Podcasts about cybersecurity

This episode is a part of a special series of interviews conducted at the INCH360 Cybersecurity Conference in Spokane, Washington. Visit their website to learn more about INCH360 and their mission. Host Jethro D. Jones talks with Benjamin Ross of Torchlight about bringing enterprise-level IT and cybersecurity to small and medium businesses. Benjamin shares insights on the importance of human connection, long-term relationships, and community in the tech industry, emphasizing that technology should serve people and foster positive impact beyond just business outcomes. We're thrilled to be sponsored by IXL and Renaissance. IXL's comprehensive teaching and learning platform for math, language arts, science, and social studies is accelerating achievement in 95 of the top 100 U.S. school districts. Loved by teachers and backed by independent research from Johns Hopkins University, IXL can help you do the following and more:Simplify and streamline technologySave teachers' timeReliably meet Tier 1 standardsImprove student performance on state assessments

Send us Fan Mail

Send us Fan Mail

There is a con called the Spanish Prisoner. A letter arrives from a stranger: a wealthy man sits in a foreign jail, and for a small advance to free him, he will reward you many times over. The trick is at least four hundred years old. It is also, give or take a few details, the email sitting in your spam folder this morning. I keep that in mind whenever someone tells me cybercrime is a technology problem. The tools change. The mark does not. We are still robbed through the same prehistoric wiring: a flash of fear, a moment of greed, a decision made in panic before the slow part of the brain wakes up. That is the thread I pulled on with Sarah Armstrong-Smith at InfoSecurity Europe. Sarah spent nearly thirty years in cyber and crisis leadership, was Chief Security Advisor at Microsoft, and now runs Secure Horizons. She has written two books on the human side of all this and sits on the UK Government Cyber Advisory Board. After all of it, she says the thing most people in her position will not say out loud: whatever we are doing is not working. More tools, more money, more people, more AI, and the problem keeps getting worse. Attack, wake-up call, attack, wake-up call. How many wake-up calls, she asks, does anyone need? I asked what keeps her up at night. She described an industrial accident on the scale of 9/11, triggered through a network: the first time a cyber incident kills people in numbers. We have been lucky so far. She doubts luck is a plan. The industry loves a big number, and the number is exactly where the human disappears. X million records stolen, Y terabytes gone. The day before, my friend Geoff White sat in this same chair and described a ransomware attack that shut down a hospital, which meant a woman missed the cancer appointment she had counted on. That is an Armageddon, and it has a name and a face. Sarah, as it happens, knows Geoff's work well enough to carry a line from him on the back of her book. The human element keeps finding the same small circle of people willing to talk about it. So how do we move this from a line item to a fact of society? Her answer is collective resilience. There is no prize for being the last one standing, because we are all wired into the same supply chain, the same dependencies, the same brittle web. And the smallest businesses, the ones without a war chest to ride out the storm, are the ones we discuss the least. Then a statistic. Close to half of all crime in the UK is now fraud or cyber. Around one percent of policing is pointed at it. Read those two numbers again. We fund what we can see, and we want officers on the street because a visible patrol both deters the thief and reassures the neighbourhood. The crime that actually empties our accounts happens somewhere we have agreed not to look. Follow the money, Sarah says, and you rarely stop at one criminal's pocket. It pays for the next thing: drugs, weapons, and more often than people imagine, the trafficking of human beings. Will AI save us? She did not flinch. Whatever you build to detect, the other side uses to evade. The asymmetry holds. Technology is part of the answer and never the whole of it, because the problem was never only technical. So what do we carry forward, and what do we leave behind? We carry the person behind the number: the one who misses the appointment, the small shop that never reopens. We leave behind the fantasy that a clever enough machine will spare us the harder work, which is teaching a whole society to recognize the Spanish Prisoner when it arrives, wearing this year's technology. Sarah's books are linked below, with a second edition on the way. Geoff's conversation is part of this same coverage. And if you want more of these, the newsletter lives at marcociappelli.com. Let's keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly |

In this episode, Raghu Nandakumara sits down with Jen Ellis, founder of NextJenSecurity, for a sharp and wide-ranging conversation about why so many of cybersecurity's biggest debates keep missing the point. Just weeks after a major AI breakthrough sent shockwaves through the security industry, Jen brings her trademark candour to the questions everyone is asking: from the real mechanics of ransomware economics to a frank assessment of why the industry's approach to resilience may be fundamentally miscalibrated. The conversation explores what it actually means to defend in an era where vulnerability discovery is accelerating faster than vendors can patch, end users can respond, and policymakers can keep up. Jen argues that while the threat landscape has never been more urgent, the assumptions underpinning most proposed solutions,  from payment bans to AI-powered fixes, are more naive than the industry wants to admit. Raghu and Jen discuss: Why banning ransom payments won't end ransomware — and what a responsible policy glide path might actually look like How ransomware targeting really works, and why the "cut off the revenue stream" argument misreads the threat Why the vendor response piece of the AI vulnerability pipeline is being dangerously overlooked The legacy technology time bomb — and why developed economies are most exposed Why being trusted and being trustworthy are not the same thing What cyber insurance gets right, and why it isn't ready to save us yet Why there are no five-step fixes — and why pretending otherwise is part of the problem How the current moment of political and regulatory urgency may be the industry's best chance to act The episode closes with a dose of honest pragmatism: there are no five-step fixes, nothing is actually simple, and the attack surface is expanding faster than most organizations are moving. But there is real momentum — more policymakers, more collaboration, more urgency than the industry has ever seen. The question is whether we'll use it.   Stay connected with our host Raghu on LinkedIn For more information about Illumio, check out our website at illumio.com

Evil MSI Background: BASE64 Statistical Analysis https://isc.sans.edu/diary/Evil%20MSI%20Background%3A%20BASE64%20Statistical%20Analysis/33072 Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ TSME/SME not activating on Ryzen 7 9700X https://github.com/AMDESE/AMDSEV/issues/292 Deep-Research Agents Can Be Poisoned via User-Generated Content https://arxiv.org/pdf/2605.24245 My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

MACsec (IEEE 802.1AE) encrypts Ethernet frames hop-by-hop at Layer 2 — before traffic even hits IP — making it one of the strongest protections you can put on wire. It’s been in the standards for years, hardware support is widespread, and yet most organizations aren’t running it. JJ and Drew dig into why: the hardware... Read more »

This episode dives into the fallout from new restrictions on Anthropic's cybersecurity-focused AI models, Mythos and Fable, and the debate over whether government pressure has effectively blocked security researchers from using advanced AI for vulnerability discovery and code analysis. The panel discusses AI “jailbreaking” claims, export-control comparisons, the impact on penetration testing and bug hunting, and how AI is accelerating vulnerability research. Other topics include responsible disclosure challenges, the growing volume of AI-assisted security findings, and what these developments mean for researchers, vendors, and the future of offensive security.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis

Quantum computing is closer than most people realize — and it may change cybersecurity, privacy, leadership, and digital trust forever. In this episode of One Sharp Sword, Dr. Wayne Pernell speaks with technology strategist and post-quantum security expert Anna Murray about the rapidly approaching “Q-Day,” the future moment when quantum computers can break current encryption systems. Anna explains quantum computing in accessible language while exploring the real-world implications for business leaders, governments, organizations, and everyday people. Together, they discuss “Harvest Now, Decrypt Later,” AI-driven vulnerabilities, decentralization, leadership under uncertainty, and why leaders don't need to become technologists to ask better questions and make better decisions. If you've heard about quantum computing and wondered why it matters — this conversation is your starting point. Topics Covered Quantum computing explained simply Q-Day and the future of encryption AI + cybersecurity risks Leadership during technological disruption Data privacy and digital sovereignty Post-quantum readiness Organizational adaptation and decision-making GuestAnna MurrayCo-Founder, Six3ROAuthor of Quantum Computing 101Technology strategist, speaker, and systems thinker

This episode recorded live at the Becker's 16th Annual Meeting features Greg Sieg, Chief Information Security Officer, University of Michigan Health Regional Network. He discusses aligning cybersecurity programs across a growing health system, navigating the rapid rise of AI, and why communication, cultural alignment, and workforce-focused technology decisions are essential to strengthening healthcare resilience and security.In collaboration with Insight Global.

Cybersecurity is no longer just an IT issue - it's a leadership issue, a risk management issue, and increasingly, a business value issue. In this episode of Behind The Numbers With Dave Bookbinder, cybersecurity expert, author, and security analyst Robert Siciliano explains why the greatest threat to most organizations isn't technology -it's human behavior. Drawing on decades of experience investigating cybercrime and helping organizations protect themselves, Robert shares how criminals exploit what he calls the "human blind spot" through fear, urgency, trust, and manipulation. From the early days of AOL scams to today's AI-powered voice cloning, deepfakes, and sophisticated phishing attacks, he reveals how cybercriminals continue to evolve their tactics while targeting the same human vulnerabilities. Dave and Robert discuss why cybersecurity awareness training often fails, how organizations can build a Strategic Human Firewall, and why security must become personal before it becomes organizational. They also explore practical strategies business owners and leaders can implement immediately, including stronger authentication practices, better employee education, and creating a culture of situational awareness. Whether you're a business owner, executive, advisor, or anyone concerned about protecting digital assets and organizational trust, this conversation offers valuable insights into managing risk in an increasingly complex cyber landscape. Key Topics Discussed: Why human behavior remains the biggest cybersecurity vulnerability The psychology behind phishing, scams, and social engineering How AI, deepfakes, and voice cloning are changing cybercrime The Strategic Human Firewall approach to security awareness Building a culture of cybersecurity and situational awareness Practical steps to reduce organizational risk today Why cybersecurity is now a boardroom and leadership responsibility About Our Guest: Recognized as the media's go-to cybersecurity expert and creator of The Strategic Human Firewall™, Robert Siciliano is a private investigator, Certified Speaking Professional (CSP), and the CEO of Protect Now, LLC. As one of the nation's most trusted voices on cybercrime and identity theft, he has built an unparalleled media track record, appearing on over 500 television shows, contributing to over 1,000 radio programs, and being featured as an expert source in over 3,000 articles. A fierce advocate for personal and professional security, Robert is the architect of the CSI Protection certification and a bestselling author who strips away technical jargon to deliver "straight talk" solutions. His expertise is regularly sought by every major network—including CNN, Fox News, MSNBC, and The Today Show—where he empowers millions of viewers to protect their data, privacy, and wealth from modern threats. The Strategic Human Firewall™ moves beyond technical cybersecurity training to behavioral governance, acknowledging that software alone cannot stop AI-driven "perfect lies". It addresses the "Human Blindspot," a vulnerability where humans are hardwired to trust digital senses (eyes and ears) that AI now easily exploits. Grounded in the reality that "All Security is Personal," this approach defines security not as abstract compliance, but as fundamental safety—akin to physical security measures designed to prevent violence. Because nothing is more personal than an identity, when individuals learn to defend their personal lives against "Digital Frankensteins" or deepfake family emergencies, engaging in security in a professional environment becomes instinctive rather than forced. By translating these personal instincts into corporate habits, protecting company data is more achievable. Connect with Robert here: https://www.linkedin.com/in/robertsiciliano/ About the Host: Dave Bookbinder is known as a trusted provider for independent business valuations, corporate asset appraisals, and exit planning advisory and he is the person that business owners and their advisors reach out to when they need to know what their most important assets are worth. Known as a collaborative adviser, Dave has served thousands of client companies of all sizes and industries.  Dave is the author of two #1 best-selling books about the impact of human capital (PEOPLE!) on the valuation of a business enterprise called The NEW ROI: Return On Individuals & The NEW ROI: Going Behind The Numbers.  He's on a mission to change the conversation about how the accounting world recognizes the value of people's contributions to a business enterprise, and to quantify what every CEO on the planet claims: “Our people are this company's most valuable asset.” Dave's book, A Valuation Toolbox for Business Owners and Their Advisors: Things Every Business Owner Should Know, was recognized as a top new release in Business and Valuation and is designed to provide practical insights and tools to help understand what really drives business value, how to prepare for an exit, and just make better decisions. He's also the host of the highly rated Behind The Numbers With Dave Bookbinder business podcast which is enjoyed in more than 100 countries.

Is AI really coming for your red teaming job? What does it actually take to build a team that thinks like the adversary, and what happens when that team stops caring? And what do you do when you've been in this field long enough that the job that once fired you up has started to feel hollow? In this episode, Ron catches up with Johnny Xmas, Head of Offensive Security at a Fortune 150 Global Food Manufacturer, and one of the most candid voices in offensive security, for a conversation that covers a lot of ground fast.  They go deep on where AI actually fits into offensive security workflows, what Johnny really looks for when building elite teams, and why the career advice everyone gives early practitioners might be setting them up for burnout down the road. The conversation takes a turn that doesn't come up enough in this industry, and it's the part you won't want to miss. If you've ever felt your tank running low, this episode was made for you. Impactful Moments 00:00 - Introduction 02:10 - Busting the myth: AI is not replacing red teamers 04:30 - Guest introduction: Johnny Xmas 06:15 - How the offensive security job has changed with AI  09:35 - The SEC 8-K IoC parser tool Johnny just published 11:40 - Building elite teams: what skills Johnny actually hires for 12:45 - Soft skills over technical gaps, and why the fire has to come with you 15:40 - Why "where do you see yourself in five years?" is a garbage question 17:30 - Has Johnny ever crossed the line when it comes to hacking?  20:20 - What to do when you've stopped caring about the job 26:25 - Outro: The AI myth, revisited Links Johnny Christmas on LinkedIn: https://www.linkedin.com/in/johnnyxmas/ Johnny's SEC 8-K IoC parser tool: https://github.com/johnnyxmas/its-over-8k  — Check out our upcoming events: https://www.hackervalley.com/livestreams  Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com  Become a sponsor of the show: https://hackervalley.com/work-with-us/

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Mike Armistead has been in the room for almost every major technology wave of the past 30 years — from client-server computing, to the early internet at Lycos, to application security at Fortify Software (acquired by HP), to AI-driven security at Respond Software (acquired by FireEye for $186M, eventually folded into Google). Now on his sixth startup, he's CEO of Pulse Security AI, building what he calls a "system of record" for security leaders — giving CISOs the same kind of business-level visibility that CFOs get from their ERP and sales leaders get from their CRM.In this episode, Jeff and Mike dig into the weight of inertia that slows every major technology transition, why conviction is the one thing that gets founders through the rough patches, and how to stress-test your assumptions before spending a year building something people will admire but never buy. They also go deep on the evolving cybersecurity landscape — why security tools have historically grown in siloed, technical layers, why AI-driven threats (deepfakes, impersonation, prompt injection) are accelerating faster than most organizations can respond, and why scenario planning is no longer a quarterly exercise — it's a survival skill.Key Takeaways0:00 — Intro: The real obstacle to technology transitions isn't innovation — it's the weight of existing systems, habits, and inertia3:00 — Why conviction is the essential quality that gets founders through rough patches in every startup cycle7:00 — Lessons from Reed Hastings' Pure Software: culture, ethics, and values were being built even before Netflix9:00 — Risk evaluation after multiple exits: what Mike learned from walking into a high-debt company right before 9/11 — and why structural due diligence matters as much as product quality11:30 — The value of tabletop exercises: role-playing "what if" scenarios with co-founders and executives surfaces risks you'd never otherwise think about12:45 — What is Pulse Security AI? The gap between technical security data and business-level decision-making — and why CISOs are the only C-suite executives without a true system of record16:30 — How an agentic layer can connect siloed security tools and translate technical risk data into the business language boards actually need18:40 — Leading through platform shifts: understanding early vs. late adopters and why you can't force mainstream buyers before they're ready21:00 — Security's evolution from compliance checkbox to strategic business function — and why the threat landscape is always moving in multiple dimensions simultaneously24:20 — AI-driven threats, deepfakes, and the "trust and verify" world: practical security posture advice for companies of all sizes33:00 — Fundraising on your sixth startup: how the investment landscape has shifted (seed rounds now include institutional investors; A rounds now require real revenue)39:30 — Avoiding the customer feedback trap: why "that's cool" is not the same as "I'd pay for that" — and how to ask the uncomfortable pricing question early41:30 — The AI hype cycle: the one question that never changes — are you adding enough value that someone will pay for it?45:00 — The future of cybersecurity over the next five years: breaking down silos, AI-driven threat acceleration, and why humans still need to stay in the loopTweetable Quotes"Conviction is essential. It's what gets you through the rough patches — and there are always rough patches." — Mike Armistead"History doesn't repeat itself, but it certainly rhymes. You're gonna encounter certain things everywhere, and you have to learn how to break out of the bucket people want to put you in." — Mike Armistead"'That's cool' is not the same as 'I'd pay for that.' You have to listen for when they start thinking about how they can buy it." — Mike Armistead"Risk mitigation isn't a 'done' setting. Just because you're certified today doesn't mean you're protected tomorrow." — Mike Armistead"We live in a trust-and-verify world. If something is asking you to do something you wouldn't normally do, the flags have to go up." — Mike Armistead"AI doesn't scale people. It scales attacks. The infrastructure we built was designed for a different threat landscape." — Mike ArmisteadSaaS Leadership LessonsConviction is your most valuable asset in a hard growth cycle. Every startup goes through wild swings. The founders who make it through aren't the ones with the best product at every moment — they're the ones who maintained conviction that what they were building would be genuinely valuable to their customers. Momentum fades. Conviction doesn't.Do your structural due diligence before you walk in. Mike's hardest lesson came from his first CEO role: a high-debt company that collapsed not because the business was failing, but because lenders called loans after 9/11. The business itself was fine. The structure killed it. Always understand the financial architecture of what you're walking into — especially in uncertain macro environments.Run tabletop exercises with your leadership team. Don't wait for a crisis to figure out your response. Role-play "what if" scenarios regularly with your co-founders and executives. Someone always surfaces a risk you hadn't considered — and the solutions are often simpler than you'd expect. This is no longer optional; it's a survival skill.Know where you are in the adoption curve — and don't fight it. Early adopters will take a chance on you because they see competitive advantage. Mainstream buyers need proof points. Late adopters need to see their peers doing it. Pestering a mainstream buyer with an early-stage pitch isn't a winning fight. Build for the stage you're actually in.Ask the uncomfortable pricing question early and often. Founders are wired to build. We're not always wired to sell. But the market will tell you the truth faster than any advisor. Ask potential customers directly: "Would you pay X for this?" Fight through the politeness. Watch for buying signals — when someone starts thinking about procurement rather than just nodding along, you're onto something.Stop building for "cool" — build for "when can I buy it?" Customer enthusiasm and purchase intent are not the same thing. If your beta testers are telling you it's great but nobody's asking how to get it, you haven't found product-market fit. Continually test your story, move toward a bigger narrative when needed, and keep engaging the market until the signals change.Guest Resourcesmike@pulsesecurity.aipulsesecurity.aihttps://www.linkedin.com/in/mike-armistead-1164715/Episode SponsorThe Futureproof Series - https://www.youtube.com/playlist?list=PLfkXKUPZ5xuOqMPR7_gzGybncTtavyR1NThe Captain's KeysSmall Fish, Big Pond – https://smallfishbigpond.com/ Use the promo code ‘SaaSFuel'Champion Leadership Group – https://championleadership.com/SaaS Fuel ResourcesWebsite - https://championleadership.com/Jeff Mains on LinkedIn - https://www.linkedin.com/in/jeffkmains/Twitter - https://twitter.com/jeffkmainsFacebook - https://www.facebook.com/thesaasguy/Instagram - https://instagram.com/jeffkmains

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyberCheck out Flare.io at https://simplycyber.io/flareCheck out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphonSC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66QnJoin SC Discord: https://SimplyCyber.io/DiscordNews: https://cisoseries.comFollow SC: https://simplycyber.io/socials

On this week's Security Sprint, Dave and Andy covered the following topics: Opening:• (TLP:CLEAR) WaterISAC – EPA: National Security Information Sharing Bulletin – Q2 2026⁠ — WaterISAC • The New Threat Environment; Why geopolitics matters to your water system — NRWA • Registration is open for WaterISAC's H2OEx – Camden — Association of Metropolitan Water Agencies • EPA Advisory: Protecting Sensitive Operational Information in Water and Wastewater Systems — EPAMain Topics:Election Security and Cascading Risks: An explosion of AI deepfakes is redefining American elections — Axios — 16 Jun 2026. • FBI foils alleged plot to attack White House UFC event, Patel says • Man pleads guilty to killing a top Minnesota Democrat and her husband in politically motivated attack • Man Charged with Sending Antisemitic Threats to Kill Governor of Hawaii and His Family — U.S. DOJ• Threats Against Politicians Skyrocketed After Meta Changed Its Speech Rules & Violent Threats Against Members of Congress Quadrupled After Meta Rolled Back Moderation Policies — Center for Countering Digital Hate Operation Epic Fury & Continued Threats:• ThreatBeat reports Iranian-linked hackers claimed California water system breaches after Iran water facility strike & Iranian Cyber Group Handala Claims Cal Water Hack • Iran and US reach an initial deal to end the war and open the Strait of Hormuz but challenges remain • U.S. and Iran Shape the Optics of an Agreement • Domestic: Iran-linked group claims hack of FBI drones, threatens World Cup, monitor says • Swedish Crime Group Foxtrot Adds Fuel to Iran's Proxy War in Europe Anthropic, AI & Patching… N-days. Anthropic reported that frontier models can significantly accelerate development of exploits for N-day vulnerabilities, which are publicly disclosed flaws that remain unpatched on many systems. • Exclusive: Anthropic's Mythos can exploit new flaws in hours — Axios • Statement on the US government directive to suspend access to Fable 5 and Mythos 5 • Anthropic Says It's Taking Claude Fable 5 Offline to Comply With US Government Order • “They screwed us”: Personality clashes sent Anthropic's models offline • Anthropic Releases Claude Fable 5, a Limited-Release AI Model • CISA orders feds to patch actively exploited Ivanti flaw by Sunday & CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-10520 Ivanti Sentry OS Command Injection Vulnerability • Oracle Security Alert for CVE-2026-35273 & Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations Quick Hits:• Wildfire Threats: National Interagency Coordination Center: 7-Day Significant Fire Potential• Weekly ransomware & data leak landscape — eCrime.ch — 15 Jun 2026. eCrime.ch reported 210 observed ransomware and data leak events for the 09 Jun to 15 Jun 2026 reporting window. The report identified 96 public data leak indicators, 38 active actors, and DeadLock as the highest-volume actor with 73 observed events. • Ransomware Evolution Report — Halcyon • Ransomware-as-a-Service: LockBit Alumni Launch Competing Programs as Ecosystem Consolidates in Q1 2026 • Ransomware Cybersecurity Framework Community Profile — NCCoE • National Security Presidential Memorandum/NSPM-12: National Policy for the Cybersecurity of National Security Systems — The White House • CISA sees leadership shakeup after infrastructure security chief moves to ONCD • MS-ISAC enters uncertain new era after losing federal funding and thousands of members

On today's episode, Marketplace's Meghan McCarty Carino walks us through how AI is making it harder to break into the cybersecurity sector.

On today's episode, Marketplace's Meghan McCarty Carino walks us through how AI is making it harder to break into the cybersecurity sector.

Atomic Arch: Attackers Hijack Trusted AUR Packages to Deliver Rootkit-Like Malware https://www.sonatype.com/blog/atomic-arch-npm-campaign-adds-malicious-dependency Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) https://labs.watchtowr.com/why-use-app-level-auth-when-every-database-has-auth-splunk-enterprise-cve-2026-20253-pre-auth-rce/ A Fake Bug Report Hijacks Your AI Coding Agent and Nothing Catches It. https://tenetsecurity.ai/blog/agentjacking-coding-agents-with-fake-sentry-errors/ My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

PODCAST EPISODE | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli Adversaries are stealing encrypted data today that they cannot read yet, and storing it until a quantum computer can. Sean Martin sat down with Forescout's Rik Ferguson to talk about “harvest now, decrypt later,” why Q-Day is closer than the comfortable timelines suggest, and what the decisions you make this year have to do with secrets you thought were safe forever.

PODCAST EPISODE | An Analog Brain In A Digital Age — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli Bronwyn Boyle can talk about software vulnerabilities for hours. Talking about her own — the burnout she didn't recognize until someone named it — turned out to be harder, and more important. We sat down at InfoSecurity Europe to talk about the human cost of guarding the machine, and whether our analog brains were ever built for this.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode: - Massive IPOs, AI, market implications - SpaceX IPO - AI in IoT: Connectivity to Intelligence - AI coding - “No Man's Land” and AI in management - Startups and AI-driven business models - Where to locate your data center - Crypto mining's expansion into AI and HPC - Bitcoin treasury companies - Scientific Bitcoin Institute [audio mp3="https://orionx.net/wp-content/uploads/2026/06/OXD037_ART-13_20260519.mp3"][/audio] The post Analyst RoundTable: IPOs, AI, BTC- OXD37 appeared first on OrionX.net.

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyberCheck out Flare.io at https://simplycyber.io/flareCheck out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphonSC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66QnJoin SC Discord: https://SimplyCyber.io/DiscordNews: https://cisoseries.comFollow SC: https://simplycyber.io/socials

 The word “intelligence” was never neutral. It was the sales pitch.This episode argues that the systems sold as artificial intelligence are not minds, thinkers, or neutral judges. They are privately owned prediction and sorting machines trained on human data, wrapped in language that makes people trust them, defer to them, and surrender power without asking who owns the system, who profits from it, or who answers when it is wrong.Name the machine correctly before it names you. 

PODCAST EPISODE | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli The UK's threats change by the day. Its laws change over years. Sean Martin sat down with James Morris — former Member of Parliament, now Director of the CSBR — to ask how a government writes cyber policy fast enough to matter, and why “resilience” has quietly stopped being a technical word.

Healthcare Clearinghouses and Cybersecurity On this episode host Tom Testa sits down with Stephanie Short-Romanello, Head of Marketing Communications at ClaimMD. What have we learned from the 2024 Change Healthcare clearinghouse cyber attack? Not if but when this happens again, is the industry more prepared? To stream our Station live 24/7 visit www.HealthcareNOWRadio.com or ask your Smart Device to “….Play Healthcare NOW Radio”. Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen

Cybersecurity Today on the Weekend interviews the winning Canadian CyberTitan team ("S-ores"/a regex-based name) along with coach Phil, educator Tim, and CyberTitan manager Sheena to explain how CyberTitan (run by ICTC) connects to the international CyberPatriot program. They describe the competition mechanics—securing compromised Windows, Windows Server, and Linux virtual machines for points, plus Cisco Packet Tracer networking—and how Canadian teams compete through CyberPatriot before the top teams advance to a national CyberTitan final. Students Faye and Eric share why they joined, their learning "aha" moments in Windows tools and networking concepts, and the value of teamwork. The guests discuss teacher benefits, free training materials, building diverse participation, sponsorship challenges, and hopes for a fully Canadian program with regional events and cloud-based cyber ranges like Field Effect's. 00:00 Weekend Show Intro 01:00 Tim's CyberTitan Journey 01:46 ICTC Explained 02:08 Who Can Compete 02:42 Why CyberTitan Matters 03:22 Origins and CyberPatriot Link 04:04 How The Competition Works 05:09 Meet Team Sors 07:07 Coach Phil's Role 09:44 Why Students Join 12:08 Student Aha Moments 15:13 Community and Teacher Wins 16:34 Sheena Runs The Show 17:29 Scale and National Reach 18:51 Coast To Coast Growth 19:40 XOR Team's Home District 19:55 Teams Across Toronto 20:39 Trophies Medals Coins 21:22 Eric Why Join 23:04 Faye Encouragement Story 25:51 Teachers Start Teams 27:52 Building Girls Pipeline 30:40 Cloud Range Future 33:49 2030 Vision Wrap

More Bitlocker Issues: GreatXML https://git.churchofmalware.org/Nightmare_Eclipse/GreatXML Security Advisory Ivanti Sentry (CVE-2026-10520, CVE-2026-10523) https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US Oracle Security Alert Advisory - CVE-2026-35273 https://www.oracle.com/security-alerts/alert-cve-2026-35273.html https://www.bleepingcomputer.com/news/security/oracle-mitigates-peoplesoft-zero-day-exploited-in-data-theft-attacks/ How Deceptive Installers Are Targeting macOS Users https://www.huntress.com/blog/deceptive-installers-macos-infostealers My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Independent investigative journalism, broadcasting, trouble-making and muckraking with Brad Friedman of BradBlog.com

What can 40 years on the front lines of cybersecurity teach today's leaders?

Vendors supplying AI-driven technologies are experiencing sustained margin pressure from high operational costs and underwhelming business-level returns, leading to the rapid creation of new product categories that are pushed into the MSP channel. Companies such as Atomic Work, Silverfort, and Guards are releasing governance tools for managing AI agents, while Connect Secure is offering patch management products targeted at MSPs. These launches are not indicators of competitive differentiation, but of structural cost challenges being passed from vendors to their partners.   Business media reports and internal industry data reveal that while individual productivity from AI implementations increases—for example, by accelerating engineer output—the promised business-level gains in productivity, revenue, and profit have not materialized to the extent vendors projected. According to analysis cited by Dave Sobel, high operational costs are forcing large firms like Microsoft, Google, Amazon, and Uber to restrict or cap AI usage internally, reflecting an industry-wide retreat from premium pricing models due to an unclear return on investment at the organizational level.   Additional developments reinforce this margin-driven shift. The federal Cybersecurity and Infrastructure Security Agency (CISA) has mandated 72-hour patching of high-risk vulnerabilities, underscoring heightened compliance requirements. Simultaneously, vendors are accelerating the rollout of governance, identity, and patch velocity tools. However, a study analyzing over 13,000 US MSPs found that those surpassing $1 million in revenue are distinguished by market positioning, online visibility, and business maturity, not by the breadth or novelty of their toolsets.   For operators, the implication is clear: stacking up new vendor products is now a baseline requirement rather than a path to competitive advantage. Firms that rely solely on vendor frameworks and toolsets risk absorbing more complexity without improving margin or differentiation. Practical separation will come from owning the "judgment layer"—defining, governing, and pricing how AI functions within client environments—rather than reselling tools. Positioning, documented governance, and clear operational standards will be more defensible than investing exclusively in vendor-driven offerings. 00:00 Manufactured Urgency  03:58 The Cost Confession 06:09 Out-Buy vs. Out-Position 08:35 Why Do We Care?    Supported by:  Nerdio  Sign up for the SMB Online Conference:  www.smbonlineconference.com

The Resilient Entrepreneur: From Market Failures to Cybersecurity Innovations In this episode, Mitch Beinhaker hosts Brad Hawkins, a resilient entrepreneur whose journey spans finance, manufacturing, and cybersecurity. Brad shares incredible stories of overcoming professional and personal setbacks, leveraging faith, and innovating in the cybersecurity landscape. Whether you're an aspiring entrepreneur or a seasoned business owner, Brad's insights on resilience, process, and technology are invaluable. Key Topics Covered: Brad's diverse business ventures including finance, medical, LED manufacturing, and event centers How faith and perseverance helped him rebuild after false accusations and financial devastation The importance of having a repeatable business process and mentorship Building a family office to involve his children in investments and startups The evolution of cybersecurity threats, using AI, and practical protective strategies The significance of managing thoughts and beliefs for sustained success Brad's approach to starting businesses from scratch, leveraging expertise, and market gaps Insights on cybersecurity practices for the average consumer, including VPN use and AI-driven security tools Timestamps: 00:00 - Introduction and host's funding announcements 02:30 - Brad's background and transition into entrepreneurship 04:16 - Brad's early struggles with dyslexia and unique learning style 06:20 - Building a multi-million dollar finance company 09:30 - Challenges with merging companies and client management 11:00 - Strategic approach to new business ventures and templates 13:17 - Building manufacturing and tech companies in China and Hong Kong 15:10 - Entering the LED lighting business and patent development 16:50 - Navigating government audits and security issues 18:40 - The Ponzi scheme accusations and legal aftermath 20:50 - Impact on reputation, assets frozen, and rebuilding life 23:09 - Lessons on process, resilience, and faith during adversity 26:00 - Personal stories of hardship, helping others, and finding purpose 29:00 - The role of faith and mindset in overcoming failures 31:07 - Managing thoughts and beliefs to stay motivated and successful 33:15 - The importance of brain, identity, and perception in business success 34:54 - Ideas for consumers to improve cybersecurity and avoid common mistakes 44:00 - Future ventures, family business, and societal innovations 52:40 - In-depth on cybersecurity threats today, AI tools, and defenses 62:10 - Practical cybersecurity tips for everyday users and precautions 67:51 - Closing remarks and resources Resources & Links: Unshakable Life - Brad's Book Deal Scout App (hypothetical URL for reference) InfiniteProtection.com SaferNet.com Cybersecurity & Cloud Security Solutions - Zed Connect with Brad Hawkins: LinkedIn Books on Amazon Note: The episode offers actionable insights into building resilience, leveraging faith in business, and understanding the critical importance of cybersecurity for all individuals and companies alike. Whether you're curious about Brad's rich entrepreneurial journey or seeking current cybersecurity best practices, this episode delivers valuable perspectives.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Stop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://www.threatlocker.com/dailycyberCheck out Flare.io at https://simplycyber.io/flareCheck out Pay-What-You-Can Antisyphon Training: https://simplycyber.io/antisyphonSC Academy - The Place for Cyber Careers: https://zpr.io/mYV5232V66QnJoin SC Discord: https://SimplyCyber.io/DiscordNews: https://cisoseries.comFollow SC: https://simplycyber.io/socials

The Bureau is asking health systems to share threat intelligence and indicators of compromise to help prevent attacks. But doing so the wrong way could run afoul of HIPAA or state privacy laws.

The emergence of artificial intelligence-driven cyber threats is forcing a shift in how agencies manage software vulnerabilities. In a new directive released this week, the Cybersecurity and Infrastructure Security Agency laid out how agencies should prioritize the highest risk vulnerabilities on their networks. For more, Federal News Network Justin Doubleday joins me.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

How has use of framing protection security headers changed in the past 3 years? https://isc.sans.edu/diary/How%20has%20use%20of%20framing%20protection%20security%20headers%20changed%20in%20the%20past%203%20years%3F/33068 Preparing for npm v12: install scripts and non-registry sources become opt-in https://github.com/orgs/community/discussions/198547 Adobe Patches https://helpx.adobe.com/security.html Rogue Planet new Microsoft Defender Vulnerability https://github.com/MSNightmare/RoguePlanet My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

In this episode, Laura Dyrda, Vice President, Editor-in-Chief, Becker's Healthcare, discusses how health systems are navigating AI adoption, strengthening cybersecurity defenses, managing emerging technology costs, and responding to major shifts in ambulatory care strategy and healthcare consolidation.

A fireside chat from ACT-IAC's Emerging Tech and Innovation Conference with Seval Oz, senior advisor (and nominee for assistant secretary) in USDOT's Office of Research and Technology, and Amy McKenna of SAIC. Oz describes how DOT migrated to Google-based workspace IT and uses large language models to cut RFI analysis from six weeks to 24–48 hours. She explains the “Interstate 2.0” corridors initiative, where 23 states are forming adjoining-state teams to enable data interoperability across major routes (including I-10 and I-35) and prioritize a first use case of work zones and lane closures, convening states, industry, and academia.Become a Member | ACT-IAC Summary - A Hole in One with ACT-IACSubscribe on your favorite podcast platform to never miss an episode! For more from ACT-IAC, follow us on LinkedIn or visit http://www.actiac.org.Learn more about membership at https://www.actiac.org/join.Donate to ACT-IAC at https://actiac.org/donate. Intro/Outro Music: See a Brighter Day/Gloria TellsCourtesy of Epidemic Sound(Episodes 1-159: Intro/Outro Music: Focal Point/Young CommunityCourtesy of Epidemic Sound)

Kenny and Mike discuss and spot faith in the latest film by legendary filmmaker Steven Speilberg. Disclosure Day stars Emily Blunt as a Kansas City TV presenter Margaret Fairchild whose life is suddenly changed when she appears to have a neurological breakdown on air. Josh O'Connor co-stars as Cyber Security expert Daniel Kellner who is determined to disclose proof that Governments and other powers have been keeping proof of extra-terrestrial life away from the public. Government agencies race to capture Kellner before he can release the information.  Margaret Fairchild seeks to help Kellner succeed in releasing the information. One of the chief concers about releasing the information is how the public would accept the information that they are not alone as well as the truth that governments have kept this secret.  Faith Issues: Kellner's girlfriend, Jane (Eve Hewson) pushes Kellner if he and those supporting releasing the information have considered the impact on persons including, communities of faith, whether Aliens who may exist on a higher level than humans would impact the Judeo Christian faith in the existance of God, the place of humanity within creation, and if God is soverign over extra-terrestrials. The Hebrew Bible and New Testament teach that humanity is the top of the created order. Genesis 1 teaches God created all of the universe and that humans are created in the image and likeness of God, and Psalm 8 proclaims humans are described as just below the divine. Most theologians would accept that God is God of all the universe including extra-terrestrials. Even without the presence of extra-terrestrials, this conversation can serve to open the consideration of what responsibilities come with being the top of the created orderd, and as Genesis teaches, stewards of God's creation. Created in the image and likeness of God is that which separates humanity from the rest of creation. After considering what the impact of a disclosure of extra-terrestrials should be how should humanity live up to the honor and responsibility of being the highest order of creation  

Are we prepared for the deployment of a functional quantum computer? This week, Technology Now is returning to the topic of post quantum cryptography. We ask why the deadline for migrating to PQC enabled systems has been moved up, we discover what a quantum computer actually needs to be cryptographically relevant, and we pose the question: when it comes to migrating your systems to quantum resistant forms of encryption, could it already be too late for some people to start?This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Sam Jarrell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations.

The Office of Personnel Management on Wednesday awarded its anticipated contract to modernize and consolidate federal human resources functions to Oracle, capping a process that's been over a year in the making. The nearly $400 million award puts Oracle in charge of a process to bring over 100 HR systems under one single platform that the agency is calling its Core Human Capital Management system. OPM says it believes the project will make significant reductions in the overall cost of HR platforms to taxpayers. “Historically, federal agencies have relied on fragmented, aging HR systems that are costly to maintain and difficult to scale,” OPM Director Scott Kupor said in a written statement included in a press release. He called the award “a foundational investment in the future of federal workforce management.” A final award comes over a year after an early effort to award such a contract failed to move forward. In May 2025, the Office of Personnel Management awarded a sole-source contract to Workday to facilitate the Trump administration's HR modernization efforts, arguing it was the only vendor that could do the job. But OPM abruptly canceled that award, and later launched open competition for such a contract. The Cybersecurity and Infrastructure Security Agency on Wednesday ordered federal agencies to prioritize vulnerabilities based on four criteria, as part of a push to “patch smarter, not harder.” Federal agencies should emphasize patches for vulnerabilities that affect a publicly exposed asset, allow an attacker to fully automate exploitation, give attackers the ability to take over control of a system or relate to evidence of active, real-world exploitation, CISA declared. CISA acting director Nick Andersen previewed the binding operational directive (BOD) Tuesday, framing it as a rethinking of vulnerability management more broadly. Andersen said in a statement: “This Directive provides clear definitions, timelines and criteria that enhances transparency, predictability and agencies' resource planning to execute more effective vulnerability remediation." BOD 26-04 sets forth timelines for how quickly agencies must fix a vulnerability based on how many of the four criteria it meets. If it meets all four, for example, agencies need to fix it within three days and carry out a “forensic triage” to assess whether their systems were compromised. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Microsoft June 2026 Patch Tuesday https://isc.sans.edu/diary/Microsoft%20June%202026%20Patch%20Tuesday/33064 Miasma Software Supply Chain Attack Toolkit Source Published https://safedep.io/inside-the-miasma-supply-chain-attack-toolkit/ Fortinet FortiSandbox Vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-26-141 My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

There is a moment in every conversation about cybercrime when the criminal stops being a shadow and becomes a person with a desk, a calendar, and a complaint about Monday. That moment is the one that interests me. For years I've been told cybersecurity is a technical problem. Firewalls, patches, acronyms nobody outside the room understands. And it is, partly. But sit with Geoff White for fifteen minutes at InfoSecurity Europe and the technical layer becomes what it always was underneath: people. People who get out of bed, argue with their partners, drink too much vodka after a breakup, and worry about a grandmother in the hospital — while running an extortion racket that, somewhere else, is shutting down the hospital treating someone else's grandmother. Geoff is an investigative journalist and author who has built a career out of refusing to let crime stay abstract. His new BBC series, Cyber Hack — the strand that grew out of The Lazarus Heist — turns its attention to one of the world's biggest ransomware gangs, Conti. And here is the detail that stayed with me: he has read their mail. Three hundred thousand internal messages, leaked, written by the criminals themselves when they assumed no one was watching. A journalist's candy store, as he called it. Also a nightmare — in Russian, thick with slang, mistranslated so often that “Bitcoin” comes out as “cue ball” and money hides behind the word for “grandmothers.” What fascinates me is not the heist. It is the self-portrait. Because the gang does not see a gang. They see a company. They have clients, they say. Customers. Negotiations conducted professionally. Some of them even hand the victim a report afterward — here is how we got in, here is what you should fix — as though extortion were a security audit with an invoice attached. Geoff has a theory I find hard to argue with: extortion is exhausting work for a smart person to do every day, so the brain quietly rewrites the job description. Criminal becomes businessman. The part that knows the truth shrinks. The story they tell themselves takes over. I'm Italian, so of course The Godfather arrived uninvited in the middle of our conversation. It's a business. Nothing personal. We laughed — I get to make that joke and Geoff doesn't — but underneath the laugh is something genuinely unsettling, and it has nothing to do with hackers. It's about all of us. We are all narrating ourselves into the people we'd prefer to be. The ransomware gang simply does it with higher stakes and worse intentions. This is why storytelling isn't decoration on top of cybersecurity. It's the only tool that makes the invisible visible. Geoff's last BBC series landed at number seven on the US charts, a few slots below Joe Rogan, because he tells these stories as stories — with the technical iceberg sitting safely below the waterline. People learn when they aren't being lectured. And we should learn, quickly. The same week I'm laughing about cue balls, Geoff describes cloning his own mother's voice with an AI tool and phoning her. She thought the line was just a little muffled. I told him what I tell my parents: if anything feels strange, hang up and call me directly. A pre-digital instinct, used as armor against a very digital trick. So what do we carry forward, and what do we leave behind? We carry the stories. We leave behind the comfortable idea that any of this is happening somewhere else, to someone else. The new season of Cyber Hack is expected in July. Listen to it — not because it will scare you, though it might, but because it makes a hidden world legible, and legibility is where every defense we have begins. Geoff's books and the show are linked below. And if you'd like more of these conversations, subscribe to the newsletter at marcociappelli.com. Let's keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly |

At Infosecurity Europe in London, Pete Hannah, VP of Sales for Western Europe at Object First, joins Sean Martin to reframe a question many organizations still get wrong. The issue is not only how to keep ransomware out, but how quickly you can recover once it gets in. With Europe's regulatory landscape tightening, that distinction is becoming the difference between disruption and disaster. What does the UK Cyber Security and Resilience Bill actually demand? According to Pete Hannah, it reads less like a checklist and more like an operational resilience standard. It expects organizations to manage threats, prove they have tested their recovery plans, and treat resilience as a board-level responsibility with real financial penalties. More than ninety percent of the bill already applies in practice, so waiting for it to become law is a risk in itself. Why do backups matter so much? Because more than ninety percent of cyberattacks target them first. Pete Hannah explains that "immutable" has become a marketing word, and the meaningful test is whether anyone still holds the access to destroy protected data. Object First answers that with absolute immutability, independently tested, with zero destructive access for admins or compromised accounts. That protection is purpose-built for Veeam environments through the Ootbi appliance, the resilient bunker that stays standing even when every password is known and every other system is compromised. When recovery is guaranteed, teams stop worrying about whether they will recover and focus instead on how fast. How does a stretched IT team adopt this without adding overhead? Pete Hannah describes deployment as taking the appliance out of the box, racking it, connecting it, and pointing backups at it. For boards and CISOs under budget and resource pressure, simplicity is the selling point. It is easy to manage, easy to prove, and dependable when it matters. The proof is in the field. Pete Hannah shares stories of customers who survived worst-case scenarios because Object First was the only thing left standing, and one who tracked him down simply to say thank you. In an era where AI is accelerating attacks and a single compromised password has bankrupted companies, knowing you can recover is the new definition of good enough. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Pete Hannah, VP of Sales, Western Europe, Object First LinkedIn: https://www.linkedin.com/in/peterhannah/ RESOURCES Learn more about Object First: https://objectfirst.com Ootbi by Object First (Out-of-the-Box Immutability): https://objectfirst.com Watch: Anthony Cusimano of Object First at RSAC Conference: https://youtu.be/LMWuZ_NH1lA Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Pete Hannah, Object First, Ootbi, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, immutable backup storage, ransomware recovery, Veeam backup, absolute immutability, Cyber Security and Resilience Bill, cyber resilience, data protection, operational resilience, backup and recovery, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Azure Functions Action and 72 Other Repositories Disabled After Supply Chain Attack https://www.stepsecurity.io/blog/miasma-worm-hits-microsoft-again-azure-functions-action-and-72-other-repositories-disabled-after-supply-chain-attack-targeting-ai-coding-agents Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/ Missing IPsec Integrity Protection for IMS SIP Signaling in Verizon VoLTE Deployments https://kb.cert.org/vuls/id/615987 My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Most physicians using AI on patient data have no idea what the real security risks are. Francisco M. Torres, an interventional physiatrist, and Purab Patel, a medical student with a programming background, argue that cybersecurity has become a patient safety issue in medicine, and that the AI pipelines physicians now rely on are more complex than most clinicians realize. This episode is based on their article "Navigating the cybersecurity challenges of artificial intelligence in medicine," published on KevinMD. You will hear how changing a few pixels in a medical image can flip an AI diagnosis, why AI note-taking can miss clinically significant findings, and what questions to ask any vendor before trusting a black box with patient data. You will also learn why Francisco tells his kids that AI certification may matter more than an MBA. Listen for a grounded take on treating AI as a tool, not a truth machine. Partner with me on the KevinMD platform. With over three million monthly readers and half a million social media followers, I give you direct access to the doctors and patients who matter most. Whether you need a sponsored article, email campaign, video interview, or a spot right here on the podcast, I offer the trusted space your brand deserves to be heard. Let's work together to tell your story. PARTNER WITH KEVINMD → https://kevinmd.com/influencer SUBSCRIBE TO THE PODCAST → https://www.kevinmd.com/podcast RECOMMENDED BY KEVINMD → https://www.kevinmd.com/recommended