Podcasts about Cyber security awareness

Today, we've got Amadou Kane of VicOne live from Austin, TX, at the NMFTA Cybersecurity Conference to talk about the real risks facing transportation, from hackers targeting ELDs and Class 8 trucks to supply chain vulnerabilities that could disrupt the entire freight network! We dive into how attackers manipulate GPS data, hijack vehicle controls, and even exploit EV chargers to threaten infrastructure, how fleets can fight back with onboard intrusion detection systems, real-time monitoring, and tighter OEM and supplier vetting through Software Bills of Materials (SBOMs), why vehicle security isn't just IT security, how cost-cutting at the OEM level creates risk, and what proactive measures the industry must take to protect drivers, assets, and national security!   About Amadou Kane Amadou Kane is a Sr. Solution Engineer and the North America Technical Lead at VicOne. With extensive experience in the automotive industry, previously spearheaded Wistron NeWeb's V2X programs in North America and served as the Automotive Business Development Manager, specializing in connectivity and ADAS. Amadou brings a wealth of expertise in developing innovative solutions to address the evolving challenges in automotive technology. He holds a Bachelor of Electrical Engineering and a Master's of Electrical and Computer Engineering, as well as an MBA from the University of Detroit Mercy.    Connect with Amadou Website: https://vicone.com/  LinkedIn: https://www.linkedin.com/in/amadoukn/  

Cybersecurity Awareness Month with Lance Reid S1E14: On this episode host Tom Testa invites Lance Reid, CEO of Telcion to discuss cybersecurity in healthcare during Cybersecurity Awareness Month. Lance shares insights on how healthcare organizations, particularly community clinics, face unique cybersecurity challenges due to limited resources and staff wearing multiple hats, emphasizing that operational maturity rather than location is the key factor in managing risks. To stream our Station live 24/7 visit www.HealthcareNOWRadio.com or ask your Smart Device to “….Play Healthcare NOW Radio”. Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen

Send us a textWe are looking at the latest threats, hacks and risks during Cybersecurity Awareness month. As technology is constantly changing so does our need to adapt in areas of cybersecurity. We are joined on this episode of TN Court Talk by the AOC's Chief Technology Officer Brandon Bowers and Chris Gill, Security Administrator with the AOC.

How secure is your trucking operation against cyberattacks? Are you confident your team could spot a phishing email or fake shipper domain before it costs you thousands? Today, listen to cybersecurity expert Melanie Padron speaking about the growing threat landscape in transportation! We discuss why small and mid-sized carriers are prime targets, often hit hardest because they lack dedicated security resources, how AI-powered tools are helping companies stay ahead of evolving cyber risks, and practical solutions: employee training, incident response plans, vendor vetting, and partnering with cybersecurity professionals who understand trucking operations. The key message? “Trust but verify.” As National Cybersecurity Awareness Month reminds us, education and consistency are your best defense. Whether you run one truck or a 500-unit fleet, acquire strategies from this episode to secure your business and protect the future of the industry.   About Melanie Padron Melanie Padron is a risk management expert and cybersecurity speaker who has made it her mission to protect trucking companies from cyber threats. She's been right there in the trenches when ransomware attacks hit, helping pick up the pieces after systems are encrypted and ransom demands arrive. After spending over 20 years in the insurance industry helping businesses recover from disasters, Melanie has shifted her focus to something she's even more passionate about: stopping those disasters from happening in the first place through proactive cybersecurity. Her connection to trucking is personal. Growing up working in her family's convenience stores, she watched the steady stream of trucks that kept their gas tanks filled and shelves stocked. Her uncle and aunt were owner-operators who crossed the country delivering freight, giving her firsthand insight into the dedication and sacrifice required to build a trucking business. Working with veteran-owned IT Architeks, Melanie helps trucking leaders secure their fleets and leverage AI to become more efficient and profitable. Her approach is simple: when trucking companies truly understand their risk, real protection begins. One company at a time, she's working to build cyber resilience in the trucking industry.   Connect with Melanie Website: https://www.itarchiteks.com/  LinkedIn: https://www.linkedin.com/in/melanie-padron/  

10-21-2025 Karissa Breen Learn more about the interview and get additional links here: https://usabusinessradio.com/building-a-stronger-cyber-future-for-cyber-security-awareness-month/ Subscribe to the best of our content here: https://priceofbusiness.substack.com/ Subscribe to our YouTube channel here: https://www.youtube.com/channel/UCywgbHv7dpiBG2Qswr_ceEQ

It's officially Cybersecurity Awareness Month with the theme being ‘Stay Safe Online' this year. It's an important month as it helps organizations and people build awareness and serves as a reminder to follow best practices to ensure digital safety. Tune into this podcast as RSAC is joined by the National Cybersecurity Alliance team who will delve into the history and transformation of Cybersecurity Awareness Month to help boost your security awareness. Lisa Plaggemier, Executive Director, National Cybersecurity Alliance Cliff Steinhauer, Director, Information Security & Engagement National Cybersecurity Alliance Tatyana Sanchez, Content & Program Coordinator, RSAC Kacy Zurkus, Director, Content, RSAC

President and CEO of the Better Business Bureau Steve Bernas joins Wendy Snyder (in for Bob Sirott) to talk about the increase of AI scams during the Medicare Open Enrollment period and what to be aware of during Cybersecurity Awareness Month. He also explains what “wrong number” scams are and how con artists stealing debit cards from mailboxes.

Unlocking Online Safety for Families in an AI WorldThis conversation delves into the critical intersection of child safety and artificial intelligence in today's digital landscape. The speakers discuss the importance of teaching children to navigate online spaces safely, the risks associated with social media, and the evolving nature of AI technology. They emphasize the need for common sense guardrails, the implications of identity theft, and the spread of misinformation. The discussion also touches on the future of AI regulation and the importance of education in safeguarding against cyber threats.Chapters00:00 Navigating Online Safety in an AI World02:35 The Intersection of AI and Child Safety05:29 Guardrails for Social Media and Parenting08:24 The Digital Footprint of Future Generations11:20 The Role of Social Media Companies14:18 The Risks of Identity Theft and Cybersecurity19:11 The Evolution of AI and Its Implications21:48 Jailbreaking AI: A New Frontier24:52 The Spread of Misinformation28:57 The Future of AI Regulation31:49 Preparing for an AI-Driven World34:43  AI and Cybersecurity35:30  AI, Cybersecurity, & Family Safety42:00  social media safetySend us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Support the show

October is Cybersecurity Awareness Month. We get some basic safety tips from cybersecurity expert Alex Hamerstone.

Lisa Plaggemier is the executive director of the National Cybersecurity Alliance. In this episode, she joins Cybercrime Magazine to highlight this year's Cybersecurity Awareness Month, which aims to teach people simple ways to protect themselves online every October. To learn more about the National Cybersecurity Alliance and Cybersecurity Awareness Month, visit https://staysafeonline.org. • For more on cybersecurity, visit us at https://cybersecurityventures.com/

What would happen if your freight data got hacked before your trucks even hit the road? In this episode, NMFTA's Joe Ohr digs into how cybersecurity threats are evolving fast across freight and supply chains, from stolen tequila loads rerouted through digital trickery to insider risks hiding in forgotten system logins! We talk about why cyber protection isn't just an IT problem anymore, but also a business survival issue, how AI is changing the game for detecting and responding to cyberattacks, and the upcoming NMFTA Cybersecurity Conference in Austin, a must-attend event where industry leaders share practical defense strategies, run hands-on tabletop exercises, and build real plans companies can use immediately. Cyber threats are only getting smarter, and if you're not training, auditing access, and collaborating with others in the industry, you're already behind, so keep tuning in to our conversation!   About Joe Ohr Joe Ohr has more than two decades of experience in technical operations, customer success management, customer support, and product support. Currently serving as the Chief Operating Officer for the National Motor Freight Traffic Association, Inc. (NMFTA)™, he plays a pivotal role in helping to advance the industry through digitization, classification, and cybersecurity. Prior to Ohr's role at NMFTA, he served as in numerous engineering and operations positions at Qualcomm and Eaton, and most recently held the position of Senior Vice President of Operations/Customer Experience at Omnitracs. Throughout his career, Ohr has provided strategic guidance, vision, and a roadmap for addressing long-term customer challenges. He has played a key role in accelerating revenue growth and has collaborated closely with IT, product, and engineering teams to foster stronger partnerships with strategic customers and peers. Additionally, Ohr has overseen post sales customer support and service teams, as well as operations, managing a workforce of over 400 individuals. He holds multiple certifications such as CCNA from Cisco and MCSE from Microsoft and earned his Bachelor of Science in Education from the Ohio State University. Due to his contributions to the industry, he earned a spot in the Inner Circle in 2015 and 2018 from Qualcomm and Omnitracs.  

In this episode, Cybercrime Magazine Editor-in-Chief Steve Morgan shares a real-life scam incident he encountered, telling listeners exactly how it happened so they can protect themselves during Cybersecurity Awareness Month. The Cybercrime Magazine Update airs weekly and covers the latest news, interviews, podcasts, reports, videos, and special productions from Cybercrime Magazine, published by Cybersecurity Ventures. For more on cybersecurity, visit us at https://cybersecurityventures.com

On this week's episode of the Security Sprint, Andy is joined by the Cybersecurity Evangelist herself, Jennifer Walker as well as Sadie Anne Jones! Together they covered the following topics:Warm Open:• Tribal-ISAC Unveils Cybersecurity Report & Tribal-ISAC cybersecurity report delivers data, insights into risks• (TLP:CLEAR) WaterISAC Physical Security Advisory Committee: Insider Threat Management – Fact Sheet.• Colin Wood on Bluesky: “October isn't only cyber awareness month. It's also National Popcorn Poppin' Month, National Adopt a Shelter Dog Month and Eczema Awareness Month. There's something for everyone, really” It's also National Pizza Month!Main Topics:CISA: Cybersecurity Awareness Month - Building a Cyber Strong America. October is Cybersecurity Awareness Month! This year's theme is Building a Cyber Strong America, highlighting the need to strengthen the country's infrastructure against cyber threats, ensuring resilience and security. • Cybersecurity Awareness Month Toolkit• DHS and CISA Announce Cybersecurity Awareness Month 2025• Article: DHS, CISA kick off Cybersecurity Awareness Month 2025 to protect critical services, boost national resilienceCybersecurity Information Sharing Act of 2015 (CISA 2015): • CISA 2015 sunsets: Cyber Threat sharing without a net? • CISA Liability Protections Terminate - What Legal & InfoSec Need to Know Before Sharing Cyber Threat Information• Cyber Threat Information Sharing at Risk: What Companies Should Consider if the Cybersecurity Information Sharing Act of 2015 Is Not Renewed• Cyber defenders on edge amid shutdown furloughs, expired authorities• Information sharing under CISA 2015 in limbo after government shuts downQuick Hits:• Judge temporarily blocks use of National Guard in Portland• USNORTHCOM statement regarding protection of federal property and personnel in the Portland Area• Trump says US is in ‘armed conflict' with drug cartels after ordering strikes in the Caribbean• Venezuela says it detected 5 US ‘combat planes' flying 75km from its coast, calls it a ‘provocation'• Clop extortion emails claim theft of Oracle E-Business Suite data• Active exploitation of vulnerability affecting Oracle E-Business Suite• Oracle Security Alert Advisory - CVE-2025-61882• CISA and UK NCSC Release Joint Guidance for Securing OT Systems• Shutdown guts U.S. cybersecurity agency at perilous time• CISA to furlough 65% of staff if government shuts down this week• UK NPSA - Manchester Incident • Security boost for Irish Jews after Manchester synagogue attack• Global Exposure of 180,000 ICS/OT Devices Raises Safety Concerns

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Gwenn Cujdik, the Incident Response and Cyber Services Lead for North America at AXA XL. Justin and Gwenn cover various cybersecurity topics, and how her 15 years as an Assistant District Attorney prepared her for her current role of responding to cyber attacks. Listen for tips on securing your organization, large or small, from cyber attacks and responding when, not if, they come. Gwenn shares her experiences and some advice.   Listen for Gwenn's insights to help you be vigilant and prepared against cybercrime.   Key Takeaways: [:01] About RIMS and RIMScast. [:14] With great sadness, the RIMS family lost a true leader in September. Susan Meltzer was an exceptional risk professional and passionate volunteer with RIMS. She served as the Society's President in 1999 and 2000. [:29] RIMS has established a scholarship fund in her name. You can donate to that fund through RIMS, The Foundation for Risk Management®, at RIMS.org/FRM. [:46] About this episode of RIMScast. This is our National Cybersecurity Awareness Month episode. Here to lend her insight on all things cyber is Gwenn Cujdik. She is the Incident Response and Cyber Services Lead for North America at AXA XL. [1:19] We're also going to talk about her fascinating career that antedates her time in cyber. [1:24] RIMS-CRMP Prep Workshops! The next RIMS CRMP Prep Workshops will be held on October 29th and 30th and led by John Button. [1:36] The next RIMS-CRMP-FED Virtual Workshop will be held on November 11th and 12th and led by Joseph Mayo. Links to these courses can be found through the Certifications page of RIMS.org and through this episode's show notes. [1:53] RIMS Virtual Workshops! RIMS has launched a new course, “Intro to ERM for Senior Leaders.” It will be held again on November 4th and 5th and will be led by Elise Farnham. [2:07] On November 11th and 12th, Chris Hansen will lead “Fundamentals of Insurance”. It features everything you've always wanted to know about insurance but were afraid to ask. Fear not; ask Chris Hansen! RIMS members always enjoy deep discounts on virtual workshops! [2:26] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes. [2:37] Several RIMS Webinars are being hosted this Fall. On October 9th, Global Risk Consultants returns to deliver “Natural Hazards: A Data-Driven Guide to Improving Resilience and Risk Financing Outcomes”. [2:51] On October 16th, Zurich returns to deliver “Jury Dynamics: How Juries Shape Today's Legal Landscape”. On October 30th, Swiss Re will present “Parametric Insurance: Providing Financial Certainty in Uncertain Times”. [3:08] On November 6th, HUB will present “Geopolitical Whiplash — Building Resilient Global Risk Programs in an Unstable World”. Register at RIMS.org/Webinars. [3:20] On with the show! It's National Cybersecurity Awareness Month here in the U.S. and in many places around the world. Cyber continues to be a top risk among organizations of all sizes in the public and private sectors. [3:35] Joining me today to discuss cybersecurity awareness is Gwenn Cujdik. You may remember her from the RIMS AXA XL webinar on September 4th, “Lock Down & Level Up.” [3:52] During that webinar, we had a brief, fascinating discussion about her time as an Assistant District Attorney in Pennsylvania. [4:01] I wanted to learn more about how someone transitions from a colorful career to cybersecurity and eventually becomes the Incident Response and Cyber Services Lead for North America at AXA XL. [4:15]  She's got a lot on her plate. She's got a huge risk radar. We're going to talk all about it and help all the risk managers out there use her insight and perspective to protect their organizations. Let's get to it! [4:28] Interview! Gwenn Cujdik, welcome to RIMScast! [5:09] Gwenn is Incident Response and Cyber Services Lead for North America at AXA XL. When a client has a cyber breach, they call AXA XL and work with Gwenn's teams. [5:42] Gwenn works on training her teams to be able to respond, setting up procedures and processes to make the response seamless and collaborative, and making sure the clients get consistent service, whoever handles the call. [6:16] Gwen's team has 18. Four are in leadership with 14 more team members. Two managers directly supervise the teams to help them with answers to questions about unusual situations. [6:50] Gwenn helps the teams understand massive events and how they might affect AXA XL and their clients, how to interact with brokers, and technical matters. She helps the team understand coverages when it comes to something unique. “It's all hands on deck for us!” [7:55] Gwenn says, Fighting crime is a part of who I am. She is driven by helping others get through some terrible times. She has seen the worst of the worst. Sometimes it takes just one helping hand to get people through tough times. She has seen how impactful that can be. [8:44] Sometimes, in a crisis, how people interact with the victim could be the recipe for them to recover fully from that event. Gwenn has seen people recover, take back their lives, move forward, and be survivors. She has seen corporations and companies do so and become better. [9:39] Justin repeats that Gwenn has seen the worst of the worst: homicides, murders, abuses of women and children, arson, and more. She has seen it all, including things that she wishes she hadn't seen. [10:27] Gwenn compares cyber incident response to her ADA work. A prosecutor has to be able to handle things under pressure. The best prosecutors are looking to do the right thing. Gwenn has met many people who, absent the crime, would have been friends. [11:06] You have to be able to see there's a human on the other side, and there are humans that they hurt. You do right by understanding that there are a lot of players involved, who are humans. [11:26] It helps you understand where somebody might be coming from. It helps you understand why they might be screaming at you. “I'm just the messenger, but let's talk about why you're so upset.” [11:39] Gwenn says one of the cool things about being a prosecutor is that every case you have presents a different set of facts and circumstances. There's a law that's intertwined with it, and that's interesting for Gwenn. [11:54] The first time Gwenn had an arson case, she had to work with the Fire Marshals to understand how they knew the fire started here. How did they know it was a chemical? She started with the Fire Marshals and then went to the crime scene to talk to Forensic Chemists. [12:11] The Forensic Investigators explained the chemistry behind the Molotov Cocktail that was thrown through the window. This was how the fire started, and then it enveloped the room. [12:22] When Gwenn first worked with DNA, she found it to be incredibly complicated. She had to learn it to be able to explain it. Her job was to explain to 12 people why DNA mattered, why it's this guy, and not anybody else, that committed this crime; the numbers are insane. [12:44] It could be one in a hundred quadrillion that it's another person. Those numbers are insane, and it's really hard to understand. [12:56] Gwenn was in the DA's office when cell site analysis came around; being able to triangulate where someone is, using cell towers. The Philadelphia Field Office had one of the pioneers in that science. Gwenn learned from him. [13:13] One of Gwenn's matters was a homicide. They tracked the defendant from the scene of the crime, through public transportation, back to his house, using cell site triangulation. While they were mapping, the actor Joe Piscopo came by, touring the building. Gwenn was an SNL fan. [14:23] Gwenn's prosecutorial experience translates to cyber in that each matter is a little different. There's a bad guy at the other end. Gwenn is not sympathetic to the bad guys because they are anonymous. Nobody sees them or knows them. It's usually a criminal enterprise. [14:59] It's a group of people working together, motivated by money and wreaking havoc on people who are trying to make a living and support their families. The bad guys want to extort millions of dollars and put businesses and livelihoods in danger. [15:42] In Philadelphia, the elite of the elite prosecutors worked in homicide. Some spend 20 or 30 years there. Gwenn was an ADA for 15 years, but couldn't see herself doing it for 20 or 30 years. She wanted to stay positive and be a force for good when she was dealing with bad. [16:34] She wondered where she could go to have a similar impact for good, investigating, and helping people get through an awful time. [16:45] Gwenn had a friend who worked with her in the Family Violence and Sexual Assault Unit. She had left the office to work for a new law firm doing cyber incident response. She called Gwenn and said she would be really good at it. She explained it to Gwenn. [17:50] Gwenn interviewed with the firm and got an offer the day she interviewed. She realized that was what she wanted to do. Some former prosecutors were doing it. There were some amazing people, and she wanted to be a part of that, something new, interesting, and growing. [18:15] Gwenn wanted to be challenged and get to help people. Once she discovered it, she couldn't think of a better transition for people who are in law enforcement than going into cybersecurity. [18:39] RIMS Events! On November 17th and 18th, join us in Seattle, Washington, for the RIMS ERM Conference 2025. The agenda is live. Check out Episode 357 for Justin's dialogue with ERM Conference Keynote Presenter Dan Chuparkoff on AI and the future of risk. [18:59] Visit the Events page of RIMS.org to register. [19:02] RISKWORLD 2026 will be in Philadelphia, Pennsylvania, from May 3rd through May 6th. RIMS members can now lock in the 2025 rate for a full conference pass to RISKWORLD 2026 when you register by October 30th! [19:16] This also lets you enjoy earlier access to the RISKWORLD hotel block. Register by October 30th, and you will also be entered to win a $500 raffle! Do not miss out on this chance to plan and score some of these extra perks! [19:30] The members-only registration link is in this episode's show notes. If you are not yet a member, this is the time to join us! Visit RIMS.org/Membership and build your network with us here at RIMS! [19:42] Let's return to our interview with Gwenn Cujdik! [20:14] Gwenn says cybersecurity takes a village. What she learned in criminal prosecution is that as long as there have been humans, there has been crime. We're fortunate as a society to have laws, law enforcement, governing bodies, and organizations to keep crime down. [20:54] It's not dissimilar to cybersecurity. If Gwenn were talking to a board, she would say, It takes everybody in your community, in your organization, to build resilience, protect yourself from cybercrime, and react to it. [21:12] Gwenn says a big mistake people often make is thinking incident response is a job for just their tech team. The IT team is not trained in all the various fields you need to be an expert in to get through a cyber incident. [21:41] Your IT team will be able to get you up and running, collaborate, and be a good foundation for the incident response, working with outside experts. It takes people who understand the law and who understand communications. [21:54] It takes people who understand the brand, who are the heart of the organization, to be able to respond. Your CISO may say, Here's how I think that we should respond, but your CEO may say, This isn't how I think we would respond to an event like this. Keep in mind who we are. [22:32] Your legal team is there to say, Here's why we can't do that, the risk is too great; It will be worse if you do X, Y, Z; You shouldn't do that because you need to be compliant with the law. [23:11] Gwenn says good leaders lead best when they model. If you expect people to be open-minded and collaborative, you need to be the same. For the most part, organization leadership is very aware that cybersecurity is an important part of who they are and will be. [23:55] Gwenn has met a ton of CEOs who admit they don't know what they don't know and ask for help to understand cybersecurity so they can help their organizations in the best way possible. Some CEOs are thinking ahead and putting teams together that understand their role. [24:20] Gwenn has encountered CEOs who are just messing up the process. One wanted to invite his wife, not an employee, to the conversation because she would like to hear about it.  From a legal and business perspective, it's very risky for the company. [25:04] One Final Break! The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved, in part, by its collaboration with risk management and insurance educators across the U.S. and Canada. [25:23] Since 1999, Spencer has awarded over $2.9 million to create more than 570 Risk Management Internships. The Internship Grants application process is now open through October 15th, 2025. [25:39] To be eligible, risk managers must be based in the U.S., Canada, or Bermuda. A link to the Internship Grants page is in this episode's show notes. You can always visit SpencerEd.org, as well. [25:53] Let's Conclude Our National Cybersecurity Awareness Month Interview with Gwenn Cujdik! [26:05] It's National Cybersecurity Awareness Month 2025, here in the U.S. It's a big month for everyone in Gwenn's house; they have to pull their own weight a little more because she's traveling a lot, she's out a lot, and there are a lot of conferences and meetings going on! [26:29] Gwenn tries not to shove everything cyber just into October. October is busy, and she loves it. [26:56] On October 29th, at the Sheraton New York Times Square Hotel in Manhattan, Gwenn will be the Conference Co-Chair for the Zywave Cyber Risk Insights New York event. It's a full day with a lot of very knowledgeable individuals from a range of companies. [27:50] It is one of Gwenn's favorite events. It's a day packed with good information. She would love to see more risk managers and CISOs join it. The amount of information you can get in one day is almost unbelievable. The content is pretty diverse. [28:21] It covers claims, the state of the market, the different ways threat actors are attacking, how to prepare better for attacks and for business continuity, and how to organize invoices and costs as you're going through an incident response. [29:01] Gwenn says, Get the small things right so you can deal with the big things. While you tackle the small things, you can talk about whether or not the law requires you to file notifications to seven million people and how to get through that as a company. [29:22] Gwen says it's a great event. Gwenn will be there, giving opening remarks. Justin will be there, after attending a heavy metal concert the night before. The link is in this episode's show notes. [30:52] When Gwenn entered the cybersecurity field, she was surprised at the female presence. One of the managing partners who interviewed her was a female. There are also savvy female hackers out there. [31:35] Gwenn says that in criminal law, people have trouble understanding that women can commit crimes, the same way that men can. Gwenn points out Elizabeth Holmes and the book Bad Blood, about Theranos. [32:23] Gwenn mentions a woman in government who embezzled $22 million from her community to show horses. [32:42] Gwenn says, in terms of cybersecurity being a male-dominated field, we're all learning together; anybody who tries and is committed to it can do it. Because it's new, people come from different backgrounds with diverse experiences. [33:11] Gwenn says, We're seeing value in people coming from different careers and different industries and seeing their skillsets translate to cybersecurity. In this field, you need great diversity with people from all different backgrounds to be able to tackle this. [33:38] It's not one-size-fits-all. There are personalities involved. There are different businesses involved, from small to large, public to government. You have to be able to understand a huge variety of people and businesses. You have to understand a huge amount of technology. [34:00] Gwenn talks about the differences between cybersecurity and other industries. eDiscovery for cyber is not the same as eDiscovery for litigation. You need special people and tooling, and you have to understand what the tooling is, which helps you figure out timing. [34:43] Technology is always developing. Gwenn compares it to cat and mouse. We're constantly chasing the bad guys to figure out what they're doing. Sometimes it's reactive. They'll think of something new, and we've never seen it before. This is how we get through it. [35:04] The tools and a skillset you've used dealing with everything before help you tackle what's coming. Even the way we investigate and respond to things has changed. [35:16] Gwenn says when we came on the scene, we would grab images of all the computers. If there were 50 computers, you would have 50 images, which would mean people going through a massive amount of data, taking a really long time. [35:30] We don't do that now. We have tools and technology that can get through a system programmatically, to pull the evidence we need to do these investigations without having to go into a shop and take copies of laptops or servers to get through that. [35:49] That makes a potential difference of millions of dollars in responding. It's the difference between months and a month to respond. [36:15] Gwenn has not seen a malicious actor with technology or an algorithm that is beyond what she has seen before. She says, We have the technology they have. You'd be surprised how much private industry gives to our community in terms of intelligence and technology. [36:35] Gwenn adds, We work with the government to find out solutions. The industry is armed pretty well. Gwenn has seen some things that have impressed her. One attacker was pulling searches from a legal hold, getting into sensitive information. [37:16] Their searches looked legitimate, like what an attorney would look for, so it didn't set off bells and whistles. Gwenn wonders how they knew to look in a legal hold. Were they lawyered? That was something small but ingenious to Gwenn. [37:46] Seeing a smart attack invigorates Gwenn to use her brain and try to be as smart or smarter. She says that's what is great about this job. It's constantly changing. You're constantly moving. It's not for weak minds. [38:11] To excel, you have to be smart, tenacious, and love learning. You have to love that you may be an expert in this, but you may become obsolete. You've got to keep your game up.  Gwenn says she is just a big nerd for it. [38:33] Attackers are using AI more. Gwenn recalls two incidents recently where two different groups, for two different reasons, were attacking Salesforce. That's the rub of being popular. One group used AI to search quickly for sensitive information to leverage attacks on companies. [39:27] Unfortunately, people are reusing passwords, and the bad guys know that. Gwenn says you'd better not! [39:57] Justin comments that AI being used for a cyber attack should be on companies' risk radars. How can they adjust defense strategies to stay ahead of something like that? [40:08] Gwenn is dealing with that at this moment. If you are a big company with subsidiaries and locations around the country or the world, segregate the networks. If an attack hits your facility in Oklahoma, they won't have access to your facility in Belgium. [40:38] If your locations are networked, it's a domino effect. If one goes down, they all go down. In terms of business resilience, that is the one factor that can tumble everything with the press of a button. [40:55] The tools that bad guys are using are meant to get them through fast. They get in, use AI to conduct reconnaissance, and get terabytes of data out quickly. It's important to take every effort to reduce the severity of an attack in its spread and the amount of data stolen. [41:40] Can they move laterally within a company or elevate privileges by getting to the admin, who has access to everything? It's great to focus on how to prevent it, but the reality is, they're going to find a way. It's not if, it's when. [42:09] While you have to prevent the attack from happening, and be vigilant. If you get an attack, you have to make sure it's small, you respond quickly, and it's not going to hit every facet of your company. Attacks that hit every facet of the company are the most devastating. [42:39] Justin says you've been wonderful. You've given us so much to think about when it comes to National Cybersecurity Awareness Month. You do great work! I look forward to seeing you in more AXA XL RIMS collaborative webinars! [42:55] We'll see you in the city for the Zywave Cyber Risk Insights New York, on  October 29th, delivering the opening address and mingling with attendees. [43:04] Gwenn says, I'll be there all day, attending sessions, supporting my friends on panels, my cyber family, and for folks who want to meet me. I'm always happy to talk cyber! [43:24] Justin says, Lock Down & Level Up: Turn Up Your Cybersecurity Game Against Creative Cyber Criminals. [43:30] You've been such a wonderful guest, and I appreciate all your time and insight today. Thank you, Gwenn! [43:43] Special thanks to Gwenn Cujdik of AXA XL for joining us here to discuss all things cyber. The AXA XL RIMS webinar, “Lock Down & Level Up: Turn Up Your Cybersecurity Game Against Creative Cyber Criminals,” is now available on demand through the RIMS.org/Webinars page. [44:05] A link is also in this episode's show notes. [44:07] Gwenn will deliver the opening address at the Zywave Cyber Risks Insights New York Conference on October 29th in Manhattan. A link is in this episode's show notes. [44:19] Plug Time! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in the show notes. [44:47] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [45:05] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [45:23] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [45:39] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [45:54] Justin Smulison is the Business Content Manager at RIMS. Please remember to subscribe to RIMScast on your favorite podcasting app. You can email us at Content@RIMS.org. [46:06] Practice good risk management, stay safe, and thank you again for your continuous support!   Links: RIMS ERM Conference 2025 — Nov. 17‒18 Spencer Internship Program — Registration Open Through Oct. 15. RISKWORLD 2026 — Members-only early registration through Oct 30! RIMS-Certified Risk Management Professional (RIMS-CRMP) The Strategic and Enterprise Risk Center RIMS Diversity Equity Inclusion Council RISK PAC | RIMS Advocacy | RIMS Legislative Summit SAVE THE DATE — March 18‒19, 2026 RIMS Risk Management magazine | Contribute RIMS Now Zywave's 2025 Cyber Risk Insights Conference — Oct. 29, 2025 | New York City StaySafeOnline.org “RIMS Issues Statement on the Passing of Legendary Risk Leader and Former RIMS President Susan Meltzer” Upcoming RIMS Webinars: RIMS.org/Webinars Natural Hazards: A Data-Driven Guide to Improving Resilience and Risk Financing Outcomes | Oct. 9 | Sponsored by Global Risk Consultants Jury Dynamics: How Juries Shape Today's Legal Landscape | Oct. 16, 2025 | Sponsored by Zurich Parametric Insurance: Providing Financial Certainty in Uncertain Times | Oct. 30, 2025 | Sponsored by Swiss Re Geopolitical Whiplash — Building Resilient Global Risk Programs in an Unstable World | Nov. 6 | Sponsored by Hub “Lock Down & Level Up: Turn Up Your Cybersecurity Game Against Creative Cyber Criminals”   Upcoming RIMS-CRMP Prep Virtual Workshops: RIMS-CRMP Virtual Exam Prep — Oct. 29‒30, 2025 RIMS-CRMP-FED Exam Prep Virtual Workshop — November 11‒12 Full RIMS-CRMP Prep Course Schedule “Risk Appetite Management” | Oct 22‒23 | Instructor: Ken Baker “Intro to ERM for Senior Leaders” | Nov. 4‒5 | Instructor: Elise Farnham “Fundamentals of Insurance” | Nov. 11‒12 | Instructor: Chris Hansen “Leveraging Data and Analytics for Continuous Risk Management (Part I)” | Dec 4. See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Related RIMScast Episodes about Cyber: “AI Risks and Compliance with Chris Maguire” “Data Privacy and Protection with CISA Chief Privacy Officer James Burd” “Cyberrisk Trends in 2025 with Tod Eberle of Shadowserver”   Sponsored RIMScast Episodes: “The New Reality of Risk Engineering: From Code Compliance to Resilience” | Sponsored by AXA XL (New!) “Change Management: AI's Role in Loss Control and Property Insurance” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Demystifying Multinational Fronting Insurance Programs” | Sponsored by Zurich “Understanding Third-Party Litigation Funding” | Sponsored by Zurich “What Risk Managers Can Learn From School Shootings” | Sponsored by Merrill Herzog “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS President Kristen Peed!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Gwenn Cujdik, Incident Response and Cyber Services Lead for North America at AXA XL Production and engineering provided by Podfly.  

October is Cybersecurity Awareness Month, and it's time to clean house! Let's get rid of all those dust bunnies (weak passwords) and vacuum under the sofa cushions (no multi-factor authentication) and even do a check under the bed for that half-eaten Pop Tart (vulnerable emails). Hear about a few instances where poor cybersecurity led to unfortunate consequences, so you can avoid the same fate.Resources$61K, gone just like that for Oro Valley couple.Dream Kitchen Renovation Ruined by a ScamPassGAN: A Deep Learning Approach for Password GuessingHistoric UK KNP transport firm collapses after ransomware attackHacker leaks account data of 12 million Zacks Investment usersResearchers Instantly Crack Simple Passwords With AILost $45k to Wire Fraud Scam on E*TRADE – Even with MFA Enabled.Send us a textSupport the showJoin our Patreon to listen ad-free!

On this episode, Alex Hamerstone, TrustedSec's Advisory Solutions Director, joins the show for Cybersecurity Awareness Month! We go over recent trends in cybersecurity and the importance of ongoing training for employees. We also take a look at different ways to safely authenticate and authorize your users, the risks with IoT devices in your home, and the rapidly growing number of scams utilizing AI. About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Find more cybersecurity resources on our website at https://trustedsec.com/resources.

Welcome to Mastering Cyber with Host Alissa (Dr Jay) Abdullah, PhD, SVP & Deputy CSO at Mastercard, and former White House technology executive. Listen to this weekly one-minute podcast to help you maneuver cybersecurity industry tips, terms, and topics. Buckle up, your 60 seconds of cyber starts now! Sponsored by Mastercard: https://mastercard.us/en-us.html

In this episode of Cisco Champion Radio, we spotlight Cybersecurity Awareness Month and the resources available to help you strengthen your skills and defenses in an evolving threat landscape. With cyberattacks growing more sophisticated and the industry facing a global shortage of 4 million professionals, the need for education and training has never been greater. Our experts break down Cisco's latest initiatives, including the consolidation of certifications under the CCNA umbrella, free training and labs through Cisco U and Networking Academy, and a new video series—Security Unlocked—hosted by Kyle Winters. Plus, discover October-exclusive perks like free courses, tutorials, and a 25% discount on select premium content. Whether you're just starting your cybersecurity journey or looking to sharpen your expertise, this episode highlights the tools, training, and best practices to help you stay ahead. Resources Cybersecurity Training and Certification Giveaway: https://mkto.cisco.com/cybersecurity-giveaway-oct-2025.html?utm_campaign=csg25&utm_source=web&utm_medium=champions Upcoming Cisco Learning Network Store Sale: https://learningnetworkstore.cisco.com/specials/?src=cybrsec25_chmp Learn with Cisco Cybersecurity Awareness page: https://www.cisco.com/site/us/en/learn/training-certifications/cybersecurity-awareness.html?utm_campaign=csm25&utm_source=web&utm_medium=champions  Rev Up to Recert: Security Solutions: https://u.cisco.com/paths/enhancing-cisco-security-solutions-with-data-analytics-10327?utm_campaign=revup_ss&utm_source=web&utm_medium=champions  Cisco guest Kyle Winters, Technical Consulting Engineer, Cisco Cisco Champion hosts Liam Keegan, Advisor Jonathan Mahady, Principal Network Engineer, BHP David Penaloza, Assoc. Director - LAN Network Architecture, Novartis Moderator Danielle Carter, Customer Voices and Cisco Champion Program

VP of Public and Board Relations of the BBB Tom Johnson joins Bob Sirott to talk about common moving scams, being cautious when shopping online, and what to know for October’s Cybersecurity Awareness Month. He also shares details about a scam that involves calling someone back, fake recovery emails associated with your Gmail account, and […]

Last year Americans lost more than $16 Billion dollars to scams. That's Billion with a B. While many of us believe we are savvy enough to spot a scam, the scammers are often one – or sometimes 2 or 3 – steps ahead.Anyone can become the victim of fraud, but seniors are much more vulnerable and often, have the most to lose.Since October is Cybersecurity Awareness month, I am going to share 10 tips to recognize and ward off scams in this episode of The Retirement Fix, a monthly podcast for less stress and more success in your go-go retirement years.I'm your host, John Gigliello, a CERTIFIED FINANCIAL PLANNER™ with the Albany Financial Group and I'm here to be your guide to keeping more of your hard-earned money by making smart financial decisions in retirement. This podcast is for people nearing or in retirement who want to learn more about proactive tax planning, retirement income planning, social security timing, investment management and asset protection.  After a life-altering health issue at age 39, my calling in life became clear: To share my knowledge of personal finance with people who are looking to make smart and responsible choices with their money.To find out more about the services I offer, visit https://www.jgigliello.com.When I say anyone can become the victim of cybercrime, I'm serious. Listen to these staggering 2024 statistics from the FBI:·         The FBI's Internet Crime Complaint Center (IC3) received more than 800,000 complaints about cybercrime, of which 250,000 cases resulted in actual losses.·         The average loss was just over $19K per victim, with total losses topping $16 Billion. ·         Losses due to cybercrime rose 33% in 2024 over 2023.·         Since it's inception in 2000, IC3 has received more than 9 million complaints.

How prepared is your business to face today's evolving cybersecurity threats? Are you confident your team could spot an AI-generated scam or respond to a ransomware attack in real time? Listen to Joe Ohr sharing the impact of the NMFTA Cybersecurity Conference, which was born out of the LTL industry's push to go digital and address the gap in security education and awareness. We discuss who the prime targets for cybercriminals are, how AI has changed the game for bad actors, and how the NMFTA conference equips attendees with real-world tools. With its peer-to-peer format, intimate setting, and focus on actionable outcomes, strengthen your defenses against the rising tide of cyber threats!   NMFTA Cybersecurity Conference Registration: https://cyber.nmfta.org/cybersecurity-conference/register   About Joe Ohr Joe Ohr has more than two decades of experience in technical operations, customer success management, customer support, and product support. Currently serving as the Chief Operating Officer for the National Motor Freight Traffic Association, Inc. (NMFTA)™, he plays a pivotal role in helping to advance the industry through digitization, classification, and cybersecurity. Prior to Ohr's role at NMFTA, he served as in numerous engineering and operations positions at Qualcomm and Eaton, and most recently held the position of Senior Vice President of Operations/Customer Experience at Omnitracs. Throughout his career, Ohr has provided strategic guidance, vision, and a roadmap for addressing long-term customer challenges. He has played a key role in accelerating revenue growth and has collaborated closely with IT, product, and engineering teams to foster stronger partnerships with strategic customers and peers. Additionally, Ohr has overseen post sales customer support and service teams, as well as operations, managing a workforce of over 400 individuals. He holds multiple certifications such as CCNA from Cisco and MCSE from Microsoft and earned his Bachelor of Science in Education from the Ohio State University. Due to his contributions to the industry, he earned a spot in the Inner Circle in 2015 and 2018 from Qualcomm and Omnitracs.  

⁠JC Gaillard⁠ highlights a number of issues in relation with cybersecurity awareness programs and why we might have been doing awareness the wrong way for the last two decades; read his original article on the theme here

Don't miss your second chance at this one! In this episode of the TribalHub podcast, Michelle Bouschor sits down with Patrick Tinklenberg, Vice President of IT, Sycuan Casino, Toni Pepper, CEO, Pepper Consulting LLC and Robin Villareal, CIO, Gila River Resorts & Casinos, to discuss how they promote cybersecurity awareness at their properties. From employee education and communication to fun games and newsletters, they explore creative ways to build a community focused on cybersecurity. They emphasize the importance of keeping the conversation alive and raising awareness. Plus, Toni, Patrick, and Robin share their insights on the role of Tribal-ISAC and why it's essential to their efforts.

Welcome to Cyber Crime Junkies—where cybersecurity finally meets binge-worthy storytelling.Join Our Community. Choose a PLAYLIST!Protect your personal data and online identity from cyber threats with this comprehensive guide to cybersecurity 101! In today's digital age, it's crucial to prioritize internet safety and secure browsing habits to avoid falling victim to identity theft and other malicious attacks. By adopting good cyber hygiene practices, you can significantly reduce the risk of being hacked and protect your sensitive information from prying eyes. In this video, we'll cover the essential tips and best practices to ensure your online safety and data security. From password management to safe online transactions, we've got you covered. Stay ahead of hackers and take control of your online security today!CHAPTERS00:00 Welcome to Cyber Crime Junkies00:11 Cybersecurity Made Simple00:22 How To Break into Cybersecurity00:33 Cybersecurity For Beginners00:44 Cybersecurity Training For Beginners00:55 How To Protect Yourself Online01:16 Cyber Security Awareness01:27 Digital Safety Tips01:38 Cybersecurity For Non-TechiesSend us a textSupport the show

Welcome to the Social-Engineer Podcast: The 4th Monday Series with Chris Hadnagy and Mike Holfeld. Chris and Mike will be covering cutting edge global news to help people remain safe, secure and knowledgeable in a world where it is hard to know what is real and what is fake news.   Today Chris and Mike are joined by Congressman Darren Soto. Darren Soto is the representative for Florida's Ninth Congressional District, covering Osceola and parts of Orange and Polk Counties. He currently serves on the House Committee on Energy and Commerce and the House Committee on Natural Resources. Additionally, Darren is the Deputy Chair of the Congressional Hispanic Caucus and a proud member of the New Democrat Coalition, Future Forum Caucus, Problem Solvers Caucus, Congressional Progressive Caucus, LGBTQ Equality Caucus, and others. [July 28, 2025]   00:00 - Intro 00:34 - Mike Holfeld Intro 01:32 - Today's Guest: Rep. Darren Soto 02:55 - The Shield Act 06:24 - The Take It Down Act 08:34 - A Duty of Care 12:03 - A Cat and Mouse Chase 13:12 - Violating Terms of Service 14:55 - Bad Nation States 16:02 - The Pendulum Swings 17:34 - Adjusting to the Evolution 19:08 - The SunPass Scam 20:07 - Protecting Our Seniors 22:53 - Millions a Second 24:41 - It's About Disclosure 26:40 - A Vulnerable Future 28:15 - Find Rep. Darren Soto Online -          https://soto.house.gov/ 29:53 - Wrap Up 30:27 - Next Month: Bobby Knost 31:08 - Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org   Find us online: -          Chris Hadnagy -          Twitter: @humanhacker -          LinkedIn: linkedin.com/in/christopherhadnagy

Today, Melanie Padron of IT ArchiTeks discusses the transportation industry's high risk for cyber attacks due to reliance on technology, with hackers exploiting urgency around high-value freight! Melanie shares how cybercriminals often target small businesses, cyber-enabled cargo theft, red flags for potential cyber threats, how users must manage their own data security, and the urgent need for regular training, a culture encouraging employees to report suspicious activities, multilayered security measures, and the importance of collaboration within the industry!   About Melanie Padron Melanie Padron is a risk management expert and cybersecurity speaker who has made it her mission to protect trucking companies from cyber threats. She's been right there in the trenches when ransomware attacks hit, helping pick up the pieces after systems are encrypted and ransom demands arrive. After spending over 20 years in the insurance industry helping businesses recover from disasters, Melanie has shifted her focus to something she's even more passionate about: stopping those disasters from happening in the first place through proactive cybersecurity. Her connection to trucking is personal. Growing up working in her family's convenience stores, she watched the steady stream of trucks that kept their gas tanks filled and shelves stocked. Her uncle and aunt were owner-operators who crossed the country delivering freight, giving her firsthand insight into the dedication and sacrifice required to build a trucking business. Working with veteran-owned IT Architeks, Melanie helps trucking leaders secure their fleets and leverage AI to become more efficient and profitable. Her approach is simple: when trucking companies truly understand their risk, real protection begins. One company at a time, she's working to build cyber resilience in the trucking industry.   Connect with Melanie Website: https://www.itarchiteks.com/  LinkedIn: https://www.linkedin.com/in/melanie-padron/  

Debbie Reynolds, Chief Data Privacy Officer and host of “The Data Diva Talks Privacy” podcast, discusses the challenges parents face in protecting their children online, and simple habits users can adopt to take back control of their privacy. She also discusses the growing recognition among companies that excessive data collection poses significant risks. Key Takeaways:  How consumer expectations for data are privacy changing The asymmetrical relationship between consumers and companies regarding data privacy How companies can scale a human‑centric approach to privacy The importance of decentralization in future data management Guest Bio: Debbie Reynolds—aka “The Data Diva”—is a globally recognized technologist, thought leader, and advisor in data privacy and emerging technology. With over 20 years of experience, she has delivered keynote talks for major organizations like Coca-Cola, Johnson & Johnson, PayPal, TikTok, and Uber. Her insights have been featured in leading media outlets, including The New York Times, Forbes, Bloomberg, and Wired. Debbie hosts the #1 global award-winning podcast, “The Data Diva Talks Privacy,” which reaches listeners in over 120 countries. Identity Review has named her one of the Global Top Eight Privacy Experts, and the European Risk Policy Institute has named her a Top 30 CyberRisk Communicator. She also chairs the IEEE Cyber Security Committee for the Next Generation Connectivity Systems Privacy Labeling Project. ---------------------------------------------------------------------------------------- About this Show: The Brave Technologist is here to shed light on the opportunities and challenges of emerging tech. To make it digestible, less scary, and more approachable for all! Join us as we embark on a mission to demystify artificial intelligence, challenge the status quo, and empower everyday people to embrace the digital revolution. Whether you're a tech enthusiast, a curious mind, or an industry professional, this podcast invites you to join the conversation and explore the future of AI together. The Brave Technologist Podcast is hosted by Luke Mulks, VP Business Operations at Brave Software—makers of the privacy-respecting Brave browser and Search engine, and now powering AI everywhere with the Brave Search API. Music by: Ari Dvorin Produced by: Sam Laliberte

In this episode of Paisa Vaisa with Anupam, our host is joined by Vipin Surelia, Head of Risk Services at Visa, India & South Asia, to dive deep into the world of secure digital payments. Vipin shares how India has emerged as a key market for Visa and reflects on the major shifts in the country’s payments landscape over the past decade. As scams and frauds grow alongside digital adoption, Vipin discusses the evolving nature of cyber threats, and how Visa is working to stay one step ahead. He also offers essential safety tips that every consumer should follow to stay protected in today’s digital world.

As the cybersecurity world gears up for RSAC 2025 in San Francisco, we hit the road again—this time with Chris Pierson, Founder and CEO of BlackCloak, for a pre-event chat packed with insight, community spirit, and some big news.Chris is no stranger to the RSA stage—this year marks his 21st year presenting—and he's bringing his energy to two powerful sessions. The first, titled “Protecting What Matters: Your Family and Home,” kicks off bright and early on Monday, April 28. It's not about blinky lights or enterprise networks—it's about us. The cybersecurity community often talks about protecting organizations, but what about protecting ourselves and our families? Chris will explore how security pros can apply their skills at home, covering identity theft, scams, and home network safety. It's a refreshing and much-needed call to action that connects the personal and professional.On Wednesday, Chris returns with co-presenter James Shreve for a two-hour Learning Lab, “When Things Go Boom: Supply Chain Risk.” This Chatham House Rule session dives deep into one of today's most complex challenges: managing third-party risk without stopping the business in its tracks. Participants will step into different roles—board members, CISOs, legal, finance—to engage in a live, collaborative scenario that pushes them to think beyond checklists. Real talk. Real collaboration. And practical takeaways.But that's not all. BlackCloak is also unveiling its new Digital Executive Protection Framework, designed to help organizations assess and strengthen protections for executives and their families. Chris teases that this framework includes 14 essential tenets that blend physical, digital, and organizational awareness—and he'll be sitting down with us again at the event to go deeper.With 15–20 BlackCloak team members on site, a full schedule of meetings, events, and community conversations, this year is shaping up to be a milestone for BlackCloak at RSAC. If you're attending, keep an eye on their LinkedIn page for updates, booking links, and suite details.As Chris says, it's about lifting our heads, scanning the horizon, and showing up for our community—and our families.Keywords: RSAC2025, Chris Pierson, BlackCloak, cybersecurity, RSA Conference, digital protection, executive protection, supply chain risk, identity theft, privacy, home network security, third-party risk, CISOs, cybersecurity community, digital executive protection framework, GRC, threat intelligence, infosec, personal security, cybersecurity awareness______________________Guest: Chris Pierson, Founder & CEO of BLACKCLOAK | Digital Executive Protection | Concierge Cybersecurity & Privacy Protection . . . in their Personal Lives | On LinkedIn: https://www.linkedin.com/in/drchristopherpierson/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsBLACKCLOAK:https://itspm.ag/itspbcweb____________________________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageChris SessionsProtecting What Matters—Your Family & Home https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739369849404001eWtUWhen Things Go Boom! Your Supply Chain Riskhttps://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1727434586212001yGwMBLACKCLOAK WEBSITE:https://itspm.ag/itspbcweb____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Episode Notes:Dr. Reeves' Background – Trained as a psychologist, his interest in cybersecurity emerged from a talk connecting human error to security breaches.Cybersecurity Fatigue Defined – A form of disengagement where employees lose motivation to follow security practices due to overload and conflicting advice.Not Just Apathy – Fatigue often affects people who initially cared about cybersecurity but were worn down by excessive or ineffective interventions.Training Shortcomings – Lecture-style, one-way training is frequently perceived as boring, irrelevant, or contradictory to users' experiences.Compliance vs. Effectiveness – Many organizations implement security training to meet legal requirements, even if it fails to change behavior.Reactance in Security – Users may intentionally ignore advice or rules to assert control, especially when training feels micromanaging or patronizing.Better Through Design – Reeves argues that secure systems should reduce the need for user decisions by simplifying or removing risky options altogether.Remove Rather Than Train – Limiting administrative rights is often more effective than trying to educate users out of risky behaviors.Mismatch With Reality – Generic training that conflicts with real policies or system restrictions can confuse or alienate users.Cognitive Load and Decision-Making – Under stress or fatigue, users rely on mental shortcuts (heuristics), which attackers exploit.Personal Example of Being Fooled – Reeves recounts nearly falling for a scam due to time pressure, illustrating how stress weakens judgment.Cybersecurity Buddy System – Recommends encouraging users to consult peers when making sensitive decisions, especially under pressure.Cyber Deception Strategies – Reeves now researches ways to mislead and trap attackers inside systems using decoys and tripwires.Applying Psychology to Attackers – The same behavioral models used to study users can help predict and manipulate attacker behavior.Empowering Defenders – Deception technologies can help security teams regain a sense of agency, shifting from reactive defense to proactive engagemenAbout our guest:Dr. Andrew Reeveshttps://www.linkedin.com/in/andrewreevescyber/https://research.unsw.edu.au/people/dr-andrew-reeveshttps://www.unsw.edu.au/research/ifcyberPapers or resources mentioned in this episode:Reeves, A., Delfabbro, P., & Calic, D. (2021). Encouraging employee engagement with cybersecurity: How to tackle cyber fatigue. SAGE Open, 11(1).https://doi.org/10.1177/21582440211000049Reeves, A., Calic, D., & Delfabbro, P. (2023). Generic and unusable: Understanding employee perceptions of cybersecurity training and measuring advice fatigue. Computers & Security, 128, 103137.https://doi.org/10.1016/j.cose.2023.103137Reeves, A., & Ashenden, D. (2023). Understanding decision making in security operations centres: Building the case for cyber deception technology. Frontiers in Psychology, 14, 1165705.https://doi.org/10.3389/fpsyg.2023.1165705Other:UNSW Institute for Cyber Security (IFCYBER)https://www.unsw.edu.au/research/ifcyber

➡️ Like The Podcast? Leave A Rating: https://ratethispodcast.com/successstory  In this "Lessons" episode, Theresa Payton, former White House CIO, shares how predictable human behavior creates vulnerabilities in cybersecurity and why conventional defenses often fall short. Learn why routine security measures are exploited by sophisticated social engineering and how designing innovative, personalized protocols can disrupt attackers and strengthen digital defenses. ➡️ Show Linkshttps://successstorypodcast.com  YouTube: https://youtu.be/bH8DwhGUg0cApple: https://podcasts.apple.com/us/podcast/theresa-payton-cybersecurity-expert-author-former-white/id1484783544Spotify: https://open.spotify.com/episode/5DLZKqN89CTRVXW2Hi3Pq5➡️ Watch the Podcast on YouTubehttps://www.youtube.com/c/scottdclary 

Cybersecurity Awareness for Businesses is more critical than ever as cyber threats continue to evolve. In this episode, we sit down with Brett Gallant, a cybersecurity expert dedicated to helping businesses protect their data and prevent cyber attacks. If you're a business owner, entrepreneur, or IT professional, you need to know how to safeguard your business from cyber threats before it's too late.From Cybersecurity Best Practices to Phishing Attack Prevention, Brett shares real-world insights on how to strengthen your business's security defenses. Whether you're worried about ransomware, data breaches, or weak employee training, this episode gives you the tools and knowledge you need to take action today.✔️ How to implement Cyber Threat Prevention strategies that keep hackers out.✔️ The role of Cybersecurity Training for Employees in stopping social engineering attacks.✔️ Why small businesses are prime targets for hackers and what to do about it.✔️ The importance of a Cybersecurity Risk Assessment and how it helps secure your business.✔️ Why a Multi Layered Cybersecurity Strategy is key to protecting your organization.✔️ The best Cybersecurity Tools for Businesses to defend against modern cyber threats.✔️ How Endpoint Detection and Response EDR can save your company from a disaster.

John Maytham is joined by John Giles, Managing Director and Digital, Data, and Tech Attorney at Michalsons Attorneys, to unpack the Protection of Personal Information Act (POPIA) and why data privacy matters now more than ever.See omnystudio.com/listener for privacy information.

Are your staff as ready as they can be for the next attack?Our cybersecurity training team manages hundreds of clients and shares our knowledge on what works to keep your staff prepared, not just scared.Matt Eshleman, our CTO and cybersecurity expert answers your questions on how to manage frequent, timely, and engaging training.Part 1 covers the cybersecurity landscape and types of threats facing nonprofits, our framework for how to think about cybersecurity and where staff training fits in your strategy, and the basic philosophy of security awareness training. Pt 2 gets into the details and examples of a typical cybersecurity training program, and Matt answers audience Q&A.Cybersecurity Awareness Training TipsWe often say that staff training is a foundation for cybersecurity protections. As the risks are always evolving, your training needs to be current too. Gone are the days when your staff could be adequately protected by watching an hour long video with a quiz once a year. But managing more frequent training is difficult. We will discuss the tool we use, KnowBe4, which makes it easy to stay up to date and administer training to all staff. There are other training tools out there that work for nonprofit staff – the most important tip is to commit to training and to prioritize it as a team. Your staff and leadership are your best defense of the organization you care about.In addition, with new auditing requirements SAS145 your auditor must assess IT risks to your financial processes – and it will be necessary to demonstrate staff cybersecurity training in your audits. Learn about these issues and more with our experts! If you've been putting off implementing a comprehensive cybersecurity awareness training regime, don't wait any longer. Join CTO Matthew Eshleman and host Carolyn Woodard to learn how to implement an up-to-date and flexible cybersecurity awareness training program this year.As with all our webinars, this presentation is appropriate for an audience of varied IT experience.Community IT is proudly vendor-agnostic and our webinars cover a range of topics and discussions. Webinars are never a sales pitch, always a way to share our knowledge with our community. There are multiple cybersecurity awareness training vendors with products that work for nonprofits. We will be discussing the tool we have selected and use, KnowBe4, which offers nonprofit discounts, but our insights and tips will be useful no matter what training program you are using, or if you want to create and run cybersecurity awareness training in house.Many questions asked at registration or live at the virtual event will be answered in the transcript. Check back after the webinar for additional resources. _______________________________Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.

In this episode of "The Free Lawyer," host Gary converses with Sonal Chandler, founder and CEO of Minerva Consulting, about the critical importance of cybersecurity for small to mid-sized law firms. They discuss common vulnerabilities such as weak passwords and lack of multi-factor authentication, emphasizing the need for a cultural shift towards security awareness. Sonal provides practical steps for protecting client data and integrating AI into legal practices. The episode underscores the significance of training, risk management, and fostering a supportive environment for cybersecurity initiatives, aiming to help law firms navigate the evolving digital landscape confidently.Sonal Chandler is the Founder and CEO of Minerva Consulting, a WBENC-certified consulting firm that helps small to mid-sized organizations with: Cyber risk management and compliance AI readiness & integrationThrough Minerva Consulting, Sonal provides fractional vCISO services, including risk assessments, information security program development, and compliance readiness. The firm also conducts Intro to AI workshops and helps businesses embrace AI to drive efficiency and innovation.With experience spanning Fortune 500 companies, boutique consulting firms, and startups, Sonal takes a business-focused approach to cybersecurity and AI, ensuring organizations can implement these technologies without unnecessary complexity.Beyond her consulting work, she hosts Minerva Meets, a podcast exploring the intersection of business, cybersecurity, and AI, and shares insights through her blog, Mind Spark.Cybersecurity Vulnerabilities in Law Firms (00:01:14)Creating a Culture of Security Awareness (00:03:03)Practical Steps for Protecting Client Data (00:04:41)Importance of Cybersecurity (00:05:45)Building Information Security Programs (00:06:53)Challenges of Digital Transformation (00:08:18)Transforming a Law Firm's Cybersecurity Approach (00:10:43)Addressing Remote Work Security Challenges (00:15:53)Integrating AI into Law Practices (00:17:32)Balancing Efficiency and Ethical Obligations (00:20:27)Creating a Culture of Cybersecurity Awareness (00:22:04)Advice for Overwhelmed Lawyers (00:23:48)Setting Clear Objectives (00:24:50)Choosing the Right Solutions (00:25:47)First Steps in Cybersecurity (00:26:06)Would you like to learn more about Breaking Free or order your copy? https://www.garymiles.net/break-free Would you like to schedule a complimentary discovery call? You can do so here: https://calendly.com/garymiles-successcoach/one-one-discovery-call

Are your staff as ready as they can be for the next attack?Our cybersecurity training team manages hundreds of clients and shares our knowledge on what works to keep your staff prepared, not just scared.Matt Eshleman, our CTO and cybersecurity expert answers your questions on how to manage frequent, timely, and engaging training.Part 1 covers the cybersecurity landscape and types of threats facing nonprofits, our framework for how to think about cybersecurity and where staff training fits in your strategy, and the basic philosophy of security awareness training. Pt 2 gets into the details and examples of a typical cybersecurity training program, and Matt answers audience Q&A.Cybersecurity Awareness Training TipsWe often say that staff training is a foundation for cybersecurity protections. As the risks are always evolving, your training needs to be current too. Gone are the days when your staff could be adequately protected by watching an hour long video with a quiz once a year. But managing more frequent training is difficult. We will discuss the tool we use, KnowBe4, which makes it easy to stay up to date and administer training to all staff. There are other training tools out there that work for nonprofit staff – the most important tip is to commit to training and to prioritize it as a team. Your staff and leadership are your best defense of the organization you care about.In addition, with new auditing requirements SAS145 your auditor must assess IT risks to your financial processes – and it will be necessary to demonstrate staff cybersecurity training in your audits. Learn about these issues and more with our experts! If you've been putting off implementing a comprehensive cybersecurity awareness training regime, don't wait any longer. Join CTO Matthew Eshleman and host Carolyn Woodard to learn how to implement an up-to-date and flexible cybersecurity awareness training program this year.As with all our webinars, this presentation is appropriate for an audience of varied IT experience.Community IT is proudly vendor-agnostic and our webinars cover a range of topics and discussions. Webinars are never a sales pitch, always a way to share our knowledge with our community. There are multiple cybersecurity awareness training vendors with products that work for nonprofits. We will be discussing the tool we have selected and use, KnowBe4, which offers nonprofit discounts, but our insights and tips will be useful no matter what training program you are using, or if you want to create and run cybersecurity awareness training in house.Many questions asked at registration or live at the virtual event will be answered in the transcript. Check back after the webinar for additional resources. _______________________________Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.

This week, we're launching a brand-new series of free cybersecurity training content designed to empower executive leaders and high-profile individuals. In this special training episode, the guys dive into the critical threats targeting executives and decision-makers—covering key tactics, real-world risks, and essential strategies to protect both personal and organizational security.This episode is built for action. Use it as a ready-made cybersecurity awareness training module for your leadership team to strengthen their defenses against cyber threats. Don't wait—equip yourself and your executives with the knowledge to stay ahead of evolving risks.Pick up your copy of Cyber Rants on Amazon.Looking to take your Cyber Security to the next level? Visit us at www.silentsector.com. Be sure to rate the podcast, leave us a review, and subscribe!

Cybersecurity Today: DeepSeek AI Disruptions, Nvidia Breach, and TalkTalk Hack Revisited In this weekend edition of Cybersecurity Today, our panel reviews the most significant cybersecurity stories of the past month. This episode features Laura Payne from White Tuque, David Shipley from Beauceron Security, and Dana Proctor from IBM. Key topics include the sudden emergence of DeepSeek AI, Nvidia's vulnerabilities and their effect on stock prices, and TalkTalk's latest data breach. Additionally, the discussion covers the soaring API security vulnerabilities reported by Wallarm and the UK's potential legislative action on ransomware payments. Stay tuned for expert insights and analysis on these pressing issues in the world of cybersecurity. 00:00 Introduction and Panel Welcome 00:41 DeepSeek AI Disruption 02:09 Security Concerns and Reactions 04:06 NVIDIA's Vulnerabilities and AI Security 07:15 Economic and Geopolitical Implications 12:13 AI in Business and Security Practices 20:57 Open Source AI and Cybersecurity Risks 25:37 Responsibility in Data Management 26:25 AI's Unstoppable Progress 26:53 API Security Concerns 28:41 Non-Human Identities and API Challenges 30:36 The State of Cybersecurity Awareness 35:05 Legislative Hopes and Cybersecurity 37:25 TalkTalk Breach Revisited 44:10 Ransomware Legislation Proposals 45:34 Shoutout to Cyber Police 47:04 Closing Remarks and Audience Engagement

Guest: EJ Wise, Founder & Principal, WiseLawOn LinkedIn | https://www.linkedin.com/in/wiselaw3/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAgainst the energetic backdrop of Melbourne's CyberCon, hosted by ISA, the conversation dives into the global nature of technology's influence. The trio reflects on pressing topics such as privacy, cybersecurity, and the shifting landscape of cyber law, all while situated in one of Australia's most tech-forward cities.EJ Wise's Journey and PerspectiveEJ Wise shared her remarkable career path, starting as a member of the U.S. Air Force JAG Corps and later founding her boutique law firm in Australia in 2018. Her firsthand experience sheds light on Australia's relatively recent introduction of comprehensive cyber laws and the ongoing need to bridge the gap between technological innovation and legislative action.Educating Consumers: A Shared ResponsibilityA key focus of the conversation was consumer awareness. EJ highlighted the critical need for industries to take responsibility for educating the public, much like banks have historically done with financial literacy. The discussion also touched on embedding technological literacy into early education, ensuring children grow up with a clear understanding of privacy and digital security.Technology and Ethics in TensionThe group examined the ethical challenges posed by advancing technologies, especially regarding surveillance and data privacy. From facial recognition in retail spaces to the increasing capabilities of modern devices to monitor user behavior, the conversation drew thought-provoking parallels between these innovations and the history of advertising practices.The ethical implications of such technologies go far beyond convenience, raising questions about transparency, consent, and societal norms in the digital age.Legal Frameworks and Industry ResponsibilityMarco and Sean explored the evolving role of legal frameworks in holding industry players accountable for consumer safety and privacy. EJ's insights provided a grounded perspective on how regulatory environments are adapting—or struggling to adapt—to these challenges.The discussion underscored a growing trend: companies must not only comply with existing laws but also anticipate and mitigate the societal impacts of their technologies.Encouraging Dialogue and ReflectionThroughout the episode, the importance of open dialogue and introspection emerged as a recurring theme. By examining how technology shapes society and law, the discussion encouraged listeners to reflect on their digital habits and the privacy trade-offs they make in their daily lives.ConclusionWhile the conversation didn't provide all the answers, it illuminated the complexities of the interplay between technology, law, and society. EJ, Marco, and Sean left listeners with an invitation to remain curious, question norms, and consider their role in shaping a more ethically aware digital future.This episode captures the spirit of CyberCon 2024—sparking ideas, inspiring debate, and reinforcing the need for thoughtful engagement with the challenges of our hybrid analog-digital society.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Today's mashup episode recorded from the NMFTA Conference features two incredible guests, Piyush Panchal of IANA and Joe Ohr of NMFTA! Our guests focus on the critical data management practices necessary for securing sensitive information in the transport industry, the evolving cybersecurity threats facing critical infrastructure, the importance of comprehensive training, awareness programs for staff, and collaboration among industry players, and fostering greater cybersecurity awareness and testing protocols within the industry. This is another episode you shouldn't miss!   About Piyush Panchal Piyush Panchal is the Assistant Vice President of Information Technology at the Intermodal Association of North America(IANA). He's been associated with IANA for about 15 years, and overall, he has 21+ years of IT experience in software development, system architecture, project management, and cloud infrastructure management.  He led many IT projects, transformed legacy applications into modern architecture, consistently optimized IT operations, and elevated the technological landscape for IANA. He's recently tasked to oversee IANA's security landscape and elevate the overall security posture of IANA's IT infrastructure in the cloud. Visit IANA website at https://intermodal.org/.     About Joe Ohr Joe Ohr has more than two decades of experience in technical operations, customer success management, customer support, and product support. Currently serving as the Chief Operating Officer for the National Motor Freight Traffic Association, Inc. (NMFTA)™, he plays a pivotal role in helping to advance the industry through digitization, classification, and cybersecurity. Prior to Ohr's role at NMFTA, he served as in numerous engineering and operations positions at Qualcomm and Eaton, and most recently held the position of Senior Vice President of Operations/Customer Experience at Omnitracs. Throughout his career, Ohr has provided strategic guidance, vision, and a roadmap for addressing long-term customer challenges. He has played a key role in accelerating revenue growth and has collaborated closely with IT, product, and engineering teams to foster stronger partnerships with strategic customers and peers. Additionally, Ohr has overseen post sales customer support and service teams, as well as operations, managing a workforce of over 400 individuals. He holds multiple certifications such as CCNA from Cisco and MCSE from Microsoft and earned his Bachelor of Science in Education from the Ohio State University. Due to his contributions to the industry, he earned a spot in the Inner Circle in 2015 and 2018 from Qualcomm and Omnitracs. To learn more about NMFTA's future events and what they do, visit https://nmfta.org/.  

REPLAY (Original Air Date Aug 28, 2023) Welcome to the Social-Engineer Podcast: The SE Etc. Series. This series will be hosted by Chris Hadnagy, CEO of Social-Engineer LLC, and The Innocent Lives Foundation, as well as Social-Engineer.Org and The Institute for Social Engineering. Chris will be joined by his co-host Patrick Laverty as they discuss topics pertaining to the world of Social Engineering. [August 28, 2023]   00:00 - Intro 00:21 - Patrick Laverty Intro 00:55 - Intro Links -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/ 07:20 - Intro Chat 09:11 - Todays Topic: Tips for Having Difficult Conversations 10:00 - Outline for Parents 12:10 - Map Your Terrain 16:22 - Define Your Goal 17:40 - Decide on Your Pretext 20:05 - Imagine Your Rapport Building 21:50 - Identify Potential Influence Building Techniques 28:47 - Run a Quick Manipulation Check 31:31 - Pump Up the Nonverbals 36:30 - Conduct an Authenticity Check 39:21 - Prepare for Likely Contingencies 40:48 - Solidify Gains 43:40 - Next Month: ??? 44:00 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org   Find us online -          Chris Hadnagy -          Twitter: @humanhacker -          LinkedIn: linkedin.com/in/christopherhadnagy -          Patrick Laverty -          Twitter: @plaverty9 -          LinkedIn: linkedin.com/in/plaverty9

Alan welcomes Ruben Kamp, the founder and a ransomware expert at Darkhorse Tech.   Dental practices are very susceptible to ransomware. We all like to think that it won't happen to us, but between 7 and 9% of dental offices suffer ransomware attacks every year! Are you taking all the precautions that you can?   Reuben and Alan discuss the critical issues of ransomware attacks and cybersecurity in dental practices. They explore real-life incidents, including how ransomware infiltrates dental offices (spoiler: Reuben says it's about 91% through email)  They also talk about the severe implications such attacks can have, from damage to your reputation to legal liabilities. Ruben provides comprehensive advice on preventive measures, including the importance of firewalls, regular updates, team training, and cybersecurity insurance.   They emphasize that while ransomware threats are pervasive, proper security protocols can significantly mitigate risks. The session also touches on the intricacies of backups, cloud-based software, and the evolving nature of cyber threats with advancements in AI.   Some links from the show: Darkhorse Tech Show Index: 01:09 Understanding Ransomware in Dental Offices 03:08 Dark Horse Tech's Approach to IT and Security 07:26 How Ransomware Attacks Unfold 13:56 The Role of AI in Cybersecurity Threats 16:14 Negotiating with Cybercriminals 25:14 The Importance of Reliable Backups 29:39 Local vs. Offsite Backups 31:18 HIPAA Compliance and Data Breaches 33:49 Firewall and Antivirus Importance 41:40 Staff Training and Cybersecurity Awareness 45:25 Cloud-Based Practice Management Software 51:15 Cybersecurity Insurance Policies Join the Very Dental Facebook group using the password "Timmerman," Hornbrook" or "McWethy," "Papa Randy" or "Lipscomb!" The Very Dental Podcast network is and will remain free to download. If you'd like to support the shows you love at Very Dental then show a little love to the people that support us! -- Crazy Dental has everything you need from cotton rolls to equipment and everything in between and the best prices you'll find anywhere! If you head over to verydentalpodcast.com/crazy and use coupon code “VERYDENTAL10” you'll get another 10% off your order! Go save yourself some money and support the show all at the same time! -- The Wonderist Agency is basically a one stop shop for marketing your practice and your brand. From logo redesign to a full service marketing plan, the folks at Wonderist have you covered! Go check them out at verydentalpodcast.com/wonderist! -- Enova Illumination makes the very best in loupes and headlights, including their new ergonomic angled prism loupes! They also distribute loupe mounted cameras and even the amazing line of Zumax microscopes! If you want to help out the podcast while upping your magnification and headlight game, you need to head over to verydentalpodcast.com/enova to see their whole line of products! -- CAD-Ray offers the best service on a wide variety of digital scanners, printers, mills and even  their very own browser based design software, Clinux! CAD-Ray has been a huge supporter of the Very Dental Podcast Network and I can tell you that you'll get no better service on everything digital dentistry than the folks from CAD-Ray. Go check them out at verydentalpodcast.com/CADRay!      

REPLAY (Original Air Date Feb 19, 2024) Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Mary D'Angelo. Mary helps clients understand the threats that exist on the dark web and how to use that intelligence to bolster their cybersecurity programs. With a solid foundation from the University of Washington, where she earned her Bachelor's degree, Mary has rapidly ascended as a global leader at SearchLight Cyber. Her expertise, honed over six years, delves deep into understanding the nuances of dark web threat actors and their intelligence. Mary's and her company's insights and analyses have been instrumental in shedding light on the shadowy aspects of cyber threats emanating from the dark web. Her work not only aids in neutralizing these threats but also contributes significantly to the broader understanding of cyber security dynamics. Additionally, Mary's passion is volunteering her talents into nonprofit organizations. She was a mentor for Big Brothers and Big Sisters. Recently, she has devoted her time to a nonprofit called, The Innocent Lives Foundation, which uses Dark Web Threat Intelligence to help law enforcement stop child traffickers. [Feb 19, 2024]   00:00 - Intro 00:41 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                02:56 - Mary D'Angelo Intro 04:12 - What is a Dark Web Threat Intelligence Advisor? 04:36 - One Giant Leap 07:04 - On the Front Lines 11:53 - Deep Web, Dark Web, Clear Web...Oh My! 13:43 - Shifting to the Deep 14:58 - Crime Pays 17:39 - 2024 Forecast 19:00 - Left of Boom 20:53 - All in this Together 21:53 - An Ugly Example 25:19 - Timely 26:30 - Relevant 28:02 - Actionable 29:58 - What's Next? 30:54 - Mentors -          Siblings -          Larry Littleton 32:05 - Book Recommendations -          The Practitioner's Guide to the Dark Web - Searchlight Cyber -          The Ride of a Lifetime - Robert Iger -          Never Split the Difference - Christopher Voss &Tahl Raz 33:33 - Find Mary D'Angelo Online -          LinkedIn: linkedin.com/in/dangelomary 33:55 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

The Haunted House of API'sToday, we are releasing another episode for Cybersecurity Awareness month, in our series entitled the Haunted House of API's, sponsored by our friends at Traceable AI. In this series, we are building awareness around API's, their security risks – and what you can do about it. Traceable AI is building One Platform to secure every API, so you can discover, protect, and test all your API's with contextual API security, enabling organizations to minimize risk and maximize the value API's bring to their customers.A Portal to the Beyond: Securing Gen AI and other Third-Party APIs in Your ApplicationsToday's episode is titled A Portal to the Beyond: Securing Gen AI and other Third-Party APIs in Your Applications, with Allison Averill. Developers are building exciting new features with Gen AI, often leveraging 3rd party APIs. Doing this isn't new, but are these integrations secure? These APIs open a portal to the beyond – and introduce supply chain risk to your applications. Allison is a Generative AI and product management expert at Traceable, and she will explore the risks lurking in generative AI and other 3rd party APIs, sharing best practices for securing these integrations, so you can ensure they don't become the stuff of security horror stories.How are application developers leveraging 3rd party APIs today, and how is the landscape changing?How do third-party APIs introduce risks to applications and what are some common mistakes organizations make when integrating with third party APIs?How are generative AI APIs different from other third party APIs? What unique risks do they introduce?Have you encountered any 'nightmare' scenarios where an insecure third-party API caused a security incident?What best practices should organizations follow to ensure secure integrations?How can organizations balance the need for innovation with the necessity of maintaining strict security controls when working with external partners?SponsorsTraceableLinkshttps://www.traceable.ai/https://www.linkedin.com/in/allisonaverill/ Support this podcast at — https://redcircle.com/code-story/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

The Haunted House of API'sToday, we are releasing another episode for Cybersecurity Awareness month, in our series entitled the Haunted House of API's, sponsored by our friends at Traceable AI. In this series, we are building awareness around API's, their security risks – and what you can do about it. Traceable AI is building One Platform to secure every API, so you can discover, protect, and test all your API's with contextual API security, enabling organizations to minimize risk and maximize the value API's bring to their customers.Phantom Threats: The Ghosts Haunting Your API SecurityToday's episode is titled Phantom Threats: The Ghosts Haunting Your API Security, with Adam Arellano. API security threats often go unnoticed, hiding like ghosts in your infrastructure. Bots, sophisticated fraud attempts, account takeovers and attackers disguising themselves within legit traffic… these all pose risk to your organization, and can bypass traditional security measures, wreaking havoc without detection – until it's too late. Adam is a tech advisor, Global CISO at Traceable, and will guide listeners through the world of phantom threats haunting API security.What are "phantom threats" in the context of API security, and how do they go undetected?Can you explain how advanced botnets and fraud attempts exploit APIs while blending into legitimate traffic?Do you have a real-world example of a phantom threat that caused significant damage to an organization?What makes detecting these phantom threats so challenging, and why do traditional security measures often fail?What are the best strategies or technologies organizations can adopt to detect and eliminate these hidden threats before they cause harm?SponsorsTraceableLinkshttps://www.traceable.ai/https://www.linkedin.com/in/adamrossarellano/Support this podcast at — https://redcircle.com/code-story/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

The Haunted House of API'sToday, we are releasing another episode for Cybersecurity Awareness month, in our series entitled the Haunted House of API's, sponsored by our friends at Traceable AI. In this series, we are building awareness around API's, their security risks – and what you can do about it. Traceable AI is building One Platform to secure every API, so you can discover, protect, and test all your API's with contextual API security, enabling organizations to minimize risk and maximize the value API's bring to their customers.The Haunted Web: Navigating API Sprawl and Creepy CrawlersToday's episode is titled The Haunted Web: Navigating API Sprawl and Creepy Crawlers, with Traceable's Chief Security Officer, Richard Bird. As organizations scale and evolve, so does the complexity of their APIs. API sprawl, the uncontrolled expansion of APIs, creates a tangled web where vulnerabilities linger in the shadows. These unseen APIs become “creepy crawlers” of your digital infrastructure, creeping through your systems and posing security risks. Richard will discuss how unmanaged and undocumented APIs contribute to blind spots in security, the risks they create for organizations and the best strategies for securing a sprawling ecosystem.Discussion questions:Can you explain what we mean by "unknown APIs" and the different types, like shadow, rogue, zombie, and undocumented?Why do these APIs often go unnoticed, and how do they become security risks?What makes these APIs such an attractive target for attackers, and can you share an example of how one has been exploited?How can organizations begin to uncover these hidden APIs, and what tools or strategies are effective in doing so?In your experience, what are some common mistakes organizations make that lead to these unknown APIs being created or overlooked?SponsorsTraceableLinkshttps://www.traceable.ai/https://www.linkedin.com/in/rbird/https://richardbird.com/Support this podcast at — https://redcircle.com/code-story/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

The Haunted House of API'sToday, we are releasing another episode for Cybersecurity Awareness month, in our series entitled the Haunted House of API's, sponsored by our friends at Traceable AI. In this series, we are building awareness around API's, their security risks – and what you can do about it. Traceable AI is building One Platform to secure every API, so you can discover, protect, and test all your API's with contextual API security, enabling organizations to minimize risk and maximize the value API's bring to their customers.The Dark Corners of APIs: Uncovering Unknown APIs Lurking in the ShadowsOur episode today is titled The Dark Corners of APIs: Uncovering Unknown API's lurking in the shadows, where we speak with Katie Paxton-Fear. APIs are the gateway to your digital infrastructure, but hidden deep in the recesses of your system are unknown APIs – shadow, rogue, zombie, and undocumented API's. Each of these present a unique threat to your organization and can be exploited by hackers. Katie is an API hacker and researcher, and today, she will take us on a journey through the API graveyards, where hidden APIs lurk, waiting to be exploited – sharing real life examples of how these API's have been attacked, and best practices for ensuring they don't become your companies next security nightmare.Discussion questions:Can you explain what we mean by "unknown APIs" and the different types, like shadow, rogue, zombie, and undocumented?Why do these APIs often go unnoticed, and how do they become security risks?What makes these APIs such an attractive target for attackers, and can you share an example of how one has been exploited?How can organizations begin to uncover these hidden APIs, and what tools or strategies are effective in doing so?In your experience, what are some common mistakes organizations make that lead to these unknown APIs being created or overlooked?SponsorsTraceableLinkshttps://www.traceable.ai/https://www.linkedin.com/in/katiepf/https://insiderphd.dev/Katie's YouTube ChannelSupport this podcast at — https://redcircle.com/code-story/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

See omnystudio.com/listener for privacy information.

The Haunted House of API'sThe Witch's Brew: Stirring Up OWASP Vulnerabilities and API TestingToday, we are kicking off an amazing series for Cybersecurity Awareness month, entitled the Haunted House of API's, sponsored by our friends at Traceable AI. In this series, we are building awareness around API's, their security risks – and what you can do about it. Traceable AI is building One Platform to secure every API, so you can discover, protect, and test all your API's with contextual API security, enabling organizations to minimize risk and maximize the value API's bring to their customers.In today's episode, we will be talking with Jayesh Ahire, an expert in API testing and OWASP, will guide us through the "brew" of common vulnerabilities that haunt API ecosystems, focusing on the OWASP Top 10 for APIs. He'll share how organizations can use API security testing to spot and neutralize these vulnerabilities before they become major exploits. By emphasizing proactive security measures, Jayesh will offer insights into creating a strong API testing framework that keeps malicious actors at bay.Discussion questions:What are some of the most common vulnerabilities in APIs that align with the OWASP Top 10, and why are they so dangerous?Why is API security testing crucial for detecting these vulnerabilities early, and how does it differ from traditional security testing?Can you share an example of how an overlooked API vulnerability led to a significant security breach?How can organizations create an effective API testing framework that addresses these vulnerabilities?What tools or methods do you recommend for continuously testing APIs and ensuring they remain secure as they evolve?SponsorsTraceableLinkshttps://www.traceable.ai/https://www.linkedin.com/in/jayesh-ahire/https://owasp.org/Support this podcast at — https://redcircle.com/code-story/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

As technology advances, so do the threats to digital security. What steps are scientists taking to raise awareness of cybersecurity and the complexities of quantum-related risks? Dustin Moody, a mathematician in NIST's Computer Security Division, joins the podcast to share his expert insights. Dustin Moody, a leading figure in the field, heads the post-quantum cryptography project at NIST. With a Ph.D. from the University of Washington, his research focuses on elliptic curves and their applications in cryptography. He leverages this deep knowledge to develop new solutions that protect us from the future of quantum computing – instilling confidence in the security of our digital world… Hit play to discover: The mathematics that underpins the security of cryptosystems. What post-quantum cryptography is, and how researchers are working to enhance it.  Problems that quantum computers are susceptible to.  How long it takes for quantum computers to break through standard digital security walls.  Ready to dive deeper into the world of quantum-related cybersecurity? Click here to learn more about Dustin and his groundbreaking work at NIST!  Episode also available on Apple Podcasts: http://apple.co/30PvU9C