POPULARITY
Strategies for implementing governance guardrails for agentic and shadow AIPrioritising risk reduction through design-led controls that balance innovation, governance, and cost efficiencyMitigating cascading risk across increasingly complex ecosystems of vendors, contractors and platformsThom Langford, Host, teissTalkhttps://www.linkedin.com/in/thomlangford/Cameron Brown, Head of Cyber Threat and Risk Analytics, Ariel Rehttps://www.linkedin.com/in/analyticalcyber/Benoit Heynderickx, Principal Research Analyst, Information Security Forum (ISF)https://www.linkedin.com/in/benoithey/Yaroslav Rosomakho, Chief Scientist, Zscalerhttps://www.linkedin.com/in/yaroslavrosomakho/
From fears that a powerful new AI could supercharge hacking, to the ransomware gangs holding our data hostage, we talk to a former FBI expert about the latest cyber threats.Also in Tech Life this week: we hear from a listener who is using dermatology tech to educate schoolchildren on the importance of staying safe in the sun. Presenter: Chris Vallance Producer: Tom Quinn(Photo: Numerous computer screens are displaying green-coloured code and a finger pointing at a smartphone screen. Credit: Getty Images)
In this episode of the Campus Technology Insider Podcast, Campus Technology Editor-in-Chief Rhea Kelly hosts Ed Skoudis, president of the SANS Technology Institute, to discuss how AI is reshaping cybersecurity and what it means for higher education. Skoudis says AI is now driving all five top emerging attack trends highlighted in SANS's RSAC keynote: increased zero-day exploits, expanded supply-chain risk, growing complexity in operational technology attacks, risks of irresponsible AI use in digital forensics and incident response, and the need to use AI defensively to keep pace with attackers' speed. He explains why higher ed is harder to defend due to diverse, open, cutting-edge environments and constrained budgets, and he recommends accelerated patching, AI-assisted incident response, rapid decision-making teams, frequent tabletop exercises, threat intelligence monitoring, and flexible AI workflows that can swap models as tools change. 00:00 Welcome and Guest Intro 00:29 Ed Skoudis Background 01:00 Steampunk Office Tour 02:24 Antiques Meet IoT 03:25 AI Drives Attack Trends 05:01 Higher Ed Under Fire 05:49 Five AI Shaped Attacks 09:51 Lessons from Finance 12:05 Speeding Up Response 15:32 Training for AI Defense 18:00 AI Toolkit and Model Flexibility 22:01 Budget Priorities Patching First 25:39 Crystal Ball Rough Years Ahead 29:53 Zero Vulnerabilities Vision 31:22 Prepare with AI Strategy 34:16 Closing and Where to Listen Resource links: SANS Technology Institute SANS Institute's Top 5 Most Dangerous New Attack Techniques SANS free cybersecurity resources Internet Storm Center Music: Mixkit Duration: 35 minutes Transcript (coming soon)
J. Michael Daniel, President and CEO of Cyber Threat Alliance (CTA), gives us a peek behind the U.S. Government cybersecurity curtain and how he has helped improve the nation's security through the CTA.Michael leads the CTA team and oversees the organization's operations. Prior to joining the CTA in February 2017, Michael served from June 2012 to January 2017 as Special Assistant to President Obama and Cybersecurity Coordinator on the National Security Council Staff. In this role, Michael led the development of national cybersecurity strategy and policy, and ensured that the US government effectively partnered with the private sector, non-governmental organizations, and other nations. Learn more at: https://www.cyberthreatalliance.org/Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io
In this episode of Reimagining Cyber, Tyler Moffitt is joined by Mike DePalma to break down the biggest insights from the OpenText 2026 Cybersecurity Threat Report—and what they mean for MSPs and their customers.They explore how today's threats are becoming more targeted, automated, and AI-driven, why small and mid-sized businesses are the primary target, and what's changing across phishing, ransomware, and identity-based attacks.You'll learn:Why phishing—especially spear phishing—is surgingHow identity has become the new security perimeterThe gap between ransomware confidence and real recoveryThe risks of unmanaged AI toolsWhat MSPs must do to stay aheadA fast, practical look at the trends shaping cybersecurity—and how to respond.Relevant Links:The report: https://cybersecurity.opentext.com/threat-report/Interactive Executive Summary:https://indd.adobe.com/view/014203fa-4c23-44b7-87e6-5b786d93e628As featured on Million Podcasts' Best 100 Cybersecurity Podcasts Top 50 Chief Information Security Officer CISO Podcasts Top 70 Security Hacking PodcastsThis list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
Stocks rebound to close out a winning week as investors track a fragile U.S.-Iran ceasefire ahead of negotiations in Pakistan. Plus, a closer look at Anthropic's Mythos and rising fears it could supercharge cyber threats, with major banks and policymakers now on alert. And as new data underscores an affordability crunch for consumers, we count down to bank earnings and the next key catalysts ahead. Fast Money Disclaimer Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
Federal Tech Podcast: Listen and learn how successful companies get federal contracts
In 2026, we are seeing an increase in cyberattacks targeting defense contractors and defense production. Today, we met with Tim Miller, Field CTO at Dataminr, who explained how the company is helping the federal government address this growing threat. Traditionally, cyber threats could be classified as "Zero Day." Essentially, this meant an attack targeting a software or hardware vulnerability that was unknown to the public. They were effective because no security patch existed, and they could bypass defenses. AI has compressed this 24-hour window to minutes. If your opponent is speeding up attacks, then the defender must use similar tools to prevent a breach. Dataminr has developed something called "real-time intelligence." This concept can provide early warnings, help separate nuisance attacks from serious malware, and address today's workforce gap in cyber defense knowledge. During the interview, Miller noted that the company also launched a new product for cyber defense that integrates threat intelligence with internal data. It is called Dataminr for Cyber Defense and leverages AI and Agentic AI to neutralize threats. = = Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com
Cybersecurity isn't just about technology—it's about mindset, risk, and understanding where organizations are truly vulnerable. In this episode of The Virtual CISO Moment, host Greg Schaffer sits down with cyber threat intelligence professional Travis Whitesel to explore the evolving intersection of military intelligence, cybersecurity, and emerging risks in unexpected places like the sports industry.Travis shares how his journey from Army intelligence analyst to cyber warfare technician shaped his approach to cybersecurity—and how that perspective led him to launch Victory Cybersecurity Consulting to help underserved sectors strengthen their defenses within real-world budget constraints. From the growing risks around NIL deals for college athletes to the challenge small organizations face in prioritizing security investments, the conversation highlights practical ways to think about cyber risk without enterprise-level resources.The episode also dives into the realities of nation-state threats, why process often matters more than technology, and how cybersecurity professionals can avoid burnout in a high-pressure field. It's a candid discussion about bridging strategy and tactics, communicating cyber risk in language executives understand, and finding balance while working in one of the most demanding industries today.Tune in to hear how one cyber professional is helping organizations—from universities to sports programs—build smarter security strategies in an increasingly complex threat landscape.
Another week, another ISLAMIC terror attack, this time in NYC over the weekend. But the Ayatollah Mamdani blamed the victims of the attack and claimed it was about bigotry towards him. Andrea has the details and the truth! What's the real threat of Iran that no one is talking about? And what can we expect to be the real impact on gas prices? Congress has yet to vote on the SAVE Act, but they did vote to hang a plaque that commemorates the wrong people. Who? Is John Cornyn the reason why Congress voted against releasing the details of the sexual assault slush fund. With Guests Tom Del Beccaro & Brian Maloney.Support Our Mission: https://www.paypal.com/donate/?hosted_button_id=ZMGRBFGDJKRS8See omnystudio.com/listener for privacy information.
Nationally recognized educator Randy Johnson, executive vice president at K2 Enterprises, outlines ransomware risks for CPA firms, how these threats are evolving, and ways to keep your data safe.
On this week's show, Patrick Gray, Adam Boileau and James WIlson discuss the week's cybersecurity news. They cover: The US-Israeli attack on Iran had a whole lot of cyber. It's clearly in the playbook now! The NSA Triangulation / L3 Harris Trenchant iOS exploit kit is on the loose, and being used by Chinese crypto scammers So long Maddhu Gottumukkala, but CISA's annus horribilis continues Adam “humbug” Boileau complains about the Airsnitch wifi attack just being three ethernets in a trenchcoat ASD's Cisco SD-WAN threat hunting guide is clearly borne of … experience This week's episode is sponsored by AI threat hunting platform Nebulock. Sydney Marrone joins to talk about how useful AI models are on the hunt, and her work building out an open source framework and maturity model. It's methodology agnostic, so you can adapt it for your environment, and the github link is in the show notes! This episode is also available on Youtube. Show notes Inside the plan to kill Ali Khamenei Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran | TechCrunch Matthew Prince
After major cloud outages brought businesses to a halt in 2025, insurers and risk managers are rethinking how cyber policies respond to third-party vendor failures. In this Risky … Read More » The post When the Cloud Fails: Protecting Insureds in a Third-Party Outage Crisis appeared first on Insurance Journal TV.
Maria Long, chief underwriting officer, Resilience, discusses how emerging cyberthreats are transforming cyber insurance and driving the need for stronger underwriting and enhanced client resilience.
Justin Shanken closely monitors global security trends and explains why North Korea is becoming a growing concern in the cybersecurity landscape and what that means for businesses today.Watch the full episode: https://youtu.be/DsWyNfZA_-4Global Dealer Solutions offers a network of high-performance providers while remaining product agnostic. Knowing which tools to deploy makes a big difference. Having a trusted adviser; priceless. Schedule your complimentary consultation today. https://calendly.com/don-278. BE THE 1ST TO KNOW. LIKE and FOLLOW HERE www.linkedin.com/company/fixed-ops-marketinghttps://www.youtube.com/channel/@fixedopsmarketingGet watch and listen links, as well as full episodes and shorts: www.fixedopsmarketing.com/wtfJoin Managing Partner and Host, Russell B. Hill and Charity Dunning, Co-Host and Chief Marketing Officer of FixedOPS Marketing, as we discuss life, automotive, and the human journey in WTF?!#podcast #automotive #fixedoperations
Every vendor in exposure management now says they do CTEM. Nick Lanta's response: "You don't even know what you're talking about." This episode with Nick Lantuh (CyberProof) and Amy Chaney (Citibank) breaks down how a methodology became a meaningless marketing term and how buyers can fight back. The reality check: CTEM requires connecting vuln scanning, endpoint, SIEM, cloud, email, network—not just one of them Adding CAASM or external attack surface management doesn't make you a CTEM vendor Most organizations doing "CTEM" are actually using spreadsheets and manual threat intel fusion Why services-led beats platform-first (60x revenue growth proved it) The disingenuity problem: vendors spray the term, buyers have to unpack it Amy's evaluated these claims at the world's largest banks. Nick built the solution that actually connects the pieces. Together, they arm you with the filter.
Summary In this episode of Chattinn Cyber, Marc is chattin' with Alyssa Lisiewski, Managing Director at Ankura and one of the best known and respected cybersecurity experts in the country. The conversation begins with Alyssa sharing her early introduction to technology, influenced by her father who taught her to take apart and reassemble computers from a young age. Initially interested in forensic crime scene investigations, Alyssa shifted her focus to cybersecurity due to her father's encouragement and foresight about the field's growth. She started her career as an intern in diplomatic security's computer investigations and forensics unit, then pursued a master's degree while working as a government contractor, honing her skills in cybersecurity and high-tech crime investigations. Alyssa's career progressed into the intelligence community, where she specialized in digital forensics from an intelligence perspective, which differed from traditional digital forensics. She later worked at the Department of Defense Cyber Crime Center in Maryland, conducting forensic examinations and testifying in court cases. Transitioning to the private sector, Alyssa led a digital forensics team at a major financial company focusing on insider threats before joining Anchor, where she combines her cyber threat and forensic expertise. The discussion then shifts to clarifying common internet terminology: the surface web, deep web, and dark web. Alyssa explains that the surface web is the small portion of the internet most people use daily, such as Google and social media. The deep web contains more anonymous and legal content like academic and medical documents, while the dark web is accessed via Tor and is often associated with illicit activities but also hosts legitimate anonymous communications. Alyssa emphasizes the importance of proactive dark web monitoring for businesses. Beyond just detecting if stolen data is posted, monitoring can reveal chatter among threat actors about industries or competitors, enabling companies to anticipate and mitigate attacks. She shares a real-life example where her team identified a threat actor group's tactics early, allowing a client to detect an intrusion that had gone unnoticed for a month, demonstrating the value of threat intelligence in incident response. Finally, Marc and Alyssa chat about the benefits and challenges of incorporating dark web analysis into post-incident investigations. While it can clarify the true impact of a breach and assist in legal mediation, there are limitations due to the trustworthiness of data posted by criminals. Her team validates findings through metadata analysis and breach research. The episode closes with Alyssa inviting listeners to connect with her via email or LinkedIn for further discussion, highlighting her openness to sharing knowledge and engaging with the cybersecurity community. Key Points Alyssa's Journey: Alyssa's early exposure to technology and career path from forensic interests to cybersecurity and digital forensics. Web Infrastructure: Explanation of the surface web, deep web, and dark web, including their differences and common misconceptions. Threat Detection: The strategic value of proactive dark web monitoring for businesses to detect threats and industry chatter before breaches occur. A real-world example of how threat intelligence helped identify a threat actor's tactics and detect a breach earlier than usual. The role of dark web analysis in post-incident investigations, including its benefits, limitations, and methods to validate data. Key Quotes “When I was four, my dad taught me how to take apart a computer and put it back together… he made sure I was learning about it from a very young age.” “The surface web is really only 4 or 5% of the web. The majority of the web is the deep web and the dark web.” “If you’re not monitoring proactively the dark web, chances are the first time you’re looking at the dark web is after that breach.” “We knew … the threat actor group… and because of that, we were able to identify the actual true start of the incident, about a month prior to the update we were working on.” “There are going to be situations where we may not be able to identify if data is out there, or we may identify it but not give any context… that’s why we do other things to try to validate it.” About Our Guest Alyssa Lisiewski is a Managing Director at Ankura in Washington, DC, bringing over 14 years of specialized experience in digital forensics, cybersecurity, and insider threat investigations. She has a proven track record of leading and conducting complex cyber investigations that protect critical digital assets across diverse industries including government, financial services, and legal sectors. Alyssa is highly skilled in operating within digital forensic lab environments, adhering to industry standards for evidence handling, and analyzing electronically stored information. She has been qualified as an expert witness in federal and military courts and has played key roles in program leadership, strategic service development, and partner engagement, driving innovation and excellence in cyber risk management. Follow Our Guest Website | LinkedIn About Our Host National co-chair of the Cyber Center for Excellence, Marc Schein, CIC,CLCS is also a Risk Management Consultant at Marsh McLennan. He assists clients by customizing comprehensive commercial insurance programs that minimize the burden of financial loss through cost effective transfer of risk. By conducting a Total Cost of Risk (TCoR) assessment, he can determine any gaps in coverage. As part of an effective risk management insurance team, Marc collaborates with senior risk consultants, certified insurance counselors, and expert underwriters to examine the adequacy of existing client programs and develop customized solutions to transfer risk, improve coverage and minimize premiums. Follow Our Host Website | LinkedIn
In this episode of Unspoken Security, host AJ Nash sits down with CharlotteGuiney, Cyber Threat Intelligence Manager at Toyota Financial Services. Theyexplore what it takes to build threat intelligence programs that work for bothsecurity teams and the wider business. Charlotte cuts through the noise,stressing that buy-in is step one—and that it's often the hardest step. Sheshares how understanding internal customers and their priorities leads toearly wins, which are key to building trust and showing the value ofintelligence.Charlotte explains that not every organization needs the same level ofmaturity. Small companies might only need basic monitoring, while largerenterprises face more complex challenges. She notes that successfulprograms link intelligence to business needs, not just security threats. Thisapproach helps teams prioritize what matters most and communicate risk inways business leaders understand.The conversation also dives into the future of threat intelligence. Charlottesees a growing role for automation and AI, especially for basic tasks, butbelieves people are still needed to bridge gaps and build relationships acrossthe business. She closes with a reminder to keep things in perspective,echoing a lesson from her childhood at clown camp: sometimes you need tostep back and find humor, even in serious work.Send us a textSupport the show
How modern ransomware actors are deploying multidimensional tactics to outpace traditional defencesStrategies to reduce data loss and sustain business operations after an attackAI and automation – enhancing visibility and accelerating response to ransomware threatsThom Langford, Host, teissTalkhttps://www.linkedin.com/in/thomlangford/Edward Starkie, Director, GRC | Cyber Risk, Thomas Murrayhttps://www.linkedin.com/in/edward-starkie-56712431/Cameron Brown, Head of Cyber Threat and Risk Analytics, Ariel Rehttps://www.linkedin.com/in/analyticalcyber/Jesus Cordero, Director, Solution Architects AppSec, NetSec & XDR, EMEA, Barracudahttps://www.linkedin.com/in/jcordero-guzm%C3%A1n/
Shadow AI is already inside your company—and your security team can't see it. Employees are using AI tools without approval, confidential data is leaking into public LLMs, and attackers are weaponizing AI faster than we can secure it. In this episode of Today in Tech, host Keith Shaw is joined by Etay Maor of Cato Networks, a cybersecurity expert and adjunct professor at Boston College, to reveal how Shadow AI is now one of the biggest threats to enterprise security. We discuss how AI tools slip past IT monitoring, why AI is now the weakest link, how attackers jailbreak AI models, and why agentic AI could open the next wave of cyberattacks. Etay also shares real-world cybercrime examples using AI—and what companies MUST do now to gain AI visibility, enforce policies, and prevent data leaks. Topics Covered: What is Shadow AI and why is it dangerous? 38% of employees sharing sensitive data with AI tools Why 90% of enterprise AI use is invisible AI misuse by employees and insider risks Jailbroken AI models and zero-knowledge threat actors AI-powered phishing, deepfakes & identity fraud Agentic AI and excessive permissions How to monitor, detect and contain Shadow AI
Today, we've got Amadou Kane of VicOne live from Austin, TX, at the NMFTA Cybersecurity Conference to talk about the real risks facing transportation, from hackers targeting ELDs and Class 8 trucks to supply chain vulnerabilities that could disrupt the entire freight network! We dive into how attackers manipulate GPS data, hijack vehicle controls, and even exploit EV chargers to threaten infrastructure, how fleets can fight back with onboard intrusion detection systems, real-time monitoring, and tighter OEM and supplier vetting through Software Bills of Materials (SBOMs), why vehicle security isn't just IT security, how cost-cutting at the OEM level creates risk, and what proactive measures the industry must take to protect drivers, assets, and national security! About Amadou Kane Amadou Kane is a Sr. Solution Engineer and the North America Technical Lead at VicOne. With extensive experience in the automotive industry, previously spearheaded Wistron NeWeb's V2X programs in North America and served as the Automotive Business Development Manager, specializing in connectivity and ADAS. Amadou brings a wealth of expertise in developing innovative solutions to address the evolving challenges in automotive technology. He holds a Bachelor of Electrical Engineering and a Master's of Electrical and Computer Engineering, as well as an MBA from the University of Detroit Mercy. Connect with Amadou Website: https://vicone.com/ LinkedIn: https://www.linkedin.com/in/amadoukn/
Agencies are on a tight deadline to address a new and major cyber security vulnerability. The cyber security and infrastructure security agency directed agencies to patch potentially vulnerable F5 devices in an emergency. Directive comes as agencies also navigate reduced staffing during the shutdown. For more on all of this, we bring in Federal News Network's Justin Doubleday. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
What would happen if your freight data got hacked before your trucks even hit the road? In this episode, NMFTA's Joe Ohr digs into how cybersecurity threats are evolving fast across freight and supply chains, from stolen tequila loads rerouted through digital trickery to insider risks hiding in forgotten system logins! We talk about why cyber protection isn't just an IT problem anymore, but also a business survival issue, how AI is changing the game for detecting and responding to cyberattacks, and the upcoming NMFTA Cybersecurity Conference in Austin, a must-attend event where industry leaders share practical defense strategies, run hands-on tabletop exercises, and build real plans companies can use immediately. Cyber threats are only getting smarter, and if you're not training, auditing access, and collaborating with others in the industry, you're already behind, so keep tuning in to our conversation! About Joe Ohr Joe Ohr has more than two decades of experience in technical operations, customer success management, customer support, and product support. Currently serving as the Chief Operating Officer for the National Motor Freight Traffic Association, Inc. (NMFTA)™, he plays a pivotal role in helping to advance the industry through digitization, classification, and cybersecurity. Prior to Ohr's role at NMFTA, he served as in numerous engineering and operations positions at Qualcomm and Eaton, and most recently held the position of Senior Vice President of Operations/Customer Experience at Omnitracs. Throughout his career, Ohr has provided strategic guidance, vision, and a roadmap for addressing long-term customer challenges. He has played a key role in accelerating revenue growth and has collaborated closely with IT, product, and engineering teams to foster stronger partnerships with strategic customers and peers. Additionally, Ohr has overseen post sales customer support and service teams, as well as operations, managing a workforce of over 400 individuals. He holds multiple certifications such as CCNA from Cisco and MCSE from Microsoft and earned his Bachelor of Science in Education from the Ohio State University. Due to his contributions to the industry, he earned a spot in the Inner Circle in 2015 and 2018 from Qualcomm and Omnitracs.
Welcome to Mastering Cyber with Host Alissa (Dr Jay) Abdullah, PhD, SVP & Deputy CSO at Mastercard, and former White House technology executive. Listen to this weekly one-minute podcast to help you maneuver cybersecurity industry tips, terms, and topics. Buckle up, your 60 seconds of cyber starts now! Sponsored by Mastercard: https://mastercard.us/en-us.html
On this week's episode of the Security Sprint, Andy is joined by the Cybersecurity Evangelist herself, Jennifer Walker as well as Sadie Anne Jones! Together they covered the following topics:Warm Open:• Tribal-ISAC Unveils Cybersecurity Report & Tribal-ISAC cybersecurity report delivers data, insights into risks• (TLP:CLEAR) WaterISAC Physical Security Advisory Committee: Insider Threat Management – Fact Sheet.• Colin Wood on Bluesky: “October isn't only cyber awareness month. It's also National Popcorn Poppin' Month, National Adopt a Shelter Dog Month and Eczema Awareness Month. There's something for everyone, really” It's also National Pizza Month!Main Topics:CISA: Cybersecurity Awareness Month - Building a Cyber Strong America. October is Cybersecurity Awareness Month! This year's theme is Building a Cyber Strong America, highlighting the need to strengthen the country's infrastructure against cyber threats, ensuring resilience and security. • Cybersecurity Awareness Month Toolkit• DHS and CISA Announce Cybersecurity Awareness Month 2025• Article: DHS, CISA kick off Cybersecurity Awareness Month 2025 to protect critical services, boost national resilienceCybersecurity Information Sharing Act of 2015 (CISA 2015): • CISA 2015 sunsets: Cyber Threat sharing without a net? • CISA Liability Protections Terminate - What Legal & InfoSec Need to Know Before Sharing Cyber Threat Information• Cyber Threat Information Sharing at Risk: What Companies Should Consider if the Cybersecurity Information Sharing Act of 2015 Is Not Renewed• Cyber defenders on edge amid shutdown furloughs, expired authorities• Information sharing under CISA 2015 in limbo after government shuts downQuick Hits:• Judge temporarily blocks use of National Guard in Portland• USNORTHCOM statement regarding protection of federal property and personnel in the Portland Area• Trump says US is in ‘armed conflict' with drug cartels after ordering strikes in the Caribbean• Venezuela says it detected 5 US ‘combat planes' flying 75km from its coast, calls it a ‘provocation'• Clop extortion emails claim theft of Oracle E-Business Suite data• Active exploitation of vulnerability affecting Oracle E-Business Suite• Oracle Security Alert Advisory - CVE-2025-61882• CISA and UK NCSC Release Joint Guidance for Securing OT Systems• Shutdown guts U.S. cybersecurity agency at perilous time• CISA to furlough 65% of staff if government shuts down this week• UK NPSA - Manchester Incident • Security boost for Irish Jews after Manchester synagogue attack• Global Exposure of 180,000 ICS/OT Devices Raises Safety Concerns
Show Featured Sponsor: Precision Holsters:These guys have a lifetime, no questioned asked 100% guarantee. They are makers of high-quality holsters, belts, and magazine pouches. Visit them at: Precision Holsters and use code “seekAWS” for a discount. In this episode of the American Warrior Show, Rich Brown is joined by Andrew Frisbie (Practical Cyber Defense) to dig into the threats America faces in cyberspace—and how we must respond.
Organizations continue to face an increasingly complex cyber threat landscape. Amid ongoing geopolitical and geoeconomic tensions and supply chain disruptions, a robust and comprehensive cyber risk management strategy can help businesses mitigate risks and improve resiliency. In this episode of Risk in Context, Marsh McLennan's Dan Bowden speaks with Marsh's Helen Nuttall and Matt Berninger about the importance of reviewing and reinforcing cyber controls to help minimize cyber exposures and uncertainty and better protecting their people, finances, and operations from cyber threats. You can access a transcript of the episode here. Read Cybersecurity Signals, Connecting Controls and Incident Outcomes and The 2025 OT Security Financial Risk Report. For more insights and insurance and risk management solutions, follow Marsh on LinkedIn and X and visit marsh.com.
In this high-stakes episode, we dive into the latest breaking national security developments. The Secret Service has uncovered a massive plot involving hundreds of thousands of SIM cards capable of disabling cell towers, 911 systems, and encrypted communications—potentially targeting U.S. leaders during the UN General Assembly in New York. We break down what this means, the ongoing investigation, and the implications for American cybersecurity in a world of nation-state threats. We also examine the strategic significance of Bagram Air Base in Afghanistan. With China, Iran, and Russia all maneuvering for influence, we analyze why reclaiming this base is critical for countering threats and maintaining global military leverage—and why fewer troops may still be enough to hold this tactical jewel. From cyber vulnerabilities to global military strategy, this episode gives a deep look at the complex threats facing the U.S. today and the bold moves being considered to keep America secure.
The Secret Service says it has dismantled a network of hundreds of servers capable of disrupting telecommunications as the UN General Assembly meets in Manhattan. Meanwhile, the City Council is preparing to vote on a controversial housing proposal in the Bronx that would create apartments for people leaving Rikers Island with serious medical needs. Also, Grammy-winning rapper Cardi B is lending her voice to MTA subway announcements, reminding riders to pay fares and follow safety rules. And NY1's Errol Louis joins us to break down the unusual four-way race for New York City mayor.
In this episode, we're uncovering the unusual side of cyber threat trends under the theme of AI and Cybersecurity: The Rise of False Bug Reports. This phenomenon is muddying the waters of vulnerability management, revealing new layers of complexity in cybersecurity defense. We look at what's driving the rise of false bug reports—and how to stay ahead of the curve.Try AI Box: https://aibox.aiAI Chat YouTube Channel: https://www.youtube.com/@JaedenSchaferJoin my AI Hustle Community: https://www.skool.com/aihustle
More than half of small to medium businesses in New Zealand experienced a cyber threat in the last six months. National Cyber Security Centre's Director Mission Enablement Mike Jagusch spoke to Corin Dann.
Welcome back to To the Point Cybersecurity Podcast, brought to you by Forcepoint! In this week's episode, co-hosts Rachael Lyon and Jonathan Knepher continue their conversation with Russell Teague, CISO at Fortified Health Security and a contributor to the White House National Cybersecurity Healthcare Strategy. With over three decades of experience spanning healthcare, tech, pharma, and finance, Russell dives deep into the current state of cybersecurity in the healthcare sector. In this insightful Part 2, the trio unpacks hot topics like the HIPAA Security Rule update, how budget uncertainty is creating decision paralysis for healthcare organizations, and the real-world impact this has on cyber preparedness. Russell discusses the importance—and challenges—of moving toward a secure-by-design approach for medical devices, the complexities of third-party and even fourth- and fifth-party risk, and why building strong vendor relationships and risk management programs has never been more critical. Looking to the future, they also tackle the role of AI and workforce shortages in healthcare cybersecurity, highlighting how AI could help close the security gap and how new talent—whether from the military, clinics, or other backgrounds—can find a path into this essential field. If you're interested in where healthcare cybersecurity is heading and want practical advice straight from a top expert, this episode is packed with insights you won't want to miss. Be sure to hit that subscribe button so you never miss an episode of To the Point Cybersecurity! For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e346
In this episode, we're continuing a series focused on malware from the IJIS Institute's Cybersecurity Working Group and their JusticeGuardian series—this time, the group dives into the topic of cyber threat actors, the people who are behind the creation and distribution of malware. We once again welcome back host Larry Zorio, Chair of the Cybersecurity Working Group, along with returning member Jeramy Cooper-Leavitt. Together, they discuss what motivates them, why they are using malware, what the actors gain from it, and more.
On this episode of To the Point Cybersecurity Podcast, hosts Rachel Lyon and Jonathan Knepher dive deep into the evolving threat landscape in healthcare cybersecurity with special guest Russell Teague, CSO at Fortified Health Security. With over three decades of experience across sectors like healthcare, pharma, and finance—and as a contributor to the White House National Cybersecurity Healthcare Strategy—Russell brings incredibly valuable insights to the table. Together, they unpack the most pressing cyber threats facing healthcare organizations today, including ransomware as a service, third-party risks, and the growing impact of AI on both offense and defense. Russell discusses the unique challenges rural and small healthcare providers face, the critical importance of operational resiliency and incident readiness, and why data management remains a top priority in protecting patient information. Tune in for practical advice, free resources, and expert analysis of what's needed to stay ahead of attackers in one of the world's most targeted industries. Whether you're a cybersecurity professional, healthcare leader, or just interested in the intersection of technology and patient care, this episode is packed with insights you won't want to miss. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e345
In this episode of The Cyber Threat Perspective, we're diving into one of the most pressing trends in cybersecurity: how threat actors are using AI. From deepfake scams and AI-generated phishing emails to automated malware and voice cloning, attackers are leveraging artificial intelligence to scale their operations and sharpen their tactics. We'll break down real-world examples, tools like WormGPT, and what this means for defenders going forward.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com
In this episode of Reimagining Cyber, host Rob Aragao sits down with cybersecurity executive and domain security expert Ihab Shraim to spotlight one of the most overlooked yet critical areas of cyber risk—fraudulent domain registrations and DNS hijacking. As the digital attack surface expands, bad actors are exploiting unmonitored domain portfolios and exposed DNS infrastructure to launch phishing campaigns, malware distribution, and business email compromise—all while flying under the radar of traditional security tools.Ihab explains why domain risk is a foundational weakness in many organizations' security postures and argues that without domain security, cybersecurity is incomplete. From shadow IT and orphaned domains to poor DNS hygiene and lack of domain portfolio governance, Ihab outlines the blind spots that make companies vulnerable—and provides actionable strategies CISOs and security leaders must adopt to regain control.Whether you're managing brand reputation, protecting customer trust, or looking to tighten your security fundamentals, this episode delivers an eye-opening exploration into why domain risk needs to be a board-level conversation.Key Takeaways:Why domain name portfolios are a high ROI target for cybercriminalsThe dangers of DNS exposure and subdomain hijackingHow social media abuse and unauthorized resellers magnify brand riskWhy domain monitoring, locking, and defensive registrations are essentialThe case for making CISOs accountable for domain strategy and protectionFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
Joining the podcast this week is Dmitry Bestuzhev, senior director of cyber threat intelligence (CTI) at Blackberry. He gives Petko an inside look into the key types of CTI and how the insights can be used to build context and determine response in specific circumstances, such as in the recent case of attempted targets at NATO. Dmitry also turns our attention to the risks posed by public charging stations - a ploy dubbed “Juice Jacking.” Dmitry Bestuzhev, Senior Director CTI at BlackBerry Dmitry Bestuzhev is Senior Director, CTI (Cyber Threat Intelligence) at BlackBerry. Prior to BlackBerry, Dmitry was Head of Kaspersky's Global Research and Analysis Team for Latin America, where he oversaw the company's experts' anti-malware development work in the region. Dmitry has more than 20 years of experience in IT security across a wide variety of roles. His field of expertise covers everything from traditional online fraud to targeted high-profile attacks on financial and governmental institutions. His main focus in research is on producing Threat Intelligence reports on financially motivated targeted attacks. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e341
Cybersecurity leader Nigel Boston joins the Stats On Stats podcast to share how threat intelligence, discipline, and authenticity transformed his career. From warehouse work to leading in cyber, his journey is a testament to intentional growth and giving back to the community.Guest ConnectLinkedIn: https://www.linkedin.com/in/nigelbboston Stats on Stats ResourcesCode & Culture: https://www.statsonstats.io/flipbooks | https://www.codeculturecollective.io Merch: https://www.statsonstats.io/shop LinkTree: https://linktr.ee/statsonstatspodcast Stats on Stats Partners & AffiliatesHacker HaltedWebsite: https://hackerhalted.com/ Use Discount Code: "
Text us a pool question!In this episode of the Talking Pools podcast, hosts Steve and Wayne discuss various topics related to pool maintenance, including the importance of reliable staffing, the impact of ransomware attacks on the industry, and the significance of effective water testing. They emphasize the need for strong cybersecurity measures, especially in light of recent attacks, and the importance of clear communication with clients regarding pool maintenance expectations. The conversation also touches on the challenges posed by weather conditions and the necessity of understanding pool chemistry for effective maintenance.takeawaysSteve shares his recent wedding experience in Turks and Caicos.Reliable staffing is crucial for business continuity during personal events.Ransomware attacks can affect any business with technology.Cybersecurity is essential for protecting business operations.Weather significantly impacts pool maintenance and water quality.Proper water testing is vital for pool health and safety.Communication with clients about pool conditions is key.The cost of maintaining pools can vary significantly.Understanding pool chemistry is essential for effective maintenance.Evaluating client relationships is important for business sustainability.Sound Bites"Congratulations, Steve and Janet.""Ransomware affects anyone with tech going on.""Is it worth it for me to send a guy out there?"Chapters00:00Celebrating New Beginnings02:38The Importance of Reliable Staffing04:58Navigating Ransomware Attacks10:41The Significance of Proper Pool Maintenance23:52Understanding Water Chemistry30:47The Dangers of Cheap Testing Kits36:34Client Communication and Expectations42:15Evaluating Client Relationships Support the showThank you so much for listening! You can find us on social media: Facebook Instagram Tik Tok Email us: talkingpools@gmail.com
Joining the podcast this week is Dmitry Bestuzhev, senior director of cyber threat intelligence (CTI) at Blackberry. He gives Petko an inside look into the key types of CTI and how the insights can be used to build context and determine response in specific circumstances, such as in the recent case of attempted targets at NATO. Dmitry also turns our attention to the risks posed by public charging stations - a ploy dubbed “Juice Jacking.” Dmitry Bestuzhev, Senior Director CTI at BlackBerry Dmitry Bestuzhev is Senior Director, CTI (Cyber Threat Intelligence) at BlackBerry. Prior to BlackBerry, Dmitry was Head of Kaspersky's Global Research and Analysis Team for Latin America, where he oversaw the company's experts' anti-malware development work in the region. Dmitry has more than 20 years of experience in IT security across a wide variety of roles. His field of expertise covers everything from traditional online fraud to targeted high-profile attacks on financial and governmental institutions. His main focus in research is on producing Threat Intelligence reports on financially motivated targeted attacks. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e340
Cyber threat intelligence (CTI) is no longer just a technical stream of indicators or a feed for security operations center teams. In this episode, Ryan Patrick, Vice President at HITRUST; John Salomon, Board Member at the Cybersecurity Advisors Network (CyAN); Tod Beardsley, Vice President of Security Research at runZero; Wayne Lloyd, Federal Chief Technology Officer at RedSeal; Chip Witt, Principal Security Analyst at Radware; and Jason Kaplan, Chief Executive Officer at SixMap, each bring their perspective on why threat intelligence must become a leadership signal that shapes decisions far beyond the security team.From Risk Reduction to OpportunityRyan Patrick explains how organizations are shifting from compliance checkboxes to meaningful, risk-informed decisions that influence structure, operations, and investments. This point is reinforced by John Salomon, who describes CTI as a clear, relatable area of security that motivates chief information security officers to exchange threat information with peers — cooperation that multiplies each organization's resources and builds a stronger industry front against emerging threats.Real Business ContextTod Beardsley outlines how CTI can directly support business and investment moves, especially when organizations evaluate mergers and acquisitions. Wayne Lloyd highlights the importance of network context, showing how enriched intelligence helps teams move from reactive cleanups to proactive management that ties directly to operational resilience and insurance negotiations.Chip Witt pushes the conversation further by describing CTI as a business signal that aligns threat trends with organizational priorities. Jason Kaplan brings home the reality that for Fortune 500 security teams, threat intelligence is a race — whoever finds the gap first, the defender or the attacker, determines who stays ahead.More Than DefenseThe discussion makes clear that the real value of CTI is not the data alone but the way it helps organizations make decisions that protect, adapt, and grow. This episode challenges listeners to see CTI as more than a defensive feed — it is a strategic advantage when used to strengthen deals, influence product direction, and build trust where it matters most.Tune in to hear how these leaders see the role of threat intelligence changing and why treating it as a leadership signal can shape competitive edge.________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.
Wilson Patton, Solutions Architect for Trellix, demonstrates how their four-pillar Gen-AI framework transforms incident alerts into actionable intelligence.Topics Include:Wilson Patton: Trellix Solutions Architect, 20 years government experienceWitnessed evolution from basic firewalls to zero trust architecturesTrellix combines McAfee and FireEye heritage and capabilitiesAI integration isn't new - machine learning embedded for yearsPartnership with AWS Bedrock accelerates Gen-AI development capabilities2014: Developed Impossible Travel Analytic for anomaly detection2016: Launched Guided Investigations framework for SOC analysts2023: Introduced AI Guided Investigations with contextual understanding64% of public sector exploring AI adoption activelyOnly 21% have requisite data ready for trainingGen-AI won't magically clean up messy, siloed data74% of executives doubt AI information accuracy currentlyMonday morning alert queue: 76 high, 318 medium alertsAdversaries steal credentials 90 days before major incidentsCritical breadcrumbs hidden in low-priority informational alerts1000+ data-driven investigative questions developed over eight yearsSkilled analysts take too long reading all answersAutomate analysis, distill thousands down to ten critical alertsFour foundational pillars for effective, trustworthy Gen-AI implementationCybersecurity expertise essential - Gen-AI is just a toolFrameworks ensure reliability and consistent prompting for productionMultiple LLM models tested through AWS Bedrock platformQuality diverse datasets required for accurate question answeringGood prompts combine evidence, context, and comprehensive informationTesting shows order of magnitude price differences between modelsNova Micro provides cost-effective results for many scenariosPrompt engineering superior to fine-tuning for avoiding biasAgentic AI performs multi-step investigations with live dataStrategic model choice based on specific requirements and costsTransparent audit trails mandatory for government compliance requirements Participants:Wilson Patton – Solutions Architect, TrellixFurther Links:Website: https://www.trellix.comTrellix in the AWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
As Chair Powell testifies on Capitol Hill, BNY's Vince Reinhart offers insight into what it means for the Fed path and investor expectations. Victoria Greene of G Squared breaks down the market positioning. FedEx and AeroVironment earnings. Former Pentagon official Roger Zakheim weighs in on the state of ceasefire efforts in the Middle East while Crowdstrike CEO George Kurtz joins to talk the rising cyber threats coming from Iran. More on the wild moves in the energy market with Again Capital's John Kilduff.
Rich is joined by Alex Swoyer—attorney and legal affairs reporter for The Washington Times—to discuss the controversial federal court decision ordering the release of Mahmoud Khalil, a figure tied to terror-related concerns. With the Trump administration considering deportation action, the case raises serious questions about national security and judicial oversight. Marine veteran and founder of Post Traumatic Winning, Michael McNamara, shares his battle-tested approach to dealing with post-traumatic stress—offering raw, practical insight not just for veterans, but for anyone dealing with deep emotional trauma. Then, former CIA cybersecurity expert and Secure Anchor CEO Eric Cole breaks down the growing risk of Iranian cyberattacks targeting U.S. infrastructure and private industry. He explains why digital warfare may be Iran's next move—and how America can stay ahead. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Due to the escalating situation in Israel, we held an emergency panel to explore: - What is happening on the ground - What we can expect in the coming days - The situation here in America - The changing dynamics of modern warfare On our panel, we had: Rosh Yeshiva of Talmudic University of Florida, Rabbi Akiva Zweig. Former Chief Scientist of the US Army Research Laboratory, Dr. Alexander Kott. Chief Science Officer and Cofounder of the Network Contagion Research Institute, Dr. Joel Finkelstein. Board-certified adult and geriatric psychiatrist, Dr. Marc Agronin. Cyber Threat & Open-Source Intelligence Analyst, Travis Hawley.
Cyber attacks against public safety agencies are rising, with 324 confirmed globally in 2024, including 25 complete system shutdowns. The Public Safety Threat Alliance, established by Motorola Solutions, is a cyber threat Information Sharing and Analysis Organization (ISAO) recognized by CISA that provides actionable intelligence to public safety agencies across the globe to improve their resilience and defense capabilities. Membership in the PSTA is open to all public safety agencies, and there is no cost to join for public sector organizations. In this episode of the Policing Matters podcast, part of a special report from Motorola Solutions Summit 2025, host Jim Dudley speaks with William DeCoste, STARS Program Manager and Telecommunications Engineer Manager with the Virginia State Police Communications Division and Jay Kaine, the Director of Threat Intelligence at Motorola Solutions. They tackle the direct effect cyber attacks can have on public safety agencies and the collaborative efforts underway to combat them. About our sponsor This episode of the Policing Matters podcast is sponsored by Motorola Solutions.
Three Buddy Problem - Episode 45: (The buddies are trapped in timezone hell with cross-continent travel this week). In the meantime, absorb this keynote presented by Juan Andres Guerrero-Saade (JAG-S) at CounterThreats 2023. It's a frank discussion on the role of cyber threat intelligence (CTI) during wartime and its importance in bridging information gaps between adversaries. Includes talk on the ethical challenges in CTI, questioning the impact of intelligence-sharing and how cyber operations affect real-world conflicts. He pointed to Ukraine and Israel as examples where CTI plays a critical, yet complicated, role. His message: cybersecurity pros need to be aware of the real-world consequences of their work and the ethical responsibility that comes with it. Acknowledgment: Credit for the audio goes to CyberThreat 2023, SANS Institute, NCSC, and SentinelOne. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).
1/2: #CYBER THREAT & WHAT IS TO BE DONE? ANNIE FIXLER, FDD. OCTOBER 1931
2/2: #CYBER THREAT & WHAT IS TO BE DONE? ANNIE FIXLER, FDD. 1930
GOOD EVENING: The show begins in kashmir along the line of control...Good evening: The show begins in Kashmir along the Line of Control... 1947 PARTITION CBS EYE ON THE WORLD WITH JOHN BATCHELOR FIRST HOUR 9:00-9:15 1/2: #KASHMIR: FOREBODING AT THE LINE OF CONTROL. BILL ROGGIO, FDD. HUSAIN HAQQANI, HUDSON INSTITUTE. 9:15-9:30 2/2: #KASHMIR: FOREBODING AT THE LINE OF CONTROL. BILL ROGGIO, FDD. HUSAIN HAQQANI, HUDSON INSTITUTE. 9:30-9:45 #UKRAINE: WHAT IS NEEDED. JOHN HARDIE, BILL ROGGIO, FDD 9:45-10:00 #UKRAINE: PUTIN FOOT-DRAGGING. JOHN HARDIE, BILL ROGGIO, FDD SECOND HOUR 10:00-10:15 #ISRAEL: MARCH OF THE LIVING 2025. MALCOLM HOENLEIN @CONF_OF_PRES @MHOENLEIN1 @THADMCCOTTER @THEAMGREATNESS 10:15-10:30 #ANTISEMITISM: HARVARD 300 PAGE REPORT INADEQUATE. MALCOLM HOENLEIN @CONF_OF_PRES @MHOENLEIN1 @THADMCCOTTER @THEAMGREATNESS 10:30-10:45 1/2: #HARVARD: WHAT IS TO BE DONE? PETER BERKOWITZ, HOOVER INSTITUTION 10:45-11:00 2/2: #HARVARD: WHAT IS TO BE DONE? PETER BERKOWITZ, HOOVER INSTITUTION THIRD HOUR 11:00-11:15 #PRC: DID THE US AND EU BANKS SEE THE BUBBLE? ANNE STEVENSON-YANG, @GORDONGCHANG, GATESTONE, NEWSWEEK, THE HILL 11:15-11:30 #USS IOWA: REMEMBERING THE GUN TURRET TRAGEDY. JAMES HOLMES, @GORDONGCHANG, GATESTONE, NEWSWEEK, THE HILL 11:30-11:45 #PRC: WASHING CHINA EXPORTS TO THE US. CHARLES ORTEL, @GORDONGCHANG, GATESTONE, NEWSWEEK, THE HILL 11:45-12:00 #CIA: INEXPLICABLE HOLLYWOOD MELODRAMA RECRUITING. GRANT NEWSHAM, "WHEN CHINA ATTACKS." FOURTH HOUR 12:00-12:15 #NEWWORLDREPORT: BOMB PLOT RIO. JOSEPH HUMIRE @JMHUMIRE @SECUREFREESOC. ERNESTO ARAUJO, FORMER FOREIGN MINISTER REPUBLIC OF BRAZIL. #NEWWORLDREPORTHUMIRE 12:15-12:30 #NEWWORLDREPORT: EBBING PINK TIDE. JOSEPH HUMIRE @JMHUMIRE @SECUREFREESOC. ERNESTO ARAUJO, FORMER FOREIGN MINISTER REPUBLIC OF BRAZIL. #NEWWORLDREPORTHUMIRE 12:30-12:45 1/2: #CYBER THREAT & WHAT IS TO BE DONE? ANNIE FIXLER, FDD. 12:45-1:00 AM 2/2: #CYBER THREAT & WHAT IS TO BE DONE? ANNIE FIXLER, FDD.
This Week in Machine Learning & Artificial Intelligence (AI) Podcast
Today, we're joined by Nidhi Rastogi, assistant professor at Rochester Institute of Technology to discuss Cyber Threat Intelligence (CTI), focusing on her recent project CTIBench—a benchmark for evaluating LLMs on real-world CTI tasks. Nidhi explains the evolution of AI in cybersecurity, from rule-based systems to LLMs that accelerate analysis by providing critical context for threat detection and defense. We dig into the advantages and challenges of using LLMs in CTI, how techniques like Retrieval-Augmented Generation (RAG) are essential for keeping LLMs up-to-date with emerging threats, and how CTIBench measures LLMs' ability to perform a set of real-world tasks of the cybersecurity analyst. We unpack the process of building the benchmark, the tasks it covers, and key findings from benchmarking various LLMs. Finally, Nidhi shares the importance of benchmarks in exposing model limitations and blind spots, the challenges of large-scale benchmarking, and the future directions of her AI4Sec Research Lab, including developing reliable mitigation techniques, monitoring "concept drift" in threat detection models, improving explainability in cybersecurity, and more. The complete show notes for this episode can be found at https://twimlai.com/go/729.