Podcasts about cybersecurity

Analyst roundtable covering the big ideas in technology that are changing the world, with Adrian Cockcroft, Stephen Perrenod, Chris Kruell, and Shahin Khan. In this episode: - Agent Swarm Coding, "AI-Aided Coding"? - AI circular funding or flywheel - Data Center build-out complexities, and overbuilding? - New Exascale DOE Supercomputers - Data FLow Architecture, Reconfigurable Architecture - AI-RAN, GPUs on Telephone Poles - 15th CryptoSuper500 report, Bitcoin Price Drop, ZCash, Monero - Quantum Advantage claims [audio mp3="https://orionx.net/wp-content/uploads/2025/11/OXD033_ART-9_20251115.mp3"][/audio] The post Analyst Roundtable: AI, Crypto, Quantum, Chips – OXD33 appeared first on OrionX.net.

Hello and welcome to episode 202 of the Financial Crime Weekly Podcast. I am Chris Kirkbride. This episode covers significant sanctions news including the US Treasury targeting the Democratic Karen Benevolent Army for operating cyber scam centres in Burma, and the sanctioning of a global network supporting Iran's missile and UAV programmes across Iran, China, the UAE, and several other countries. The episode also covers transnational crime fighting efforts, such as FinCEN's proposed rule identifying Mexico-based gambling establishments as a primary concern due to their ties to Sinaloa Cartel money laundering, and the UK's alert exposing how global shadow fleets enable sanctions evasion. Additionally, the episode addresses major cyber developments, including Europol's Operation Endgame which dismantled significant cybercrime infrastructure, and the UK's announcement of the Cyber Security and Resilience Bill aimed at protecting critical services and regulating managed service providers.A transcript of this podcast, with links to the stories, will be available at www.crimes.financial.

In this episode of Breaking into Cybersecurity, Erica Shoemate shares her exceptional journey into national security, cybersecurity, and AI. From serving vulnerable communities in Memphis to working at the FBI, Erica discusses her multifaceted career, her pioneering work in technology policy, and the importance of human-centered approaches in AI and cybersecurity. As a first-generation college graduate, Erica emphasizes the value of passion, critical thinking, and leadership in breaking into the industry, offering invaluable insights to those looking to pivot their careers.00:00 Introduction and Guest Welcome00:59 Erica's Nontraditional Path to Cybersecurity03:53 Impact of Early Career in Vulnerable Communities07:28 Educational Background and Career Evolution15:18 Transition to Big Tech and Policy Leadership18:34 Current Work and Consulting27:54 Challenges and Future of AI in Cybersecurity40:45 Conclusion and Final ThoughtsSponsored by CPF Coaching LLC - http://cpf-coaching.comBreaking into Cybersecurity: A conversation about their previous experiences, the reasons behind their pivot into cyber, the process they went through, how they stay up-to-date, and advice/tips/tricks along the way.The Breaking into Cybersecurity Leadership Series is an additional series focused on cybersecurity leadership and hearing directly from different leaders in cybersecurity (high and low) on what it takes to be a successful leader. We focus on the skills and competencies associated with cybersecurity leadership, as well as tips/tricks/advice from cybersecurity leaders.#cybersecurity #breakingintocybersecurity #informationsecurity #AdvanceYourCyberCareer Check out our books: Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://amzn.to/3443AUIHack the Cybersecurity Interview: A complete interview preparation guide for jumpstarting your cybersecurity career https://www.amazon.com/dp/1801816638/

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

SmartApeSG campaign uses ClickFix page to push NetSupport RAT A detailed analysis of a recent SamtApeSG campaign taking advantage of ClickFix https://isc.sans.edu/diary/32474 Formbook Delivered Through Multiple Scripts An analysis of a recent version of Formbook showing how it takes advantage of multiple obfuscation tricks https://isc.sans.edu/diary/32480 sudo-rs vulnerabilities Two vulnerabilities were patched in sudo-rs, the version of sudo written in Rust, showing that while Rust does have an advantage when it comes to memory safety, there are plenty of other vulnerabilities to worry about https://ubuntu.com/security/notices/USN-7867-1 https://github.com/trifectatechfoundation/sudo-rs/security/advisories/GHSA-c978-wq47-pvvw?ref=itsfoss.com SANS Holiday Hack Challenge https://sans.org/HolidayHack

In this episode of Defender Fridays, we talk to Alec Fenton, VP Security Operations at Foresite Cybersecurity, practical career advice for defenders, SOC metrics that actually matter and AI in security operations.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Alec is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his analytical prowess and hands-on approach to leadership.Throughout his career, Alec has navigated the intricate landscape of IT security, working across various sectors including managed service providers and private companies. His tenure as an analyst in the cybersecurity space has not only equipped him with a deep understanding of emerging threats and vulnerabilities but has also shaped his leadership philosophy of "lead from the front."Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this week's episode of the Conduit Street Podcast, Karrington Anderson talks with Sarah Sample to break down the rapidly evolving world of Public Information Act (PIA) requests in Maryland and why counties are feeling the pressure. They talk through the effects of the rise of automated and anonymous AI-generated PIA requests, cybersecurity threats entering through the request funnel, and how counties are navigating challenges the law never anticipated.Sarah breaks down the recent recommendations from the Public Information Act Compliance Board, the expanded role of the Public Access Ombudsman, and how technology - from cloud storage to body-worn camera footage - has drastically reshaped the request and fulfillment process. With the 2026 Maryland Legislative Session fast approaching, this timely conversation explores where policy, transparency, and technological realities collide.Follow us on Socials!MACo on TwitterMACo on Facebook

In this episode, host Jim Love discusses several significant cybersecurity events and updates. The Washington Post confirmed a security breach affecting nearly 10,000 individuals due to an exploited Oracle E-Business Suite vulnerability. CrowdStrike's 2025 Global Threat Report highlights the rise of 'enterprising adversaries' and a surge in malware-free intrusions. In addition, a new phishing scam targets iPhone users by mimicking Apple's device recovery alerts. Finally, a listener raised concerns about security issues with SonicWall's management devices and systems. The show concludes with information on upcoming content and thanks to Meter for sponsoring the podcast. 00:00 Introduction and Sponsor Message 00:40 Oracle Breach Affects Thousands 02:53 CrowdStrike's Global Threat Report 07:04 New iPhone Phishing Scam 08:35 Listener Concerns About SonicWall 12:10 Conclusion and Upcoming Episodes

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Check out Barricade Cyber https://barricadecyber.com for #incidentresponse #ransomware and #BEC recovery. Register for BCS webinars!Check out John Strand's Pay What You Can Antisyphon Training:https://simplycyber.io/antisyphonAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform at https://threatlocker.com/dailycyberTake control of your data and keep your private life private by signing up for DeleteMe at https://simplycyber.io/deleteme promo SIMPLYCYBER for 20% offRegister for Flare's next training on Aug. 13th on Web App Testing at https://simplycyber.io/flareSimply Cyber Academy - The Place for Cyber Careers: https://academy.simplycyber.ioJoin SC Discord: https://SimplyCyber.io/discordPodcast in stream: https://cisoseries.comFollow SC: https://simplycyber.io/socials

Diversity & Inclusion in an Era of Emerging AI and Cyberthreats   The rise of candidate fraud has been a huge topic in recruitment in 2025, so much so that employers have had to take extreme steps to protect their businesses, from asking candidates to physically move on command in front of screen to come in person to attend interview on premise, to go through ID verification procedures which would have previously been reserved for high security roles.   What does all this mean for diversity and inclusion? That the question we're going to ask in today's Brainfood Live   - State of Candidate Fraud - What are the potential concerns for D&I - On premise, requires car - More rigid work patterns is bad for primary care givers - ID verification techniques depend on photo ID - Bank records / Criminal records / Credit records - Economically deprived are most likely to have disadvantage in ID verification processes - Gender: name change for women married / divorce - Trans: ID change, no longer recognised in some states? - Ambiguity on legislation, concern over future direction - How do we ensure that ID verification and candidate fraud mitigation steps do not over step into identity profiling and prejudice?   All this and more on brainfood live on air.   We're with Kyle Barry, CISO (Clear), Torin Ellis, Principal Analyst (The Torin Ellis Brand) & Daniel Chait, CEO (Greenhouse) on Friday 14th November, 2pm GMT.   Register by click on the green button (save my spot) and follow the channel here (recommended) to be noticed when we go live.     Episode 350 is sponsored by Greenhouse   It's tough out there for today's recruiting teams.   The rise of AI, slashed recruiting budgets and lean teams have made candidate funnels more chaotic than ever. Take back control of your candidate pipeline with new Greenhouse features that help put an end to application overload, messy data, and disconnected tools.   Check out everything new at Greenhouse here!

Technology Association of Grantmakers held their 2025 Conference in Atlanta. Jenny Huftalen and Carolyn Woodard attended and share the takeaways and trends in philanthropy for tech.The takeaways: Technology Association of Grantmakers (TAG) convenes members bi-annually to share knowledge and experiences on technology used at foundations and funders. Four trends stood out from this year's conference: AI, Data, Cybersecurity, and our own health.Almost every session and keynote spoke to the prevalence of AI in our lives, in philanthropy, and in the nonprofit space. If you are feeling FOMO or feeling that you don't know enough about AI, rest assured no one really knows what they are doing either. We also heard several fascinating use cases where nonprofits in partnership with funders are using AI in thoughtful and impactful ways. Data and database cleaning and organizing was also a trending topic. Several presentations stressed the need to work on your data processes and governance before throwing an AI product at your data and expecting it to clean it up for you. Again, thoughtful attention to the human side of data is necessary to make the AI work well. Several speakers stressed the need to weave cybersecurity throughout your operations and realize that IT and cybersecurity touch every staff member at your organization. Starting with anti-virus software not being built-in to your purchase, IT has constantly packaged cybersecurity as something additional and separate. But that is an inadequate viewpoint. Weave cybersecurity into everything and keep yourself and your organization better protected.Finally, our health. IT in philanthropy is all about people. People need to be healthy, which can require a pause to reflect even in chaotic and stressful times. Several speakers and attendees talked about the need, as ever, to re-focus on the essentials: the communities we partner with, the deep knowledge we have about the assets we hold and the challenges we face, and that we do this work because we have hope for a better future.It's clear that the intersection of technology and philanthropy is evolving rapidly. These trends can feel like a lot to navigate, but remember that the strongest solutions always come from a thoughtful, human-centered approach. Community IT is here to help your nonprofit or foundation thoughtfully weave technology into your operations so you can focus on your mission. _______________________________Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.

OWASP Top 10 2025 Release Candidate OWASP published a release candidate for the 2025 version of its Top 10 list https://owasp.org/Top10/2025/0x00_2025-Introduction/ Citrix/Cisco Exploitation Details Amazon detailed how Citrix and Cisco vulnerabilities were used by advanced actors to upload webshells https://aws.amazon.com/blogs/security/amazon-discovers-apt-exploiting-cisco-and-citrix-zero-days/ Testing Quantum Readyness A website tests your services for post-quantum computing-resistant cryptographic algorithms https://qcready.com/

Katie English & Chris Schasse discuss JNUC 2025 highlights: Platform SSO, Blueprints updates, AI security features, and macOS Tahoe improvements.   What You'll Learn: Platform API updates enabling third-party integrations with Jamf Blueprints and compliance features Platform SSO implementation replacing traditional Jamf Connect workflows Automated software update workflows through Jamf Blueprints AI Assistant capabilities for macOS security alerts and configuration profile analysis macOS Tahoe (macOS 15) and iOS 18 security enhancements Cybersecurity best practices for October 2025 Cybersecurity Awareness Month   Featured Guests: Katie English - Principal Product Manager at Jamf, former Jamf After Dark podcast host, expert in Apple device management and security product development Chris Schasse - Owner and Lead Technician at Rocketman Tech, former Jamf Professional Services team member, Jamf-focused MSP specialist, host of the Launchpad meetup Read more: https://www.jamf.com/blog/macos-26-platform-sso-simplified-setup/ https://www.jamf.com/blog/introducing-jamfs-ai-assistant/ https://www.jamf.com/blog/getting-to-know-declarative-management/   0:00 Introduction: Welcome Back from JNUC 2025 2:09 Cybersecurity Month Discussion 5:15 JNUC 2025 Highlights: Platform API & Blueprints 8:30 Platform SSO: The Future of Mac Identity Management 16:00 Jamf Account OIDC Migration Challenges 18:30 Blueprints Automated Software Updates 21:40 AI Assistant: Security Alerts & Configuration Analysis 32:15 Apple OS Updates: macOS Tahoe & iOS 18 35:05 Platform SSO vs Jamf Connect Strategy 39:40 Security Best Practices for Cybersecurity Month 44:20 New iPhone 16 Features & Hardware Security 47:00 Closing Thoughts & Resources

Send us a textPodcast Summary – Prepping Academy Podcast: “VPNs Explained – The First Line of Defense for Online Privacy”In this powerful episode of The Prepping Academy Podcast, host Forrest Garvin exposes the truth about VPNs (Virtual Private Networks) — what they really do, how they work, and which ones you can actually trust. As online tracking, censorship, and surveillance continue to rise, using a VPN has become a critical step in protecting your privacy, security, and freedom online.Forrest breaks down how VPNs encrypt your data, hide your location, and shield your digital activity from hackers, corporations, and even your internet provider. You'll discover the top VPNs for privacy, the red flags to avoid, and why many “free” VPNs are more dangerous than helpful. Plus, he shares insider tips on using VPNs with your smartphones, routers, and streaming devices for complete protection.If you value anonymity, freedom, and security in a connected world, this episode is a must-listen. Learn how to stay invisible online — the right way.Keywords: VPN, online privacy, cybersecurity, data protection, internet security, best VPNs 2025, anonymity online, PrepperNet, Prepping Academy Podcast, Forrest Garvin.FREE Webinars:Seating is limited, so reserve your spot now!  Dissappear On the InternetCrypto Digital Assets CourseGain Freedom with a Home-Based Business Join PrepperNet.Net - https://www.preppernet.netPrepperNet is an organization of like-minded individuals who believe in personal responsibility, individual freedoms and preparing for disasters of all origins.PrepperNet Support the showPlease give us 5 Stars! www.preppingacademy.com Daily deals for preppers, survivalists, off-gridders, homesteaders https://prepperfinds.com Contact us: https://preppingacademy.com/contact/ www.preppernet.net Amazon Store: https://amzn.to/3lheTRTwww.forrestgarvin.com

In this engaging session, Steve Boberski, Public Sector Chief Technology Officer for Genesys, introduces James McCament, the first Digital Transformation Officer for CBP. The discussion highlights James' extensive experience in federal service and his role in leveraging digital innovations and AI for enhancing CBP operations. James outlines his strategy for identifying and automating administrative tasks to give 'time back to mission,' emphasizing the importance of human-centered design and field innovation. Real-world examples, including the use of AI for non-intrusive inspections and the development of low-code solutions by frontline officers, illustrate how technology complements human intuition in critical decision-making. The conversation touches on change management strategies to foster trust and adoption of new technologies, underscoring the importance of collaboration, transparency, and practical application. The session concludes with a Q&A, addressing the integration of AI with human oversight and strategies to support cultural shifts within the agency. Subscribe on your favorite podcast platform to never miss an episode! For more from ACT-IAC, follow us on LinkedIn or visit http://www.actiac.org.Learn more about membership at https://www.actiac.org/join.Donate to ACT-IAC at https://actiac.org/donate. Intro/Outro Music: See a Brighter Day/Gloria TellsCourtesy of Epidemic Sound(Episodes 1-159: Intro/Outro Music: Focal Point/Young CommunityCourtesy of Epidemic Sound)

In this episode of The Data Chronicles, host Scott Loughlin is joined by Hogan Lovells partners Eduardo Ustaran and Charmian Aw to examine how regulators are rethinking the relationship between AI, innovation, and privacy. They discuss why many regulators view data protection rules not as obstacles, but as guardrails that can support responsible AI development through tools like impact assessments, transparency, and data minimization.   Eduardo shares insights from the Global Privacy Assembly, which brought together more than 140 data protection authorities from over 90 countries for regulator-led discussions on AI in daily life, cross-border data transfers, children's privacy, privacy-enhancing technologies, and other issues shaping global enforcement trends. Charmian, who leads the firm's Asia-Pacific Data, Privacy and Cybersecurity team, adds an APAC perspective with takeaways from the Global Cross-Border Privacy Rules Forum and the region's growing push for interoperability in data transfers and enforcement cooperation.   We also highlight the launch of our Asia Pacific Privacy Legislation Tracker, a new tool that compares privacy requirements across APAC jurisdictions designed to support companies in navigating the region's evolving data protection landscape.

Is AI out to get us? What can we do to keep ourselves safe in an increasingly digital world?In this episode of Connect, we are joined by Mark Lynd, globally recognized cybersecurity leader, cloud strategist, and acclaimed author. Together, we explore how to stay safe in the face of ever-growing threats. We'll learn about best practices, the risks of getting too confident, and tips to become more cyber-aware.Plus, we'll hear about Mark's inspiration as an author and what goes into writing his books, from Giving your Teen the Cyber Skills to Succeed to his latest novel, Cyber War: One Scenario, in which a fictionalized cyber war feels far too real. Join us as we discuss how AI continues to revolutionize cybersecurity and incident response, how businesses – and individuals – can stay safe, and of course what the future looks like. For more information about Axis Communications, visit us at www.axis.com Follow us on social media at Axis Communications - Home | Facebook Axis Communications: My Company | LinkedIn Axis North America (@Axis_NA) / TwitterAxis Communications USA - YouTube

Cyberthreats are everywhere, and while they may be inevitable, their impact can be manageable. Institutions who are prepared for cybersecurity disruptions are proactive and collaborative about their response. This episode of the Forward Thinking Podcast features FCCS SVP of Marketing and Communications Stephanie Barton, Lisa Parrinello, FCCS VP of Risk Management & Insurance Services and Naomi Baumann, FCCS VP of Claims & Insurance Services. Together they discuss how Farm Credit's Captive Insurance Company is helping institutions strengthen their cyberdefenses and what boards of directors need to know to stay ahead of the cybersecurity game.    Episode Insights Include:   The bigger picture of cyberthreats Cyberthreats used to be considered an IT-only problem, but that isn't the case anymore.  These enterprise-wide issues demand board-level attention.  Ransomware, extortion, targeted financial systems and AI deep-fake impersonations are some of today's biggest cyberthreats.  The goal today isn't just protection, it's resilience. A prepared institution can respond and recover from cyberthreats no matter where they hit.    The role of Farm Credit's Captive Insurance Company As the captive, they provide institutions cyber insurance and management services that go beyond what commercial insurance markets can offer.  They offer tailored protection designed specifically for the unique cooperative structure of Farm Credit.  Collaborative claims management proactively responds to any incident or threat of incident.  Their strategic access to commercial markets allows them to purchase insurance as well.  Over the years, Captive has saved an average of $50 million in insurance coverage.  Consistent system-wide learning whenever instances occur.    Resilience tools and strategies  Resilience requires a multi-layered approach based on assents and security needs.  Threat detection and response pinpoint vulnerability, endpoint detection, and tabletop exercises.  Human-centric risk management and ongoing employee training are critical for cyber risk management.  Employees and people are always going to be the weakest link in cybersecurity.  Data protection and resilience in communications in sensitive information need to be encrypted and backup tested.  Cybersecurity is not an impenetrable armor, it is an anatomy with multiple systems working together to respond and continue operating in a culture of proactive risk management.    The pivotal role of the board  Directors need to prioritize an approved annual cyber risk manual.  Ongoing development and maintenance of a robust program is essential.  Boards should receive quarterly reports on threats, vulnerabilities and mitigation actions.  Cyber oversight needs to be integrated into business technology planning.  FCA should be notified within 36 hours of any cyber incident.    The culture of cybersecurity Institutions build resilience when everyone is involved.  Third party oversight and engagement with cyber-focused legal counsel is crucial.  Most breeches don't happen in bad systems, they happen when good people let down their guard.  Muscle memory kicks in when crisis hits, but only when preparation has occurred.  Ultimately, cybersecurity is everyone's business.    This podcast is powered by FCCS.   Resources   Connect with Lisa Parrinello — Lisa Parrinello   Connect with Naomi Baumann — Naomi Baumann   Get in touch   info@fccsconsulting.com   "The goal isn't just protection – it's resilience." — Naomi Baumann   "The Captive provides consistent system-wide learning whenever instances occur." —  Lisa Parrinello    "Human-centric risk management and ongoing employee training are critical for cyber risk management." — Naomi Baumann   "Employees and people are always going to be the weakest link in cybersecurity." — Naomi Baumann   "Even without a deep technical knowledge, boards can strengthen resilience by asking the right questions and staying engaged." —  Lisa Parrinello    "Institutions build resilience when everyone is involved." — Naomi Baumann   Resilience is just as much about people as it is about systems." — Naomi Baumann

In this episode of The Managing Partners Podcast, Kevin Daisey sits down with Darren Findling, President of The Probate Pro, to discuss how law firm owners can evolve from managing cases to leading teams. Darren shares his experience implementing EOS (Entrepreneurial Operating System) to create accountability, streamline operations, and empower his leadership team. They explore how tools like ChatGPT and automation are reshaping the legal industry—from client communication and marketing to internal workflows. Darren and Kevin dive into why leadership, systems, and mindset matter more than ever for growing a successful firm in today's AI-driven world. Today's episode is sponsored by The Managing Partners Mastermind. Click here to schedule an interview to see if we're a fit. If you're a managing partner looking to scale your firm, attract top talent, and embrace innovation, this episode will inspire actionable change. Chapters (00:00:00) - Law Firm Network: Managing Partners Podcast(00:01:09) - Darren Criss on AI(00:01:37) - Law Firm Businesses: AI and the Challenges(00:04:35) - The Future of AI at the Probate Pro(00:09:08) - How to Lead With Fear in the Business(00:11:43) - Will Businesses Survive on Emotional Intelligence?(00:14:31) - A Taste of ChatGPT(00:17:26) - The AI Board of Advisors(00:19:40) - The Future of Collaboration with AI(00:25:34) - Law Firm Owners: Will They Be Abolished by AI?(00:30:02) - Legal AI: Access to Knowledge Will Be democratized(00:37:35) - AI Is Changing the Way You Search the Web(00:43:55) - Should Lawyers Use AI in Mock Trials?(00:46:46) - Are We Ready for AI Arbitration?(00:51:34) - Symantec CEO on Cybersecurity(00:52:14) - A AI Probate Pro

Topic 1: Is there a valid reason for Bitcoin to exist? You can now use Venmo (a subsidiary of PayPal) to pay for your tacos at Taco Bell. This is just the latest addition (see Apple Pay and Google Pay). Cash App is available indirectly as a card through Apple Pay and Google Pay.E-payments are expanding all the time. We can move money to relatives via apps from banks and services like Venmo.So what role does Bitcoin play other than hiding assets and transactions from the government?https://www.tacobell.com/offers-and-deals?utm_source=venmo Topic 2: Will Cyber Security have to Be a Private Function?CMMC (Cybersecurity Maturity Model Certification) became “effective” November 10th. At this point, it's unclear whether there's any funding for compliance with the regulations.At the same time, CISA staff and funding have been slashed and it's not yet clear what funding will look like going forward.Is security, monitoring of foreign actors, and distribution of cyber security-related information and alerts now simply left to the private sector by default? While some vendors will see money in pieces of this puzzle, is there a financial incentive to create a comprehensive cyber security infrastructure that's not funded by the government? Topic 3: Innovation Outpaces Adoption … Creating a Roadblock for Growthhttps://www.linkedin.com/pulse/speed-innovation-outpacing-adoptionwho-you-gonna-call-geoffrey-moore-4kyef/https://www.linkedin.com/pulse/disruptive-innovationthe-game-changing-geoffrey-moore-cjhyc/The speed of technology innovation has accelerated. The speed of technology adoption has not. This creates a backlog of trapped value for customers and a growth obstacle for vendors. How can we solve this? It's all about partners getting involved to deliver implementation / adoption services for emerging / disruptive technologies. Not “selling stuff” … but enabling customers to adopt stuff and get real value from it. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

As technology evolves, so does our understanding of its strengths and weaknesses.    This week on Feds At the Edge, we break down how artificial intelligence is transforming cybersecurity, where it can meaningfully improve defense, and what agencies should consider before deploying it.     LCDR Ian Roessle, Deputy Director, Center for High Assurance Computer Systems at the Naval Research Laboratory, explains why vulnerabilities don't always translate to real risk and emphasizes knowing your systems inside and out. He also notes that AI can introduce new exposures.    Martin Stanley, AI & Cybersecurity Researcher at NIST, outlines the Assessing Risks and Impacts of AI program, which is designed to help leaders validate and secure AI-enabled systems.     Jarrod Vawdrey, Field Chief Data Scientist at Domino Data Lab, discusses how agencies can move toward AI-driven cyber defense by assessing data readiness, isolating high-value targets, and shifting away from static, rules-based tools.    Tune in on your favorite podcast today as we explore practical guidance for deploying AI in cybersecurity while managing the risks it introduces.      

Khurram Chhipa currently serves as General Counsel at Halborn, a leading cybersecurity company in the Web3 space. With expertise spanning blockchain security, compliance, and digital risk management, he brings a unique perspective to the intersection of law and technology. Outside of work, Khurram enjoys spending time with family and friends. In this episode… Artificial intelligence is changing how cybersecurity teams detect and respond to threats. What once required manual monitoring has evolved into an adaptive solution that uses predictive modeling to identify risks sooner. While AI can strengthen security defenses, it also raises questions about accuracy and the need for human oversight.  For legal and security teams working in fast-moving sectors like blockchain, AI offers efficiency yet also introduces new risks. Large language models (LLMs) can help general counsels generate contracts and prepare for negotiations, yet they require human oversight to spot and correct errors. That's why companies need to develop clear playbooks, train teams, and implement a continuous review process to ensure responsible AI use. For security teams, the same principle applies. While predictive AI tools can identify threats earlier, security teams should also test their incident response readiness through tabletop exercises and encourage employees to adopt a don't trust, verify" mindset to guard against threats like deepfakes.  In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels talk with Khurram Chhipa, General Counsel at Halborn, about how AI is transforming cybersecurity. Khurram explains how AI is reshaping threat detection, why human oversight is essential when using AI in legal and security contexts, and provides practical strategies for implementing safeguards. He also describes the growing AI arms race and its impact on cybersecurity, and he provides tips on how companies can mitigate AI deepfake threats through custom training and implementing advanced security measures.

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Check out Barricade Cyber https://barricadecyber.com for #incidentresponse #ransomware and #BEC recovery. Register for BCS webinars!Check out John Strand's Pay What You Can Antisyphon Training:https://simplycyber.io/antisyphonAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform at https://threatlocker.com/dailycyberTake control of your data and keep your private life private by signing up for DeleteMe at https://simplycyber.io/deleteme promo SIMPLYCYBER for 20% offRegister for Flare's next training on Aug. 13th on Web App Testing at https://simplycyber.io/flareSimply Cyber Academy - The Place for Cyber Careers: https://academy.simplycyber.ioJoin SC Discord: https://SimplyCyber.io/discordPodcast in stream: https://cisoseries.comFollow SC: https://simplycyber.io/socials

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Check out Barricade Cyber https://barricadecyber.com for #incidentresponse #ransomware and #BEC recovery. Register for BCS webinars!Check out John Strand's Pay What You Can Antisyphon Training:https://simplycyber.io/antisyphonAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform at https://threatlocker.com/dailycyberTake control of your data and keep your private life private by signing up for DeleteMe at https://simplycyber.io/deleteme promo SIMPLYCYBER for 20% offRegister for Flare's next training on Aug. 13th on Web App Testing at https://simplycyber.io/flareSimply Cyber Academy - The Place for Cyber Careers: https://academy.simplycyber.ioJoin SC Discord: https://SimplyCyber.io/discordPodcast in stream: https://cisoseries.comFollow SC: https://simplycyber.io/socials

What really happens during a cyber attack? Not the Hollywood version — the real one. The kind businesses experience every single day when a single compromised password, phishing email, or zero-day vulnerability ignites a full-scale crisis.In this full episode, we take you inside the anatomy of a real data breach with digital first responders from NetGain Technologies — the cybersecurity professionals who live inside ransomware events, Business Email Compromise (BEC) incidents, and wire-fraud attacks every week.You'll see how attacks start, how fast they spread, what attackers do once they're inside your email, and the exact steps that decide whether a company recovers… or collapses.What You'll Learn: • How a phishing email turns into credential theft and internal compromise • Why Business Email Compromise (BEC) is now the #2 most expensive breach type • The tricks attackers use to hide inside inboxes and impersonate executives • How wire transfer fraud really happens — and how the 2-person rule stops it • What zero-days look like in the wild (and why patches aren't enough) • The role of MFA, phishing-resistant MFA, email controls, and layered security • Why backups must be immutable, air-gapped, and isolated • How incident response teams contain malware without destroying evidence • When to call cyber insurance, law enforcement, and breach counsel • The IR playbook: detection → containment → communication → forensics → recovery • Why every business — no matter how small — IS a target⌚ CHAPTERS 00:00 – Intro: What BEC Really Looks Like Today 03:42 – How One Email Starts the Attack Chain 11:20 – Why Finance Teams Are Target #1 19:05 – The Social Engineering Playbook 27:48 – Live Breakdown of a Real BEC Incident 38:22 – What Happens During Wire Fraud Recovery 46:10 – Technical Controls That Actually Work 55:36 – How to Build a No-NonsSend us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Support the show

When billions in dirty money move through hidden pipelines, who stops it? In this episode, Aidan Larkin speaks with investigative journalist and co-founder of the Organized Crime and Corruption Reporting Project (OCCRP), Paul Radu, about the uphill battle to reclaim stolen assets. Paul reveals how real estate has become a global laundromat for illicit cash and why political will and public accountability are often missing from the fight. They delve into the collision of cash and crypto in laundering schemes, the role of technology in exposing networks, and why professional enablers must be held accountable for facilitating financial crime. Timestamps00:00 – Introduction and Background 03:00 – Scale of Illicit Finance and Asset Recovery 08:50 – Real Estate, Political Will, and Law Enforcement Challenges 17:45 – Public Accountability, Global Coordination, and Citizen Involvement 23:50 – Technology, Crypto, and the Future of Money Laundering 29:55 – Transparency, Professional Enablers, and Concluding Thoughts About our GuestPaul Radu is an investigative journalist and co-founder of the Organized Crime and Corruption Reporting Project (OCCRP). Over the past 20 years, he has investigated corruption, organized crime, and illicit financial networks across Europe and beyond. Through his reporting, he exposes systemic corruption and criminal enterprises, providing critical insight into asset recovery, financial crime, and the global fight for accountability. Key TakeawaysThe Scale of Illicit Finance: Illicit finance totals around $3 trillion annually, with a significant portion invested in real estate, which criminals use to store assets and worsen housing crises. The Role of Investigative Journalism: Investigative journalists often uncover corruption and criminal networks, providing evidence that prompts law enforcement action. Political Will and Public Accountability: Strong political support is essential for launching large-scale investigations, and public scrutiny can drive local authorities to act against illicit finance. Global Coordination and Transparency: Effective asset recovery requires international collaboration and data transparency, enabling citizens and authorities to track and challenge illicit asset ownership. Professional Enablers and Criminal Innovation: Lawyers, bankers, and other enablers must be held accountable, and traditional money laundering methods remain important despite the rise of crypto. Resources Organized Crime and Corruption Reporting Project (OCCRP) OCCRP Report: Dubai Unlocked The Independent: Protesting dirty-money luxury homes in London Stay Connected Dive deeper into the world of asset recovery by subscribing to Seize & Desist Disclaimer Our podcasts are for informational purposes only. They are not intended to provide legal, tax, financial, and/or investment advice. Listeners must consult their own advisors before making decisions on the topics discussed. Asset Reality has no responsibility or liability for any decision made or any other acts or omissions in connection with your use of this material. The views expressed by guests are their own and their appearance on the program does not imply an endorsement of them or any entity they represent. Views and opinions expressed by Asset Reality employees are those of the employees and do not necessarily reflect the views of the company. Asset Reality does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in any particular podcast and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material. Unless stated otherwise, reference to any specific product or entity does not constitute an endorsement or recommendation by Asset Reality.

JC Gaillard continues his journey through the "First 100 Days of the New CISO" and focuses on the context of cybersecurity transformation and why it is key to map it from the start

Microsoft Patch Tuesday for November 2025 https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+for+November+2025/32468/ Gladinet Triofox Vulnerability Triofox uses the host header in lieu of proper access control, allowing an attacker to access the page managing administrators by simply setting the host header to localhost. https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480/ SAP November 2025 Patch Day SAP fixed a critical vulnerability, fixed default credentials in its SQL Anywhere Monitor https://onapsis.com/blog/sap-security-patch-day-november-2025/ Ivanti Endpoint Manager Updates https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2025-for-EPM-2024?language=en_US

Send us a textRecorded live at Cyber Bay 2025 in Tampa Bay, this conversation dives into how educators are preparing students for a rapidly changing tech world.

Send us a textMeet Rapid7's Deral Heiland—a self-described “visual historian” who balances high-tech research with hands-on artifacts from Roman coins to Civil War relics

The expiration of the Cybersecurity Information Sharing Act (CISA) on September 30, 2025, has resulted in a notable decline in U.S. cyber defense capabilities, with a reported drop of over 70% in the sharing of threat indicators. This lapse has created a legal and operational vacuum, leading to increased delays in alert dissemination and a rise in cyber threats, particularly in critical sectors such as healthcare and energy. Federal agencies and private companies are now hesitant to report incidents without the liability protections that CISA previously provided, resulting in a fragmented response to cyber threats.In response to the growing concerns over cybersecurity, the U.S. Congress has included a provision in the federal government shutdown legislation to extend CISA through the end of January 2026. This extension is crucial for facilitating the sharing of threat data between businesses and government agencies. Meanwhile, the Cybersecurity and Resilience Bill introduced in the UK mandates that medium and large IT management and cybersecurity service providers comply with minimum security standards, reflecting a shift towards greater accountability in protecting critical infrastructure.Additionally, Microsoft and 1Password are advancing passwordless technology, with Microsoft enabling the syncing of passkeys across devices and 1Password integrating a new native Passkeys plugin API for Windows 11. These developments aim to enhance user convenience and security, signaling a shift away from traditional password reliance. EasyDMARC has also launched Touchpoint, an AI-driven sales enablement tool for MSPs, while Enable has introduced a cyber warranty program offering financial protection for cyber incidents.For MSPs and IT service leaders, these developments underscore the importance of adapting to evolving cybersecurity regulations and technologies. The expiration of CISA highlights the need for private networks and MSPs to fill the intelligence gap left by government agencies. As compliance requirements tighten in the UK and the U.S., MSPs that can navigate these changes and assist clients in maintaining security and compliance will find significant opportunities in a rapidly changing landscape. Three things to know today00:00 U.S. Cyber Defense Falters as CISA Act Expires, Threat Sharing Plummets 70% Amid Budget Cuts04:35 Compliance Crossroads: New EU, UK, and U.S. Rules Reshape Data Protection and Cybersecurity for MSPs09:42 Vendors Push Simpler, Smarter Security: Microsoft Syncs Passkeys, N-able Adds Cyber Warranty, EasyDMARC Targets MSP Sales This is the Business of Tech.     Supported by:  https://getflexpoint.com/msp-radio/https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship

The most dangerous AI attacks don't just break your systems, they break your trust in reality. From deepfakes that fooled a company into losing an enormous amount of money to data poisoning that silently corrupts AI models, today's threats are unlike anything cybersecurity teams have faced before. Don't wait for these threats to hit your organisation, get ahead of them now.In this episode, Monica, a hacker turned CISO, keynote speaker, and founder of Monica Talks Cyber, reveals the dark side of AI and how you can protect your organisation while accelerating your security career. What you'll learn: Why deepfakes are just the beginning of AI-based attacks? How data poisoning works (and why it's so dangerous)? Practical defences: from AI supply chain security to human-in-the-loop protocols. How to position yourself as the AI security leader your company needs?Looking to become an influential and effective security leader? Don't know where to start or how to go about it? Follow Monica Verma (LinkedIn) and Monica Talks Cyber (Youtube) for more content on cybersecurity, technology, leadership and innovation, and 10x your career. Subscribe to The Monica Talks Cyber newsletter at https://www.monicatalkscyber.com.

We are thrilled to welcome back to our podcast, our favorite cybersecurity experts at Pulsar Security, a CMAA Education Partner, for answers to our questions about current cybersecurity trends. Pulsar is a company whose mission extends to protect clubs and their members against malicious attacks. The company is a Veteran, privately owned business built on vision and trust, whose leadership has extensive military experience enabling it to think strategically and plan beyond the problems at hand. We are excited to welcome back the CEO and Founder of Pulsar Security, Patrick Hynds and Chief Technology Officer Duane Laflotte.

Eric O'Neill, former FBI ghost and author of “Spies, Lies & Cybercrime,” joins host David Puner to take a deep dive into the mindset and tactics needed to defend against today's sophisticated cyber threats. Drawing on O'Neill's experience catching spies and investigating cybercriminals, the conversation explains how thinking like an attacker can help organizations and individuals stay ahead. The episode covers actionable frameworks, real-world stories, and practical advice for building cyber resilience in an age of AI-driven scams and industrialized ransomware.

In this episode of Cybersecurity Today, host David Shipley covers the latest threats in the cybersecurity landscape. Highlights include the emergence of the quantum root redirect (QRR) phishing kit, a sophisticated automated phishing platform targeting Microsoft 365 credentials across 90 countries. The hospitality industry is also being hit with a new 'click fix' phishing campaign, compromising booking systems and targeting hotel guests. Researchers discover new vulnerabilities in ChatGPT, exposing private data via indirect prompt injection attacks. Additionally, the University of Pennsylvania confirms a massive data breach, highlighting the risks of not implementing comprehensive MFA protocols. Stay informed with the latest cybersecurity news and insights to protect your organization. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:46 Quantum Root Redirect: A New Phishing Threat 03:47 Click Fix Phishing Attacks on Hotels 07:58 ChatGPT Vulnerabilities and AI Security Risks 11:37 University of Pennsylvania Data Breach 15:12 Conclusion and Call to Action

Lyceum's Cybersecurity Series Part 1: "What You Don't Know CAN Hurt You"   Welcome to Episode 30, Season 9 of A CEO's Virtual Mentor® In this opening installment of Lyceum's new Cybersecurity Series, A CEO's Virtual Mentor® convenes five board members and cybersecurity experts from the Lyceum Circle of Leaders® to confront one of the most elusive challenges in modern governance – understanding what you cannot see. As Stephen Hawking warned, "The greatest enemy of knowledge is not ignorance — it is the illusion of knowledge." That illusion, we learn, is the hidden trap of board cybersecurity oversight. Across four parts, our guests – Jorge Benitez, Brook Colangelo, Michael Crowe, Michael Kehs, and Wendy Thomas – illuminate how directors can move from passive awareness to active preparedness, transforming cybersecurity from a technical checklist into an enterprise discipline rooted in governance, visibility, and human judgment. The program examines why boards miss what matters most, how to see beneath the "hidden surface" of cyber risk, and how disciplined frameworks turn uncertainty into resilience. Through their collective insight, a new picture emerges: cybersecurity not as compliance, but as the continuous practice of foresight. Program Guide A CEO's Virtual Mentor® Episode 30 Lyceum's Cybersecurity Series Part 1: "What You Don't Know CAN Hurt You"   0:00 | Introduction Host Tom Linquist introduces Season 9 and Lyceum's special Cybersecurity Series — the first podcast project to draw on multiple members of the Lyceum Circle of Leaders®. He frames the series' purpose: to help boards confront cybersecurity not as a technical topic, but as a behavioral and governance issue — an invisible domain where the illusion of knowledge endangers oversight itself.   Part 1 — Why the Subject Is Important (4:00 – 16:30) Cybersecurity has evolved from a back-office function to a boardroom imperative. Jorge Benitez recalls establishing Accenture's early information-security practice and how cyber risk became a universal business concern. Mike Crowe contrasts threat motives across industries and stresses that "cybersecurity is everyone's responsibility." Brook Colangelo links cyber vigilance to corporate sustainability and shareholder trust. Michael Kehs reminds boards to get started early; that "by the time you hear the thunder, it's too late to build the ark." Wendy Thomas draws the parallel between today's need for cyber fluency and boards' earlier journey toward financial literacy.  Together, they establish the stakes: what boards don't know can — and will — hurt them.   Part 2 — Visibility (16:50 – 31:20) True oversight requires seeing what lies beneath the surface. Brook Colangelo describes forming a Technology and Cyber Committee and applying the NIST framework to benchmark maturity. Mike Crowe explains hiring "offensive" experts to test defenses before attackers do. Wendy Thomas introduces the streamlined Prevent–Detect–Respond (PDR) model, connecting it to board metrics such as mean time to detect and mean time to respond. She also warns that during crises, boards must remember: "There's no watching the game tape during the game." This segment translates technical language into governance visibility — turning blindness into inquiry.   Part 3 — Risk Management (31:36 – 39:50) Cybersecurity joins the top tier of every board's risk matrix. Mike Crowe situates cyber alongside geopolitical and climate risks. Tom Linquist introduces the "hidden surface problem" — the behavioral bias that limits directors to what is easily seen. Brook Colangelo reframes preparedness as competitive advantage: companies that prove digital trust win customers and revenue. Jorge Benitez observes that the most progressive boards now embed cyber within comprehensive risk frameworks, enabling all directors to engage.  This section bridges oversight and enterprise resilience, urging boards to govern the unseen.   Part 4 — Objectives of the Cybersecurity Series (40:18 – 44:58) The series concludes its first installment by looking ahead. Brook Colangelo highlights how global conflict and artificial intelligence have accelerated the pace and complexity of cyber risk. Wendy Thomas calls for a stronger community of boards that collectively raise the cost of attack. Jorge Benitez encourages continuous learning through peer forums such as the Lyceum Circle of Leaders®. Tom Linquist closes with an invitation to continue the series — a journey from illusion to insight, from defense to resilience.   Total Runtime: ≈ 45 minutes     We would like to express our special thanks to the clients of Lyceum Leadership Consulting that enable us to bring you this podcast.     Informative and Helpful Links   NIST's Cybersecurity Framework: https://www.nist.gov/cyberframework   CISA's Cybersecurity Incident & Vulnerability Response Playbooks: https://www.cisa.gov/sites/default/files/2024-08/Federal_Government_Cybersecurity_Incident_and_Vulnerability_Response_Playbooks_508C.pdf   Your host Thomas B. Linquist is the Founder and Managing Director of Lyceum Leadership Consulting and Lyceum Leadership Productions. Over his 25 years in management and leadership consulting he has served a wide array of corporate clients.  This includes leadership assessment and search for chief executive officers, chief financial officers, chief operating officers and directors of boards.  He holds an MBA from the University of Chicago and over his 35-year career has served in a variety of roles: as an engineer with Shell Oil Company, a banker with ABN AMRO Bank, and as treasurer was the youngest corporate officer in the 150+ year history at Peoples Energy Company in Chicago.  He is an expert on hiring and promotion decisions and leadership development.  Over the course of his search and advisory career, Tom has interviewed thousands of leaders and authored numerous articles exploring group decision-making under uncertainty, board effectiveness, and leadership development.   Join the Lyceum Circle of Leaders®  a community of forward-thinking leaders  dedicated to improving leadership through shared intelligence. Please spread the word among your fellow executives and board colleagues.   Program Disclaimer The only purpose of the podcast is to educate, inform and entertain. The information shared is based on the collection of experiences of each of the guests interviewed and should not be considered or substituted for professional advice. Guests who speak in this podcast express their own opinions, experience and conclusions, and neither The Leadership Lyceum LLC nor any company providing financial support endorses or opposes any particular content, recommendation or methodology discussed in this podcast. Follow Leadership Lyceum on: Our website: www.LeadershipLyceum.com LinkedIn: The Leadership Lyceum LLC Email us: info@LeadershipLyceum.com     This podcast Leadership Lyceum: A CEO's Virtual Mentor® has been a production of The Leadership Lyceum LLC. Copyright 2025. All rights reserved.

Brent Sledd is a top producing agent in the Kansas City market. He talks with Alex about his career journey, from working at Hallmark to managing investment properties and more. He also shares a warning to social media users to avoid falling victim to a scam that affected him earlier this year.

The Cybersecurity VC Report tracks venture capital deal flow is updated daily by the editors at Cybersecurity Ventures: https://cybersecurityventures.com/cybersecurity-venture-capital-vc-deals/ The VC Report is sponsored by Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies. https://evolutionequity.com/ In this episode, Richard Seewald, Founder and Managing Partner at Evolution Equity Partners, shares his expert opinion on the cybersecurity market and investing climate in our industry.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

If you like what you hear, please subscribe, leave us a review and tell a friend!

It isn t always defaults: Scans for 3CX Usernames Our honeypots detected scans for usernames that may be related to 3CX business phone systems https://isc.sans.edu/diary/It%20isn%27t%20always%20defaults%3A%20Scans%20for%203CX%20usernames/32464 Watchguard Default Password Controversy A CVE number was assigned to a default password commonly used in Watchguard products. This was a documented username and password that was recently removed in a firmware upgrade. https://github.com/cyberbyte000/CVE-2025-59396/blob/main/CVE-2025-59396.txt https://nvd.nist.gov/vuln/detail/CVE-2025-59396 JavaScript expr-eval Vulnerability The JavaScript expr-eval library was vulnerable to a code execution issue. https://www.kb.cert.org/vuls/id/263614

Send us a textFormer Army veteran and cybersecurity strategist Nia Luckey joins Joey Pinz Conversations live at Cyber Bay 2025 to explore how calm, creativity, and courage intersect in today's fast-moving digital world.From 13 years in the U.S. Army to leading major security operations for Cisco, JSOC, and AT&T, Nia reveals how adaptability, humility, and trust fuel progress in both tech and life. She reflects on her TEDx Sugar Creek journey, turning raw burnout into a message that now inspires thousands.We dive into:1️⃣ How her military mindset evolved into collaborative cybersecurity leadership2️⃣ Why AI and quantum bring both opportunity and risk3️⃣ The life lessons behind her motto — “Choose your hard.”Nia reminds us that real success starts with stillness, service, and consistent action — whether hiking mountain peaks or leading global security teams.

What if the real weakness in enterprise cybersecurity isn't the cloud or the network, but the endpoint sitting on every desk? In this episode, Klaus Oestermann, CEO of IGEL Technology, joins me at the Now and Next event in Frankfurt to discuss why he calls the endpoint the forgotten link in digital transformation. Klaus explains how decades of detect and mitigate thinking have left enterprises vulnerable, and why it is time to move toward a prevention-first security model that stops attacks before they start. He shares how IGEL's dual boot architecture allows organizations to recover thousands of devices in minutes, and why prevention-first design can deliver measurable ROI with an average 62 percent reduction in endpoint IT costs and more than 900,000 dollars in annual savings. During our conversation, Klaus also reflects on the surge in ransomware across critical sectors and why governments and enterprises alike are rethinking their endpoint strategies. He talks about how IGEL has become an essential part of modern Zero Trust frameworks, protecting sectors like healthcare, manufacturing, and public services, while partnering with leading technology providers to build stronger, integrated defenses. We also explore how those savings can be reinvested into Zero Trust, AI innovation, and new layers of defense, as well as how IGEL is helping secure critical national sectors from healthcare to manufacturing. From Audi's factory floors to government agencies, Klaus outlines a future where resilience begins at the endpoint, not the data center. Do you think enterprises are ready to make that shift? I would love to hear your thoughts after the episode. Useful Links Connect with Klaus Oestermann on LinkedIn Learn more about IGEL Follow on LinkedIn, Twitter and YouTube Tech Talks Daily is Sponsored by NordLayer: Get the exclusive Black Friday offer: 28% off NordLayer yearly plans with the coupon code: techdaily-28. Valid until December 10th, 2025. Try it risk-free with a 14-day money-back guarantee.

Certificates are the socks of IT—everyone needs them, and you always lose track of a few. On today’s show we dive into the ACME protocol, an IETF standard to help automate how a domain owner gets a domain validation certificate from a Certificate Authority (CA). Our guest, Ed Harmoush, a former network engineer with AWS... Read more »

Certificates are the socks of IT—everyone needs them, and you always lose track of a few. On today’s show we dive into the ACME protocol, an IETF standard to help automate how a domain owner gets a domain validation certificate from a Certificate Authority (CA). Our guest, Ed Harmoush, a former network engineer with AWS... Read more »

Ever wondered what happens to your online accounts when you're gone?

When “Normal” Doesn't Work: Rethinking Data and the Role of the SOC AnalystMonzy Merza, Co-Founder and CEO of Crogl, joins Sean Martin and Marco Ciappelli to discuss how cybersecurity teams can finally move beyond the treadmill of normalization, alert fatigue, and brittle playbooks that keep analysts from doing what they signed up to do—find and stop bad actors.Merza draws from his experience across research, security operations, and leadership roles at Splunk, Databricks, and one of the world's largest banks. His message is clear: the industry's long-standing approach of forcing all data into one format before analysis has reached its limit. Organizations are spending millions trying to normalize data that constantly changes, and analysts are paying the price—buried under alerts they can't meaningfully investigate.The conversation highlights the human side of this issue. Analysts often join the field to protect their organizations, but instead find themselves working on repetitive tickets with little context, limited feedback loops, and an impossible expectation to know everything—from email headers to endpoint logs. They are firefighters answering endless 911 calls, most of which turn out to be false alarms.Crogl's approach replaces that normalization-first mindset with an analyst-first model. By operating directly on data where it lives—without requiring migration or schema alignment—it allows every analyst to investigate deeper, faster, and more consistently. Each action taken by one team member becomes shared knowledge for the next, creating an adaptive, AI-driven system that evolves with the organization.For CISOs, this means measurable consistency, auditability, and trust in outcomes. For analysts, it means rediscovering purpose—focusing on meaningful investigations instead of administrative noise.The result is a more capable, connected SOC where AI augments human reasoning rather than replacing it. As Merza puts it, the new normal is no normalization—just real work, done better.Watch the full interview and product demo: https://youtu.be/7C4zOvF9sdkLearn more about CROGL: https://itspm.ag/crogl-103909Note: This story contains promotional content. Learn more.GUESTMonzy Merza, Founder and CEO of CROGL | On LinkedIn: https://www.linkedin.com/in/monzymerza/RESOURCESLearn more and catch more stories from CROGL: https://www.itspmagazine.com/directory/croglBrand Spotlight: The Schema Strikes Back: Killing the Normalization Tax on the SOC: https://brand-stories-podcast.simplecast.com/episodes/the-schema-strikes-back-killing-the-normalization-tax-on-the-soc-a-corgl-spotlight-brand-story-conversation-with-cory-wallace [Video: https://youtu.be/Kx2JEE_tYq0]Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Spotlight Brand Story: https://www.studioc60.com/content-creation#spotlight Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Breaking Free from Data Normalization: A Smarter Path for Security TeamsTraditional security models were built on a simple idea: collect data, normalize it, and analyze it. But as Director of Product Marketing Cory Wallace explains in this conversation with Sean Martin, that model no longer fits the reality of modern security operations. Data now lives across systems, clouds, and lakes—making normalization an inefficient, error-prone step that slows teams down and risks critical blind spots.Rethinking How Analysts Work with DataCory describes how schema drift, inconsistent field naming, and vendor-specific query languages have turned the analyst's job into a maze of manual mapping and guesswork. Each product update or schema change introduces a chance to miss something important—something an attacker is counting on. Crogl's new patent eliminates this problem by enabling search and correlation across unnormalized data, creating a unified analytical view without forcing everything into one rigid format.From Data Chaos to Analyst EmpowermentThis shift isn't just technical—it's cultural. Instead of treating SOC analysts as passive alert closers, Crogl's model empowers them with meaningful context from the start. Alerts now come with historical data, cross-referenced fields, and prebuilt queries, giving analysts the information they need to make decisions faster and more confidently.Efficiency with IntelligenceWallace explains how this approach saves time, reduces training burdens, and cuts dependency on multiple query languages. It helps overworked teams move from reactive triage to proactive investigation. By removing unnecessary layers of data transformation, organizations can accelerate incident resolution, minimize risk, and help analysts focus on what matters most—catching what others miss.At its core, the conversation highlights how removing the barriers of data normalization can redefine what's possible in modern security operations.Watch the full interview: https://youtu.be/Kx2JEE_tYq0Learn more about CROGL: https://itspm.ag/crogl-103909Note: This story contains promotional content. Learn more.GUESTCory Wallace, Director of Product Marketing at CROGL | On LinkedIn: https://www.linkedin.com/in/corywallacecrogl/RESOURCESLearn more and catch more stories from CROGL: https://www.itspmagazine.com/directory/croglPress Release: https://www.globenewswire.com/news-release/2025/11/05/3181815/0/en/Crogl-Granted-Patent-for-Analyzing-Non-Normalized-Data-for-Security.htmlForbes Article: https://www.forbes.com/sites/justinwarren/2025/11/05/tackling-cybersecurity-data-sprawl-without-normalizing-everything/LinkedIn Post: https://www.linkedin.com/posts/activity-7391913358817517569-QaCHAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Spotlight Brand Story: https://www.studioc60.com/content-creation#spotlight Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Honeypot Requests for Code Repository Attackers continue to scan websites for source code repositories. Keep your repositories outside your document root and proactively scan your own sites. https://isc.sans.edu/diary/Honeypot%3A%20Requests%20for%20%28Code%29%20Repositories/32460 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads Newly discovered malicious .NET packages attempt to deliver a time-delayed attack targeting ICS systems. https://socket.dev/blog/9-malicious-nuget-packages-deliver-time-delayed-destructive-payloads Side Channel Leaks in Encrypted Traffic to LLMs Traffic to LLMs can be profiled to discover the nature of prompts sent by a user based on the amount and structure of the encrypted data. https://www.microsoft.com/en-us/security/blog/2025/11/07/whisper-leak-a-novel-side-channel-cyberattack-on-remote-language-models/