EM360Tech flags configuration drift risk

EM360Tech’s May 13 podcast with Reach Security CEO Garrett Hamilton and Insurity CIO and CISO Jay Wilson framed configuration drift as a persistent cause of enterprise exposure rather than a narrow tooling problem. The episode, hosted by EM360Tech journalist Shubhangi Dua, linked drift to cloud complexity, AI-driven change and security teams’ difficulty keeping controls aligned with their intended state. Reach Security’s own research, published April 15, put numbers behind that claim. The company said 97% of organizations reported a breach or near miss tied to misconfigured security tools in the previous 12 months, and said respondents were managing an average of 35 cybersecurity products. The thread running through both the podcast and Reach’s materials is straightforward: in modern environments, controls change constantly, and many teams do not have a reliable way to verify that yesterday’s configuration is still protecting them today. (em360tech.com) ### Why did EM360Tech focus on configuration drift now? EM360Tech described the episode as an examination of “the hidden risk of configuration drift, AI acceleration, and how to prevent modern cyber breaches.” The guests were Hamilton and Wilson, and the discussion was published through The Security Strategist podcast feed. (technologymagazine.com) The timing reflects a broader concern that AI is speeding up both offensive activity and internal change. (em360tech.com) EM360Tech said enterprises are adding tools and integrating AI into defensive and offensive workflows, yet many still feel “more exposed, not less.” ### What exactly is drifting? Reach Security’s April research defined configuration drift as the gradual deviation of security controls from their intended configuration as environments change. (em360tech.com) The company said software updates, policy adjustments, feature releases and operational modifications can alter coverage and performance without a systematic validation process. Hamilton put that in operational terms on the podcast. He said teams often inherit complex products they cannot continuously optimize, and that small changes such as exceptions, updates and integrations accumulate over time. EM360Tech summarized the result as a control problem rather than a simple visibility problem. ### Why does AI make the drift problem harder? (technologymagazine.com) Jay Wilson said on the podcast that “the surface area of the problem is just continuing to increase,” adding that security teams are not growing at the same rate. EM360Tech presented that mismatch as a source of exposure that does not necessarily appear in dashboards. Reach Security’s website makes the same point in product language, saying it aims to close security gaps “faster than AI-powered attacks can exploit them.” The company says it uses domain-specific AI to identify misconfigurations, activate underused capabilities and monitor for drift across identity, endpoint, email and network security tools. (em360tech.com) ### Why isn’t detection alone enough? (em360tech.com) Reach Security said 72% of security budgets in its study were allocated to detection and response, while 28% went to proactive configuration management. Hamilton said in the April research release that configuration drift is “one of the most under-recognized risks in modern cybersecurity” and called for continuous validation of controls. (em360tech.com) That maps to the podcast’s central argument. EM360Tech said the discussion focused on whether the controls enterprises configured yesterday are still working now, and said the guests argued many are not. ### What fixes did the guests and sponsor materials point to? EM360Tech said the episode examined how to prevent modern breaches, and Reach’s adjacent materials point to continuous drift detection, policy alignment and direct remediation as the response. (technologymagazine.com) Reach says it can deploy configuration updates into customer tools and ticketing systems, and says it aims to prevent regressions by continuously detecting and remediating drift. (em360tech.com) EM360Tech also links the episode to related material on hidden misconfigurations and configuration lifecycle management. Taken together, the package points readers toward infrastructure-as-code discipline, policy-as-code controls and automated remediation workflows rather than periodic manual reviews. That last point is an inference from the set of materials EM360Tech grouped around the episode. (em360tech.com) The May 13 episode remains available on EM360Tech’s podcast page and on YouTube, with Shubhangi Dua hosting Hamilton and Wilson. Reach’s April 15 research report and related EM360Tech whitepapers remain the cited follow-on materials for readers who want the underlying numbers and vendor position. (em360tech.com)