Host Felicia King weaves a sharp, personal narrative that ties together AI, fraud, vendor selection, and the critical role of a competent CTO. With candid anecdotes and hard-earned lessons, she explains why tightly-scoped AI — used by skilled experts with robust governance — can feel like a $150K colleague, and why poorly governed AI or flashy vendor promises can be catastrophic.

Felicia recounts real examples: AI misestimating project hours, DDoS services sold as a bargain that hide downstream costs, and an enterprise outsourcing APIs to a freelance developer — each story revealing the hidden risks that lurk when counterparty relationships, transparency, and technical competency are ignored.

Through clear guidance and provocative questions about trust and vendor behavior, she urges listeners to prioritize people they know, insist on disclosure, and secure CTO-level expertise to interpret AI claims and perform rigorous risk assessments. This episode is a practical wake-up call for leaders navigating the modern intersection of AI and operational risk.

Felicia discussed the proper implementation of artificial intelligence in business operations, emphasizing its value as a tool when used correctly under human oversight. She addressed the growing threat of AI-driven fraud and the importance of robust identity verification processes, introducing a service to help build trust between service providers and customers. Felicia stressed the significance of selecting IT vendors based on trust and transparency, advocating for the role of a Chief Technology Officer to navigate complex technical and business risks while ensuring proper risk management and security standards are maintained.

Felicia discussed the convergence of several interconnected topics, including artificial intelligence, fraud detection, and vendor selection. She emphasized the importance of proper AI implementation, highlighting its potential to act as a valuable asset when used correctly. Felicia also addressed the limitations of AI, noting that it excels at analyzing pre-engineered designs but should not be relied upon to create them. She stressed the need for human oversight and expertise when using AI tools, cautioning against the dangers of substituting AI for skilled professionals in critical roles.

Felicia discussed the increasing threat of AI-driven fraud, highlighting the low financial and time investment required for criminals to create convincing deepfakes. She emphasized the importance of robust Know Your Customer (KYC) processes and multi-factor authentication, noting that these systems often create unnecessary friction for non-technical users. Felicia introduced a service called Professional Residential to address these issues, providing ongoing training and support to build trust between service providers and customers. She also explained the importance of validating customer identities, particularly for sensitive operations like vault access, and stressed that effective fraud prevention relies on maintaining consistent, human relationships with customers.

Felicia discussed the importance of selecting IT service providers based on trust and transparency rather than solely on technical metrics or past performance. She emphasized the need for open communication and mutual trust, warning against vendors who might be dishonest or introduce counterparty risk. Felicia also highlighted the importance of understanding the technical details of a vendor's offerings, using an example of a UCAS system where she discovered undisclosed technology through AI analysis.

Felicia discussed the importance of having a Chief Technology Officer (CTO) to navigate complex technical and business risks. She shared examples of issues that could arise without proper risk assessment, such as high costs for unneeded services and lack of visibility into traffic. Felicia emphasized that only a CTO could identify these risks and make informed decisions. She also highlighted the dangers of using APIs without adhering to security standards and the importance of supply chain risk management. Felicia concluded that organizations need a CTO to help navigate these complex issues and avoid being vulnerable to potential threats.

On this episode of Breakfast Bytes, Felicia King tells the story of how simple, everyday choices—like a tax method or an internet contract—become high-stakes business decisions. Through vivid examples about mileage rates, S‑corp elections, and a seven‑year ISP contract that could cost tens of thousands, she reveals how knowledge turns ambiguity into power.

As the narrative unfolds, you’ll follow a CEO learning to ask the right questions, to spot public‑facing security failures, and to judge vendors by demonstrated competence rather than the lowest price. Each example becomes a lesson in risk, cost of ownership, and contextual trust.

By the end of the episode, you’ll have a clear, story‑driven framework: arm yourself with focused expertise, engage strategically with advisors, and select partners who earn their place through competence—because smart decisions protect your business and its future.

On this episode of Breakfast Bytes, Felicia King addresses the challenges and misconceptions surrounding careers in information technology and cybersecurity. Drawing on decades of experience interviewing hundreds of candidates, Felicia dispels common myths about what it takes to become employable in IT.

Key Themes:

• Myth-Busting: Many believe that degrees and certifications alone guarantee a lucrative cybersecurity job. Felicia explains that real employability comes from hands-on experience, not theoretical knowledge.
• Military Transition: While military members often have access to extensive training materials and security clearances, Felicia notes that these alone don’t translate to practical skills valued in the private sector.
• The Skills Gap: There’s a substantial disconnect between what candidates think they know and the actual economic value of their skills. Many struggle with basic, practical IT tasks despite formal education.
• Security Operations Centers (SOCs): Felicia critiques the prevalence of outsourced SOCs, describing them as “check-the-box” solutions that often lack real value and are staffed by underqualified personnel.
• Hands-On Learning: The most effective path to employability is setting up a home lab, experimenting with real technology, and developing practical troubleshooting skills. Felicia emphasizes that security is not a separate job—it’s an integral part of every IT function.
• Work Ethic and Reliability: Success in IT requires showing up, being reliable, and taking initiative. Felicia shares personal stories about always volunteering for new tasks and consistently delivering results.
• Continuous Learning: The IT field demands a high learning capacity and a passion for problem-solving. Felicia encourages listeners to leverage free resources, podcasts, and structured self-study to stay current and grow their expertise.
• Work from home is not really helping you: If you want to not be replaced by outsourced IT in another country, you have to be willing to go into the office daily. A person who goes into the office every day affords themselves the ability to be able to handle tasks from start to finish including projects which require hands-on and physical presence. Being in the office every day means you are there when there is an opportunity for cross training or collaboration. Work from home employees are a burden on the other staff and the employer and need to accept being paid less since they are inherently less valuable because they are unable to handle any of the workload that requires physical presence. Managers need to reduce hand-offs. It does not work for one person to do the onsite work and then for some other people to do all the remote work. These handoffs nearly always result in higher costs, slower time to resolution, and lower quality. Bottom line: If you are in the office, the employer has more ways in which you could add economic value to the business, and you will be seen as less replaceable while having higher economic certainty.

Actionable Advice:

• Build a home lab and get hands-on with technology. https://qpcsecurity.com/about-us/careers/cybersecurity-career-resources/
• Demonstrate your problem-solving process in interviews.
• Be willing to work on-site and take on a variety of tasks.
• Respect boundaries and be reliable; opportunity comes to those who can be counted on.
• Invest in continuous learning and embrace discomfort as part of growth.

Closing Thought: Felicia’s message is clear: becoming employable in cybersecurity is about practical experience, reliability, and a commitment to lifelong learning—not just credentials. For more resources, visit the Career Resources section at qpcsecsecurity.com.

In this episode of Breakfast Bytes, Felicia explained the key differences between Managed Service Providers and Managed Security Service Providers, emphasizing that organizations should prefer MSPs acting as their full internal IT departments for security functions unless they are the IT department and lack necessary technical skills. She highlighted the limitations of the current incident response paradigm, particularly the challenges with outsourcing security monitoring to MSSPs and the lack of effective escalation to capable incident response teams. Felicia stressed the importance of having a skilled incident commander with strong decision-making authority and technical expertise to effectively handle security incidents.

Summary

MSP vs. MSSP Security Services

Felicia discussed the differences between Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs). She explained that MSPs act as outsourced IT departments, handling various IT functions, while MSSPs focus specifically on security services. Felicia emphasized that organizations should aim for their internal IT departments, or their full-service MSP to handle security functions rather than outsourcing to MSSPs, unless they have an internal IT team that lacks the necessary technical skills. She advised that organizations with revenues of $300 million or more should consider hiring in-house talent or outsourcing to large, well-funded companies to avoid potential legal issues with smaller providers.

Enhancing Incident Response Effectiveness

Felicia discussed the limitations of the current paradigm in incident response, highlighting that outsourcing security monitoring to MSSPs often results in a flawed workflow and a lack of true escalation to capable incident response teams. She emphasized that effective incident response requires a highly skilled incident commander with deep technical knowledge, rapid decision-making authority, and an understanding of organizational politics, which is typically lacking in both internal IT departments and outsourced security providers. Felicia also pointed out the need for clear leadership and decision-making authority during incidents, as well as the ability to make immediate technical and policy changes without being hindered by organizational politics.

Felicia discussed the limitations and risks of outsourced security services, emphasizing that while they may provide a false sense of security, they are not a substitute for internal capabilities and the need for organizations to maintain authority over their security decisions. She explored the challenges and risks associated with using managed security services providers and outsourcing MDR or SOC services, highlighting the importance of understanding service offerings and making informed decisions rather than relying on trust or price. Felicia concluded that while MSSPs might be suitable for very large organizations, direct purchasing from software manufacturers could often be a better option.

Outsourced Security: Limitations and Risks

Felicia discussed the limitations and risks of outsourced security services, emphasizing that while they may provide a false sense of security, they are not a substitute for internal capabilities. She highlighted the importance of understanding the limitations of basic security tools like Sentinel One basic licensing and the potential risks involved when using intermediaries. Felicia stressed the need for organizations to have the authority to make changes based on real data and real issues in their environment, rather than relying solely on outsourced services.

MSSP Risks and Vendor Selection

Felicia discussed the challenges and risks associated with using managed security services providers (MSSPs) and outsourcing MDR or SOC services. She highlighted the lack of visibility into configurations and processes when purchasing through distributors, which can lead to significant security gaps and risks. Felicia emphasized the importance of making informed decisions based on detailed understanding of service offerings, rather than relying solely on trust or price. She concluded that MSSPs should only be considered for very large organizations that require a large counterparty for liability and risk balancing, and even then, direct purchasing from software manufacturers might be a better option.

In this engaging episode of Breakfast Bytes, host Felicia King invites wealth manager and seasoned investment specialist Chris Belchamber to share his 41 years of industry insight. Dive into a rich narrative exploring risk management from two unique perspectives: technology and finance. As Chris unveils his journey towards shaping informed risk takers, listeners are guided through his groundbreaking efforts in establishing clear success benchmarks while unveiling tips on tax efficiency and strategic asset management.

Chris reveals the practical steps he's taking in democratizing financial clarity, from publishing his insightful book, "Invest Like the Best," to launching informative online platforms for both comprehensive financial guidance and free educational resources. As the narrative unfolds, learn about Chris's diverse strategies—from using sophisticated tools like the Calmar Ratio in investment analysis to collaborating with global professionals for unparalleled estate planning advice.

https://chris-belchamber.com/

This episode is the latest in our series on risk management practices. Chris' expertise blends risk management and wealth preservation. He offers sage advice on evaluating investment advisors effectively.

Resources Chris refers to:

https://maxifiplanner.com/

https://www.interactivebrokers.com/en/whyib/overview.php