POPULARITY
Categories
As artificial intelligence reshapes workplaces and business strategies, firms increasingly depend on AI providers, making AI a tool of geopolitical influence. We'll discuss the impact across industries, as digital currencies affect monetary control and cyber threats challenge operational resilience. Host: William Foster, Senior Vice President, Sovereign Risk Group, Moody's Ratings Guests: Vincent Gusdorf, Associate Managing Director, Digital Finance and AI Analytics, Moody's Ratings; Leroy Terrelonge, Vice President-Analyst, Cyber Credit Risk, Moody's Ratings Related research:Artificial Intelligence – Global – Nations push for AI sovereignty to capture economic, geopolitical gains 30 September 2025 Sovereigns - Global – Digital currency growth, inconsistent regulation amplify countries' financial risks 25 September 2025Artificial Intelligence – Corporates – Pace of AI advances, regional disparities will steer credit trends across industries 23 September 2025 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
Organizations continue to face an increasingly complex cyber threat landscape. Amid ongoing geopolitical and geoeconomic tensions and supply chain disruptions, a robust and comprehensive cyber risk management strategy can help businesses mitigate risks and improve resiliency. In this episode of Risk in Context, Marsh McLennan's Dan Bowden speaks with Marsh's Helen Nuttall and Matt Berninger about the importance of reviewing and reinforcing cyber controls to help minimize cyber exposures and uncertainty and better protecting their people, finances, and operations from cyber threats. You can access a transcript of the episode here. Read Cybersecurity Signals, Connecting Controls and Incident Outcomes and The 2025 OT Security Financial Risk Report. For more insights and insurance and risk management solutions, follow Marsh on LinkedIn and X and visit marsh.com.
Artificial intelligence (AI) is a transformational technology, but it has limitations in challenging operational settings. Researchers in the AI Division of the Carnegie Mellon University Software Engineering Institute (SEI) work to deliver reliable and secure AI capabilities to warfighters in mission-critical environments. In our latest podcast, Matt Gaston, director of the SEI's AI Division, sits down with Matt Butkovic, technical director of the SEI CERT Division's Cyber Risk and Resilience program, to discuss the SEI's ongoing and future work in AI, including test and evaluation, the importance of gaining hands-on experience with AI systems, and why government needs to continue partnering with industry to spur innovation in national defense.
CyberCube is delivering the world's leading cyber risk modeling and analytics. With best-in-class data access and advanced multi-disciplinary analytics, the company's cloud-based platform helps insurance organizations quantify cyber risk to facilitate placing insurance, underwriting cyber risk and managing cyber risk aggregation. CyberCube's enterprise intelligence layer provides insights on millions of companies globally and includes modeling on thousands of points of technology failure. The CyberCube platform was established in 2015 within Symantec and now operates as a standalone company exclusively focused on the insurance industry, with access to an unparalleled ecosystem of data partners. It is backed by Morgan Stanley Tactical Value, Forgepoint Capital, HSCM Bermuda, MTech Capital, individuals from Stone Point Capital and Scott G. Stephenson. For more information, please visit www.cybcube.com or email info@cybcube.com. Focusing exclusively on risk management and insurance professional development, the Risk & Insurance Education Alliance provides a practical advantage at every career stage, positioning our participants and their clients for confidence and success.
In this episode of Friday Fiduciary Five, Eric Dyson talks about a common and easily fixable cybersecurity risk in retirement plans: participants who have not set up user IDs and passwords for their accounts. This oversight is the most frequent cause of cyber breaches, not the fault of plan sponsors or record keepers. Eric shares an anecdote about an employee discovering unauthorized 401(k) loan deductions, highlighting the importance of security measures like user IDs, passwords, and two-factor authentication. He urges plan sponsors and advisors to communicate the necessity of these security steps to participants to prevent cyber breaches.Connect with Eric Dyson: Website: https://90northllc.com/Phone: 940-248-4800Email: contact@90northllc.com LinkedIn: https://www.linkedin.com/in/401kguy/ The information contained herein is general in nature and is provided solely for educational and informational purposes.It is not intended to provide a specific recommendation of any type of product or service discussed in this presentation or to provide any warranties, financial advice, or legal advice.The specific facts and circumstances of all qualified plans can vary, and the information contained in this podcast may or may not apply to your individual circumstances or to your plan or client plan's specific circumstances.
In this special episode of The Lawyers Weekly Show, produced in partnership with Cybertify, we unpack why legal practices are increasingly such attractive targets for cyber criminals, the ways they get past defences, and what firms can do to ensure that the “doors are locked”. Host Jerome Doraisamy speaks with William Welch, the principal solutions architect for the legal sector and AI security at Cybertify, about who the company is and the work he does, why the risks inherent with cyber security are so much more prominent for Australian law firms at present, why every business is a potential target, the need for “locked doors”, why law firm owners aren't fully across the dangers, and the lessons and takeaways from recent breaches in the legal space. Welch also delves into what BigLaw practices need to be doing right now, ensuring systems are talking to each other properly and having the right point people, what SMEs must be doing at present, the questions those smaller firms need to be asking, overcoming concerns about being time-poor, understanding the changing landscape, and how best Cybertify can help. To learn more about Cybertify, click here.
In our latest Mishcon Academy: Digital Sessions podcast, Joe Hancock, Partner in Cyber Risk and Complex Investigations at Mishcon de Reya, is joined by Emeric Bernard-Jones, Intelligence Manager in the same team. They discuss cybercrime and digital investigations - and covering issues from cyber-enabled fraud and blackmail to the real-world impact of online exposure and how threats are reshaping what it means to be safe online.They discussed:Why are cyber incidents — from hacks to hoaxes — becoming more frequent?How is the privacy and security landscape shifting for individuals as well as businesses?And what's the human cost for directors, staff, and high-profile individuals when things go wrong?
Come listen to John Riggi and Scott Gee, the American Hospital Association's National Advisor and Deputy National Advisor for Cybersecurity and Risk, give their thoughts on what risk professionals needs to know about cybersecurity and how risk professionals can help protect their organization before a cyber-attack occurs.
Jonathan Trull is the Chief Security Officer at Qualys. In this episode, he speaks to Cybercrime Magazine from Black Hat 2025, where the company left the conference with two Pwnie Awards, which celebrate groundbreaking achievements in cybersecurity. Listen to hear his thoughts on navigating cyber risk, including fighting today's threat actors and more. • For more on cybersecurity, visit us at https://cybersecurityventures.com
Recorded live at Black Hat 2025, this episode takes you straight to the frontlines of cybersecurity innovation. Host, Raghu Nandakumara first sits down with Bennett Moe, a cartographer turned N2K CyberWire VP, reveals how mapping skills can turn massive data into actionable cyber insights and why fundamentals still matter in an AI-driven world. Then, Jim Reavis, CEO of the Cloud Security Alliance and ISSA Hall of Famer, shares his urgent warning on cloud risks, the impact of generative AI, and why security leaders must rethink old playbooks.We discussed:How cartography principles help prioritize and visualize cybersecurity data The evolution of AI in security and where it's moving beyond buzzwords Why fundamentals like security hygiene and the right people in the right roles are still critical Systemic risks in cloud environments and why old security playbooks may no longer suffice How security leaders can become their company's most informed voices on AI The importance of actionable insights over overwhelming data for decision-makingThe role of cloud as a foundation for AI innovations like ChatGPT Distinguishing between securing AI and defending against AI-powered attacks How continuous learning, communication, and community collaboration are essential in cybersecurity The CSA's mission and legacy as a navigator for the cybersecurity community Stay Connected with our host, Raghu on LinkedInFor more information about Illumio, check out our website at illumio.com
Tuesday 19 August 2025 The business community unites as pressure ramps up on day one of the government’s economic reform roundtable. And more, including: NAB admits to underpaying staff. The ASX hits another high - that’s six in six days. A former PM slams Australian bosses for their attitude to cybersecurity. A record fine for Qantas. Meta runs into problems with its AI. Join our free daily newsletter here. And don’t miss the latest episode of How Do They Afford That? - this week, financial red flags in relationships. Get the episode from APPLE, SPOTIFY, or anywhere you listen to podcasts.Find out more: https://fearandgreed.com.au/See omnystudio.com/listener for privacy information.
How does one crypto transaction spiral into a $1.5 billion cybercrime? The Bybit heist.This wasn't just the largest crypto theft in history—it was a criminal feat of deception that exposed how even sophisticated systems can be breached when fraud, cybersecurity, and human oversight don't align. In this episode, we are excited to welcome returning guest Geoff White, investigative journalist and creator of The Lazarus Heist podcast, to join host, Alex Pillow, in examining one of the most audacious crypto thefts to-date. How did hackers executed the largest crypto theft in history while making operations seem normal from the inside?Tactics used in the heist and the broader implications of money laundering in the crypto space The impact of remote work on verifying employee legitimacy and protecting organizational value What the aftermath of money laundering looks like for victims—can stolen crypto ever be recovered? How companies can map where value resides across departments—and identify weak links before attackers do For more information, check out the resources below: Cyber Siege: From Russia to RedcarThe Lazarus Heist podcastTo learn more about Moody's, please visit our website or get in touch—we would love to hear from you.
Cosmic Building, a construction technology company, uses AI-driven end-to-end software to run mobile robotic microfactories. At the heart of its newest microfactory in Pacific Palisades are ABB's IRB 6710 robots and RobotStudio digital twin software. Both of which are integrated into Cosmic's Workstation Cell and AI-driven Building Information Model (BIM). #ai #california #wildfire #losangeles #robot #fire
As all of you know, there are no silver bullets when it comes to cybersecurity success in the industrial sector. Every enterprise has its own unique characteristics, each plant floor its different connectivity elements, and each business is comprised of diverse human dynamics that fuel its culture. However, regardless of the environment, there continues to be a handful of best practices that can be universally applied. As I journey across the cybersecurity realm, one of these reoccurring themes is avoiding that urge to “eat the elephant” or “drink the ocean” when implementing cybersecurity strategies. Rather, the thought process is to set priorities and check things off as you go. Our guest for this episode mentioned this numerous times, whether it comes to responding to an increasingly complex collection of threat actors, or tackling the right uses of artificial intelligence.Watch/listen as we discuss a number of topics with Casey Ellis, Founder and Chief Strategy Officer of BugCrowd, including:The very real threat of IABs (initial access brokers) and state-sponsored hackers.How his organization works to reinforce why it's cool to be a White Hat.How thinking like a criminal helps improve defenses through penetration testing and other exercises.Developing strategies that prioritize resilience over perfection.Integrating new technologies with patching in mind.Using AI to develop faster response times and focusing on "which part of the elephant to eat first," instead of doing "stupid stuff" because of the pressure to implement it.As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com.
Today, we're going to go deeper into the world of cyber attacks than we have ever done before. We'll be looking at the insurance claims that they produce as well as the longer-term consequences for their victims Often as journalists covering cyber insurance we focus on the big hacks, the headline numbers, and gloss over the detail of the personal stories and the real hard yards that have to be run to recover from an attack and the potential long-term consequences for a business, its directors, its customers and all other stakeholders. As the immediate damage and business interruption triggers potential regulatory, statutory and other serious third-party consequences, these hard yards often have to be run down multiple different paths simultaneously. The in-depth interviews that follow will deepen your understanding of the more complex and long-tail nature of this peril. I'd like to put you right in the room in the shoes of the Directors of a company as an attack unfolds. We're going behind the scenes to uncover what it's really like when a business becomes the target of a digital assault, from the immediate shock to the long-term repercussions that are often ignored by boards. We're also going to go into detail on how the nature of the cyber threat and the tactics of cyber criminals are evolving. To help me in this task my guests are: Magnus Jelen, (pictured top) Director of Incident Response EMEA for Coveware, a firm that helps victims of cyber extortion recover their data; and three senior executives at Beazley: Raf Sanchez (pictured 2nd from top), Beazley's Head of Cyber Services, Cyber Risks. Melissa Collins, (pictured 2nd from bottom) Head of Third Party Cyber & Tech Claims, and Wayne Imrie, (pictured bottom) Head of London Market Wholesale Executive Risks. Magnus and Raf are right on the front line, dealing with the immediate consequences of a hack. Magnus even deals with the hackers themselves. Melissa deals with the external insurance claims that result and Wayne is a Directors and Officers (D&O) specialist who has a deep understanding of how the D&O and Cyber insurance products interact. LINKS: As promised, here is the link to Beazley's latest Risk and Resilience Survey Spotlight on Tech Transformation & Cyber Risk 2025: https://www.beazley.com/en-001/news-and-events/spotlight-on-tech-transformation-cyber-risk-2025/
In today's digital world, artificial intelligence, data storage and cybersecurity are a critical triumvirate, intersecting to form a dynamic ecosystem that underpins modern technological infrastructure. They are strategic pillars that drive innovation, operational efficiency and risk management. Thus their interaction and integration is key to building resilient and secure digital systems capable of supporting the demands of our digitally dependent future. In this episode Charlie Giancarlo, CEO, Pure Storage discusses how important it is for an organisation where your data is, and how to correctly, safely and securely store it ready for our AI future. Nicole Carignan, SVP of Security and AI Strategy at Darktrace and Anthony Ferrante, Global Head of Cybersecurity at FTI Consulting, further extol why data is the backbone of AI, the importance of securing your data, as well as the vulnerabilites organisations face in a modern digitial world.Sources: FT Resources, WEF, PWC, Allianz, National Cyber Security Centre, McKinsey, UK GovThis content is paid for by Pure Storage and is produced in partnership with the Financial Times' Commercial Department. Hosted on Acast. See acast.com/privacy for more information.
Podcast: Industrial Cybersecurity InsiderEpisode: Plant-Level Cyber Risk: Who's Actually Responsible?Pub date: 2025-07-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Dino Busalachi and Craig Duckworth tackle one of the most overlooked threats in cybersecurity: the number of industrial vendors and system integrators in manufacturing environments. The conversation addresses the relationship and communication gap between IT and the teams responsible for designing and supporting industrial control systems. They emphasize the need for improved governance, enhanced vendor accountability, and clear ownership of cyber risk. Whether you're a CISO, CIO, or VP of Engineering, this episode offers actionable insight into bridging the IT/OT divide, securing plant floors, and building a cybersecurity strategy that works at the edge of your business.Chapters:00:00:00 - Kicking Off: Why Transparency in Cyber Matters00:00:43 - Who's Talking? Meet Craig & Dino00:01:05 - The Big Question: What's IT's Role in Industrial Security?00:01:35 - When Too Many Vendors = Chaos00:02:37 - How to Actually Secure OT Environments00:03:46 - Choosing the Right Partners (and Asking the Right Questions)00:12:37 - Why Cyber Teams Need Plant Floor Time00:14:24 - Getting Smarter: Use External Experts & Vendor Summits00:18:22 - IT Meets OT: Closing the Culture Gap00:30:03 - What Now? Practical Next Steps for CISOsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
This week, we are pleased to be joined by George Glass, Associate Managing Director of Kroll's Cyber Risk business, as he is discussing their research on Scattered Spider and their targeting of insurance companies. While Scattered Spider has recently turned its attention to the airline industry, George focuses on the broader trend of the group's industry-by-industry approach and what that means for defenders across sectors. George and Dave discuss the group's history, their self-identification as a cartel, and their increasingly aggressive tactics, including the use of fear-based social engineering, physical threats, and the recruitment of insiders at telecom providers. They also examine how organizations—especially those with vulnerabilities similar to past targets—can proactively defend against this threat and prepare an effective response if their industry becomes the next focus. Complete our annual audience survey before August 31. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, we are pleased to be joined by George Glass, Associate Managing Director of Kroll's Cyber Risk business, as he is discussing their research on Scattered Spider and their targeting of insurance companies. While Scattered Spider has recently turned its attention to the airline industry, George focuses on the broader trend of the group's industry-by-industry approach and what that means for defenders across sectors. George and Dave discuss the group's history, their self-identification as a cartel, and their increasingly aggressive tactics, including the use of fear-based social engineering, physical threats, and the recruitment of insiders at telecom providers. They also examine how organizations—especially those with vulnerabilities similar to past targets—can proactively defend against this threat and prepare an effective response if their industry becomes the next focus. Complete our annual audience survey before August 31. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this episode of On Aon, our cyber experts explore the escalating scale and complexity of cyber threats, from AI-driven attacks to systemic third-party risks. Hosted by Nancy Eaves, product leader for Cyber Solutions, and featuring insights from Brent Rieth, global cyber leader, and David Molony, EMEA head of cyber solutions, the conversation explores the evolving regulatory landscape, the strategic use of cyber insurance and the critical role of executive engagement in managing cyber risk. Key Takeaways:Threat actors are using AI to scale attacks like phishing and ransomware, while organizations are deploying AI to improve detection, response and risk quantification. Cybersecurity has become a board-level priority, with executives embedding it into enterprise risk management due to its material impact. Global regulatory developments are encouraging greater transparency in cyber incident reporting, reducing reputational stigma and enhancing collective defense. Despite rising claims, cyber insurance pricing has declined thanks to market maturity, improved risk modeling and diversified underwriting strategies.Experts in this episode:Nancy Eaves — Product Leader, Cyber Solutions, Aon (Host)Brent Rieth — Global Cyber Leader, Cyber Solutions, AonDavid Molony — Head of Cyber Solutions EMEA, Aon Key moments:(0:55) The increase in frequency of reported cyber incidents, including AI-driven threats, ransomware and cloud and identity-based intrusions. (3:50) The reputational impact of cyber incidents on organizations. (13:30) The factors contributing to the buyer-friendly market for cyber insurance Additional Resources:2025 Global Cyber Risk Report Soundbites:David Molony: “Ultimately, we are seeing threat actors leveraging generative AI to create highly personalized phishing campaigns and deepfake content, making social engineering more effective.” Brent Rieth: “I'd add it's important to continue to drive a holistic approach to navigating cyber risk. It's incredibly complex. It can't be managed in isolation by any individual stakeholder.”
Quantifying cyber risk is now a necessity for businesses navigating the evolving threat landscape. In this episode of the Risk Management Show, we discussed why quantifying cyber risk is the new imperative for businesses. Our guest, Asdrúbal Pichardo, CEO of Squalify—a cyber risk quantification platform backed by Munich Reinsurance—shares how their top-down approach to cyber risk quantification is transforming the way companies prioritize cybersecurity investments and communicate with boards. We explored real-world examples, common pitfalls in cybersecurity investment, and how benchmarking cyber posture can elevate your strategy. If you're a Chief Risk Officer, CISO, or CFO looking to align strategies and speak the same language about cyber security and risk management, this episode provides the insights you need. Plus, learn about Squalify's CRQ readiness assessment tool and how it supports organizations in making informed decisions. Please check the Squalify's CRQ Readiness Assessment https://squalify.fillout.com/t/5dGf2f8tmcus If you want to be our guest or suggest a guest, send your email to info@globalriskconsult.com with the subject line "Guest Proposal."
Software enables our way of life, but market forces have sidelined security concerns leaving systems vulnerable to attack. Fixing this problem will require the software industry to develop an initial standard for creating software that is secure by design. These are the findings of a recently released paper coauthored by Greg Touhill, director of the Software Engineering Institute (SEI) CERT Division. In this latest SEI podcast, Touhill and Matthew Butkovic, director of Cyber Risk and Resilience at CERT, discuss the paper including its recommendations for making software secure by design.
What do tariffs, AI adoption, and digital readiness have in common? They're all reshaping the future of wholesale distribution.In this episode of Around the Horn in Wholesale Distribution, hosts Kevin Brown and Tom Burton unpack the forces shaping the industry from rising cybersecurity threats to the real reason distributors aren't seeing results from generative AI tools.This episode blends actionable economic insights with digital transformation strategy and is a must-listen for Revenue Leaders in Distribution preparing for what's next.What You'll Learn:Why small interest rate changes have massive implications for national debt and distributor marginsThe hidden danger of weak cybersecurity hygiene in mid-size distributorsWhat's actually holding companies back from successful AI implementation (hint: it's not the tools)How Smart CRM and Sales Co-Pilot platforms help future-proof sales organizationsWhy Collaborative Planning & Forecasting (CPFR) is a strategic advantage in uncertain timesEpisode Highlights:05:20 – What the Fed's hesitation on rate cuts means for distributors12:45 – How tariffs are being used as economic leverage, not just punishment22:10 – Why reshoring is gaining momentum in wholesale distribution35:08 – The untold reasons AI is stalling in sales organizations45:50 – How today's B2B buyers behave before they ever speak to sales57:30 – Aligning AI tools with workflow clarity and CRM data hygiene01:08:15 – Cybersecurity risks for mid-size distributors: real threats and blind spots01:17:40 – Future-proofing your strategy with AI, succession readiness & smarter sales planning
Banking on Fraudology is part of the Fraudology Podcast Network.In this illuminating episode of Banking on Fraudology, host Hailey Windham sits down with Bryan Watkinson, a risk management expert from Affinity Federal Credit Union. Bryan shares his wealth of experience in operational risk, fraud prevention, and the emerging field of cannabis banking. The conversation kicks off with a look at Bryan's popular "Fraud Friday" social media posts, which break down complex fraud threats in an accessible way. Bryan reveals how these posts have become a rallying cry for other departments to embrace risk education.The discussion then dives into the challenges of managing multiple risk verticals in a mid-sized credit union. Bryan offers invaluable insights on prioritizing threats, from cybersecurity concerns stemming from global conflicts to the day-to-day battles against check fraud and account takeovers. He emphasizes the importance of staying vigilant without overreacting, sharing strategies for keeping teams at a steady "level 4 or 5" of alertness. One of the episode's highlights is Bryan's candid take on cannabis banking, detailing how Affinity navigated this complex new terrain.Listeners will come away with practical advice on making risk relatable across an organization, fostering transparency, and building a strong risk culture. Bryan's approach of "showing up" to branches with donuts and real conversations exemplifies his philosophy of hands-on leadership. Whether you're a seasoned risk professional or new to the field, this episode offers a masterclass in balancing vigilance with approachability. Don't miss Bryan's parting words on the power of networking and continuous learning in the fight against fraud. Tune in to gain insights that will elevate your risk management game and protect your institution.Bryan WatkinsonAbout Hailey Windham:As a 2023 CU Rockstar Recipient, Hailey Windham, CFCS (Certified Financial Crimes Specialist) demonstrated unbounding passion for educating her community, organization and credit union membership on scams in the market and best practices to avoid them. She has implemented several programs within her previous organizations that aim at holistically learning about how to prevent and detect fraud targeted at membership and employees. Windham's initiatives to build strong relationships and partnerships throughout the credit union community and industry experts have led to countless success stories. Her applied knowledge of payments system programs combined with her experience in fraud investigations offers practical concepts that are transferable, no matter the organization's size. Connect with Hailey on LinkedIn: https://www.linkedin.com/in/hailey-windham/
In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• The GRIP is one year old and to celebrate, we're running an anniversary sale!!• Join the GRIP in July and use promo code HOTJULY2025 to receive a 20% discount!• (TLP:CLEAR) Hostile Nation States Employing Non-State Actors• Surge in MOVEit Transfer Scanning Could Signal Emerging Threat Activity• ‘Suspended animation': US government upheaval has frayed partnerships with critical infrastructure• Short-term extension of expiring cyber information-sharing law could be on the table• Gate 15 is excited to offer a low-cost ransomware resilience exercise for executives! Contact us today for more information on this great opportunity!Main Topics:Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. CISA, the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA) published Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. This joint fact sheet details the need for increased vigilance for potential cyber activity against U.S. critical infrastructure by Iranian state-sponsored or affiliated threat actors. Defense Industrial Base companies, particularly those possessing holdings or relationships with Israeli research and defense firms, are at increased risk. At this time, we have not seen indications of a coordinated campaign of malicious cyber activity in the U.S. that can be attributed to Iran. Beazley Report: U.S. Executives Misjudge Their Cyber Preparedness. U.S.-based executives feel more prepared to counter cyber threats, potentially indicating a false sense of security because many companies lack the ability to be adequately preparedness, according to a new report from specialist insurer Beazley. According to the report, Spotlight on Tech Transformation & Cyber Risk 2025, the perception of cyber resilience rose to 81% from 73% a year ago. Hostile Events:• A violent ambush in Idaho leaves 2 firefighters dead and 1 injured. What to know about the attack• Suspect Identified in Deadly Ambush of Idaho Firefighters• Chilling ‘coincidence' of Idaho shooting sends internet sleuths into overdrive• Gunman started Idaho blaze and then fatally shot 2 firefighters in ambush attack, officials say• Here's a timeline of how the Canfield Mountain ambush shooting unfolded• Multiple firefighters reportedly shot while responding to fire near Coeur d'Alene• Europol: New report - major developments and trends on terrorism in Europe in 2024Quick Hits:• Canadian Centre for Cyber Security - Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2025-5349, CVE-2025-5777 and CVE-2025-6543 • Over 1,200 Citrix servers unpatched against critical auth bypass flaw• The State of Ransomware 2025• Scattered Spider hackers shift focus to aviation, transportation firms • Scattered Spider's Calculated Path from CFO to Compromise • M&S fashion rivals ‘benefited from its pause on online orders after cyber-attack' • Ransomware attack contributed to patient's death• Canada orders Chinese CCTV biz Hikvision to quit the country ASAP• FBI PSA - Criminals Posing as Legitimate Health Insurers and Fraud Investigators to Commit Health Care Fraud• 50 Customers of French Bank Hit by Insider SIM Swap Scam; An intern at Société Générale is believed to have facilitated the theft of more than EUR1mn (USD1.15mn) from the bank's customers.• State of CPS Security 2025: Building Management System Exposures • H1 2025 Crypto Hacks and Exploits: A New Record Amid Evolving Threats
Cyber threats are not static—and HITRUST knows assurance can't be either. That's why HITRUST's Michael Moore is leading efforts to ensure the HITRUST framework evolves in step with the threat environment, business needs, and the technologies teams are using to respond.In this episode, Moore outlines how the HITRUST Cyber Threat Adaptive (CTA) program transforms traditional assessment models into something far more dynamic. Instead of relying on outdated frameworks or conducting audits that only capture a point-in-time view, HITRUST is using real-time threat intelligence, breach data, and frameworks like MITRE ATT&CK and MITRE ATLAS to continuously evaluate and update its assessment requirements.The E1 and I1 assessments—designed for organizations at different points in their security maturity—serve as flexible baselines that shift with current risk. Moore explains that by leveraging CTA, HITRUST can add or update controls in response to rising attack patterns, such as the resurgence of phishing or the emergence of AI-driven exploits. These updates are informed by a broad ecosystem of signals, including insurance claims data and AI-parsed breach reports, offering both frequency and impact context.One of the key advantages Moore highlights is the ability for security teams to benefit from these updates without having to conduct their own exhaustive analysis. As Moore puts it, “You get it by proxy of using our frameworks.” In addition to streamlining how teams manage and demonstrate compliance, the evolving assessments also support conversations with business leaders and boards—giving them visibility into how well the organization is prepared for the threats that matter most right now.HITRUST is also planning to bring more of this intelligence into its assessment platform and reports, including showing how individual assessments align with the top threats at the time of certification. This not only strengthens third-party assurance but also enables more confident internal decision-making—whether that's about improving phishing defenses or updating incident response playbooks.From AI-enabled moderation of threats to proactive regulatory mapping, HITRUST is building the connective tissue between risk intelligence and real-world action.Note: This story contains promotional content. Learn more.Guest: Michael Moore, Senior Manager, Digital Innovation at HITRUST | On LinkedIn: https://www.linkedin.com/in/mhmoore04/Hosts:Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.com/Marco Ciappelli, Co-Founder at ITSPmagazine and Host of Redefining Society Podcast & Audio Signals Podcast | https://www.marcociappelli.com/______________________Keywords: sean martin, marco ciappelli, michael moore, hitrust, cybersecurity, threat intelligence, risk management, compliance, assurance, ai security, brand story, brand marketing, marketing podcast, brand story podcast______________________ResourcesVisit the HITRUST Website to learn more: https://itspm.ag/itsphitwebLearn more and catch more stories from HITRUST on ITSPmagazine: https://www.itspmagazine.com/directory/hitrustLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
The Risk Intel podcast welcomed back Josh Magri, CEO of the Cyber Risk Institute (CRI), for a timely Part 2 conversation focused on the evolving cybersecurity regulatory landscape and what it means for community financial institutions. As the FFIEC Cybersecurity Assessment Tool (CAT) is scheduled to sunset on August 31, 2025, Josh offers a roadmap on how financial institutions can move forward and how their CRI Profile offers a strategic, scalable alternative that's gaining traction with regulators and institutions alike. Follow us to stay in the know!
What if everything we've been doing in cybersecurity awareness training is not just outdated — but harmful?In this episode of Reimagining Cyber, Rob Aragao, Chief Security Strategist at OpenText, talks with Craig Taylor, co-founder and CISO at CyberHoot, who makes a bold claim: punishment-based training is not only ineffective — it's counterproductive. Drawing from his background in psychology and years of cybersecurity leadership, Craig explains why we need to ditch outdated tactics and embrace positive reinforcement to reduce human risk.From the failure of fake phishing tests to real-world results from forward-thinking organizations, Craig reveals a smarter, more human-centered way to train. If you're tired of scare tactics and want a strategy that actually builds cyber resilience, this episode is your wake-up call.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
The cybersecurity landscape is changing fast. And for financial institutions, one of the biggest shifts on the horizon is the sunsetting of the FFIEC Cybersecurity Assessment Tool (CAT) in August 2025. In this episode of the Risk Intel podcast, Josh Magri, President and CEO of the Cyber Risk Institute (CRI), joined host Edward Vincent to unpack what this means for banks, credit unions, and other financial players.From emerging threats powered by AI to the evolving regulatory frameworks shaping cybersecurity governance, Josh's insights are a must-hear. Listen to the full episode here!Follow us to stay in the know!
AI-powered cyber-attacks are reshaping the threat landscape, driving new risks and challenges for organizations worldwide. CJ Dietzman, Alliant Cyber, welcomes Daniel Tobok, CEO of Cypfer, to break down the latest cyber trends from Q1 2025 and predictions for the future. They discuss the rise of generative AI in attacks, the ongoing ransomware threat and the increasing role of third-party vendors in breaches. Daniel also offers practical advice on boosting cyber awareness, protecting critical data and preparing incident response plans to stay ahead in this evolving environment.
High net worth individuals often carry public profiles that make them uniquely vulnerable to cyber threats. From executives and celebrities to board members and influencers, their visibility—and the … Read More » The post Why High Net Worth Clients Face Great Cyber Risk appeared first on Insurance Journal TV.
High net worth individuals often carry public profiles that make them uniquely vulnerable to cyber threats. From executives and celebrities to board members and influencers, their visibility—and the … Read More » The post Why High Net Worth Clients Face Great Cyber Risk appeared first on Insurance Journal TV.
High net worth individuals often carry public profiles that make them uniquely vulnerable to cyber threats. From executives and celebrities to board members and influencers, their visibility—and the … Read More » The post Why High Net Worth Clients Face Great Cyber Risk appeared first on Insurance Journal TV.
In today's episode Lucian Niemeyer, CEO of Building Cybersecurity, joins Stacey Shepard, the President of Shepard Global Strategies to explore how IFMA's new partnership with BCS is helping facility managers better understand and manage cyber risks. Together they discuss Lcuian's background at the United States Department of Defense to developing a 16-step cybersecurity framework that is available for free for facility managers. They highlight how training, collaboration, and proactive strategies are reshaping cyber safety in the built environment to drive safer, smarter facility management practices.This episode is sponsored by ABM! Learn more about ABM here. Connect with Us:LinkedIn: https://www.linkedin.com/company/ifmaFacebook: https://www.facebook.com/InternationalFacilityManagementAssociation/Twitter: https://twitter.com/IFMAInstagram: https://www.instagram.com/ifma_hq/YouTube: https://youtube.com/ifmaglobalVisit us at https://ifma.org
In this episode, ISACA's Lisa Cook engages with Yakir Golan, Executive Officer (CEO) and Co-Founder of Kovrr, to explore the critical role of Cyberrisk Quantification (CRQ) in enhancing organizational financial resilience. They discuss how CRQ solutions provide objective assessments of an organization's cybersecurity posture, enabling leaders to make informed decisions that align risk mitigation strategies with business objectives. The conversation also highlights the importance of translating cyberrisk exposure into monetary terms to facilitate high-level discussions and protect shareholder confidence. Listen & Subscribe Catch this episode—and more—on the ISACA Podcast Library: https://www.isaca.org/resources/news-and-trends/isaca-podcast-library or on your favorite podcast platform.
In this episode of the ShorelineHudson Maritime Risk Podcast, we explore how the maritime sector is confronting the growing challenge of cyber risk with data-driven clarity. Our guests include Rob Vasquez, CEO of Beacon Technologies, Rick Siebenaler, CEO of the Maritime Cybersecurity Institute and academic sponsor of this fully funded research initiative, and Sean Jensen, ShorelineHudson's cyber expert and program facilitator. Together, they discuss the Maritime Cybersecurity Institute's vessel cyber risk analysis program powered by CYFAX+ and how it is transforming the way shipowners, operators, and regulators visualize, assess, and act on vessel-level cyber threat intelligence. If you're ready to understand what it truly means to "see the threat," this is a conversation you won't want to miss. Speakers: Rob Vazquez – Beacon Technologies Rob Vazquez is the CEO of Beacon Technology Group and a pioneer in cybersecurity innovation with over 30 years of experience across global IT and data protection. He has led enterprise-scale deployments for multinational firms and is the inventor behind a patent-pending AI-based threat processing system. Rob's work at Beacon focuses on developing accessible cybersecurity solutions, including the CYFAX+ platform, which supports advanced threat visibility and regulatory compliance. Rick Siebenaler - Maritime Cybersecurity Institute Rick Siebenaler is the CEO of the Maritime Cybersecurity Institute, a nonprofit dedicated to advancing cyber resilience in the commercial maritime sector. With a distinguished background at the NSA, CyberGuard, EY, and Deloitte—holding titles such as Chief Scientist and Global CISO, Rick brings strategic depth to maritime cybersecurity. His leadership is driving the sector toward a more mature, integrated approach to cyber risk management. Sean Jensen - ShorelineHudson Sean Jensen is a cyber threat specialist at ShorelineHudson with a master's in Homeland Security and expertise in maritime risk assessment. He leads the development and deployment of the AVRA platform, delivering intelligence-driven cyber and physical vulnerability assessments for global port and vessel operations. Certified as a Facility Security Officer and Business Continuity Professional, Sean supports compliance and resilience strategies across the maritime domain.
What if the biggest threat to your cyber claims portfolio isn't ransomware—but a spreadsheet buried in someone's inbox?In this episode, host Anthony Hess chats with John Spiehs, Head of Claims at Converge, about what's shifting in the cyber claims space—and what insurance professionals should have on their radar.John breaks down how Converge is leading efforts to simplify Business Interruption (BI) claims with a cleaner, more intuitive, top-down approach. He also digs into the growing exposure around data privacy, where even small incidents can trigger costly class actions. Finally, he explains what's getting lost as the market softens, why vendor relationships matter more than price tags, and the kind of talent today's claims teams really need.You'll learn:1. Why BI claims are evolving, and how Converge is simplifying the process2. Why data privacy and class actions are emerging as cyber's new frontier3. Why soft market dynamics threaten underwriting discipline4. How poor email habits can explode breach costs overnight5. What defines a strong vendor partnership, beyond cut-rate solutions___________Get in touch with John Spiehs on LinkedIn: https://www.linkedin.com/in/john-s-b981337/___________About the host Anthony Hess:Anthony is passionate about cyber insurance. He is the CEO of Asceris, which supports clients to respond to cyber incidents quickly and effectively. Originally from the US, Anthony now lives in Europe with his wife and two children.Get in touch with Anthony on LinkedIn: https://www.linkedin.com/in/anthonyhess/ or email: ahess@asceris.com.___________Thanks to our friends at SAWOO for producing this episode with us!
This episode features risk management leader Tracey Swift, Editor-in-Chief of a new publication, HigherEdRisk. Previously, Tracey was Executive Director of Risk Management at Arizona State University, where she led the university's risk management and insurance functions. In this episode we explore the differences between academia and corporations in managing privacy, cybersecurity, and AI risks, the role of the board of trustees and university leadership, and the challenges associated with open networks, collaborative research, shadow IT, and resource pressures. AI has opened up new opportunities and challenges and academia has been one of the first to feel its impact, making higher education more advanced in AI governance than many private sector organizations. Tracey shares her thoughts on the role of insurance in higher ed risk management and the importance of cross-organizational teams in addressing privacy, cybersecurity, and AI risk management.
Send us a textJoin Joe as he reconnects with Matthew Alderman, Chief Product Officer at CyberSaint, in this insightful episode of the podcast! With over 250 episodes under his belt, Joe dives deep with Matthew, a cybersecurity veteran, podcast host, and advisor, to explore:CyberSaint's Game-Changing Approach: How CyberSaint uses historical loss data to revolutionize cyber risk quantification, helping CISOs justify budgets with real financial metrics.Career Insights: Matthew shares his journey, from running startups to advising new ventures, and how he balances multiple roles (CPO, podcast host, advisor, and family man).Leadership & Communication: Why CISOs need to speak the language of business to earn a seat at the boardroom table.Practical Tips: Advice on avoiding burnout, building a mentorship network, and leveraging your personal brand in cybersecurity. Free Cyber Risk Analysis: Visit CyberSaint.io to benchmark your organization's cyber risk against industry peers. Connect with Matthew: Find him on LinkedIn Matthew Alderman or X @Maldermania Listen to Matthew's Podcast: Check out Business Security Weekly at securityweekly.com/BSW.Chapters00:00 Reconnecting and Reflecting on Podcasting Journey02:19 Balancing Multiple Roles and Responsibilities05:44 The Importance of Personal Well-being07:53 Career Goals and Retirement Aspirations10:31 Integrating Consulting and Podcasting11:55 The Value of Mentorship in Professional Growth15:02 Building Trust and Reputation in Networking16:39 Leveraging Podcasting for Career Opportunities18:20 Innovations in Cyber Risk Management23:07 Integrating Risk and Control Data25:30 The Importance of Risk Quantification28:33 Communicating Cyber Risk to the Board30:41 CISO's Role in Business Strategy33:03 Free Cyber Risk Analysis Offering36:20 Customizing Risk Models39:58 Real-Time Risk Monitoring42:24 Targeting Public Companies for Cyber Risk Solutions45:14 Closing Thoughts and Future DirectionsSubscribe for more cybersecurity insights, leadership tips, and industry trends! Drop your thoughts in the comments below—how do you approach cyber risk in your organization?Support the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast
In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Gregory Touhill, director of the SEI CERT Division, sits down with Matthew Butkovic, technical director of Cyber Risk and Resilience at CERT, to discuss ways in which CERT researchers and technologists are working to deliver rapid capability to warfighters in the Department of Defense.
Guest: Steve Ledzian, APAC CTO, Mandiant at Google Cloud Topics: We've seen a shift in how boards engage with cybersecurity. From your perspective, what's the most significant misconception boards still hold about cyber risk, particularly in the Asia Pacific region, and how has that impacted their decision-making? Cybersecurity is rife with jargon. If you could eliminate or redefine one overused term, which would it be and why? How does this overloaded language specifically hinder effective communication and action in the region? The Mandiant Attack Lifecycle is a well-known model. How has your experience in the East Asia region challenged or refined this model? Are there unique attack patterns or actor behaviors that necessitate adjustments? Two years post-acquisition, what's been the most surprising or unexpected benefit of the Google-Mandiant combination? M-Trends data provides valuable insights, particularly regarding dwell time. Considering the Asia Pacific region, what are the most significant factors reducing dwell time, and how do these trends differ from global averages? Given your expertise in Asia Pacific, can you share an observation about a threat actor's behavior that is often overlooked in broader cybersecurity discussions? Looking ahead, what's the single biggest cybersecurity challenge you foresee for organizations in the Asia Pacific region over the next five years, and what proactive steps should they be taking now to prepare? Resources: EP177 Cloud Incident Confessions: Top 5 Mistakes Leading to Breaches from Mandiant EP156 Living Off the Land and Attacking Critical Infrastructure: Mandiant Incident Deep Dive EP191 Why Aren't More Defenders Winning? Defender's Advantage and How to Gain it!
In this compelling episode of Public Key, Eitan Danon (Content Marketing Manager, Chainalysis) speaks with Yaya Fanusie (Director of Policy for AML & Cyber Risk, Crypto Council for Innovation) to discuss the multifaceted dynamics of cryptocurrencies and their implications for national security, illicit finance and global policymaking. Yaya leverages his rich background in intelligence analysis to emphasize the widespread impact of blockchain technology on economic security and policy, including the response of various governments to blockchain and illicit finance and the integration of innovative technologies in mitigating financial crime. Listeners will gain an in-depth understanding of strategies from countries like Iran and China and how digital assets are reshaping the geopolitical landscape and creating modern day conflict zones. Minute-by-minute episode breakdown 2 | Yaya's journey From CIA analyst to crypto and illicit finance expert 6 | How crypto has evolved in the world of National Security and illicit finance 13 | Balancing innovation and regulation in crypto ecosystem 18 | China's digital currency strategy and Its geopolitical implications 23 | Data as the new electricity and currency in a digital economy 26 | Crypto's impact on traditional finance and regulatory challenges 29 | Digital Asset's dual role in conflict zones: Aid and illicit use 34 | Exploring financial crime and spy thrillers podcasts Related resources Check out more resources provided by Chainalysis that perfectly complement this episode of the Public Key. Website: The Premier Global Alliance Advancing Crypto Innovation Guide: Crypto Council for Innovation: Crypto Illicit Finance Risk Management Guide Podcast: The Jabbari Lincoln Files: A Spy Thriller Podcast Created by a Former CIA Officer Podcast: Illicit Edge: Breaking News for Financial Crime Professionals Report: The Chainalysis 2025 Crypto Crime Report (Download Your Copy Today) Blog: United States DOJ and FBI Seize Cryptocurrency in Major Disruption of Hamas Terrorist Financing Scheme Blog: What is Authorized Push Payment (APP) Fraud? Understanding Crypto-Related Scams & Prevention YouTube: Chainalysis YouTube page Twitter: Chainalysis Twitter: Building trust in blockchain Speakers on today's episode Eitan Danon *Host* (Content Marketing Manager, Chainalysis) Yaya Fanusie (Director of Policy for AML & Cyber Risk, Crypto Council for Innovation) This website may contain links to third-party sites that are not under the control of Chainalysis, Inc. or its affiliates (collectively “Chainalysis”). Access to such information does not imply association with, endorsement of, approval of, or recommendation by Chainalysis of the site or its operators, and Chainalysis is not responsible for the products, services, or other content hosted therein. Our podcasts are for informational purposes only, and are not intended to provide legal, tax, financial, or investment advice. Listeners should consult their own advisors before making these types of decisions. Chainalysis has no responsibility or liability for any decision made or any other acts or omissions in connection with your use of this material. Chainalysis does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in any particular podcast and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material. Unless stated otherwise, reference to any specific product or entity does not constitute an endorsement or recommendation by Chainalysis. The views expressed by guests are their own and their appearance on the program does not imply an endorsement of them or any entity they represent. Views and opinions expressed by Chainalysis employees are those of the employees and do not necessarily reflect the views of the company.
Cybersecurity in Italy: ITASEC 2025 Recap & Future Outlook with Professor Alessandro ArmandoCybersecurity is no longer a niche topic—it's a fundamental pillar of modern society. And in Italy, ITASEC has become the go-to event for bringing together researchers, government officials, and industry leaders to tackle the biggest security challenges of our time.Although we weren't there in person this year, we're diving into everything that happened at ITASEC 2025 in this special On Location recap with Professor Alessandro Armando. As Deputy Director of the Cybersecurity National Laboratory at CINI and Chairman of the Scientific Committee of the SERICS Foundation, Alessandro has a front-row seat to the evolution of cybersecurity in Italy.This year's event, held in Bologna, showcased the growing maturity of Italy's cybersecurity landscape, featuring keynotes, technical sessions, and even hands-on experiences for the next generation of security professionals. From government regulations like DORA (Digital Operational Resilience Act) to the challenges of AI security, ITASEC 2025 covered a vast range of topics shaping the future of digital defense.One major theme? Cybersecurity as an investment, not just a cost. Italian companies are increasingly recognizing security as a competitive advantage—something that enhances trust and reputation rather than just a compliance checkbox.We also discuss the critical role of education in cybersecurity, from university initiatives to national competitions that are training the next wave of security experts. With programs like Cyber Challenge.IT, Italy is making significant strides in developing a strong cybersecurity workforce, ensuring that organizations are prepared for the evolving threat landscape.And of course, Alessandro shares a big reveal: ITASEC 2026 is heading to Sardinia! A stunning location for what promises to be another exciting edition of the conference.Join us for this insightful discussion as we reflect on where cybersecurity in Italy is today, where it's headed, and why events like ITASEC matter now more than ever.
Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Roy Luongo. Roy is the Chief Information Security Officer for the United States Secret Service. He leads a team in the defense and information assurance of all USSS information systems and solutions. Prior to his current role he was the Director, Joint Mission Operations Center for Cyber Command, providing oversight of mission critical Cyber Operations infrastructures. He has also served as Chief, NSA Red Team and Technical Director for Interactive Operations for the NSA. Roy is a retired Army soldier with 20 years' service within the Intelligence and Cyber career fields. [March 17, 2025] 00:00 - Intro 00:17 - Intro Links: - Social-Engineer.com - http://www.social-engineer.com/ - Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ - Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ - Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ - Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb - CLUTCH - http://www.pro-rock.com/ - innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/ 01:55 - Roy Luongo Intro 02:44 - The Path to CISO of the Secret Service 04:58 - Cybersecurity in Early Education 07:50 - The Entry Level Catch-22 12:24 - Quantifying Risk 14:27 - The Best Way Forward 16:51 - The Effects and Future of AI 20:06 - Understanding Your Needs 22:11 - Advise to Young Roy 24:56 - The Cost of Training 29:01 - Mentors - Ed Skoudis - Brigadier General Brian D. Vile - Shawn Turskey 29:55 - Lollipop Moments - TEDxToronto - Drew Dudley "Leading with Lollipops" 31:33 - Book Recommendations - Cybersecurity Canon - Rick Howard - Kingpin - Kevin Poulsen - Turn the Ship Around! - L. David Marquet 33:49 - Wrap Up & Outro - www.social-engineer.com - www.innocentlivesfoundation.org