What can today’s CISOs learn from the chaos of Code Red and SQL Slammer?

In this episode, G Mark Hardy interviews Aaron Turner about what it was like responding inside Microsoft during two of the most infamous cyber outbreaks in history.

Aaron shares firsthand stories from the era when SQL Slammer infected at least 75,000 systems in roughly 10 minutes, exposing massive gaps in patch management, security QA, firewall design, and enterprise readiness. He explains how Microsoft’s early security culture operated, how major incidents and source-code theft forced change, and why many of the same mistakes are now reappearing in enterprise AI adoption.

The conversation connects the lessons of Code Red and Slammer directly to today’s AI security challenges, including:

• Unauthenticated MCP servers and weak authorization models