The Containment Era is here. →Explore

Podcast
Episode |01
43:46Min

Chris Hughes: Not Prevention, But Resiliency

In the inaugural episode of In Progress, Aviatrix CEO Doug Merritt talks with Chris Hughes — CISA Cyber Innovation Fellow, author of Software Transparency, Effective Vulnerability Management, and Securing AI Agents, and writer of Resilient Cyber — about the forces reshaping security: exponential CVE growth, AI as both attacker and defender, the limits of "human in the loop," and why resilience now matters more than prevention.

Stay in the Loop

Get exclusive access to the latest conversations with cloud leaders, industry pioneers, and technology changemakers.

Subscribe and stay ahead of what's next.

Zero spam. Unsubscribe at any time.

In Progress Podcast

Chris Hughes: Not Prevention, But Resiliency

Jul 7, 202643:46 minYouTubeAppleSpotify

The Speaker

Doug Merritt is Chairman, Chief Executive Officer, and President of Aviatrix. Most recently, Doug served as Splunk President and CEO from 2015 to 2021. During his tenure as CEO, Doug led the transformation of Splunk from an on premise, perpetual license software company with the equivalent of $220 million in Annual Recurring Revenue (ARR), to a cloud-based SaaS company with ARR of $3.12 billion. In his first year at Splunk, Doug served as the Senior Vice President of Splunk’s go-to-market functions including sales, marketing, support, business development, partners, and other customer facing functions.

Doug Merritt

Doug Merritt

LinkedIn Profile

Key Summary

  • CVEs are exploding — over 40,000 in 2025, with 2026 projections near 60,000 (some estimates up to 100,000) — while AI makes vulnerabilities easier to find and exploit.
  • Patching capacity has long lagged below 10% of the backlog; broken production risk and competing business priorities keep it there.
  • Security should shift from trying to prevent every incident to containing and recovering from the ones that happen.
  • "Human in the loop" doesn't scale against AI-driven attack volume — defenders need to fight AI with AI.
  • Security teams that act as collaborators, not blockers, avoid the shadow-IT workarounds that punitive policies create.
In Progress Podcast

Never Miss an Episode

Join thousands of cloud professionals following the stories, strategies, and hard-earned lessons from the architects driving enterprise transformation. Be the first to know when new episodes go live.

New Biweekly Episodes

Zero spam. Unsubscribe at any time.

Join cloud engineers and modern architects already tuned in.