POPULARITY
Cybersecurity has been on the Government Accountability Office's (GAO) high-risk list since 1997. Federal agencies struggle with issues like cyber hygiene, cyber workforce shortages and strategic execution. While agencies put strategies in place to secure their systems, the implementation and execution can be ineffective, according to GAO Managing Director of IT and Cybersecurity Nick Marinos. Marinos says that evolving threats have reshaped the cybersecurity landscape over the years in government, making evolution a moving target. Agencies are adjusting their workforces accordingly, he says, but is is difficult to keep pace with emerging technology. He underscores the urgency of streamlining federal hiring processes to prevent losing top talent to faster-moving private sector opportunities.
Podcast: ICS Cyber Talks PodcastEpisode: Shmulik Yehezkel Founder & CEO @Pryvaxy on the tight coloration between physical & cyber defensePub date: 2025-09-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationביטחון פיזי והגנת סייבר הם שני צדדים של אותה המטבע, כול אחד מהם מהווה השלמה של השני וחשוב למניעת מתקפה על הארגון. ארגונים שאינם ביטחוניים נוטים להפריד ביניהם ושוברים את קו ההגנה הרגיש ממילא נחשון פינקו מארח את אל"מ (מיל'), מייסד ומנכ"ל חברת פריבקסי מבכירי משרד ראש הממשלה לשעבר מקים וראש חטיבת הסייבר המבצעי של משרד הביטחון, ראש בית הספר לסייבר וטכנולוגיה וסגן וממלא מקום ראש מטה הביטחון והסייבר במשרד ראש הממשלה בשיחה על ביטחון פיזי והגנת סייבר בראיית המגן והצורך לפעול בקורלציה ביניהם מההבנה של ראיית התוקף Physical security and cyber defense are two sides of the same coin, complementing each other, and are crucial for preventing an attack on the organization. Non-security organizations tend to separate them and break the already sensitive line of defense. Nachshon Pincu hosts Col. (res.), founder and CEO of Pryvaxy, a former senior official in the Prime Minister's Office, founder and head of the Operational Cyber Division of the Ministry of Defense, head of the School of Cyber and Technology, and deputy and acting head of the Security and Cyber Headquarters in the Prime Minister's Office, in a conversation about physical security and cyber defense from the perspective of the defender and the need to act in correlation between them from the understanding of the attacker's perspective.The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by mandated reporting for critical infrastructure, and the cultural impact of cybercrime on youth. The conversation also touches on the advancements in AI technology, including its applications in healthcare and mainframe modernization, as well as the alarming rise in ransomware tactics and the use of AI by cybercriminals. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-513
In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by mandated reporting for critical infrastructure, and the cultural impact of cybercrime on youth. The conversation also touches on the advancements in AI technology, including its applications in healthcare and mainframe modernization, as well as the alarming rise in ransomware tactics and the use of AI by cybercriminals. Show Notes: https://securityweekly.com/swn-513
In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by mandated reporting for critical infrastructure, and the cultural impact of cybercrime on youth. The conversation also touches on the advancements in AI technology, including its applications in healthcare and mainframe modernization, as well as the alarming rise in ransomware tactics and the use of AI by cybercriminals. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-513
In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by mandated reporting for critical infrastructure, and the cultural impact of cybercrime on youth. The conversation also touches on the advancements in AI technology, including its applications in healthcare and mainframe modernization, as well as the alarming rise in ransomware tactics and the use of AI by cybercriminals. Show Notes: https://securityweekly.com/swn-513
ביטחון פיזי והגנת סייבר הם שני צדדים של אותה המטבע, כול אחד מהם מהווה השלמה של השני וחשוב למניעת מתקפה על הארגון. ארגונים שאינם ביטחוניים נוטים להפריד ביניהם ושוברים את קו ההגנה הרגיש ממילא נחשון פינקו מארח את אל"מ (מיל'), מייסד ומנכ"ל חברת פריבקסי מבכירי משרד ראש הממשלה לשעבר מקים וראש חטיבת הסייבר המבצעי של משרד הביטחון, ראש בית הספר לסייבר וטכנולוגיה וסגן וממלא מקום ראש מטה הביטחון והסייבר במשרד ראש הממשלה בשיחה על ביטחון פיזי והגנת סייבר בראיית המגן והצורך לפעול בקורלציה ביניהם מההבנה של ראיית התוקף Physical security and cyber defense are two sides of the same coin, complementing each other, and are crucial for preventing an attack on the organization. Non-security organizations tend to separate them and break the already sensitive line of defense. Nachshon Pincu hosts Col. (res.), founder and CEO of Pryvaxy, a former senior official in the Prime Minister's Office, founder and head of the Operational Cyber Division of the Ministry of Defense, head of the School of Cyber and Technology, and deputy and acting head of the Security and Cyber Headquarters in the Prime Minister's Office, in a conversation about physical security and cyber defense from the perspective of the defender and the need to act in correlation between them from the understanding of the attacker's perspective.
What do you use for cyber security? Why not use the #1 Defense in the NFL!?
Join host G Mark Hardy on CISO Tradecraft as he welcomes Patrick Garrity from VulnCheck and Tod Beardsley from Run Zero to discuss the latest in cybersecurity vulnerabilities, exploits, and defense strategies. Learn about their backgrounds, the complexities of security research, and strategies for effective communication within enterprises. The discussion delves into vulnerabilities, the significant risks posed by ransomware, and actionable steps for CISOs and security executives to protect their organizations. Stay tuned for invaluable insights on cybersecurity leadership and management. Chapters 00:00 Introduction and Guest Welcome 00:57 Meet Patrick Garrity: Security Researcher and Skateboard Enthusiast 02:12 Meet Todd Beardsley: From Hacker to Security Research VP 03:58 The Evolution of Vulnerabilities and Patching 07:06 Understanding CVE Numbering and Exploitation 14:01 The Role of Attribution in Cybersecurity 16:48 Cyber Warfare and Global Threat Landscape 20:18 The Rise of International Hacking 22:01 Delegation of Duties in Offensive Warfare 22:25 The Role of Companies in Cyber Defense 23:00 Attack Vectors and Exploits 24:25 Real-World Scenarios and Threats 28:46 The Importance of Communication Skills for CISOs 31:42 Ransomware: A Divisive Topic 38:39 Actionable Steps for Security Executives 45:58 Conclusion and Final Thoughts
Join host G Mark Hardy on CISO Tradecraft as he welcomes Patrick Garrity from VulnCheck and Tod Beardsley from Run Zero to discuss the latest in cybersecurity vulnerabilities, exploits, and defense strategies. Learn about their backgrounds, the complexities of security research, and strategies for effective communication within enterprises. The discussion delves into vulnerabilities, the significant risks posed by ransomware, and actionable steps for CISOs and security executives to protect their organizations. Stay tuned for invaluable insights on cybersecurity leadership and management. Chapters 00:00 Introduction and Guest Welcome 00:57 Meet Patrick Garrity: Security Researcher and Skateboard Enthusiast 02:12 Meet Todd Beardsley: From Hacker to Security Research VP 03:58 The Evolution of Vulnerabilities and Patching 07:06 Understanding CVE Numbering and Exploitation 14:01 The Role of Attribution in Cybersecurity 16:48 Cyber Warfare and Global Threat Landscape 20:18 The Rise of International Hacking 22:01 Delegation of Duties in Offensive Warfare 22:25 The Role of Companies in Cyber Defense 23:00 Attack Vectors and Exploits 24:25 Real-World Scenarios and Threats 28:46 The Importance of Communication Skills for CISOs 31:42 Ransomware: A Divisive Topic 38:39 Actionable Steps for Security Executives 45:58 Conclusion and Final Thoughts
Bagaimana peranan AI di dalam bidang keamanan (security)? Khususon di bagian pertahanan (defense). Ternyata masih "bayi". Masih kalah dengan penggunaan AI untuk melakukan serangan (attack).#AI #cybersecurity
In this episode of CISO Tradecraft, host G Mark Hardy sits down with Tomas Roccia, a senior threat researcher at Microsoft, to delve into the evolving landscape of AI and cybersecurity. From AI-enhanced threat detection to the complexities of tracking cryptocurrency used in cybercrime, Tomas shares his extensive experience and insights. Discover how AI is transforming both defensive and offensive strategies in cybersecurity, learn about innovative tools like Nova for adversarial prompt detection, and explore the sophisticated techniques used by cybercriminals in high-profile crypto heists. This episode is packed with valuable information for cybersecurity professionals looking to stay ahead in a rapidly changing field. Defcon presentation: Where is my crypto Dude? https://media.defcon.org/DEF%20CON%2033/DEF%20CON%2033%20presentations/Thomas%20Roccia%20-%20Where%E2%80%99s%20My%20Crypto%2C%20Dude%20The%20Ultimate%20Guide%20to%20Crypto%20Money%20Laundering%20%28and%20How%20to%20Track%20It%29.pdf GenAI Breaches Generative AI Breaches: Threats, Investigations, and Response - Speaker Deck https://speakerdeck.com/fr0gger/generative-ai-breaches-threats-investigations-and-response Transcripts: https://docs.google.com/document/d/1ZPkJ9P7Cm7D_JdgfgNGMH8O_2oPAbnlc Chapters 00:00 Introduction to AI and Cryptocurrencies 00:27 Welcome to CISO Tradecraft 00:55 Guest Introduction: Tomas Roccia 01:06 Tomas Roccia's Background and Career 02:51 AI in Cybersecurity: Defensive Approaches 03:19 The Democratization of AI: Risks and Opportunities 06:09 AI Tools for Cyber Defense 08:09 Challenges and Limitations of AI in Cybersecurity 09:20 Microsoft's AI Tools for Defenders 12:13 Open Source AI Security: Project Nova 18:37 Community Contributions and Open Source Projects 19:30 Case Study: Babit Crypto Hack 22:12 Money Laundering Techniques in Cryptocurrency 23:01 AI in Tracking Cryptocurrency Transactions 26:09 Sophisticated Attacks and Money Laundering 33:50 Future of AI and Cryptocurrency 38:17 Final Thoughts and Advice for Security Executives 41:28 Conclusion and Farewell
In this episode of CISO Tradecraft, host G Mark Hardy sits down with Tomas Roccia, a senior threat researcher at Microsoft, to delve into the evolving landscape of AI and cybersecurity. From AI-enhanced threat detection to the complexities of tracking cryptocurrency used in cybercrime, Tomas shares his extensive experience and insights. Discover how AI is transforming both defensive and offensive strategies in cybersecurity, learn about innovative tools like Nova for adversarial prompt detection, and explore the sophisticated techniques used by cybercriminals in high-profile crypto heists. This episode is packed with valuable information for cybersecurity professionals looking to stay ahead in a rapidly changing field. Defcon presentation: Where is my crypto Dude? https://media.defcon.org/DEF%20CON%2033/DEF%20CON%2033%20presentations/Thomas%20Roccia%20-%20Where%E2%80%99s%20My%20Crypto%2C%20Dude%20The%20Ultimate%20Guide%20to%20Crypto%20Money%20Laundering%20%28and%20How%20to%20Track%20It%29.pdf GenAI Breaches Generative AI Breaches: Threats, Investigations, and Response - Speaker Deck https://speakerdeck.com/fr0gger/generative-ai-breaches-threats-investigations-and-response Transcripts: https://docs.google.com/document/d/1ZPkJ9P7Cm7D_JdgfgNGMH8O_2oPAbnlc Chapters 00:00 Introduction to AI and Cryptocurrencies 00:27 Welcome to CISO Tradecraft 00:55 Guest Introduction: Tomas Roccia 01:06 Tomas Roccia's Background and Career 02:51 AI in Cybersecurity: Defensive Approaches 03:19 The Democratization of AI: Risks and Opportunities 06:09 AI Tools for Cyber Defense 08:09 Challenges and Limitations of AI in Cybersecurity 09:20 Microsoft's AI Tools for Defenders 12:13 Open Source AI Security: Project Nova 18:37 Community Contributions and Open Source Projects 19:30 Case Study: Babit Crypto Hack 22:12 Money Laundering Techniques in Cryptocurrency 23:01 AI in Tracking Cryptocurrency Transactions 26:09 Sophisticated Attacks and Money Laundering 33:50 Future of AI and Cryptocurrency 38:17 Final Thoughts and Advice for Security Executives 41:28 Conclusion and Farewell
Greg and Dan talk with Dave Johnson from Pearl Technology to dive into the ever-evolving world of cybersecurity. Dave emphasizes that cyber threats that are constantly shifting, citing the impact of shifting leadership at both the FBI and the administration on strategic priorities and approaches. He highlights a compelling opportunity for synergy: private-sector cybersecurity experts partnering directly with the FBI to bolster defense efforts and bridge the growing expertise gap. He discusses Google’s proactive posture in taking down cyber threats. He then talks about the concept of “honeypots”, which are decoy systems set up to lure attackers away from valuable assets. These traps help security teams detect intrusion attempts, analyze attacker behavior, and improve overall defense mechanisms. Pearl Technology’s upcoming Central Illinois Cyber & Technology Showcase on September 29, 2025, at the Peoria Riverfront Museum. It is an experience cutting-edge cybersecurity and AV technology, dual speaker tracks, live hacking competitions, hands-on demos, expert sessions, and exciting giveaways—all in one unforgettable event. More information can be found at pearltechnology.comSee omnystudio.com/listener for privacy information.
We dive deeper into an ongoing exploration of the implications of new technologies on national security with a barnstorming tour of the cyber domain with cybersecurity expert Byron Tomes.In this episode, Byron and I explore his unique journey into cybersecurity and national security, and the incredibly interesting and varied career he has had along the way.While we do explore the nuts and bolts of the cyber domain and the emerging role of artificial intelligence in that, this is as much a conversation about personal growth and development as it is about the topic itself.This is a particularly useful conversation for students and young professionals who may be intrigued by the topics of cyber defense, AI, and national security, but who may be intimidated by the (false) assumption that they need to be a computer scientist in order to contribute to the field. What Byron's story, and the stories of the last three guests on the show, demonstrate is that combatting emerging threats in new domains is not just the province of technologists. Those concerned with the public good and a nation's moral compass also have a role to play.DISCLAIMER: Byron's views are his own and do not represent the views and policies of his employer, the state of California, or the US Federal Government.Subscribe to Tim Talks Politics on Substack for the full show notes (30% off for podcast listeners)!
Podcast: Industrial Cybersecurity InsiderEpisode: AI, Phishing, and the Future of Industrial Cyber DefensePub date: 2025-08-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this week's rewind episode, Dino Busalachi is joined by Gary Kneeland from Claroty. With over nine years of experience at Claroty, Gary discusses the evolution of OT security, the convergence of IT and OT, and the growing importance of cybersecurity in protecting critical infrastructure. The conversation touches on how regulatory changes, ransomware threats, and AI advancements are shaping the industry. Whether you're dealing with outdated systems or navigating complex industrial environments, this episode provides practical insights into the challenges and opportunities ahead.Chapters:00:00:00 - Pandemic's Impact on Critical Infrastructure00:01:08 - Introduction to Gary Neelan and Claroty00:01:41 - Gary's Role in OT Cybersecurity00:02:49 - Evolution of OT Cybersecurity: From Compliance to Strategy00:05:23 - IT and OT Convergence: Securing Cyber-Physical Systems00:09:46 - Addressing Complex Challenges in OT Cybersecurity00:11:56 - OT Cybersecurity Talent Shortage and Managed Services00:13:01 - Future of OT Cybersecurity: Adapting to New Threats00:14:36 - Modernizing Manufacturing Systems for Enhanced Security00:15:52 - Global Cybersecurity Trends in Critical Infrastructure00:18:01 - Regional OT Cybersecurity Challenges and Responses00:25:01 - The Role of AI in Defending OT Environments00:28:19 - Final Thoughts on OT Cybersecurity's FutureLinks And Resources:Links And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityGary Kneeland on LinkedInDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Send us a textIn this energizing episode of the Joey Pinz Discipline Conversations podcast, Joey talks with Scott Barlow, Global VP of MSP and Cloud at Sophos, about how MSPs are becoming the true frontline of cybersecurity—and what vendors must do to support them.
In this episode of "SecurIt," I'm thrilled to reconnect with Roger Grimes the Data-Driven Defense Evangelist at KnowBe4, as he shares his groundbreaking ideas for defeating hackers and malware. Explore the world of phishing-resistant MFA, the challenges of implementing real IDs, and the promise of quantum computing. Get ready to elevate your understanding of cybersecurity to new heights!
At Black Hat USA 2025, Sean Martin, co-founder of ITSPmagazine, sat down with Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, to discuss the findings from the company's latest ransomware report. Over the past five years, the research has tracked how attack patterns, targets, and business models have shifted—most notably from file encryption to data theft and extortion.Brett explains that many ransomware groups now find it more profitable—and less risky—to steal sensitive data and threaten to leak it unless paid, rather than encrypt files and disrupt operations. This change also allows attackers to stay out of the headlines and avoid immediate law enforcement pressure, while still extracting massive payouts. One case saw a Fortune 50 company pay $75 million to prevent the leak of 100 terabytes of sensitive medical data—without a single file being encrypted.The report highlights variation in attacker methods. Some groups focus on single large targets; others, like the group “LOP,” exploit vulnerabilities in widely used file transfer applications, making supply chain compromise a preferred tactic. Once inside, attackers validate their claims by providing file trees and sample data—proving the theft is real.Certain industries remain disproportionately affected. Healthcare, manufacturing, and technology are perennial top targets, with oil and gas seeing a sharp increase this year. Many victims operate with legacy systems, slow to adopt modern security measures, making them vulnerable. Geographically, the U.S. continues to be hit hardest, accounting for roughly half of all observed ransomware incidents.The conversation also addresses why organizations fail to detect such massive data theft—sometimes hundreds of gigabytes per day over weeks. Poor monitoring, limited security staffing, and alert fatigue all contribute. Brett emphasizes that reducing exposure starts with eliminating unnecessary internet-facing services and embracing zero trust architectures to prevent lateral movement.The ransomware report serves not just as a data source but as a practical guide. By mapping observed attacker behaviors to defensive strategies, organizations can better identify and close their most dangerous gaps—before becoming another statistic in next year's findings.Learn more about Zscaler: https://itspm.ag/zscaler-327152Note: This story contains promotional content. Learn more.Guest:Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, | On LinkedIn: https://www.linkedin.com/in/brett-stone-gross/ResourcesLearn more and catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscalerLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, brett stone-gross, ransomware, data extortion, cyber attacks, zero trust security, threat intelligence, data breach, cyber defense, network security, file transfer vulnerability, data protection, black hat, black hat usa 2025, zscaler
Cybersecurity is a critical component of organizational health no matter the federal agency. Yet, federal leaders across government are struggling to change culture, improve workflows and promote good cyber hygiene to prepare for the threats of tomorrow. The Government Accountability Office's Information Technology and Cybersecurity division assists Congress with assessing and improving the government's critical IT investments and develops best practices that are used across the government to guide decision-making. The division's Director Jennifer Franks breaks down where agencies fall short in implementing cybersecurity recommendations and discusses ways that federal leaders can improve their cyber hygiene through better hiring processes, stronger cybersecurity requirements and promoting an inclusive and team-oriented culture.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Derek Fisher, Director of the Cyber Defense and Information Assurance Program, Temple University – also check out Derek's substack. Thanks to our show sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI—the leader in autonomous alert investigation. Their AI investigates everything, giving your analysts time back for real security work. No more 40-minute rabbit holes. If you're at BlackHat, find them in Startup City. Otherwise, check out their self-guided demo at dropzone.ai. This is how modern SOCs are scaling without burning out. All links and the video of this episode can be found on CISO Series.com
In her first interview since becoming Principal Director of the Defense Department's Cyber Academic Engagement Office (CAEO), Diba Hadi reflects on her role and vision for the office since stepping into the position in 2024 during the 2025 HammerCON conference in Laurel, Maryland. Hadi shares insights into her day-to-day responsibilities and highlights efforts to strengthen the integration of universities into the Centers of Academic Excellence community. Her goal: to develop cyber talent aligned with the Defense Department's evolving workforce needs. She explores how improved data collection, interagency collaboration and smarter resource allocation can streamline reporting processes and support broader DOD hiring objectives. Hadi also discusses key initiatives, including scholarships, research partnerships and capacity-building grants, that bring together academia, industry and government to build cyber capabilities at their source.
Dr. Selwyn Ellis, the Bosley Whitmore Endowed Professor and head of the Department of Computer Information Systems at Louisiana Tech University, engages in a profound conversation with hosts Craig Van Slyke and Thomas Stafford regarding the establishment and maintenance of cybersecurity research and education programs that adhere to national standards. The dialogue reveals the multifaceted nature of achieving designation as a Center of Academic Excellence in Cyber Defense by the National Security Agency and the Department of Homeland Security, thus highlighting the rigorous accreditation processes that validate the quality of education delivered. Dr. Ellis elaborates on the collaborative efforts required across various departments within the university, emphasizing the importance of a holistic approach to cybersecurity education that encompasses not only technical skills but also behavioral aspects essential for understanding the human factors influencing security practices. The discussion further explores the curriculum offered by the Louisiana Tech Center for Information Assurance, which includes essential courses such as disaster recovery, risk analysis, and principles of information assurance. These programs are designed to prepare students comprehensively for careers in cybersecurity, equipping them with the knowledge and skills necessary to address the growing complexities of the cyber threat landscape. Dr. Ellis notes that graduates from these programs are well-positioned for employment across diverse sectors, underscoring the value of a rigorous academic foundation in enhancing their career prospects. The episode also touches upon the significance of research in cybersecurity, as Dr. Ellis and the hosts discuss the role of faculty in guiding students toward impactful research endeavors that contribute to the field's advancement. As the conversation progresses, the implications of emerging technologies such as artificial intelligence (AI) on cybersecurity education come to the forefront. Dr. Ellis articulates the need for educational institutions to adapt their curricula to incorporate AI-driven methodologies, preparing students to navigate both the opportunities and challenges presented by these advancements. The dialogue culminates in a call to action for industry partners to engage with educational institutions, fostering collaboration that enriches the learning experience and ensures a robust pipeline of skilled cybersecurity professionals ready to meet the demands of an evolving landscape. This episode encapsulates the essence of proactive engagement between academia and industry, reinforcing the critical role that well-structured educational programs play in shaping the future of cybersecurity.Takeaways: The Cyberways podcast aims to translate academic knowledge into practical applications for security professionals, addressing the crucial need for accessible cybersecurity education. Dr. Selwyn Ellis, our esteemed guest, has extensive experience in establishing cybersecurity research centers certified by the US Government, showcasing his expertise in this critical field. Louisiana Tech University uniquely holds dual certifications as a Center of Academic Excellence in Cyber Defense and Research, reflecting the institution's commitment to rigorous cybersecurity education and research. The importance of continuous certification and rigorous program reviews every five years ensures that our cybersecurity curriculum meets national standards set by the NSA and Homeland Security. Our graduates possess a competitive advantage in the job market due to their comprehensive training and knowledge in cybersecurity, making them attractive to employers in various industries. The evolving landscape of cybersecurity education is increasingly influenced by advancements in artificial intelligence, which presents both challenges and...
In this episode of CISO Tradecraft, host G Mark Hardy discusses the ongoing Israel-Iran conflict and its potential cyber implications with cybersecurity expert Nathan Case. They delve into lessons learned from the Russia-Ukraine conflict, discuss the effectiveness of cyber warfare, and evaluate Iran's cyber capabilities. The conversation also covers the ethical implications of cyber attacks, dual-use targets, and the danger of supply chain vulnerabilities. Practical advice is provided on improving cybersecurity measures, including the importance of MFA, network segmentation, and evaluating internal threats. Join us for an in-depth look at how current geopolitical tensions can impact global cybersecurity. Nathan Case - https://www.linkedin.com/in/nathancase/ Chapters 00:00 Introduction to the Israel-Iran Conflict 00:52 Meet the Expert: Nate Case 01:51 Cyber Warfare Insights from Russia-Ukraine Conflict 03:36 The Impact of Cyber on Critical Infrastructure 08:00 Ethics and Rules of Cyber Warfare 15:01 Iran's Cyber Capabilities and Strategies 16:56 Historical Context and Modern Cyber Threats 23:28 Foreign Cyber Threats: The Iranian Example 24:06 Israel's Cyber Capabilities 25:39 The Role of Cyber Command 26:23 Challenges in Cyber Defense 27:11 The Complexity of Cyber Warfare 32:21 Ransomware and Attribution Issues 36:13 Defensive Cyber Operations 39:39 Final Thoughts and Recommendations
In this episode of CISO Tradecraft, host G Mark Hardy discusses the ongoing Israel-Iran conflict and its potential cyber implications with cybersecurity expert Nathan Case. They delve into lessons learned from the Russia-Ukraine conflict, discuss the effectiveness of cyber warfare, and evaluate Iran's cyber capabilities. The conversation also covers the ethical implications of cyber attacks, dual-use targets, and the danger of supply chain vulnerabilities. Practical advice is provided on improving cybersecurity measures, including the importance of MFA, network segmentation, and evaluating internal threats. Join us for an in-depth look at how current geopolitical tensions can impact global cybersecurity. Nathan Case - https://www.linkedin.com/in/nathancase/ Chapters 00:00 Introduction to the Israel-Iran Conflict 00:52 Meet the Expert: Nate Case 01:51 Cyber Warfare Insights from Russia-Ukraine Conflict 03:36 The Impact of Cyber on Critical Infrastructure 08:00 Ethics and Rules of Cyber Warfare 15:01 Iran's Cyber Capabilities and Strategies 16:56 Historical Context and Modern Cyber Threats 23:28 Foreign Cyber Threats: The Iranian Example 24:06 Israel's Cyber Capabilities 25:39 The Role of Cyber Command 26:23 Challenges in Cyber Defense 27:11 The Complexity of Cyber Warfare 32:21 Ransomware and Attribution Issues 36:13 Defensive Cyber Operations 39:39 Final Thoughts and Recommendations
In this episode of 'Cybersecurity Today,' hosts John Pinard and Jim Love introduce their unique show, 'The Secret CISO,' which aims to dive deep into the lives and thoughts of CISOs and similar roles, beyond the usual interview-style format. The guest for this episode is Priya Mouli, CISO at Sheridan College, who shares her journey from engineering to cybersecurity, her global experiences, and how she manages her multifaceted role. Another guest, Mohsen Azari, Director of Cyber Defense in the financial sector, discusses his career path, which includes notable stints in entertainment and consulting. The conversation explores the pressing challenges in cybersecurity such as AI threats, burnout, and vendor tool overload, while emphasizing the importance of people skills and relationship-building within organizations. The episode wraps up with a promise of a follow-up discussion to delve deeper into the impact of AI on cybersecurity. 00:00 Introduction to the Secret CISO Show 00:51 Guest Introductions: Meet Priya Ali 01:59 Priya's Career Journey and Insights 06:44 Mohsen's Background and Career Path 13:12 John's Career and Cybersecurity Evolution 15:58 Current Cybersecurity Challenges 24:04 Adapting to New Roles in Cybersecurity 25:36 Managing People and Preventing Burnout 27:08 Servant Leadership and Team Dynamics 31:16 Strategic Hiring and Team Cohesion 33:42 Handling Stress and Personal Well-being 35:46 The Role of CISOs as Organizational Psychologists 40:54 Influencing Behavior and Building a Security Culture 44:28 Coping with the Barrage of Cybersecurity Tools 51:10 Conclusion and Future Discussions
Cybersecurity isn't just about code, controls, or compliance—it's about people. That's the core message from Purvi Kay, Head of Cybersecurity for the Future Combat Air System at BAE Systems, and Rob Black, founder of the UK Cyber Leaders Challenge, as they share how genuine collaboration is reshaping security success in high-stakes environments.In this InfoSecurity Europe conversation, Purvi emphasizes that cybersecurity is still too often seen as an IT issue, when in reality it cuts across every aspect of business. Her role spans cybersecurity strategy, leadership development, and advocacy—serving also as Chair of BAE's Women in Cyber program and as a neurodiversity champion. For her, inclusion is more than a policy—it's essential to mission success, especially when coordinating across trilateral government and industry teams on programs as complex as next-gen fighter aircraft.Rob reinforces this point with his focus on developing soft skills in future cybersecurity leaders. His work brings non-traditional talent into cyber, prioritizing communication, empathy, and multidisciplinary collaboration. These human-centric capabilities are crucial when bridging divides between security, legal, HR, and operations.Both guests highlight how assumptions, language, and siloed thinking obstruct progress. Purvi shares how cybersecurity has often been seen as a barrier—brought in too late, misunderstood, or left out of key decisions. She now champions “secure by design” practices through early involvement of cross-functional teams. Rob brings a memorable example: using marriage counseling techniques to help auditors and developers understand each other better—not to resolve personal conflict, but to decode cultural and professional misalignments.Their conversation also touches on practical methods for building shared understanding, from sketching “river journeys” to map project dynamics, to fostering stakeholder buy-in through intentional communication. Whether aligning three governments or managing internal procurement, they show that collaboration isn't just a buzzword—it's a structured, repeatable approach to managing complexity.This episode offers a thoughtful and grounded look at how meaningful human connection—across functions, cultures, and roles—forms the foundation of effective cybersecurity. It's a timely reminder that the path to resilience begins with listening, empathy, and a clear sense of shared purpose.___________Guests:Purvi Kay, Head of Cybersecurity for the Future Combat Air System at BAE Systems | https://www.linkedin.com/in/purvikay/Rob Black, Director, UK Cyber Leaders Challenge | https://www.linkedin.com/in/rob-black-30440819/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
Ahead of the 2025 NATO Summit, hosts Lokke Moerel and Miriam Wugmeister spoke with the top expert about hybrid threats, strategic defense, and the shifting digital battlefield.
In this episode of Data Security Decoded, join Caleb Tolin as he sits down with Grant Oviatt, Head of Security Operations at Prophet Security, to explore the transformative impact of AI agents in SOC environments. From reducing false positives by 95% to dramatically improving incident response times, discover how AI is augmenting human analysts rather than replacing them. Whether you're a CISO looking to optimize your security operations or a SOC analyst concerned about AI's impact on your role, this episode offers practical insights into successfully implementing AI-driven security solutions while building trust in automated systems. • Learn how AI agents handle tedious security tasks, freeing analysts for strategic work • Explore real-world success stories of AI-powered threat detection and response • Understand the critical balance between AI automation and human expertise • Get practical steps for deploying AI agents in your SOC
In this On Location episode during OWASP AppSec Global 2025 in Barcelona, Sarah-Jane Madden brings a unique lens to application security, shaped by her journey from developer to security leader and CSO. Speaking at OWASP AppSec Global, she tackles one of today's most pressing concerns: how AI is reshaping software engineering—and how we must respond without compromising core values like quality and security.Madden emphasizes that AI is only the latest in a series of major disruptions, comparing it to shifts like remote work triggered by COVID. Her message is clear: organizations must prepare for continuous change, not just chase the current trend. That means prioritizing adaptability and ensuring critical practices like application security are not sacrificed in the rush to speed up delivery.She makes the case for a layered, iterative approach to development—rejecting the outdated linear mindset. Developers, she argues, should leverage AI as an accelerator, not a replacement. Think of AI as your digital intern: handling the drudgery, automating boilerplate code, and even applying internal security standards to code before it reaches human hands. This frees developers to focus on creative problem-solving and thoughtful architecture.However, Madden cautions against blind enthusiasm. While experimentation is healthy, organizations must be discerning about outcomes. Speed is meaningless without quality, and quality includes security. She calls on developers to advocate for high standards and reminds business leaders not to fall for the allure of shortcut statistics or flashy claims that promise results without skilled labor. Her analogy of microwave dinners vs. proper cuisine illustrates the risk of prioritizing convenience over substance—especially in complex problem-solving environments.For line-of-business leaders, Madden urges realistic expectations. AI can enhance productivity, but it doesn't eliminate the need for thoughtful development. Ultimately, customers will notice if quality drops, and reputational damage is hard to undo.In closing, Madden celebrates OWASP as more than an organization—it's a source of support, camaraderie, and genuine community for those working to build secure, reliable systems. Her message? Embrace change, use tools wisely, protect your standards, and never forget the human side of engineering.GUEST: Sarah-Jane Madden | Global Director of Cyber Defense at Fortive | https://www.linkedin.com/in/sarahjanemadden/HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESLearn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
In this episode of Security Matters, host David Puner welcomes Kevin Bocek, CyberArk SVP of Innovation, for an insightful discussion on the critical role of machine identity in modern cybersecurity. As digital environments become increasingly complex, securing machine identities has never been more crucial.According to the CyberArk 2025 Identity Security Landscape, machine identities now outnumber human identities by more than 80 to 1. As organizations scale cloud workloads and automation, these identities are becoming a critical part of the cybersecurity frontline. From TLS certificate outages to API key exposures, failures in machine identity management can lead to outages, breaches, and cascading system failures. In this episode of Security Matters, Kevin Bocek explains why this moment is pivotal for getting machine identity right—and how Zero Trust principles, automation, and visibility are essential to building cyber resilience.We also explore the future of identity security—from AI kill switches and agentic AI to quantum threats—and how identity can serve as both a safeguard and a kill switch in the age of autonomous systems.Whether you're a cybersecurity professional or simply interested in the latest security trends, this episode offers valuable insights into the importance of machine identity in safeguarding our digital world. Don't forget to subscribe, leave a review, and follow Security Matters for more expert discussions on the latest in cybersecurity.
Welcome to today's episode of the Change Maker Podcast. Join Deke as he talks with Dr. Craig Albert about a multitude of topics, including national security and cyber defense, as well as faith and family life. Dr. Albert is a professor of Political Science at Augusta University.
Mariano Mattei is the Vice President of Cybersecurity and AI at Azzur Solutions, bringing over 30 years of expertise in cybersecurity, AI innovation, and software engineering. A Certified Chief Information Security Officer (CCISO), Mariano has led AI-driven transformations across Biotechnology, Pharmaceuticals, and Medical Device sectors, integrating AI into clinical trials, manufacturing automation, quality systems, and regulatory compliance frameworks (FDA 21 CFR Part 11, GAMP 5, GDPR, HIPAA). His work spans predictive analytics for risk management, AI-powered process optimization, anomaly detection in manufacturing, and regulatory AI governance. He recently graduated from Temple University's Master's Program in Cyber Defense and Information Assurance, and he's the author of "Data-Driven Cybersecurity – Proven Metrics for Reducing Cyber Risk"Listen NOW to discover, "The Secret to Taking A Secure Risk"
Ahead of the 2025 NATO Summit, hosts Lokke Moerel and Alex van der Wolk speak with top experts and policymakers about hybrid threats, strategic defense, and the shifting digital battlefield.
When cybersecurity companies are racing to outpace evolving threats, innovation often starts in an unexpected place: revenue operations. In this episode of Tech Talks Daily, I sit down with John Queally, Senior Director of Revenue Operations at Clari, to explore why RevOps has become a vital engine behind the performance and resilience of cybersecurity leaders. John brings a unique perspective from his journey through banking, analytics, and enterprise tech. What stands out is how rapidly the RevOps function has matured from a back-office support role to a central, strategic force. Especially in the cybersecurity space, where innovation requires ongoing investment and risk is measured in seconds, the pressure to run efficient, scalable revenue processes has never been greater. We delve into why clean, trusted data is the backbone of any AI strategy and how 67% of revenue leaders still don't trust the data they're using. It's a staggering insight, and one that underscores the urgent need for cross-functional alignment. John explains how RevOps can serve as the connective tissue across sales, marketing, customer success, and finance, moving companies from a place where they're debating the accuracy of dashboards to making real decisions in real time. He also shares a behind-the-scenes look at Clari's work with cybersecurity firms like Okta, where implementing balanced pipeline strategies and streamlining task prioritization has unlocked measurable improvements. We discuss the rise of AI, but John doesn't just repeat industry headlines. He calls out the "unsexy" truth that real AI advantage requires the hard work of data cleanup first and those who do it will pull ahead. From operational transparency to building trust within revenue teams, this episode challenges assumptions about how data, AI, and RevOps intersect. And for anyone in cybersecurity or enterprise tech wondering how to scale effectively while preparing for what's next, this conversation offers a grounded and insightful starting point. Is your company still debating data? Or are you ready to turn trusted insights into action?
Japan passes a new active cyber defense law, printer software gets shipped with malware, a UK telco leaks user data and geolocation via its 4G network, and Volkswagen patches major bugs in its mobile app. Show notes
Brandon Van Grack, former senior official at the U.S. Department of Justice and chair of MoFo's Global National Security practice, joins our hosts to explore the seismic impact of the Trump administration on U.S. foreign policy and security. Bringing over a decade of experience monitoring national security threats in China and Russia, Brandon takes us through top-of-mind issues: from cyber offensive actions and NATO military command to tariffs, export controls, and sanctions. How aligned are U.S. and EU interests today? How should international businesses navigate?
(00:00:00) coming up (00:01:26) disclaimer (00:02:18) Intro to cyber-security Investorideas.com, a global news source and expert investing resource covering cybersecurity stocks issues a podcast interview with host Dawn Van Zant talking to Chris Temple , editor and publisher of The National Investor, With cybersecurity stocks seeing gains from 18%, to up to 40% in the past six months, Chris and Dawn do a deep dive into what is driving the growth in the sector. Chris has been a regular guest on the Exploring Mining Podcast at Investorideas.com talking about gold stocks. Today he joins Investorideas to talk about cybersecurity. Starting as an investor at 18, Chris says about his newsletter, “You can get information everywhere but here you get knowledge.” Chris shares insight into the future of cybersecurity and how to navigate the sector as it sees a 50 % increase in cyber-attacks in the first quarter of 2025. Looking at the stocks in the sector he says, “There are the go-to legacy companies like CrowdStrike Holdings, Inc. (NASDAQ: CRWD) and Palo Alto Networks, Inc. (NASDAQ: PANW but he has an interesting investment theme, adding two smaller companies for his subscribers that have their own little niche. When you look at these events where you have this quantum increase in cyber-attacks, you need to have an increase in the protocol, software solutions. . The best of the companies that come up with the better solutions end up being gobbled up bigger companies. “This happened with Y2K. A few of the software companies I recommended were bought out within months.” He also says Cyber ETF's are a great way for investors to bet on the sector. About Chris Temple Chris Temple is editor and publisher of The National Investor. He has had an over 40-year career now in the financial/investment industry. Temple is a sought-after guest on radio stations, podcasts, blogs and the like all across North America, as well as a sought-after speaker for organizations. His ability to help average investors unravel, understand and navigate today's markets is unparalleled; and his ability to uncover "off-the-radar" companies is likewise. His commentaries and some of his recommendations have appeared in Barron's, Forbes, CBS Marketwatch, Wall Street's Best Investments/The Cabot Group, Kitco.com, the Korelin Economics Report, Benzinga.com, Palisade Radio, Mining Stocks Education, Mining Stock Daily and other media. Connect with Chris on X: https://x.com/NatInvestor Research more cyber stocks with Investorideas.com free defense stock directory https://www.investorideas.com/Companies/HomelandDefense/Stock_List.aspAbout Investorideas.com - Big Investing Ideas Investorideas.com is the go-to platform for big investing ideas. From breaking stock news to top-rated investing podcasts, we cover it all. Our original branded content includes podcasts such as Exploring Mining, Cleantech, Crypto Corner, Cannabis News, and the AI Eye. We also create free investor stock directories for sectors including mining, crypto, renewable energy, gaming, biotech, tech, sports and more. Public companies within the sectors we cover can use our news publishing and content creation services to help tell their story to interested investors. Paid content is always disclosed.Disclaimer/Disclosure: Investorideas.com is a digital publisher of third party sourced news, articles and equity research as well as creates original content, including video, interviews and articles. Original content created by investorideas is protected by copyright laws other than syndication rights. Our site does not make recommendations for purchases or sale of stocks, services or products. Nothing on our sites should be construed as an offer or solicitation to buy or sell products or securities. All investing involves risk and possible losses. This site is currently compensated for news publication and distribution, social media and marketing, content creation and more. Disclosure is posted for each compensated news release, content published /created if required but otherwise the news was not compensated for and was published for the sole interest of our readers and followers. Contact management and IR of each company directly regarding specific questions. More disclaimer info: https://www.investorideas.com/About/Disclaimer.asp Learn more about publishing your news release and our other news services on the Investorideas.com newswire https://www.investorideas.com/News-Upload/ and tickertagstocknews.com Global investors must adhere to regulations of each country. Please read Investorideas.com privacy policy: https://www.investorideas.com/About/Private_Policy.asp Learn more about our news, PR and social media, podcast and ticker tag services at Investorideas.com https://www.investorideas.com/Investors/Services.asp Learn more about digital advertising and guest posts https://www.investorideas.com/Advertise/ Follow us on X @investorideas Follow us on Facebook https://www.facebook.com/Investorideas Follow us on YouTube https://www.youtube.com/c/Investorideas Contact Investorideas.com 800 665 0411
summaryIn this episode of No Password Required, host Jack Clabby and guest Trevor Hillegas discuss various aspects of cybersecurity, including the transition from military service to the private sector, the importance of leadership in tech, and the misconceptions surrounding cyber threats. Trevor shares insights from his career, emphasizing the need for a proactive approach to cybersecurity and the value of empowering teams to innovate and learn from failures. In this engaging conversation, the speakers delve into memorable experiences in cybersecurity, including impactful interactions and the importance of sharing knowledge. They explore personal preferences through a fun lifestyle polygraph segment, discussing walk-up songs, breakfast favorites, and nerd culture. The conversation also touches on the lighter side of cybersecurity with prank calls and the dynamics of building an escape room team. The episode concludes with contact information and an invitation to connect further.takeawaysTrevor emphasizes the importance of metaphors in understanding cybersecurity.The public often fears sophisticated threats while ignoring more common dangers.Leadership in cybersecurity should focus on empowering teams rather than micromanaging.A proactive approach in cybersecurity can prevent victimization before it occurs.Technical leaders should understand core concepts to effectively guide their teams.Misconceptions about cyber criminals often stem from Hollywood portrayals.The military experience can significantly shape leadership styles in tech.Daily life in cybersecurity involves constant learning and adaptation.Sophistication in cyber threats does not always correlate with success.Cybersecurity is about both fighting threats and fortifying defenses. Memorable interactions can lead to impactful collaborations in cybersecurity.Sharing knowledge can help mitigate cyber threats effectively.Personal preferences can reveal a lot about an individual's character.Walk-up songs can reflect one's personality and professional identity.Breakfast choices can be a blend of cultural influences and personal tastes.Building a team for an escape room requires diverse skills and personalities.Nerd culture can foster connections and shared interests among individuals.Prank calls can be a humorous way to engage with public figures.Culinary competitions highlight the absurdity of turning survival into entertainment.Networking in cybersecurity can lead to unexpected opportunities.titlesCybersecurity Connections: Memorable MomentsThe Lifestyle Polygraph: Fun and InsightsWalk-Up Songs: A Reflection of IdentityBreakfast Favorites: A Culinary JourneySound Bites"Tell them what needs to get done.""Empower your people to fail.""We can stop that identity theft.""I was in Europe giving a talk.""I sent him everything that we had.""I would get Jack Sparrow.""I love Star Wars.""I would call Gordon Ramsey."Chapters00:00 Introduction to Cybersecurity Insights02:54 Career Path and Unexpected Experiences05:55 Transitioning from Military to Cybersecurity09:07 Daily Life at Spy Cloud12:12 Leadership Philosophy and Management Style14:53 The Nature of Cyber Threats17:50 Technical Skills in Leadership20:52 Misconceptions About Cyber Criminals25:32 Memorable Cybersecurity Interactions28:12 Lifestyle Polygraph Introduction28:35 Walk-Up Songs and Personal Preferences32:07 Breakfast Favorites and Culinary Influences34:40 Building the Ultimate Escape Room Team37:36 Nerd Culture and Personal Interests39:02 Prank Calls and Culinary Competitions41:20 Closing Thoughts and Contact Information
➡️ Like The Podcast? Leave A Rating: https://ratethispodcast.com/successstory In this "Lessons" episode, Theresa Payton, former White House CIO, shares how predictable human behavior creates vulnerabilities in cybersecurity and why conventional defenses often fall short. Learn why routine security measures are exploited by sophisticated social engineering and how designing innovative, personalized protocols can disrupt attackers and strengthen digital defenses. ➡️ Show Linkshttps://successstorypodcast.com YouTube: https://youtu.be/bH8DwhGUg0cApple: https://podcasts.apple.com/us/podcast/theresa-payton-cybersecurity-expert-author-former-white/id1484783544Spotify: https://open.spotify.com/episode/5DLZKqN89CTRVXW2Hi3Pq5➡️ Watch the Podcast on YouTubehttps://www.youtube.com/c/scottdclary
On today's episode, we're going even deeper into my stalker situation. I'll be sharing more details about his delusional tendencies—including how he's gone as far as pretending to be a police officer to manipulate and control people (which is a crime, by the way). I'll also be answering the questions I've received from you all about this ongoing situation.Law enforcement is now more involved (actual police, not to be confused with blue light bandits), we know everything, and we'll be handling it all legally. Tune in for the full update.—https://policecoffee.com/?gad_source=1&gbraid=0AAAAACG7qmJnibJBpoe9p7ReNXovwJMQN&gclid=Cj0KCQjwqIm_BhDnARIsAKBYcmsZOengz4NFStC14G_b2eziJgYpA8kGt2sokaR9i3PcTxs0QmcaPosaAtbGEALw_wcB
Today, I'm sharing something deeply personal and serious—my stalker story. For over a year, Timothy C. (we can share his full name soon if need be) has been physically stalking me, and his digital harassment goes back even further. Law enforcement is now involved, but I wanted to update you all in case anything happens to me—so there's no question about who did it. This episode isn't just about my experience; it's also about the reality of stalking, the dangers of obsession, and the importance of taking threats seriously. Stay aware, stay safe, and let's talk about it all, shall we?—https://noblegoldinvestments.com
Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Roy Luongo. Roy is the Chief Information Security Officer for the United States Secret Service. He leads a team in the defense and information assurance of all USSS information systems and solutions. Prior to his current role he was the Director, Joint Mission Operations Center for Cyber Command, providing oversight of mission critical Cyber Operations infrastructures. He has also served as Chief, NSA Red Team and Technical Director for Interactive Operations for the NSA. Roy is a retired Army soldier with 20 years' service within the Intelligence and Cyber career fields. [March 17, 2025] 00:00 - Intro 00:17 - Intro Links: - Social-Engineer.com - http://www.social-engineer.com/ - Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ - Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ - Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ - Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb - CLUTCH - http://www.pro-rock.com/ - innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/ 01:55 - Roy Luongo Intro 02:44 - The Path to CISO of the Secret Service 04:58 - Cybersecurity in Early Education 07:50 - The Entry Level Catch-22 12:24 - Quantifying Risk 14:27 - The Best Way Forward 16:51 - The Effects and Future of AI 20:06 - Understanding Your Needs 22:11 - Advise to Young Roy 24:56 - The Cost of Training 29:01 - Mentors - Ed Skoudis - Brigadier General Brian D. Vile - Shawn Turskey 29:55 - Lollipop Moments - TEDxToronto - Drew Dudley "Leading with Lollipops" 31:33 - Book Recommendations - Cybersecurity Canon - Rick Howard - Kingpin - Kevin Poulsen - Turn the Ship Around! - L. David Marquet 33:49 - Wrap Up & Outro - www.social-engineer.com - www.innocentlivesfoundation.org
Empower Your Family's Cybersecurity with Expert Insights In this episode of The Secure Family Podcast, Andy talks with cyber defense expert Reanna Schultz to discuss how families can ensure a safe and fun online experience. Reanna shares her journey into cybersecurity, offers practical tips on creating secure passwords, and advises on how to protect personal data. She emphasizes the importance of multi-factor authentication and the risks posed by seemingly innocuous social media and online interactions. Parents are given valuable guidelines on how to safeguard their children's online activities. For more on Reanna: https://www.cyberspeaklabs.com/ Watch the Interview: https://youtu.be/xlXC5gFe3Lg Take control of your data with DeleteMe. Because they sponsor the podcast you can get 20% off a privacy plan from DeleteMe with promo code: DAD. Protect your credit cards, smartphones, and devices with signal-blocking solutions from SLNT. Get 10% off at SLNT with the discount code: THESECUREDAD. Connect
Cyber Command ordered to halt offensive operations against Russia during Ukraine negotiations. Ransomware actors exploit Paragon Partition Manager vulnerability. Amnesty International publishes analysis of Cellebrite exploit chain. California orders data broker to shut down for violating the Delete Act. On our Afternoon Cyber Tea segment with host Ann Johnson of Microsoft Security, Ann speaks with Igor Tsyganskiy, Microsoft's Global Chief Information Security Officer, about "The Power of Partnership in Cyber Defense." And it's the end of an era. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Afternoon Cyber Tea segment. On our monthly Afternoon Cyber Tea segment with host Ann Johnson of Microsoft Security, Ann speaks with Igor Tsyganskiy, Microsoft's Global Chief Information Security Officer, about "The Power of Partnership in Cyber Defense." Ann and Igor share an engaging conversation on the challenges and optimism driving the fight against cyber threats. To hear the full conversation on Ann's show, check out the episode here. You can catch new episodes of Afternoon Cyber Tea every other Tuesday on N2K CyberWire network and on your favorite podcast app. Selected Reading Exclusive: Hegseth orders Cyber Command to stand down on Russia planning (The Record) As Trump warms to Putin, U.S. halts offensive cyber operations against Moscow (The Washington Post) Hegseth Orders Pentagon to Stop Offensive Cyberoperations Against Russia (The New York Times) Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (Bleeping Computer) VU#726882 - Paragon Partition Manager contains five memory vulnerabilities within its BioNTdrv.sys driver that allow for privilege escalation and denial-of-service (DoS) attacks (Carnegie Mellon University Software Engineering Institute CERT Coordination Center) Cellebrite zero-day exploit used to target phone of Serbian student activist (Amnesty International Security Lab) California shuts down data broker for failing to register (The Record) Research finds 12,000 ‘Live' API Keys and Passwords in DeepSeek's Training Data (Truffle Security) Cyberattack detected at Polish space agency, minister says (Reuters) Polish space agency confirms cyberattack (The Register) As Skype shuts down, its legacy is end-to-end encryption for the masses (TechCrunch) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
At ThreatLocker Zero Trust World 2025 in Orlando, Chase Cunningham, often referred to as “Dr. Zero Trust,” delivered a thought-provoking session titled The Grand Delusion. The event, filled with IT professionals, managed service providers (MSPs), and small to midsize business (SMB) leaders, provided the perfect backdrop for a candid discussion about the state of cybersecurity and the real-world application of Zero Trust strategies.Challenging the Status QuoCunningham emphasized the need for businesses to adopt realistic cybersecurity practices that align with their resources and needs. He pointed out the pitfalls of smaller organizations attempting to emulate enterprise-level security strategies without the necessary infrastructure. “Cyber shouldn't be any different” than outsourcing taxes or other specialized tasks, he explained, advocating for MSPs and external services as practical solutions.Zero Trust as a Strategy, Not Just a TermThe session underscored that Zero Trust is not merely a buzzword but a strategic approach to security. Cunningham stressed the importance of questioning the validity of industry claims and seeking concrete data to support cybersecurity initiatives. He encouraged attendees to avoid being “delusional” by blindly accepting security solutions without a critical evaluation of their impact and effectiveness.Actionable Steps for Small BusinessesCunningham shared practical advice for implementing Zero Trust principles within smaller organizations. He recommended focusing on foundational controls like identity and access management, micro-segmentation, and application allow and block lists. He noted that achieving security is a journey, requiring a structured, strategic approach and an acceptance that immediate results are unlikely.The Future of Zero TrustLooking ahead, Cunningham expressed optimism about the continued evolution of Zero Trust. He highlighted its growing global significance, with his upcoming engagements in Taiwan, Colombia, and Europe serving as evidence of its widespread adoption. Ultimately, he framed Zero Trust as not only a business imperative but a fundamental human right in today's digital world.Tune in to this episode to hear more insights from Chase Cunningham and explore what Zero Trust means for businesses of all sizes.Guest
Igor Tsyganskiy, Microsoft's Global Chief Information Security Officer, joins Ann on this week's episode of Afternoon Cyber Tea for an engaging conversation on the challenges and optimism driving the fight against cyber threats. Igor shares insights from his diverse career and breaks down why cybersecurity is best understood as a battle of graphs versus lists, the importance of raising the cost for attackers, and how AI is shaping the future of defense strategies. Igor also highlights the critical role of collaboration across industries, emphasizing that security is a collective effort. Resources: View Igor Tsyganskiy on LinkedIn View Ann Johnson on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast The BlueHat Podcast No Slides Attached Podcast Discover and follow other Microsoft podcasts at microsoft.com/podcasts Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of N2K media network.
Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Peter Warmka. Peter is a Former Senior Intelligence Officer with the CIA with over 20 years' experience in breaching the security of organizations overseas. Peter is the founder of the Orlando-based firm Counterintelligence Institute, LLC and an Adjunct Professor at Webster University's Masters Cybersecurity Program. Peter is passionate about using his expertise in helping city, state, and federal government entities, non-profits, academic institutes, private companies, and individuals safeguard their sensitive proprietary and/or personal data. He is also the author of two books. [Feb 17, 2025] 00:00 - Intro 00:21 - Intro Links: - Social-Engineer.com - http://www.social-engineer.com/ - Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ - Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ - Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ - Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb - CLUTCH - http://www.pro-rock.com/ - innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/ 02:25 - Peter Warmka Intro 03:14 - Getting Recruited 12:11 - Working Above Cybersecurity 21:33 - Identifying Potential Candidates 23:20 - Tip to CISO's: Learn About AI 25:17 - The Importance of Guardrails 28:37 - Peter's Books - Confessions of a CIA Spy - Peter Warmka - Why Are You Messing With Me? - Peter Warmka 31:10 - Find Peter Warmka online - LinkedIn: in/peterwarmka - Website: counterintelligence-institute.com 32:18 - Wrap Up & Outro - www.social-engineer.com - www.innocentlivesfoundation.org
Dustin Rozario Steinhagen, PhD is a privacy expert who recently graduated with his doctorate degree in Cyber Defense from Dakota State University. His dissertation is titled “Defending the security of the mind: A mail survey of thought-reform literacy in South Dakota.” This quantitative analysis measured “what everyday people know about thought reform and psychologically manipulative groups.” One of the most powerful defenses a person can have against mind hacking is admitting they are vulnerable to it. After that, skills can be acquired and built upon to teach people how to protect themselves further. However, we mustn't let our guard down when it comes to our brains and minds coming under attack. Like anti-virus software needing updates to protect against the latest cyber threats, our minds also require ongoing learning to maintain psychological security in addition to adequate rest, play, and sleep. Influences are also more challenging to detect, more frequent in occurrence, from multiple directions, and require vigilance when interacting with different levels of trusted or untrusted sources. Having trusted groups who respect personal privacy and have our best intentions in mind becomes extremely important in such an environment. Learn more about your ad choices. Visit megaphone.fm/adchoices