POPULARITY
Categories
In this episode of 'Cybersecurity Today: Our Month in Review,' host Jim welcomes a panel including Tammy Harper from Flair, Laura Payne from White Tuque, and David Shipley, CEO of Beauceron Securities. The discussion kicks off with an overview of their plans for Cybersecurity Month, including reviving the MapleSEC show and the CIO of the Year awards. David shares his experiences at SECTOR, Canada's largest cybersecurity conference, discussing the importance of security awareness training and the risks of irresponsible tech journalism on public perception. The panel also delves into the resurgence of the Clop ransomware group, their shift to data extortion, and their exploitation of vulnerabilities in Oracle EBS applications. Laura highlights a concerning case of insider threats at RBC, emphasizing the importance of process-driven controls. The episode also touches on the human side of cybersecurity, particularly the impact of romance scams and the growing violence in cybercrime. The panelists underscore the need for improved security awareness and the role of AI in identifying scams. Tammy, Laura, and David conclude by discussing the role of insider threats and the ethical boundaries in cybercrime, sharing insights from recent real-world cases. 00:00 Introduction and Panelist Introductions 00:43 Cybersecurity Month Initiatives 02:46 Security Awareness and Phishing Training 04:03 Impact of Irresponsible Tech Journalism 08:27 AI and Cybersecurity: Hype vs. Reality 10:43 Conference Experiences and Networking 18:33 Clop Ransomware and Data Extortion 23:45 Tammy's Insights on Clop's Tactics 24:58 Scattered Lasus and Cyber Warfare 26:32 Media Savvy Cybercriminals 31:36 Human Impact of Cyber Scams 37:17 Insider Threats and Security Awareness 43:21 Physical Security and Cyber Threats 48:33 Cybercrime Targeting Children 50:58 Conclusion and Upcoming Topics
In this insightful episode of The Future of ERP, Ryan Throop from IBM joins hosts Richard Howells and Oyku Ilgar to explore the critical role of cybersecurity in the cloud ERP landscape. As businesses move from traditional on-premise solutions to cloud-centric environments, cybersecurity challenges grow more complex. Ryan shares how AI-driven threat detection and shared security models empower organizations to protect sensitive data while boosting operational efficiency. Listener takeaways include the importance of security awareness training, the evolving role of AI in security operations, and the growing emphasis on integrating ERP systems into broader identity governance frameworks. With compelling insights on managing insider threats, third-party risks, and emerging technologies, this episode is a must-hear for any business leader or IT professional focused on digital transformation success. Stay secure, stay innovative, and join the conversation!
Trigger warning: This episode includes discussion of suicide in the context of researching measurable predictive indicators and the lack thereof in the context of cyber. Episode NotesDr Caputo's path from social psychology to applied security, including intelligence analysis and building a behavioural-science team at MITRE.What MITRE is: a not-for-profit operating six federally funded R&D centres that provide independent, public-interest research alongside government.Why early “indicator” hunting on endpoints often chased the last bad case; shifting to experiments and known-bad/created-bad data to learn patterns of behaviour change.The LinkedIn recruiter field experiment: ethically approved creation of recruiter personas, staged outreach in three messages, and follow-up interviews to understand reporting barriers.What user-activity monitoring can and cannot tell you; the role of human judgement and programme design.Insider-risk is not only “malicious users”: designing programmes for negligent, mistaken or outsmarted behaviours as well.Current lines of work include improving employee recognition and reporting of malicious elicitations and exploring whether insider-risk telemetry offers early signals of suicide risk.Why multidisciplinary teams beat solo efforts in insider-risk operations.About our guest:Dr. Deanna D. Caputo MITRE Insider Threat Research & Solutions profile: https://insiderthreat.mitre.org/dr-caputo/ LinkedIn: https://www.linkedin.com/in/dr-deanna-d-caputoPapers or resources mentioned in this episode:Caputo, D. D. (2024). Employee risk recognition and reporting of malicious elicitations: Longitudinal improvement with new skills-based training. Frontiers in Psychology. https://www.frontiersin.org/journals/psychology/articles/10.3389/fpsyg.2024.1410426/full MITRE Insider Threat Research & Solutions. (2025). Suicide risk and insider-risk telemetry overview. https://insiderthreat.mitre.org/suicide-risk/ MITRE. (2024). Managing insider threats is a team sport. https://www.mitre.org/news-insights/impact-story/managing-insider-threats-team-sport MITRE Insider Threat Research & Solutions. (2024). Capability overview two-pager (PDF). https://insiderthreat.mitre.org/wp-content/uploads/2024/06/MITREInTResearchSolutions-CapabilityTwoPager-24-0659_2024-02-01.pdf MITRE Insider Threat Research & Solutions. (2024). Insider Threat Behavioural Risk Framework two-pager (PDF). https://insiderthreat.mitre.org/wp-content/uploads/2024/06/MITREInTResearchSolutions-InTFramework_TwoPager-24-0674_2024-03-18.pdf
In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• TribalNet 2025: Cybersecurity Is Central to IT Modernization for Tribes • Cyberattacks remain big threat for tribes: survey • CISA to furlough 65% of staff if government shuts down this week• Cyber shutdown showdownMain Topics:Domestic Hostile Events:• Deadly attack on Michigan church leaves investigators searching for motive• Michigan church shooter was Marine veteran who White House official says "hated people of the Mormon faith"• Update from FBI Detroit on Shooting and Fire at a Michigan Church• Michigan church shooting suspect went on anti-LDS tirade, political candidate said• Armed man busted after plowing car through police barricade outside Michigan church day after deadly shooting, blaze• Iraq War veteran Thomas Sanford ID'd as gunman who attacked Grand Blanc LDS church, killing 4 and setting it ablaze• What we know about Michigan church shooter Thomas Sanford. Authorities have provided no motive for the attack.• Who is Michigan church attacker Thomas Jacob Sanford: Iraq war vet 'suffered from PTSD' and wore 'Make Liberals Cry Again' shirt• A List of Notable Shooting Attacks on Houses of Worship in the US in the Past 20 Years• Marine veteran in custody after 3 killed, at least 8 injured in shooting at a waterfront bar in North Carolina, officials say & Southport mass shooting: Suspect identified in gunfire from boat that killed 3, injured 8, officials say• Eagle Pass casino shooting: 2 killed, 5 hurt; suspect in custody, authorities say & Two dead, six hurt in shooting at Texas tribal casino; suspect in custodyRansomware• 'You'll never need to work again': Criminals offer reporter money to hack BBC• Co-op says cyber-attack cost it £206m in lost sales Quick Hits:• CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices• Threat Insights: Active Exploitation of Cisco ASA Zero Days • CISA - SonicWall Releases Advisory for Customers after Security Incident• Widespread Supply Chain Compromise Impacting npm Ecosystem• Russia dares NATO to shoot • New Kremlin-Linked Influence Campaign Targeting Moldovan Elections Draws 17 Million Views on X and Infects AI Models• Bot Networks Are Helping Drag Consumer Brands Into the Culture Wars• Outrage Cycle: Cracker Barrel and its CEO Targeted Amidst Logo Controversy• CISA Releases Advisory on Lessons Learned from an Incident Response Engagement• Helping OT Organizations to Establish Defensible Architecture and More Resilient Operations• Designating Antifa as a Domestic Terrorist Organization• Fact Sheet: President Donald J. Trump Designates Antifa as a Domestic Terrorist Organization• Ranking Member Thompson Statement on Trump Incorrectly Designating ‘Antifa' as a Domestic Terrorism Organization• DHS Issues Statement on Targeted Attack on Dallas ICE Facility3 people shot at Dallas ICE field office: ICE official • Trump Says He Is Ordering Troops to Portland, Escalating Domestic Use of Military• Trump Says He's Sending Troops To ‘War Ravaged' America City — Authorizes ‘Full Force'• Pentagon calls up 200 National Guard troops after Trump Portland announcement• Oregon leaders object to Trump's deployment of 200 National Guard troops in the state• Feds march into downtown Chicago; top border agent says people are arrested based on ‘how they look'• ICE tactics inflame tensions in New York, Chicago and other cities• Shane Tamura, gunman in shooting at NFL headquarters, had CTE: Medical examiner
See omnystudio.com/listener for privacy information.
Cybersecurity isn't just about firewalls and passwords anymore. It's an all-out battle where hackers run businesses with customer support desks, insider threats can be disguised as your newest hire, and artificial intelligence is both the weapon and the shield. In this special episode of IT Visionaries, host Chris Brandt switches roles and sits in the hot seat while Lacey Peace, host of Experts of Experience, interviews him about the three biggest cyber threats IT leaders must prepare for in 2025. From the rise of ransomware-as-a-service to North Korean nationals infiltrating U.S. companies, and AI reshaping the entire security landscape, Chris reveals what's really happening behind the scenes of today's most dangerous attacks. With stories from his career building high-security facilities — including an EMP-shielded data center buried under a mountain — Chris shares the lessons that every business leader needs to hear about resilience, recovery, and why it's no longer a matter of “if” but “when.” Don't miss this candid and eye-opening conversation. Watch the full episode now and learn how to protect your organization before it's too late. Key Moments: 00:00: Lacey Peace Interviews Chris Brandt04:45 Cyber Extortion and Ransomware08:17 Supply Chain Attacks18:20 Creating an Isolated Recovery Environment20:08 Threat Number Two: IT Worker Attacks22:14 The Rise of Phishing Attacks27:26 The Evolution of Social Engineering30:19 The Role of AI in Cybersecurity33:01 Challenges in Reporting Cyber Incidents33:46 The Complexity of Cyber Incident Recovery34:45 The Role of Governments in Cybersecurity -- This episode of IT Visionaries is brought to you by Meter - the company building better networks. Businesses today are frustrated with outdated providers, rigid pricing, and fragmented tools. Meter changes that with a single integrated solution that covers everything wired, wireless, and even cellular networking. They design the hardware, write the firmware, build the software, and manage it all so your team doesn't have to. That means you get fast, secure, and scalable connectivity without the complexity of juggling multiple providers. Thanks to meter for sponsoring. Go to meter.com/itv to book a demo.---Mission.org is a media studio producing content alongside world-class clients. Learn more at mission.org Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
Kim Sutherland has 14 different email addresses. She doesn't suggest you do the same, but she does think a lot about fraud in her job as the Global Head of Fraud & Identity at LexisNexis Risk Solutions. As a follow-up to the last episode, Caleb and Kim discuss the various dimensions and the growing prevalence of reward point / loyalty fraud. SponsorsRoutable - http://ohmyfraud.promo/routable(00:00) - Introduction and CPE Opportunity (00:26) - Meet Kimberly Sutherland from LexisNexis (01:43) - Listener Reviews and Feedback (04:07) - Conversation with Kimberly Sutherland Begins (06:06) - Understanding Loyalty Points and Fraud (22:13) - Synthetic Identity Fraud (29:57) - Insider Threats in Loyalty Programs (32:26) - Imagining Fraud to Prevent It (34:39) - Detection and Prevention Strategies (36:20) - Understanding Digital Risk (42:45) - Fraud Databases and Shared Intelligence (45:24) - Responding to Fraud Incidents (53:57) - The Role of Government in Fraud Prevention (59:49) - Future of Fraud and Prevention Technologies (01:02:01) - Ongoing Challenges in Identity Verification (01:03:39) - Conclusion and Credits HOW TO EARN FREE CPEIn less than 10 minutes, you can earn NASBA-approved accounting CPE after listening to this episode. Download our mobile app, sign up, and look for the Oh My Fraud channel. Register for the course, complete a short quiz, and get your CPE certificate.https://www.earmark.app/Download the app:Apple: https://apps.apple.com/us/app/earmark-cpe/id1562599728Android: https://play.google.com/store/apps/details?id=com.earmarkcpe.appLearn More About LexisNexishttps://risk.lexisnexis.com/ CONNECT WITH KIMLinkedIn: https://www.linkedin.com/in/ksutherland365 CONNECT WITH CALEBLinkedIn: https://www.linkedin.com/in/calebnewquist/Email us at ohmyfraud@earmarkcpe.com
Summary In this episode of Chattinn Cyber, Marc Schein is chattin' with Devon Ackerman, a highly respected figure in the digital forensics and incident response (DFIR) community. Devon shares his background, starting from his upbringing in upstate New York, moving to Georgia, and how a chance encounter with an article about digital forensics at Champlain College sparked his interest in the field. He explains his early career in IT and web design during the dot-com boom, and how his curiosity and passion for troubleshooting led him to pursue digital forensics as a career. Devon elaborates on the core concepts of digital forensics and incident response, describing digital forensics as the scientific discipline of preserving, validating, and interpreting digital data, often for legal purposes. Incident response builds on this foundation by focusing on reacting to cyber incidents, preserving evidence, and supporting organizations during and after attacks. He recounts his FBI career, highlighting a significant case involving espionage where a trusted insider stole sensitive data for a foreign government, demonstrating the real-world impact and importance of DFIR work. The conversation shifts to emerging cyber threats and the evolving landscape of cyber risk. Devon emphasizes that threat actors are highly motivated, whether financially or politically, and continuously adapt to stay ahead of defenders. He discusses the widespread availability of offensive cyber capabilities among nation-states and criminal groups, and how geopolitical tensions can influence cyber activity. The discussion also touches on the role of AI in cybersecurity, acknowledging its potential benefits but warning about risks related to rapid adoption without adequate security controls. Devon addresses the insider threat, distinguishing between malicious insiders and those who pose risks unintentionally through mistakes or misconfigurations. He stresses that human factors remain a critical vulnerability in cybersecurity, as trusted employees can inadvertently expose sensitive data. He offers advice for newcomers to the DFIR field, encouraging a mindset of continuous learning, experimentation, and resilience in the face of failure, noting the complexity and ever-changing nature of digital forensics. Finally, Devon describes his current role at Cybereason, a cybersecurity company known for its endpoint detection and response technology. He explains how Cybereason has expanded its services to include both proactive advisory and reactive incident response capabilities, supporting clients globally across the entire cyber risk lifecycle. He provides contact information for listeners interested in learning more or engaging their services, and the episode concludes with Marc thanking Devon for sharing his insights and experiences. Key Points 1. Career Path to Digital Forensics: Devon's journey from IT and web design to becoming a leading expert in digital forensics and incident response, sparked by early exposure to the field and a passion for troubleshooting. 2. Definition and Scope of DFIR: Explanation of digital forensics as a scientific discipline and incident response as the reactive process to cyber incidents, including their importance in legal and investigative contexts. 3. Notable FBI Case: A detailed recount of a high-profile espionage investigation involving insider theft of sensitive data, illustrating the practical application and impact of DFIR work. 4. Evolving Cyber Threat Landscape: Discussion on the motivations and capabilities of threat actors, the proliferation of offensive cyber tools among nation-states and criminals, and the influence of geopolitical factors. 5. Insider Threat and Human Factor: Insight into insider threats, both malicious and accidental, emphasizing the ongoing risk posed by human error and the need for vigilance and security awareness. Key Quotes 1.
Insider threats represent one of the most dangerous cybersecurity risks facing organizations today - and they're way more common than you think. In this episode of The Backup Wrap-up, we explore the three main types of insider threats: compromised employees who get extorted or have their credentials stolen, disgruntled workers who want revenge after getting fired, and outside attackers who infiltrate your company to become malicious insiders. We break down real-world scenarios and discuss how to protect against them using least privilege principles, monitoring systems, and immutable backups. You'll learn why 31% of insider threat incidents could have been prevented if someone had spoken up, and why immutable backups are your last line of defense when an insider goes rogue. This is a must-listen for anyone responsible for data protection and cybersecurity.
Dang whippersnappers
In dieser Folge richten Charline und Christian den Blick nach innen: Insider Threats – Bedrohungen, die nicht von außen, sondern aus den eigenen Reihen entstehen. Was passiert, wenn Mitarbeitende, Partner oder ehemalige Beschäftigte zur Schwachstelle werden – bewusst oder unbewusst? Sie sprechen über reale Fälle von Insider-Angriffen, darunter Datendiebstahl, Sabotage und Racheakte, und beleuchten die zugrunde liegenden psychologischen Motive: von Frustration über Gier bis hin zu Vergeltung nach einer Kündigung. Außerdem geht es darum, wie technische und organisatorische Maßnahmen wie klare Zugriffsrechte, Zero-Trust-Prinzipien oder sauberes Offboarding helfen können, Risiken zu minimieren. Besonders spannend: Wie kann man die Gefahr frühzeitig erkennen, welche Rolle spielt die Unternehmenskultur – und wie lassen sich Mitarbeitende schützen, ohne sie unter Generalverdacht zu stellen? Ein Fünf-Schritte-Plan von Alexander Ingelheim (CEO, datenschutzexperte.de) gibt konkrete Handlungsempfehlungen für Unternehmen. Hier geht es zur Folge mit Alexnder Ingelheim: https://open.spotify.com/episode/59O2O39pe3u8PyUPZ1Hvku?si=001bec78950a4f5a MIt O-Tönen von: Alexander Ingelheim (CEO - datenschutzexperte.de) Du möchtest mehr über SoSafe erfahren? Dann schau hier vorbei: https://linktr.ee/humanfirewallpodcast Du hast Ideen, Anregungen, Fragen oder möchtest selbst zu Gast im Human Firewall Podcast sein? Dann schreib uns unter podcast@sosafe.de
In this episode, Jason Kikta discusses the critical relationship between IT and security, emphasizing that great security begins with a solid IT foundation. He explores the importance of establishing a baseline for normalcy, the role of user safety in preventing security breaches, and the need to understand insider threats. Jason concludes with discussing the 'big three' of cybersecurity, which are: Network Inventory: Knowing what's on your network is crucial. This involves having a comprehensive inventory of all devices and systems connected to the network.Configuration and Patching: Keeping systems configured correctly and up-to-date with patches is essential to prevent vulnerabilities that could be exploited by malicious actors.Identity and Authentication Protection: Ensuring robust identity and authentication measures are in place to protect against unauthorized access and maintain the integrity of user accounts.This episode originally aired October 10, 2024
In this episode of Security Matters, host David Puner speaks with Andy Parsons, CyberArk's Director of EMEA Financial Services and Insurance, whose career spans from the British Army to CISO and CTO roles in global financial institutions. Andy shares hard-earned lessons on leadership, risk management, and the evolving cybersecurity landscape in banking—from insider threats to machine identity governance and the rise of agentic AI.Discover why “you can't secure what you can't see,” how manual processes fail at scale, and why treating machine identities as “first-class citizens” is no longer optional. Andy also explores the privileged access paradox, dynamic access management, and how AI is reshaping compliance, trading, and operational resilience.Whether you're a security leader, technologist, or financial executive, this episode offers strategic insights and practical steps to future-proof your organization in an era of accelerating digital risk.
In this episode, host Matthew Lewis, Director of Product Marketing, is joined by Don Campbell, Senior Director of Product Management, and Scott Galvin, Pre-Sales Senior Solutions Architect, for a deep dive into the evolving landscape of physical security in financial services.Together, the trio explores:Insider threat types and how to detect themThe role of visitor management in preventing social engineeringHow mobile credentials are reshaping secure accessDesigning frictionless environments that still meet regulatory demandsWhy compliance must be a team sport across cybersecurity and physical security
Raj Koo, CTO of DTEX Systems, discusses how their enterprise-grade generative AI platform detects and disarms insider threats and enables them to stay ahead of evolving risks.Topics Include:Raj Koo, CTO of DTEX Systems, joins from Adelaide to discuss insider threat detectionDTEX evolved from Adelaide startup to Bay Area headquarters, serving Fortune 500 companiesCompany specializes in understanding human behavior and intention behind insider threatsMarket shifting beyond cyber indicators to focus on behavioral analysis and detectionRecent case: US citizen sold identity to North Korean DPRK IT workersForeign entities used stolen credentials to infiltrate American companies undetectedDTEX's behavioral detection systems helped identify this sophisticated identity theft operationGenerative AI becomes double-edged sword - used by both threat actors and defendersBad actors use AI for fake resumes and deepfake interviewsDTEX uses traditional machine learning for risk modeling, GenAI for analyst interpretationGoal is empowering security analysts to work faster, not replacing human expertiseAWS GenAI Innovation Center helped develop guardrails and usage boundaries for enterpriseChallenge: enterprises must follow rules while hackers operate without ethical constraintsDTEX gains advantage through proprietary datasets unavailable to public AI modelsAWS Bedrock partnership enables private, co-located language models for data securityPrivate preview launched February 2024 with AWS Innovation Center acceleration supportSoftware leaders should prioritize privacy-by-design from day one of GenAI adoptionFuture threat: information sharing shifts from files to AI-powered data queriesMonitoring who asks what questions of AI systems becomes critical security concernDTEX contributes to OpenSearch development while building vector databases for analysisParticipants:Rajan Koo – Chief Technology Officer, DTEX SystemsFurther Links:DTEX Systems WebsiteDTEX Systems AWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
In this episode of CISO Tradecraft, host G Mark Hardy is joined by cybersecurity expert Casey Marquette to discuss effective HR and recruiting strategies for building a top-notch cybersecurity team. They dive into career development, the importance of networking, and how to navigate the challenges of hiring in cybersecurity. Casey shares his personal journey from law enforcement to becoming a leading figure in the cybersecurity world, highlighting the role of mentorship and continuous learning. The episode also covers innovative uses of AI in the hiring process and provides practical advice for both hiring managers and job seekers in the cybersecurity field. Tune in for valuable insights on how to hire the best talent and advance your career in cybersecurity. Transcripts https://docs.google.com/document/d/1c-3qy6KkQuhjuHquycQ3rRwMdSlZBfz4 Chapters 00:00 Introduction to Cybersecurity Recruitment 00:31 Guest Introduction: Casey Marquette 01:46 Casey's Career Journey 04:41 Hiring for Attitude vs. Skillset 05:30 Promoting from Within vs. Hiring Externally 07:34 Leadership and Morale 20:20 The Importance of Networking and Mentorship 22:19 AI in Recruitment 23:30 The Talent Pool and Recruitment Challenges 24:04 Introducing Scout: The AI Recruitment Tool 24:51 Security Measures in AI Recruitment 25:32 Addressing Fraudulent Candidates 26:10 Remote Hiring and Deepfake Concerns 28:52 Insider Threats and Tabletop Exercises 31:51 Enhancing Career Marketability for CISOs 37:47 Building Effective Networks and Relationships 42:04 The Importance of Specialized Recruitment 44:21 Final Thoughts and Contact Information
In this episode of CISO Tradecraft, host G Mark Hardy is joined by cybersecurity expert Casey Marquette to discuss effective HR and recruiting strategies for building a top-notch cybersecurity team. They dive into career development, the importance of networking, and how to navigate the challenges of hiring in cybersecurity. Casey shares his personal journey from law enforcement to becoming a leading figure in the cybersecurity world, highlighting the role of mentorship and continuous learning. The episode also covers innovative uses of AI in the hiring process and provides practical advice for both hiring managers and job seekers in the cybersecurity field. Tune in for valuable insights on how to hire the best talent and advance your career in cybersecurity. Transcripts https://docs.google.com/document/d/1c-3qy6KkQuhjuHquycQ3rRwMdSlZBfz4 Chapters 00:00 Introduction to Cybersecurity Recruitment 00:31 Guest Introduction: Casey Marquette 01:46 Casey's Career Journey 04:41 Hiring for Attitude vs. Skillset 05:30 Promoting from Within vs. Hiring Externally 07:34 Leadership and Morale 20:20 The Importance of Networking and Mentorship 22:19 AI in Recruitment 23:30 The Talent Pool and Recruitment Challenges 24:04 Introducing Scout: The AI Recruitment Tool 24:51 Security Measures in AI Recruitment 25:32 Addressing Fraudulent Candidates 26:10 Remote Hiring and Deepfake Concerns 28:52 Insider Threats and Tabletop Exercises 31:51 Enhancing Career Marketability for CISOs 37:47 Building Effective Networks and Relationships 42:04 The Importance of Specialized Recruitment 44:21 Final Thoughts and Contact Information
When AI systems hallucinate, run amok, or fail catastrophically, the consequences for enterprises can be devastating. In this must-watch CXOTalk episode, discover how to anticipate and prevent AI failures before they escalate into crises.Join host Michael Krigsman as he explores critical AI risk management strategies with two leading experts:• Lord Tim Clement-Jones - Member of the House of Lords, Co-Chair of UK Parliament's AI Group• Dr. David A. Bray - Chair of the Accelerator at Stimson Center, Former FCC CIOWhat you'll learn:✓ Why AI behaves unpredictably despite explicit programming✓ How to implement "pattern of life" monitoring for AI systems✓ The hidden dangers of anthropomorphizing AI✓ Essential board-level governance structures for AI deployment✓ Real-world AI failure examples and their business impact✓ Strategies for building appropriate skepticism while leveraging AI benefitsKey ideas include treating AI as "alien interactions" rather than human-like intelligence, the convergence of AI risk with cybersecurity, and why smaller companies have unique opportunities in the AI landscape.This discussion is essential viewing for CEOs, board members, CIOs, CISOs, and anyone responsible for AI strategy and risk management in their organization.Subscribe to CXOTalk for more expert insights on technology leadership and AI:
What does "secure by default" really mean—and is it enough? In this episode of CyberArk's Security Matters, host David Puner sits down with Scott Barronton, Chief Information Security Officer (CISO) at Diebold Nixdorf, to explore the often-overlooked risks of cloud default settings and how assumptions can lead to vulnerabilities.Drawing on over 25 years in cybersecurity, Scott shares how he balances product and corporate security, leads a global team, and chairs his company's AI steering committee. He discusses the importance of machine identity management, certificate automation, and building security programs that support both innovation and accountability.Plus, Scott reflects on how his passion for travel—including a group trip to Antarctica—informs his leadership style and security mindset.
Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Trent Waterhouse. Trent is the CMO of GlobalMeet, a leading virtual event technology company with a scalable, flexible, and secure hybrid event streaming platform built and supported by experienced event experts. Trent has a proven track record of driving growth and innovation with 35 years of expertise leveraging a field sales marketing model that aligns sales, marketing, and R&D to think like a customer, act like a partner, and measure success through customer satisfaction and net promoters. Built for growth, Trent's unique blend of technology understanding and B2B marketing skills have been proven to help companies grow revenue profitably, improve customer experiences, build new partnerships, and expand opportunity pipelines. [July 21, 2025] 00:00 - Intro 00:50 - Intro Links: - Social-Engineer.com - http://www.social-engineer.com/ - Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ - Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ - Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ - Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb - CLUTCH - http://www.pro-rock.com/ - innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/ 02:30 - Trent Waterhouse Intro 03:11 - Starting Out Pre-Video 04:53 - A Brave New World 08:07 - Going Public 10:21 - Rise of the DeepFakes 13:03 - Video Watermarking 15:23 - A Simple Warning Will Do 19:11 - Staying Up to Date 21:22 - Insider Threat 23:42 - Find Trent Waterhouse Online - Website: https://www.globalmeet.com/ - Instagram: https://www.instagram.com/globalmeet/ - LinkedIn: https://www.linkedin.com/in/trentonwaterhouse/ 24:44 - Book Recommendations - Pattern Breakers - Mike Maples, Jr, Peter Ziebelman 27:16 - Wrap Up & Outro - www.social-engineer.com - www.innocentlivesfoundation.org
The insider threat represents one of the most dangerous and overlooked cybersecurity challenges facing organizations today. In this episode of The Backup Wrap-up, W. Curtis Preston and Prasanna explore the three distinct types of insider threats that can devastate your organization from within.From malicious employees seeking revenge to careless workers who fall for social engineering, insider threats come in many forms. The hosts examine real-world cases including the Coinbase breach through compromised contractors, Apple's lawsuit against an employee who stole Vision Pro secrets, and the infamous logic bomb attack that destroyed an entire company's data.Learn practical strategies for implementing least privilege access, immutable backup protection, and multi-person authentication controls. Discover why 83% of companies experienced some form of insider threat attack in 2024, and get actionable advice on security training, vendor management, and incident response planning to protect your organization's most critical assets.
In this special live episode of Autonomous IT, Live! we walk through a high-stakes incident response drill that mimics a disturbingly realistic threat scenario: an attacker gains access to your internal tools — not by breaking in, but by logging in.Here's the setup: a user unknowingly reuses compromised credentials with the company's SSO provider. An attacker logs in, flies under the radar, and impersonates internal IT support using Slack, email, and calendar invites. Their goal? Convince employees to install a fake remote access tool—all while avoiding anyone likely to report suspicious behavior.Join Landon Miles, Tom Bowyer, and Ryan Braunstein as they:
In this episode of Security Heroes, host Lisa Falzone is joined by Command Sergeant Major (Retired) Bart Womack. Bart served in the US Army for nearly three decades as a professional soldier, earning numerous awards including 2 Bronze Stars and the Legion of Merit. Since retiring from his Army positions, Bart wrote a book about his experiences, joined the Board of Directors for Veterans Media Corporation, and hosts a show for the Veterans Channel. He now travels the country serving as a public speaker on situational awareness safety and security.Join them as they: * Explore the ways that schools and communities can help prevent insider threats* Emphasize the importance of situational awareness* Explain the difference between hearing and listening* Recount Bart's experience dealing with an insider threat while deployed in Kuwait* Discuss the lessons he learned from his experience* Share some tips for being proactive with security And much more!
Segment 1 - Interview with Rob Allen from Threatlocker Segment 2 - Topic: Growing Trend - Edge Computing and Hybrid Cloud Segment 3 - Interviews from RSAC 2025 Cyera Cyera is the fastest-growing data security company in history, empowering companies to classify, secure, and manage their data, wherever it is, and leverage the power of the industry's first AI native,unified Data Security Platform. Yotam Segev, Cyera's CEO sits down with CyberRisk TV at RSAC Conference 2025 to discuss Cyera's skyrocketing growth, its founding story and why an increasing number of Fortune500 companies are partnering with Cyera, and the company's latest product release: Adaptive DLP, a new AI data loss prevention solution. Recent Cyera News: Cyera Breaks World Record as the Fastest-Growing Data Security Company in History Data Security Leader Cyera Secures $300M in Series D Funding Cyera Acquires Trail Security for $162M Cyera Launches Data Incident Response Service Cyera Appoints Renowned Tech Exec Frank Slootman to Board of Directors This segment is sponsored by Cyera. Visit https://securityweekly.com/cyerarsac to learn more about them! Blumira In the evolving world of cybersecurity, the shift from a purely threat-centric mindset to a focus on operational excellence is no longer just a trend—it's a necessity. Matthew Warner, CEO and co-founder of Blumira, argues that this shift is particularly crucial for small and mid-sized businesses (SMBs) and the managed service providers (MSPs) that support them. Matthew believes that traditional SIEM and detection solutions have historically fallen short for these organizations, often due to their complexity, high cost, and steep learning curves. As a result, many SMBs have struggled to keep up with the sophistication of modern threats. Blumira was founded to change that. Matthew's vision is rooted in democratizing security—making powerful, automated detection and response tools simple, affordable, and accessible for everyone, especially those who need them most. By designing platforms that prioritize operational excellence—efficiency, usability, and actionable intelligence—Blumira enables organizations to be proactive rather than reactive. During the conversation, Matthew will share insights into the latest technologies and trends transforming the cybersecurity space, and offer actionable guidance for IT decision-makers. He'll explore how shifting strategy from chasing every alert to building a solid, efficient operational foundation can lead to better outcomes and stronger protection in the long run. Blumira Partners Blumira Launches New M365 Threat Response Feature Security should be accessible to everyone. At Blumira, we're building the future of detection and response — simple, smart, and built to empower the teams who need it most. Check out https://securityweekly.com/blumirarsac and take control of your security today. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-411
PEBCAK Podcast: Information Security News by Some All Around Good People
Welcome to this week's episode of the PEBCAK Podcast! We've got four amazing stories this week so sit back, relax, and keep being awesome! Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast Please share this podcast with someone you know! It helps us grow the podcast and we really appreciate it! DIA Insider Threat member leaked classified data https://therecord.media/defense-intelligence-agency-it-specialist-suspected-leak-foreign-government Australia ransomware victims must report payments https://therecord.media/australia-ransomware-victims-must-report-payments https://www.nomoreransom.org/en/index.html Coinbase hack tied to support contractor https://www.bleepingcomputer.com/news/security/coinbase-breach-tied-to-bribed-taskus-support-agents-in-india/ Good cybersecurity hygiene https://www.csoonline.com/article/567737/the-5-cis-controls-you-should-implement-first.html Dad Joke of the Week (DJOW) Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Ben - https://www.linkedin.com/in/benjamincorll/
Segment 1 - Interview with Rob Allen from Threatlocker Segment 2 - Topic: Growing Trend - Edge Computing and Hybrid Cloud Segment 3 - Interviews from RSAC 2025 Cyera Cyera is the fastest-growing data security company in history, empowering companies to classify, secure, and manage their data, wherever it is, and leverage the power of the industry's first AI native,unified Data Security Platform. Yotam Segev, Cyera's CEO sits down with CyberRisk TV at RSAC Conference 2025 to discuss Cyera's skyrocketing growth, its founding story and why an increasing number of Fortune500 companies are partnering with Cyera, and the company's latest product release: Adaptive DLP, a new AI data loss prevention solution. Recent Cyera News: Cyera Breaks World Record as the Fastest-Growing Data Security Company in History Data Security Leader Cyera Secures $300M in Series D Funding Cyera Acquires Trail Security for $162M Cyera Launches Data Incident Response Service Cyera Appoints Renowned Tech Exec Frank Slootman to Board of Directors This segment is sponsored by Cyera. Visit https://securityweekly.com/cyerarsac to learn more about them! Blumira In the evolving world of cybersecurity, the shift from a purely threat-centric mindset to a focus on operational excellence is no longer just a trend—it's a necessity. Matthew Warner, CEO and co-founder of Blumira, argues that this shift is particularly crucial for small and mid-sized businesses (SMBs) and the managed service providers (MSPs) that support them. Matthew believes that traditional SIEM and detection solutions have historically fallen short for these organizations, often due to their complexity, high cost, and steep learning curves. As a result, many SMBs have struggled to keep up with the sophistication of modern threats. Blumira was founded to change that. Matthew's vision is rooted in democratizing security—making powerful, automated detection and response tools simple, affordable, and accessible for everyone, especially those who need them most. By designing platforms that prioritize operational excellence—efficiency, usability, and actionable intelligence—Blumira enables organizations to be proactive rather than reactive. During the conversation, Matthew will share insights into the latest technologies and trends transforming the cybersecurity space, and offer actionable guidance for IT decision-makers. He'll explore how shifting strategy from chasing every alert to building a solid, efficient operational foundation can lead to better outcomes and stronger protection in the long run. Blumira Partners Blumira Launches New M365 Threat Response Feature Security should be accessible to everyone. At Blumira, we're building the future of detection and response — simple, smart, and built to empower the teams who need it most. Check out https://securityweekly.com/blumirarsac and take control of your security today. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-411
Segment 1 - Interview with Rob Allen from ThreatLocker This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Segment 2 - Topic: Growing Trend - Edge Computing and Hybrid Cloud Segment 3 - Interviews from RSAC 2025 Cyera Cyera is the fastest-growing data security company in history, empowering companies to classify, secure, and manage their data, wherever it is, and leverage the power of the industry's first AI native,unified Data Security Platform. Yotam Segev, Cyera's CEO sits down with CyberRisk TV at RSAC Conference 2025 to discuss Cyera's skyrocketing growth, its founding story and why an increasing number of Fortune500 companies are partnering with Cyera, and the company's latest product release: Adaptive DLP, a new AI data loss prevention solution. Recent Cyera News: Cyera Breaks World Record as the Fastest-Growing Data Security Company in History Data Security Leader Cyera Secures $300M in Series D Funding Cyera Acquires Trail Security for $162M Cyera Launches Data Incident Response Service Cyera Appoints Renowned Tech Exec Frank Slootman to Board of Directors This segment is sponsored by Cyera. Visit https://securityweekly.com/cyerarsac to learn more about them! Blumira In the evolving world of cybersecurity, the shift from a purely threat-centric mindset to a focus on operational excellence is no longer just a trend—it's a necessity. Matthew Warner, CEO and co-founder of Blumira, argues that this shift is particularly crucial for small and mid-sized businesses (SMBs) and the managed service providers (MSPs) that support them. Matthew believes that traditional SIEM and detection solutions have historically fallen short for these organizations, often due to their complexity, high cost, and steep learning curves. As a result, many SMBs have struggled to keep up with the sophistication of modern threats. Blumira was founded to change that. Matthew's vision is rooted in democratizing security—making powerful, automated detection and response tools simple, affordable, and accessible for everyone, especially those who need them most. By designing platforms that prioritize operational excellence—efficiency, usability, and actionable intelligence—Blumira enables organizations to be proactive rather than reactive. During the conversation, Matthew will share insights into the latest technologies and trends transforming the cybersecurity space, and offer actionable guidance for IT decision-makers. He'll explore how shifting strategy from chasing every alert to building a solid, efficient operational foundation can lead to better outcomes and stronger protection in the long run. Blumira Partners Blumira Launches New M365 Threat Response Feature Security should be accessible to everyone. At Blumira, we're building the future of detection and response — simple, smart, and built to empower the teams who need it most. Check out https://securityweekly.com/blumirarsac and take control of your security today. Show Notes: https://securityweekly.com/esw-411
Law Enforcement Life Coach / Sometimes Heroes Need Help Podcast
This week I had the great privilege of sitting down with NCIS retired special agent Tom Coyle. Tom has been serving in various law enforcement capacities since the 80's at the local, state, and federal levels. Tom and I discuss his career, some great assignments, and the role leadership plays in all that we do. Sit back and give this episode a listen as we dig deep into what makes leadership memorable.More about Tom:Experienced public speaker, Leadership and Security Instructor. CEO and counterintelligence/Insider Threat Thought Leader with a diverse background in complex investigations, U.S. counterintelligence operations, training (leadership and ops-related), and policy writing. Visiting Lecturer, University of Virginia, Charlottesville, VA.Experience comes as the result of service with local (Fairfax County, VA police officer), state (Indiana Gaming Commission Investigator), and Federal law enforcement (career NCIS Special Agent). Served 6+ years overseas supporting the Navy and Marine Corps, and later the Ofc of Secretary of Defense. Founder and CEO of Talon Security Solutions, LLC, located in Carmel, Indiana, I earned multiple engagements for key personnel vetting, facility vulnerability studies, and sensitive internal inquiries.At the Natl Insider Threat Task Force, I provided expert guidance, training and recommendations to multiple government agencies on the issue of Insider Threat Vulnerability and the creation of formal Insider Threat detection and mitigation programs. As the LE Advisor for the Office of the Army Provost Marshal General, I delivered policy advice to the seniors leaders within the Army MP Corps and CID.I helped to both to create and conduct formal training for Insider Threat Personnel, Program Managers and Senior Officials from over 55 government Departments and Agencies. Hired in May 2023 as Adjunct Professor, UVA Charlottesville, VA to teach Leadership to Law Enforcement - in July presented to over 40 DEA Supervisors (Special Agents, Analysts and professional Support Staff). Website: https://www.leading4life.com/leading4life0088@gmail.comThank you for taking the time to give this podcast a listen. If you would like more information on other Law enforcement Life Coach initiatives, our "Sometimes Heroes Need Help" wellness seminar or our One-On-One life coaching please visit :www.lawenforcementlifecoach.comJohn@lawenforcementlifecoach.comAnd if you would like to watch the interview you can view it in it's entirety on the Law Enforcement Life Coach YouTube Channel : https://studio.youtube.com/channel/UCib6HRqAFO08gAkZQ-B9Ajw/videos/upload?filter=%5B%5D&sort=%7B%22columnType%22%3A%22date%22%2C%22sortOrder%22%3A%22DESCENDING%22%7D
Segment 1 - Interview with Rob Allen from Threatlocker Segment 2 - Topic: Growing Trend - Edge Computing and Hybrid Cloud Segment 3 - Interviews from RSAC 2025 Cyera Cyera is the fastest-growing data security company in history, empowering companies to classify, secure, and manage their data, wherever it is, and leverage the power of the industry's first AI native,unified Data Security Platform. Yotam Segev, Cyera's CEO sits down with CyberRisk TV at RSAC Conference 2025 to discuss Cyera's skyrocketing growth, its founding story and why an increasing number of Fortune500 companies are partnering with Cyera, and the company's latest product release: Adaptive DLP, a new AI data loss prevention solution. Recent Cyera News: Cyera Breaks World Record as the Fastest-Growing Data Security Company in History Data Security Leader Cyera Secures $300M in Series D Funding Cyera Acquires Trail Security for $162M Cyera Launches Data Incident Response Service Cyera Appoints Renowned Tech Exec Frank Slootman to Board of Directors This segment is sponsored by Cyera. Visit https://securityweekly.com/cyerarsac to learn more about them! Blumira In the evolving world of cybersecurity, the shift from a purely threat-centric mindset to a focus on operational excellence is no longer just a trend—it's a necessity. Matthew Warner, CEO and co-founder of Blumira, argues that this shift is particularly crucial for small and mid-sized businesses (SMBs) and the managed service providers (MSPs) that support them. Matthew believes that traditional SIEM and detection solutions have historically fallen short for these organizations, often due to their complexity, high cost, and steep learning curves. As a result, many SMBs have struggled to keep up with the sophistication of modern threats. Blumira was founded to change that. Matthew's vision is rooted in democratizing security—making powerful, automated detection and response tools simple, affordable, and accessible for everyone, especially those who need them most. By designing platforms that prioritize operational excellence—efficiency, usability, and actionable intelligence—Blumira enables organizations to be proactive rather than reactive. During the conversation, Matthew will share insights into the latest technologies and trends transforming the cybersecurity space, and offer actionable guidance for IT decision-makers. He'll explore how shifting strategy from chasing every alert to building a solid, efficient operational foundation can lead to better outcomes and stronger protection in the long run. Blumira Partners Blumira Launches New M365 Threat Response Feature Security should be accessible to everyone. At Blumira, we're building the future of detection and response — simple, smart, and built to empower the teams who need it most. Check out https://securityweekly.com/blumirarsac and take control of your security today. Show Notes: https://securityweekly.com/esw-411
Podcast: OT Security Made SimpleEpisode: What do we need to deter insider threats? | OT Security Made SimplePub date: 2025-06-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMandana White, CEO of Smart Grid Forums, talks about the rise of insider threats to a company's cybersecurity and what it has to do with the cost-of-living crisis as well as the Western Robin Hood mentality. Diving a bit into societal psychology and politics there might even be a bit to learn from – of all places – Dubai to get IT and OT cybersecurity working in both companies and society.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
In this episode of the podcast, Ryan Williams Sr. and Shannon Tynes discuss the alarming rise in government data being sold online, the implications of poor cyber hygiene, and the complexities surrounding insider threats. They emphasize the need for better security practices and awareness to protect sensitive information in the face of increasing cyber threats. Article: Local cyber security expert seeing rise in government data for sale online https://www.gjsentinel.com/news/western_colorado/local-cyber-security-expert-seeing-rise-in-government-data-for-sale-online/article_3c6d4bc9-0c95-4317-914c-8aa70710509d.amp.html?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExVUptR1oyaThVdnpiQzdpYQEenk5NUdaEeBlBX2eN9YNt_Es4TDXtv3gz-fwWbI15kc91drgV2cz0uuTeeTI_aem__r0c41pnrrFaHj4oK4zkyA Please LISTEN
In this week's Security Sprint, Dave and Andy covered the following topics:Warm Start:· The Gate 15 Interview EP 58 – Cathy Lanier: Leading NFL Security with Attitude, Effort, Crabs and Beer· Gate 15: Test, Don't Guess: Exercising Your Response Plan· WaterISAC's H2OEx: Click Below to Register for a Location Near You! o Daytona, FL- July 28 o Los Angeles, CA- Sept 11 o Arlington, TX- Nov 6· 26th Annual TribalNet Conference & Tradeshow Main Topics: Boulder:· DOJ: Justice Department Files Federal Charges Against Alleged Perpetrator of Anti-Semitic Terror Attack in Colorado. The Justice Department has filed federal charges against illegal alien Mohammed Sabry Soliman, the alleged perpetrator of yesterday's anti-Semitic terrorist attack in Colorado… Soliman is being charged with a federal hate crime in addition to facing state charges for attempted murder in Colorado. Read the federal complaint HERE· Updates: Colorado Attack That Injured 12 Was Planned for a Year, Officials Say. The F.B.I. said in a court filing that thesuspect, an Egyptian citizen who had sought asylum in the U.S., brought more than a dozen incendiary devices to a march in support of hostages in Gaza.· Colorado suspect, now charged with federal hate crime, planned antisemitic attack for a year, FBI says· 12 burned in Boulder attack; suspect charged with federal hate crime:· Boulder terror attack suspect planned mass shooting but was stopped from buying gun due to immigration status, as he faces 624 years in prison· What We Know About the Boulder, Colorado Attack· After Several Attacks, Heightened Anxiety Among American Jews Pride Month: Trans community most targeted in anti-LGBTQ+ incidents, GLAAD data shows. Transgender and gender-nonconforming people were the target of over half of allanti-LGBTQ+ incidents tracked by GLAAD over the last year in a new report… GLAAD counted more than 930 anti-LGBTQ+ incidents from May 2024 through April 2025, 52% of which targeted transgender and gender nonconforming people, across 49 states and Washington, D.C. Insider Threat:o U.S. Government Employee Arrested for Attempting to Provide ClassifiedInformation to Foreign Government. · Intelligence agency employee accused of attempting to leak classified documents out of frustration with Trump. Ransomware! · Gate 15: Test, Don't Guess: Exercising Your Response Plan· Q1 '25 Travelers' Cyber Threat Report: Record Attack Activity· Delinea - 2025 State of Ransomware Report - Adapting with agility to a fast-changing threat landscape· FBI PIN - Silent Ransom Group Targeting Law Firms· Firm in Baltimore Archdiocese bankruptcy case says stolen data wasdeleted after cyber breach· Akira Ransomware: When Paying Isn't Enough to Stay Anonymous· The State of State-Sponsored Hacktivist Attacks Quick Hits· Ukraine launches massive drone strike on air bases deep inside Russia · Crypto Hacks in May 2025 Hit $244M, But $157M Frozen in Swift Recovery Efforts· FBI FLASH: Infrastructure Used to Manage Domains Related to Cryptocurrency Investment Fraud Scams between October 2023 and April 2025 · US DIA 2025 Threat Assessment warns of growing complexity in global threats, national security· DIA Releases 2025 Worldwide Threat Assessment: Cyber, Cartels, and Global Military Buildup Dominate Outlook· Get ready for several years of killer heat,top weather forecasters warn· America's summers keep getting warmer· North Korea Infiltrates U.S. Remote Jobs—With the Help of Everyday Americans· Tornado season 2025: active through April, andMay is keeping pace· Treasury Takes Action Against Major Cyber Scam Facilitator
Join the Kyle Seraphin Show LIVE 9:30a ET on Rumble, orfind me on Spotify for ad-free video: https://KyleSeraphinShow.com__________________________________________________Our Sponsors make this program possible:https://SLNT.com/KYLE (Save 15% off everyday Faraday bags)http://patriot-protect.com/KYLE (15% off Protecting yourself from scams/Identity theft)https://BlackoutCoffee.com/KYLE (20% off your First Order) keywords:Insider,Threat,Kash,Patel,Fox,Interview,Bongino,Epstein,FBI,Recruiting,
@LifeinBombCityPodcast sits down with (Ret.) Command Sergeant Major Bart Womack to discuss his book and upcoming movie, "Embedded Enemy." Drawing from his long service and tragic experience in March 2003, Womack shares the lessons learned and more.
LINKS: https://distrust.co/software.html - Software page with OSS software Linux distro: https://codeberg.org/stagex/stagex Milksad vulnerability: https://milksad.info/ In this episode of Cybersecurity Today on the Weekend, host Jim Love engages in a captivating discussion with Anton Livaja from Distrust. Anton shares his unique career transition from obtaining a BA in English literature at York University to delving into cybersecurity and tech. Anton recounts how he initially entered the tech field through a startup and quickly embraced programming and automation. The conversation covers Anton's interest in Bitcoin and blockchain technology, including the importance of stablecoins, and the frequent hacking incidents in the crypto space. Anton explains the intricacies of blockchain security, emphasizing the critical role of managing cryptographic keys. The dialogue also explores advanced security methodologies like full source bootstrapping and deterministic builds, and Anton elaborates on the significance of creating open-source software for enhanced security. As the discussion concludes, Anton highlights the need for continual curiosity, teamwork, and purpose-driven work in the cybersecurity field. 00:00 Introduction to Cybersecurity Today 00:17 Anton's Journey from Literature to Cybersecurity 01:08 First Foray into Programming and Automation 02:35 Blockchain and Its Real-World Applications 04:36 Security Challenges in Blockchain and Cryptocurrency 13:21 The Rise of Insider Threats and Social Engineering 16:40 Advanced Security Measures and Supply Chain Attacks 22:36 The Importance of Deterministic Builds and Full Source Bootstrapping 29:35 Making Open Source Software Accessible 31:29 Blockchain and Supply Chain Traceability 33:34 Ensuring Software Integrity and Security 38:20 The Role of AI in Code Review 40:37 The Milksad Incident 46:33 Introducing Distrust and Its Mission 52:23 Final Thoughts and Encouragement
Chris and Hector break down recent crypto security breaches, including Coinbase's insider-driven data leak and the SEC's SIM swap hack. They explore the rise of “Zishing” (Zoom phishing), deepfake scams, and the real-world dangers facing crypto holders. Join our new Patreon! https://www.patreon.com/c/hackerandthefed Send HATF your questions at questions@hackerandthefed.com
In this episode of Reimagining Cyber, Tyler Moffitt, Senior Security Analyst at OpenText Cybersecurity, delves inro the complex issue of insider threats. He concentrates on the two main types of insider threats: malicious insiders who knowingly abuse their access, and unintentional insiders who fall prey to phishing and other social engineering attacks. The conversation is highlighted by recent high-profile cases such as the Coinbase breach, where a third-party contractor was bribed, and the Scattered Spider group's attack on UK retailers like Marks and Spencer and Co-op. The episode explores the real-world financial impacts of these breaches and offers detailed strategies for defending against insider threats, emphasizing the importance of layered security, strict access controls, and thorough training. Listen to learn more about the evolving landscape of insider threats and how to protect your organization.Links mentioned in this episode:https://community.opentext.com/cybersecFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
Is the so-called "Insider Threat" a big deal? If so, how could you use a honeypot to catch them? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. If you want to know more about honeypots, check out Kip's newest LinkedIn Learning course: “Active Defense: The New Frontier in Cybersecurity” -- https://www.linkedin.com/learning/active-defense-the-new-frontier-in-cybersecurity/
In this episode, the hosts discuss a significant cybersecurity incident involving Coinbase, which reportedly cost the company $400 million. They explore the implications of such attacks on financial institutions, the role of insider threats and bribery, and the importance of robust cybersecurity measures. The conversation also touches on investment strategies in the tech industry, particularly highlighting the success of notable figures like Nas in venture capital. The episode concludes with a call for improved security practices in the face of evolving cyber threats. Article: Coinbase Says Cybersecurity Incident Could Cost It $400 Million https://www.pymnts.com/cybersecurity/2025/coinbase-says-cybersecurity-incident-could-cost-it-400-million/?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExRVJZN2JHRmNVRUoxNFF1agEeBqQ0wtW_Ix6VESXOx22WcCCeylU2lCckdhoCo6Pzlryk-G-Kx86g9v0DKfA_aem_65sqZR-dnRmCSfcmigFqBQ Please LISTEN
In this cybersecurity awareness training episode, we're digging into one of the most overlooked risks in any organization: insider threats. From malicious intent to simple negligence and even blackmail, insiders can pose serious security challenges. Learn how to recognize the warning signs—like job dissatisfaction, policy violations, or sudden lifestyle changes—and what you should do if something doesn't seem right. With real-world case studies like Edward Snowden and Chelsea Manning, we'll show why everyone plays a role in prevention. Don't wait for someone else to speak up—know what to look for, understand how to report it, and help build a culture of trust and vigilance in your workplace.Pick up your copy of Cyber Rants on Amazon.Looking to take your Cyber Security to the next level? Visit us at www.silentsector.com. Be sure to rate the podcast, leave us a review, and subscribe!
Welcome to the Social-Engineer Podcast: The Doctor Is In Series – where we will discuss understandings and developments in the field of psychology. In today's episode, Chris and Abbie are discussing Emotional Regulation in the Workplace. They will talk about the different strategies that can be used to help, not just at work, but in most areas of our lives. [May 5, 2025] 00:00 - Intro 00:38 - Dr. Abbie Maroño Intro 00:57 - Intro Links - Social-Engineer.com - http://www.social-engineer.com/ - Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ - Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ - Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ - Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb - CLUTCH - http://www.pro-rock.com/ - innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/ 02:30 - The Topic of the Day: Emotional Regulation in the Workplace 04:14 - Strategy 1: Deep Acting 14:10 - Strategy 2: Mindfulness & Acceptance 19:24 - Strategy 3: Social Sharing 26:40 - Strategy 4: Humor & Distraction 31:21 - Wrap Up 33:07 - Next Month: The Lonely Chapter 33:41 - Outro - www.social-engineer.com - www.innocentlivesfoundation.org Find us online: - LinkedIn: linkedin.com/in/dr-abbie-maroño-phd - Instagram: @DoctorAbbieofficial - LinkedIn: linkedin.com/in/christopherhadnagy References: Kalokerinos, E. K., Résibois, M., Verduyn, P., & Kuppens, P. (2017). The temporal deployment of emotion regulation strategies during negative emotional episodes. Emotion, 17(3), 450–458. https://doi.org/10.1037/emo0000248 Côté, S., & Hideg, I. (2011). The consequences of faking emotions: Emotional dissonance, relationship quality, and employee well-being. Emotion, 11(4), 803–815. https://doi.org/10.1037/a0023868 Lomas, T., Medina, J. C., Ivtzan, I., Rupprecht, S., & Eiroa-Orosa, F. J. (2019). The impact of mindfulness on well-being and performance in the workplace: An inclusive systematic review of the empirical literature. European Journal of Work and Organizational Psychology, 28(6), 782–804. https://doi.org/10.1080/1359432X.2019.1659420 Bono, J. E., Foldes, H. J., Vinson, G., & Muros, J. P. (2007). Workplace emotions: The role of supervision and leadership. Journal of Applied Psychology, 92(5), 1357–1367. https://doi.org/10.1037/0021-9010.92.5.1357 Clayton, S. (2024). Working well: The simple act of taking deep breaths can reduce stress and anxiety. Associated Press. Ordali, E., et al. (2024). Exhaustion at work can lead to difficulty controlling emotions, scientists say. The Guardian. Mesmer-Magnus, J., Glew, D. J., & Viswesvaran, C. (2012). A meta-analysis of positive humor in the workplace. Journal of Managerial Psychology, 27(2), 155–190. https://doi.org/10.1108/02683941211199554 Scheibe, S., & Zacher, H. (2013). A lifespan perspective on emotion regulation, stress, and well-being in the workplace. In The Oxford Handbook of Stress, Health, and Coping (pp. 291–306). Oxford University Press. https://doi.org/10.1093/oxfordhb/9780195375343.013.0017
Kevin Szczepanski welcomes Gregg Davis, managing principal and technical advisory solutions leader at EPIC Insurance Brokers & Consultants. Kevin and Gregg start by discussing the increasing risks of insider threats to cybersecurity and the sophistication of threat actors along with the need for organizations to create a culture of verification and for real-world training. Diving into strategies to mitigate insider threats, they emphasize awareness and proactive measures. Kevin and Gregg touch on business email compromise, insurance policies, the evolving role of the CISO, and much more. Tune in for the whole episode.
This episode is sponsored by Permiso. Visit permiso.io/idac to learn more.In this sponsored episode of the Identity at the Center Podcast, hosts Jeff and Jim sit down with Paul Nguyen, co-founder and co-CEO of Permiso, to discuss the critical role of identity security in modern information security. Paul shares insights into the history of identity threats, the rise of identity-focused attacks like Scattered Spider and LLM Jacking, and the importance of real-time identity monitoring for both human and non-human identities across cloud and on-prem environments. The episode explores how Permiso is positioned in the market to provide comprehensive identity threat detection and response (ITDR) and identity security posture management (ISPM), offering advanced visibility and proactive measures against emerging threats.Chapters00:00 Introduction to Security Vendors00:50 Welcome to the Identity at the Center Podcast01:30 Sponsored Spotlight: Permiso02:14 Meet Paul Nguyen, Co-Founder of Permiso03:34 The Importance of Identity in Security05:35 Permiso's Unique Approach to Identity Security07:36 Real-Time Monitoring and Threat Detection09:23 Challenges and Solutions in Identity Security15:16 Modern Attacks and Identity Threats25:56 The Role of Honeypots in Security Research26:49 Challenges of Maintaining Security27:15 Honeypots and Breach Detection27:46 Dwell Time and Reconnaissance28:34 Password Complexity and Monitoring Gaps29:24 Roles and Responsibilities in Identity Security29:49 Unified Identity Security Teams30:57 Emerging Threats and Joint Efforts32:49 Permiso's Role in Identity Security34:10 Detection and Response Strategies36:11 Managing Identity Risks36:51 Combining Prevention and Detection39:44 Real-World Applications and Challenges51:17 Personal Insights and Final ThoughtsConnect with Paul: https://www.linkedin.com/in/paulnguyen/Learn more about Permiso: https://permiso.io/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.com and watch at idacpodcast.tvKeywords:identity security, real-time monitoring, IAM, cybersecurity, identity exploitation, modern attacks, insider threats, honeypots, organizational structure, Non-Human Identities, Identity Security, Permiso, Risk Management, Insider Threat, Shadow IT, Identity Graph, ITDR, ISPM, Cybersecurity
In this episode, Mark Ledlow and Fred Burton, Executive Director of Protection and Intelligence at Ontic and a best-selling author, discuss the surrounding potential threats posed by an open border policy and the presence of terrorist cells. The discussion delves into the analytical evidence of terrorism threats linked to transnational entries, highlighting that no domestic terror acts have been documented as originating from the southern border. The conversation touches on broader security issues, including high-profile plots thwarted in the past, school shootings, and the impact of geopolitical events on domestic safety. They emphasize the importance of analytical rigor and logical decision-making in the security and protective services industry, comparing different attitudes toward personal protection across regions and discussing the implications of various security measures for high-profile individuals.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSThe importance of proactive surveillance and intelligence gathering in security.Lessons learned from historical security breaches and attack plots.The significance of cultural fit and adaptability in security teams.Challenges faced by security personnel in adjusting to different operational environments.The necessity to constantly update and share intelligence within the security community.The evolving methods of threat actors and their preparedness.Fred Burton's involvement in upcoming TV and film projects based on his books.QUOTES"The scope of detail that some of these threat actors are engaged with is just frightening.""Intelligence is powerful when done correctly.""You can't run a program without intelligence today.""If you've got a good security team, trained in observation skills, you should be able to spot threat actors ahead of time.""Getting people in and out without being hassled is the kind of value add that we routinely do in this business.""It's amazing what you can do if you just try to blend in and ask questions.""Some degree of protection at public venues is essential, especially for controversial issues.""Surveillance is critical before you get the bodies out there. Get that team out there moving around snooping."Get to know more about Fred Burton through the link below.https://www.linkedin.com/in/thefredburton/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.
This week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur discussdiscuss a newly discovered SSH backdoor used by Chinese cyber spies, the alarming rise of insider threats in critical U.S. infrastructure, and the significant drop in ransomware payments in 2024. Hector also delivers a passionate rant about government security oversight and the risks posed by unvetted personnel in federal systems. Plus, the duo shares insights on bypassing corporate security with SSH tunneling, the evolution of cybercrime tactics, and why cybersecurity resilience is more crucial than ever. Send HATF your questions at questions@hackerandthefed.com.
The National Security Hour with Major Fred Galvin – Join Major Fred Galvin as he interviews cybersecurity expert Ryan Rambo, a retired Army Counterintelligence Specialist. Learn about rising cyber threats, insider risks, and the nations targeting sensitive data. Discover the truth about VPNs, online privacy, and best practices to protect your identity at home, abroad, and in the digital world. Stay secure!
Stand Up is a daily podcast that I book,host,edit, post and promote new episodes with brilliant guests every day. Please subscribe now for as little as 5$ and gain access to a community of over 700 awesome, curious, kind, funny, brilliant, generous souls Check out StandUpwithPete.com to learn more GET TICKETS TO PODJAM II In Vegas March 27-30 Confirmed Guests! Professor Eric Segall, Dr Aaron Carroll, Maura Quint, Tim Wise, JL Cauvin, Ophira Eisenberg, Christian Finnegan and More! Frank Figliuzzi is a national security contributor and regular columnist for NBC News and MSNBC. He was the assistant director for counterintelligence at the FBI, where he served 25 years as a special agent and directed all espionage investigations across the government. He is the author of “The FBI Way: Inside the Bureau's Code of Excellence.” Frank Figliuzzi was the FBI's Assistant Director for Counterintelligence and served 25 years as a Special Agent. In his current role as a respected National Security Analyst, Frank appears weekly on live television for NBC and MSNBC news. Frank held senior FBI leadership positions in major American cities and was appointed the FBI's Chief Inspector by then Director Robert Mueller to oversee sensitive internal inquiries, shooting reviews, and performance audits. Following his FBI career, Frank became a corporate security executive for a Fortune 10 company and led global Investigations, Insider Threat, Workplace Violence Prevention, and Special Event security for 200,000 employees in 180 countries. As the Bureau's head of Counterintelligence, Mr. Figliuzzi directed all espionage investigations across the U.S. government. Frank frequently briefed the White House, Congress, and the Attorney General. Mr. Figliuzzi directed an FBI internal disciplinary unit in the Office of Professional Responsibility and adjudicated allegations of serious misconduct against FBI personnel. Frank is the author of THE FBI WAY: Inside the Bureau's Code of Excellence (HarperCollins). Frank is most noted for his clear and compelling television commentary regarding the Special Counsel investigation of Russian interference in the 2016 U.S. Presidential campaign, and coverage of tragic mass shootings. His FBI career highlights include: Leading the FBI's efforts to counter economic espionage in Silicon Valley, California; Overseeing major financial crimes and public corruption investigations in Miami, Florida, and Cleveland, Ohio; Serving as on-scene commander of the largest HAZMAT evidence recovery effort in FBI history at the Boca Raton, Florida, site of the nation's first anthrax murder; and, Publicly explaining the FBI's successful operation against ten Russian sleeper agents inside the United States. Mr. Figliuzzi earned a Juris Doctorate cum laude from the University of Connecticut School of Law, and a Bachelor of Arts Degree in English Literature from Fairfield University. Frank completed certificate programs at the Harvard University National Security Program for Senior Executives in Government at the John F. Kennedy School of Government, and at Northwestern University's executive course on Leading Strategic Change at the Kellogg School of Management. He is a sought-after speaker, panelist and instructor on leadership, violence prevention, risk management, and the external and internal threats facing the United States Join us Monday's and Thursday's at 8EST for our Bi-Weekly Happy Hour Hangout! Pete on Blue Sky Pete on Threads Pete on Tik Tok Pete on YouTube Pete on Twitter Pete On Instagram Pete Personal FB page Stand Up with Pete FB page All things Jon Carroll Follow and Support Pete Coe Buy Ava's Art Hire DJ Monzyk to build your website or help you with Marketing
Listen into the Saturday edition as Victor Davis Hanson interviews Adam Lovinger, the Vice President of Strategic Affairs at the Gold Institute for International Strategy. He reveals the Orwellian situation under the Obama-Biden administration when it came to Iran, national security, and lawfare, all subjects of his new book The Insider Threat.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
In this episode of the Happy Women podcast, author and former Senior Director for Strategic Assessments at the U.S. National Security Council, Adam Lovinger, joins Jen Horn and Katie Gorka to discuss his experiences within the U.S. national security framework, particularly focusing on the Office of Net Assessment and the implications of the deep state during the Obama administration. He shares insights on the ideological shifts in national security, the origins of the Russia hoax, and the threats posed by figures like General Flynn. Lovinger also recounts his personal struggles against the deep state and the tragic story of whistleblower Stephen Luke, while expressing hope for restoring integrity in government. Support the show: https://www.sebgorka.com/See omnystudio.com/listener for privacy information.
Sebastian is joined in-studio by Adam Lovinger, former Senior Director of the National Security Council, to talk about his book "The Insider Threat."Support the show: https://www.sebgorka.com/See omnystudio.com/listener for privacy information.