Signal to Noise: Balancing AI Hype with Practical Value
A Conversation with Branden Wagner, Head of InfoSec at Mercury
Welcome back to Signal to Noise! This week, I had the opportunity to speak with Branden Wagner, Head of Information Security at Mercury. With a fascinating career journey from nuclear engineering in the Navy to leading security in the fintech space, Branden brings a refreshingly practical perspective to the increasingly noisy cybersecurity landscape.
On Signal to Noise: Finding Meaning in the Data Deluge
When asked to define "signal to noise," Branden immediately cut to the heart of the matter:
"It's the ratio of meaningful data to the volume of somewhat irrelevant events. A single password failure event is noise, but 30 of them is signal. It is signal and it is noise depending on the context and how you look at it."
This contextual intelligence is what separates effective security programs from those drowning in alerts. In an industry where alert fatigue remains a persistent challenge, Branden's perspective highlights why security leaders must constantly refine their detection systems to extract meaningful insights from the data tsunami that threatens to overwhelm their teams.
Cutting Through AI Marketing Hype
As an enthusiastic early tech adopter, Branden has a refreshingly balanced view on AI in security:
"I tell my team pretty much every day, like if you're not using AI, you're not trying. I literally want these AI tools to be making your job easier. With that, though, you're still responsible for the outcome."
Branden's pragmatic approach represents what's often missing in today's AI conversation — a middle ground between blind enthusiasm and stubborn resistance. He envisions a future where AI augments human capabilities rather than replacing them, particularly for labor-intensive tier-one security tasks. Yet he remains grounded about current limitations:
"There's AI on too many things that is kind of ruining the market where it's not ready for it or it doesn't need it."
In an industry flooded with "AI-powered" solutions, this perspective serves as a vital reminder that technology should solve real problems, not create marketing opportunities.
Early Adoption Without Recklessness
On knowing when something is "too early" to adopt:
"I don't think there's such thing as too early. You just have to put the right guardrails in place. You wouldn't just hire a 19-year-old and say 'go run this company' — it's the same thing with AI."
What makes Branden's approach to innovation particularly valuable is his focus on deliberate experimentation rather than technological FOMO. By establishing clear parameters and expectations, security leaders can explore emerging solutions without putting their organizations at undue risk. This balanced approach allows security teams to gain competitive advantages through early adoption while maintaining necessary controls:
"Being an early adopter doesn't mean just trying everything. I try the things that solve problems for me."
This problem-first mindset represents a crucial shift for security teams overwhelmed by vendor offerings. Rather than chasing the latest buzzword solution, Branden suggests focusing relentlessly on specific organizational pain points and evaluating technology based on its ability to address those challenges. This approach cuts through marketing noise and creates space for meaningful innovation that delivers actual business value.
Balancing Exploration and Execution
Branden dedicates structured time to exploring new solutions:
"A lot of places have this concept of 20% time. If you are always just focusing on moving forward, then you're either not moving forward in the right direction or you're moving slowly."
This intentional exploration represents an often-overlooked aspect of security leadership. By carving out dedicated time for discovery, Branden creates space for his team to identify emerging threats and solutions before they become urgent. This forward-looking approach transforms security from a purely reactive function into a strategic business enabler. His conversations with vendors, VCs, and peers reflect a collaborative approach to problem-solving that benefits the entire security community.
Advice for Vendors: Skip the Jargon, Bring the Value
Branden's feedback for security vendors is refreshingly direct:
"Security vendors are often trying to talk about the Gartner magic quadrant. I don't care about that. Just because you put a four-letter label on it like CSPM or DSPM doesn't mean it actually solves anything."
His emphasis on substance over style addresses one of the most persistent frustrations in security procurement. By cutting through industry acronyms and quadrant placements, Branden focuses on the fundamental question that should drive every security purchase: does this make our lives easier? This value-first approach creates more meaningful partnerships between vendors and customers:
"Remove the marketing jargon. I don't need to hear that you are a next-gen AI algorithm that solves problems before you know about them. What do you actually do? What is the value that you provide and how do you do it?"
Perhaps most importantly, Branden highlights a common misalignment in the sales process:
"They should be selling to my security engineers. They should be selling to the InfoSec team. It is my team's responsibility to then sell me on it."
This insight could transform how vendors approach enterprise security sales. By focusing on the practitioners who will actually use their tools rather than solely targeting the executives who sign purchase orders, vendors can build more authentic relationships and design solutions that address real operational needs.
On Resilience: Keeping the Wheels Turning
Branden defines resilience simply but powerfully:
"The ability to keep moving forward after a setback has happened. Someone leaves your company today - can you operate tomorrow? If the answer is no, then you have no resiliency."
This practical definition captures the essence of what security teams ultimately provide: business continuity in the face of inevitable disruptions. By focusing on this core mission, security leaders can prioritize investments that truly matter to organizational resilience rather than chasing compliance checkboxes or the latest security trends.
Conversations like this with Branden Wagner remind us why the Signal to Noise series exists…to cut through the hype and jargon to find what really works. From understanding AI's practical applications to evaluating security investments based on pain reduction rather than marketing promises, Branden offers a grounded perspective in a field often clouded by buzzwords.
Stay curious and stay secure, my friends!
Damien