Three Threats Reshaping Financial Services: Identity, Supply Chain, and AI
October 14, 2025
In this episode of Data Security Decoded, host Caleb Tolin speaks with Troy Wells, Intelligence Officer at FS-ISAC and former U.S. Army intelligence officer. Troy shares how financial institutions can strengthen resilience through collaboration, practical response strategies, and careful adoption of new technologies. From fire-safety lessons that bring clarity to prevention, detection, and response, to the real risks of AI and cloud missteps, Troy lays out a clear view of the threats shaping the financial sector today.
• Why prevention, detection, and response should be seen as a cycle, like fire safety drills, rather than siloed functions
• How AI models act as calculators and AI agents as interns, and why both need governance, training, and oversight to be useful
• Real examples of how cloud misconfigurations exposed sensitive data in major enterprises and what resilience planning looks like in practice
• The three threats to watch in the next 24 mont
Cyber resilience in financial services is often treated as a checklist of tools and controls, rather than what it truly is: a system of people, intelligence, and collaboration working together.
In this episode of Data Security Decoded, join Caleb Tolin as he sits down with Troy Wells, Intelligence Officer at FS-ISAC and former U.S. Army intelligence officer, to explore how principles like teamwork, trust, and preparation, forged in national security, translate directly into protecting the global financial system. From using fire-safety lessons to explain prevention, detection, and response, to breaking down the difference between AI models and AI agents, Troy shares practical guidance for banks and financial institutions building resilience in the face of evolving threats.
What You’ll Learn:
- Why prevention, detection, and response are strongest when treated as a cycle, not silos
- How AI models act as “calculators” while AI agents act as “interns,” and what oversight each requires
- The guardrails that financial institutions should set before deploying AI tools at scale
- How cloud misconfigurations in even major enterprises reveal the need for security-first design
- The three threat trends that will shape financial services in the next 12–24 months: identity attacks, supply chain compromises, and AI-enabled adversaries
Episode Highlights:
[00:22] Troy’s path from Army intelligence officer to FS-ISAC
[03:20] Fire-safety lessons: framing prevention, detection, and response in cybersecurity
[08:15] The difference between AI models and AI agents, and how to guide each
[12:22] Four principles for adopting AI securely in financial institutions
[17:00] Cloud misconfigurations and why resilience must be built into architecture
[21:39] The top three threats to watch in the next 12–24 months: identity, supply chain, and AI-driven attacks
[27:35] Why speed and sophistication make resilience and collaboration essential
Episode Resources:
Data Security Decoded is handcrafted by our friends over at: fame.so