Podcasts about colonial pipeline

Cameron Tousley, director of MSP channels for ESET North America For most MSPs, the quarterly client conversation looks something like this: here are the alerts we handled, here is your uptime number, here is a dashboard of things we blocked. Useful, certainly – but not exactly the stuff of trusted advisor relationships. Cameron Tousley, director of MSP channels for ESET North America, has a phrase for the upgrade: move from statistical talks to threat briefings. In this episode of In The Channel, he and Pedro Kertzman, threat intelligence specialist at ESET, join host Robert Dutt to explain what that actually looks like in practice – and why the window for MSPs to make that transition may be narrowing. Pedro Kertzman, threat intelligence specialist at ESET The occasion is ESET’s eCrime Reports, a threat intelligence offering that tracks cybercriminal activity at the affiliate level – the individuals buying malware-as-a-service and executing the actual attacks. Kertzman explains why that granularity matters: affiliates signal tactical shifts before attacks scale, giving security-forward MSPs a genuine early-warning advantage. Tousley adds the client conversation layer: knowing that a specific threat group is targeting your customer’s vertical via a specific attack method is a meaningfully different conversation than “we blocked 4,000 threats this month.” There’s also an uncomfortable wrinkle for MSPs specifically: as Pedro notes, affiliates increasingly exploit MSP tooling itself as a vector – compromising credentials to access managed environments quietly, hitting dozens of small clients while staying well below the radar of law enforcement attention focused on high-profile infrastructure targets. For the smaller MSP without a dedicated analyst, the entry point is more accessible than it sounds. Indicators of compromise can be automated directly into client firewalls without a full threat intelligence platform. WeLiveSecurity and the live threat feed built into ESET Protect offer a low-barrier starting point for shops that are earlier in their security maturity journey. Tousley’s closing frame is the one worth sitting with: the Canadian MSP market is being reshaped by consolidation at a pace that isn’t slowing. The independents that survive will be the ones having more sophisticated conversations with their clients. Evolve or sell. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. Cyber Threat Intelligence, CTI, has long been framed as an enterprise discipline. Dedicated team, security operations center, analysts who live in the data. But the threat landscape doesn’t really respect that boundary anymore. The tooling is getting more accessible, the attacks are getting more targeted at smaller organizations, and as we’ve talked about on the show before, the MSP stack itself has become a threat vector. So the question for the typical Canadian MSP isn’t really “Is threat intelligence relevant to me?” It’s “What do I actually do with it?” To dig into that, I sat down with two people from ESET. Cameron Tousley is director of MSP channels for ESET North America, and he lives squarely in the business conversation around what MSPs need to grow and differentiate. Pedro Kertzman is ESET’s resident CTI subject matter expert, and I’ll note that Pedro usually sits on the other side of the interview chair as the host of his own podcast on threat intelligence. So this was a bit of a role reversal for him. We talked about ESET’s eCrime reports, the idea of tracking cyber criminal activity at the affiliate level rather than just the group level, what proactive threat intelligence actually looks like for a 15-person MSP shop, and what Cameron described as the “evolve or sell” reality facing the MSP market right now. Let’s get right into it. Cameron, Pedro, thanks for joining us. I appreciate it. Cameron Tousley: Thanks for having us. Pedro Kertzman: Great to be here. Robert Dutt: Before we get into what ESET is specifically bringing to market, Cameron, can you give our listeners a sense for where the threat intelligence conversation is right now in the channel? Is this still primarily an enterprise kind of discussion or has something really shifted in terms of how MSPs and MSSPs are thinking about and talking about CTI? Cameron Tousley: I think that the market is evolving as a whole, no matter if you’re in the SMB segment or enterprise. I mean, it’s evolving everywhere. The beautiful thing is technology is getting cheaper, it’s getting more accessible. People are able with the advent of AI to kind of do more with less staff and things like that, and then allow their staff to kind of become more specialized. Enter in the topic of CTI. I just think that there’s an appetite from certain, and probably more evolving larger MSPs, to start incorporating more for their clients. I think they’ve always probably wanted to educate them, but it’s always that, “Hey man, just make sure I have uptime and the help desk is active when I need it.” And that’s the conversation. Fast forward to now and it’s becoming a little bit more relevant to want to consume CTI. So I’ll kind of start there and I’ll take a pause. I don’t know if Pedro’s got any other comments on that. Pedro Kertzman: No, I 100% agree. I think the threat landscape now with the maturity of the CTI offerings, MSPs can see that the things they’re trying to protect their customers against are more clearly explained and delivered in a way that they can see through CTI offerings now. So I think it’s just a natural evolution within the cybersecurity space to start leveraging that expertise as well. Robert Dutt: Without getting too far into pure positioning, how would you characterize what differentiates your approach to threat intelligence, sort of at the methodology level? What’s the philosophy behind how you’re researching and tracking threats and what you’re bringing to market with this CTI package? Cameron Tousley: Yeah, I’d say first off, our reach. We’re a global company. We have a product line, yeah, but we have 11 threat intel centers and those are also R&D centers too. So it’s a wealth of knowledge. Then we have researchers outside of that that are just remote, and so our tentacles are everywhere and that means something for somebody choosing a cybersecurity vendor or a platform because our researchers, they’re looking at a bunch of different avenues. They’re looking at the major threat acting groups. We have an offering we’ll talk about here in a few minutes, that centers on tracking affiliates because malicious activity, malware-as-a-service, is just like MSPs provide a service. So if I’m an affiliate—and I’ll define that real quick, an affiliate being the people that are buying the malware service and then going and distributing it and causing zero-day attacks—those are affiliates. So the real key part is what they do, not necessarily always the major malware-as-a-service group because that’s just one large avenue, but then you can’t predict what your customers are going to go and do on the black market. So yeah, I think we have a really exciting offering on our threat intelligence called eCrime and it comes in a feed and reports and it’s amazing. It really centers on the affiliate level and that is going to help get the conversations to be more quality with customers. It’s going to help an MSP who provides more, let’s call it reactive security at best, generalized services—which no knock against them, that’s just the model—and that’s going to help propel them into the more proactive security and having more quality cybersecurity-forward conversations with their customers of all sizes. Robert Dutt: Let’s delve a little bit more into that. Can you walk me through a scenario, even hypothetical or composite, where that affiliate-level insight would practically change the outcome for an MSP or one of their customers? How does this show up for an MSP basically? Pedro Kertzman: Yeah. So basically, I’ll take a step back a little bit just to explain how this threat ecosystem works. So the affiliates will be the ones really on the end of the line bringing that malware they got from a quote-unquote threat actor market or affiliate programs, more technically speaking per se, but they will be the ones delivering or sending that payload forward to whatever companies that they are trying to attack. So knowing how these guys work is basically going to give the companies, and the MSPs of course working for their security, the ability to stop the attack in the early stages, because the affiliates will be the ones trying to break in, acquire through whatever methods—credentials stolen or compromised credentials. So they are responsible, quote-unquote, within these affiliate programs to get the foot inside the door. So if you’re knowledgeable about how they act, what kind of techniques they use to get that foot in, you’re basically stopping the attacks before they actually become super massive, widespread attacks or super dangerous attacks. It’s kind of the proactive security instead of the reactive security. Cameron Tousley: Yeah, that’s a good comment. And then I’ll just throw one more little thing on that. I was talking about the conversations you can have with your clients, everything Pedro said, plus it’s like, you could have a specific conversation about, “Hey, this is what we blocked this month, but these are the threat acting groups, and here are the patterns, here’s the kind of malware that’s out there right now. By the way, you’re in the healthcare vertical, this threat acting group is targeting healthcare and doing this specific type of attack—happens to be phishing or fileless or whatever the complex attack is.” So they got to get really granular in the conversation. It can’t just be a super high-level one, because then your user’s not going to know what to do with that information. But if you coach them on the end-of-the-line issue and where it’s sourcing from, to Pedro’s point, you get ahead of that attack early, you might even prevent stuff that would have normally been a real headache. Robert Dutt: And you need to position yourself at least somewhat as the hero in so much as you’re saying, “Here’s the people who are attacking you, here’s what they’re doing, here’s what we’re doing proactively to counter that.” Cameron Tousley: Absolutely. Yeah, that’s a huge value to your end customer. The one that normally would have not cared about security and it’s more of an annoyance, now they’re paranoid about it, just like the MSP, just like the vendors, we’re all trying to get ahead of it. So I think that that provides a lot of value, and the average MSP is probably not going to do that. So you don’t necessarily have to go spend a ton of money, you just have to consume the information that’s out there maybe for free, and then maybe some of the paid services like the eCrime reports without buying our full threat intelligence platform, you can just do that. And that is like a huge value on its own to track exactly what we’re talking about right now. Robert Dutt: So taking a step back, I think some of this certainly informs and colors the question we go to ask, but I’m a 15-person MSP somewhere. I’ve got solid endpoint protection, an RMM stack I like, maybe managed SOC coverage, that kind of model. What’s the case, in addition to what we’ve already discussed, for why threat intelligence should be on my radar as a distinct capability I need to think about, bring to my customers and offer? Pedro Kertzman: Yeah, I think especially because again, talking specifically about the eCrime reports, we’re talking about the ones that are really perpetrating the attacks or executing the attacks. When you understand how your adversaries really act, you don’t need to always rely on the expertise of a super senior CTI analyst. There are ways that also, depending on your vendor, you can automate the expertise to just be pumping, let’s say, IOCs or IP addresses into your existing end users’ firewalls. If you manage a bunch of other firewalls for your end users, you can pump that eCrime knowledge into those firewalls in the form of IP addresses, domains, and things like that. But understanding that it’s going to be a proactive approach so they don’t get a foot in the door first, it’s kind of that decision beforehand that will give the MSPs, or MSSPs with 15 or so employees, that kind of extra leverage against those frontline attackers. Robert Dutt: I’m really interested in the idea of using intelligence and these eCrime reports as a client-facing tool, not just something that’s consumed internally, especially for that smaller MSP—something that you’re using in your QBR or whatever business review you have with customers to show your value. I’m curious, is that something you’re seeing happening today or is it a realistic use case, or is it a stretch for most MSPs right now? Cameron Tousley: I think it’s realistic. Now, let’s set the tone here. An MSP, they may not have the budget nor the expertise nor the staff to be buying a full-blown threat intelligence offering even like ours, but they can use certain parts of it like the eCrime reports. So that’s a good jumping-in point for the MSPs that are growing, or if you have 15 people on staff and there’s a good deal of them on the technical side, you may want to run your SOC in-house. Maybe that’s something you want to do. I think for them, the maturing MSP and definitely the MSSP, a threat intelligence offering is something that you will probably want to consume if you’re doing everything in-house. Now, I think there’s an argument for even if you’re going to go out-of-house and use the vendor, I still think there are free sources. We have customers that are using free platforms but running a paid feed through it. This is really dynamic. It’s flexible. It can fit to every different audience for the most part, except for the ones who are just not staffed for it and they’re probably outsourcing everything and they just don’t want to do it. They know that they are never going to be able to staff a 24×7 team and they’re also never going to be able to consume as much information as is coming in. But there are also other free resources, like I said, associated with our threat intelligence platform, like the eCrime reports, but there’s white papers that we produce. There are periodic threat reports. We do all kinds of analysis. And then on our welivesecurity.com blog, we publish all kinds of free information. And the really cool thing for existing ESET customers is through our ESET security platform, ESET Protect, we run a live feed through there and it shows you like, “Hey, here’s the latest news on WeLiveSecurity. Here is something you need to be aware of, there’s a vulnerability in the wild.” So we run some of the security stuff and this news right through a window inside of our platform, which I think is really big value added. Pedro Kertzman: Awesome. Yeah, I would add, if I can, Rob, we do have monthly digests as well on the CTI offerings, even for not super deep-down technical people. Let’s say more executives or CSMs, let’s say account managers on the MSSP or MSP side. It’s kind of an executive-ready type of report. So it’s more about the threat landscape overview. I think it helps them show that they are expanding their offerings on the security side and they’re knowledgeable about it as well. Again, doesn’t need to go in the nitty-gritty like in the weeds of IOCs and all that, but understanding, for example, that now the ecosystem on the other side is somebody providing the malware, somebody going and executing it. So just to show how they see these movements, I think it’s sometimes important enough to show that they are expanding their coverage for their end users. Robert Dutt: The reports, the eCrime reports, have been in the market about a month now, I guess. I’m curious what you’re actually hearing from MSPs and MSSPs as they’re digging into them. Are people using them the way you expected or are there surprises that you’re seeing in how they’re engaging, what they’re doing, how they’re thinking about this information? Pedro Kertzman: That’s a good question. I think because of the name, we got out of the gate with police forces reaching out to us, but in theory, it’s not the best kind of deep analysis that we’re going to give them, because they have a lot of expertise. So then we have the APT reports that would bring more detailed analysis for them. So it was interesting to see that people are kind of eager on the end-user side to see how the threat landscape, especially related to financial crimes or eCrime, are really, let’s say, hot right now. The MSPs are kind of following that trend, not as jumping on like the police forces were, but they are starting to inquire about the new eCrime reports for sure. Cameron Tousley: Yeah, I’d agree. I think the defender agencies, I’ll call them, the ones that are fighting the same battle we are, but maybe physically, but now they’re fighting the eCrime too. As they’re learning, this is a great tool for them. We find that they’re excited about it. It’s relatively new, so we’re going to see more and more adoption of it. But plenty of people who are in evaluation are like, “Hey, can I run a free month of this? I want to check it out and see what I’m going to get.” And we’re getting a lot of good feedback on it right now. I’d say on the MSSP/MSP side, again, it’s new for them too. And they do a lot of different things. So for them, they’re like, “I need to slice out some time to check this out as well because this is interesting. I don’t know if anybody else is really doing anything quite like this.” So for them to be able to check it out and add it to their offering, I think what’s going to happen is that they’ll get hooked on something like that and they’ll want more. And we’re already working on more. So our teams are hard at work. We’re adding new feeds, new reporting structures, new ways to consume it. And reasonably priced packages and things like that. Even ones where you have somebody on retainer where you can go to and get a very long deep dive on what you’re reading periodically throughout any given month. So I think with that, you’ll see a lot of internal IT large agencies adopt it. I think you’ll see some MSSPs adopt it. And you might even see some general MSPs who are evolving up that chain do the same thing. So it’s kind of a report and an offering for everybody there. Pedro Kertzman: Yeah, I think you mentioned something important, Cam. We do offer trials for the eCrime reports as well, right? If they want to test it out. Cameron Tousley: Yeah, try it before you buy it. Yeah. Robert Dutt: It sounds like you’re also thinking about ways that you can slice this, dice this, package it out to that smaller MSP or that MSP who’s not a pure-play security player going forward. I was going to ask, what do you see as coming next in CTI and in your eCrime reports? I think that’s certainly a hint. Anything else that you see sort of in the pipeline or where you’d like it to go, where partners would like to see it go? Cameron Tousley: Yeah, I’ll take a stab at this one because my heart’s near and dear to the MSP community. That’s what I’ve been working in. That’s a segment for quite a long time now for ESET. And so what I’m reading and what I’m theorizing on is that there’s other kinds of technologies that are pretty complex, have gotten more simple in the way that they’re still doing complex processes, like an EDR, right? It’s an investigative tool, and then you pair it with AI and then things become easier for the team managing it. I think it’s going to be the same thing here where you’re going to have an AI paired with it, which we have our own agentic AI agent in this offering now, which is very, very cool, and it’s built in our security platform. But for this, I think it’s going to make consuming information easier, generalizing it, summarizing it, and making sure you can spin it into a quick executive summary. My theory is click of a button, right? So I’m going to have a dashboard. I’m going to say, “Hey, I want an executive summary on this event.” So you’re basically just filtering, and then the end result is you hit that AI generate button and then it generates something that’s quality, and you can do it at various user levels, maybe various role levels. I’ll hit the CTO button or I’ll hit the CEO button and they’ll be a little bit different, obviously. So I think that it’s going to get simpler and managed intelligence as a service, that’s next. It’s already a term that’s being thrown out there a little bit if you look for it. So it’s just not mainstream yet. And I think it will be here in a short period of time. Pedro Kertzman: A hundred percent. And just to double down a little bit as well, Rob. I think especially for the smaller MSPs, let’s say you hit a critical infrastructure, you stop a pipeline or anything like that, you’re going to have federal agencies going after you, right? But then when you hit a mom-and-pop shop, nobody really cares. And those guys are often served through these smaller MSPs. So I think getting a better understanding of the threat landscape that especially targets those small businesses, I think it’s just a natural progression of the change in the threat landscape. Robert Dutt: Well, and you bring up a point that I kind of pulled on a little bit with your friend, Tony Anscombe, not too long ago. There’s so much data about how many attacks right now are taking advantage of the MSP tooling as a threat vector. And so I think that also speaks to a need for an MSP who wants to be mature and responsible about these kinds of things to have a better grip on who’s looking, what they’re looking at, and how that maps to what they’re doing. Pedro Kertzman: A hundred percent. And just to link this specifically about eCrime and affiliates, affiliates would be the ones exploiting those RMM tools, right? Because it’s something that is already deployed in the environment. If they get the credentials that got stolen for whatever reason, they have access to those tools and then they can deploy malware that they bought from those affiliate programs inside of the victim’s networks. Robert Dutt: And it’s funny, almost a reversal of back in the day, I can remember as a Mac user, there was a saying that Apple engaged in security through obscurity. What you describe is almost the opposite of that. It’s insecurity to a degree through obscurity. In that if I’m an attacker, I know that if I go after Colonial Pipeline to use your example, I’m all over the front page and there’s going to be a lot of government agencies who have a lot of serious, serious questions for me. If I take out an MSP tool that gives me access to a bunch of very small clients though, maybe I fly under the radar just a little bit more. Cameron Tousley: Oh yeah. Robert Dutt: This is my last question. If there’s one shift in thinking that you’d want a Canadian MSP to walk away with after this conversation, in terms of how they think about these reports, in terms of how they think about the role of threat intelligence in their business, you know, one thing they should reconsider about how they’re approaching their security practice, what would that be? Pedro Kertzman: So I think first, Rob, that’s kind of more of a mindset type of thing. CTI still sounds super complex to a lot of people. I would say there are two main flavors. One, if you really want to dig into techniques and all that, yes, you can get fairly technical and sophisticated, but there are really simple ways to ingest cyber threat intelligence into existing automated tools. You can, of course, do a POC with one, two, whatever vendors you want to do. Once you find that real value for your customers, your end users, then it’s automated. We’re talking about data feeds ingesting directly into a firewall. If you don’t have a CTI central brain kind of thing, which the market knows as a TIP (threat intel platform), you don’t need to go that route, the sophisticated route. There are simple ways to use threat intelligence. And honestly, it’s super valuable because it’s just, again, automated. You’re outsourcing the knowledge to the vendor directly who’s going to execute that, like a firewall, for example. Cameron Tousley: Yeah, I think that’s some really good commentary. And I have a lot of business conversations with MSP business owners and I follow the market, and the consolidation, there’s tons of it. And there has been for a few years, but it’s just insane right now. And I think that there’s this thing going around, it’s like, look, evolve or sell. Because you have the advent of AI and that’s speeding everything up tenfold. And just don’t be afraid. If you want to continue to run your business, don’t worry, you’re going to have clients out there in your locale that probably love you. But they’re also going to have people calling them as these other MSPs get bigger, and these national ones that swallow other little smaller companies and then their go-to market will be, “Well, let’s go down market, down market,” because we can’t always go up market, that’s pretty hard to do. But down market is like shooting fish in a barrel kind of thing. So that means it’s a risk for the smaller MSPs that are not going to sell out, that want to be in business another 10 or 15 years. So don’t be afraid, utilize AI to research it. They say don’t use AI as Google, I disagree a little bit, but you can use it for a lot of things. This can summarize: what is this offering? Can I use it? Ask it really basic questions to get acquainted, and then take the next step and call your vendor and just have a conversation with them and say, “What are all my options? I am in this locale, I serve these kind of verticals, here’s my sizing, here’s the tools I use.” You’ve got to throw everything out on the table because then your vendor, somebody like a technical or business contact, can jump in and say, “Look, I think that you should check out this part of this larger offering. And here’s what I’ll do for you. And here’s what you’re going to do. We’ll give you a game plan, right? You’re going to trial it in the following ways, we’re going to pair you up with a technical person to teach you a little bit and be your co-pilot—Microsoft gets enough press.” But really kind of jump in, try it out. Don’t be afraid. Because if you want to be around another 10 or 15 years, you have to make the leap. And you don’t have to do anything big, but you have to start adopting some of this security-forward thinking so that you can have threat briefings with your clients and not statistical talks. There was just that MSP summit and there was actually a panel on what the next gen of MSPs is doing. And it was funny to hear it because they’re like, “Well, we’re focused on outcomes.” And I totally agree, but I know some of the older MSPs are like, “Well, we’re focused on outcomes too.” But I think it’s the talk track. You’re all saying the same thing, but you need some more complex tools in some ways to be able to have these more outcome-based discussions. Like, “Hey, I not only blocked X amount of threats, I kept your uptime up in this way, and that allowed you to keep productivity up. So by my clock here, you were able to achieve all those things that you wanted to achieve in our initial meeting, we’re on track.” That’s the conversation you want to have in addition to that little bit of the threat briefings peppered in. Robert Dutt: All right. Some great advice there. Gentlemen, thank you both for taking the time. I appreciate it. Cameron Tousley: Thank you, Rob. Pedro Kertzman: Great to be here. Cameron Tousley: Absolutely. It was a pleasure. Thanks so much. Robert Dutt: There you have it, Cameron Tousley and Pedro Kertzman from ESET. I’d like to thank both Cameron and Pedro for their time. They did exactly what we set out to do with this conversation, kept it firmly in the strategy lane with technical depth in service of the business point rather than the other way around. A few things to leave you with. The framing that stuck with me most was Cameron’s distinction between statistics talk and threat briefings. The idea that your quarterly client review shifts from “here’s how many threats we blocked” to “here’s the specific group targeting your vertical right now. Here’s how their affiliate operates, and here’s what we’ve already done about it.” That’s a real upgrade in how an MSP demonstrates value. It moves you from uptime vendor to trusted advisor and that’s a conversation your competitors probably aren’t having yet. On the technical side, Pedro’s explanation of affiliate-level tracking is worth sitting with. The headline ransomware groups get the attention, but it’s the affiliates, the ones buying malware-as-a-service and doing the actual execution who determine the tactics on the ground. Tracking them is what gives you an early warning before the attack scales. And as I noted during the conversation, there’s a certain logic in how attackers exploit the MSP model specifically. Go after the tooling, stay under the radar, quietly compromise a hundred small clients instead of one high-profile target. Obscurity in that scenario is working against you. For the smaller MSP who’s heard all of this and thought, “I’m not staffed for this,” Pedro’s entry point is worth considering. You don’t need a full threat intelligence platform or a dedicated analyst to start. Automate the ingestion of indicators of compromise directly into your clients’ firewalls. Let the tooling do the work. It’s not glamorous, but it’s real, actionable and it’s a lot more than most of your competitors are doing. And Cameron’s closing thought, “evolve or sell,” is the frame I’d put around all of it. The consolidation wave hitting the MSP market right now is not slowing down. The shops that survive as independents will be the ones that have more sophisticated conversations with their customers. Threat intelligence is one of the things that helps you have those conversations. If you found this one useful, please follow or subscribe to the podcast wherever you listen. We’re on Apple Podcasts, Spotify, YouTube, all the major podcast directories. Ratings and reviews are always appreciated. Until next time, I’m Robert Dutt for ChannelBuzz.ca and I’ll see you in the channel.

In this special edition of CyberWire Daily's 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss cybersecurity geopolitics and warfare that have been in the news over the past 10 years. We begin our conversation around the supply chain malware from the destructive NotPetya campaign out of Russia, then Maria and Dave highlight: Olympic Destroyer disrupting the Pyeongchang Games, CozyBear's SolarWinds espionage campaign, the Colonial Pipeline ransomware disruption, Russia's full invasion of Ukraine paired with Viasat hack, Iranian hackers attacking ICS devices at water treatment plants in Israel, and China's VoltTyphoon and SaltTyphoon intrusions in critical sectors. Join us as we reflect on the escalation from election interference and disruption, to espionage and ransomware as national security crises, to integration in kinetic war,and now expansion into space, with AI-driven defenses and NATO codifying cyber as a collective defense domain. Learn more about your ad choices. Visit megaphone.fm/adchoices

Podcast: Industrial Cybersecurity InsiderEpisode: The Phishing Attack That Could Have Shut Down a Plant FloorPub date: 2026-04-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationA real-world case study shows how a single phishing email led to credential and MFA compromise, creating an urgent question for any industrial organization: Did the attacker reach the OT environment? Dino and Jim walk through how OT visibility, secure remote access controls, and continuous monitoring enabled rapid validation of what happened. They were able to prove the breach did not impact control systems and avoid an expensive, safety-driven shutdown of a continuous manufacturing process. The episode connects technical controls to executive outcomes, including resilience, duty of care, and the financial reality that “not knowing” can be as costly as an actual compromise.Chapters:(00:00:00) Why continuous manufacturing makes “abundance of caution” shutdowns so costly(00:01:00) What “OT continuous monitoring” means and why it matters in real incidents(00:03:00) Safety and connected environments: why “it can go boom” changes the stakes(00:05:00) Baselines: defining “normal” so abnormal behavior is actionable(00:07:00) Incident story: phishing email leads to credential and MFA compromise(00:09:00) What the team validated: tracing access and confirming OT was not impacted(00:10:00) Lessons from Colonial Pipeline: inability to validate can force shutdowns(00:11:00) OT reality check: Windows assets, HMIs, historians, and engineering workstations(00:13:00) Secure OT remote access: why VPN-only access is not sufficient(00:16:00) The payoff: avoided downtime, avoided product loss, and avoided disruption(00:19:00) Executive view: duty of care, liability, compliance, and protecting enterprise value(00:23:00) The “air gap” myth and why defense-in-depth is the only practical pathLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 85: From Colonial Pipeline to Agentic AI: What OT Security Actually RequiresPub date: 2026-04-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationLet's face it, the Purdue model's DMZ is gone. Trevor Dearing, Director of Critical Infrastructure Solutions at Illumio, explains how zero trust, micro-segmentation, and explicit policy are now the only reliable defense for critical infrastructure OT.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Michael Crean, senior vice president and general manager of managed security services at SonicWall SonicWall published its 2026 Cyber Protect Report in March with a deliberate reframe: rather than threat intelligence for its own sake, the report is built around actionable content for solution providers. The centrepiece is the seven deadly sins of SMB cybersecurity – seven predictable, preventable failure patterns drawn from real breach data. The headline numbers are sobering: 88 percent of SMB breaches involve ransomware, more than double the enterprise rate, average dwell time sits at 181 days, and 85 percent of actionable alerts trace back to identity and credential compromise. Michael Crean, senior vice president and general manager of managed security services at SonicWall, came to the company through the acquisition of Solutions Granted, the MSSP he built – one of the early pioneers of SOC-as-a-service for the MSP market. He’s direct about what the data means for partners: the seven sins aren’t just an SMB customer problem. They’re an MSP problem too. His core argument is that mastering fundamentals – MFA, patching, privilege management – is non-negotiable, and owning the right tools doesn’t change that. You can have the same toolbox as your mechanic; that doesn’t make you a mechanic. On the MSP-to-MSSP question, his answer channels Yoda: do or do not, there is no try. A month after the report’s release, Crean says partners have already been using the sins framework directly in customer conversations – which he describes as the whole point. One postscript: his personal favourite of the seven sins is number five, cost-driven security decisions. His test – ask a room of MSPs how many bought the cheapest car on the lot. Nobody raises their hand. But too many of their customers are doing exactly that with cybersecurity. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last sixteen years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. SonicWall has published annual threat research for years, but this year they did something different. They stopped calling it a threat report. The 2026 Cyber Protect Report reframes the conversation away from data for its own sake towards something MSPs can actually use – a set of tools and talking points for strategic conversations with customers. The hook they chose? The seven deadly sins of SMB cybersecurity. Seven predictable, preventable failures that show up in breach after breach. My guest is Michael Crean, senior vice president and general manager of managed security services at SonicWall. Michael came to SonicWall through the acquisition of Solutions Granted, the MSSP he built and one of the early pioneers of SOC-as-a-service for the MSP market. Before that, nine years in the military. So when he talks about what MSPs are getting wrong on security, he’s speaking from a fairly unusual vantage point – inside the SOC, inside the vendor, inside the partner community itself. The report had been out about a month when we sat down and I was curious what the actual conversation had looked like since launch. We got into that, the sins themselves, the 181-day dwell time that should make many MSPs uncomfortable, and what it really means to be or partner with a true MSSP. Let’s get right into it. My chat with Michael Crean. Michael, thanks for taking the time. I appreciate it. Michael Crean: Absolutely, sir. Robert Dutt: You called this report the Cyber Protect Report, not the threat report that you guys have been publishing for years. That seems like a deliberate choice. What are you trying to signal with that shift and who are you really talking to with this report? Michael Crean: I think every other threat report just looks the same. It’s got some different colors, it’s got some different logos, but everybody talks about the same exact thing and it felt boring. It felt like, “Why do we have to fit into the same role as everyone else? Why can’t we do something different that’s purposeful and should be meaningful to people?” It actually gives them something to talk about – not just with themselves internally, but also to their customers. That was the reason we went down this path and decided to call it the Protect Report. Robert Dutt: I’m guessing that also sets up why you went with the framing of those seven deadly sins – the seven predictable, preventable failures. I thought that was a really neat hook for it. When you look at that list, which one do you think most MSPs would be surprised to see themselves in? Not so much their customers, but themselves as MSPs? Michael Crean: Number one – ignoring the fundamentals. I mean, it’s incredible the amount of times – because of the work that we do at the SonicWall Security Operations Centers and the amount of compromises that we’re brought in to participate in, investigate, help people with – that you just find it’s this overwhelming amount of: you had the right tools, you had the right tech, and you didn’t know what to do with it. Or you did and you just didn’t take the time to really learn how to ride the bike well. We had a compromise today where a customer of ours got hit with Akira [verify], a ransomware, and we thought we probably knew that the penetration point was the firewall, but we had to do some more investigation. And when we did the investigation, the amount of misconfiguration was staggering [verify]. You pay for all these security services, and they weren’t even enabled – IPS, IDS disabled – and they paid for them. So it’s just unfortunate. These are just, again, what we call ignoring the fundamentals. Robert Dutt: Do you have any thoughts on what’s driving that? Is it a matter of, this is up and running, moving on to the next shiny thing, moving on to the next opportunity? What’s behind that? Michael Crean: I think some of it is that MSPs have found themselves in this place of challenge where they have so much responsibility and customers are looking at them. And I heard this a long time ago when I was a child – the smart person is the person that says what they don’t know. I think a lot of people are fearful to show that side of, “I don’t know something.” But saying “I don’t know” doesn’t mean you don’t know and you’ll never know. It just means, “Hey, I don’t know that, but I’m going to go here and ask this person, or I’m going to go to this vendor and get more information, or I’m going to do some more research and come back to you with a really solid answer.” Instead, there’s this constant – I hate to use the word – but it feels like there’s this constant necessity of yes that we have to keep giving our customers. I prefer somebody to tell me, “Nope, I don’t know how to do that, but I’m going to give you a great contact so that you can get it done right.” So I think that’s part of it. And then we, as manufacturers, we keep telling people all along the way, “Hey, buy my stuff, it fixes your problems. Just buy my stuff.” Well, I can go buy the same box of tools that my mechanic has, but that doesn’t mean I’m a mechanic and it obviously does not mean that my car is going to get fixed just because I’ve got the tools. Robert Dutt: Can attest to that. Fortunately, not with great experience, but there’s a reason I do take my car to someone else to get looked at. Michael Crean: Oh my goodness, you and me both. I want it done right. And as hard as I tend to drive my cars – because I have a thing for speed and adrenaline – I would actually like them to be as proper as they can be. Robert Dutt: Well, especially given that it’s important, when you’re testing the limits shall we say, that the thing stays together while you’re doing so. Michael Crean: Absolutely. Robert Dutt: And back to that point, I think there’s also the factor of when you are presenting yourself – and most MSPs do – as the trusted advisor, the expert on this, who’s going to take care of all this, that creates an even greater disincentive to admitting, “You know what? I need to check on that. Let me find out more,” rather than saying, “Yeah, I got this.” Michael Crean: I think it’s human nature, just in general. Because the moment you admit you don’t know something or you’re not certain, at that very moment in time, we just assume that to be a point of weakness. I believe through the military – I served for nine years – and being a CEO and founder for 22 years, what I really realized, and even when it came to my kids, sometimes when you just don’t know, it’s okay to say you don’t know, but I’m going to find out, or I’m going to figure it out, or we’re going to do it together and we’re both going to be better for it than we were when we started with the question. Robert Dutt: Funny, that came up early in my journalism career too. My editor at the time would say, “Your job is not to know. Your job is to find the person who does.” Along the same lines, a little bit of a different lens. You said something that I quoted in the news piece we did on the release of the report: that the danger isn’t that AI isn’t working – it’s that we’re using it as an excuse not to do the things we already know we should. That’s a remarkably direct thing for a security vendor to say, and it touches on that eating-your-vegetables kind of advice. What are you seeing that made you include that line? Michael Crean: It’s not what I’m seeing today. It’s what I’ve seen for the last 20 years in this industry. I mean, we went from deep packet inspection firewalls to next-generation firewalls. We got all of these extra added capabilities in the firewall, but then we got lazy on doing proper firewalling – controlling ports both inbound and outbound the way we used to do it – because we felt that we were overcompensating because we had so much power and capabilities. Then we went from signature-based AV to next-gen AV where we had these mathematical algorithms doing predictive analysis to understand whether a file is good or bad. Then we got EDR technologies helping us with the behaviour behind it. We just keep adding and adding and adding. I see AI as nothing more than just another tool. But how good can a tool be when you’re not performing the fundamentals? It helps, but it just can’t – I don’t know if you’re a sports guy or not, but think about it. When you look at the best of the best, whoever that may be – I’m a hockey guy – I’ll call Alex Ovechkin today. The best of the best, the all-time goal scorer. He beat Wayne Gretzky, he took that last year. That man works hard and he works on the fundamentals. I love what AI can do for us – to help get rid of some of the tasks that we don’t want to do, that we hate to do, that we can use for automation and make things faster, help us find bugs in our code, and in a security operations center, get through just mounds of data quicker. But you still have to do the fundamentals and you have to do the right things. Because when you do the right things and then you add something like AI to it, the world becomes a much different place. Robert Dutt: 88% of the SMB breaches you’re reporting on involved ransomware. That’s more than double the enterprise rate, if I’m remembering correctly. That’s a striking gap. What’s causing that? Do you see it as primarily resources, primarily end-user training, or something structural about how SMBs get attacked that’s different from enterprise? Michael Crean: I think it’s a little bit of everything that you mentioned, but mostly what it is, is this perception of, “I’m too little. I don’t have anything valuable. Why would somebody want to attack me?” When these large threat actors are going after huge enterprises – Colonial Pipeline, JBS, some massive organization – those organizations have better tools, better resources, better people, and they probably have more maturity to respond when they start to notice an attack taking place. When you think nobody’s ever going to break into your house, you may not lock your doors. You may not care about having the 70-pound German shepherd on watch when you’re not there. Because, I don’t have anything in my house of perceived value. But when you take that shotgun approach and you can knock down a hundred SMBs and get $10,000 out of each one, that’s a hell of a payday. It’s logical what we’re seeing right now. What it requires is that we all understand we have responsibility for the data that’s been entrusted to us – whether it’s customer data or supply chain data you’re responsible for because you’re supporting another vendor. The data we have is far more valuable than we give it credit for. Robert Dutt: And I guess there might also be an element of the ability to fly under the radar – the opposite of security through obscurity – in that you make that hit on Colonial Pipeline and it’s front-page news everywhere. You hit a bunch of small businesses for ten grand each, it gets a lot less attention from media. Michael Crean: I mean – I’m sure you’ve heard this, you’ve been doing this long enough – the idea around news and media: if it bleeds, it leads. And it’s not really sexy when you talk about a two-chair dental practice that gets hit with ransomware. And the two-chair dental practice doesn’t really want to talk about it either, because they’re a small community-based organization and it’s really damaging to how people potentially look at them. Whereas a Target, a Home Depot, a Lowe’s, whoever gets hit with ransomware – they’ve got the marketing machine, the attorneys, the dollars, the insurance. And at the end of the day, they’ll be as profitable, if not more profitable, a few quarters later. Robert Dutt: The report surfaces the number of 181 days of dwell time. For an MSP who’s running monthly security reports, quarterly reviews, thinks they have things in order – that number has to sting. What does it require of an MSP’s operating model to address that? Michael Crean: One, making sure that the investments you’ve made and the technologies you’ve decided to procure – the tools you’re going to use – make sure you’re well-trained on them and well-versed on the best practices so that you can get optimal outcomes. Patch management, man – I can’t tell you the amount of times we’ve seen… you talk about this 181 days, it comes down so many times to pure patch management. And the vast majority of manufacturers give you the patches for free. But we don’t think about it, we get distracted, we don’t see it as valuable as it really is. And it’s the really simple things. Again, it’s that number one – ignoring the fundamentals. Patching has been a fundamental thing we’ve talked about for so long. And I also think that for an MSP that just magically adds the additional S and starts calling themselves an MSSP – don’t dabble in security. Either do or do not. Do not try. We’re going to throw a little Yoda in here for the day. And if you’re not going to be a real MSSP, partner with one. There are so many great organizations out there – I’ll say we’re a great organization to partner with, that’s how we go to market – but there are lots of others out there who are purpose-built for this. It’s like being the best doctor in the world but you’re not a surgeon. So you refer somebody to a surgeon to get that surgery done. Robert Dutt: Your own background includes Solutions Granted – building out one of the first SOC-as-a-service models for MSPs before SonicWall acquired you. I’m curious, when you look back at your time on the other side, when you were the MSP – are there any of those sins you look at and go, “Hmm, that sounds awfully familiar”? Michael Crean: Oh, absolutely. I will say I went through that transition – 22 years of being a VAR, to being a government contractor, to being an MSP – realizing I was a really crappy MSP. Not going to lie. My bedside manner wasn’t great. I wasn’t passionate about what I was doing. And I think that’s something that gets lost sometimes. I was super passionate about security – getting out of the military, transitioning away from that, getting into IT and the tech space. And when I found my way into this SOC-as-a-service MSP space, it’s where I found my passion and love again. And I think that means a lot. Don’t do it for the sake of doing it. I think we all have to keep the lights on and put food on the table and clothe our kids and find a way to retirement one day, but find some happiness in that too and be really passionate about what you’re doing. And you’ll probably find a lot of these seven deadly sins aren’t as deadly for you. Robert Dutt: That’s one way of mitigating it, that’s for sure. The report is framed around protection outcomes and it’s explicitly aimed at giving MSPs the language to have strategic conversations with SMB decision-makers. But there’s a responsibility question underneath that. If the MSP is the last line of defense for most SMBs – and I think we’ve talked about this a little bit already – what does good actually look like? What’s the bar you have to reach before you either back off from security and/or partner with someone else who’s much more committed? Michael Crean: I think, one, it’s a team effort. It isn’t just the MSP’s responsibility. The business owners, the decision-makers, the board, whoever you’re dealing with that’s making these decisions – they have to buy in. And if they don’t, well, then you’re at a disconnect. You’re bringing in a subject matter expert – the MSP – to help make them more secure, for survivability, for all the things they’re asking for to make sure they can operate at the highest levels possible, and then you don’t allow them to do their job. That’s a huge risk. What I will say – and this is a hard lesson to learn, but one of the most valuable lessons to learn – is when you fire your first customer. Not get fired, but you actually fire your first customer because it wasn’t the right fit and the financial impact was going to hurt. It didn’t feel good. Nobody ever really wants to get fired or be fired. But when you do that, you start to mature. And inevitably, you also help that customer mature – because if they hear the same message from multiple people: “We’ve got to do patch management. Don’t tell me we can’t. We’re going to use MFA. We’re going to have a SOC monitoring this 24 hours a day, seven days a week, 365 days a year. We’re going to take away administrative privileges. We’re going to do the fundamentals. We’re going to make investments in tools and put the right people, process, and technology in place.” The outcomes really start to matter. But it is a team sport. I can’t tell you – and I’m sure you’ve heard this – MSPs talking about, “I can’t get my customer to use MFA, so I got them to sign this indemnification clause.” How many MSPs are getting sued, and these indemnification clauses aren’t holding up? Because you’re the expert. If you believe it’s 100% the right thing to do, then if they don’t follow – you fire them. Robert Dutt: It’s funny how often it comes down to that. I’ve heard that same sentiment from MSPs in the move towards, “This is what you have to take. It is not negotiable. It is the cost, as it were, of doing business with us.” I think that’s sage advice. Michael Crean: We accept it from our surgeons, right? If I’ve got a bum knee and I need it fixed and I’m a little overweight and he knows I’m drinking a little too much bourbon or eating a little too much red meat and he wants me to lose ten pounds so that he can be successful – if I’m not doing my part, well, why does he want to do surgery on me? Robert Dutt: Point taken. The report’s been out for a few weeks now. Curious – what’s the question you’re getting most from partners that you didn’t expect as they sit with this? What’s hit differently than you thought it might? Michael Crean: I thought we were going to get more pushback on why we called it a Protect Report instead of a Threat Report. That really isn’t the question we’ve been getting. What’s been surprising to me is the commentary. The unsolicited emails, the LinkedIn requests, the comments – people have really enjoyed receiving a report that just wasn’t like everything else. There’s been a lot of commentary along the lines of, “I’m going to have this discussion and use these analogies and use these seven deadly sins to have conversations with my customers.” That’s what we were hoping for, but you never know when you go against the grain how well it’s going to hit. I think we got lucky. Robert Dutt: It sounds very much like mission accomplished. I know it’s something that caught my attention and that I’ve heard out there as well. I look forward to seeing what comes next as you continue to reinvent what these kinds of reports do and what they look like. Michael, I thank you for taking the time to talk through this and to offer some advice. Michael Crean: I appreciate your time as well, sir. Thanks a lot. Robert Dutt: There you have it – Michael Crean from SonicWall. I’d like to thank Michael for his time, and for a conversation that felt a little different from the usual vendor security briefing. His background – building Solutions Granted from scratch, running a real MSSP, operating inside a SOC, and now sitting on the vendor side – gives him a perspective that’s harder to find than you’d think among people who are now in vendor roles. A few things will stay with me. The mechanic analogy – you can own the same box of tools, but that doesn’t make you a mechanic, and it doesn’t mean your car is going to get fixed. The surgeon line – if the patient won’t follow the pre-op advice, why are you doing the surgery? His answer on when an MSP reaches maturity – it’s the moment you fire your first customer who won’t implement MFA or basic patch management, even when it hurts. And the Ovechkin riff – even the greatest goal scorer in NHL history never stopped working on the fundamentals. Now, after we stopped recording, Michael mentioned something he wished he’d worked into the interview, and I promised I’d pass it along. Of the seven deadly sins in the report, I asked which one is most personally interesting to him and he landed on sin number five – cost-driven security decisions. He illustrated it this way: he’d been speaking at a conference recently and asked how many in the room had bought a car in the last eighteen months. A lot of hands. Then he asked how many of them had bought the cheapest car on the lot. Not one hand went down. Because we think about safety ratings, about the features, about whether the thing will hold together when we need it to. But when it comes to cybersecurity, too many businesses just reach for the cheapest option. As Michael said himself, it’s a little strange to have a personal favourite deadly sin. But there you have it. The 2026 Cyber Protect Report is well worth a look for any MSP or solution provider thinking about how to have a more strategic security conversation with their customers. Links in the show notes. If you found this useful, follow or subscribe to In The Channel from ChannelBuzz.ca wherever you get your podcasts – you’ll find us on Apple Podcasts, Spotify, YouTube, and all the major directories. Ratings and reviews are always appreciated and genuinely help other people in the channel find the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Let's face it, the Purdue model's DMZ is gone. Trevor Dearing, Director of Critical Infrastructure Solutions at Illumio, explains how zero trust, micro-segmentation, and explicit policy are now the only reliable defense for critical infrastructure OT.

Nancy Guthrie, eighty-four, the mother of NBC Today co-anchor Savannah Guthrie, was reportedly abducted from her residence in the Catalina Foothills community near Tucson, Arizona, on or about February 1, 2026. Bloodstains at the scene were confirmed as Guthrie's. Her Bluetooth-enabled pacemaker disconnected from her phone at approximately 2:30 a.m., suggesting movement out of range. Surveillance footage captured a masked individual on Guthrie's porch carrying a backpack investigators identified as a big-box retail purchase. No arrest has been made. No suspect has been publicly named. A multi-agency task force led by the FBI is conducting the investigation.Multiple ransom notes have been delivered to media outlets rather than the family — a pattern former federal agents have characterized as highly unusual. The most recent note demanded cryptocurrency in a split payment structure, creating two separate potential tracing opportunities. Former FBI agents have publicly noted the bureau's demonstrated capability in cryptocurrency recovery, citing the Colonial Pipeline case among others.The institutional handling of the case has drawn significant scrutiny. Reporting indicates the sergeant supervising the initial response had been in the role for approximately six months and lacked prior experience with comparable cases. Sources within the department state that experienced detectives had been reassigned, allegedly due to loyalty considerations rather than performance deficiencies. One veteran detective was reportedly returned to duty only after the case escalated to a multi-agency task force. The department's search and rescue aircraft was reportedly grounded because its pilot had been transferred to patrol duties. A DNA hair sample was sent by the Pima County Sheriff's Office to a private laboratory in Florida, where it remained for eleven weeks before being transferred to the FBI laboratory for advanced testing. The FBI has publicly stated the material was requested over two months prior.Retired FBI Special Agent Jennifer Coffindaffer provides analysis of the ransom note pattern, the forensic and procedural handling of the critical initial response window, and the investigative implications of the evidence profile — which she characterizes as consistent with a local, unsophisticated actor.Join Our SubStack For AD-FREE ADVANCE EPISODES & EXTRAS!: https://hiddenkillers.substack.com/Want to comment and watch this podcast as a video? Check out our YouTube Channel. https://www.youtube.com/channel/UC8-vxmbhTxxG10sO1izODJg?sub_confirmation=1Instagram https://www.instagram.com/hiddenkillerspod/Facebook https://www.facebook.com/hiddenkillerspod/Tik-Tok https://www.tiktok.com/@hiddenkillerspodX Twitter https://x.com/TrueCrimePodThis publication contains commentary and opinion based on publicly available information. All individuals are presumed innocent until proven guilty in a court of law. Nothing published here should be taken as a statement of fact, health or legal advice.#NancyGuthrie #SavannahGuthrie #JenniferCoffindaffer #FBI #TrueCrimeToday #PimaCounty #TucsonKidnapping #MissingPerson #BitcoinRansom #InvestigationFailure

Retired FBI Special Agent Jennifer Coffindaffer — who spent decades building federal cases and who has publicly called for the bureau to pay the bitcoin ransom and trace the wallet — sits down with Tony Brueski for an analytical breakdown of the Nancy Guthrie investigation.Coffindaffer addresses the central tactical question: the FBI has recovered cryptocurrency ransoms before, including in the Colonial Pipeline case. The latest note in the Guthrie case splits the demand into two payments, giving investigators two blockchain transactions to follow. At roughly $34,000, Coffindaffer argues the cost is negligible compared to the investigative value of identifying whoever is behind the wallet — whether it's the person who took Nancy or an opportunist feeding off the case.She also examines what the withheld contents of the ransom notes signal about the investigation's posture, why the $1.2 million in combined reward money has moved nothing, and what the evidence profile — a big-box store backpack, amateur surveillance evasion, a local operating pattern — tells investigators about the kind of person they're looking for. This is an expert-driven conversation about federal investigative strategy in a case that is simultaneously the most publicized and most stalled kidnapping in the country.Join Our SubStack For AD-FREE ADVANCE EPISODES & EXTRAS!: https://hiddenkillers.substack.com/Want to comment and watch this podcast as a video? Check out our YouTube Channel. https://www.youtube.com/channel/UC8-vxmbhTxxG10sO1izODJg?sub_confirmation=1Instagram https://www.instagram.com/hiddenkillerspod/Facebook https://www.facebook.com/hiddenkillerspod/Tik-Tok https://www.tiktok.com/@hiddenkillerspodX Twitter https://x.com/TrueCrimePodThis publication contains commentary and opinion based on publicly available information. All individuals are presumed innocent until proven guilty in a court of law. Nothing published here should be taken as a statement of fact, health or legal advice.#NancyGuthrie #JenniferCoffindaffer #FBI #BitcoinRansom #SavannahGuthrie #TucsonKidnapping #ColdCase #TrueCrime #HiddenKillersLive #FindNancyGuthrie

Ransomware sanctions are something most companies never think about — until they're staring down a ransom demand from a group the US government has already put on a sanctions list. In this episode, Dr. Mike Saylor walks us through a real incident involving a construction company, hundreds of millions in active contracts, and the Lazarus Group — a North Korean state-sponsored threat actor. Before that company could pay a single dollar in ransom, they had to figure out whether doing so would trigger federal penalties that dwarfed the ransom itself. We're talking fines of 10x to 100x the payment amount, and in some jurisdictions, jail time.This is one of those episodes where the story alone is worth your time. Mike was in the room for this incident, negotiating directly with the Lazarus Group over a weekend — and yes, it turns out North Korean cybercriminals have a surprisingly functional help desk. But beyond the story, there's real actionable information here about OFAC (the Office of Foreign Asset Control), how the US Treasury tracks Bitcoin wallets to identify sanctioned actors, and what you actually need to do the moment ransomware hits your organization.We also get into why paying a ransom paints a target on your back — 70% of companies that pay get hit again within six months — and why immutable backups are the only thing that truly keeps you out of this situation.Chapters:0:00 Intro1:31 Meet the Guests: Curtis, Prasanna, and Dr. Mike Saylor4:10 Case Study: A Construction Company and the Lazarus Group6:34 Are These Bad Guys Sanctioned? Introducing OFAC8:05 Why Ransomware Funds Terrorism, Drug Trafficking, and Worse11:00 Sanctions Penalties: Fines That Can Put You Out of Business12:24 Colonial Pipeline and Exceptions for Critical Infrastructure13:26 How the Government Tracks Bitcoin Wallets16:27 Global Sanctions: UK and Australia Have Their Own Rules18:31 Pay Once, Pay Again: The 70% Re-Attack Rate20:43 Proof of Life: Don't Pay Without It23:38 What To Do When You Get Hit: The Right Order of Operations25:17 Immutable Backups: The Only Real Answer27:07 How the Construction Company's Backups Got Wiped33:07 Build Your Team Before the Bad Day: FBI InfraGard and More

//The Wire//2300Z April 2, 2026////ROUTINE////BLUF: COLONIAL PIPELINE SHUT DOWN BRIEFLY OVERNIGHT AFTER SUSTAINING DAMAGE IN GEORGIA. STRATEGIC BUILDUP CONTINUES IN MIDDLE EAST AS UNITED STATES BEGINS TARGETING CRITICAL INFRASTRUCTURE WITHIN IRAN.// -----BEGIN TEARLINE-----  -International Events-Middle East: American targeting within Iran continues as Iranian forces continue to hit U.S. bases throughout the region. American bases in Kuwait have been hammered over the past few days, with ballistic missile strikes being reported at Camp Arifjan and Ali Al Salem Airbase. Within Iran, this morning the United States began more deliberate attacks on infrastructure which are not solely military targets. The B1 bridge west of Tehran was destroyed, which was not yet opened (it was still under construction) but would have been the largest bridge in the country and the main link between Tehran and Karaj. Analyst Comment: The Iranians are very likely to retaliate by hitting one (or several) critical bridges throughout the region, on the south side of the Persian Gulf. The King Fahd Bridge linking Bahrain with the mainland was already struck by the Iranians on the opening days of the war (when Saudi forces crossed the bridge to put down the Shia uprising/protests in Manama) so if they wanted to hit it again they've already demonstrated that they have the ability to do so.Iraq: This morning the US State Department issued another travel alert, specifically warning that attacks may escalate over the next 24-48 hours.Analyst Comment: This is probably in response to the kidnapping of American journalist Shelly Kittleson by Kataib Hezbollah two days ago (who still remains missing in Baghdad) but also the deteriorating security situation nationwide, which is being compounded by various Iraqi militia groups beginning to mobilize against American forces in the region.More strategically, the situation is Iraq has deteriorated to it's lowest point in years, and there is now a very real risk of some kind of insurgent uprising coming about, due to the opposing militant groups which have been stirred up by the situation in Iran. This will be an important situation to monitor over the next few weeks.India: Following weeks of petroleum disruptions nationwide, the first oil tanker arrived in Vadinar overnight, completing India's resumption of purchasing crude oil from Iran, which was originally halted in 2019.Analyst Comment: India had previously halted the purchase of Iranian oil due to American sanctions, but due to the war in the Middle East resulting in the US waiving oil export sanctions, India has resumed the purchase of oil from Iran. Indian media reports that the transaction was carried out in Chinese Yuan.-HomeFront-Georgia: Yesterday evening Colonial Pipeline's Line 1 was shut down after sustaining damage during drilling operations. The pipeline was shut down for several hours while repairs were conducted, and as of this morning Line 1 is fully functional.Analyst Comment: While this incident was not the result of malign action and it was resolved quickly, this was still a big deal. This is the largest gasoline pipeline network in the United States, and provides the vast majority of gasoline to the east coast. Considering the recent volatility in the oil markets, this outage occurring right before a major holiday weekend for travel was exceptionally poor timing.Washington D.C. - Several leadership changes have taken place this afternoon. Attorney General Pam Bondi has been relieved of her duties, with her Deputy Todd Blanche taking over her roles until a replacement is found. At the Pentagon, General Randy George was requested to take an early retirement, effective immediately, stepping down from his role as Army Chief of Staff.-----END TEARLINE-----Analyst Comments: President Trump's address to the nation la

What happens when your company gets hit by a cyberattack?In this eye-opening episode, attorney Joshua Cook reveals why cybersecurity isn't an IT problem but a leadership challenge. After two decades fighting fraud and managing crisis response, Cook has seen every digital disaster imaginable — and he's here to explain how to build true cyber resilience.

Cybersecurity isn't just a technology issue, it's a family and financial issue. In this episode, Julina is joined by cybersecurity expert Sam Disraelly, Founder of Your Tech Department, to discuss the real online risks individuals and families face every day, from phishing scams to identity theft and account takeovers. You'll learn simple, practical steps to better protect your personal and financial information and build confidence navigating today's digital world. Timestamps:04:50 – The two types of cyber attacks people face07:00 – How COVID, Colonial Pipeline, and now AI changed the threat landscape10:45 – Why you should NOT click links in emails 12:30 – The Google search trap & the fake USAA site story 15:15 – The most common mistake families make17:00 – Passwords: “Long, Strong, Unique” 19:00 – Why built-in browser password managers (Google/Chrome/Apple) are risky22:15 – How to move your passwords into a real password manager 24:30 – The hidden dangers of free email accounts27:30 – The Optimum.net warning30:20 – What your email MUST be able to do (2FA, login visibility, session control)31:30 – Verizon outage example: why SMS 2FA can fail32:40 – Kids & teens online: AI, images, and why this is getting scarier34:00 – DNS filters: the most powerful tool parents don't know about38:00 – Pi-Hole and network-level protection at home39:10 – The easiest habits to start TODAY41:00 – Use a trusted partner before you click 48:00 – Three email strategy50:00 – “Plus addressing” with Gmail to control spam52:30 – Cyber insurance in homeowners & umbrella policies 56:30 – Sam's takeaway: 95–98% of attacks are stopped by 3 thingsConnect with Julina Ogilvie:WebsiteYouTubeLinkedInEmail- jogilvie@principlewealthpartners.comConnect with Sam Disraelly:https://yourcyber.team/https://yourcyber.news/https://www.linkedin.com/in/aridisraelly/The information provided is for educational and informational purposes only and does not constitute investment advice and it should not be relied on as such. The statements and opinions expressed in this podcast are those of the author. PWP cannot guarantee the accuracy or completeness of any statements or data. For current PWP information, please visit the Investment Adviser Public Disclosure website at www.adviserinfo.sec.gov by searching with PWP's CRD #290180

Podcast: OT Security Made SimpleEpisode: How the threat landscape for OT has changed since Colonial Pipeline | OT Security Made SimplePub date: 2025-12-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMike Holcomb, independent OT/ICS security advisor and former Director of OT security at Flour, talks about the shift of cyber threats in the OT space and the struggles of small entities to secure themselves. He proposes the BASIC principle to get started fast despise limited budgets.You can find more information on OT Security Made Simple at rhebo.com or send us your ideas and questions at podcast@rhebo.com.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Mike Holcomb, independent OT/ICS security advisor and former Director of OT security at Fluor, talks about the shift of cyber threats in the OT space and the struggles of small entities to secure themselves. He proposes the BASIC principle to get started fast despite limited budgets.You can find more information on OT Security Made Simple at rhebo.com or send us your ideas and questions at podcast@rhebo.com.

In this episode of The Tactics Meeting, Dan Smiley gathers a roundtable of experts to tackle the invisible but growing threat to the maritime industry: Cyber Security. We are joined by first-time guest Charles Grau from Fairwater, who brings his background in aerospace and the to the table. Together with regulars Jim Butler, Mark Curtis, and Theo Camlin, the panel discusses why the biggest threat to a vessel might not be the sea itself, but the vendor walking up the gangway with a thumb drive. From the Colonial Pipeline ransomware attack to GPS spoofing in the Red Sea, we explore how the threat landscape is shifting from traditional oil spills to cargo fires and digital intrusions. The group also debates the challenges of connectivity during an incident—balancing the security of VPNs and firewalls against the need for real-time information sharing via tools like Starlink. In this episode, we cover: Aerospace vs. Maritime: Charles compares high-regulation aviation security to the current state of shipping. The Human Firewall: Why well-trained crew members are your best defense against phishing and social engineering. IT vs. OT: Understanding the difference between Information Technology and the Operational Technology that actually drives the ship. Response Reality: Mark shares a story about training responders on software during an active ship fire in the North Sea. The "Sticky Card" Problem: Navigating the digital divide when different agencies can't use the same software. Save the Dates: March 24-25, 2025: National Harbor Safety Conference in Seattle, WA. October 21-22, 2026: Washington State Maritime Cooperative Planning Conference in Tacoma, WA. Sponsors: This episode is brought to you by Gallagher Marine Systems (GMS) and the Washington State Maritime Cooperative (WSMC).

Colonial Pipeline's rule changes are reshaping the conventional gasoline market, and Argus is leading the way with updated pricing methodology. In this episode, Jared Ainsworth, US Products Gasoline Editor at Argus, Paul Dahlgren, Business Development Manager at Argus, and Maria Eugenia Garcia, Managing Editor of Refined Fuels at DTN, break down what these changes mean for traders, refiners, and marketers. From segregated vs. fungible batches to shifting export flows and margin compression, hear how the market is evolving and what's next for Argus assessments.  Tune in for expert insights on: Overview of Colonial Pipeline's new shipping rules and their impact on trade Why segregated vs. fungible batches matter for pricing and risk Global implications of declining domestic demand and rising exports Argus' methodology update for conventional gasoline assessments Insights into price trends, margin compression, and refinery profitability  

Welcome to this week's episode of the PEBCAK Podcast!  We've got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   2016: The Dawn of Modern Ransomware The debut of Petya and Russian-affiliated groups like CryptoWall, TeslaCrypt, and Locky. Attacks were largely indiscriminate, targeting anyone from Fortune 500 companies to "Grandma's laptop." Early mitigation tactics, like installing Russian language packs to avoid infection, highlighted the state-tolerated nature of these groups.   2017: Ransomware Goes Mainstream A pivotal year with the WannaCry attack (attributed to North Korea's Lazarus Group) and NotPetya (Russian-backed), causing billions in damages to companies in multiple verticals. The SAMSAM attacks hit U.S. cities like Baltimore and Atlanta, marking Iran's brief foray into ransomware. Ransomware became a household name, sparking executive-level discussions in boardrooms.   2020: The Rise of Ransomware-as-a-Service Groups like Ryuk, REvil, and Conti refined ransomware into a business model, outsourcing tasks like initial access and money laundering. Double extortion emerged, with attackers stealing data and threatening to leak it, even if backups were restored. Some groups introduced “terms of service,” avoiding hospitals and schools to dodge law enforcement scrutiny.   2021: Critical Infrastructure in the Crosshairs High-profile attacks on Colonial Pipeline, JBS Foods, and Ireland's National Health Service disrupted daily life, from gas shortages to meat supply issues. These incidents underscored ransomware's real-world impact, elevating cybersecurity to a boardroom priority.   2022: Geopolitical Shifts and New Players Russian-backed groups like Conti and LockBit shifted focus to Ukraine amid the Russia-Ukraine conflict. The rise of Scattered Spider, a Western-based group excelling at social engineering and SIM swapping, marked a shift from Eastern state-tolerated actors.   2023: Trust Breaks Down The ALFV/BlackCat group's $22 million rug pull against affiliates signaled the decline of Russian-backed ransomware dominance. Scattered Spider solidified its reputation, targeting major hospitality and cleaning companies with sophisticated social engineering tactics.   2025: The Western Cybercrime Surge Scattered Spider and affiliates like DragonForce dominate, hitting retailers, insurance, aviation, and automotive sectors. The shift to Western-based actors, often young and operating in Five Eyes nations, makes them more vulnerable to law enforcement.   Trends and Takeaways The move from expensive zero-day exploits to cheaper n-day exploits and social engineering highlights attackers' adaptability. Double extortion and even “double dipping” (demanding additional ransoms months later) have become standard tactics. The accessibility of AI tools and open-source platforms like Venice AI has lowered the barrier for creating ransomware, even for non-programmers. Law enforcement's increasing success in arrests and Bitcoin recovery (e.g., DarkSide's downfall) offers hope for curbing cybercrime.       Dad Joke of the Week (DJOW)   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Ben - https://www.linkedin.com/in/benjamincorll/

Fargo faces a weekend of violence with two deadly shootings and a suspect still on the loose—who, it turns out, was previously given a slap on the wrist for an armed robbery. Scott Hennen and guests explore the city's boiling point: has Fargo crossed into 'little Chicago' territory? Then, Bridgette Readel drops in to break down major shifts at the USDA and dicamba regulations. Later, Justin Kringstad of the North Dakota Pipeline Authority gives a riveting lesson in the role pipelines played in winning World War II—and why North Dakota's energy infrastructure is once again at the center of America's future. Finally, meet Fowzie Adde, founder of the Immigrant Development Center, as she shares heartwarming success stories of legal immigrants rebuilding their lives and strengthening North Dakota's workforce. Standout Moments with Timestamps: Crime & Commentary in Fargo [00:01:30] – “Waiting on the world to change? Not in Fargo.” — Opening reflections on recent shootings [00:07:15] – “Two shootings, two dead… and no press conference?” – Scott calls out city leadership [00:16:05] – Listener texts: “Fargo's becoming little Chicago” [00:23:45] – Misdemeanor for armed robbery? The Tyreek Jones case explained [00:33:50] – Jay Thomas joins to vent frustrations: “This guy should've been in prison” [00:49:30] – Paula's jaw-dropping story: “My husband sentenced a man to prison… he was on our roof two weeks later.” Ag & USDA Reshuffling [01:02:00] – Bridgette Readel details USDA workforce relocation: “4,600 jobs are moving” [01:07:00] – Dicamba label changes, public comment, and why farmers' voices matter [01:11:00] – Labor crisis in ag: “Without H-2A reforms, we'll lose production land” Pipelines & National Security [01:18:45] – Justin Kringstad: “Pipelines helped win WWII” — A forgotten history lesson [01:25:00] – Colonial Pipeline cyberattack & Winter Storm Uri: What they taught us [01:33:00] – 2030 gas pipeline plans in North Dakota — and what's at stake Legal Immigration: Building Futures [01:42:30] – Fowzie Adde: “Legal immigrants are the fastest homebuyers in our region” [01:46:15] – Immigrants working as CNAs, truckers, and entrepreneurs [01:52:10] – “From Somalia to Fargo”—Fowzia's personal story [01:57:30] – Success story spotlight: Bosnian family grows cleaning biz into a $1M+ operation Featured Guests: Bridgette Readel – Flag Family Media, Ag Correspondent Justin Kringstad – Exec. Director, ND Pipeline Authority Fowzie Adde – Founder, Immigrant Development Center Jay Thomas – Flag Family Radio Host

Cybersecurity Insights for Business Leaders: Expert Advice from Derek Kernus of Aethon SecurityIn today's rapidly evolving digital world, cybersecurity is no longer just a concern for large enterprises—it's a critical part of every organization's strategy. In this recent episode of The Thoughtful Entrepreneur, host Josh Elledge sat down with Derek Kernus, CEO of Aethon Security, to discuss how business leaders can protect their organizations from the growing wave of cyber threats. The conversation dives deep into the importance of cybersecurity, compliance, and practical steps that leaders can take to stay ahead of the curve in an increasingly complex landscape.Understanding Cybersecurity and Compliance in Today's Business WorldDerek Kernus opens the conversation by highlighting the current cybersecurity threats faced by businesses today. Nation-state actors from China and Russia are increasingly targeting U.S. government networks and contractors, aiming to steal sensitive information or disrupt critical infrastructures like energy grids, water systems, and healthcare. As businesses digitize more of their operations, the number of potential attack points expands, making it essential for leaders to treat cybersecurity as a core business risk.Derek emphasizes the importance of compliance, particularly for government contractors who must meet cybersecurity standards like the Cybersecurity Maturity Model Certification (CMMC). Failure to comply with these requirements can result in lost contracts, legal penalties, and reputational damage. Even in the private sector, companies are increasingly expected to adopt rigorous cybersecurity measures. By understanding and implementing these frameworks, businesses can ensure that they are protected and ready to meet both governmental and industry-specific standards.The episode also addresses real-world cyber threats, including the Colonial Pipeline attack and attempts to disrupt municipal water systems, underscoring the need for proactive security measures. Derek offers actionable cybersecurity tips for business leaders to improve their organizational defenses and protect sensitive data.Actionable Cybersecurity Tips for Business LeadersDerek shares several practical, actionable cybersecurity steps that leaders can implement immediately to enhance their company's security posture. One of the most essential steps is implementing Multi-Factor Authentication (MFA) across all critical accounts. MFA significantly reduces the risk of unauthorized access, even if passwords are compromised. Derek advises prioritizing MFA for administrative and remote access accounts and training employees on how to use it.Another key recommendation is to conduct regular vulnerability scans. These scans help identify system weaknesses before they can be exploited. Derek stresses the importance of automating these scans, prioritizing high-risk vulnerabilities, and keeping records of the scans and remediation efforts for compliance purposes. Additionally, keeping software and systems up to date is crucial. Outdated software often serves as a gateway for cybercriminals, so applying patches and updates promptly can close those security gaps.Finally, Derek encourages business leaders to leverage federal cybersecurity frameworks like NIST and CMMC to better manage risks and ensure compliance. These frameworks offer structured, proven guidelines to assess and improve cybersecurity defenses, making them invaluable tools for organizations of all sizes. Derek advises that even non-government contractors benefit from adopting these best practices.About Derek KernusDerek Kernus is the CEO of Aethon Security, a cybersecurity consulting firm that helps organizations navigate complex compliance requirements and protect their data from cyber threats. Derek brings years of...

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Megan Stifel on the Impact of the Ransomware Task ForcePub date: 2025-05-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMegan Stifel, Chief Strategy Officer for the Institute for Security and Technology, joins the Nexus Podcast to discuss the four years of progress and challenges experienced by the Ransomware Task Force. The RTF was created days before the Colonial Pipeline ransomware incident and in a landmark report, laid out 48 recommendations to the industry that included a framework for critical infrastructure organizations that could help deter and disrupt the operations of ransomware gangs. Stifel covers the growth of the task force and which the of the 48 recommendations have been tackled and which remain. Listen and subscribe to the Nexus Podcast on your favorite platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Megan Stifel, Chief Strategy Officer for the Institute for Security and Technology, joins the Nexus Podcast to discuss the four years of progress and challenges experienced by the Ransomware Task Force. The RTF was created days before the Colonial Pipeline ransomware incident and in a landmark report, laid out 48 recommendations to the industry that included a framework for critical infrastructure organizations that could help deter and disrupt the operations of ransomware gangs. Stifel covers the growth of the task force and which the of the 48 recommendations have been tackled and which remain. Listen and subscribe to the Nexus Podcast on your favorite platform.

You've heard the headlines: “Bitcoin is for criminals.” But is that actually true?In this episode, we dig into the data, scandals, and hypocrisy behind the global money laundering industry. Spoiler: it's not Bitcoin moving $2 trillion a year — it's the traditional banking system.

Podcast: Industrial Cybersecurity InsiderEpisode: Stuxnet to Colonial Pipeline What Have We Learned & What's on the Horizon?Pub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino sits down with Mike Holcomb, Fellow and Director of ICS/OT Cybersecurity at Fluor, to explore the critical, and often overlooked challenges in securing operational technology. From his early fascination with hacking culture to leading OT security for one of the world's largest engineering firms, Mike shares personal insights and lessons learned. The conversation covers the delayed cybersecurity maturity in OT environments and the lasting impact of the Colonial Pipeline breach.They address the crucial role of visibility, engineering partnerships, and cultural buy-in when building secure industrial systems. Whether you're managing pipelines, power grids, or manufacturing floors, this episode delivers actionable insights and strategic foresight for leaders protecting our most vital infrastructure.Chapters:00:00:00 - Why OT Security Still Falls Behind00:01:03 - Mike Holcomb's Unlikely Path to Cybersecurity00:01:23 - Hacking Curiosity and a Love for Breaking Things00:02:16 - From Network Admin to OT Defender00:03:08 - Stuxnet, Colonial, and the Wake-Up Calls We Ignored00:06:18 - When OT and IT Don't Speak the Same Language00:12:14 - Threats Are Getting Smarter — Are We Keeping Up?00:26:29 - Evolving the Culture of Cyber Hygiene00:32:14 - Final Takeaways for Security LeadersLinks And Resources:Mike Holcomb on LinkedInIndustrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

What if the hackers are actually the heroes?In this mind-blowing episode, host David Mauro sits down with Matt Toussain, elite military cyber warrior, DEF CON speaker, and Founder of Open Security, to reveal how offensive security and real-world hacking tactics are helping businesses reduce risk, fight cybercrime, and stay ten steps ahead of threats.

In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by ransomware experts Allan Liska from Recorded Future and Jonathan Braley, Director of Threat Intelligence for IT-ISAC, to get a pulse check on the current state of ransomware.   They discuss how ransomware has shifted from simple attacks, like Locky, to more sophisticated, high-stakes campaigns targeting entire networks and demanding millions of dollars. Allan and Jonathan also highlight the rise of ransomware-as-a-service, the emergence of big game hunting attacks, and the increasingly professionalized criminal ecosystem surrounding ransomware. The conversation further explores the psychological aspects of cybercrime, focusing on the mindset of ransomware operators—particularly in Eastern Europe and Russia—where the line between crime and business can often be blurred.  In this episode you'll learn:       Why attackers now target entire networks instead of just single machines  How cybercriminal groups turned ransomware into a profitable business model  The unique challenges healthcare employees face during ransomware attacks  Findings from IT-ISAC's recent ransomware reports    Some questions we ask:        How did the Colonial Pipeline attack lead to real-world actions?  Will paying the ransom restore the organization's data and operations?  What are the differences between ransomware from 10-12 years ago and ransomware today?    Resources:   View Allan Liska on LinkedIn   View Jonathan Braley on LinkedIn   View Sherrod DeGrippo on LinkedIn     IT-ISAC Ransomware report  Food and AG-ISAC Ransomware report  Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider      The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Rethinking IT and OT: Lessons from the Colonial Pipeline Cyber AttackPub date: 2025-03-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow tackles the ongoing debate of IT versus OT attacks, using the example of the Colonial Pipeline incident to illustrate his point. Aaron argues that focusing on whether an attack is an IT or OT issue misses the bigger picture - the real impact on operations.  Through engaging stories and industry insights, Aaron emphasizes that asset owners ultimately care about operational continuity, revenue, safety, and risk management, rather than rigid definitions.  Join us as we explore why understanding the broader business risks is crucial and how organizations can better protect themselves in this evolving landscape. Key Moments;    04:48 Key Role of OSI PI in Utilities 09:05 New Domain Issue: Same Name, No Access 11:26 IT vs. OT Asset Management Dilemma 15:28 OT Cybersecurity: Beyond Securing PLCs 18:47 Blurring Lines Between IT and OT 19:36 Business Risk and Cyber Protection Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co  The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  Cybersecurity Response Plan w/ Frank Grimmelmann of ACTRA   - AZ TRT S06 EP03 (264) 2-9-2025                 What We Learned This Week ACTRA Arizona Cyber Threat Response Alliance Cyber threats affect everyone from Gov't to business to private and growing Companies need to be responsive with speed to be effective + share information of attacks ACTRA has members from both government and private sector ACTRA helped create a state cybersecurity response model that other states can use     Guest: Frank Grimmelmann https://www.actraaz.org/actra/leadership President & CEO/Intelligence Liaison Officer   Mr. Grimmelmann also serves as Co-Chair (together with Arizona's Chief Information Security Officer) for the Arizona Cybersecurity Team (‘ACT'), created through the Governor's Executive Order signed in March 2018. He also serves as a Founding Member of the National Leadership Group for the Information Sharing & Analysis Organization Standards Organization (‘ISAO SO') at the University of Texas San Antonio (UTSA), created under the President's Executive Order 13691 in February 2015. As ACTRA's leader, Mr. Grimmelmann was invited as the first private sector representative in the Arizona Counter Terrorism Information Center (ACTIC) and served as its first private sector Executive Board representative from 2014-2019. He presently acts as ACTRA's designated private sector liaison to ACTRA's Key Agency and other non-Member Stakeholders.    Mr. Grimmelmann served four terms as AZ InfraGard's President from 2009-2012, serves today on numerous academic advisory boards, co-Chairs the Greater Phoenix Chamber's Cybersecurity Workforce Collaborative initiative, and is an engaged Member of the Arizona Technology Council's Cybersecurity Advisory Board.  In 2019, Mr. Grimmelmann was honored by the FBI, and the Board of Directors of both ACTRA and Arizona InfraGard as the first recipient of Arizona InfraGard's ‘Visionary Award' for creating the ACTRA framework  over his last 2 terms as Arizona InfraGard's President, and ACTRA's resulting collaboration between law enforcement/ intelligence agencies/USCYBERCOM, and its public, private and academic organizations over the past 7 years.   He was simultaneously recognized by the FBI's then Deputy Director for his contribution over the years. He remains an active Member of InfraGard since 2003 and an active Lifetime Member of the FBI Citizens Academy since 2006.   Since 2002 he has devoted his full-time attention to protecting our nation's critical infrastructure and national security interests, through eliminating unnecessary silos that hinder communication, allowing  us to respond to today's increasing threat from our cyber adversaries, and in turn permitting ACTRA's Member Organizations to protect their critical infrastructure and our national security interests, while protecting their organization's assets .   Educationally, he holds a dual MBA in International Business and Finance from the University of California at Berkeley and brings decades of experience as a senior executive in finance, healthcare and government, prior to focusing on Cybersecurity in response to 9/11.          Notes:   Seg 2   Cyber threats affect everybody, business, personal, and government. Cyber crime is a fact of life that we need to live with it, but stay ahead.   Criminals are on the offense and only have to be correct 1% of the time. Everybody else is playing defense and has to be right 100% of the time.   AI is an advanced tool that is turned out to be a two edge sword, can help and hurt. AI can only catch so much but can give a few of what is going on.   This is a matter of national security, dealing with homeland security and many other departments of the government.   You have threat intelligence to determine roles on how you're going to handle hackers and ransom ware. Hackers can be local or foreign.   All companies need a cyber policy and some sort of rapid tactical response.   Cyber attacks are an ever growing threat to people and businesses, and continue to surge in 2024. There was 107% surge in malware attacks.   These are on corporate computers, computers at work or home computers or even Home devices like Ring. You get a text through devices, phishing attacks.   Company business email can be compromised in an attack, people's passwords come out and it leads to millions of dollars in losses. Elderly people are very vulnerable, 353,000 attacks.   You have supply chain threats by terrorist and nation state actors. There was a recent attack on United Healthcare for 100 million. People‘s information was exposed. This led to a $22 million ransom payment.   Cyber attacks cause $2.9 billion in damages. Companies are paying ransom to faceless criminals. Very tough for the FBI to be tracking down on these criminals and try to fend off the extortion of stolen data.   Payments for ransom could be made through Bitcoin, which is difficult to trace, though it leaves somewhat of a forensic trail. Constant need for regulation and oversight from the government.   Famous incident last year was not even an attack, but the Crowdstrike software update. ACTRA had a quick response that day. One that helps clients and partners recover fast. In a similar instant, Delta was down for weeks with computer problems.   When you think about what goes on with banks back to 2008 - what loans they have on balance sheet and then off balance sheet securitized - not regulated like normal loans.   Issues with underwriting standards on loans. Not even sure what can be affected in a Cyber attack. Off balance sheet loans and debt is similar to crypto or Bitcoin where it is not being regulated.   PPD-41 was a directive to show responsibilities of government agencies and dealing in cyber. You had homeland security as a defensive arm to protect the nation's assets.   Enforcement is done in the US by the FBI. Overseas it's done by US Cyber Command.     Seg 3   Frank background in the 1990s in private business, worked in healthcare. Then was the chief info officer and the only 2000s at clinical in Stanford. Healthcare is very vulnerable.   Post 9/11 he worked with FBI outreach program called InfraGuard on how to share intelligence with cyber threats. Needs to be treated like terrorism or criminal acts, though they're taking stolen IP. Need to move to a more stable world.   2011 study was done by government organizations to review the process and make recommendations on how to deal with counterterrorism and cyber.   90% of the critical infrastructure in the US is in the private sector. They do need Fed level help, but have also have a local response. Cyber threat actors move quickly and act like a terrorist organization.   General Stanley McChrystal had a great quote, ‘It takes a network to defeat a network.' Cybersecurity is everyone's problem. You need education and organization. This is a 5th generation problem and you have to be adaptive.   ACTRA is a nonprofit dealing with cyber security. They've got pillars of empowerment, trust technology and intelligence. Need for the private companies to develop to train and recruit to handle this threat.   They created a model which allows to bring the fight on offense - and all work together sharing information. Virtual response team, small and big with the private sector as a partner.   ACTRA is a hub for info, and keeps its member information private. Some members are public like Arizona State. Actual model can be used for the rest of the nation. Government and private cannot do it alone. Not all states have this type of organization, but probably need it.     Seg 4   ACTRA started in January 2013. Give U.S. states a model for cyber security. Collective defense and share information with public and private organizations. The goal is to breakdown silos between government and the corporate world.   Not just a thing tank, has an active model. Review of ACTRA model is best in the country and a good hub for response and info.   In 2015, they helped Wisconsin create their own state organization for cyber threats. Soon after, Maryland created one using ACTRA as a model. Needs to be an effort of collaboration, merge the construct of entrepreneur spirit to take action.   So the government cyber threats are handled nationally at a Fort Meade, where the NSA is.   Frank's background in business in finance and healthcare fields.   Info is useless if not used for action. You need actionable intelligence that is current to take down a threat. You need more than continuing education and certificates for people, must go beyond this.   Virtual response team like a local militia who can help protect assets. Going after cyber criminals can be a little bit like a whack a mole.   Overtime, hopefully there will be a national strategy for info sharing. A type of decentralized and local organization that work with government.   The private sector owns the vast amount of data so they have to determine who they're going to share it with and how.   Defend vs Cyber fast while still working within the spirit of the law.       Seg. 1 Clips from Related Shows: Cybersecurity, Disruption, Blockchain & Terrorism w Ari Redbord of TRM Labs - BRT S02 EP31 (78) 8-1-2021     What We Learned This Week Cybersecurity is extremely important industry for national security TRM Labs startup in cyber-security, monitors blockchain OFAC - Gov't administers economic and trade sanctions Ransomeware – specific breach, takeover of a computer system, holds data hostage Programatic Money Laundering – bad guys create new addresses, create ‘shell' companies   Guest: Ari Redbord, Head of Legal and Government Affairs w/ TRM Labs https://www.linkedin.com/in/ari-redbord-4054381b4/ https://www.trmlabs.com/post/trm-labs-appoints-ari-redbord-as-head-of-legal-government-affairs   Ari is formerly a US Attorney, and worked in the Treasury Department, now advises the Government on cybersecurity, and Blockchain. Cybersecurity is a fast growing and extremely important industry for national security, and corporate interests. There are Nation States acting as bad players in the cyber realm and targeting the US Government and US business. We discuss the advancements in technology on cyber crime, blockchain, crypto, and online fraud. How is the FBI dealing with Ransomware, and other cyber attacks on prime targets like the Colonial Pipeline, or other big corps. What Regulations are coming in banking, and Fintech, with KYC (Know Your Customer), plus the big banks like JP Morgan Chase and Goldman are on board.  What the blockchain ledger can help solve in security, to monitor criminal activity in real time with the help of crypto exchanges like Coinbase.  Lastly, what TRM Labs does for clients, how they advise, operate, and who they work with.   Full Show: HERE     Phishing, Malware & Cybersecurity - Try Not to Get Pwned - BRT S02 EP47 (94) 11-21-2021   What We Learned This Week:   Have I been Pwned? Means have I been breached / hacked – did someone hack my email or website Phishing – most common type of email threat, like when you receive a strange email with a link – Do Not Open – DELETE (and alert other office staff of the email) Ramsonware – hack your website, or data – hold it hostage for an extortion ‘ransom' payment Dark Web – where stolen data, & info is being bought & sold VPN Connections – direct and secure   Guests: Vince Matteo, Seven Layer Networks, Inc. https://sevenlayers.com/ Vince Matteo is a certified penetration tester, a security researcher, and a senior consultant at Seven Layers (.com) where he focuses on securing small businesses.  Vince is the author of "Hacking 101 – A Beginner's Guide to Penetration Testing", he's a bug bounty hunter with 17 published critical vulnerabilities, and he's presented talks on offensive hacking at security conferences -- most recently GrrCON in Grand Rapids, MI and BSides in College Station, TX.  Outside of work, Vince is an accomplished endurance athlete, an Ironman age group champion, and in his spare time, you can find him in the desert -- training for the next hundred-mile ultramarathon.    Full Show: HERE     Biotech Shows: https://brt-show.libsyn.com/category/Biotech-Life+Sciences-Science   AZ Tech Council Shows:  https://brt-show.libsyn.com/size/5/?search=az+tech+council *Includes Best of AZ Tech Council show from 2/12/2023   Tech Topic: https://brt-show.libsyn.com/category/Tech-Startup-VC-Cybersecurity-Energy-Science  Best of Tech: https://brt-show.libsyn.com/size/5/?search=best+of+tech   ‘Best Of' Topic: https://brt-show.libsyn.com/category/Best+of+BRT      Thanks for Listening. Please Subscribe to the AZ TRT Podcast.     AZ Tech Roundtable 2.0 with Matt Battaglia The show where Entrepreneurs, Top Executives, Founders, and Investors come to share insights about the future of business.  AZ TRT 2.0 looks at the new trends in business, & how classic industries are evolving.  Common Topics Discussed: Startups, Founders, Funds & Venture Capital, Business, Entrepreneurship, Biotech, Blockchain / Crypto, Executive Comp, Investing, Stocks, Real Estate + Alternative Investments, and more…    AZ TRT Podcast Home Page: http://aztrtshow.com/ ‘Best Of' AZ TRT Podcast: Click Here Podcast on Google: Click Here Podcast on Spotify: Click Here                    More Info: https://www.economicknight.com/azpodcast/ KFNX Info: https://1100kfnx.com/weekend-featured-shows/     Disclaimer: The views and opinions expressed in this program are those of the Hosts, Guests and Speakers, and do not necessarily reflect the views or positions of any entities they represent (or affiliates, members, managers, employees or partners), or any Station, Podcast Platform, Website or Social Media that this show may air on. All information provided is for educational and entertainment purposes. Nothing said on this program should be considered advice or recommendations in: business, legal, real estate, crypto, tax accounting, investment, etc. Always seek the advice of a professional in all business ventures, including but not limited to: investments, tax, loans, legal, accounting, real estate, crypto, contracts, sales, marketing, other business arrangements, etc.  

On this episode of The Founder's Sandbox, Brenda speaks with Chasity Lourde Wright. Chasity is inventor and founder of Infiltron  Software Suite LLC. Infiltron operates in the cybersecurity space; a Service disabled-Veteran owned and women-owned small business. Infiltron offers quantum-resistant cybersecurity solutions for decentralized digital identity, digital assets, and AI governance, utilizing proprietary post-secure encryption. Its patented technology integrates AI, blockchain, and quantum-resistant encryption to provide advanced cyber resilience, compliance enforcement, and real-time threat mitigation across multiple industries, including aerospace & defense, fintech, smart cities, and EVs.   Chasity, as inventor, speaks about her team and how creativity in the work place is necessary for  enhancing innovation on really tough problems like Cybersecurity. As the CEO of Infiltron, Chasity Lourde Wright is also a former USAF Aerospace Engineer, Intel Officer, and Cybersecurity Instructor with extensive experience in cybersecurity, AI governance, and national security. She was part of the team that developed reconfiguration capabilities for the USAF C-130 and contributed to the creation of the CMMC framework since its inception in 2019. Additionally, she has engaged in high-level cybersecurity and AI governance initiatives, including industry collaborations, government advisory roles, and proprietary innovations in quantum-resistant encryption, AI security, and blockchain-based compliance solutions. Her expertise extends beyond participating in NIST challenges, encompassing leading-edge cybersecurity development, policy influence, and defense sector innovations. You can find out more about Chasity and Infiltron at: https://www.linkedin.com/in/infiltronsoftwaresuite/ https://infiltron.net/     Transcript: 00:04 Hi, I'm pleased to announce something very special to me, a new subscription-based service through Next Act Advisors that allows members exclusive access to personal industry insights and bespoke 00:32 corporate governance knowledge. This comes in the form of blogs, personal book recommendations, and early access to the founder's sandbox podcast episodes before they released to the public. If you want more white glove information on building your startup with information like what was in today's episode, sign up with the link in the show notes to enjoy being a special member of Next Act Advisors. 01:01 As a thank you to Founders Sandbox listeners, you can use code SANDBOX25 at checkout to enjoy 25% off your membership costs. Thank you. 01:19 Welcome back to the Founder's Sandbox. I am Brenda McCabe, your host of this monthly podcast in which I bring entrepreneurs, founders, corporate directors, and professional service providers who, like me, want to effectuate change in the world by building resilient, scalable, and purpose-driven companies. I like to recreate a fun sandbox environment with my guests. And we will touch on not only their purpose, 01:47 and what has driven them to create their own businesses. But also we're going to touch upon topics such as resilience, purpose-driven, and scalable sustainable growth. Today, I am absolutely delighted to have as my guest Chasity Wright. Welcome, Chasity. Hey. Thank you for having me. 02:13 Super excited to talk about how Infiltron has evolved and the lessons learned and how we're preparing to relaunch in 2025. Excellent. And it's perfect timing because I've known you for a couple of years now. Yeah. Right. So Chasity is CEO and founder of Infiltron Software Suite, a company that's headquartered out of Atlanta. 02:40 She is oftentimes in Los Angeles because she's working largely in the defense market and cyber security. So I wanted to have you on my podcast because you have gone further in building your business. So you and I met, I want to say back in 2022, you came out of the Women Founders Network cohort. 03:08 kind of very early stage. One of the events that I was a host of was the Thai So Cal Women's Fund. And you weren't yet ready for investing, but we struck up, I would say a friendship and I admire many things about you as, and we'll get into it in the podcast here, but you touch. 03:35 quite a few or check of quite a few boxes for my podcast. You says, so you are a woman owned veteran and women owned business. You are a veteran of the Air Force. You're in deep tech and you're by park and queer. And so there's many many boxes that you check and it was difficult to kind of hone in on what I really wanted to bring into the podcast today, but we're going to we're going to start from here. 04:05 I always like to ask my guests to start with kind of their origin story. I, when I first met you, right, in private conversations, got to hear your origin story and why you do what you do, what your firsthand experience while on missions, right, that really informed your aha moments to create infiltrant. 04:33 as a cybersecurity company. So tell us a bit about your origin story, Chasity. So, I mean, my origin story has, if you can imagine all of these different paths kind of streamlining into one path. So one of those paths would be a little black girl born in Georgia, still seeing dirt roads and... 05:01 being able to go to the country and work on a farm and, you know, just still having that connection to the past, you know, and not necessarily the past in a bad way. So athletic, played ball in college, went to Clark Atlanta University, you know, the HBCUs are a big hurrah right now, but they've always been one. 05:29 I grew up with one in my backyard, Fort Valley State, which is in Fort Valley, Georgia. So, you know, roughed it with the boys, played in the backyard with the boys, always been a boys girl, cousins, neighbor. We're all still close. We all still play sports when we meet. So it's like an adult play date, so to speak. But also, you know, 05:58 raised religiously, you know, I'm in Southern Baptist Church, two parent household, maybe lower middle class, but middle school was very transformative for me because they decided to mix in everybody. So it was my first time, you know, being in a more diverse population in school. 06:25 And, you know, music is a big thing for me as well. I DJ, I make music. That's the creative part of me. And I found a lot of people in deep tech to do something with music. So, yeah, so, you know, that's my like early years background. And then coming through, I decided to go into the Air Force. I actually took off between my junior and senior year at Clark Atlanta. 06:52 Um, there I was majoring in global leadership and management. Okay. And went in and I was in for eight years. I was an aerospace engineer, uh, got deployed several times, uh, to different places, and that kind of brings us to why Infiltron exists and, um, on one of those deployments, I was a part of a network takedown. 07:21 And it was, whoo. I mean, I don't mean to quote the pitch deck story, but it is what it is. I wrote it because that's the way it felt. It was catastrophic. So just imagine the city of Los Angeles losing power out of nowhere. The rail stops working, Sinai has no power, so all of the medical equipment is no longer working. 07:49 The internet's completely gone and not rebooting like it normally would. Your energy grid is down. That is what I experienced in one of those deployments. And I was a part of Iraqi freedom and Afghanistan. I was a part of both of those wars. And when we came, you know, we got everything back. Thank God we were smart enough to ship. 08:19 brand new equipment. Okay, you know, so you know, we weren't able to get there. Yeah. I mean, I mean, that's part of our job. We're engineers. And when you're in the middle of nowhere, there's no calling HP. There's no calling Cisco. Like you got to know how to do what needs to be done. There was there was a lot of makeshifting. I can be I came out of Air Force, I could be a mechanical engineer to 08:45 because we had to figure out how to make components on the fly. It was just so many things. Innovation, right? Like you had to be innovative. You had to be adapt quickly while keeping the mission as a focus. So just imagine something that catastrophic and something similar has happened. I feel like Colonial Pipeline was something that is known now in the US for sure. 09:15 that had similar elements of what we experienced in being deployed. Yeah, and that was two years back. And SolarWinds is another one. I generally refer to those because people generally gasp, even non-technical people, because they know how damaging it was. So we can reuse. Normally, when the equipment goes down, 09:44 Unplug, right? Plug back in. Reboot. Yeah, reboot. But that was not happening. And what we found out in the debrief was that quantum was used. So quantum simplistically is about frequencies in this context. It's about frequencies. And frequencies matter in so many aspects of life, from spirituality all the way through tech like what Infotron has. So... 10:14 What they did was they basically zeroed out the frequencies of our satellite communications. And I believe that they created some frequencies that damaged other equipment. So these are things that again we found out in the debrief. And I wasn't really able to talk to that probably when we met because I wasn't sure if it was unclassified yet. 10:42 But as soon as Biden started talking about quantum initiative, which was back in 2022, when we were in, I was like, everything's hitting it the right time because we were literally in Techstars LA space. And Biden pushed the quantum initiative. And I'm like, see, told you, because a lot of people, a lot of people doubted what I was saying because of the year that I said it had happened. And as. 11:09 we started to grow out our team. There are other veterans on our team from different branches. And of course we war story swap all the time. And those other two people work for like NSA and they did kind of the same thing, telecommunications. And I'm telling the pitch desk story and they're sitting there like, yep, yep. That happened to us too. And I'm like, when? 11:38 And they're saying different years. So at that point, we understood it. It happened more than once. So that's why Infiltronic. So what's Infiltronic? So let's bring it back to, Yeah. So you leave, you leave service after eight years after also experiencing that. I still feel like I'm a part of it because I do consult them still. Right. So it'd be great. So. 12:08 And once in the Air Force forever? Always. Well, I really would have been in Space Force. Yes. Yeah. Well, you heard that here on the Founder Sandbox. The next, yes. So for my listeners, again, you check a lot of boxes. Deep tech, women in STEM. What is it exactly that? 12:37 your suite of services. All right. So Info-Trans software, right, has two patents now. And on your landing page, it says, our patented solutions, solutions utilize adaptive artificial intelligence, advanced quantum encryption and blockchain technology to deliver real-time cybersecurity for a wide array of applications. Later on, we'll get into smart cities, but 13:06 including the internet of things, smart devices, legacy systems, hybrid data, signals and devices. All pretty, pretty understandable, but what is it that Infiltrion software is able to do that others are not? So we're able to create a easier way for businesses to migrate their devices. 13:36 and their software, so their applications that they use, maybe they've developed them themselves, we provide a way for them to easily migrate those entities over into a more quantum-proofed infrastructure. So we created what we've trademarked as quantum encapsulation. So just imagine something being encapsulated. And basically we've created, 14:05 a brand new method of leveraging quantum, the AI, we leverage it for the pro-activeness. So in lieu of just waiting for threats to happen to our clients, we go look for the threat. So we want to go be where the bad guys are and find out and bring that information back and update the solution in real time to provide protection for all of our clients in real time. 14:33 That's how we leverage the AI. The blockchain is kind of leveraged to kind of make sure that people, things like devices, aren't on networks that shouldn't be. So it's kind of, I mean, we use it for what blockchain was pretty much basically developed for, and that's a ledger. So keeping up with the transactions of what's happening. 15:03 in a client's infrastructure. Fantastic. So it's largely a B2B business, yours, right? We do. We have B2B, but we've been approached several times here recently by consumers. Because now, because of the biometric protection aspect of our solution using the quantum encapsulation, we can protect, say, 15:32 Halle Berry from deep fake, being deep faked, or, you know, protecting her likeness from being used without her knowledge in movies, CGI'd into movies. So it's kind of getting a little bit more consumerish as we iterate, right? Yeah, and we were briefly speaking before the podcast recording, Chasity and I, and... 15:59 I've known her for years. She's a very private person, would not allow photographs. So I told my producer, I'm certain Whitney Chastity's not going to be sending us a picture, but you said yes, that you might, because you do have biometric, artificial intelligence, safeguards that can actually discover deep fakes, right? Yes, yes. Yep, if it didn't come from us, if it wasn't checked back from us, 16:29 It wasn't approved by the person. So it's kind of pretty much that simple. Amazing. Well, later on in the show notes, we will have how to contact you at Enfield Tron. So you are in the startup ecosystem. Again, you travel a lot. You're between Washington DC, Atlanta, Los Angeles, and actually the Bay Area. Yeah, the Bay Area. Right. So. 16:58 Revenue can be elusive, right? How? Especially in tech, and especially in these really large markets that I call deep tech. Deep tech and leading edge, bleeding edge, right? People don't know what they're actually buying, right? Or what they don't even, they probably don't even know that they have a need, right? What's been your strategy at Infiltron to keep the revenue flowing while maintaining also a pretty playful, innovative culture? 17:27 You talked about your team and so talk, that's kind of two questions. So how have you kept revenue coming, right? While not going out for dilutive funding yet, but tell us a little bit about how, what's your business model? So the business model in itself is set up for B2B and we also have a licensing element there. So if they, for instance, 17:56 a Fortune 500 company who has a cyber team, right? They have an internal cyber team. If they want to license out the patents that we have and kind of customize it or create or build off of those, use it as a baseline for what they need for their systems, we offer that as well. But let me just put it out there. But back to your question, how do we keep it fun? So the team... 18:25 The original team members, should I say. So we met about seven years ago at a place called the Gathering Spot in Atlanta. So the Gathering Spot is a community and they just opened one in LA and I do go to the one in LA too when I'm there. But it's a community of people, creatives from creative people to deep tech people like myself and everything in between. 18:55 We went to a black tech event at the gathering spot and found ourselves not being able to get into the actual room. So we ended up, because they have a bar and everything at the gathering spot. It's a social club too. It has a club aspect to it too, but you can network there, have meetings there, meet all types of people. I mean known people, I mean it's a great 19:25 great concept, shout out to Ryan. But we found ourselves at the bar, and we're looking at each other. We knew each other because we had been introduced by the Hellbrella person, Tracy. Yes, yes. Because they had done some things for her with a previous startup that she had, development-wise. So we're all sitting at the bar, and we're looking at each other like, but we're the real tech people. 19:55 We do it. It's like we don't really take people. Um, we can't even get in there. We like, we know the organizers and personally and everything. So let's start a company. Well, what we did was we launched, um, what we launched kit labs. And it was literally right down the street from the 20:23 and connect to the community. So we had, it's not far from the AUC and the AUC is where Morris Brown, Morehouse, Spelman and Clark Atlanta are. Got it. So a lot of times you would come in there and find some of the founders, cause this was founded by myself and like six or seven other black tech founders. The ones that were outside. Drinking like, you know. 20:53 That's where we had that conversation. You know, the conversation started at the bar, being outside of that first Black Tech meetup, so to speak, with Joey Womack, who is a part of Goody Nation, who we did get a 50K grant from back in 2020 through Google for Startups. Let me just say this so much. We were so interconnected. I mean, Atlanta is Wakanda. Don't let anybody tell you anything different. 21:21 It's definitely Wakanda. But literally, not even a mile away from the Gathering Spot, we opened up Kit Labs. It's a smart lab where we can tinker with stuff. We're engineers. We're tech people. We need something. We need a makerspace. We don't necessarily need a space that is compared. The Gathering Spot was a little bit more buttoned up. 21:46 And then what we needed, we needed to be able to throw things and make things. We had everything from like 3d printers to, um, VR, AR headsets. I mean, you, anything in tech. Innovative fun. It was in, is in that lab. Um, but that's where around today. So we dissolved it. So it's been dissolved. What one of, one of the founders, he unfortunately transitioned. Um, 22:15 So, you know, and he was kind of like the pillar of it. And it kept going for a while, but it was just a lot of people like myself, it was two female founders, Dr. Nashley Cephas, who herself is from Jackson, Mississippi. I'm shouting out everybody, right? She's from Jackson, Mississippi, and she bought 10 acres in downtown Jackson, Mississippi and started a nonprofit called Bean Pad. And he basically took the concept of what we were doing at Kit Labs and brought it to our hometown. So. 22:44 Um, and it's so funny. She actually founded it on my birthday. So I was like, okay, I can dig that. Um, uh, but, but no, but we're still connected. Everybody still works with each other. You know, if I have to come in and do some things around cyber for a contract or, you know, commercial or whatever client that they have, I do like we, we all kind of still work together on each other's things. So that has allowed you to bring in some revenues, right? 23:14 through its service context. Yeah. Oh, for sure. For sure. Consultant wise, cause they're like, I think people may look at Infotron and think that there's not a human touch piece there, but if you're dealing with me, there's always gonna be a human touch point there because we have to consult the client. We can't assume, you know, we cannot assume. 23:41 what you need, we have to actually have a conversation with our clients throughout the process, even after we possibly have set up the platform for you, trained your people on it, there still needs to be an element of communication, human communication, right? But the team, we've been working together for about seven years. Yes. 24:10 Infiltron has been around for five, going on six years now. So, you know, I mean, respect, mutual respect, we're still kids at heart. I mean, we grew up wanting to be engineers. So, you really can't take the light of innovation out of an engineer unless they're just at the point of not wanting to do it anymore. So we're always, what I've found is most people in any engineering discipline are very, 24:39 curious and forward thinking. So we, and we kind of, we're kind of like a community. We are community and not kind of like, but we are community of folks that contribute to each other's, you know, projects. Yeah. Mm-hmm. And not just, not just business-wise, but personally, like we, I mean, we've been around each other for almost a decade, so. 25:04 there's been kids born and like I just said, one of our founders transitioned, like we've been through some things together that have brought us closer together. And you can, I believe when you have a team like that, and we're all diverse, you know, we have a team like that that cultivates innovation, for sure. You know, I've had a few guests to my podcast and I also write about this, 25:35 Creativity is only possible or it's greatly possible when you create a fun environment and make games out of things and have, right? And set up teams. So I think a shout out to you and what you've set up at Infiltron and in its earlier rendering at Kit Labs, just creating an environment that allows for what ifs, right? Is key. There are a lot of what ifs in cyber. 26:04 I bet you there. So I have a boatload of questions here. One is, before we get into your fundraising path, again, I mentioned earlier you have two patents that have been issued. What is post-quantum encryption technology in layman language? Post. 26:32 Quantum encryption technology. So there is definitely confusion out there that has been addressed. And because there is a difference between post secure quantum and encryption. There's a difference. So. Excellent. 27:02 Post quantum encryption, it is designed to protect data from quantum computers. So. And that's done through the encapsulation? For us, that is how we provide the protection, the encryption. That is the quantum encapsulation is a method of encryption with Involtron. So the current encryption. So you have things like RSA. 27:32 elliptical curve, which elliptical curve is more widely used and kind of being marketed as quantum encryption. It is, it is, it's on the list of quantum protections, right, or quantum methods of encryption protection. So companies like Okta use ECC a lot. But what's happening is that quantum computers are being built now. Yes. Like right now, there's no... Yeah, the cost is going down. 28:02 Yeah, there's no waiting five years from now. Like I urge anyone under the sound of my voice to prepare now for quantum computer attacks. The same thing that I describe happening to us when we were deployed, it's gonna happen. And again, I alluded to feeling like 28:33 situations like Colonial Pipeline and SolarWinds were, I feel like they were tests because there were so many different elements of what we saw in the deployment that happened in those two cases. Yeah, because I'm sitting there and think it's like 2020, 2021, 2019 actually, it started. I think this didn't know, but. 28:59 And it's still going like 20, SolarWinds was still going, the last time I checked SolarWinds was still unraveling. Like it's still, still going. But back to the question. So for us, quantum encapsulation for us is breakthrough. So NIST has had these challenges, right? Where they put out bidding for companies, 29:27 researchers, because a lot of people that are in the quantum space, whether it's physics, mechanics, are generally found in academia. They're not at Infiltron. They're not at QED. They're just not there, right? It's very far in between, and we generally have to lure them. Or we have to do something like partner with them on... 29:53 grants, like the STTR grants. Like that's the only way, generally the only way that we can probably connect with the academia or pierce them and have them work with us. And they usually through that take all the funding, but it's, you're still. Exposed, right? You're exposed, but you're also getting the expertise that you possibly need and can't rightly find in the freelancing world. Yeah. So it generally works out in the long run. 30:23 Um, but so our encapsulation is a, is a breakthrough method because I look at it like this, NIST is holding these challenges and nothing against NIST. We're connected. I contribute to NIST and everything, but they are holding these challenges. And basically they're telling the hackers what people are going to the framework. 30:49 what people are gonna have to adhere to when they create their quantum algorithms to protect their devices and data. You know, you're giving away the secret ingredients. So like, even if they don't know specifically your algorithm, they know what you've based it off of. And that gives it like a tiny thread can unravel a whole t-shirt, right? So I look at it like that. So... 31:15 And even before, you know, we were already developing things before NIST put out these challenges. We are in alignment. We can adhere and do it here to the framework that they're putting out because, you know, you have the DOD space who definitely follows their framework, especially when it comes to the risk management framework. So they're going to follow NIST regardless. They're going to follow their framework, whatever they put out about cybersecurity protection. 31:44 The DOD space and all of its agencies are gonna follow that. However, being in the cybersecurity space every day, seeing what is happening and knowing that you've given some clues, some contextual clues to the malicious hackers about what you're using as a baseline to build your algorithms will, guess what? What we have is not that. Like we are... 32:12 One of the things that differentiates us right now, because I'm sure as quantum cybersecurity continues to grow legs, so to speak, people are gonna start using the more, less susceptible to hacks by quantum computers method. So you have things like multivariate hash code. So these are some of the 32:40 quantum properties that you can use that are not generally hackable by a quantum computer. They won't be hackable by a quantum computer. So we leveraged some of that. It was like, if I'm built, I looked at it like this, I've been in cyber, I've been in tech for almost 20 years. I know I don't look it. I get it all the time. You don't have to say it. I've been in tech for almost 20 years. I've been, and when I was in the air force, we call it InfoSec. It's the same thing. And that dates me. 33:08 If I say, if you hear somebody say InfoSec, trust me, they've been in cybersecurity for at least 20 plus years. So, but it's cybersecurity, that's what it is. And I've seen the changes and I've paid my dues too. Like I didn't, when I got out of the Air Force, I was just, side note, like I cut grass and loved it. I would go back and do it if I can make these results. So then like, it's very, it's very fulfilling. Don't let anybody fool you. Like I love, but I like being outside, but. 33:38 Um, my first tech job though, I literally went through the phone book. Cause this is like still, you know, internet was not quite what it is now, of course, but it was like still growing. And I went through the yellow pages and went through the aerospace companies and called all of them and was like, Hey, let's just get out of the air force, look for a job. I don't care if it's an intern or co-op and L3 L3 before they merged with Harris. Uh, 34:08 they created me a co-op. And, but again, still in touch with, cause you know, L3 is a huge government contracting company, right? And in the satellite communication space, cause they're in line with my background. And so I've seen it all. I've seen the changes of InfoSec into cybersecurity. And now we're entering a new frontier with quantum cybersecurity. So I've been here, 34:37 maybe at the latter part of the info set, but definitely through the cybersecurity and here for and to forge some guidelines and pathways in the quantum cybersecurity space with Inflotron. So when you know Inflotron was founded in 2019, I was like, okay, if I'm gonna start 35:03 something new in cyber and we hadn't even gotten to the quantum piece yet. They hadn't even gotten to me yet. Like it started like I was getting downloads. Yeah. Because I'm, I always, I'm a reader. I wake up looking at cyber news and just staying in the know because I need to know what's going on so I can protect my clients, whether that was me in a government contracting position or me as a consultant in my businesses. So. 35:33 I need to know what's going on. And if I'm going to build something new, why am I going to build it with compromised parts? Right. That's a great way to describe it. Yeah. Forget the tech. It didn't make logical sense. If I'm going to build something new, a SaaS product that's going to integrate and be flexible and adaptable and proactive. 36:01 Why would I use RSA encryption when I know what's coming? Got it. That will be one of the snippets that I share in my YouTube channel as well as the podcast. That is excellent. Why build something with compromised parts? Frontier technology, quantum cybersecurity is what Epfiltron is about. 36:30 Next generation. Talk to me a little bit more for us, less tech savvy listeners about the use of Infiltron in a SelleGov's program for smart cities. That kind of brings it more home and more tangible. How is technology used for smart cities? So first, SelleGov through leading cities. Yes. 36:59 It connects companies like ours with municipalities to tackle urban challenges. So for us, it's infrastructure, security, and sustainability. So we were a finalist in leading cities global competition back in 2021. And we've worked through them. You know, we've been able to work with city leaders to secure IOT systems and critical infrastructure. 37:28 And quick shout out to Michael Lake. Okay. He's the founder of Leading Cities, amazing guy. Another keep in touch, answer the email quickly person. He's based in Boston, but he's built a very supportive ecosystem. So shout out to Michael Lake. But as a part of this program, 37:56 We're offering smart cities our enhanced quantum vulnerability assessment. And this is to help the smart city leaders identify areas that need better quantum protections now. We've just had a session on November the 11th, Veterans Day. And the second one is coming up December the 5th. So you. 38:24 If you're a smart city leader or see so small, medium, large enterprise, no matter what market you in, you're in, definitely tap in. You can register for it on the leading city's website or on our website at Infotron.net. Yeah, that's on December 9, 2024 at 1pm. Is that Eastern? December 5th. December 5th? No, it's the 9th, because I have it here. And that's my cousin's birthday. So yeah, it's December 9th. 38:53 Did you get to influence those dates? Yeah. So let's jump into your startup. You've taken in very little dilutive funding. How much money have you raised to date? And how have you, what is the next phase, right? In terms of outreach for fundraising. So we've raised 120K and that was through Techstars, LA Space. 39:23 Still counting. I do not take a salary. I could take one, but I'm just, it's the long game for me. And I still consult. Don't let these people tell you not to quit your job and be an entrepreneur. Don't let people do that. Especially if you have a family. Don't let these people, don't let these people try to guilt you or shame you because you still have a job while you're building your startup. Don't let, don't do it. 39:53 Because I do have a company that I started called Right Tech Solutions and we still, that's why I said I still feel like I'm in the Air Force because I still consult them. So I can, you know, the revenue that we do and we've hit 500K in revenue. So you know, I could easily take a salary, right? But I just, it's the long game for me. It's the global expansion. 40:22 um, you know, more IP and patents, uh, protections, right? Because we do have global count clients. And, um, one of the things that I wanted to make sure of before we even took on the clients was that we had legal backing there. So IP trademarks, um, at least patent, at least the application is pending, but you know, like I want to, I want to, I want it to at least have that. And we have great attorneys. Um, shout out to Malika Tyson. 40:52 and Matthew and Dorian who have, they took over because I had a, I had an attorney, IP attorney that would, had her own boutique firm and then she had to go back, you know, she just couldn't do the entrepreneurship, it's not for everybody, but we still stay in contact as well. But she introduced me to McAndrews, they're based out of Chicago. 41:20 And they are the legal team for Impletron. I always tell them that when we're on calls, like you are the legal team. Like, yeah, anything that I need from them legal, legal wise, they do it. I literally just sent a partnership NDA over to Malekka this morning and she just sent it back to me. So like, that's not IP and trademark, right? But they do, they do it. And I always tell them how much I appreciate them because... 41:49 IP and trademarks are not free and they're not inexpensive. So, and then imagine, you know, we have one pending now in Japan. We just got one in Canada. So yeah, like it's expensive, you know, it's expensive. So a lot of the funding that we get now is going to be allocated to pay them, you know, even though they work with us. But it's going to be paying them. 42:18 doing some iterations, we have a partnership where there's some hardware that's gonna be involved. We're definitely tapping into the hardware. So we'll be forging our way there because people like things they can touch. SaaS isn't necessarily something that you can touch, although put it into a platform makes it a little bit more tangible for people, visual at least. So in the- 42:48 Yeah, I mean, hardware has always been a part of the vision. FBGAs, we have another colleague of mine, he has developed a cryptocurrency mining machine, and it leverages quantum. So it's mining at exponential speeds, right? Because generally what quantum does is speeds things up. It speeds exactly, in simplified terms. 43:18 Definitely still going after Sivers traditional government contracts globally. We participated in Fintech down in the Bahamas last October. Cause we are in the Fintech space and there's a lot of similarities between Fintech and Space Tech. Because when you're talking about fault zeros and being able to detect anomalies. 43:46 both of those markets need that and they need it quick. So we've been able to, yeah, like we've been able to leverage some of the things that we're learning in both of those for each other. So we've been able to participate in some conferences. We actually getting ready to go to Barbados in January for Fintech Islands, I'll be speaking about 44:14 the kind of the intersection of the quantum age and what's coming in respect to the fintech space, cryptocurrency, web three, traditional finance and AI, because we do leverage AI. And we've been in the AI space, Impletron has been in the AI space from the beginning. One of our advisors is an AI evangelist at AWS. I did say her name earlier on this podcast, but. 44:42 She's amazing. She's a Georgia Tech grad. We do have a few Georgia Tech people on the team, but she's amazing. And I'm able to tap her. I've been able to tap her because she was one of the Kit founders. So I've been able to tap her about AI and machine learning very early on. So all of the LLMs and the SLMs that everybody's kind of talking about, we've been doing. 45:11 Like even as small as we are, we've been. 45:16 Yeah, so, Chasity, how can my listeners contact or get information about Infotron? So, yeah, of course the website. So, infiltron.net. You can follow us on all of our socials at Infotron Software Suite. It might be, I think on Twitter is Infotron app. We wanted to keep it short. 45:41 And then, or you can email us at mfultronapp at gmail.com. And I know people are gonna be like, why you use Gmail? That's another filter. And that's an email that everybody on the team can look at and not be bombarded with, cause spam and it's just, everybody has their own email address, but. So you probably, it's a test environment for all of you. 46:09 beautiful quantum encryption that you're working on. Yes. And that's it all. One better way to start. Yeah, Gmail, right? Google knows a lot more about us than we'd like them to. Oh, Google knows everything. That's tough. Even when you turn location off. Oh, Instagram. I just posted something about Instagram. So Instagram's new. They just updated their policy maybe a month ago, maybe. 46:38 Okay. Whether you want to or not, they now have access to your photos, your GPS location, everything even if you say no, even if you turn it off, they still contract. 47:00 Just putting it out there guys. Yeah. So if you do platform. So there's cause to the platform. Right? Yes. Thank you. All right. We're coming down to the section of the podcast where I like to ask each of my guests what the following three words mean to you. Because this is what I do with my consulting business. 47:24 In addition to my podcast, I work with founders that are really building resilient, purpose-driven and scalable businesses. What's resilience mean to you, Chasity? Man, that's a word that I use. Uh, I mean, I'm, I mean, you gotta think about it. I'm black trying to raise money. It's hard for black people to raise money on top of that. I've been, you know, um, I've come face to face with people that didn't believe that I wrote my own patents. Like. 47:53 you know, as if black people didn't invent a lot of things, like that we still use today. Like, come on. I mean, it's just the truth. Resilience. Resilience for me is bending, but never breaking. Bending, but never breaking. Yeah. It's about, you know, adapting to challenges. I just mentioned some and facing them. Like you can't, you can't, and I'm about to sound 48:23 run from the pain, you gotta run towards it. So you can come out stronger on the other side. And it's not necessarily about survival, it's transformation. That's transformation. It's transformation. And that transformation is preparing you for what's next. And you'll be standing taller than you were before. Amazing, thank you. Purpose-driven, what's a purpose-driven? 48:53 Enterprises or? Yeah. I'm a visionary. So like, there's a lot of founders that I've met. If I have the opportunity to get close to them or kind of hear them speak about what they're building to include myself, because I do talk to myself about the things that I'm building. I counsel myself. I'm sure my ancestors are around me. 49:23 Purpose is, it should be intentional. I think that it's kind of interchangeable for me. But in the context of the question that you asked on purpose driven enterprise, so it's the heartbeat in what we build here at Infotron. I can definitely say that. It's creating meaningful solutions that solve real problems. And in solving those real problems, 49:52 you're still staying true to the mission. I still bring the aspect of the military into Infiltron. We are mission focused. We have fun. We do all the fun things, right? Because again, that cultivates innovation too. And it keeps it spicy. You need to let things be spicy because in a regular deglar cybersecurity job, you're probably bored. Like. 50:19 I mean, let's just be real. Like you're probably bored. You're probably looking at Excel spreadsheets and creating a report by hand from that. Like it's boring. Like, but you know, it's also making moves that matter. And it's solving problems that for me leave a legacy and just never losing sight of why we started in the first place. 50:48 So never lives in sight. Excellent. What about scalable? So how does- That's one of those BC's favorite words. That's right. Because that's what they want to see. How will you scale? That's right. I mean, I'm an investor too guys. Don't get it twisted. Like, I think that was a question that I did ask with one of the investors I had. Like, how are you going to get over that challenge? Like, before I give you this money. 51:18 Scalable. So growth, like we can think about growth in so many different ways, like growth, personal growth, because if you embark on the entrepreneur trick, you are going to be, and need to be open to growth. To me, entrepreneurship is a spiritual journey. Beautiful. 51:45 about the Southern Baptist roots, but I'm not spiritual. I'm a yoga, meditating, put my feet in the sand, grass grounding person nowadays, but still bringing that element of praying. And it's all the same to me. They just changed the name of God, right? Just that's my perspective, but growth isn't just about getting. 52:14 bigger. It's about getting better. And me speaking about the personal aspect, that is what growth is. It might not feel good, you know, while it's happening. But, you know, once you get through it and you can get in a reflective mindset and look back with what you just came through and be grateful, like find gratitude in it, you know. 52:43 That's how I look at growth. It's expanding mindfully and staying grounded in your values and making sure that every step that you take going forward strengthens the foundation that you've already built. And it's... 53:11 Like I said, it's moving with intention. And while you're moving with intention, you're also preserving the quality and the vision that define you. Which goes back to purpose-driven. Yes, thank you. Last question, Chasity. Did you have fun in the sandbox? Oh yeah, I mean, it's you. You know, we already have a great rapport. 53:38 I'll say this, one of my favorite memories of you is when you brought Ty to the table to kind of see if they were, could invest in Infiltron and it was too early. But we had to sign an NDA, it was some type of contract, but it was during Mercury retrograde. You said it before I said it, I was like, I wonder if she's onto this type. 54:05 Cause I wasn't going to sign it. I was going to try to delay it as much as possible, but you're like, no, let's wait, let's wait. So after Mercer, that's your great. Well, I was like, oh, these are this. She's my people. And I was like, and I think I responded like, let's wait five days. So it is no, it's like clear. So, um, that's a little fighter for me with you. Oh, I love it. I love it. Generally hear that in business. No, no. 54:32 And the Founder Sandbox again is a pretty eclectic podcast, bringing in deep tech founders like Chasity Wright that are on the frontier, bringing in what the future, will, it's the future's here. It's here. That's right. So to my listeners, if you like this episode with Chasity Wright, CEO and founder of Infiltron, sign up for the monthly release of 55:01 this podcast where founders, business owners, corporate directors, and professional service providers share their own experiences on building with strong governance, a resilient, scalable, and purpose-driven company to make profits for good. So signing off for this month, thank you, Chasity. Thank you, Brenda, so much. I hope to see you soon.  

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Shadowserver Foundation Alliance Director Tod Eberle about cybersecurity. Tod tells how his background as a prosecutor led to his interest in cybersecurity, how he encountered the non-profit Shadowserver Foundation, and how he left the public sector to work with them. He explains how Shadowserver provides actionable data to alert network owners and law enforcement of network vulnerabilities that need to be mitigated. He discusses trends in malware attacks, especially in ransomware. He shares his thoughts on ransomware threats of 2025 and the years to come. He provides tips on preparing your network against ransomware.   Listen to how you can harden your organization's network against malware attacks. Key Takeaways: [:01] About RIMS and RIMScast. [:14] Public registration is open for RISKWORLD 2025! RIMS wants you to Engage Today and Embrace Tomorrow in Chicago from May 4th through May 7th. Register at RIMS.org/RISKWORLD and the link in this episode's show notes. [:33] About this episode. We will discuss cybersecurity with Tod Eberle, the Alliance Director of the Shadowserver Foundation. [:55] RIMS-CRMP Workshops! On February 19th and 20th, there will be a two-day virtual workshop for the RIMS-CRMP led by former RIMS President Chris Mandel and presented by the RIMS Greater Bluegrass Chapter, the 2024 RIMS Chapter of the Year. [1:18] The next RIMS-CRMP-FED exam course will be held from February 4th through the 6th, 2025. Links to these courses can be found through the Certification page of RIMS.org and this episode's show notes. [1:34] Virtual Workshops! Chris Hansen will return on February 11th and 12th to lead the two-day course “Claims Management”. Gail Kiyomura of The Art of Risk Consulting will host the “Fundamentals of Insurance” virtual workshop on February 19th and 20th, 2025. [1:58] On February 26th and 27th, Elise Farnham of Illumine Consulting will lead “Applying and Integrating ERM”. “Managing Data for ERM” will be hosted by Pat Saporito. That course starts on March 12th, 2025. [2:20] A link to the full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [2:31] The RIMS Legislative Summit 2025 is back! It will be held on March 19th and 20th in Washington, D.C. Join RIMS for two days of Congressional meetings, networking, and advocating on behalf of the risk management community. [2:49] This event is open for RIMS members only so if you're not a member, join now! Visit RIMS.org/advocacy for registration details. [3:02] Interview! Our guest Tod Eberle is the Alliance Director of the Shadowserver Foundation, a non-profit security organization working altruistically behind the scenes to make the internet more secure for everyone. [3:15] Tod Eberle is with us to discuss the cybersecurity trends on his risk radar and the threats he wants risk professionals to be aware of as 2025 kicks into high gear. Shadowserver Alliance Director, Tod Eberle, welcome to RIMScast! [3:41] Justin saw that Shadowserver Foundation was promoted by the National Cybersecurity Alliance and he thought it would be great to have a follow-up on his appearance there. [3:54] Tod says the National Cybersecurity Alliance is a great organization. After working together with them for a year, they invited Tod to do a webinar. It was a great experience. [4:28] Tod's background is as a career prosecutor, starting as a county prosecutor in Western Pennsylvania in 1997. In 2004, Tod became a Federal Prosecutor in Pittsburgh for the U.S. Department of Justice. [5:00] In 2014, He transitioned over to the National Security and Cybercrime section in Pittsburgh. Pittsburgh was at the forefront of cyber investigations by both the U.S. Attorney's Office and the FBI. Tod wanted to be a part of that. [5:34] The Pittsburgh office has run investigations and issued indictments against Chinese Military Intelligence officers and Russian GRU officers for hacking. In 2014, Pittsburgh had the first criminal indictment of nation-state threat actors. [6:00] In that case, Chinese Military Intelligence PLA officers hacked into Pittsburgh companies Westinghouse, ALCOA, U.S. Steel, and United Steel Workers. Some forward-thinking folks at the FBI and the U.S. Attorney's Office, particularly U.S. Attorney David Hickton, focused on cyber. [6:29] That continued over the years until the present. [6:46] To begin an investigation, the FBI and U.S. Attorney's Office in Pittsburgh, need to have some aspect of an organization's criminal activity touch that district, the Western District of Pennsylvania. A national ransomware case with one victim in Pittsburgh can be investigated. [7:16] In the investigation of Russian GRU actors responsible for the destructive NotPetya malware attack, a district hospital's network was attacked and destroyed. They expanded the investigation and charging documents to include other attacks around the country. [7:58] In 2015 Tod was a prosecutor working with the FBI on an investigation. He was at Europol at the Hague in the Netherlands, a center that brings together investigators and prosecutors from different countries who investigate the same threat group through Europol and Eurojust. [8:33] Tod met the Shadowserver Foundation non-profit group at the Hague in 2015. They were helping, through free technical support to the takedown operation, to dismantle the infrastructure of a crime group, using sinkholing and other security measures. [9:08] Tod Joined the Shadowserver Foundation in January of 2023. He is the Shadowserver Alliance Director. As a small non-profit, everyone wears many hats. The Shadowserver Foundation is a 501(c)(3) in the U.S. and a separate non-profit legal entity in the Netherlands. [9:47] The Shadowserver Foundation started about 2004. It celebrated its 20th anniversary in 2024. It began as a loose group of volunteers made up of cybersecurity researchers and technical experts who came together to help network owners and law enforcement. [10:15] Over the years they became more structured and became a non-profit organization. It's an unusual non-profit organization working 100% in operations. It works in three core areas. First, it's the world's largest provider of free, actionable cyber threat intelligence. [10:45] Second, the Shadowserver Foundation does cybersecurity capacity-building around the world. Third, it also provides free support to law enforcement investigations and disruption operations with technical support and expertise. Those three things are its core mission. [11:07] Justin notes commonalities between RIMS cyber risk reporting and the Shadowserver Foundation's work. Shadowserver collects a vast amount of threat data daily. What are the patterns it sees for 2025? [11:29] Shadowserver Foundation can help organizations mitigate risks. It collects cyber threat data at its data center in California through internet-wide scanning, honeypot sensors, sinkholing operations, and collecting and analyzing malware samples. [11:57] Every day for free the Shadowserver Foundation takes that data and provides it to over 9,000 organizations around the world and to 201 National C-CERTs that cover about 176 countries. [12:13] These reports identify exposed, misconfigured, vulnerable, compromised instances or devices on networks that need patching. [12:25] The organizations that get Shadowserver's data can be anything from banks to hospitals, universities, K-12 school districts, ISPs, local, state, and federal governments, small, medium, and large businesses, Fortune 500s, and NGOs; just about anyone can sign up. [12:46] The idea behind this is that cyber security should be available to everyone, regardless of the ability to pay. Organizations can sign up at the Shadowserver Foundation website, and provide their contact information and network information with IP ranges and ASNs. [13:12] The Shadowserver Foundation does its due diligence and if everything checks out, it automates those reports to go out to the organization daily. About 9,000 organizations sign up directly to receive daily reports. [13:22] The Shadowserver Foundation also sends out data for entire countries to the national C-CERT designated to handle that in those countries. In the U.S., CISA gets hundreds of millions of events from them every day for all the U.S. It is the same around the world. [13:52] Tod says that some things never change. Networks are breached primarily through phishing attacks, malicious links or attachments, and social engineering. [14:09] One trend is a focus on vulnerabilities. Criminals exploit vulnerabilities in the network that aren't timely patched and before they are patched. Shadowserver gives organizations an external snapshot view of their networks just as criminals are scanning for themselves. [14:52] Cybercriminal groups increasingly leverage zero-day vulnerabilities to breach a network. A zero-day vulnerability is a flaw in software or hardware that's unknown to the vendor and has no patch. The vendor has had zero days to fix the vulnerability after it has been discovered. [15:16] That was the case with the Clop ransomware gang. In 2024, they started exploiting zero-day vulnerabilities in Fortra's GoAnywhere software. That continued in May, with them exploiting Progress Software's MOVEit file transfer application. [15:38] Very recently, in December, the Clop Ransomware group claimed responsibility for using a zero-day vulnerability in Clio's file transfer platform that breached victims' networks. [15:49] Cyber criminals extort victims and steal data with ransomware attacks. Risk managers in cybersecurity need to stay on top of critical vulnerabilities that often go unpatched. Those are often the easiest gateway into a network. [16:26] Plug Time! RIMS Webinars! Resolver will be joining us on February 6th to discuss “4 Themes Shaping the Future of GRC in 2025”. [16:38] HUB International continues its Ready for Tomorrow Series with RIMS. On February 20th, they will host “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025”. [16:54] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [17:06] Nominations are also open for the Donald M. Stuart Award which recognizes excellence in risk management in Canada. Links are in this episode's show notes. [17:17] The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved in part by its collaboration with risk management and insurance educators across the U.S. and Canada. [17:35] Since 2010, Spencer has awarded over $3.3 million in general grants to support over 130 student-centered experiential learning initiatives at universities and RMI non-profits. Spencer's 2026 application process will open on May 1st, 2025, and close on July 30th, 2025. [17:58] General grant awardees are typically notified at the end of October. Learn more about Spencer's general grants through the Programs tab at SpencerEd.org. [18:08] Let's Return to the Conclusion of My Interview with Tod Eberle of Shadowserver! [18:49] Justin notes that In December of 2024, China attackers breached the Committee on Foreign Investment in the U.S. That is the government office that assesses foreign investments for national security risks. [18:58] China also targeted the Treasury's Sanctions Office after it sanctioned a Chinese company for its alleged role in cyberattacks. [19:14] Tod thinks we should acknowledge that this is nothing new and nothing we should be surprised about. It's been going on for many years and it's going to continue. Justin was in the Federal government in 2013 and 2014. [19:32] In 2015, it was announced that the U.S. Office of Personnel Management had been breached. Personal sensitive data for 42 million people were stolen. [19:44] In May 2014, five Chinese military officers were indicted for computer hacking and economic espionage against companies based in Pittsburgh. This is nothing out of the ordinary. Unfortunately, indictments don't seem to have a deterrent effect. [20:21] Countries can deny the charges of hacking even with strong evidence of their involvement. [20:37] There are different types of hacking, with different types of motivation. There is traditional espionage against U.S. government agencies. There is theft of intellectual property with nation-states trying to gain a commercial advantage in business. [21:23] There are destructive hacks by nation-state actors, like the NotPetya attack, or attacks on the Ukrainian power grid and banking systems in 2015 and 2016. [21:36] The Volt Typhoon threat actor group and its access to the U.S. critical infrastructure is one of the greatest national security concerns because of its potential to disrupt everything from water to power, to food, to transportation. [22:10] The ripple effect that can come from those disruptions would be enormous. The Colonial Pipeline ransomware attack of a few years ago affected fuel supplies, commerce, and the prices of goods. [22:31] Nation-state hacking is no longer just a concern for government agencies and companies that do business internationally, but it's now a concern for all of society. There's the potential to affect the daily lives of innocent civilians through attacks on critical infrastructure. [23:16] Tod mentions another 2014 indictment out of Pittsburgh, on the GameOver Zeus Botnet takedown. Part of that was a crypto locker ransomware disruption. This was in the infancy of ransomware, for $300 ransoms. Now ransom demands are in the tens of millions of dollars. [23:53] We have seen a huge evolution in ransomware. It's not going away. One thing we're seeing is bypassing data encryption and focusing on data theft. It's easier and less time-consuming for the threat actors because they don't have to map out the network. [24:41] If a victim company had good backups and easy restoration, that was an issue ransomware actors had to deal with, so why would the threat actors bother with that? They just focus on easy data theft and extortion of ransom for the data. [25:04] Tod thinks we will continue to see extortion. Ransomware continues to be the greatest concern for companies. The use of AI has been increasing both for defenders and attackers.  [25:14] A new ransomware group, FunkSec, is claiming large numbers of victims of extortion, encryption, and data theft. They seem to have ransom demands of less than $10,000. They have sold stolen data. Researchers think this is a less experienced group using AI to write code. [27:22] Shadowserver's very talented team collects the data. It's free. They want to get it into the hands of those who can use it. The reports identify things that are seen to be misconfigured or unnecessarily exposed to the internet. Sometimes they can show if something is compromised. [28:12] Shadowserver designates the events by severity level so the end user can prioritize their patching and address first the ones that are most critical and severe. The reports act both as an early warning system and a victim notification system if a device is seen to be compromised. [28:59] The network owner needs to remediate that and patch it before further exploitation like a ransomware attack can occur. [29:07] Shadowserver has two ways to detect that a device is compromised. The first is if they have indicators that tell them a device on the network is compromised. The second is with their support for law enforcement, law enforcement may share sensitive data with Shadowserve. [29:32] When law enforcement does a takedown and they get victim identification data like IP addresses, they must do victim notification. Law enforcement isn't scaled to do victim notification for hundreds of thousands of users. Shadowserver helps them with notifications. [30:48] Shadowserver is very careful to share data responsibly. Company A will get the data they have for Company A and it won't be shared with Company B and vice versa. Shadowserver views the data as belonging to that network owner. [31:08] If a company authorizes Shadowserver and wants them to share their data with a third party, Shadowserver will happily do it. There are several companies with MSSPs to manage their security. If the company asks, Shadowserver will send the data to their MSSP. [31:43] As a small, non-profit organization, not everyone has heard of the Shadowserver Foundation. They want people to know they have this data and they want to share it. It could be relevant for cyber insurance companies' due diligence, with the insurance applicant's consent. [32:20] It's important because those reports can show whether a network has remained healthy and secure over time. Tod would love to see Shadowserver be able to help more in the risk mitigation areas. [32:56] Special thanks again to Shadowserver Foundation's Tod Eberle for joining us here on RIMScast! Check out this episode's show notes for links to the Shadowserver reports we mentioned. [33:07] Be sure to tune in next week for Data Privacy Day! We've got a special episode with James Burd, Chief Privacy Officer of the Cybersecurity and Infrastructure Security Agency (CISA). That's going to be a good one! [33:22] More RIMS Plugs! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. [33:50] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [34:07] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [34:25] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more.  [34:41] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [34:55] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [35:03] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RIMS Risk Management magazine RISKWORLD 2025 — May 4‒7 | Register today! RIMS Legislative Summit — March 19‒20, 2025 Nominations for the Donald M. Stuart Award Spencer Educational Foundation — General Grants 2026 — Application Dates RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy Shadowserver Foundation National Cybersecurity Alliance RIMS Webinars: RIMS.org/Webinars “4 Themes Shaping the Future of GRC in 2025” | Sponsored by Resolver | Feb. 6, 2025 “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025” | Sponsored by Hub International | Feb. 20, 2025 Upcoming Virtual Workshops: “Claims Management” | February 11‒12, 2025 | Instructor: Chris Hansen “Fundamentals of Insurance” | Feb. 19‒20, 2025 “Applying and Integrating ERM” | Feb. 26‒27 “Managing Data for ERM” | March 12, 2025 See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Upcoming RIMS-CRMP Prep Virtual Workshops: “Stay Competitive with the RIMS-CRMP | Presented by the RIMS Greater Bluegrass Chapter” February 19‒20, 2025 | Instructor: Chris Mandel Full RIMS-CRMP Prep Course Schedule Full RIMS-CRMP Prep Course Schedule   Related RIMScast Episodes: “Kicking off 2025 with RIMS CEO Gary LaBranche” “Year In Risk 2024 with Morgan O'Rourke and Hilary Tuttle” “AI and Regulatory Risk Trends with Caroline Shleifer” “Cybersecurity Awareness and Risk Frameworks with Daniel Eliot of NIST” (2024)   Sponsored RIMScast Episodes: “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail' | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS Vice President Manny Padilla!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Tod Eberle, Shadowserver Foundation   Production and engineering provided by Podfly.  

Transport Topics is the news leader in trucking and freight transportation. Today's briefing covers Daimler Truck resuming diesel sales in Oregon, United Rentals acquiring H&E Equipment Services, and Colonial Pipeline shutting down its major fuel line over a potential leak. Learn more about your ad choices. Visit podcastchoices.com/adchoices

In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of Casey Ellis, Founder and CSO at Bugcrowd, tell the story of the largest critical infrastructure ransomware attacks in history: The Colonial PipelineOn May 7, 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack that impacted computerized equipment managing the pipeline. The Colonial Pipeline Company halted all pipeline operations to contain the attack. Overseen by the FBI, the company paid the amount that was asked by the hacker group (75 bitcoin or $4.4 million USD) within several hours; upon receipt of the ransom, an IT tool was provided to the Colonial Pipeline Company by DarkSide to restore the system. However, the tool required a very long processing time to restore the system to a working state.This episode was written by the talented Nathaniel Nelson.Casey Ellis can be found on LinkedIn here.

Welcome to our first SPECIAL EPISODE where we cover breaking news as it happens. Today we catch up with Joe Uchill, senior reporter at SC Media, to discuss the Colonial Pipeline ransomware attack making headlines this week and why we continue to see escalating attacks in frequency, ransom demands and high value targets such as critical infrastructure. Joe shares insights from his many years reporting from the cyber front lines speaking with government, regulatory, industry and hacking groups on what it would take to decrease the financial incentive and increase the criminal risk to make ransomware an undesirable pursuit. Spoiler alerts….ransomware gangs make mistakes and often hit “accidental” targets, regulating cryptocurrency is just as hard as it sounds, and while ransomware task forces can't agree on the most effective solution(s) to mitigate ransomware, most agree global cooperation would be at the top of the list! For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e312

Podcast: IoT Security PodcastEpisode: Building a Bridge Across the Divide: The Intersection of IT and OT Cybersecurity with Mike HolcombPub date: 2024-12-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEmphasizing the importance of collaboration and communication, Mike Holcomb shares his extensive experience and practical insights into securing ICS and IoT environments. Holcomb, ICS/OT cybersecurity global lead at Fluor, stresses mastering basic cybersecurity fundamentals and asset inventory, along with the nuances of integrating IT and OT security. The episode aims to bridge gaps between IT and OT teams to fortify defenses against sophisticated cyber threats.Listeners will gain valuable insights into critical takeaways, including:Real-World Impact of Cyber Attacks: Mike explains how high-profile incidents, such as Colonial Pipeline and Triton, highlighted the physical consequences of cyber threats, making clear that OT security is a top priority for critical infrastructure.Bridging the IT-OT Divide: The discussion underscores the need for IT and OT teams to collaborate, as a lack of communication and understanding can leave vulnerabilities open to exploitation.Achievable Defense Strategies: From basic network segmentation to secure remote access, Mike provides practical, accessible steps to strengthen ICS/OT security without overwhelming smaller teams. Let's connect about IoT Security!Follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Emphasizing the importance of collaboration and communication, Mike Holcomb shares his extensive experience and practical insights into securing ICS and IoT environments. Holcomb, ICS/OT cybersecurity global lead at Fluor, stresses mastering basic cybersecurity fundamentals and asset inventory, along with the nuances of integrating IT and OT security. The episode aims to bridge gaps between IT and OT teams to fortify defenses against sophisticated cyber threats.Listeners will gain valuable insights into critical takeaways, including:Real-World Impact of Cyber Attacks: Mike explains how high-profile incidents, such as Colonial Pipeline and Triton, highlighted the physical consequences of cyber threats, making clear that OT security is a top priority for critical infrastructure.Bridging the IT-OT Divide: The discussion underscores the need for IT and OT teams to collaborate, as a lack of communication and understanding can leave vulnerabilities open to exploitation.Achievable Defense Strategies: From basic network segmentation to secure remote access, Mike provides practical, accessible steps to strengthen ICS/OT security without overwhelming smaller teams. Let's connect about IoT Security!Follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

In this in-depth conversation, Jason Waits, Chief Information Security Officer (CISO) at Inductive Automation, provides a comprehensive exploration of Industrial Control System (ICS) cybersecurity. With decades of experience securing critical infrastructure and navigating the complexities of Operational Technology (OT) environments, Jason offers actionable insights into the current state and future of cybersecurity in industrial sectors like manufacturing, energy, and water treatment.The discussion begins with an overview of what makes ICS cybersecurity distinct from traditional IT security. Jason explains how OT systems prioritize availability and safety, presenting unique challenges compared to the confidentiality-driven focus of IT. The conversation highlights key vulnerabilities in ICS environments, such as legacy systems that lack modern security features, poorly designed protocols without encryption, and the risks posed by IT/OT convergence.Jason dives into common attack vectors, including social engineering (phishing), lateral movement from IT to OT networks, and physical access breaches. He explores real-world case studies like the Colonial Pipeline ransomware attack, the Oldsmar water treatment plant hack, and the Stuxnet worm, illustrating how these vulnerabilities have been exploited and the lessons they offer for building stronger defenses.The video also emphasizes the critical role of compliance and standards, such as ISA/IEC 62443, the NIST Cybersecurity Framework, and CIS Controls. Jason underscores the difference between compliance and real security, advocating for a "security first, compliance second" philosophy to ensure that organizations focus on mitigating actual risks rather than merely checking regulatory boxes.As the conversation unfolds, Jason discusses the role of vendors and OEMs in securing ICS environments, detailing how Inductive Automation uses proactive measures like Pwn2Own competitions, bug bounty programs, and detailed security hardening guides to improve the security of their products. He highlights the importance of collaboration between vendors and customers to address challenges like long equipment lifecycles and the growing adoption of cloud services.Emerging technologies also take center stage, with Jason exploring how artificial intelligence (AI) is transforming threat detection and response, while also enabling more sophisticated attacks like personalized phishing and adaptive malware. He addresses the implications of IT/OT convergence, emphasizing the need for collaboration between traditionally siloed teams and the importance of building shared security frameworks.For organizations looking to strengthen their cybersecurity posture, Jason offers practical steps, starting with foundational measures like asset management and configuration baselines. He explains how leveraging free resources, such as CIS Benchmarks, and creating a roadmap for cybersecurity maturity can help organizations of all sizes navigate these challenges, even with limited budgets.Timestamps0:00 – Introduction and Overview of ICS Cybersecurity3:15 – Meet Jason Waits: Background and Journey to CISO6:45 – What Is ICS Cybersecurity? Key Differences Between IT and OT10:30 – The Importance of Availability and Safety in OT Systems13:50 – Challenges of Legacy Systems and Long Equipment Lifecycles17:20 – Attack Vectors: Social Engineering, Lateral Movement, and Physical Access20:10 – Case Studies: Colonial Pipeline, Oldsmar Water Treatment Plant, and Stuxnet25:35 – Compliance vs. Security: Jason's “Security First, Compliance Second” Philosophy30:00 – The Role of Vendors and OEMs in Cybersecurity34:45 – Inductive Automation's Approach: Pwn2Own, Bug Bounties, and Security Hardening Guides40:00 – Emerging Technologies: AI in Threat Detection and the Risks of Sophisticated Phishing45:10 – The Growing Adoption of Cloud in ICS and Its Implications50:00 – IT/OT Convergence: Opportunities and Challenges55:15 – Practical Steps for Organizations: Asset Management and Roadmaps1:00:10 – Building a Security Culture: Collaboration Between IT and OT Teams1:05:30 – Future Outlook: Increasing Regulations, Ransomware Risks, and Innovation1:10:00 – Using Cybersecurity as a Competitive Advantage1:15:00 – Closing Thoughts: The Need for Continuous Learning and Proactive ActionAbout Manufacturing Hub:Manufacturing Hub Network is an educational show hosted by two longtime industrial practitioners Dave Griffith and Vladimir Romanov. Together they try to answer big questions in the industry while having fun conversations with other interesting people. Come join us weekly! ******Connect with UsVlad RomanovDave GriffithManufacturing HubSolisPLCJoltek

Unlock the secrets of a successful career in cybersecurity with our guest, David Gee, a recently retired industry veteran and author of "The Aspiring CIO and CISO." Amazon: https://a.co/d/9FCsBQR Packt (includes a promotion for the e-book version!): https://www.packtpub.com/en-us/product/the-aspiring-cio-and-ciso-9781835469194?srsltid=AfmBOooJFrNzjkRT_cLx3ux-ErfFownjl1EMB-dTupfrpBtI7QMw8103David takes us on a captivating journey through his diverse career, sharing transformative experiences from working across the US, China, Japan, and Australia. Discover how he navigated the complexities of being a CIO and CISO in different industries, and learn from his unique insights into continuous learning and adaptability. David also unveils the SKB (Skills, Knowledge, Behavior) assessment tool he used to foster talent development and promote diversity at Eli Lilly Japan.In our engaging conversation, we discuss the evolving role of a modern CISO, where the balance between technical know-how and soft skills is crucial. David, Cody, and Aaron dive into common misconceptions about the CISO role, particularly the narrow focus on technical skills alone. Through anecdotes about bot attacks and the Colonial Pipeline incident, we highlight the critical need for strategic thinking, stakeholder management, and effective communication. These stories underscore the importance of having a well-rounded skill set to thrive in the cybersecurity realm.As we wrap up, we reflect on the art of making career decisions that resonate with one's passion and promote long-term growth. The implementation of SecureCard Warrior at HSBC serves as a case study for setting clear objectives and achieving data-driven outcomes. David generously shares personal insights about aligning career choices with personal values and finding true fulfillment. Join us in this enlightening episode, where we celebrate David's global perspectives and express our deep appreciation for his valuable contributions to the cybersecurity community.

In this episode of the Energy News Beat Daily Standup - Weekly Recap, the hosts, Stuart Turley and Michael Tanner discuss key energy market trends, including backlash against EV mandates, rising interest in traditional combustion engines due to cost concerns, and hedge funds shifting investments from green energy to fossil fuels. They highlight political influences on climate policies, the underperformance of climate investments despite stimulus efforts, and upcoming financial challenges for BP and Shell. Additionally, they discuss the potential $10 billion sale of Colonial Pipeline, its strategic importance, and conspiracy theories surrounding it. Lastly, they detail Ford's significant financial losses on EV sales, emphasizing the need for more viable hybrid models.Highlights of the Podcast00:00 - Intro01:14 - Biden's EV Mandate Is Backfiring As Consumers Rebel Against Electric Cars04:56 - Investors Turn To Fossil Fuels As Green Energy Falters On Costs, Reliability07:21 - Watchdog: Biden-Harris Allegedly Buried LNG Emissions Study, GOP Wants Answers11:38 - BP and Shell Brace for Profit Drop13:29 - Colonial Pipeline Weighs Sale at $10 Billion-Plus Value15:30 - Ford Lost Another $58K For Every EV Sold In Third Quarter, Or $1.2 Billion17:21 - OutroPlease see the links below or articles that we discuss in the podcast.Biden's EV Mandate Is Backfiring As Consumers Rebel Against Electric CarsInvestors Turn To Fossil Fuels As Green Energy Falters On Costs, ReliabilityMany roadblocks delay journey to zero carbon worldBP and Shell Brace for Profit DropColonial Pipeline Weighs Sale at $10 Billion-Plus ValueFord Lost Another $58K For Every EV Sold In Third Quarter, Or $1.2 BillionFollow Stuart On LinkedIn and TwitterFollow Michael On LinkedIn and TwitterENB Top NewsEnergy DashboardENB PodcastENB SubstackENB Trading DeskOil & Gas Investing In 2024– Get in Contact With The Show – 

In this episode of the Energy News Beat Daily Standup, the host, Stuart Turley discussed pressing energy and economic issues. He highlighted concerns about UK nuclear plant closures raising energy costs, a German city opting for diesel buses over more costly electric options, and the potential $10 billion sale of Colonial Pipeline, stressing its significance to U.S. infrastructure. Turley also critiqued the Biden-Harris electrification policy for spiking household energy costs, advocating for natural gas and nuclear power as cost-effective solutions. He concluded with political commentary on the U.S. election forecast, urging voter participation and support for investment opportunities with tax benefits.Highlights of the Podcast00:00 - Intro01:15 - UK nuclear plant closures threaten energy bill reductions03:04 - German City Chooses Diesel Buses Over Electric, Cites High Costs Even After Subsidies04:51 - Colonial Pipeline Weighs Sale at $10 Billion-Plus Value06:53 - Biden-Harris Electrification Push Spiked Household Energy Costs, DOE Data Reveals09:00 - ‘World's most accurate economist' predicts US election outcome11:33 - OutroPlease see the links below or articles that we discuss in the podcast.UK nuclear plant closures threaten energy bill reductionsGerman City Chooses Diesel Buses Over Electric, Cites High Costs Even After SubsidiesColonial Pipeline Weighs Sale at $10 Billion-Plus ValueBiden-Harris Electrification Push Spiked Household Energy Costs, DOE Data Reveals‘World's most accurate economist' predicts US election outcomeFollow Stuart On LinkedIn and TwitterFollow Michael On LinkedIn and TwitterENB Top NewsEnergy DashboardENB PodcastENB SubstackENB Trading DeskOil & Gas Investing In 2024– Get in Contact With The Show –

In this week's episode, Anne Hancock Toomey chats with Rhonda Brandon, the dynamic Chief Human Resources Officer at Duke University Health System. Rhonda's unconventional and remarkable journey takes us from her roots in Richmond, Virginia, through pivotal roles at IBM, Nike and Colonial Pipeline, to her transformative work at Duke Health. With humor and heart, Rhonda reveals how faith, family and fierce determination shaped her career, highlighting key moments such as a game-changing revelation at IBM, balancing burnout at Nike and navigating change management at Duke University Health System. Through personal anecdotes, Rhonda emphasizes authenticity and the necessity of nurturing one's spirit. The episode concludes with a fun lightning round, providing a glimpse into her personal quirks and inspirations. Tune in for laughs, leadership lessons and a lot of heart! 03:44 Lessons from Parents and Early Career 06:04 First Job Experiences 09:40 Defining Moments at IBM 13:19 Career at Nike and Burnout 18:26 Joining Colonial Pipeline 21:29 Transition to Healthcare 25:28 Building a Cohort and Embracing Change Management 27:15 Key Principles of Change Management 29:13 The Call from Duke and Defining the Job 36:16 Family, Faith, and Personal Reflections 44:17 Lightning Round: Fun and Personal Insights Learn more about your ad choices. Visit megaphone.fm/adchoices

rev 1 The Colonial Pipeline incident in 2021 has acted as a call to action that critical infrastructure can suffer attacks. Today, we look at lessons learned and how to improve cyber resilience. One main takeaway is that the government provides resources and support for smaller entities. Cheri Caddy mentions a wide range of organizations that can help. She includes the “usual suspects” like CISA and NIST, but she goes beyond. She suggests that private companies develop relationships with local FBI offices to know what steps to take in case of an emergency. Brendan Peter from Security Scorecard highlights the importance of continuous risk assessment. One essential element in this process is evaluating the impact of policies. In other words, has the policy reduced cybersecurity risk at all? This discussion reflects the federal and commercial response to a major infrastructure incident.  

In this episode of CISO Tradecraft, host G Mark Hardy interviews cybersecurity lawyer Thomas Ritter. They discuss key legal topics for CISOs, including regulatory compliance, managing third-party risk, responding to data breaches, and recent legislative impacts. Thomas shares his journey into cybersecurity law and provides practical advice and real-world examples. Key points include the challenges of keeping up with evolving regulations, the intricacies of vendor management, and the implications of recent Supreme Court rulings. They also touch on major breaches like SolarWinds and Colonial Pipeline, exploring lessons learned and the importance of implementing essential security controls. Thomas Ritter - https://www.linkedin.com/in/thomas-ritter-2b91014a/ Transcripts: https://docs.google.com/document/d/1EvZ_dOpFOLCSSv5ffqxCoMnLZDOnUv_K Chapters 00:00 Introduction to CISO Tradecraft 00:48 Meet Thomas Ritter: Cybersecurity Lawyer 03:48 Legal Challenges for CISOs 04:54 Managing Third-Party Risks 13:01 Understanding Legal and Statutory Obligations 15:57 Supreme Court Rulings and Cybersecurity 32:57 Lessons from High-Profile Cyber Attacks 38:32 Ransomware Epidemic and Law Enforcement 43:30 Conclusion and Contact Information

In this episode of CISO Tradecraft, host G Mark Hardy interviews cybersecurity lawyer Thomas Ritter. They discuss key legal topics for CISOs, including regulatory compliance, managing third-party risk, responding to data breaches, and recent legislative impacts. Thomas shares his journey into cybersecurity law and provides practical advice and real-world examples. Key points include the challenges of keeping up with evolving regulations, the intricacies of vendor management, and the implications of recent Supreme Court rulings. They also touch on major breaches like SolarWinds and Colonial Pipeline, exploring lessons learned and the importance of implementing essential security controls. Thomas Ritter - https://www.linkedin.com/in/thomas-ritter-2b91014a/ Transcripts: https://docs.google.com/document/d/1EvZ_dOpFOLCSSv5ffqxCoMnLZDOnUv_K Chapters 00:00 Introduction to CISO Tradecraft 00:48 Meet Thomas Ritter: Cybersecurity Lawyer 03:48 Legal Challenges for CISOs 04:54 Managing Third-Party Risks 13:01 Understanding Legal and Statutory Obligations 15:57 Supreme Court Rulings and Cybersecurity 32:57 Lessons from High-Profile Cyber Attacks 38:32 Ransomware Epidemic and Law Enforcement 43:30 Conclusion and Contact Information

The savange ransomware attack of Colonial Pipeline was close to bringing travel in the United States to a standstill. Created, Produced & Hosted by Keith Korneluk Written & Researched by John Phillips Mixed & Mastered by David Swope Theme Song You Are Digital by Computerbandit

  What does innovation look like in the oil and gas industry, particularly in the midstream sector? In this episode of Innovation Storytellers Show, Susan Lindner introduces Dr. Mariah Judd, the Director of Innovation at Colonial Pipeline Company, to explore this intriguing question. Dr. Judd delves into the vital role Colonial Pipeline plays as a key national infrastructure, supplying fuel to millions of Americans. She emphasizes the company's commitment to future energy needs through innovation. With a rich background stemming from her Ph.D. at Purdue University and experience in alternative energy and energy transition, Dr. Judd brings a wealth of knowledge to the conversation. She discusses the concept of 'midstream' in the oil industry, highlighting Colonial's efforts to enhance efficiency, optimization, and safety. From innovative leak detection and prevention technologies to ambitious projects in carbon capture and reduced emissions, Colonial Pipeline is paving the way for a sustainable energy future. Dr. Judd also shares insights on fostering a culture of innovation within large organizations. By adopting a human-centric approach, Colonial encourages employees to embrace an innovative mindset, supporting continuous improvement and breakthrough thinking. This agile, open-minded strategy aligns innovation efforts with the company's strategic goals, enabling purposeful progress without rigid preconceptions. Join us as we explore the complexities and opportunities of midstream innovation and discover how Colonial Pipeline is positioning itself at the forefront of energy transformation.  

The changing face of war makes it difficult for investors to identify exactly when war begins, when it ends, and when the right time is to implement a war-time investment strategy. Associate Market Strategist Daniel Ortwerth joins Phil Adler to offer some guidance.

It's Monday, February 12th, A.D. 2024.  This is The Worldview in 5 Minutes heard at www.TheWorldview.com.  I'm Adam McManus.  (Adam@TheWorldview.com) By Adam McManus Indian pastor beaten unconscious A group of Christians in India were physically assaulted by members of Hindutva organizations which champion nationalist Hindu philosophy, reports The Christian Post. On January 21st, Pastor Mahesh Mahananda claimed that he and the group of Christians were ambushed by people brandishing sticks at approximately 5:30 p.m. while they were returning from a lunch gathering in the Chhattisgarh state.  The perpetrators were the same people who had been participating in Rama temple rallies regularly. Sadly, Pastor Mahananda was rendered unconscious by the attack leading to his hospitalization. In Matthew 10:22, Jesus said, “You will be hated by everyone because of Me, but the one who stands firm to the end will be saved.” China looking to cyber attack U.S. civilian infrastructure imminently Last week, FBI Director Christopher Wray told Congress that the Chinese government is planning cyber attacks on America's civilian infrastructure in the near future, that would cripple the U.S. society, reports RealClearPolitics.com. Listen. WRAY: “There has been far too little public focus on the fact that [People's Republic of China] hackers are targeting our critical infrastructure, our water treatment plants, our electrical grid, our oil and natural gas pipelines, our transportation systems, and the risk that poses to every American requires our attention now. “China's hackers are positioning on American infrastructure in preparation to wreak havoc and cause real world harm to American citizens and communities. If and when China decides the time has come to strike.” Talk show host Steve Malzberg asked Gordon Chang, a Chinese expert who lives in New Jersey and the author of The Great U.S.–China Tech War, what he thought. MALZBERG: “On a scale from 1 to 10, how serious a threat is it for what he's describing to actually happen?” CHANG: “Oh, about a 20 maybe. This is something which is not a theoretical threat because on November 25, Iranian hackers took control of part of a water system in Aliquippa, Pennsylvania, which is close to Pittsburgh. The workers were able, through manual means, to get back control of their water. But that showed you what can happen. “Right after that, other utilities, about four others, were hit by hackers. We know that last year there were Chinese hacks on oil pipelines in the U.S. Hospitals, in November in the United States, were hit in Texas, Mexico, Oklahoma, and my state of New Jersey. We also can't forget May 2021 when Russian ransomware attackers took down the Colonial Pipeline, disrupting airline services and U.S. car traffic on the East Coast.” Special Counsel calls Biden “well-meaning, elderly man with a poor memory,' brings no charges Special Counsel Robert Hur, appointed by Attorney General Merrick Garland, described President Biden as a "sympathetic, well-meaning, elderly man with a poor memory." Hur said he would not bring criminal charges against Biden after a months-long investigation into his improper retention of classified documents related to national security, reports Fox News.  Hur's report was made public Thursday afternoon. Even liberal CNN reporter Min Jung Lee asked President Biden tough questions about his mental competence. LEE: “Mr. President for months when you were asked about your age, you would respond with the words, ‘Watch me!'” BIDEN: “Watch me.” LEE: “Many of the American people have been watching and they have expressed concerns about your age.” BIDEN: “Your judgment. That is your judgment public. That is not the judgments of the press.” LEE: “They expressed concerns about your mental acuity. They say that you are too old. Mr. President, in December you told me that you believe there are many other Democrats who could defeat Donald Trump. So, why does it have to be you now? What is your answer to that question?” BIDEN: “Because I'm the most qualified person in this country to be president of the United States and finish the job I started.” Professor: Special prosecutor saying Biden unfit to be president Appearing on The Angle with Laura Ingraham, Victor Davis Hanson, Professor Emeritus from California State University, said most journalists will now acknowledge Biden's mental incompetence which most Americans have known for some time. HANSON: “Right now, there is a lot of journalists who are saying, ‘I want to get out of dodge. I want to go on record that I've always said he had mental problems.' “I think they are going to try to be the first to say, ‘I have integrity. I was unempirical. I'm disinterested.' Because it's going to get worse and worse and they don't want to be the last person on the ‘Biden is competent' train. I think they want to get off. “Because I think we are reaching a point where I don't see how he is going to be tenable when a federal special prosecutor, appointed by his own attorney general, says that he is essentially unfit to be president of the United States.” Brave sister rescues brother from Walmart kidnapping And finally, a brave sister stepped in and saved her 4-year-old younger brother from becoming a possible kidnapping victim, reports KDIA. A YouTube clip shows a man in a Lehigh Acres, Florida Walmart approaching the four-year-old boy on December 29th, grabbing his wrist, and forcing him to go in his direction. He then attempts to leave the area quickly with the child. Thankfully, the man's sinister attempt was prevented. The child's older sister witnessed the man's devious actions, reached out to the 4-year-old, grabbed her brother's arm, and pulled him back to safety, sheltering him behind a nearby shopping cart.  When their mother called Walmart security, they scanned video footage which led them to discover his license number.  Within an hour of the incident, deputies identified the perpetrator as 64-year-old Pablo Pintueles Hernandez and arrested him at his home. He has been charged with false imprisonment of a child.  Hernandez has since been released on a $100,000 bond. Psalm 127:3 says, “Children are a heritage from the Lord, offspring a reward from Him.” Praise God that the alert older sister bravely rescued him from harm. Close And that's The Worldview in 5 Minutes on this Monday, February 12th in the year of our Lord 2024. Subscribe by iTunes or email to our unique Christian newscast at www.TheWorldview.com.  Or get the Generations app through Google Play or The App Store. I'm Adam McManus (Adam@TheWorldview.com).  Seize the day for Jesus Christ.

On this episode of Hacker And The Fed we interview Special Agent Aron Mann with Homeland Security Investigations (HSI) Cyber Crime Center about their cyber role and career opportunities. We break down the Colonial Pipeline hack, how the dark web is intensifying the insider threat, and dig into the mother of all breaches. And finally, the SEC's X account was hacked. Links from the episode:  https://www.ice.gov/about-ice/homeland-security-investigations https://www.ice.gov/partnerships-centers/cyber-crimes-center https://www.usajobs.gov/ https://www.usajobs.gov/Search/?k=homeland%20security%20investigator   Colonial Pipeline Hack - May 2021 https://www.justice.gov/opa/speech/dag-monaco-delivers-remarks-press-conference-darkside-attack-colonial-pipeline https://www.justice.gov/opa/pr/department-justice-seizes-23-million-cryptocurrency-paid-ransomware-extortionists-darkside https://www.justice.gov/media/1159701/dl From Loyal Employees to Cybercriminals https://thesun.my/opinion_news/from-loyal-employees-to-cybercriminals-AC12012406 Mother of All Breaches Reveals 26 Billion Records: What We Know So Far https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/ SECGov X Account https://www.sec.gov/secgov-x-account Support our sponsors: NAXO is a premier cybersecurity and investigations firm, including blockchain forensics, whose mission to fight cybercrime aligns perfectly with Hacker and the Fed's content. Go to cloudsolvers.com tell them “Hacker and the Fed sent you” to get a free assessment of your current environment.

This Week in Startups is brought to you by… Scalable Path. Want to speed up your product development without breaking the bank? Since 2010, Scalable Path has helped over 300 companies hire deeply vetted engineers in their time zone. Visit http://www.scalablepath.com/twist to get 20% off your first month. Northwest Registered Agent. When starting your business, it's important to use a service that will actually help you. Northwest Registered Agent is that service. They'll form your company fast, give you the documents you need to open a business bank account, and even provide you with mail scanning and a business address to keep your personal privacy intact. Visit http://www.northwestregisteredagent.com/twist to get a 60% discount on your next LLC. Vanta. Compliance and security shouldn't be a deal-breaker for startups to win new business. Vanta makes it easy for companies to get a SOC 2 report fast. TWiST listeners can get $1,000 off for a limited time at http://www.vanta.com/twist * Today's show: Jon Miller, CEO and Founder of halcyon joins Jason to discuss how ransomware attackers get away with it and stay anonymous (6:12), hacker markets, bounties, tools, and AI's role (16:20), proactive measures for startups to safeguard themselves (34:42), and more! * Timestamps: (0:00) Jon from Halcyon joins host Jason. (2:52) Delving into the renaissance of ransomware. (6:12) How ransomware attackers get away with it and stay anonymous. (8:27) Strategies for counteraction and policy implications. (10:10) Scalable Path - Get 20% off your first month at http://www.scalablepath.com/twist (11:31) 2023 ransomware attacks on MGM and Caesar's in Las Vegas. (13:52) Halcyon's endpoint agent: a solution to thwart threats. (16:20) Exploring hacker markets, bounties, tools, and AI's role. (19:57) Northwest Registered Agent - Get a 60% discount on your next LLC at http://www.northwestregisteredagent.com/twist (21:55) The effectiveness of multi-factor authentication and strong passwords. (22:49) Comparing financial vs. espionage attacks and the Colonial Pipeline event. (29:26) The escalating danger for companies and the Uber cyber attack. (31:27) Vanta - Get $1000 off your SOC 2 at http://www.vanta.com/twist (32:35) AI and quantum computing: new frontiers for hackers. (34:42) Proactive measures for startups to safeguard themselves. (37:08) Growing hacker sophistication in places like China, North Korea and Iran. (41:00) How the USA ranks in the world with cybersecurity and computer hacking. (43:41) Your privacy is an illusion and a look at the information available on TikTok. (48:01) The biggest threat that keeps Jon up at night. (50:36) American Power Grid Vulnerabilities and ways to be prepared. * Check out halcyon: https://www.halcyon.ai * Thanks to our partners: (10:10) Scalable Path - Get 20% off your first month at http://www.scalablepath.com/twist (19:57) Northwest Registered Agent - Get a 60% discount on your next LLC at http://www.northwestregisteredagent.com/twist (31:27) Vanta - Get $1000 off your SOC 2 at http://www.vanta.com/twist * Follow Jon: X: https://twitter.com/HalcyonAi LinkedIn: https://www.linkedin.com/in/jonmillerhalcyon * Follow Jason: X: https://twitter.com/jason Instagram: https://www.instagram.com/jason LinkedIn: https://www.linkedin.com/in/jasoncalacanis * Great 2023 interviews: Steve Huffman, Brian Chesky, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarland * Check out Jason's suite of newsletters: https://substack.com/@calacanis * Follow TWiST: Substack: https://twistartups.substack.com Twitter: https://twitter.com/TWiStartups YouTube: https://www.youtube.com/thisweekin * Subscribe to the Founder University Podcast: https://www.founder.university/podcast

Original Air Date 4/2/2022 Today we take a look at the modern reality of cyber war. It's not the mass destruction of attacks that were imagined to look like a "Cyber Pearl Harbor" but the much more subtle cyber attacks that often fly under the radar and live in the grey area in attempts to inflict harm without provoking counterattack. Be part of the show! Leave us a message or text at 202-999-3991 or email Jay@BestOfTheLeft.com  Transcript BestOfTheLeft.com/Support (Get AD FREE Shows and Bonus Content) SHOW NOTES Ch. 1: Andy Greenberg - Longform - Air Date 12-11-19 Andy Greenberg is a senior writer for Wired. His new book is Sandworm. “I kind of knew I was never going to get access to Sandworm, which is the title of the book - so it was all about drawing a picture around this invisible monster.” Ch. 2: How America's gas got hacked - Today, Explained - Air Date 5-12-21 The largest-known ransomware attack on American energy infrastructure is driving up gas prices and creating shortages. Wired's Lily Hay Newman says Colonial Pipeline might be a turning point for cybersecurity. Ch. 3: Is Russia at War with the West? Part 1 - The Inquiry - Air Date 11-21-18 There are currently a number of serious allegations made in the West against Russia. They include the attempted murder of the former spy Sergei Skripal on British soil; interference in the 2016 US election; the hacking of the American electricity grid. Ch. 4: How prepared is the U.S. to fend off cyber warfare? Better at offense than defense, author says - PBS NewsHour - Air Date 8-6-18 Sanger joins Judy Woodruff to discuss the threats and realities, how the U.S. wages cyber warfare, and how prepared the U.S. is to stop attacks. Ch. 5: Is Russia at War with the West? Part 2 - The Inquiry - Air Date 11-21-18 Ch. 6: Russia Perfected Its Cyberwarfare In Ukraine — America Could Pay The Price - Think | NBC News - Air Date 11-23-19 Russia has been practicing cyberwar in a real-life test lab — Ukraine. Andy Greenberg, author of 'Sandworm', recounts how Russia went from repeatedly shutting down Ukraine's infrastructure to unleashing worms that caused billions of dollars in damage. Ch. 7: Is World War III Already Here? - Your Undivided Attention - Air Date 1-3-22 Warfare has changed so fundamentally, that we're currently in a war we don't even recognize. It's the war that Russia, China, and other hostile foreign actors are fighting against us — weaponizing social media to undermine our faith in each other MEMBERS-ONLY BONUS CLIP(S) Ch. 8: The Hackers Who Took Down the Colonial Pipeline - What Next: TBD | Tech, power, and the future - Air Date 5-21-21 Last week, a hacker group called DarkSide shut down the Colonial Pipeline, which supplies 45 percent of the fuel consumed on the East Coast. Gas prices skyrocketed, people started hoarding gas, and DarkSide walked away with over $4 million in Bitcoin. VOICEMAILS Ch. 9: Puberty blockers experimental? - Maria in Pennsylvania FINAL COMMENTS Ch. 10: Final comments on the deception and logical fallacies at the heart of critiques of gender affirming care MUSIC (Blue Dot Sessions): Opening Theme: Loving Acoustic Instrumental by John Douglas Orr  Voicemail Music: Low Key Lost Feeling Electro by Alex Stinnent Closing Music: Upbeat Laid Back Indie Rock by Alex Stinnent   Produced by Jay! Tomlinson Visit us at BestOfTheLeft.com Listen Anywhere! BestOfTheLeft.com/Listen Listen Anywhere! Follow at Twitter.com/BestOfTheLeft Like at Facebook.com/BestOfTheLeft Contact me directly at Jay@BestOfTheLeft.com