Podcasts about cyber defense

Unveiling the Double-Edged Sword of AI in Cybersecurity with Brian Black In this episode of Cybersecurity Today, host Jim Love interviews Brian Black, the head of security engineering at Deep Instinct and a former black hat hacker. Brian shares his journey into hacking from a young age, his transition to ethical hacking, and his experiences working with major companies. The discussion delves into the effectiveness of cybersecurity defenses against modern AI-driven attacks, the importance of understanding organizational data, and the challenges of maintaining robust security in the age of AI. Brian emphasizes the need for preemptive security measures and shares insights on the evolving threats posed by AI as well as the need for continuous education and adaptation in the cybersecurity field. 00:00 Introduction and Sponsor Message 00:21 Meet Brian Black: From Black Hat to Good Guy 00:55 Brian's Early Hacking Days 02:46 Transition to Ethical Hacking 04:11 Life in the Hacking Community 08:54 Advice for Aspiring Hackers and Parents 11:05 Corporate Career and Red Teaming 13:12 The Importance of Basics in Cybersecurity 21:41 Multifactor Authentication: The Good and the Bad 24:19 Challenges in Vendor Security Testing 27:41 Weaknesses in Cyber Defense 28:22 AI Speed vs Human Speed 28:37 AI in Cybersecurity Attacks 30:08 Dark AI Tools and Their Capabilities 32:54 AI Agents and Offensive Strategies 35:43 Challenges in Cybersecurity Defense 41:48 The Role of Red Teaming 42:46 Hiring the Right Red Team 46:59 Burnout in Cybersecurity 48:17 AI as a Double-Edged Sword 52:43 Deep Instinct's Approach to Security 53:58 Conclusion and Final Thoughts

Fraud is no longer just a downstream cleanup issue. It's a direct result of cyber incidents that outpace our organizational structures. Siloed teams still overlook weak signals, coordinated attacks manage to get through, and losses grow across different channels. That's why banking leaders need a new strategy: one that treats fraud and cybersecurity as a unified defense, sharing intelligence, standard procedures, and real-time decision-making. In this episode of Banking Transformed, we'll explain how cyber-enabled fraud actually occurs, why traditional structures don't work, and what it takes to stay ahead. We'll also explore the GenAI factor, looking at how attackers are scaling deception and how banks can respond with smarter profiling and faster, smoother decision-making. Joining me is Laura Quevedo, Executive Vice President, Fraud & Decisioning Solutions at Mastercard, a leader at the center of payment resiliency, financial crime prevention, and risk decisioning. She will share how integrated teams and shared intelligence are changing outcomes for institutions worldwide. For banking leaders tasked with protecting their institutions and customers in this new era of converged threats, this conversation offers a practical roadmap for building truly resilient defenses. Because the question is no longer whether your fraud and cyber teams should work together, but how quickly you can make it happen.

In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Zack Korman, CTO of cybersecurity startup Pistachio. They explore the reality of AI in security, cutting through hype to discuss where AI is both brilliant and flawed, how vendors AI-wash outdated tech, and why Zack believes AI won't replace jobs but instead scale human creativity. They also dive into phishing simulations, human psychology behind social engineering, AI-powered attacks, jailbreak chaining between AI systems, and the future risks and opportunities AI introduces in cybersecurity.   In this episode you'll learn:       How to evaluate whether a vendor is truly using AI in their product  The psychology behind why people fall for phishing attacks  Why human judgment will remain essential in the era of AI-driven security.  Some questions we ask:      How can AI unlock new capabilities in cybersecurity?  What questions should people ask AI security vendors?  Why do trained security professionals still fall for phishing attacks?  Resources:   View Zack Korman on LinkedIn   View Sherrod DeGrippo on LinkedIn     Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider    The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network. 

What role does cybersecurity play when the battlefield extends beyond Earth's atmosphere? In this special episode recorded live in Tallinn for the fifth anniversary of the Software Defined Space Conference, I sit down with Kalev Koidumäe, CEO of the Estonian Defence and Aerospace Industry Association, to explore how software and security are transforming the future of space and defense. Kalev shares how Estonia, a nation of just 1.3 million people, has built global credibility through innovation, collaboration, and cyber resilience. From the lessons of the 2007 state-level cyberattack to the country's integration of space technologies within NATO's defense framework, Estonia has developed a model that combines agility with strategic foresight. Our conversation spans everything from the evolution of Estonia's space sector to its growing ecosystem of AI-driven defense technologies, autonomous systems, and satellite solutions. Kalev also explains how lessons from the war in Ukraine are reshaping Europe's defense landscape and accelerating the need for resilient, software-defined systems. What makes this discussion particularly fascinating is the balance Estonia maintains between national sovereignty and international cooperation. Kalev explains how the country's reserve army model, cyber education initiatives, and public-private partnerships have created an ecosystem where innovation is both strategic and deeply rooted in civic responsibility. It's a blueprint for how smaller nations can play a meaningful role in global security through ingenuity and collaboration. As the world navigates an era of heightened geopolitical tension and rapid technological advancement, this discussion offers a glimpse into how small nations can make a big impact in securing both cyberspace and outer space. So what can larger nations learn from Estonia's approach to innovation, readiness, and cyber defense? And how might software continue to redefine the future of space security? Share your thoughts after listening.

When cybercriminals lock up a children's hospital, denying treatment to kids with cancer, you realize just how dark the world of ransomware has become. Healthcare isn't just another target, it's the lifeline of our society, and it's under siege. In this episode of the Thales Security Sessions, Dr. Adrian Mayers, CISO of Premera Blue Cross, joins me to expose the reality of this growing “feeding frenzy” of cyberattacks on healthcare, the rise of AI-driven threats, and what it truly takes to defend the systems, and the people, who keep us alive. It is a lesson on the human element of defense that can be applied to any industry.

In this episode, host Jason Kikta talks with Dmitri Alperovitch – CrowdStrike co-founder and chairman of the Automox board – about how speed and precision define modern cyber defense. Alperovitch explores how the OODA loop (Observe–Orient–Decide–Act), a concept rooted in military strategy, can help IT and security teams detect, respond, and adapt to threats in real time.They discuss why cloud-native automation is essential for staying ahead, how to close gaps between IT and security teams, and what happens when organizations react too slowly. Drawing on decades of experience in cybersecurity and threat intelligence, this conversation challenges you to rethink what it means to be fast enough to defend your environment.This episode originally aired on June 13, 2024.

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Carter Zupancich. Chris and Carter explore the evolving landscape of social engineering threats, focusing on the rise of vishing attacks and the role of AI in enhancing these tactics. Their discussion underscores the importance of empowering employees as a human firewall and the need for continuous education and testing to strengthen organizational security. [Oct 20, 2025]   00:00 - Intro 00:31 - Carter Zupancich Intro -          Website: https://carterzupancich.com/ 01:30 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                03:35 - Tools, Tactics and Procedures 05:19 - Tech Advances 08:16 - The Classics 10:01 - The Need for Testing 12:16 - Callback Phishing 17:26 - Setting Expectations 21:56 - Approved Language 23:56 - Verify! 25:16 - Empowerment 26:17 - And Now a Horrible Story 28:47 - Investing In Employees 31:19 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Send us a textIn this episode of WTR Small-Cap Spotlight, Tony Scott, Chief Executive Officer, and Kimberly Pinson, Chief Financial Officer, of Intrusion Inc. (NASDAQ: INTZ) join co-hosts James Kisner, Managing Director of Technology Research at Water Tower Research, and Tim Gerdeman, Vice Chair, Co-Founder, and Chief Marketing Officer of Water Tower Research.The conversation dives into how Intrusion's Shield platform uses reputation-based threat intelligence and artificial intelligence to detect and block high-risk communications in real time. Scott and Pinson discuss the company's five consecutive quarters of sequential growth, the expansion of Shield Cloud into the AWS Marketplace (with Microsoft Azure coming later in 2025), and emerging opportunities in school safety, utilities, and critical infrastructure.They also touch on Intrusion's disciplined financial strategy, strong gross margins, and growing managed-service-provider channel—all of which position the company for sustained success in both government and commercial cybersecurity markets.

Is there anything real left on the internet? Neil deGrasse Tyson and co-hosts Chuck Nice and Gary O'Reilly explore deepfakes, scams, and cybercrime with the Director of Threat Research at Bitdefender, Bogdan Botezatu. ​​Scams are a trillion-dollar industry; keep your loved ones safe with Bitdefender: https://bitdefend.me/90-StarTalkNOTE: StarTalk+ Patrons can listen to this entire episode commercial-free here: https://startalkmedia.com/show/deepfakes-and-the-war-on-truth-with-bogdan-botezatu/Thanks to our Patrons Bubbalotski, Oskar Yazan Mellemsether, Craig A, Andrew, Liagadd, William ROberts, Pratiksha, Corey Williams, Keith, anirao, matthew, Cody T, Janna Ladd, Jen Richardson, Elizaveta Nikitenko, James Quagliariello, LA Stritt, Rocco Ciccolini, Kyle Jones, Jeremy Jones, Micheal Fiebelkorn, Erik the Nerd, Debbie Gloom, Adam Tobias Lofton, Chad Stewart, Christy Bradford, David Jirel, e4e5Nf3, John Rost, cluckaizo, Diane Féve, Conny Vigström, Julian Farr, karl Lebeau, AnnElizabeth, p johnson, Jarvis, Charles Bouril, Kevin Salam, Alex Rzem, Joseph Strolin, Madelaine Bertelsen, noel jimenez, Arham Jain, Tim Manzer, Alex, Ray Weikal, Kevin O'Reilly, Mila Love, Mert Durak, Scrubbing Bubblez, Lili Rose, Ram Zaidenvorm, Sammy Aleksov, Carter Lampe, Tom Andrusyna, Raghvendra Singh Bais, ramenbrownie, cap kay, B Rhodes, Chrissi Vergoglini, Micheal Reilly, Mone, Brendan D., Mung, J Ram, Katie Holliday, Nico R, Riven, lanagoeh, Shashank, Bradley Andrews, Jeff Raimer, Angel velez, Sara, Timothy Criss, Katy Boyer, Jesse Hausner, Blue Cardinal, Benjamin Kedwards, Dave, Wen Wei LOKE, Micheal Sacher, Lucas, Ken Kuipers, Alex Marks, Amanda Morrison, Gary Ritter Jr, Bushmaster, thomas hennigan, Erin Flynn, Chad F, fro drick, Ben Speire, Sanjiv VIJ, Sam B, BriarPatch, and Mario Boutet for supporting us this week. Subscribe to SiriusXM Podcasts+ to listen to new episodes of StarTalk Radio ad-free and a whole week early.Start a free trial now on Apple Podcasts or by visiting siriusxm.com/podcastsplus. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Nachdem Julius und Marcel 2024 bereits ihr live Podcast-Debüt gegeben haben, wurde es allmählich Zeit für Runde zwei. Am 25. September war es beim Deutschen IT-Security-Kongress 2025 schließlich so weit: Julius und Marcel diskutierten live und in Farbe mit Christian Gäbel sowie Jürgen Grommes, Z-EUR IT Security & Compliance Governance Manager bei der Nestlé Deutschland AG, über ihre Cyber Security Predictions 2030. Im Mittelpunkt stand ein spannender Ausblick auf das Thema Künstliche Intelligenz und die Frage, ob KI im Jahr 2030 unser größter Helfer oder unsere größte Bedrohung sein wird.

The Export-Import Bank of the United States (EXIM) facilitates trades of exports of goods and services and, in doing so, deals with massive troves of data. From the Billington Cybersecurity Summit, EXIM CISO, Chief Privacy Officer, and Deputy Chief AI Officer Darren Death tells CyberCast that his agency is centralizing data about user access and behavior to detect potential cyber threats. Death says that balancing cybersecurity with privacy remains a challenge, especially in complex IT ecosystems involving financial institutions. He stresses the need to “shift left” by embedding privacy and security requirements early in the development lifecycle and include business leaders in conversations about cybersecurity, privacy and usability. He also says that the EXIM is using generative AI to simulate incident response scenarios, escalating threats to test team readiness. Death adds that EXIM is positioning AI as a force multiplier rather than a job threat.  

On this episode of The Cybersecurity Defenders Podcast we speak with Sarah Powazek about the Roadmap to Community Cyber Defense. Diving into the report, Sarah emphasizes the need for low-resource organizations and cyber experts to come together in a co-responsibility model for cyber defense. Learn more about the UC Berkeley Center for Long-Term Cybersecurity (CLTC).Get help or join the Cyber Resilience Corps here.Read the roadmap.Sarah leads flagship research on defending low-resource organizations like nonprofits, municipalities, and schools from cyber attacks. She serves as Co-Chair of the Cyber Resilience Corps and is also Senior Advisor for the Consortium of Cybersecurity Clinics, advocating for the expansion of clinical cyber education around the world. Sarah hosts the Cyber Civil Defense Summit, an annual mission-based gathering of cyber defenders to protect the nation's most vulnerable public infrastructure. Sarah previously worked at CrowdStrike Strategic Advisory Services, and as the Program Manager of the Ransomware Task Force.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Why do cyber attackers always seem one step ahead — and how can defenders take back control?In this episode of Reimagining Cyber, host Tyler Moffitt (Senior Analyst, OpenText) sits down with longtime colleagues Grayson Milbourne (Security Intelligence Director) and Troy Gill (Senior Manager, Threat Research) to explore how the cybersecurity battlefield is evolving — and what it takes to shift the balance toward defenders.They break down:Why attackers appear to “make the rules” in cybersecurityHow AI and automation are transforming both offense and defenseThe rise of phishing, deepfakes, and social engineering in 2025Why identity is the new perimeterHow organizations can build cyber resilience through culture, transparency, and layered defenseWhy sharing breach intelligence matters more than everYou'll also hear real-world insights from the threat-research trenches, plus practical advice for CISOs and IT leaders on creating a security-first culture, improving visibility, and staying ahead of fast-moving AI-powered threats.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

This episode features Jonathon Mayor, Principal Security Consultant for the Americas at Cohesity.A founding member of Cohesity's Security Center of Excellence and the Cyber Event Response Team, Jonathon has more than 20 years of experience in security operations, forensics, and business continuity, with past leadership roles at EMC, Dell, and Verizon. He's guided Fortune 500 and Global 1000 organizations through high-stakes incident response and recovery.In this episode, Jonathon explains why trust is the first casualty in a cyberattack, how to distinguish between mission critical operations and mission critical response, and why resilience depends as much on people and process as on technology. He shares candid lessons from the field on avoiding endless “what if” scenarios, preparing for the human toll of prolonged incidents, and building flexibility into every plan.This is a practical look at cyber resilience and the critical skills every leader needs to have before the next 2 a.m. incident call. Guest Bio Jonathon Mayor is Principal Security Consultant for the Americas at Cohesity, where he has helped many Fortune 500 and Global 1000 organizations strengthen cyber resilience through threat intelligence, incident response, and recovery strategy. A founding member of Cohesity's Security Center of Excellence and the Cyber Event Response Team (CERT), his current focus is proactively collaborating with security partners and customers to strengthen security posture and readiness by drawing from the experiences and lessons learned through CERT.With more than 20 years in security operations, forensics, and business continuity, Jonathon has held leadership roles at EMC, Dell, and Verizon, where he oversaw global NOC operations and major incident mitigation.Guest Quote " The thing that's most important that's lost first and hardest to regain is trust. Everything else is secondary. If the very tools that I'm relying on to respond have been compromised, and therefore I can't trust them, where does my plan go from there?”Time stamps 01:10 Meet Jonathan Mayor 03:37 Rethinking What's Mission Critical 12:25 Avoiding Endless What If's 15:50 Paranoia Has a Budget: Prioritizing Risks 21:27 The Human Element in Cyber Defense 25:01 Importance of Mindset Flexibility 27:11 Post-Incident AdviceSponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world's leading businesses, Semperis protects critical Active Directory environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more.LinksConnect with Jonathon on LinkedInLearn more about CohesityConnect with Sean on LinkedInDon't miss future episodesLearn more about Semperis

Send us a textIn this episode of Investors Coffee Shop, Brian Harte sits down with Joe Soeka, a cybersecurity and digital forensics expert with over a decade of hands-on experience in identifying and analyzing cyber threats. Joe has worked extensively in digital forensics and incident response, holding advanced certifications that allow him to tackle complex technical challenges head-on.Joe shares insights on:The most pressing cyber threats facing individuals and businesses todayHow digital forensics uncovers the truth hidden within systems and dataPractical steps anyone can take to strengthen their personal and organizational cybersecurity postureListeners will also walk away with tools and resources to stay ahead of evolving threats. One highlighted resource is Have I Been Pwned, a free service where you can check if your email or phone number has been part of a data breach.Whether you're an investor, entrepreneur, or just someone who wants to better understand how to protect your digital identity, this episode is packed with valuable knowledge.Support the show

Cybersecurity has been on the Government Accountability Office's (GAO) high-risk list since 1997. Federal agencies struggle with issues like cyber hygiene, cyber workforce shortages and strategic execution. While agencies put strategies in place to secure their systems, the implementation and execution can be ineffective, according to GAO Managing Director of IT and Cybersecurity Nick Marinos. Marinos says that evolving threats have reshaped the cybersecurity landscape over the years in government, making evolution a moving target. Agencies are adjusting their workforces accordingly, he says, but is is difficult to keep pace with emerging technology. He underscores the urgency of streamlining federal hiring processes to prevent losing top talent to faster-moving private sector opportunities.

Podcast: ICS Cyber Talks PodcastEpisode: Shmulik Yehezkel Founder & CEO @Pryvaxy on the tight coloration between physical & cyber defensePub date: 2025-09-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationביטחון פיזי והגנת סייבר הם שני צדדים של אותה המטבע, כול אחד מהם מהווה השלמה של השני וחשוב למניעת מתקפה על הארגון.  ארגונים שאינם ביטחוניים נוטים להפריד ביניהם ושוברים את קו ההגנה הרגיש ממילא נחשון פינקו מארח את אל"מ (מיל'), מייסד ומנכ"ל חברת פריבקסי מבכירי משרד ראש הממשלה לשעבר מקים וראש חטיבת הסייבר המבצעי של משרד הביטחון, ראש בית הספר לסייבר וטכנולוגיה וסגן וממלא מקום ראש מטה הביטחון והסייבר במשרד ראש הממשלה בשיחה על ביטחון פיזי והגנת סייבר בראיית המגן והצורך לפעול בקורלציה ביניהם מההבנה של ראיית התוקף Physical security and cyber defense are two sides of the same coin, complementing each other, and are crucial for preventing an attack on the organization. Non-security organizations tend to separate them and break the already sensitive line of defense. Nachshon Pincu hosts Col. (res.), founder and CEO of Pryvaxy, a former senior official in the Prime Minister's Office, founder and head of the Operational Cyber ​​Division of the Ministry of Defense, head of the School of Cyber ​​and Technology, and deputy and acting head of the Security and Cyber ​​Headquarters in the Prime Minister's Office, in a conversation about physical security and cyber defense from the perspective of the defender and the need to act in correlation between them from the understanding of the attacker's perspective.The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by mandated reporting for critical infrastructure, and the cultural impact of cybercrime on youth. The conversation also touches on the advancements in AI technology, including its applications in healthcare and mainframe modernization, as well as the alarming rise in ransomware tactics and the use of AI by cybercriminals. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-513

In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by mandated reporting for critical infrastructure, and the cultural impact of cybercrime on youth. The conversation also touches on the advancements in AI technology, including its applications in healthcare and mainframe modernization, as well as the alarming rise in ransomware tactics and the use of AI by cybercriminals. Show Notes: https://securityweekly.com/swn-513

In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by mandated reporting for critical infrastructure, and the cultural impact of cybercrime on youth. The conversation also touches on the advancements in AI technology, including its applications in healthcare and mainframe modernization, as well as the alarming rise in ransomware tactics and the use of AI by cybercriminals. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-513

In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by mandated reporting for critical infrastructure, and the cultural impact of cybercrime on youth. The conversation also touches on the advancements in AI technology, including its applications in healthcare and mainframe modernization, as well as the alarming rise in ransomware tactics and the use of AI by cybercriminals. Show Notes: https://securityweekly.com/swn-513

ביטחון פיזי והגנת סייבר הם שני צדדים של אותה המטבע, כול אחד מהם מהווה השלמה של השני וחשוב למניעת מתקפה על הארגון.  ארגונים שאינם ביטחוניים נוטים להפריד ביניהם ושוברים את קו ההגנה הרגיש ממילא נחשון פינקו מארח את אל"מ (מיל'), מייסד ומנכ"ל חברת פריבקסי מבכירי משרד ראש הממשלה לשעבר מקים וראש חטיבת הסייבר המבצעי של משרד הביטחון, ראש בית הספר לסייבר וטכנולוגיה וסגן וממלא מקום ראש מטה הביטחון והסייבר במשרד ראש הממשלה בשיחה על ביטחון פיזי והגנת סייבר בראיית המגן והצורך לפעול בקורלציה ביניהם מההבנה של ראיית התוקף Physical security and cyber defense are two sides of the same coin, complementing each other, and are crucial for preventing an attack on the organization. Non-security organizations tend to separate them and break the already sensitive line of defense. Nachshon Pincu hosts Col. (res.), founder and CEO of Pryvaxy, a former senior official in the Prime Minister's Office, founder and head of the Operational Cyber ​​Division of the Ministry of Defense, head of the School of Cyber ​​and Technology, and deputy and acting head of the Security and Cyber ​​Headquarters in the Prime Minister's Office, in a conversation about physical security and cyber defense from the perspective of the defender and the need to act in correlation between them from the understanding of the attacker's perspective.

What do you use for cyber security?  Why not use the #1 Defense in the NFL!? 

Join host G Mark Hardy on CISO Tradecraft as he welcomes Patrick Garrity from VulnCheck and Tod Beardsley from Run Zero to discuss the latest in cybersecurity vulnerabilities, exploits, and defense strategies. Learn about their backgrounds, the complexities of security research, and strategies for effective communication within enterprises. The discussion delves into vulnerabilities, the significant risks posed by ransomware, and actionable steps for CISOs and security executives to protect their organizations. Stay tuned for invaluable insights on cybersecurity leadership and management. Chapters 00:00 Introduction and Guest Welcome 00:57 Meet Patrick Garrity: Security Researcher and Skateboard Enthusiast 02:12 Meet Todd Beardsley: From Hacker to Security Research VP 03:58 The Evolution of Vulnerabilities and Patching 07:06 Understanding CVE Numbering and Exploitation 14:01 The Role of Attribution in Cybersecurity 16:48 Cyber Warfare and Global Threat Landscape 20:18 The Rise of International Hacking 22:01 Delegation of Duties in Offensive Warfare 22:25 The Role of Companies in Cyber Defense 23:00 Attack Vectors and Exploits 24:25 Real-World Scenarios and Threats 28:46 The Importance of Communication Skills for CISOs 31:42 Ransomware: A Divisive Topic 38:39 Actionable Steps for Security Executives 45:58 Conclusion and Final Thoughts

Join host G Mark Hardy on CISO Tradecraft as he welcomes Patrick Garrity from VulnCheck and Tod Beardsley from Run Zero to discuss the latest in cybersecurity vulnerabilities, exploits, and defense strategies. Learn about their backgrounds, the complexities of security research, and strategies for effective communication within enterprises. The discussion delves into vulnerabilities, the significant risks posed by ransomware, and actionable steps for CISOs and security executives to protect their organizations. Stay tuned for invaluable insights on cybersecurity leadership and management.  Chapters 00:00 Introduction and Guest Welcome 00:57 Meet Patrick Garrity: Security Researcher and Skateboard Enthusiast 02:12 Meet Todd Beardsley: From Hacker to Security Research VP 03:58 The Evolution of Vulnerabilities and Patching 07:06 Understanding CVE Numbering and Exploitation 14:01 The Role of Attribution in Cybersecurity 16:48 Cyber Warfare and Global Threat Landscape 20:18 The Rise of International Hacking 22:01 Delegation of Duties in Offensive Warfare 22:25 The Role of Companies in Cyber Defense 23:00 Attack Vectors and Exploits 24:25 Real-World Scenarios and Threats 28:46 The Importance of Communication Skills for CISOs 31:42 Ransomware: A Divisive Topic 38:39 Actionable Steps for Security Executives 45:58 Conclusion and Final Thoughts

In this episode of CISO Tradecraft, host G Mark Hardy sits down with Tomas Roccia, a senior threat researcher at Microsoft, to delve into the evolving landscape of AI and cybersecurity. From AI-enhanced threat detection to the complexities of tracking cryptocurrency used in cybercrime, Tomas shares his extensive experience and insights. Discover how AI is transforming both defensive and offensive strategies in cybersecurity, learn about innovative tools like Nova for adversarial prompt detection, and explore the sophisticated techniques used by cybercriminals in high-profile crypto heists. This episode is packed with valuable information for cybersecurity professionals looking to stay ahead in a rapidly changing field. Defcon presentation: Where is my crypto Dude? https://media.defcon.org/DEF%20CON%2033/DEF%20CON%2033%20presentations/Thomas%20Roccia%20-%20Where%E2%80%99s%20My%20Crypto%2C%20Dude%20The%20Ultimate%20Guide%20to%20Crypto%20Money%20Laundering%20%28and%20How%20to%20Track%20It%29.pdf GenAI Breaches Generative AI Breaches: Threats, Investigations, and Response - Speaker Deck https://speakerdeck.com/fr0gger/generative-ai-breaches-threats-investigations-and-response Transcripts: https://docs.google.com/document/d/1ZPkJ9P7Cm7D_JdgfgNGMH8O_2oPAbnlc Chapters 00:00 Introduction to AI and Cryptocurrencies 00:27 Welcome to CISO Tradecraft 00:55 Guest Introduction: Tomas Roccia 01:06 Tomas Roccia's Background and Career 02:51 AI in Cybersecurity: Defensive Approaches 03:19 The Democratization of AI: Risks and Opportunities 06:09 AI Tools for Cyber Defense 08:09 Challenges and Limitations of AI in Cybersecurity 09:20 Microsoft's AI Tools for Defenders 12:13 Open Source AI Security: Project Nova 18:37 Community Contributions and Open Source Projects 19:30 Case Study: Babit Crypto Hack 22:12 Money Laundering Techniques in Cryptocurrency 23:01 AI in Tracking Cryptocurrency Transactions 26:09 Sophisticated Attacks and Money Laundering 33:50 Future of AI and Cryptocurrency 38:17 Final Thoughts and Advice for Security Executives 41:28 Conclusion and Farewell

In this episode of CISO Tradecraft, host G Mark Hardy sits down with Tomas Roccia, a senior threat researcher at Microsoft, to delve into the evolving landscape of AI and cybersecurity. From AI-enhanced threat detection to the complexities of tracking cryptocurrency used in cybercrime, Tomas shares his extensive experience and insights. Discover how AI is transforming both defensive and offensive strategies in cybersecurity, learn about innovative tools like Nova for adversarial prompt detection, and explore the sophisticated techniques used by cybercriminals in high-profile crypto heists. This episode is packed with valuable information for cybersecurity professionals looking to stay ahead in a rapidly changing field. Defcon presentation: Where is my crypto Dude? https://media.defcon.org/DEF%20CON%2033/DEF%20CON%2033%20presentations/Thomas%20Roccia%20-%20Where%E2%80%99s%20My%20Crypto%2C%20Dude%20The%20Ultimate%20Guide%20to%20Crypto%20Money%20Laundering%20%28and%20How%20to%20Track%20It%29.pdf  GenAI Breaches Generative AI Breaches: Threats, Investigations, and Response - Speaker Deck https://speakerdeck.com/fr0gger/generative-ai-breaches-threats-investigations-and-response  Transcripts: https://docs.google.com/document/d/1ZPkJ9P7Cm7D_JdgfgNGMH8O_2oPAbnlc Chapters 00:00 Introduction to AI and Cryptocurrencies 00:27 Welcome to CISO Tradecraft 00:55 Guest Introduction: Tomas Roccia 01:06 Tomas Roccia's Background and Career 02:51 AI in Cybersecurity: Defensive Approaches 03:19 The Democratization of AI: Risks and Opportunities 06:09 AI Tools for Cyber Defense 08:09 Challenges and Limitations of AI in Cybersecurity 09:20 Microsoft's AI Tools for Defenders 12:13 Open Source AI Security: Project Nova 18:37 Community Contributions and Open Source Projects 19:30 Case Study: Babit Crypto Hack 22:12 Money Laundering Techniques in Cryptocurrency 23:01 AI in Tracking Cryptocurrency Transactions 26:09 Sophisticated Attacks and Money Laundering 33:50 Future of AI and Cryptocurrency 38:17 Final Thoughts and Advice for Security Executives 41:28 Conclusion and Farewell

We dive deeper into an ongoing exploration of the implications of new technologies on national security with a barnstorming tour of the cyber domain with cybersecurity expert Byron Tomes.In this episode, Byron and I explore his unique journey into cybersecurity and national security, and the incredibly interesting and varied career he has had along the way.While we do explore the nuts and bolts of the cyber domain and the emerging role of artificial intelligence in that, this is as much a conversation about personal growth and development as it is about the topic itself.This is a particularly useful conversation for students and young professionals who may be intrigued by the topics of cyber defense, AI, and national security, but who may be intimidated by the (false) assumption that they need to be a computer scientist in order to contribute to the field. What Byron's story, and the stories of the last three guests on the show, demonstrate is that combatting emerging threats in new domains is not just the province of technologists. Those concerned with the public good and a nation's moral compass also have a role to play.DISCLAIMER: Byron's views are his own and do not represent the views and policies of his employer, the state of California, or the US Federal Government.Subscribe to Tim Talks Politics⁠⁠⁠⁠⁠⁠⁠⁠⁠ on Substack⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full show notes (30% off for podcast listeners)!

Podcast: Industrial Cybersecurity InsiderEpisode: AI, Phishing, and the Future of Industrial Cyber DefensePub date: 2025-08-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this week's rewind episode, Dino Busalachi is joined by Gary Kneeland from Claroty. With over nine years of experience at Claroty, Gary discusses the evolution of OT security, the convergence of IT and OT, and the growing importance of cybersecurity in protecting critical infrastructure. The conversation touches on how regulatory changes, ransomware threats, and AI advancements are shaping the industry. Whether you're dealing with outdated systems or navigating complex industrial environments, this episode provides practical insights into the challenges and opportunities ahead.Chapters:00:00:00 - Pandemic's Impact on Critical Infrastructure00:01:08 - Introduction to Gary Neelan and Claroty00:01:41 - Gary's Role in OT Cybersecurity00:02:49 - Evolution of OT Cybersecurity: From Compliance to Strategy00:05:23 - IT and OT Convergence: Securing Cyber-Physical Systems00:09:46 - Addressing Complex Challenges in OT Cybersecurity00:11:56 - OT Cybersecurity Talent Shortage and Managed Services00:13:01 - Future of OT Cybersecurity: Adapting to New Threats00:14:36 - Modernizing Manufacturing Systems for Enhanced Security00:15:52 - Global Cybersecurity Trends in Critical Infrastructure00:18:01 - Regional OT Cybersecurity Challenges and Responses00:25:01 - The Role of AI in Defending OT Environments00:28:19 - Final Thoughts on OT Cybersecurity's FutureLinks And Resources:Links And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityGary Kneeland on LinkedInDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Send us a textIn this energizing episode of the Joey Pinz Discipline Conversations podcast, Joey talks with Scott Barlow, Global VP of MSP and Cloud at Sophos, about how MSPs are becoming the true frontline of cybersecurity—and what vendors must do to support them.

In this episode of "SecurIt," I'm thrilled to reconnect with Roger Grimes the Data-Driven Defense Evangelist at KnowBe4, as he shares his groundbreaking ideas for defeating hackers and malware. Explore the world of phishing-resistant MFA, the challenges of implementing real IDs, and the promise of quantum computing. Get ready to elevate your understanding of cybersecurity to new heights!

At Black Hat USA 2025, Sean Martin, co-founder of ITSPmagazine, sat down with Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, to discuss the findings from the company's latest ransomware report. Over the past five years, the research has tracked how attack patterns, targets, and business models have shifted—most notably from file encryption to data theft and extortion.Brett explains that many ransomware groups now find it more profitable—and less risky—to steal sensitive data and threaten to leak it unless paid, rather than encrypt files and disrupt operations. This change also allows attackers to stay out of the headlines and avoid immediate law enforcement pressure, while still extracting massive payouts. One case saw a Fortune 50 company pay $75 million to prevent the leak of 100 terabytes of sensitive medical data—without a single file being encrypted.The report highlights variation in attacker methods. Some groups focus on single large targets; others, like the group “LOP,” exploit vulnerabilities in widely used file transfer applications, making supply chain compromise a preferred tactic. Once inside, attackers validate their claims by providing file trees and sample data—proving the theft is real.Certain industries remain disproportionately affected. Healthcare, manufacturing, and technology are perennial top targets, with oil and gas seeing a sharp increase this year. Many victims operate with legacy systems, slow to adopt modern security measures, making them vulnerable. Geographically, the U.S. continues to be hit hardest, accounting for roughly half of all observed ransomware incidents.The conversation also addresses why organizations fail to detect such massive data theft—sometimes hundreds of gigabytes per day over weeks. Poor monitoring, limited security staffing, and alert fatigue all contribute. Brett emphasizes that reducing exposure starts with eliminating unnecessary internet-facing services and embracing zero trust architectures to prevent lateral movement.The ransomware report serves not just as a data source but as a practical guide. By mapping observed attacker behaviors to defensive strategies, organizations can better identify and close their most dangerous gaps—before becoming another statistic in next year's findings.Learn more about Zscaler: https://itspm.ag/zscaler-327152Note: This story contains promotional content. Learn more.Guest:Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, | On LinkedIn: https://www.linkedin.com/in/brett-stone-gross/ResourcesLearn more and catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscalerLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, brett stone-gross, ransomware, data extortion, cyber attacks, zero trust security, threat intelligence, data breach, cyber defense, network security, file transfer vulnerability, data protection, black hat, black hat usa 2025, zscaler

Cybersecurity is a critical component of organizational health no matter the federal agency. Yet, federal leaders across government are struggling to change culture, improve workflows and promote good cyber hygiene to prepare for the threats of tomorrow. The Government Accountability Office's Information Technology and Cybersecurity division assists Congress with assessing and improving the government's critical IT investments and develops best practices that are used across the government to guide decision-making. The division's Director Jennifer Franks breaks down where agencies fall short in implementing cybersecurity recommendations and discusses ways that federal leaders can improve their cyber hygiene through better hiring processes, stronger cybersecurity requirements and promoting an inclusive and team-oriented culture.

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Derek Fisher, Director of the Cyber Defense and Information Assurance Program, Temple University – also check out Derek's substack. Thanks to our show sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI—the leader in autonomous alert investigation. Their AI investigates everything, giving your analysts time back for real security work. No more 40-minute rabbit holes. If you're at BlackHat, find them in Startup City. Otherwise, check out their self-guided demo at dropzone.ai. This is how modern SOCs are scaling without burning out. All links and the video of this episode can be found on CISO Series.com    

In her first interview since becoming Principal Director of the Defense Department's Cyber Academic Engagement Office (CAEO), Diba Hadi reflects on her role and vision for the office since stepping into the position in 2024 during the 2025 HammerCON conference in Laurel, Maryland. Hadi shares insights into her day-to-day responsibilities and highlights efforts to strengthen the integration of universities into the Centers of Academic Excellence community. Her goal: to develop cyber talent aligned with the Defense Department's evolving workforce needs. She explores how improved data collection, interagency collaboration and smarter resource allocation can streamline reporting processes and support broader DOD hiring objectives. Hadi also discusses key initiatives, including scholarships, research partnerships and capacity-building grants, that bring together academia, industry and government to build cyber capabilities at their source.

Dr. Selwyn Ellis, the Bosley Whitmore Endowed Professor and head of the Department of Computer Information Systems at Louisiana Tech University, engages in a profound conversation with hosts Craig Van Slyke and Thomas Stafford regarding the establishment and maintenance of cybersecurity research and education programs that adhere to national standards. The dialogue reveals the multifaceted nature of achieving designation as a Center of Academic Excellence in Cyber Defense by the National Security Agency and the Department of Homeland Security, thus highlighting the rigorous accreditation processes that validate the quality of education delivered. Dr. Ellis elaborates on the collaborative efforts required across various departments within the university, emphasizing the importance of a holistic approach to cybersecurity education that encompasses not only technical skills but also behavioral aspects essential for understanding the human factors influencing security practices. The discussion further explores the curriculum offered by the Louisiana Tech Center for Information Assurance, which includes essential courses such as disaster recovery, risk analysis, and principles of information assurance. These programs are designed to prepare students comprehensively for careers in cybersecurity, equipping them with the knowledge and skills necessary to address the growing complexities of the cyber threat landscape. Dr. Ellis notes that graduates from these programs are well-positioned for employment across diverse sectors, underscoring the value of a rigorous academic foundation in enhancing their career prospects. The episode also touches upon the significance of research in cybersecurity, as Dr. Ellis and the hosts discuss the role of faculty in guiding students toward impactful research endeavors that contribute to the field's advancement. As the conversation progresses, the implications of emerging technologies such as artificial intelligence (AI) on cybersecurity education come to the forefront. Dr. Ellis articulates the need for educational institutions to adapt their curricula to incorporate AI-driven methodologies, preparing students to navigate both the opportunities and challenges presented by these advancements. The dialogue culminates in a call to action for industry partners to engage with educational institutions, fostering collaboration that enriches the learning experience and ensures a robust pipeline of skilled cybersecurity professionals ready to meet the demands of an evolving landscape. This episode encapsulates the essence of proactive engagement between academia and industry, reinforcing the critical role that well-structured educational programs play in shaping the future of cybersecurity.Takeaways: The Cyberways podcast aims to translate academic knowledge into practical applications for security professionals, addressing the crucial need for accessible cybersecurity education. Dr. Selwyn Ellis, our esteemed guest, has extensive experience in establishing cybersecurity research centers certified by the US Government, showcasing his expertise in this critical field. Louisiana Tech University uniquely holds dual certifications as a Center of Academic Excellence in Cyber Defense and Research, reflecting the institution's commitment to rigorous cybersecurity education and research. The importance of continuous certification and rigorous program reviews every five years ensures that our cybersecurity curriculum meets national standards set by the NSA and Homeland Security. Our graduates possess a competitive advantage in the job market due to their comprehensive training and knowledge in cybersecurity, making them attractive to employers in various industries. The evolving landscape of cybersecurity education is increasingly influenced by advancements in artificial intelligence, which presents both challenges and...

In this episode of CISO Tradecraft, host G Mark Hardy discusses the ongoing Israel-Iran conflict and its potential cyber implications with cybersecurity expert Nathan Case. They delve into lessons learned from the Russia-Ukraine conflict, discuss the effectiveness of cyber warfare, and evaluate Iran's cyber capabilities. The conversation also covers the ethical implications of cyber attacks, dual-use targets, and the danger of supply chain vulnerabilities. Practical advice is provided on improving cybersecurity measures, including the importance of MFA, network segmentation, and evaluating internal threats. Join us for an in-depth look at how current geopolitical tensions can impact global cybersecurity. Nathan Case - https://www.linkedin.com/in/nathancase/ Chapters 00:00 Introduction to the Israel-Iran Conflict 00:52 Meet the Expert: Nate Case 01:51 Cyber Warfare Insights from Russia-Ukraine Conflict 03:36 The Impact of Cyber on Critical Infrastructure 08:00 Ethics and Rules of Cyber Warfare 15:01 Iran's Cyber Capabilities and Strategies 16:56 Historical Context and Modern Cyber Threats 23:28 Foreign Cyber Threats: The Iranian Example 24:06 Israel's Cyber Capabilities 25:39 The Role of Cyber Command 26:23 Challenges in Cyber Defense 27:11 The Complexity of Cyber Warfare 32:21 Ransomware and Attribution Issues 36:13 Defensive Cyber Operations 39:39 Final Thoughts and Recommendations

In this episode of CISO Tradecraft, host G Mark Hardy discusses the ongoing Israel-Iran conflict and its potential cyber implications with cybersecurity expert Nathan Case. They delve into lessons learned from the Russia-Ukraine conflict, discuss the effectiveness of cyber warfare, and evaluate Iran's cyber capabilities. The conversation also covers the ethical implications of cyber attacks, dual-use targets, and the danger of supply chain vulnerabilities. Practical advice is provided on improving cybersecurity measures, including the importance of MFA, network segmentation, and evaluating internal threats. Join us for an in-depth look at how current geopolitical tensions can impact global cybersecurity. Nathan Case - https://www.linkedin.com/in/nathancase/   Chapters 00:00 Introduction to the Israel-Iran Conflict 00:52 Meet the Expert: Nate Case 01:51 Cyber Warfare Insights from Russia-Ukraine Conflict 03:36 The Impact of Cyber on Critical Infrastructure 08:00 Ethics and Rules of Cyber Warfare 15:01 Iran's Cyber Capabilities and Strategies 16:56 Historical Context and Modern Cyber Threats 23:28 Foreign Cyber Threats: The Iranian Example 24:06 Israel's Cyber Capabilities 25:39 The Role of Cyber Command 26:23 Challenges in Cyber Defense 27:11 The Complexity of Cyber Warfare 32:21 Ransomware and Attribution Issues 36:13 Defensive Cyber Operations 39:39 Final Thoughts and Recommendations

In this episode of 'Cybersecurity Today,' hosts John Pinard and Jim Love introduce their unique show, 'The Secret CISO,' which aims to dive deep into the lives and thoughts of CISOs and similar roles, beyond the usual interview-style format. The guest for this episode is Priya Mouli, CISO at Sheridan College, who shares her journey from engineering to cybersecurity, her global experiences, and how she manages her multifaceted role. Another guest, Mohsen Azari, Director of Cyber Defense in the financial sector, discusses his career path, which includes notable stints in entertainment and consulting. The conversation explores the pressing challenges in cybersecurity such as AI threats, burnout, and vendor tool overload, while emphasizing the importance of people skills and relationship-building within organizations. The episode wraps up with a promise of a follow-up discussion to delve deeper into the impact of AI on cybersecurity. 00:00 Introduction to the Secret CISO Show 00:51 Guest Introductions: Meet Priya Ali 01:59 Priya's Career Journey and Insights 06:44 Mohsen's Background and Career Path 13:12 John's Career and Cybersecurity Evolution 15:58 Current Cybersecurity Challenges 24:04 Adapting to New Roles in Cybersecurity 25:36 Managing People and Preventing Burnout 27:08 Servant Leadership and Team Dynamics 31:16 Strategic Hiring and Team Cohesion 33:42 Handling Stress and Personal Well-being 35:46 The Role of CISOs as Organizational Psychologists 40:54 Influencing Behavior and Building a Security Culture 44:28 Coping with the Barrage of Cybersecurity Tools 51:10 Conclusion and Future Discussions

Cybersecurity isn't just about code, controls, or compliance—it's about people. That's the core message from Purvi Kay, Head of Cybersecurity for the Future Combat Air System at BAE Systems, and Rob Black, founder of the UK Cyber Leaders Challenge, as they share how genuine collaboration is reshaping security success in high-stakes environments.In this InfoSecurity Europe conversation, Purvi emphasizes that cybersecurity is still too often seen as an IT issue, when in reality it cuts across every aspect of business. Her role spans cybersecurity strategy, leadership development, and advocacy—serving also as Chair of BAE's Women in Cyber program and as a neurodiversity champion. For her, inclusion is more than a policy—it's essential to mission success, especially when coordinating across trilateral government and industry teams on programs as complex as next-gen fighter aircraft.Rob reinforces this point with his focus on developing soft skills in future cybersecurity leaders. His work brings non-traditional talent into cyber, prioritizing communication, empathy, and multidisciplinary collaboration. These human-centric capabilities are crucial when bridging divides between security, legal, HR, and operations.Both guests highlight how assumptions, language, and siloed thinking obstruct progress. Purvi shares how cybersecurity has often been seen as a barrier—brought in too late, misunderstood, or left out of key decisions. She now champions “secure by design” practices through early involvement of cross-functional teams. Rob brings a memorable example: using marriage counseling techniques to help auditors and developers understand each other better—not to resolve personal conflict, but to decode cultural and professional misalignments.Their conversation also touches on practical methods for building shared understanding, from sketching “river journeys” to map project dynamics, to fostering stakeholder buy-in through intentional communication. Whether aligning three governments or managing internal procurement, they show that collaboration isn't just a buzzword—it's a structured, repeatable approach to managing complexity.This episode offers a thoughtful and grounded look at how meaningful human connection—across functions, cultures, and roles—forms the foundation of effective cybersecurity. It's a timely reminder that the path to resilience begins with listening, empathy, and a clear sense of shared purpose.___________Guests:Purvi Kay, Head of Cybersecurity for the Future Combat Air System at BAE Systems | https://www.linkedin.com/in/purvikay/Rob Black, Director, UK Cyber Leaders Challenge | https://www.linkedin.com/in/rob-black-30440819/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Ahead of the 2025 NATO Summit, hosts Lokke Moerel and Miriam Wugmeister spoke with the top expert about hybrid threats, strategic defense, and the shifting digital battlefield.

In this episode of Data Security Decoded, join Caleb Tolin as he sits down with Grant Oviatt, Head of Security Operations at Prophet Security, to explore the transformative impact of AI agents in SOC environments. From reducing false positives by 95% to dramatically improving incident response times, discover how AI is augmenting human analysts rather than replacing them. Whether you're a CISO looking to optimize your security operations or a SOC analyst concerned about AI's impact on your role, this episode offers practical insights into successfully implementing AI-driven security solutions while building trust in automated systems. • Learn how AI agents handle tedious security tasks, freeing analysts for strategic work • Explore real-world success stories of AI-powered threat detection and response • Understand the critical balance between AI automation and human expertise • Get practical steps for deploying AI agents in your SOC

In this On Location episode during OWASP AppSec Global 2025 in Barcelona, Sarah-Jane Madden brings a unique lens to application security, shaped by her journey from developer to security leader and CSO. Speaking at OWASP AppSec Global, she tackles one of today's most pressing concerns: how AI is reshaping software engineering—and how we must respond without compromising core values like quality and security.Madden emphasizes that AI is only the latest in a series of major disruptions, comparing it to shifts like remote work triggered by COVID. Her message is clear: organizations must prepare for continuous change, not just chase the current trend. That means prioritizing adaptability and ensuring critical practices like application security are not sacrificed in the rush to speed up delivery.She makes the case for a layered, iterative approach to development—rejecting the outdated linear mindset. Developers, she argues, should leverage AI as an accelerator, not a replacement. Think of AI as your digital intern: handling the drudgery, automating boilerplate code, and even applying internal security standards to code before it reaches human hands. This frees developers to focus on creative problem-solving and thoughtful architecture.However, Madden cautions against blind enthusiasm. While experimentation is healthy, organizations must be discerning about outcomes. Speed is meaningless without quality, and quality includes security. She calls on developers to advocate for high standards and reminds business leaders not to fall for the allure of shortcut statistics or flashy claims that promise results without skilled labor. Her analogy of microwave dinners vs. proper cuisine illustrates the risk of prioritizing convenience over substance—especially in complex problem-solving environments.For line-of-business leaders, Madden urges realistic expectations. AI can enhance productivity, but it doesn't eliminate the need for thoughtful development. Ultimately, customers will notice if quality drops, and reputational damage is hard to undo.In closing, Madden celebrates OWASP as more than an organization—it's a source of support, camaraderie, and genuine community for those working to build secure, reliable systems. Her message? Embrace change, use tools wisely, protect your standards, and never forget the human side of engineering.GUEST: Sarah-Jane Madden | Global Director of Cyber Defense at Fortive | https://www.linkedin.com/in/sarahjanemadden/HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESLearn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

In this episode of Security Matters, host David Puner welcomes Kevin Bocek, CyberArk SVP of Innovation, for an insightful discussion on the critical role of machine identity in modern cybersecurity. As digital environments become increasingly complex, securing machine identities has never been more crucial.According to the CyberArk 2025 Identity Security Landscape, machine identities now outnumber human identities by more than 80 to 1. As organizations scale cloud workloads and automation, these identities are becoming a critical part of the cybersecurity frontline. From TLS certificate outages to API key exposures, failures in machine identity management can lead to outages, breaches, and cascading system failures. In this episode of Security Matters, Kevin Bocek explains why this moment is pivotal for getting machine identity right—and how Zero Trust principles, automation, and visibility are essential to building cyber resilience.We also explore the future of identity security—from AI kill switches and agentic AI to quantum threats—and how identity can serve as both a safeguard and a kill switch in the age of autonomous systems.Whether you're a cybersecurity professional or simply interested in the latest security trends, this episode offers valuable insights into the importance of machine identity in safeguarding our digital world. Don't forget to subscribe, leave a review, and follow Security Matters for more expert discussions on the latest in cybersecurity.

Welcome to today's episode of the Change Maker Podcast. Join Deke as he talks with Dr. Craig Albert about a multitude of topics, including national security and cyber defense, as well as faith and family life. Dr. Albert is a professor of Political Science at Augusta University.

Mariano Mattei is the Vice President of Cybersecurity and AI at Azzur Solutions, bringing over 30 years of expertise in cybersecurity, AI innovation, and software engineering. A Certified Chief Information Security Officer (CCISO), Mariano has led AI-driven transformations across Biotechnology, Pharmaceuticals, and Medical Device sectors, integrating AI into clinical trials, manufacturing automation, quality systems, and regulatory compliance frameworks (FDA 21 CFR Part 11, GAMP 5, GDPR, HIPAA). His work spans predictive analytics for risk management, AI-powered process optimization, anomaly detection in manufacturing, and regulatory AI governance. He recently graduated from Temple University's Master's Program in Cyber Defense and Information Assurance, and he's the author of "Data-Driven Cybersecurity – Proven Metrics for Reducing Cyber Risk"Listen NOW to discover, "The Secret to Taking A Secure Risk"

Ahead of the 2025 NATO Summit, hosts Lokke Moerel and Alex van der Wolk speak with top experts and policymakers about hybrid threats, strategic defense, and the shifting digital battlefield.

When cybersecurity companies are racing to outpace evolving threats, innovation often starts in an unexpected place: revenue operations. In this episode of Tech Talks Daily, I sit down with John Queally, Senior Director of Revenue Operations at Clari, to explore why RevOps has become a vital engine behind the performance and resilience of cybersecurity leaders. John brings a unique perspective from his journey through banking, analytics, and enterprise tech. What stands out is how rapidly the RevOps function has matured from a back-office support role to a central, strategic force. Especially in the cybersecurity space, where innovation requires ongoing investment and risk is measured in seconds, the pressure to run efficient, scalable revenue processes has never been greater. We delve into why clean, trusted data is the backbone of any AI strategy and how 67% of revenue leaders still don't trust the data they're using. It's a staggering insight, and one that underscores the urgent need for cross-functional alignment. John explains how RevOps can serve as the connective tissue across sales, marketing, customer success, and finance, moving companies from a place where they're debating the accuracy of dashboards to making real decisions in real time. He also shares a behind-the-scenes look at Clari's work with cybersecurity firms like Okta, where implementing balanced pipeline strategies and streamlining task prioritization has unlocked measurable improvements. We discuss the rise of AI, but John doesn't just repeat industry headlines. He calls out the "unsexy" truth that real AI advantage requires the hard work of data cleanup first and those who do it will pull ahead. From operational transparency to building trust within revenue teams, this episode challenges assumptions about how data, AI, and RevOps intersect. And for anyone in cybersecurity or enterprise tech wondering how to scale effectively while preparing for what's next, this conversation offers a grounded and insightful starting point. Is your company still debating data? Or are you ready to turn trusted insights into action?

➡️ Like The Podcast? Leave A Rating: https://ratethispodcast.com/successstory  In this "Lessons" episode, Theresa Payton, former White House CIO, shares how predictable human behavior creates vulnerabilities in cybersecurity and why conventional defenses often fall short. Learn why routine security measures are exploited by sophisticated social engineering and how designing innovative, personalized protocols can disrupt attackers and strengthen digital defenses. ➡️ Show Linkshttps://successstorypodcast.com  YouTube: https://youtu.be/bH8DwhGUg0cApple: https://podcasts.apple.com/us/podcast/theresa-payton-cybersecurity-expert-author-former-white/id1484783544Spotify: https://open.spotify.com/episode/5DLZKqN89CTRVXW2Hi3Pq5➡️ Watch the Podcast on YouTubehttps://www.youtube.com/c/scottdclary 

Cyber Command ordered to halt offensive operations against Russia during Ukraine negotiations. Ransomware actors exploit Paragon Partition Manager vulnerability. Amnesty International publishes analysis of Cellebrite exploit chain. California orders data broker to shut down for violating the Delete Act. On our Afternoon Cyber Tea segment with host Ann Johnson of Microsoft Security, Ann speaks with Igor Tsyganskiy, Microsoft's Global Chief Information Security Officer, about "The Power of Partnership in Cyber Defense." And it's the end of an era. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Afternoon Cyber Tea segment. On our monthly Afternoon Cyber Tea segment with host Ann Johnson of Microsoft Security, Ann speaks with Igor Tsyganskiy, Microsoft's Global Chief Information Security Officer, about "The Power of Partnership in Cyber Defense." Ann and Igor share an engaging conversation on the challenges and optimism driving the fight against cyber threats. To hear the full conversation on Ann's show, check out the episode here. You can catch new episodes of Afternoon Cyber Tea every other Tuesday on N2K CyberWire network and on your favorite podcast app.  Selected Reading Exclusive: Hegseth orders Cyber Command to stand down on Russia planning (The Record)  As Trump warms to Putin, U.S. halts offensive cyber operations against Moscow (The Washington Post)  Hegseth Orders Pentagon to Stop Offensive Cyberoperations Against Russia (The New York Times)  Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (Bleeping Computer) VU#726882 - Paragon Partition Manager contains five memory vulnerabilities within its BioNTdrv.sys driver that allow for privilege escalation and denial-of-service (DoS) attacks (Carnegie Mellon University Software Engineering Institute CERT Coordination Center) Cellebrite zero-day exploit used to target phone of Serbian student activist (Amnesty International Security Lab) California shuts down data broker for failing to register (The Record)   Research finds 12,000 ‘Live' API Keys and Passwords in DeepSeek's Training Data (Truffle Security)  Cyberattack detected at Polish space agency, minister says (Reuters) Polish space agency confirms cyberattack (The Register) As Skype shuts down, its legacy is end-to-end encryption for the masses (TechCrunch)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices