
Stephen Garcia is the Chief Information Security Officer at BreachRX, where he brings over two decades of cybersecurity leadership experience from financial services, technology, gaming, and enterprise environments, including prior roles at Western Union, Fanduel, Johnson Controls, and others. At BreachRX, he works to bring governance, accountability, and order to one of the most chaotic moments any organization can face: a cyber incident.
Stephen Garcia is helping BreachRX bring structure, governance, and accountability to one of the most chaotic moments any organization can face: a cyber incident. As Chief Information Security Officer at BreachRX, Stephen brings years of experience from the customer side of cybersecurity, including work across financial services, technology, gaming, and enterprise environments. BreachRX recently won a Fortress Cybersecurity Award for its cyber incident response management platform.
In this episode, Russ and Stephen explore why most organizations have tools to detect and contain incidents, but often lack a governance layer for everything that happens once a technical event becomes an enterprise crisis. Stephen explains how BreachRX helps coordinate legal exposure, regulatory deadlines, communications obligations, executive accountability, and audit trails in real time.
They dive into the new category of cyber incident response management, or CIRM, and why binders, conference calls, and manual call trees are no longer enough. Stephen shares what the first hours of a serious incident can look like from the inside, why chaos often emerges even when plans exist, and how organizations can prepare more effectively before the crisis begins.
The conversation also covers RexAI, BreachRX's generative AI engine built specifically for incident response, as well as Mobile Command, out-of-band communications, regulatory readiness, tabletop exercises, executive liability, and the company's CIRM warranty.
Along the way, Stephen discusses resilience, trust, accountability, legal timing, simultaneous incidents, enterprise risk, AI agents, board communication, and why the organizations that survive the next wave will be the ones that can compress the time between knowing and doing.
Topics Covered:
[00:01] Welcome and intro, Stephen Garcia and BreachRX's Fortress Cybersecurity Award win
[01:03] What BreachRX does and why cyber incidents need a governance layer
[01:30] Moving from technical containment to enterprise crisis management
[01:57] Why Stephen switched from the customer side to BreachRX
[02:17] The importance of managing incident chaos
[03:54] What the first four hours of a serious incident can look like
[04:14] Why preparation, logging, and lessons learned matter
[07:05] Why response plans often fall apart under pressure
[07:59] Handling multiple simultaneous incident inputs
[09:29] BreachRX as a coordination layer and incident response fabric
[09:46] Out-of-band communications during ransomware and major disruptions
[10:30] Pulling in the right teams, including legal, at the right time
[11:00] Why slowing down can help organizations speed up
[12:52] Building governance structures before a crisis begins
[14:19] What convinced Stephen that the BreachRX platform worked
[15:20] Regulations, legal workflows, and global response requirements
[16:42] Using tabletop exercise budgets to bring BreachRX into an organization
[17:49] Why gaps and leaks can kill incident response
[20:34] Why BreachRX's warranty turns software into a trust decision
[21:04] RexAI and purpose-built generative AI for incident response
[21:35] How RexAI guides responders in high-pressure environments
[22:18] Mobile Command and managing incidents from anywhere
[24:03] Compressing the time between knowing and doing
[24:22] How AI changes the incident response landscape
[25:18] Expanding the definition of an incident beyond major breaches
[25:40] Why IT, security, and business risk are increasingly connected
[27:20] Security as trust management
[28:00] What CEOs and boards should understand before the next breach
[28:58] Final thoughts on BreachRX, response coordination, and cyber resilience









