#482 The Browser Is the New Battleground: John Carse on Securing the Modern Endpoint
カートのアイテムが多すぎます
カートに追加できませんでした。
ウィッシュリストに追加できませんでした。
ほしい物リストの削除に失敗しました。
ポッドキャストのフォローに失敗しました
ポッドキャストのフォロー解除に失敗しました
#482 The Browser Is the New Battleground: John Carse on Securing the Modern Endpoint
-
ナレーター:
-
著者:
このコンテンツについて
In this episode of The CTO Show with Mehmet, we’re joined by John Carse, Field CISO at SquareX, to explore a fast-emerging shift in cybersecurity: the browser as the new endpoint. John shares why traditional tools like EDR and CASB are no longer sufficient, how modern threats are bypassing enterprise defenses, and what CISOs need to prioritize in a SaaS-first, GenAI-driven world.
With decades of leadership across Dyson, Rakuten, Expedia, and the U.S. Navy, John brings both a practitioner’s lens and a future-forward vision to security.
💡 What You’ll Learn
• Why the browser is now the most targeted endpoint
• How unsanctioned SaaS apps increase attack surface
• The growing importance of browser-based detection and response
• Where AI is accelerating both attackers and defenders
• Practical advice for CISOs prioritizing browser security today
⸻
🔑 Key Takeaways
• Over 60% of cyberattacks now begin in the browser.
• Legacy tools like EDR, CASB, and DLP often miss context at the browser layer.
• Browser extensions can now enforce enterprise-grade policies with minimal user friction.
• AI is a dual-edged sword—accelerating threats but also helping defenders respond faster.
• SquareX helps convert any browser into a secure enterprise environment with deep visibility, policy control, and threat mitigation.
👤 About the Guest
John Carse is Field CISO at SquareX, a browser security company redefining how enterprises protect their workforce. He previously served as Global CISO at Dyson and Rakuten, and led security operations at JP Morgan Chase and Expedia. John blends deep hands-on expertise with strategic insight into emerging threat landscapes and CISO priorities.
https://www.linkedin.com/in/johncarse/
https://www.securityweek.com/industry-moves/feb-24-2025/
https://sqrx.com/
Episode Highlights
[00:03:00] – What is a Field CISO and John’s role
[00:06:00] – Why the browser has quietly become the new endpoint
[00:10:00] – How detection and response works inside the browser
[00:18:00] – The real threats: browser-based social engineering, sync jacking, and polymorphic extensions
[00:24:00] – Why EDR and SASE tools are not enough
[00:32:00] – Balancing security and user experience in browser-based defense
[00:40:00] – What excites John about the future of browser security and GenAI