we\u2019ve prioritized.<\/p>\n
What we\u2019ve trained for. What we\u2019ve tolerated.<\/p>\n
If your model starts hallucinating biased or dangerous outputs\u2026 it\u2019s not the model\u2019s fault.<\/p>\n
It\u2019s the mirror.<\/p>\n
So the question is: What are we teaching our machines?<\/p>\n
And more importantly: What are they revealing about us?<\/p>\n
<\/p>\n
[A Story: The Infiltrator Robot | 2 minutes]<\/p>\n
Let me tell you about a real attack scenario.<\/p>\n
A tiny robot\u2014armed with its own locally trained LLM\u2014was deployed into a robotics facility.<\/p>\n
It didn\u2019t break in. It didn\u2019t exploit a zero-day.<\/p>\n
It communicated.<\/p>\n
It spoke to the other robots, convinced them it was trustworthy\u2014and led them all out the front door.<\/p>\n
It didn\u2019t use malware. It used persuasion.<\/p>\n
This is the new threat landscape.<\/p>\n
It\u2019s not AI vs humans.<\/p>\n
It\u2019s AI vs trust.<\/p>\n
And if we don\u2019t understand how trust is built\u2014and how it can be manipulated\u2014we won\u2019t see the threat until it\u2019s too late.<\/p>\n
<\/p>\n
[Final Belief \u2013 Why We\u2019re Here | 2 minutes]<\/p>\n
I believe the Age of AI isn\u2019t here to replace our humanity.<\/p>\n
It\u2019s here to reveal it.<\/p>\n
We are not here to fight machines.<\/p>\n
We are here to lead them.<\/p>\n
To guide them.<\/p>\n
To teach them what matters.<\/p>\n
To build tools that reflect the very best of what we value.<\/p>\n
Because ethical hacking isn\u2019t about exploiting systems.<\/p>\n
It\u2019s about honoring the trust people place in them.<\/p>\n
And that work\u2026 that leadership\u2026 is human work.<\/p>\n
[Closing Call to Action | 1 minute]<\/p>\n
So let\u2019s not just build smarter tools.<\/p>\n
Let\u2019s build better people to lead them.<\/p>\n
Here\u2019s how:<\/p>\n
\u00b7 If you manage a team\u2014fight for training budgets.<\/p>\n
\u00b7 If you\u2019re a senior engineer\u2014mentor someone just starting out.<\/p>\n
\u00b7 If you\u2019re evaluating AI tools\u2014ask what they reflect about your values.<\/p>\n
\u00b7 And if you\u2019re building AI? Make ethics a feature\u2014not a footnote.<\/p>\n
The future of cybersecurity belongs to those who understand not just what AI can do, but who it\u2019s for.<\/p>\n
The seas have changed. But our job remains the same:<\/p>\n
Read the signs. Steer with purpose. And make sure everyone gets home safe.<\/p>\n
Thank you.<\/p>\n","protected":false},"excerpt":{"rendered":"
By Brett Ewing Gem City Tech Conference 2025 Before we had GPS, radar, or satellites, sailors crossed oceans by reading the sky. They didn\u2019t follow step-by-step directions\u2014they followed patterns. The shape of the clouds. The movement of birds. The alignment of the stars. They watched for subtle signs that told them if they were […]<\/p>\n","protected":false},"author":1,"featured_media":136,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-133","page","type-page","status-publish","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/axe.ai\/v2025\/wp-json\/wp\/v2\/pages\/133","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/axe.ai\/v2025\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/axe.ai\/v2025\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/axe.ai\/v2025\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/axe.ai\/v2025\/wp-json\/wp\/v2\/comments?post=133"}],"version-history":[{"count":2,"href":"https:\/\/axe.ai\/v2025\/wp-json\/wp\/v2\/pages\/133\/revisions"}],"predecessor-version":[{"id":135,"href":"https:\/\/axe.ai\/v2025\/wp-json\/wp\/v2\/pages\/133\/revisions\/135"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/axe.ai\/v2025\/wp-json\/wp\/v2\/media\/136"}],"wp:attachment":[{"href":"https:\/\/axe.ai\/v2025\/wp-json\/wp\/v2\/media?parent=133"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}