POPULARITY
China's Salt Typhoon claims another victim (or two). State healthcare portals are tracking and leaking. No kidding. Apple adopts FIDO's Passkeys and other credentials transport. Facebook gets Passkey logon. TikTok continues ticking for at least another 90 days. Canadian telco admits they were infiltrated by Salt Typhoon. Microsoft to remove unwanted (and hopefully unneeded) hardware drivers. The Austrian government legislates court-warranted message decryption. I (Steve) finally get full clarity on what today's "AI" means. A deep dive into the Salt Typhoon's operation and how they got in Show Notes - https://www.grc.com/sn/SN-1031-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow hoxhunt.com/securitynow outsystems.com/twit bigid.com/securitynow zscaler.com/security
China's Salt Typhoon claims another victim (or two). State healthcare portals are tracking and leaking. No kidding. Apple adopts FIDO's Passkeys and other credentials transport. Facebook gets Passkey logon. TikTok continues ticking for at least another 90 days. Canadian telco admits they were infiltrated by Salt Typhoon. Microsoft to remove unwanted (and hopefully unneeded) hardware drivers. The Austrian government legislates court-warranted message decryption. I (Steve) finally get full clarity on what today's "AI" means. A deep dive into the Salt Typhoon's operation and how they got in Show Notes - https://www.grc.com/sn/SN-1031-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow hoxhunt.com/securitynow outsystems.com/twit bigid.com/securitynow zscaler.com/security
China's Salt Typhoon claims another victim (or two). State healthcare portals are tracking and leaking. No kidding. Apple adopts FIDO's Passkeys and other credentials transport. Facebook gets Passkey logon. TikTok continues ticking for at least another 90 days. Canadian telco admits they were infiltrated by Salt Typhoon. Microsoft to remove unwanted (and hopefully unneeded) hardware drivers. The Austrian government legislates court-warranted message decryption. I (Steve) finally get full clarity on what today's "AI" means. A deep dive into the Salt Typhoon's operation and how they got in Show Notes - https://www.grc.com/sn/SN-1031-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow hoxhunt.com/securitynow outsystems.com/twit bigid.com/securitynow zscaler.com/security
China's Salt Typhoon claims another victim (or two). State healthcare portals are tracking and leaking. No kidding. Apple adopts FIDO's Passkeys and other credentials transport. Facebook gets Passkey logon. TikTok continues ticking for at least another 90 days. Canadian telco admits they were infiltrated by Salt Typhoon. Microsoft to remove unwanted (and hopefully unneeded) hardware drivers. The Austrian government legislates court-warranted message decryption. I (Steve) finally get full clarity on what today's "AI" means. A deep dive into the Salt Typhoon's operation and how they got in Show Notes - https://www.grc.com/sn/SN-1031-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow hoxhunt.com/securitynow outsystems.com/twit bigid.com/securitynow zscaler.com/security
China's Salt Typhoon claims another victim (or two). State healthcare portals are tracking and leaking. No kidding. Apple adopts FIDO's Passkeys and other credentials transport. Facebook gets Passkey logon. TikTok continues ticking for at least another 90 days. Canadian telco admits they were infiltrated by Salt Typhoon. Microsoft to remove unwanted (and hopefully unneeded) hardware drivers. The Austrian government legislates court-warranted message decryption. I (Steve) finally get full clarity on what today's "AI" means. A deep dive into the Salt Typhoon's operation and how they got in Show Notes - https://www.grc.com/sn/SN-1031-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow hoxhunt.com/securitynow outsystems.com/twit bigid.com/securitynow zscaler.com/security
China's Salt Typhoon claims another victim (or two). State healthcare portals are tracking and leaking. No kidding. Apple adopts FIDO's Passkeys and other credentials transport. Facebook gets Passkey logon. TikTok continues ticking for at least another 90 days. Canadian telco admits they were infiltrated by Salt Typhoon. Microsoft to remove unwanted (and hopefully unneeded) hardware drivers. The Austrian government legislates court-warranted message decryption. I (Steve) finally get full clarity on what today's "AI" means. A deep dive into the Salt Typhoon's operation and how they got in Show Notes - https://www.grc.com/sn/SN-1031-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow hoxhunt.com/securitynow outsystems.com/twit bigid.com/securitynow zscaler.com/security
In this episode, Mark Ledlow is interviewed by Tommy Pappas of Fearless Protection Insights. They delve into the complexities of personal and physical security in today's unpredictable environment. Mark shares his background in military and law enforcement, his journey into the executive protection industry, and how he founded Ledlow Security Group. They discuss the importance of proactive security measures, conducting risk and threat assessments, and the role of advanced teams in ensuring the safety of high-net-worth individuals. The conversation also touches on the impact of social media, AI-driven threats, and the significance of educating clients to foster trust and security. Additionally, Mark highlights his commitment to supporting veterans and looks forward to expanding his security and media ventures.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSContext and Perspective: Understanding the significance of being vigilant in different environments, both domestic and international. Proactive Measures: Importance of risk assessments, threat assessments, and protective intelligence to mitigate potential dangers proactively. Digital Age Challenges: Awareness of the increased threats due to social media, AI, and the evolving nature of targeted attacks. Value of Expertise: Highlighting the importance of involving experts in security to protect personal, family, and corporate interests. Holistic Security Approach: Emphasis on combining physical security measures with digital intelligence to provide comprehensive protection. Veteran Support: Mark's commitment to empowering veterans through employment opportunities and community support.QUOTES"You don't have to be a Joe Rogan. You don't have to be a top 1% podcaster to tell your story. You just gotta get over your own fear of getting on the podcast." "My job, what I've learned over the years, is to do an investigation, figure out the context of the threat, and often, education is the key." "People want actionable intelligence. That's the key." "Mark's team does X, Y, and Z... showing the value on a risk threat assessment to the decision-makers." "Creating memories that will last a lifetime and embodying a fearless mindset not just in business, but in life."Get to know more about Tommy Pappas through the links below.https://www.linkedin.com/in/tommypappas/https://www.tpgcollective.com/https://www.youtube.com/@TommyPappasFOTo hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.
Send us a textSeveral popular Chrome extensions, including privacy and security tools, have been found leaking sensitive data through unencrypted HTTP and hard-coded credentials in their code. Security is both hard and easy - hard because of existing unencrypted protocols and trust placed in developers, but easy because fundamental security practices should be common knowledge in 2025.• Chrome extensions including DualSafe Password Manager and Avast Online Security are leaking sensitive user data• HTTP vs HTTPS - the 'S' stands for security and encrypts data transmission over the internet• HTTPS Only extension from EFF forces secure connections when browsing• Hard-coded credentials in extensions create permanent security vulnerabilities• Developers sometimes collect excessive data "just in case" rather than minimizing collection• OWASP (Open Web Application Security Project) provides essential resources for developers• Technology abstraction makes users less aware of security fundamentals• The newly restarted OWASP Nomad chapter offers virtual community for application securityCheck out our GitHub repository of privacy resources at "Awesome Privacy Engineering Tools" for more information on implementing better privacy practices in development. Support the show
Is anyone safe in today's digital battlefield? In today's episode of The Valley Current®, host Jack Russo is joined by tech-savvy CPA Steve Rabin to unpack why cybersecurity breaches are no longer a matter of if but when. From fake clients to data-wiping hacks, they reveal how everyone from elderly investors to high-powered business professionals is a target. Password management, multi-factor authentication, and shifting liability to fiduciaries may be your best defenses. Don't just plan for recovery, focus on prevention! No one is too small to be a target. https://taxservice2u.com/ https://www.washingtonpost.com/national-security/2025/05/02/cia-layoffs-trump-administration/?carta-url=https%3A%2F%2Fs2.washingtonpost.com%2Fcar-ln-tr%2F4261ab8%2F6815e92a08718a083aa424c3%2F596962349bbc0f4b7754a9b5%2F11%2F59%2F6815e92a08718a083aa424c3 Jack Russo Managing Partner Jrusso@computerlaw.com www.computerlaw.com https://www.linkedin.com/in/jackrusso "Every Entrepreneur Imagines a Better World"®️
Send us a textThe Pentagon is embroiled in a crisis of credibility as Secretary of Defense Pete Hegseth finds himself caught in a web of contradictions over information security practices. What began as a seemingly straightforward disciplinary action against alleged leakers has evolved into a revealing portrait of double standards at the highest levels of military leadership.When three senior Pentagon advisors—Dan Caldwell, Colin Carroll, and Darren Selnick—were unceremoniously escorted from the building and subsequently fired, they raised a troubling claim: they were never told what specific information they allegedly leaked, nor were they given any opportunity to defend themselves. "We have not been told what we're being investigated for," Caldwell stated bluntly in a follow-up interview, questioning whether a legitimate investigation ever took place.The situation took a dramatic turn when reports emerged that Secretary Hegseth himself had been sharing sensitive operational details about military strikes against Houthi targets in Yemen—not through secure government channels, but in Signal chat groups that included family members. This followed an earlier incident where Hegseth participated in another Signal group that accidentally included a journalist from The Atlantic. Security experts and congressional representatives have expressed alarm, with Rep. Jim Himes highlighting that "preparations for an attack... are to be classified top secret."This controversy strikes at fundamental questions about accountability and equal application of rules. While Hegseth publicly decried leakers and anonymous sources as "hoaxsters," his own information-sharing practices appear to violate the very standards he's enforcing among his staff. Rep. Don Bacon, a Republican and retired Air Force general, described Hegseth's actions as "amateur hour," noting that "Russia and China are all over his phone and for him to be putting secret stuff on his phone is not right."What makes this pattern particularly concerning is how it mirrors broader issues of due process throughout government enforcement. As similar stories emerge from immigration enforcement and other sectors, we're confronted with critical questions about the consistent application of rules and the protections afforded to those accused of wrongdoing.Has our rush to address perceived security threats led us to abandon core principles of fairness? Does the digital age require new frameworks for handling sensitive information? Join us as we explore these pressing questions—and be sure to subscribe for our continuing coverage of this developing story.REAL ID Enforcement Begins - Digital Surveillance COMING SOON?https://youtu.be/ZYBoH35OjXs?si=rEhZWO-h0mU_DwQL Boundless Insights - with Aviva KlompasIn depth analysis of what's happening in Israel—and why it matters everywhere.Listen on: Apple Podcasts SpotifySupport the show
Gwen Clavon, Senior Vice President for Digital Security and Analytics at Amentum, joins ClearedCast to discuss leadership, resilience, and wellness in cleared careers—and why it's okay to not be okay in national security. To learn more about careers at Amentum, visit their ClearanceJobs profile. Hosted on Acast. See acast.com/privacy for more information.
Join Chief Technologist, John Janek and Technical Director for Digital Security, Niroop Gonchikar, as they discuss the concept of Zero Trust and its practical applications in cybersecurity. They explore its application across various environments, emphasizing the philosophy behind constant authentication and authorization to enhance security. The conversation includes insights from Niroop's experience at the Zero Trust Summit, where government agencies and vendors discussed their progress and challenges.They highlight the importance of making security easy for users, leveraging AI, maintaining continuous delivery and monitoring, and the evolving complexities of modern digital environments. The discussion also touches on the necessity of mentoring, community, and systemic understanding in developing secure codes and systems.
In this week’s edition of What the Hack! on CapeTalk, Arthur Goldstuck joined John Maytham to explore the shift towards vehicle safety at the Auto Shanghai 2025 expo, unpack the power (and challenges) of the new Acer Predator Connect W6x Wi-Fi router, preview Meta’s LlamaCon and its AI ambitions, and share expert advice for World Password Day on how to better protect your online accounts. Good Morning Cape Town with Lester Kiewit is a podcast of the CapeTalk breakfast show. This programme is your authentic Cape Town wake-up call. Good Morning Cape Town with Lester Kiewit is informative, enlightening and accessible. The team’s ability to spot & share relevant and unusual stories make the programme inclusive and thought-provoking. Don’t miss the popular World View feature at 7:45am daily. Listen out for #LesterInYourLounge which is an outside broadcast – from the home of a listener in a different part of Cape Town - on the first Wednesday of every month. This show introduces you to interesting Capetonians as well as their favourite communities, habits, local personalities and neighbourhood news. Thank you for listening to a podcast from Good Morning Cape Town with Lester Kiewit. Listen live – Good Morning CapeTalk with Lester Kiewit is broadcast weekdays between 06:00 and 09:00 (SA Time) https://www.primediaplus.com/station/capetalk Find all the catch-up podcasts here https://www.primediaplus.com/capetalk/good-morning-cape-town-with-lester-kiewit/audio-podcasts/good-morning-cape-town-with-lester-kiewit/ Subscribe to the CapeTalk daily and weekly newsletters https://www.primediaplus.com/competitions/newsletter-subscription/ Follow us on social media: CapeTalk on Facebook: www.facebook.com/CapeTalk CapeTalk on TikTok: www.tiktok.com/@capetalk CapeTalk on Instagram: www.instagram.com/capetalkza CapeTalk on X: www.x.com/CapeTalk CapeTalk on YouTube: www.youtube.com/@CapeTalk567 See omnystudio.com/listener for privacy information.
On todays episode Danny is joined by David Mahdi, Chief Identity Officer (CIO) for Transmit Security. David is a globally recognized leader in cybersecurity and digital identity, renowned for his pioneering work in establishing digital trust across complex enterprise ecosystems. With over two decades of experience, he has been instrumental in shaping the fields of identity-first security, cryptography, and machine identity management. As the CIO at Transmit Security and former Chief Strategy Officer and CISO Advisor at Sectigo, David has guided organizations through digital transformation initiatives, including the development of cryptography centers of excellence and the implementation of passwordless authentication systems. His tenure as a top-performing VP Analyst at Gartner solidified his reputation as a trusted advisor to Fortune 500 companies, where he provided insights on cybersecurity, blockchain, PKI, and IoT security. David's thought leadership extends to his contributions to the Forbes Technology Council and the Fast Company Executive Board, where he continues to influence the discourse on digital trust and cybersecurity. His holistic approach, encompassing IT, engineering, business development, and marketing, positions him uniquely to address the multifaceted challenges of today's digital landscape. In this podcast, David shares his insights on the evolving landscape of digital identity, the importance of establishing digital trust, and the future of cybersecurity in an increasingly interconnected world:The most surprising challenge David has faced in leading innovation at scaleSomething David struggles with as a leader in the tech spaceHow to maintain peak performance and keep your team motivatedThe role AI plays in the evolution of digital identity and fraud preventionHow to manage energy and focusWhat excites David most about the future of digital security and identity managementAnd more...Are you getting every episode of Digital Transformation & Leadership in your favourite podcast player? You can find us Apple Podcasts and Spotify to subscribe.
bitcoinplebdev and cmd are building FROSTR, a multi-signature aggregation scheme for nostr key management.
Think your intimate photos are safe on private apps? Think again. A shocking new data leak has exposed millions of private images from dating platforms, putting users at serious risk. In this episode of Darnley's Cyber Cafe, we uncover what went wrong, the hidden dangers of sharing sensitive photos online, and how you can protect yourself from cyber threats. Tune in now—your privacy may depend on it.Click here to send future episode recommendationSupport the showSubscribe now to Darnley's Cyber Cafe and stay informed on the latest developments in the ever-evolving digital landscape.
Tazin Khan, CEO of Cyber Collective, joins Lisa Dent to discuss digital privacy. 23andMe has declared bankruptcy and its assets, including the genetic data that their users gave the company, will soon be owned by someone else. Khan warns that the new owners of the genetic data may not have the same privacy standards.
On today's episode, we're going even deeper into my stalker situation. I'll be sharing more details about his delusional tendencies—including how he's gone as far as pretending to be a police officer to manipulate and control people (which is a crime, by the way). I'll also be answering the questions I've received from you all about this ongoing situation.Law enforcement is now more involved (actual police, not to be confused with blue light bandits), we know everything, and we'll be handling it all legally. Tune in for the full update.—https://policecoffee.com/?gad_source=1&gbraid=0AAAAACG7qmJnibJBpoe9p7ReNXovwJMQN&gclid=Cj0KCQjwqIm_BhDnARIsAKBYcmsZOengz4NFStC14G_b2eziJgYpA8kGt2sokaR9i3PcTxs0QmcaPosaAtbGEALw_wcB
Today, I'm sharing something deeply personal and serious—my stalker story. For over a year, Timothy C. (we can share his full name soon if need be) has been physically stalking me, and his digital harassment goes back even further. Law enforcement is now involved, but I wanted to update you all in case anything happens to me—so there's no question about who did it. This episode isn't just about my experience; it's also about the reality of stalking, the dangers of obsession, and the importance of taking threats seriously. Stay aware, stay safe, and let's talk about it all, shall we?—https://noblegoldinvestments.com
Cybersecurity in Italy: ITASEC 2025 Recap & Future Outlook with Professor Alessandro ArmandoCybersecurity is no longer a niche topic—it's a fundamental pillar of modern society. And in Italy, ITASEC has become the go-to event for bringing together researchers, government officials, and industry leaders to tackle the biggest security challenges of our time.Although we weren't there in person this year, we're diving into everything that happened at ITASEC 2025 in this special On Location recap with Professor Alessandro Armando. As Deputy Director of the Cybersecurity National Laboratory at CINI and Chairman of the Scientific Committee of the SERICS Foundation, Alessandro has a front-row seat to the evolution of cybersecurity in Italy.This year's event, held in Bologna, showcased the growing maturity of Italy's cybersecurity landscape, featuring keynotes, technical sessions, and even hands-on experiences for the next generation of security professionals. From government regulations like DORA (Digital Operational Resilience Act) to the challenges of AI security, ITASEC 2025 covered a vast range of topics shaping the future of digital defense.One major theme? Cybersecurity as an investment, not just a cost. Italian companies are increasingly recognizing security as a competitive advantage—something that enhances trust and reputation rather than just a compliance checkbox.We also discuss the critical role of education in cybersecurity, from university initiatives to national competitions that are training the next wave of security experts. With programs like Cyber Challenge.IT, Italy is making significant strides in developing a strong cybersecurity workforce, ensuring that organizations are prepared for the evolving threat landscape.And of course, Alessandro shares a big reveal: ITASEC 2026 is heading to Sardinia! A stunning location for what promises to be another exciting edition of the conference.Join us for this insightful discussion as we reflect on where cybersecurity in Italy is today, where it's headed, and why events like ITASEC matter now more than ever.
Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Roy Luongo. Roy is the Chief Information Security Officer for the United States Secret Service. He leads a team in the defense and information assurance of all USSS information systems and solutions. Prior to his current role he was the Director, Joint Mission Operations Center for Cyber Command, providing oversight of mission critical Cyber Operations infrastructures. He has also served as Chief, NSA Red Team and Technical Director for Interactive Operations for the NSA. Roy is a retired Army soldier with 20 years' service within the Intelligence and Cyber career fields. [March 17, 2025] 00:00 - Intro 00:17 - Intro Links: - Social-Engineer.com - http://www.social-engineer.com/ - Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ - Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ - Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ - Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb - CLUTCH - http://www.pro-rock.com/ - innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/ 01:55 - Roy Luongo Intro 02:44 - The Path to CISO of the Secret Service 04:58 - Cybersecurity in Early Education 07:50 - The Entry Level Catch-22 12:24 - Quantifying Risk 14:27 - The Best Way Forward 16:51 - The Effects and Future of AI 20:06 - Understanding Your Needs 22:11 - Advise to Young Roy 24:56 - The Cost of Training 29:01 - Mentors - Ed Skoudis - Brigadier General Brian D. Vile - Shawn Turskey 29:55 - Lollipop Moments - TEDxToronto - Drew Dudley "Leading with Lollipops" 31:33 - Book Recommendations - Cybersecurity Canon - Rick Howard - Kingpin - Kevin Poulsen - Turn the Ship Around! - L. David Marquet 33:49 - Wrap Up & Outro - www.social-engineer.com - www.innocentlivesfoundation.org
Jeff Crawford has been involved in independent media, activism, and technology for decades. He started with Bohemia AfterDark, one of the first indie music video shows, and later organized the Portland Hemp Festival in the mid-90s. His work spans media preservation, AI, and digital activism, focusing on counteracting algorithmic manipulation and censorship. Jeff has worked extensively with content archiving, including rare footage restoration for Getty, and he's deeply invested in exploring how AI can be utilized to reclaim digital spaces from corporate and political influence.Advertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy
Federal Tech Podcast: Listen and learn how successful companies get federal contracts
The federal government is transforming from on-premises and private cloud systems to a hybrid cloud. What most listeners do not realize is that the linchpin to this transition is the Application Program Interface (API). It has been hiding under the radar for so many years that malicious actors use this perspective to attack the API. Info Security Magazine reports that 99% of organizations struggle with API security. Where to start? First, get an inventory of how many APIs you are dealing with. Stephen Ringo emphasizes the need for discovery tools to identify rogue and shadow APIs, noting that passive discovery methods are preferred to avoid network disruptions. He also points out that API security is often overlooked, even in cloud-native solutions, and that misuse, rather than malformation, is the primary threat. Ringo advocates initiative-taking measures to secure APIs and prevent data breaches. Three main ways to protect APIs: Educate and raise awareness about API security risks among federal CIOs and IT leaders. Discover and inventory all APIs, including rogue or shadow APIs, within the organization. Evaluate API security capabilities of cloud providers and ensure proper security controls are in place.
John Maytham is joined by John Giles, Managing Director and Digital, Data, and Tech Attorney at Michalsons Attorneys, to unpack the Protection of Personal Information Act (POPIA) and why data privacy matters now more than ever.See omnystudio.com/listener for privacy information.
⬥GUEST⬥Sarah Fluchs, CTO at admeritia | CRA Expert Group at EU Commission | On LinkedIn: https://www.linkedin.com/in/sarah-fluchs/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin⬥EPISODE NOTES⬥The European Commission's Cyber Resilience Act (CRA) introduces a regulatory framework designed to improve the security of digital products sold within the European Union. In a recent episode of Redefining CyberSecurity, host Sean Martin spoke with Sarah Fluchs, Chief Technology Officer at admeritia and a member of the CRA expert group at the EU Commission. Fluchs, who has spent her career in industrial control system cybersecurity, offers critical insights into what the CRA means for manufacturers, retailers, and consumers.A Broad Scope: More Than Just Industrial AutomationUnlike previous security regulations that focused on specific sectors, the CRA applies to virtually all digital products. Fluchs emphasizes that if a device is digital and sold in the EU, it likely falls under the CRA's requirements. From smartwatches and baby monitors to firewalls and industrial control systems, the regulation covers a wide array of consumer and business-facing products.The CRA also extends beyond just hardware—software and services required for product functionality (such as cloud-based components) are also in scope. This broad application is part of what makes the regulation so impactful. Manufacturers now face mandatory cybersecurity requirements that will shape product design, development, and post-sale support.What the CRA RequiresThe CRA introduces mandatory cybersecurity standards across the product lifecycle. Manufacturers will need to:Ensure products are free from known, exploitable vulnerabilities at the time of release.Implement security by design, considering cybersecurity from the earliest stages of product development.Provide security patches for the product's defined lifecycle, with a minimum of five years unless justified otherwise.Maintain a vulnerability disclosure process, ensuring consumers and authorities are informed of security risks.Include cybersecurity documentation, requiring manufacturers to provide detailed security instructions to users.Fluchs notes that these requirements align with established security best practices. For businesses already committed to cybersecurity, the CRA should feel like a structured extension of what they are already doing, rather than a disruptive change.Compliance Challenges: No Detailed Checklist YetOne of the biggest concerns among manufacturers is the lack of detailed compliance guidance. While other EU regulations provide extensive technical specifications, the CRA's security requirements span just one and a half pages. This ambiguity is intentional—it allows flexibility across different industries—but it also creates uncertainty.To address this, the EU will introduce harmonized standards to help manufacturers interpret the CRA. However, with tight deadlines, many of these standards may not be ready before enforcement begins. As a result, companies will need to conduct their own cybersecurity risk assessments and demonstrate due diligence in securing their products.The Impact on Critical Infrastructure and Industrial SystemsWhile the CRA is not specifically a critical infrastructure regulation, it has major implications for industrial environments. Operators of critical systems, such as utilities and manufacturing plants, will benefit from stronger security in the components they rely on.Fluchs highlights that many security gaps in industrial environments stem from weak product security. The CRA aims to fix this by ensuring that manufacturers, rather than operators, bear the responsibility for secure-by-design components. This shift could significantly reduce cybersecurity risks for organizations that rely on complex supply chains.A Security Milestone: Holding Manufacturers AccountableThe CRA represents a fundamental shift in cybersecurity responsibility. For the first time, manufacturers, importers, and retailers must guarantee the security of their products or risk being banned from selling in the EU.Fluchs points out that while the burden of compliance is significant, the benefits for consumers and businesses will be substantial. Security-conscious companies may even gain a competitive advantage, as customers start to prioritize products that meet CRA security standards.For those in the industry wondering how strictly the EU will enforce compliance, Fluchs reassures that the goal is not to punish manufacturers for small mistakes. Instead, the EU Commission aims to improve cybersecurity without unnecessary bureaucracy.The Bottom LineThe Cyber Resilience Act is set to reshape cybersecurity expectations for digital products. While manufacturers face new compliance challenges, consumers and businesses will benefit from stronger security measures, better vulnerability management, and increased transparency.Want to learn more? Listen to the full episode of Redefining CyberSecurity with Sean Martin and Sarah Fluchs to hear more insights into the CRA and what it means for the future of cybersecurity.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/sarah-fluchs_aaand-its-official-the-cyber-resilience-activity-7250162223493300224-zECA/Adopted CRA text: https://data.consilium.europa.eu/doc/document/PE-100-2023-INIT/en/pdfA list of Sarah's blog posts to get your CRA knowledge up to speed:1️⃣ Introduction to the CRA, the CE marking, and the regulatory ecosystem around it: https://fluchsfriction.medium.com/eu-cyber-resilience-act-9e092fffbd732️⃣ Explanation how the standards ("harmonised European norms, hEN") are defined that will detail the actual cybersecurity requirements in the CRA (2023): https://fluchsfriction.medium.com/what-cybersecurity-standards-will-products-in-the-eu-soon-have-to-meet-590854ba3c8c3️⃣ Overview of the essential requirements outlined in the CRA (2024): https://fluchsfriction.medium.com/what-the-cyber-resilience-act-requires-from-manufacturers-0ee0b917d2094️⃣ Overview of the global product security regulation landscape and how the CRA fits into it (2024): https://fluchsfriction.medium.com/product-security-regulation-in-2024-93ddc6dd89005️⃣ Good-practice example for the "information and instructions to the user," one of the central documentations that need to be written for CRA compliance and the only one that must be provided to the product's users (2024): https://fluchsfriction.medium.com/how-to-be-cra-compliant-and-make-your-critical-infrastructure-clients-happy-441ecd859f52⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity:
⬥GUEST⬥Sarah Fluchs, CTO at admeritia | CRA Expert Group at EU Commission | On LinkedIn: https://www.linkedin.com/in/sarah-fluchs/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin⬥EPISODE NOTES⬥The European Commission's Cyber Resilience Act (CRA) introduces a regulatory framework designed to improve the security of digital products sold within the European Union. In a recent episode of Redefining CyberSecurity, host Sean Martin spoke with Sarah Fluchs, Chief Technology Officer at admeritia and a member of the CRA expert group at the EU Commission. Fluchs, who has spent her career in industrial control system cybersecurity, offers critical insights into what the CRA means for manufacturers, retailers, and consumers.A Broad Scope: More Than Just Industrial AutomationUnlike previous security regulations that focused on specific sectors, the CRA applies to virtually all digital products. Fluchs emphasizes that if a device is digital and sold in the EU, it likely falls under the CRA's requirements. From smartwatches and baby monitors to firewalls and industrial control systems, the regulation covers a wide array of consumer and business-facing products.The CRA also extends beyond just hardware—software and services required for product functionality (such as cloud-based components) are also in scope. This broad application is part of what makes the regulation so impactful. Manufacturers now face mandatory cybersecurity requirements that will shape product design, development, and post-sale support.What the CRA RequiresThe CRA introduces mandatory cybersecurity standards across the product lifecycle. Manufacturers will need to:Ensure products are free from known, exploitable vulnerabilities at the time of release.Implement security by design, considering cybersecurity from the earliest stages of product development.Provide security patches for the product's defined lifecycle, with a minimum of five years unless justified otherwise.Maintain a vulnerability disclosure process, ensuring consumers and authorities are informed of security risks.Include cybersecurity documentation, requiring manufacturers to provide detailed security instructions to users.Fluchs notes that these requirements align with established security best practices. For businesses already committed to cybersecurity, the CRA should feel like a structured extension of what they are already doing, rather than a disruptive change.Compliance Challenges: No Detailed Checklist YetOne of the biggest concerns among manufacturers is the lack of detailed compliance guidance. While other EU regulations provide extensive technical specifications, the CRA's security requirements span just one and a half pages. This ambiguity is intentional—it allows flexibility across different industries—but it also creates uncertainty.To address this, the EU will introduce harmonized standards to help manufacturers interpret the CRA. However, with tight deadlines, many of these standards may not be ready before enforcement begins. As a result, companies will need to conduct their own cybersecurity risk assessments and demonstrate due diligence in securing their products.The Impact on Critical Infrastructure and Industrial SystemsWhile the CRA is not specifically a critical infrastructure regulation, it has major implications for industrial environments. Operators of critical systems, such as utilities and manufacturing plants, will benefit from stronger security in the components they rely on.Fluchs highlights that many security gaps in industrial environments stem from weak product security. The CRA aims to fix this by ensuring that manufacturers, rather than operators, bear the responsibility for secure-by-design components. This shift could significantly reduce cybersecurity risks for organizations that rely on complex supply chains.A Security Milestone: Holding Manufacturers AccountableThe CRA represents a fundamental shift in cybersecurity responsibility. For the first time, manufacturers, importers, and retailers must guarantee the security of their products or risk being banned from selling in the EU.Fluchs points out that while the burden of compliance is significant, the benefits for consumers and businesses will be substantial. Security-conscious companies may even gain a competitive advantage, as customers start to prioritize products that meet CRA security standards.For those in the industry wondering how strictly the EU will enforce compliance, Fluchs reassures that the goal is not to punish manufacturers for small mistakes. Instead, the EU Commission aims to improve cybersecurity without unnecessary bureaucracy.The Bottom LineThe Cyber Resilience Act is set to reshape cybersecurity expectations for digital products. While manufacturers face new compliance challenges, consumers and businesses will benefit from stronger security measures, better vulnerability management, and increased transparency.Want to learn more? Listen to the full episode of Redefining CyberSecurity with Sean Martin and Sarah Fluchs to hear more insights into the CRA and what it means for the future of cybersecurity.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/sarah-fluchs_aaand-its-official-the-cyber-resilience-activity-7250162223493300224-zECA/Adopted CRA text: https://data.consilium.europa.eu/doc/document/PE-100-2023-INIT/en/pdfA list of Sarah's blog posts to get your CRA knowledge up to speed:1️⃣ Introduction to the CRA, the CE marking, and the regulatory ecosystem around it: https://fluchsfriction.medium.com/eu-cyber-resilience-act-9e092fffbd732️⃣ Explanation how the standards ("harmonised European norms, hEN") are defined that will detail the actual cybersecurity requirements in the CRA (2023): https://fluchsfriction.medium.com/what-cybersecurity-standards-will-products-in-the-eu-soon-have-to-meet-590854ba3c8c3️⃣ Overview of the essential requirements outlined in the CRA (2024): https://fluchsfriction.medium.com/what-the-cyber-resilience-act-requires-from-manufacturers-0ee0b917d2094️⃣ Overview of the global product security regulation landscape and how the CRA fits into it (2024): https://fluchsfriction.medium.com/product-security-regulation-in-2024-93ddc6dd89005️⃣ Good-practice example for the "information and instructions to the user," one of the central documentations that need to be written for CRA compliance and the only one that must be provided to the product's users (2024): https://fluchsfriction.medium.com/how-to-be-cra-compliant-and-make-your-critical-infrastructure-clients-happy-441ecd859f52⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity:
3/6/25 6am CT Hour - Fr. Brice Higginbotham/ Bruno Schroeder John, Glen and Sarah give n update on Pope Francis health, President Trump and Hamas, how Ash Wednesday went and play What's That Sound. Fr. Brice breaks down why we give up meat for Fridays in Lent and how to observe this sacrifice well. Bruno explains digital security and why w should uphold Catholic values in this arena.
Ever wonder why those software updates keep popping up? In this episode, we uncover how updates boost your security, introduce exciting new features, and keep your devices running at their best. Share it with friends, family, or coworkers who might feel overwhelmed by all things tech—help them stay safe and informed, too!Hosted by IT expert Landon Miles, the Teach IT podcast delivers bite-sized, actionable IT tips in three minutes or less. Perfect for both tech pros and beginners, each minisode simplifies complex concepts into clear, practical advice. Tune in to sharpen your IT skills and discover smarter solutions, one quick episode at a time.
Welcome to "Women Petpreneurs Presents Family Readiness," where we explore the essential topics impacting our lives and businesses. I'm your host, Mary Oquendo, joined by my co-host, Kate Klasen. In today's episode, we'll dive into the crucial subject of emergency preparedness. We'll discuss the importance of having accessible identification and documents, especially during times of crisis. With recent events highlighting vulnerabilities, we'll stress why keeping IDs like passports, military IDs, and even student IDs ready is more vital than ever. We'll also explore digital solutions for storing important documents and personal anecdotes emphasizing the need for communication within families about digital access. Additionally, we'll address mental health's role in disaster recovery, offering insights and resources to help you navigate these challenging times. Stay tuned for practical tips, inspiring stories, and more on how to safeguard yourself, your business, and your furry friends.
This week, a conversation with Thorin Klosowski of the Electronic Frontier Foundation about some basic tools and ideas for keeping our information a little safer online and the Surveillance Self-Defense site, ssd.eff.org . We discuss device encryption, tor-browser, vpns, encrypted messaging apps like WhatsApp, Signal and Telegram as well as password vaults. I'm hoping this'll be the first of a few interviews to try to make digital security concepts a little more accessible. SSD.EFF.org Consumer Reports Digital Security and Privacy site (including personal planning app): https://www.consumerreports.org/digital-security-privacy/ https://www.404media.co/ https://www.theverge.com/ https://techcrunch.com/
In this episode of Built In the Bluegrass, we're diving into the world of cybersecurity with Rich Connor, President of LockStock Cybersecurity & Analytics. With the increasing threat of digital vulnerabilities, LockStock is on the front lines, providing cutting-edge security solutions to businesses big and small. Join us as we chat with Rich about how they're helping companies navigate the ever-evolving cybersecurity landscape, their approach to risk management, and what every entrepreneur needs to know to keep their business safe in the digital age. Tune in for insights on protecting your digital assets and securing a safer future—right here in the Bluegrass State. Find all Built In The Bluegrass links here https://linktr.ee/builtinthebluegrass We want to take a moment to thank our partner – the Kentucky Association of Manufacturers. For over 100 years, KAM has served our state's manufacturing industry through advocacy, workforce development, education, and training, as well as cost-saving benefits for members. Fighting for manufacturers is what KAM does best, representing the industry in both Frankfort and Washington, D.C. Whether it's advocacy, offering shipping discounts, or group health insurance, KAM has its members covered. Learn more and become a member by visiting www.kam.us.com
Maintaining digital security is vital, whether you're an individual using your computer or phone or a business using organized networks and complex systems. The sad reality is that threats exist across the vast digital environment that every one of us should be taking steps to avoid. In this episode, we're chatting with Chris Conway, owner of CEJ technologies, and security expert, about the many dangers cyber threats impose on all digital users and what kinds of systems and safeguards we can incorporate to protect ourselves and our devices. Links: Learn more about CEJ Technologies: 395 Daniel Webster Highway, Merrimack, NH CEJ Technologies Contact Chris or his team at: 603-424-3117 Check out TCU University for financial education tips and resources! Follow us on Facebook, Instagram and Twitter! Learn more about Triangle Credit Union
Lex interviews Arun Kumar, the CTO of Socure, an identity management and risk assessment company. In this exciting episode, Arun touches on: (1) his experience building large-scale, high-throughput, and low-latency systems at companies like Amazon and Citadel, and how he applies that expertise to the identity verification and fraud detection challenges at Socure. (2) Socure's rapid growth, serving over 2,700 customers including 9 of the top 10 U.S. banks and over 30 state agencies, processing hundreds of millions of transactions per month. (3) Socure's approach to building a real-time identity graph by aggregating signals from devices, phone numbers, IPs, and other data points to detect and prevent sophisticated fraud tactics like deepfakes and fraud GPTs. (4) The company's recent acquisition of Effectiv to simplify the integration process for customers and improve efficiency, as well as its use of Generative AI to automate various tasks. Lastly, (5) Socure's future plans to expand beyond account opening and login into transaction monitoring, as well as exploring opportunities in the growing embedded finance and digital identity spaces. MENTIONED IN THE CONVERSATION Topics: Socure, Effectiv, Citadel, Amazon, Identity management, digital identity, generative AI, deepfakes, fraud prevention, machine learning, identity verification ABOUT THE FINTECH BLUEPRINT
On today's show, we explore electronic surveillance and privacy concerns under the new Trump presidency. We'll be in conversation with India McKinney, the Director of Federal Affairs with the Electronic Frontier Foundation, the leading nonprofit organization defending civil liberties in the digital world. Read the EFF's memo to the federal government outlining technology and surveillance concerns: https://www.eff.org/press/releases/eff-sends-transition-memo-digital-policy-priorities-new-administration-and-congress — Subscribe to this podcast: https://plinkhq.com/i/1637968343?to=page Get in touch: lawanddisorder@kpfa.org Follow us on socials @LawAndDis: https://twitter.com/LawAndDis; https://www.instagram.com/lawanddis/ The post Digital Security Concerns Under Trump w/ EFF's India McKinney appeared first on KPFA.
Richard Chasdi discusses his book “Corporate Security Crossroads” and how to respond to corporate terrorism and cyber-threats. Richard is professor and associate director of the Center for Complex and Strategic Decisions at Walsh College. He serves on the editorial board of Armed Forces & Society and Perspectives on Terrorism. He received his master's from Boston College and his doctorate in political science from Purdue. Listen for three action items you can use today. Host, Kevin Craine Do you want to be a guest? DigitalTransformationPodcast.net/guest Do you want to be a sponsor? DigitalTransformationPodcast.net/sponsor
Let's get digital! Michelle shares tips for keeping your digital accounts safe. Tune in for important advice about password protection, avoiding scams, and maintaining digital privacy. It's all about protecting data and peace of mind. What's your digital resolution this year? We'd love to hear it! If you dig our flavors, be sure to subscribe and share. That helps us out! Connect with Michelle on LinkedIn: linkedin.com/in/michelledattilio Learn more about sōsh! Visit our website and reach out at: getsosh.com Meet us here next week for another pot of Social Soup!
Send us a textThis week on Haunt Weekly, we're talking about digital security and what you can do to ensure that you and your haunt are safe from professional hackers and drunken customers alike.Haunts are in an unusual place when it comes to digital security. They are very exposed but, as small businesses, don't usually have the expertise or the manpower to lock things down.Fortunately, we're here to help with a few simple things you can do to improve your digital security.This Week's Episode Includes:1. Intro2. Housekeeping3. Question of the Week4. Conference Reminders5. How I Drunkenly Sabotaged a Bar's TVs6. 5 Areas of Cybersecurity Concern7. ConclusionsAll in all, this is one episode that you do NOT want to miss!Get in Touch and Follow Us!Facebook: @HauntWeeklyTwitter: @HauntWeeklyYouTube: @HauntWeeklyEmail: info@hauntweekly.com
Three Buddy Problem - Episode 26: We dive deep into the shadowy world of surveillance and cyber operations, unpacking Amnesty International's explosive report on NoviSpy, a previously unknown Android implant used against Serbian activists, and the links to Israeli forensics software vendor Cellebrite. Plus, thoughts on the US government's controversial guidance on VPNs, Chinese reports on US intel agency hacking, TP-Link sanctions chatter, Mossad's dramatic exploding beeper operation and the ethical, legal, and security implications of escalating cyber-deterrence. Also, a mysterious BeyondTrust 0-day! Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).
What is the probability of our existence? Neil deGrasse Tyson and cohosts Chuck Nice and Gary O'Reilly learn about the probabilities all around us, the idea of risk, and how they factor into our own security in the digital age with cybersecurity expert Alex Cosoi.NOTE: StarTalk+ Patrons can listen to this entire episode commercial-free here: https://startalkmedia.com/show/the-power-of-probability-with-alex-cosoi/Thanks to our Patrons Ben Jackson, James Hall, XYZ, Rick Reyes, Brian Gilstrap, Jeffrey Silva, Simon Schwartz, Lori Thomas, Sally Sapp, Alberto.p, Kenneth W Miller, Richard Hart, Patience, Brent Fraliex, 4 Light Years Away, Michele Raiola, Tess Gleason, Connie Schreiber, Metthew Tucker, Hickory Ogle, and Aldeeep for supporting us this week. Subscribe to SiriusXM Podcasts+ on Apple Podcasts to listen to new episodes ad-free and a whole week early.
What if your brainwaves could unlock doors, sign documents, and protect your most sensitive information without ever touching a keypad or fingerprint scanner? Welcome to a mind-bending episode of Neurocareers: Doing the Impossible! hosted by me, Milena Korostenskaja, a neurocareers coach and your guide into the world of neurotech! Today, I'm delighted to interview Violeta Tulceanu, a pioneering researcher from KU Leuven, Belgium, who stands at the forefront of brainwave authentication and neurotechnology security. In this episode, we dive deep into a world where your thoughts could become the next frontier in cybersecurity. But here's the kicker: what if your brain password revealed more than your identity? What if it exposed secrets about your emotions, health, or mental state? The stakes are incredibly high, and Violeta is here to unravel the fascinating—and complex—possibilities of using the human mind as a digital signature. Together, we'll discuss the career challenges she's encountered in this cutting-edge field, explore the ethical dilemmas of mind security, and tackle the technological hurdles of making brainwave authentication reliable and secure. Violeta will also share her insights into the evolving world of neuroethics and the philosophical questions that arise when we treat thoughts as credentials. Prepare to be amazed and maybe slightly unsettled as we journey into the thrilling—and sometimes unnerving—future of brain-computer interfaces and digital security. Tune in to Neurocareers: Doing the Impossible! Join us as we unlock the secrets of the mind with Violeta Tulceanu! This episode is a must-listen for anyone curious about the ever-evolving intersection of neuroscience, technology, and cybersecurity. About the Podcast Guest: Affiliation: Violeta Tulceanu is a doctoral researcher at KU Leuven, in the Computer Security and Industrial Cryptography (COSIC) department, working under the supervision of prof. Bart Preneel. KU Leuven, ESAT/COSIC, Kasteelpark Arenberg 10, bus 2452, B-3001 Leuven-Heverlee, Belgium. Violeta has a cryptography, neuroscience, AI background, and a dash of philosophy. Her research focuses on brainwave authentication, decoding and formally modeling thoughts, emotions, and cognitive processes, security of neurotechnologies and neurorights, pre-clinical diagnosis and monitoring of the collective mind, the applications of neurotechnologies in state security, the role of neurosemantics and neurotech in group 'war games,' creating dissent, rebellion and establishing or challenging the legitimacy of leadership. Also, she has an interest in brain-to-brain communications. If you are interested in collaboration, I look forward to hearing from you! Contact information: vtulcean@esat.kuleuven.be Job opening for master student: https://www.ntxl.org/positions/microcontroller-expert---medtronic About the Podcast Host: The Neurocareers podcast is brought to you by The Institute of Neuroapproaches (https://www.neuroapproaches.org/) and its founder, Milena Korostenskaja, Ph.D. (Dr. K), a career coach for people in neuroscience and neurotechnologies. As a professional coach with a background in neurotech and Brain-Computer Interfaces, Dr. K understands the unique challenges and opportunities job applicants face in this field and can provide personalized coaching and support to help you succeed. Here's what you'll get with one-on-one coaching sessions from Dr. K: Identification and pursuit of career goals Guidance on job search strategies, resume, and cover letter development Neurotech / neuroscience job interview preparation and practice Networking strategies to connect with professionals in the field of neuroscience and neurotechnologies Ongoing support and guidance to help you stay on track and achieve your goals You can always schedule a free neurocareer consultation/coaching session with Dr. K at https://neuroapproaches.as.me/free-neurocareer-consultation Subscribe to our Nerocareers Newsletter to stay on top of all our cool neurocareers news at updates https://www.neuroapproaches.org/neurocareers-news © 2024 Neurocareers: Doing the Impossible! All rights reserved.
Guest: Akash Mittal, CISO, Group Security, Sumitomo Forestry AustraliaOn LinkedIn | https://www.linkedin.com/in/akashgmittal/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesWelcome to Melbourne for AU Cyber Con 2024From November 26th to 28th, Melbourne will transform into the epicenter of cybersecurity as it hosts AU Cyber Con 2024. Organized by the Australian Information Security Association (AISA), the conference brings a diverse lineup of global thought leaders and innovators to the stage, all focused on shaping the next wave of cybersecurity.Conference Highlights and ThemeThe theme, "The Future is Now," reflects the urgent need for organizations and individuals alike to adapt to our rapidly changing digital landscape. Over three days, the event will feature 440+ speakers and 350 sessions, offering a deep dive into the intersection of cybersecurity, society, and technology.Engage with Industry LeadersThis year's lineup includes top voices in cybersecurity and beyond, like former Facebook CSO Joe Sullivan, astronaut Jose Hernandez, and security icon Mikko Hypponen. With appearances from cultural figures such as actor Kal Penn, the event will highlight the broader societal impact of cybersecurity, demonstrating how it affects everything from the arts to government policy.Interactive Villages and Hands-On WorkshopsAU Cyber Con goes beyond the stage with interactive villages like the Careers Village, Lockpicking Village, and AI Village. Here, attendees can gain hands-on experience with everything from physical security tools to AI applications and prompt injections. For those interested in personal brand-building, industry insights, or getting into the nuts and bolts of cybersecurity, these workshops offer something for everyone.Spotlight on Sponsors and ExhibitorsWith support from over 150 exhibitors, the event provides a unique opportunity for attendees to connect with leading companies and uncover the latest in cybersecurity tech. For exhibitors, it's a valuable chance to meet professionals tackling real-world cybersecurity challenges head-on.Fostering Global CollaborationAU Cyber Con 2024 emphasizes the need for global teamwork to advance cybersecurity. Government representatives and international delegates will discuss strategic initiatives and regulatory advancements to strengthen cyber resilience. This gathering is the perfect platform to build connections, share ideas, and work toward a unified digital security future.Looking Ahead: Coverage from ITSPmagazineSean Martin and Marco Ciappelli will be covering AU Cyber Con in real time. Join us for pre-event discussions, live updates, and post-event insights—all crafted to keep you connected to the latest innovations and collaborations shaping the future of cybersecurity.____________________________This Episode's SponsorsTHREATLOCKER: https://itspm.ag/threatlocker-r974____________________________Learn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________ResourcesLearn more about HITRUST Collaborate 2024 and register for the conference: https://itspm.ag/asia24Learn more about and hear more stories from HITRUST: https://www.itspmagazine.com/directory/hitrust____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story as part of our event coverage?Learn More
The Mint Condition: NFT and Digital Collectibles Entertainment
In this byte-sized episode of Mid Mic Daily Bite, AI versions of hosts Bunchu and Chamber dive into the wild story of a ByteDance intern allegedly sabotaging the company's AI model training. They explore the implications for AI security, ethics, and the future of tech giants. From the unexpected risks posed by internal actors to the potential fallout of such breaches, the discussion takes a deep dive into the vulnerabilities of modern AI development. Plus, don't miss the debut of the new segment, AI Security Theater, where the hosts humorously reimagine the breach in a "Choose Your Own Adventure" style. Prepare for tech thrills, laughs, and some serious questions about AI safety! Follow Us:Website: https://midmiccrisis.com/ YouTube: https://www.youtube.com/@midmiccrisisInstagram: https://www.instagram.com/midmiccrisis/?hl=enTikTok: https://www.tiktok.com/@mid.mic.crisis?lang=enTwitter: https://twitter.com/MidMicCrisisNewsletter: https://mid-mic-crisis-newsletter.beehiiv.com/subscribeMMC Push Pass: https://ks-pages-119byl.web.app/pass/66db3c111db9a79db7fdaafeFireBrain AI: https://www.skool.com/firebrainPowered by @dGenNetworkWebsite: https://dgen.network/Support the show
In an era where digital threats are more pervasive than ever, the title industry is no stranger to these risks. So, Genady Vishnevetsky is on the show to share the latest tactics cybercriminals use to infiltrate title companies and the strategies to ensure your clients' sensitive data remains impenetrable. Arm yourself with the knowledge and tools to outsmart the hackers and safeguard your business in the face of relentless cyber threats by tuning in! What you'll learn from this episode Benefits of moving from local servers to cloud-based systems for your business Top cybersecurity threats in the title industry and what agents should do about it Reasons why you should implement Multi-Factor Authentication (MFA) across all systems The value of continuous, tailored, and role-specific cybersecurity training programs for your employees How to create a cybersecurity incident response plan and why your company should have one Resources mentioned in this episode Open Forum - American Land Title Association KnowBe4® Cofense SANS Institute CISA Perplexity AI Microsoft 365 Google Suite Gmail Yahoo Mail About Genady Vishnevetsky Genady serves as CISO for Stewart Information Services Corporation, a leading provider of real estate services. As an established leader with experience in building successful security programs and developing defenses against emerging threats, Vishnevetsky leads security, governance, and compliance programs for global enterprises. He is an active, contributing member of the Cybersecurity community, a frequent speaker at security events and conferences, a security advocate, blogger, and influencer. Connect with Genady Website: Stewart LinkedIn: Genady V. Connect With Us Love what you're hearing? Don't miss an episode! Follow us on our social media channels and stay connected. Explore more on our website: www.alltechnational.com/podcast Stay updated with our newsletter: www.mochoumil.com Follow Mo on LinkedIn: Mo Choumil
Western authorities I.D. a key member of Evil Corp. A major U.S. water utility suffers a cyberattack. ODNI warns of influence campaigns targeting presidential and congressional races. A California deepfakes law gets blocked. Europol leads a global effort against human trafficking. Trinity ransomware targets the healthcare industry. Qualcomm patches a critical zero-day in its DSP service. ADT discloses a breach of encrypted employee data. North Korean hackers use stealthy Powershell exploits. On our Threat Vector segment, David Moulton and his guests tackle the pressing challenges of securing Operational Technology (OT) environments. Machine Learning pioneers win the Nobel Prize. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment In this segment of Threat Vector, David Moulton, Director of Thought Leadership at Palo Alto Networks, hosts cybersecurity experts Qiang Huang Chung hwang, Palo Alto Networks VP of Product Management for Cloud Delivered Security Services, and Michela Menting, Senior Research Director in Digital Security at ABI Research, discuss the pressing challenges of securing Operational Technology (OT) environments. Join us each Thursday for a new episode of Threat Vector on the N2K CyberWire network. To hear David, Michela and Qiang's full discussion, check it out here. Selected Reading Police unmask Aleksandr Ryzhenkov as Evil Corp member and LockBit affiliate (The Record) American Water, the largest water utility in US, is targeted by a cyberattack (Associated Press) US Warns of Foreign Interference in Congressional Races (Infosecurity Magazine) US Judge Blocks California's Law Curbing Election Deepfakes (BankInfo Security) Global Police Track Human Traffickers in Online Crackdown (Infosecurity Magazine) Recently spotted Trinity ransomware spurs federal warning to healthcare industry (The Record) Qualcomm patches high-severity zero-day exploited in attacks (Bleeping Computer) ADT says hacker stole encrypted internal employee data after compromising business partner (The Record) North Korean Hackers Employ PowerShell-Based Malware With Serious Evasion Techniques (Cyber Security News) ‘Godfather of AI' shares Nobel Prize in physics for work on machine learning (CNN) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this episode, Mark Ledlow is joined by Brittany Galli, a leading figure in the security industry with a notable focus on promoting women in security, and a C-Suite Advisor & Strategist at BFG Ventures. They discuss a range of topics essential to security and executive protection. They discuss the role of AI in transforming security operations, including the potential of AI-generated intelligence reports. The dialogue covers the current economic climate, including inflation, corporate layoffs, and the financial strain on middle-class families, and relates these issues back to security concerns. They also touch upon geopolitical threats, such as China's global economic strategy, and the importance of long-term planning for national security. The episode concludes with reflections on upcoming elections, their impact on security, and preparations being made by the executive protection industry. Lastly, Mark highlights the Women in Security gala event in Orlando and encourages listeners to show their support. Enjoy an insightful conversation packed with expert analysis and forward-thinking perspectives.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSAI Implementation in Security: AI has the potential to significantly streamline security operations, enabling faster and more accurate threat assessments.Impact on Jobs: AI will modify the role of intel analysts, making it more strategic rather than simply data-gathering.Human Trafficking Concerns: There's a focus on leveraging technology and global-scale databases to combat and track human trafficking more effectively.Economic Challenges: Inflation and cost of living have put middle and lower-class families under significant financial pressure.Election Preparedness: Companies in the security sector are preparing for the potential chaos surrounding upcoming elections, with emphasis on maintaining operational readiness and budget management.Residential Security Spike: Increased nervousness and referrals have led to a spike in demand for residential security services.Global Economic Strategies: There's a critical need for long-term planning and strategic economic policies in the U.S. to address national debt and future financial stability.Corporate Budget Cuts: Many companies are cutting budgets, including security spending, due to economic pressures and missed earnings.Networking in Security: Emphasized the importance of connections and referrals within the industry for business growth and stability.QUOTES"AI will make us finally catch up technologically where other industries have already excelled for years." - Brittany Galli"Technology creates efficiencies for humans to use, spending less time on data gathering." - Brittany Galli"Security, we can only go up from where we are and we just need to jump generations in software." - Brittany Galli"Human trafficking is not slowing down. It's like a trillion-dollar business." - Mark Ledlow"Chaos is an opportunity, unfortunately." - Mark Ledlow"When large Fortune 100s start missing their earnings, that's when inflation finally caught up." - Brittany GalliGet to know more about Brittany Galli:LinkedIn: https://www.linkedin.com/in/brittanygalli/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.
Welcome to another insightful episode of the Inner Edison Podcast! In this week's episode, Ed sits down with serial entrepreneur Colin Sanburg to discuss the critical importance of securing both personal and business information in today's digital age.