Podcasts about nist

DLLs & TLS Callbacks As a follow-up to last week's diary about DLL Entrypoints, Didier is looking at TLS ( Thread Local Storage ) and how it can be abused. https://isc.sans.edu/diary/DLLs%20%26%20TLS%20Callbacks/32580 FreeBSD Remote code execution via ND6 Router Advertisements A critical vulnerability in FreeBSD allows for remote code execution. But an attacker must be on the same network. https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc NIST Time Server Problems The atomic ensemble time scale at the NIST Boulder campus has failed due to a prolonged utility power outage. One impact is that the Boulder Internet Time Services no longer have an accurate time reference. https://tf.nist.gov/tf-cgi/servers.cgi https://groups.google.com/a/list.nist.gov/g/internet-time-service/c/o0dDDcr1a8I

Conflicting jobs data indicates a complex economic landscape for IT service providers, as the unemployment rate in the tech sector has risen to 4% with a loss of 134,000 jobs between October and November 2025. Despite a drop in the overall unemployment rate to 4.2% and a projected growth of managed services contributing $608 billion to the B2B technology sector, the mixed signals from economic indicators complicate decision-making for the Federal Reserve and raise concerns about consumer spending. Analysts emphasize that the current job losses reflect a shift in responsibility from internal roles to external managed service providers (MSPs), which may not alleviate underlying risks.The National Institute of Standards and Technology (NIST) has released a draft profile addressing cybersecurity challenges posed by artificial intelligence (AI), highlighting the need for organizations to manage AI-related security risks effectively. This profile outlines how AI can enhance cybersecurity defenses while also detailing the responsibilities that come with its deployment. Recent assessments reveal that while some AI models perform better in security contexts, the lack of clarity around accountability when AI systems make decisions remains a significant concern for MSPs.Private equity activity is accelerating in the managed services sector, exemplified by Broadwing Capital's acquisition of CloudScale365, which aims to create a platform addressing gaps in the fragmented IT-managed services market. This consolidation trend raises questions for MSPs about operational norms and the potential loss of control over their business models. As platforms seek to standardize pricing and decision-making processes, MSPs must consider how these changes will affect their service delivery and customer relationships.For MSPs and IT service leaders, the evolving landscape underscores the importance of understanding where risk is shifting and how to price and govern accordingly. The retreat from AGI hype and the focus on practical AI applications signal a need for clarity in decision-making processes, particularly as automation becomes more prevalent. MSPs that can articulate the limitations of their AI systems and establish clear accountability frameworks will be better positioned to navigate the complexities of the current market. Four things to know today00:00 As Jobs Data Conflicts and Tech Employment Slips, Managed Services Absorb Risk and Responsibility05:46 NIST's AI Security Framework Meets Reality as Model Safety Gaps Expose Accountability Risks08:54 Broadwing Launches MSP Platform to Standardize Scale, Signaling Growing PE Pressure on MSP Operations11:03 AI Rebrands Itself as Open Source Expands, Automation Scales, and Accountability Gets Murkier This is the Business of Tech.    Supported by:  https://saasalerts.com/mspradio/ 

Alexandru Voica, Head of Corporate Affairs and Policy at Synthesia, discusses how the world's largest enterprise AI video platform has approached trust and safety from day one. He explains Synthesia's "three C's" framework—consent, control, and collaboration: never creating digital replicas without explicit permission, moderating every video before rendering, and engaging with policymakers to shape practical regulation. Voica acknowledges these safeguards have cost some business, but argues that for enterprise sales, trust is competitively essential. The company's content moderation has evolved from simple keyword detection to sophisticated LLM-based analysis, recently withstanding a rigorous public red team test organized by NIST and Humane Intelligence. Voica criticizes the EU AI Act's approach of regulating how AI systems are built rather than focusing on harmful outcomes, noting that smaller models can now match frontier capabilities while evading compute-threshold regulations. He points to the UK's outcome-focused approach—like criminalizing non-consensual deepfake pornography—as more effective. On adoption, Voica argues that AI companies should submit to rigorous third-party audits using ISO standards rather than publishing philosophical position papers—the thesis of his essay "Audits, Not Essays." The conversation closes personally: growing up in 1990s Romania with rare access to English tutoring, Voica sees AI-powered personalized education as a transformative opportunity to democratize learning. Alexandru Voica is the Head of Corporate Affairs and Policy at Synthesia, the UK's largest generative AI company and the world's leading AI video platform. He has worked in the technology industry for over 15 years, holding public affairs and engineering roles at Meta, NetEase, Ocado, and Arm. Voica holds an MSc in Computer Science from the Sant'Anna School of Advanced Studies and serves as an advisor to MBZUAI, the world's first AI university. Transcript Audits, Not Essays: How to Win Trust for Enterprise AI (Transformer) Synthesia's Content Moderation Systems Withstand Rigorous NIST, Humane Intelligence Red Team Test (Synthesia) Computerspeak Newsletter

In this episode, we confront the chilling reality of "Harvest Now, Decrypt Later" strategies, where adversaries collect encrypted data today to decrypt it once quantum capabilities mature. We dive deep into the newly released NIST post-quantum cryptography standards (FIPS 203, 204, and 205) and analyze the aggressive migration timelines mandated by the EU and UK, with critical infrastructure targets set for as early as 2030. Beyond the hype of raw qubit counts, our discussion shifts to the necessity of "crypto-agility" and hybrid implementations, explaining why organizational survival now depends on conducting a comprehensive cryptographic inventory rather than waiting for the technology to settle.NIST Post-Quantum Cryptography StandardsFIPS 203 (ML-KEM): Module-Lattice-Based Key-Encapsulation Mechanism StandardView PDFFIPS 204 (ML-DSA): Module-Lattice-Based Digital Signature StandardView PDFFIPS 205 (SLH-DSA): Stateless Hash-Based Digital Signature StandardView PDFGovernment & Regulatory GuidanceEuropean Commission Recommendation: "EU Roadmap for the Transition to Post-Quantum Cryptography" (Covers 2026/2030 milestones)View Roadmap DetailsUK National Cyber Security Centre (NCSC): "Next Steps in Preparing for Post-Quantum Cryptography" (Covers 2028 discovery/2035 migration targets)View GuidanceWhite House (USA): National Security Memorandum 10 (NSM-10) on Promoting United States Leadership in Quantum Computing While Mitigating RisksView MemorandumBlockchain & Technical ProjectsSolana: "Project 11" (Validator security and testnet upgrades for post-quantum signatures)View AnnouncementAlgorand: Technical Brief on Quantum-Resistant Transactions (Falcon Signatures)View Technical Brief

The House on Monday passed a bill that would revamp how agencies purchase software, putting the legislation in the same place it was a year ago: waiting for the Senate to follow suit as the clock ticks down on the congressional calendar. The Strengthening Agency Management and Oversight of Software Assets (SAMOSA) Act would require agencies to examine their software licensing practices, with the aim of streamlining IT buying practices to avoid duplicative purchases. The bill is identical to legislation that passed the House last December but did not move forward in the Senate. The House bill, co-sponsored by Reps. Nancy Mace, R-S.C., Shontel Brown, D-Ohio, Pat Fallon, R-Texas, and April McClain Delaney, D-Md., would press agencies to better manage their software without limiting procurement options. They would be required to submit IT assessments to the Office of Management and Budget, the General Services Administration and Congress, so better oversight could be conducted. On the House floor Monday, Brown credited her three co-sponsors as well as former Rep. Gerry Connolly, D-Va., who died of cancer in May after taking the lead on this bill in addition to his myriad other government IT efforts. Brown, ranking member of the House Oversight Cybersecurity, Information Technology, and Government Innovation subcommittee, said the SAMOSA Act is a “straightforward good government bill that has strong bipartisan support from members of the Oversight Committee.” A new bill from Sens. John Fetterman, D-Pa., and Ted Budd, R-N.C., would establish a national network of cloud laboratories led by the National Science Foundation and supported by the National Institute of Standards and Technology, with the goal of enhancing collaboration between institutions while improving research efficiency with AI. If passed, NSF will select up to six programmable cloud laboratories from a range of applicants, including academic institutions and private-sector research groups. NIST would be tasked with setting standards and reporting to Congress about the feasibility for expansion. The bill, introduced last week, aligns with provisions laid out by the Trump administration's AI Action Plan and aims to codify existing NSF proposals, according to the sponsors. NSF earmarked $100 million for a similar AI-powered cloud network in August as it looked to expand access to emerging technologies. Researchers in the co-sponsors' home states have developed methods to ease automated discoveries, which will serve as a blueprint for the national effort. NSF will judge applicants on the level of existing data integration and automated capability infrastructure and capacity to support multi-user cloud workflows, among other criteria. In addition to bipartisan backing, the legislation garnered support from officials at Carnegie Mellon University, the Accelerate Science Now coalition and the Allegheny Conference on Community Development. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

Send us a textCheck us out at:  https://www.cisspcybertraining.com/Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkoutGet access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouvWhat happens when cybersecurity meets the engine room of the business? We dig into the partnership between the CISO and COO and show how shared risk, clear language about money, and practical tabletop drills turn security into operational resilience. Ransomware, supply chain delays, and customer impact aren't just IT issues—they're revenue issues—so we map exactly how to build alignment before a crisis hits.We break down CISSP Domain 1.5 with a plain-English tour of law categories and the statutes you actually need to know: CFAA and NIIPA for unauthorized access and critical infrastructure, FISMA and the NIST standards for federal-grade security programs, and the federal modernization that centralized oversight under DHS. Then we go deeper into intellectual property: what copyrights, trademarks, patents, and trade secrets protect; how DMCA and AI complicate ownership; and how licensing and click-through terms can quietly put your data and code at risk if you don't read them with counsel.Cross-border data is now daily business, so we unpack export controls on chips and encryption, transborder data flow obligations, and privacy regimes that carry real teeth: GDPR's 72-hour notification, China's PIPL and local representation, and state laws like CCPA that mirror EU rights. The practical takeaway is a tighter incident playbook: define “breach” with evidence-based thresholds, pre-wire stakeholder communications, and use tabletop exercises to test both technical recovery and regulatory reporting.If you're studying for the CISSP or leading a security program, this is the legal-ops blueprint you can use today. Subscribe, share this with your ops and legal teams, and leave a review to tell us which regulation gives you the biggest headache—we'll tackle it next.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

IonQ Vice President and GM of Quantum Platform Matthew Keesan joins BioTalk for a clear look at how they are advancing quantum computing from its home base in the BioHealth Capital Region. He shares the story of IonQ's Maryland roots and explains quantum computing in straightforward terms for listeners seeking a high-level understanding. The conversation moves into why biohealth leaders should track the hardware race, what distinguishes IonQ's approach, and how quantum is already being paired with AI to strengthen modeling and analysis. Keesan walks through early use cases showing traction today, challenges common myths about timelines, and shares which biohealth applications he expects to gain mainstream momentum by 2030. Editing and post-production work for this episode was provided by The Podcast Consultant (https://thepodcastconsultant.com). Matthew Keesan is Vice President and GM of Quantum Platform at IonQ and a member of the BHI Board. He joined IonQ in 2017 to lead the development of the company's Quantum OS, the software stack that controls IonQ's quantum computers. In 2021, he oversaw the launch of IonQ's Harmony systems on Amazon Braket, Microsoft Azure Quantum, and Google Cloud, making IonQ the first quantum hardware provider available across all three hyperscalers. He built IonQ's security function to meet commercial and government frameworks, including SOC 2, NIST 800-171, NIST 800-53, and ISO 27001, and established a globally distributed operations team managing IonQ's fleet of quantum computers across the United States and Europe. Before joining IonQ, Keesan served as CTO of the restaurant technology company Ando, which was acquired by Uber, and advised startups in manufacturing, e-commerce, and identity-as-a-service. He also helped create the technology behind the interactive HBO series Mosaic with Steven Soderbergh. He holds patents in quantum compilation, hybrid quantum computation, and quantum control automation, and has co-authored papers published in Nature and Physical Review A.

In this episode, Cheri Hotman sits down with CMMC expert and strategist Linda Rust for a direct, unscripted conversation about what CMMC really means for defense contractors, why so many organizations get it wrong, and how leaders can approach compliance with clarity instead of chaos.Linda brings more than 25 years of engineering and mission-critical technology leadership to the table. She breaks down why CMMC is fundamentally a business issue rather than an IT project, why third-party accountability is often the only thing that finally moves organizations to action, and why “cheap” approaches end up being the most expensive mistakes companies make.Cheri and Linda dig into:• What CMMC is (and isn't)• Why scoping and understanding your data matters more than any technical control• Why leadership, not IT, must own the strategy• The real cost drivers behind CMMC and why labor—not tools—is the biggest factor• How small companies get themselves into false-claims trouble without realizing it• What's coming next with FAR CUI and NIST 800-171 Revision 3• How organizations can right-size their efforts instead of chasing shortcutsIf you want a frank, practical explanation of CMMC from two people who have lived it for years, this episode will help you understand the landscape, avoid costly pitfalls, and build a program that leaders can actually sustain.

In today's Cloud Wars Minute, I look at how IBM and Cisco are teaming up to pioneer long-distance quantum networks.Highlights00:03 — Although not the only company invested in the development of quantum computing, IBM is certainly considered the most active. The company has the highest number of patents, a clear road map for fault tolerant quantum systems, and the most prestigious track record across quantum hardware, software and the commercialization of these tools.00:28 — Now, IBM and Cisco Systems have revealed plans to link a network of quantum computers over long distances — and the result, perhaps the introduction of the quantum internet. Before I get carried away on this, leaders from both IBM and Cisco have confirmed that the technology to power these networks doesn't yet exist, but they are working on it.00:59 — The bottleneck is getting qubits, the unit of information used by quantum computers, to travel along fiber optic cables between Cisco switches. IBM and Cisco hope to have the first proof-of-concept ready within five years, a network that connects individual, large scale, fault-tolerant quantum computers with the power to run computations over 10s to hundreds of 1000s of qubits.01:49 — So, why do we need the quantum internet? Well, beyond the massive enhancement in computational power, which is the primary driver for companies to enter this space, if quantum computing itself becomes widespread, we'll need quantum structures in the Internet to protect ourselves from our very own creation.02:28 — Technology is advancing at an unfathomable speed, and just like in the AI space, we need to ensure it's contained. In fact, researchers at IBM co-developed three of the four quantum resistant algorithms that the U.S. National Institute of Standards and Technology, or NIST, have earmarked for future standardization. Visit Cloud Wars for more.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In the world of federal technology we are being deluged with so much information about Artificial Intelligence that we may not see what some of other technologies that may have as great an impact as AI.  The White House, the OMB (M-23-02), the Office of the National Cyber Director have made it clear that the time to prepare for post-quantum cryptography is now.  Agencies are required to inventory cryptographic systems, prioritize high-value assets, and build migration plans in line with NIST standards. Today, we sit down with Eric Hay from Quantum Xchange to look at making this transition.  During the interview, Hay handles issues like technology, operations and appropriate strategy. He highlights the role of NIST in developing and approving new algorithms like NIST PQC Post Quantum Encryption, ML, and CHEM. Eric explains the five-step process for transitioning to these new standards: discovery, prioritization, deployment, monitoring, and management. Rather than spending time evaluating algorithms, Eric Hay stresses the importance of a network-centric approach, suggesting that agencies focus on securing data transport first. Eric predicts Q day, when current encryption methods could be compromised, within 3-5 years, with some European partners aiming for 2029.    

Jak vypadá život člověka, který prošel 601. skupinou speciálních sil, velel 43. výsadkovému pluku a později radil premiérovi i ministryni obrany? S plukovníkem Petrem Matoušem mluvíme o cestě od komiksového omylu při zápisu na Univerzitu obrany až po ostré operace v Afghánistánu, spolupráci s elitními americkými jednotkami a o fyzických i mentálních limitech vojáků. Proč šel ve čtyřiceti letech do MMA klece a v čem mu to připomíná reálné bojové operace? A jak se dívá na realitu české armády po zkušenosti z Ukrajiny?Soutěžíme o podepsaný výtisk rozšířeného vydání knihy Navzdory. Napište nám, kolik udělal Petr Matouš shybů při posledním přezkoušení. Knihu Navzdory můžete zakoupit zde: https://shelfie.cz/knihy-/785-navzdory-9788090970014.html?utm_source=Podcast&utm_medium=Insider+podcast&utm_campaign=Insider+podcast&utm_id=InsiderPartnerem podcastu je advokátní kancelář ROWAN LEGAL a mezinárodní poradenská společnost RSM.

35K YouTube Views and 1K comments in just 1 day | 145K Views on "X" and 250 Comments on the first day.We were quite grateful to get a note from Bret Weinstein's popular Dark Horse Podcast about his posting the interview with Senator Ron Johnson, which was an extraordinary dive into the 9/11 events. We wrote back to Bret and encouraged him to bring the hard, explosive evidence of the World Trade Center to his audience to back up his and the senators' claims about controlled demolition. He was game. We scheduled it right away.We were very honored to be asked onto the Dark Horse podcast. Bret has 521K YouTube subscribers and 1.1M followers on X. He's a frequent guest on the Joe Rogan and Tucker Carlson platforms, and he's shown a keen awareness of the truth about 9/11 and isn't afraid to talk about it.Right out of the gate, Bret acknowledged that he had been following our work for quite a while and that “when somebody is accused of being a conspiracy theorist, my only question is, ‘are they any good at it?' ” :)Then he made me blush: “and I have to say, you set the standard….extremely diligent.…really appreciate the rigor that you bring to that puzzle.”Well, I needed to shift gears and jump right into WTC 7 with both feet, so we introduced the sudden, straight-down, symmetrical, free fall of the building — after witnesses heard and saw explosions. Then we launched into the extreme heat — 3 to 4,000 degrees F — which, of course, was also unaccounted for in the official narrative.Bret was a very active listener and an engaged student of each scientific piece of evidence we presented, and he shared his wisdom with us liberally. For instance, when hearing of the mysterious billions of “previously molten iron microspheres” of “unknown origin” distributed ubiquitously through out the WTC dust, and that the equally puzzling “red-gray chips” of nano-thermite actually produce those same iron microspheres when ignited, he drew the following inference: “Let me just say logically speaking, what you've got is a material, these tiny spheres of formerly molten iron, a mechanism which demonstrably generates them.And that puts the burden of proof on somebody who says that what brought these towers down was fire. And in the case of the Twin Towers, some structural damage. It puts the onus on them to generate a competing explanation for those anomalous, readily observed phenomena. They don't. The burden of proof logically falls on them.And the question then is not, for those of us who are suspicious here, The question is, well come up with anything that is as plausible. Let's see you demonstrate it.When we arrived at the explosive evidence of the Twin Towers, he saw each piece building upon the last and arriving at the proof of the fraud of NIST in the fabrication of their theory that the top section of the building above the point of plane impacts drove the rest of the building down to the ground and then destroyed itself. The building was quite obviously blown up.It was quite disappointing to read some of the comments that chastised Weinstein for delving into these particular conspiracy theories. People really react emotionally and, obviously, without even watching the interview, make quite self-revealing comments on the YouTube video platform, despite supporting his other “conspiracy theories.” They, some of them, just couldn't stomach this one. If only they'd take the time to watch. You can lead a horse to water, but you can't make them drink.Support the show

What Security Congress Reveals About the State of CybersecurityThis discussion focuses on what ISC2 Security Congress represents for practitioners, leaders, and organizations navigating constant technological change. Jon France, Chief Information Security Officer at ISC2, shares how the event brings together thousands of cybersecurity practitioners, certification holders, chapter leaders, and future professionals to exchange ideas on the issues shaping the field today.  Themes That Stand OutAI remains a central point of attention. France notes that organizations are grappling not only with adoption but with the shift in speed it introduces. Sessions highlight how analysts are beginning to work alongside automated systems that sift through massive data sets and surface early indicators of compromise. Rather than replacing entry-level roles, AI changes how they operate and accelerates the decision-making path. Quantum computing receives a growing share of focus as well. Attendees hear about timelines, standards emerging from NIST, and what preparedness looks like as cryptographic models shift.  Identity-based attacks and authorization failures also surface throughout the program. With machine-driven compromises becoming easier to scale, the community explores new defenses, stronger controls, and the practical realities of machine-to-machine trust. Operational technology, zero trust, and machine-speed threats create additional urgency around modernizing security operations centers and rethinking human-to-machine workflows.  A Place for Every Stage of the CareerFrance describes Security Congress as a cross-section of the profession: entry-level newcomers, certification candidates, hands-on practitioners, and CISOs who attend for leadership development. Workshops explore communication, business alignment, and critical thinking skills that help professionals grow beyond technical execution and into more strategic responsibilities.  Looking Ahead to the Next CongressThe next ISC2 Security Congress will be held in October in the Denver/Aurora area. France expects AI and quantum to remain key themes, along with contributions shaped by the call-for-papers process. What keeps the event relevant each year is the mix of education, networking, community stories, and real-world problem-solving that attendees bring with them.The ISC2 Security Congress 2025 is a hybrid event taking place from October 28 to 30, 2025 Coverage provided by ITSPmagazineGUEST:Jon France, Chief Information Security Officer at ISC2 | On LinkedIn: https://www.linkedin.com/in/jonfrance/HOST:Sean Martin, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.seanmartin.comFollow our ISC2 Security Congress coverage: https://www.itspmagazine.com/cybersecurity-technology-society-events/isc2-security-congress-2025Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageISC2 Security Congress: https://www.isc2.orgNIST Post-Quantum Cryptography Standards: https://csrc.nist.gov/projects/post-quantum-cryptographyISC2 Chapters: https://www.isc2.org/chaptersWant to share an Event Briefing as part of our event coverage? Learn More

Back in 2011, FedRAMP was put together because each federal agency had to conduct its own time-consuming security audit. The idea was to standardize security to reduce costs and accelerate cloud adoption.   About ten years later, state leaders saw the same problem. Over the years, they worked out a security guidance package that was released this year. GovRAMP was launched to address many of the same challenges faced by the federal government: to establish a standard that enables transparency, standardization, and community. GovRamp's framework is based on NIST 800-53 rev5.   Tony O'Neil from Massachusetts observed that before GovRAMP, each state had a patchwork of security guidelines. With so much variation across states, a simplified environment could reduce costs and enable leaders to adopt a mindset of investing in people.   Today, we sat down with data security experts who detailed the implementation of compliance to improve data security and compliance. The conversation also covered the importance of continuous monitoring, the role of CSPs in maintaining security, and the necessity of proper resource allocation for cybersecurity professionals.        

What Security Congress Reveals About the State of CybersecurityThis discussion focuses on what ISC2 Security Congress represents for practitioners, leaders, and organizations navigating constant technological change. Jon France, Chief Information Security Officer at ISC2, shares how the event brings together thousands of cybersecurity practitioners, certification holders, chapter leaders, and future professionals to exchange ideas on the issues shaping the field today.  Themes That Stand OutAI remains a central point of attention. France notes that organizations are grappling not only with adoption but with the shift in speed it introduces. Sessions highlight how analysts are beginning to work alongside automated systems that sift through massive data sets and surface early indicators of compromise. Rather than replacing entry-level roles, AI changes how they operate and accelerates the decision-making path. Quantum computing receives a growing share of focus as well. Attendees hear about timelines, standards emerging from NIST, and what preparedness looks like as cryptographic models shift.  Identity-based attacks and authorization failures also surface throughout the program. With machine-driven compromises becoming easier to scale, the community explores new defenses, stronger controls, and the practical realities of machine-to-machine trust. Operational technology, zero trust, and machine-speed threats create additional urgency around modernizing security operations centers and rethinking human-to-machine workflows.  A Place for Every Stage of the CareerFrance describes Security Congress as a cross-section of the profession: entry-level newcomers, certification candidates, hands-on practitioners, and CISOs who attend for leadership development. Workshops explore communication, business alignment, and critical thinking skills that help professionals grow beyond technical execution and into more strategic responsibilities.  Looking Ahead to the Next CongressThe next ISC2 Security Congress will be held in October in the Denver/Aurora area. France expects AI and quantum to remain key themes, along with contributions shaped by the call-for-papers process. What keeps the event relevant each year is the mix of education, networking, community stories, and real-world problem-solving that attendees bring with them.The ISC2 Security Congress 2025 is a hybrid event taking place from October 28 to 30, 2025 Coverage provided by ITSPmagazineGUEST:Jon France, Chief Information Security Officer at ISC2 | On LinkedIn: https://www.linkedin.com/in/jonfrance/HOST:Sean Martin, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.seanmartin.comFollow our ISC2 Security Congress coverage: https://www.itspmagazine.com/cybersecurity-technology-society-events/isc2-security-congress-2025Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageISC2 Security Congress: https://www.isc2.orgNIST Post-Quantum Cryptography Standards: https://csrc.nist.gov/projects/post-quantum-cryptographyISC2 Chapters: https://www.isc2.org/chaptersWant to share an Event Briefing as part of our event coverage? Learn More

Many small and mid-size businesses breathe a sigh of relief once they earn a compliance certification, but the work doesn't stop there. Certifications like SOC 2, ISO, or CMMC aren't one-time milestones. They're ongoing commitments that require fresh evidence, updated controls, and regular monitoring.In this episode, Marie Joseph, Manager of Compliance Advisory at Trava, breaks down the reality of maintaining compliance over time. She discusses why frameworks evolve and how managed compliance services can take the stress off your team's plate. Plus, she shares common mistakes businesses make during recertification and how to stay audit ready all year long.Key takeaways:How compliance frameworks evolve and why it mattersCommon mistakes companies make before audits and how to avoid themHow managed compliance services free up your team's time One of the top tips Marie shared in this episode for staying proactive and organized with compliance is using a Compliance Calendar. You can download a free copy today—based on the same calendar Marie uses every day to manage SOC 2, ISO 27001, CMMC, NIST, and other frameworks: https://travasecurity.com/pod-compliance-calendarEpisode highlights:(00:00) Compliance:  What happens after you get certified?(02:32) Framework changes and renewals(05:17) Why compliance is never “done”(09:14) The audit mistake SMBs make most oftenConnect with the host:Jara Rowe's LinkedIn - @jararoweConnect with the guest:Marie Joseph's LinkedIn - https://www.linkedin.com/in/marie-joseph-a81394143/ Connect with Trava:Website - www.travasecurity.comBlog - www.travasecurity.com/learn-with-trava/blogLinkedIn - @travasecurityYouTube - @travasecurity

Episode overviewJohn Martinis, Nobel laureate and former head of Google's quantum hardware effort, joins Sebastian Hassinger on The New Quantum Era to trace the arc of superconducting quantum circuits—from the first demonstrations of macroscopic quantum tunneling in the 1980s to today's push for wafer-scale, manufacturable qubit processors. The episode weaves together the physics of “synthetic atoms” built from Josephson junctions, the engineering mindset needed to turn them into reliable computers, and what it will take for fabrication to unlock true large-scale quantum systems.Guest bioJohn M. Martinis is a physicist whose experiments on superconducting circuits with John Clarke and Michel Devoret at UC Berkeley established that a macroscopic electrical circuit can exhibit quantum tunneling and discrete energy levels, work recognized by the 2025 Nobel Prize in Physics “for the discovery of macroscopic quantum mechanical tunnelling and energy quantisation in an electric circuit.” He went on to lead the superconducting quantum computing effort at Google, where his team demonstrated large-scale, programmable transmon-based processors, and now heads Qolab (also referred to in the episode as CoLab), a startup focused on advanced fabrication and wafer-scale integration of superconducting qubits.Martinis's career sits at the intersection of precision instrumentation and systems engineering, drawing on a scientific “family tree” that runs from Cambridge through John Clarke's group at Berkeley, with strong theoretical influence from Michel Devoret and deep exposure to ion-trap work by Dave Wineland and Chris Monroe at NIST. Today his work emphasizes solving the hardest fabrication and wiring challenges—pursuing high-yield, monolithic, wafer-scale quantum processors that can ultimately host tens of thousands of reproducible qubits on a single 300 mm wafer.Key topicsMacroscopic quantum tunneling on a chip: How Clarke, Devoret, and Martinis used a current-biased Josephson junction to show that a macroscopic circuit variable obeys quantum mechanics, with microwave control revealing discrete energy levels and tunneling between states—laying the groundwork for superconducting qubits. The episode connects this early work directly to the Nobel committee's citation and to today's use of Josephson circuits as “synthetic atoms” for quantum computing.From DC devices to microwave qubits: Why early Josephson devices were treated as low-frequency, DC elements, and how failed experiments pushed Martinis and collaborators to re-engineer their setups with careful microwave filtering, impedance control, and dilution refrigerators—turning noisy circuits into clean, quantized systems suitable for qubits. This shift to microwave control and readout becomes the through-line from macroscopic tunneling experiments to modern transmon qubits and multi-qubit gates.Synthetic atoms vs natural atoms: The contrast between macroscopic “synthetic atoms” built from capacitors, inductors, and Josephson junctions and natural atomic systems used in ion-trap and neutral-atom experiments by groups such as Wineland and Monroe at NIST, where single-atom control made the quantum nature more obvious. The conversation highlights how both approaches converged on single-particle control, but with very different technological paths and community cultures.Ten-year learning curve for devices: How roughly a decade of experiments on quantum noise, energy levels, and escape rates in superconducting devices built confidence that these circuits were “clean enough” to support serious qubit experiments, just as early demonstrations such as Yasunobu Nakamura's single-Cooper-pair box showed clear two-level behavior. This foundational work set the stage for the modern era of superconducting quantum computing across academia and industry.Surface code and systems thinking: Why Martinis immersed himself in the surface code, co-authoring a widely cited tutorial-style paper “Surface codes: Towards practical large-scale quantum computation” (Austin G. Fowler, Matteo Mariantoni, John M. Martinis, Andrew N. Cleland, Phys. Rev. A 86, 032324, 2012; arXiv:1208.0928), to translate error-correction theory into something experimentalists could build. He describes this as a turning point that reframed his work at UC Santa Barbara and Google around full-system design rather than isolated device physics.Fabrication as the new frontier: Martinis argues that the physics of decent transmon-style qubits is now well understood and that the real bottleneck is industrial-grade fabrication and wiring, not inventing ever more qubit variants. His company's roadmap targets wafer-scale integration—e.g., ~100-qubit test chips scaling toward ~20,000 qubits on a 300 mm wafer—with a focus on yield, junction reproducibility, and integrated escape wiring rather than current approaches that tile many 100-qubit dies into larger systems.From lab racks of cables to true integrated circuits: The episode contrasts today's dilution-refrigerator setups—dominated by bulky wiring and discrete microwave components—with the vision of a highly integrated superconducting “IC” where most of that wiring is brought on-chip. Martinis likens the current state to pre-IC TTL logic full of hand-wired boards and sees monolithic quantum chips as the necessary analog of CMOS integration for classical computing.Venture timelines vs physics timelines: A candid discussion of the mismatch between typical three-to-five-year venture capital expectations and the multi-decade arc of foundational technologies like CMOS and, now, quantum computing. Martinis suggests that the most transformative work—such as radically improved junction fabrication—looks slow and uncompetitive in the short term but can yield step-change advantages once it matures.Physics vs systems-engineering mindsets: How Martinis's “instrumentation family tree” and exposure to both American “build first, then understand” and French “analyze first, then build” traditions shaped his approach, and how system engineering often pushes him to challenge ideas that don't scale. He frames this dual mindset as both a superpower and a source of tension when working in large organizations used to more incremental science-driven projects.Collaboration, competition, and pre-competitive science: Reflections on the early years when groups at Berkeley, Saclay, UCSB, NIST, and elsewhere shared results openly, pushing the field forward without cut-throat scooping, before activity moved into more corporate settings around 2010. Martinis emphasizes that many of the hardest scaling problems—especially in materials and fabrication—would benefit from deeper cross-organization collaboration, even as current business constraints limit what can be shared.Papers and research discussed“Energy-Level Quantization in the Zero-Voltage State of a Current-Biased Josephson Junction” – John M. Martinis, Michel H. Devoret, John Clarke, Physical Review Letters 55, 1543 (1985). First clear observation of quantized energy levels and macroscopic quantum tunneling in a Josephson circuit, forming a core part of the work recognized by the 2025 Nobel Prize in Physics. Link: https://link.aps.org/doi/10.1103/PhysRevLett.55.1543“Quantum Mechanics of a Macroscopic Variable: The Phase Difference of a Josephson Junction” – J. Clarke et al., Science 239, 992 (1988). Further development of macroscopic quantum tunneling and wave-packet dynamics in current-biased Josephson junctions, demonstrating that a circuit-scale degree of freedom behaves as a quantum variable. Link (PDF via Cleland group):

Dr. Jamey Jacob is Executive Director of the Oklahoma Aerospace Institute for Research and Education and the Williams Chair in Energy Technology at Oklahoma State University. Under his leadership, OSU launched the Counter-UAS Center of Excellence, now the nation's central hub for coordinated research, development, testing and evaluation of counter-drone systems. Working closely with the Joint Force CUAS University at Fort Sill, the center assesses vendor technologies, establishes performance standards and accelerates next-generation defenses—all while addressing the growing national shortage of highly trained engineers in this mission-critical domain. With unique testing environments and deep alignment with military needs, OSU plays a pivotal role in strengthening national security and maintaining U.S. leadership in UAS innovation. Beyond directing the Center, Dr. Jacob is a Regents Professor of Aerospace Engineering and a nationally recognized leader in emerging aerospace systems, securing nearly $50 million in research funding from federal agencies and industry partners. He has testified before Congress on the critical need for sustained investment in drone research and advanced air mobility, and he leads major initiatives including the EDA-funded LaunchPad and UAS Flight Corridor, NASA's WINDMAP weather program, OSU's work within the Tulsa Hub for Ethical and Trustworthy Autonomy, and the NIST initiative developing certification standards for next-generation aircraft. A native Oklahoman, he holds degrees from the University of Oklahoma and UC Berkeley, and is an FAA Part 107 pilot with roughly 500 flight hours. In this episode of the Drone Radio Show, Dr. Jacob talks about OSU's efforts to advance the nation's counter-UAS capabilities; what Ukraine's drone innovations reveal about the future of warfare, and how OSU's research in atmospheric science, public safety, and wildlife applications is shaping the next generation of drone operations.

Bringing Tens of Thousands of Newcomers to the 9/11 Truth | Watch Along with Them! — 45 Minutes!Jimmy Dore posted today our LIVE interview with him from the other day! He encouraged us to share all the evidence we could in our limited time with him, and we did!I was joined by structural engineer Kamal Obeid from Architects & Engineers for 9/11 Truth who addressed key issues including the impossibility of the free-fall collapse of World Trade Center Building 7.We addressed as many key points as we possibly could in the 45 minutes that we had:The importance of the truth-telling that WI Senator Ron Johnson and former Congressman Curt Weldon are all about right now. Jimmy played excerpts of the Senator's WTC comments on The Benny Show including “molten metal…controlled demolition…Calling Out Bravo 7 documentary.” We are making sure that the Senator has the solid body of evidence that will back up his historic efforts to get a real 9/11 investigation. The more you help us, the more we can help the VIP's who have the courage to speak out!We addressed these questions among many others on Jimmy Dore:Why didn't the American Institute of Architects issue even one bulletin on the catastrophic unprecedented destruction of 47-story World Trade Center Building 7 — the third worst structural failure in history?Why didn't NIST (National Institute of Standards & Technology) include in their 2004 report on the Twin Towers the 156 first responders who saw, heard, and experienced explosions? And, many of them before the collapse of the towers?Why did NIST persist with their theory that the top section crushed the building section below while maintaining a near free-fall acceleration (when the top section was in fact destroyed in the first 3 seconds) — as if 90% of the steel gave no resistance whatsoever?What caused the hundreds of laterally-ejected freely-flying 4-ton structural steel sections, at 80mph, landing 600 feet in every direction impaling themselves in skyscrapers all around them?What cause the complete pulverization of 110 acre-sized concrete floors — 90,000 tons of concrete in each tower, and dispersed it from river to river across Lower Manhattan?What was crushing the lower section of each tower, if the above steel and concrete, which was 2/3 of their weight, was NOT even available to crush it?!The above questions were just the beginning of the 7-dozen key points of forensic, video, and eyewitness testimony we laid on Jimmy. Please let us know how you think we did. There's always room for improvement.Support the show

What happens when AI generates photorealistic content in seconds… and quantum computers can break encryption just as fast?Roman Cyganov (Founder/CEO of Antix) has spent a decade building digital twin technology, creating content for HBO, Warner Brothers, and AAA games. His platform now generates digital twins instantly, with AI agents that manage social media, track trends, and conduct tasks autonomously.Nauman (Founder of BeQuantum.ai) is addressing the quantum security threat. With quantum computers demonstrating computational supremacy, he's implementing post-quantum cryptography to protect digital identities and blockchain systems.Together, they're building a verified marketplace where creators monetize AI twins through blockchain verification and quantum-grade security.Key Topics:Digital twins: from year-long projects to instant creationQuantum threats to current encryptionAI agents for autonomous content creationBlockchain verification for deepfake detectionMonetizing digital identityPartnerships exclusiveExplore AIGE with Antix at https://linktr.ee/aige.inLearn more about Quantum Security at Bequantum.aiSubscribe, share, and join the conversations on Facebook, Twitter, LinkedIn and Discord!To contact us, you can email us directly at bandoftraderspodcast@gmail.com Check out our directory for other amazing interviews we've done in the past!If you like our show, please let us know by rating and subscribing on your platform of choice!If you like our show and hate social media, then please tell all your friends!If you have no friends and hate social media and you just want to give us money for advertising to help you find more friends, then you can donate to support the show here!Roman:Roman Cyganov is the founder and CEO of Antix, an AI platform for digital twins and autonomous agents. He's built products for HBO, Warner Brothers, Tencent, and AAA titles like Game of Thrones, FIFA, and PUBG. An internationally recognized artist whose work appeared on Times Square, Roman pioneered digital twin technology in 2013. Based in Dubai and advised by Aether co-founder Mark Rydon, he's building infrastructure for creators to monetize verified digital identities.Learn More Here: https://linktr.ee/aige.inConnect with Roman on LinkedInNauman:Nauman Arshad, founder of BeQuantum.ai, is protecting digital assets in the post-quantum era. With decades in cryptography, embedded systems, and cybersecurity since the 1990s internet boom, he implements quantum random number generators and post-quantum cryptography following NIST and NSA standards. Based in Dubai, he's future-proofing security infrastructure as quantum computers threaten traditional encryption, ensuring AI platforms are built on unbreakable foundations.Learn More Here: BeQuantum.AIConnect with Nauman on LinkedInAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

Send us a textCheck us out at:  https://www.cisspcybertraining.com/Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkoutGet access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouvA graphing calculator running ChatGPT might make headlines, but our real job is keeping sensitive data from walking out the door. We break down the data states that matter most—at rest, in transit, and in use—and show how to pair encryption, access control, and monitoring without drowning in complexity. Along the way, we share a pragmatic blueprint for classification and labeling that teams actually follow, from visual tags and watermarks to tightly governed upgrade and downgrade paths that keep owners accountable.From there, we zoom out to strategy. Risk tolerance drives control selection, so we talk through scoping and tailoring: how to apply NIST and ISO 27001 sensibly, where GDPR and HIPAA come into play, and why focused logging beats “collect everything” fantasies. You'll hear the real differences between DRM and DLP—licensing and usage enforcement versus data path control—and when each tool earns its keep. We also lay out transfer procedures that work in the wild: SFTP with verified keys, email encryption, FIPS‑validated USBs, and restricted cloud shares with time‑boxed access.Cloud isn't a blind spot when a CASB sits between your users and SaaS. We explain how a CASB delivers visibility into shadow IT, enforces policy across apps, integrates with identity for conditional access, and even helps you rein in egress costs. Tie it all together and you get a layered, test‑ready approach that helps you pass the CISSP while protecting what matters most. If this helped sharpen your plan, follow the show, share it with a teammate, and leave a quick review so we can keep building tools that move you forward.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Trista and Theresa Nist recap Mel's Golden Bachelor finale and AFR! Theresa brings her own unique perspective to the promise of commitment, and Trista gives her unfiltered opinion on how Cindy was treated! Do the ladies think "MEG" will go the distance?? Plus, Theresa gets candid on some of Trista's burning questions. See omnystudio.com/listener for privacy information.

As technology evolves, so does our understanding of its strengths and weaknesses.    This week on Feds At the Edge, we break down how artificial intelligence is transforming cybersecurity, where it can meaningfully improve defense, and what agencies should consider before deploying it.     LCDR Ian Roessle, Deputy Director, Center for High Assurance Computer Systems at the Naval Research Laboratory, explains why vulnerabilities don't always translate to real risk and emphasizes knowing your systems inside and out. He also notes that AI can introduce new exposures.    Martin Stanley, AI & Cybersecurity Researcher at NIST, outlines the Assessing Risks and Impacts of AI program, which is designed to help leaders validate and secure AI-enabled systems.     Jarrod Vawdrey, Field Chief Data Scientist at Domino Data Lab, discusses how agencies can move toward AI-driven cyber defense by assessing data readiness, isolating high-value targets, and shifting away from static, rules-based tools.    Tune in on your favorite podcast today as we explore practical guidance for deploying AI in cybersecurity while managing the risks it introduces.      

Lyceum's Cybersecurity Series Part 1: "What You Don't Know CAN Hurt You"   Welcome to Episode 30, Season 9 of A CEO's Virtual Mentor® In this opening installment of Lyceum's new Cybersecurity Series, A CEO's Virtual Mentor® convenes five board members and cybersecurity experts from the Lyceum Circle of Leaders® to confront one of the most elusive challenges in modern governance – understanding what you cannot see. As Stephen Hawking warned, "The greatest enemy of knowledge is not ignorance — it is the illusion of knowledge." That illusion, we learn, is the hidden trap of board cybersecurity oversight. Across four parts, our guests – Jorge Benitez, Brook Colangelo, Michael Crowe, Michael Kehs, and Wendy Thomas – illuminate how directors can move from passive awareness to active preparedness, transforming cybersecurity from a technical checklist into an enterprise discipline rooted in governance, visibility, and human judgment. The program examines why boards miss what matters most, how to see beneath the "hidden surface" of cyber risk, and how disciplined frameworks turn uncertainty into resilience. Through their collective insight, a new picture emerges: cybersecurity not as compliance, but as the continuous practice of foresight. Program Guide A CEO's Virtual Mentor® Episode 30 Lyceum's Cybersecurity Series Part 1: "What You Don't Know CAN Hurt You"   0:00 | Introduction Host Tom Linquist introduces Season 9 and Lyceum's special Cybersecurity Series — the first podcast project to draw on multiple members of the Lyceum Circle of Leaders®. He frames the series' purpose: to help boards confront cybersecurity not as a technical topic, but as a behavioral and governance issue — an invisible domain where the illusion of knowledge endangers oversight itself.   Part 1 — Why the Subject Is Important (4:00 – 16:30) Cybersecurity has evolved from a back-office function to a boardroom imperative. Jorge Benitez recalls establishing Accenture's early information-security practice and how cyber risk became a universal business concern. Mike Crowe contrasts threat motives across industries and stresses that "cybersecurity is everyone's responsibility." Brook Colangelo links cyber vigilance to corporate sustainability and shareholder trust. Michael Kehs reminds boards to get started early; that "by the time you hear the thunder, it's too late to build the ark." Wendy Thomas draws the parallel between today's need for cyber fluency and boards' earlier journey toward financial literacy.  Together, they establish the stakes: what boards don't know can — and will — hurt them.   Part 2 — Visibility (16:50 – 31:20) True oversight requires seeing what lies beneath the surface. Brook Colangelo describes forming a Technology and Cyber Committee and applying the NIST framework to benchmark maturity. Mike Crowe explains hiring "offensive" experts to test defenses before attackers do. Wendy Thomas introduces the streamlined Prevent–Detect–Respond (PDR) model, connecting it to board metrics such as mean time to detect and mean time to respond. She also warns that during crises, boards must remember: "There's no watching the game tape during the game." This segment translates technical language into governance visibility — turning blindness into inquiry.   Part 3 — Risk Management (31:36 – 39:50) Cybersecurity joins the top tier of every board's risk matrix. Mike Crowe situates cyber alongside geopolitical and climate risks. Tom Linquist introduces the "hidden surface problem" — the behavioral bias that limits directors to what is easily seen. Brook Colangelo reframes preparedness as competitive advantage: companies that prove digital trust win customers and revenue. Jorge Benitez observes that the most progressive boards now embed cyber within comprehensive risk frameworks, enabling all directors to engage.  This section bridges oversight and enterprise resilience, urging boards to govern the unseen.   Part 4 — Objectives of the Cybersecurity Series (40:18 – 44:58) The series concludes its first installment by looking ahead. Brook Colangelo highlights how global conflict and artificial intelligence have accelerated the pace and complexity of cyber risk. Wendy Thomas calls for a stronger community of boards that collectively raise the cost of attack. Jorge Benitez encourages continuous learning through peer forums such as the Lyceum Circle of Leaders®. Tom Linquist closes with an invitation to continue the series — a journey from illusion to insight, from defense to resilience.   Total Runtime: ≈ 45 minutes     We would like to express our special thanks to the clients of Lyceum Leadership Consulting that enable us to bring you this podcast.     Informative and Helpful Links   NIST's Cybersecurity Framework: https://www.nist.gov/cyberframework   CISA's Cybersecurity Incident & Vulnerability Response Playbooks: https://www.cisa.gov/sites/default/files/2024-08/Federal_Government_Cybersecurity_Incident_and_Vulnerability_Response_Playbooks_508C.pdf   Your host Thomas B. Linquist is the Founder and Managing Director of Lyceum Leadership Consulting and Lyceum Leadership Productions. Over his 25 years in management and leadership consulting he has served a wide array of corporate clients.  This includes leadership assessment and search for chief executive officers, chief financial officers, chief operating officers and directors of boards.  He holds an MBA from the University of Chicago and over his 35-year career has served in a variety of roles: as an engineer with Shell Oil Company, a banker with ABN AMRO Bank, and as treasurer was the youngest corporate officer in the 150+ year history at Peoples Energy Company in Chicago.  He is an expert on hiring and promotion decisions and leadership development.  Over the course of his search and advisory career, Tom has interviewed thousands of leaders and authored numerous articles exploring group decision-making under uncertainty, board effectiveness, and leadership development.   Join the Lyceum Circle of Leaders®  a community of forward-thinking leaders  dedicated to improving leadership through shared intelligence. Please spread the word among your fellow executives and board colleagues.   Program Disclaimer The only purpose of the podcast is to educate, inform and entertain. The information shared is based on the collection of experiences of each of the guests interviewed and should not be considered or substituted for professional advice. Guests who speak in this podcast express their own opinions, experience and conclusions, and neither The Leadership Lyceum LLC nor any company providing financial support endorses or opposes any particular content, recommendation or methodology discussed in this podcast. Follow Leadership Lyceum on: Our website: www.LeadershipLyceum.com LinkedIn: The Leadership Lyceum LLC Email us: info@LeadershipLyceum.com     This podcast Leadership Lyceum: A CEO's Virtual Mentor® has been a production of The Leadership Lyceum LLC. Copyright 2025. All rights reserved.

In "Scaling Logistics Innovation at Descartes Systems Group", Joe Lynch and Dan Cicerchi, the General Manager of Transportation Management Solutions at Descartes Systems Group, discuss the strategic integration of trustworthy AI to enhance existing core logistics technology and solve practical pain points across the global supply chain. About Dan Cicerchi Dan Cicerchi is the General Manager of Transportation Management Solutions at Descartes Systems Group, where he leads strategy and innovation for one of the industry's most widely adopted logistics technology platforms. A seasoned entrepreneur and logistics tech pioneer, Dan co-founded MacroPoint, a real-time freight visibility solution that transformed how brokers, shippers, and carriers track and manage loads. Following its acquisition by Descartes, he has continued to champion technology that drives efficiency, transparency, and resilience across global supply chains. With decades of experience spanning startup growth and enterprise leadership, Dan is passionate about applying practical AI and automation to solve the freight industry's most pressing challenges. He frequently shares insights on freight visibility, fraud prevention, and the future of transportation management. About Descartes Systems Group Descartes Systems Group is a global leader in providing on-demand, software-as-a-service solutions designed to improve the productivity, performance, and security of logistics-intensive businesses. Headquartered in Waterloo, Ontario, with offices and customers worldwide, Descartes helps shippers, carriers, freight forwarders, and logistics service providers connect, collaborate, and automate across the supply chain. Its portfolio includes transportation management, visibility, customs and regulatory compliance, and e-commerce logistics solutions. By combining deep industry expertise with innovative technology, Descartes enables organizations to streamline operations, reduce costs, and deliver superior customer experiences. Thousands of companies around the world rely on Descartes' logistics network and software to move goods more efficiently, mitigate risk, and stay ahead in an increasingly complex global marketplace. Key Takeaways: Scaling Logistics Innovation at Descartes Systems Group In "Scaling Logistics Innovation at Descartes Systems Group", Joe Lynch and Dan Cicerchi, the General Manager of Transportation Management Solutions at Descartes Systems Group, discuss the strategic integration of trustworthy AI to enhance existing core logistics technology and solve practical pain points across the global supply chain. Trust First: AI adoption in logistics must be built on governance and trust, using frameworks like NIST to ensure data security and accountability. AI Augments, Doesn't Replace: AI is a powerful enhancer for core systems (TMS, visibility), not a standalone replacement. Its primary role is to improve efficiency. Focus on Practical Pain Points: Start AI implementation by targeting tedious manual tasks (e.g., check calls, data entry, carrier onboarding) for rapid, measurable ROI. Stability Over Startups: Partnering with existing, integrated tech vendors (like Descartes) ensures greater stability, expertise, and roadmap alignment than relying on new AI-only startups. Audit Your Current Tech: Before investing in new AI, ensure you are fully utilizing the latest features and integrations of your current mission-critical systems. Build Trust with Staff: Overcome internal resistance by layering AI into current workflows and establishing clear performance baselines (ROI) before deployment. Enhance What Works: The path to resilience is through strategically integrating AI into proven, existing workflows step-by-step, not by chasing every new technology trend. Learn More About Scaling Logistics Innovation at Descartes Systems Group Dan Cicerchi | Linkedin Descartes Systems Group | Linkedin Descartes Systems Group The Logistics of Logistics Podcast If you enjoy the podcast, please leave a positive review, subscribe, and share it with your friends and colleagues. The Logistics of Logistics Podcast: Google, Apple, Castbox, Spotify, Stitcher, PlayerFM, Tunein, Podbean, Owltail, Libsyn, Overcast Check out The Logistics of Logistics on Youtube

Nejtěžší chvíle zažila česká armáda v letech 2014 a 2018. Tehdy při sebevražedných útocích v Afghánistánu zahynulo osm vojáků. Dalšího zavraždil afghánský kolega přímo na spojenecké základně. Pro jejich rodiny v Česku to znamenalo naplnění nejhorších obav. Na svého synovce Martina Marcina, který zahynul při útoku sebevražedného atentátníka, zavzpomínala jeho teta Martina Marie Horová.

CMMC 2.0 explained in plain English — what it means for small businesses, defense contractors, and vendors across the DoD supply chain. Learn about Level 1 vs Level 2, self-attestation risks, C3PAO shortages, compliance deadlines, and how to stay audit-ready before 2025.Don't miss out on crucial information about the CMMC 2025 deadline. The Cybersecurity Maturity Model Certification is a vital requirement for businesses dealing with the Department of Defense. If you miss the deadline, you risk losing contracts and facing severe penalties. In this video, we'll explore the consequences of missing the CMMC 2025 deadline and provide valuable insights on how to prepare and stay compliant. Stay ahead of the game and ensure your business is CMMC-ready. Find out what happens if you missed the deadline and learn how to avoid costly mistakes. Tune in now and take the first step towards CMMC compliance. CHAPTERS00:00 – The 4 Letters That Can End Your Business00:15 – CMMC 2.0: Why November 10, 2025 Changes Everything01:35 – Meet the Expert: Frontline View from a CMMC Assessor02:59 – What Is CMMC (In Plain English)?04:20 – FCI vs CUI: The Data That Decides Your Level07:05 – Are You Level 1 or Level 2? How the Flow-Down Really Work10:05 – Why the DoD Stopped “Trusting” Small Contractors11:40 – Supply-Chain Breaches: How Third Parties Take You Down13:00 – Level 1: The 17 “Basic” Controls Everyone Ignores17:00 – The Dangerous Game of Fudging Your Self-Attestation21:15 – Level 2: 110 Controls, SSPs, and the Reality of NIST 800-17123:40 – C3PAO Bottleneck: Why Waiting Means Losing Contracts26:30 – POA&M and the 180-Day “Grace” Trap32:05 – Surprise: Printers, MSPs, and “Non-Defense” Vendors in the Blast Radius35:15 – CMMC Is Not Going Away (And Other Hard Truths)37:05 – Countdown to FallSend us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Support the show

Začátek třetího kola mírových jednání mezi Afghánistánem a Pákistánem narušily ve čtvrtek další ozbrojené střety na společné hranici. Z porušení příměří se obě země obviňují navzájem. Při víc než týden trvajících bojích v polovině října zahynuly na obou stranách desítky až stovky vojáků i civilistů a trvalý mír se od té doby nepodařilo vyjednat.

If you've ever wanted to throw your laptop out the window after yet another "Your password must include a hieroglyph and a drop of unicorn blood" message, you're not alone.  In this episode, we tackle the chaotic circus that is password creation: the rules, the myths, and the mounting frustration of trying to remember if this is the account that wanted a number, a symbol, or your firstborn's dental records. From the rise of passkeys to the surprising sanity of NIST's latest guidance (finally!), we explore how security might actually be getting smarter and less likely to make you cry into your keyboard. More info at HelpMeWithHIPAA.com/534

Microsoft is actively preparing for the future of quantum-safe cryptography to protect against the potential risks posed by scalable quantum computing. The company is collaborating with global regulatory and technical bodies like NIST, IETF, and ISO to develop and align on quantum-safe encryption standards. You can listen to all of the Quantum Minute episodes at https://QuantumMinute.com. The Quantum Minute is brought to you by Applied Quantum, a leading consultancy and solutions provider specializing in quantum computing, quantum cryptography, quantum communication, and quantum AI. Learn more at https://AppliedQuantum.com.

It's time for Red Flag on the Date, Mike has the Dirt, we play Over/Under and straightening out the stories from Gerry and Theresa from Golden Bachelor. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

The Space Show Presents Arkisys CEO DAVE BARNHART Sunday, 11-2-25David Barnhart (Dave), CEO of Arkisys and research professor at USC, discussed the company's progress in space operations and their unique business platform called “The Port” in Los Alamitos, Ca, including their work with NASA's Astrobee facility and development of a free-flying space platform called “The Port.” The discussion covered various technical aspects including funding sources, modular space platforms, and navigation systems, while addressing challenges in hiring engineers and developing flexible infrastructure for space servicing. The conversation ended with conversations about future plans including lunar applications, and company security measures. Before ending, Dave highlighted the potential environmental impact of satellite debris and mentioned a USC PhD student's research on the topic presented at the United Nations. I referenced future Space Show programs with Hotel Mars Dr. Kothari and Dr. Roger Lanius on Friday to discuss his new book.CEO Dave discussed his role in managing the Astrobee facility, a robotic free flyer inside the International Space Station. He explained that Arkisys, where he works, had taken over the commercial maintenance and operation of Astrobee which is used for microgravity experiments inside the ISS. The facility allows for testing in full 6 degrees of freedom in a zero-G environment, with capabilities for various payloads and operations lasting about 3 hours per session. Our guest noted that while NASA does not pay for the service, it aligns with his company business model focused on services, and they are responsible for helping customers through the necessary paperwork and procedures to use Astrobee.David went on to discuss the development of his free-flying space platform called “The Port,” which will provide a stable environment for autonomous robotics and payload hosting. He explained that the first flight of key technologies, carried by a 250-kilogram vehicle called the Cutter, is planned for late 2026, with the goal of demonstrating rendezvous capabilities with a port module in a 525-kilometer Sun Sync orbit. Barnhart noted that while there is competition in the space infrastructure and logistics sector, the market for hosted payloads and space servicing is projected to grow significantly, with potential revenue from existing markets like hosted payloads.Barnhart discussed his company's funding, which includes government grants, SBIR, STTR, and contracts from DIU and the Space Development Agency. He explained their development of a modular space platform with propulsion capabilities, including the use of chemical systems and potential partnerships with companies using electric propulsion. Barnhart also addressed the challenges of refueling and connecting different interfaces for their platform, noting that they conducted a study on various interfaces worldwide and are working on creating a flexible system for future growth.David discussed the evolution of his satellite concept from a DARPA challenge focused on modular orbital functions to the development of “satlets” and port modules. He explained how the concept of cellularization led to the creation of scalable, multi-functional satellite components that could be aggregated, addressing the challenge of building cost-effective satellites. Barnhart described his company's current size of 4 full-time employees plus himself, with plans to expand to 10-12 people, and mentioned their upcoming move to a larger facility to accommodate growth and develop a flat floor testing platform for robotic arm movements in space.Barnhart further discussed the challenges of hiring engineers for innovative space projects, noting that while experienced engineers are valuable for technical expertise, they may struggle with new concepts, while less experienced engineers might be more adaptable but lack depth. He emphasized the importance of finding a balance between technical expertise and innovative thinking. Ryan inquired about the potential internal applications of the Astrobee partnership with NASA, to which Barnhart confirmed that the learnings would be applied to Arkisys port module for validation and verification post-launch. Barnhart also explained the company's use of an AI-based system, powered by a large language model, to assist in identifying potential issues with connectivity and safety. He highlighted the flexibility of the port module, which can be reconfigured and expanded in multiple dimensions to meet various customer needs, and emphasized the company's focus on creating a versatile infrastructure for space servicing rather than specializing in a single service like refueling.The team discussed navigation systems for their spaceport module, which includes onboard cameras, GPS, IMU, and a partnership with Fugro for high-precision navigation down to centimeter accuracy using differential GPS and L-band signals. Dave explained their power management strategy, noting they have 500 watts on the cutter and plan for 1,000-1,500 watts on the port module, with power optimization software to manage shared infrastructure. Marshall inquired about lunar applications, to which he confirmed the system could be adapted for lunar and Mars orbits, including potential use as a communications router to handle different frequency standards around the moon.David also discussed the challenges of selecting the right mix of connectors for their first port module to ensure flexibility over the next five years, particularly in light of Europe's space servicing push. He mentioned they have letters of intent from prospective customers and have conducted over 20 tests with 15 different types of customers using a full-scale port module mock-up. Barnhart also addressed cyber and IT theft protection, noting they are NIST certified and going through the audit process for CMMC, with a focus on mitigating attacks from overseas. He explained they are developing software for security, including the ability to encrypt payload data with customer-specific keys, and are allocating 5% of their monthly budget to IT security.David Barnhart discussed the company's approach to satellite connectivity, explaining they are working with AWS ground stations and exploring optical beam communication options. He addressed Marshall's question about interfacing with satellite constellations, noting they are currently independent but considering multiple ground station providers. Our guest responded to David's question about succession planning, confirming they have explored directors and key people insurance and identified Dr. Raul Rugani as a potential successor. Ryan inquired about the company's growth strategy, to which he explained they are focusing on key modularization challenges while being open to partnerships for specialized technologies like robotics, with the goal of creating flexible port modules that can accommodate various capabilities.Dave discussed the challenges and potential solutions for exploring lava tubes on Mars using a modified Ingenuity helicopter, emphasizing the need for a hybrid approach involving both aerial and rover-based systems. He explained the technology behind cave navigation using SLAM and highlighted the importance of energy and data distribution. Barnhart also described the Bosun Locker project, which provides students with 3D printable files to design and test hardware for space applications. Additionally, he addressed the environmental impact of space debris reentering the Earth's atmosphere, noting the potential for nanoparticles to affect the atmosphere's composition and radiation effects.David and Dave discussed the upcoming Thanksgiving holiday and both expressed gratitude to the Space Show team. They encouraged listeners to support the show through donations and subscriptions. David mentioned the next shows will feature Dr. Roger Lanius, then an open lines discussion.Special thanks to our sponsors:Northrup Grumman, American Institute of Aeronautics and Astronautics, Helix Space in Luxembourg, Celestis Memorial Spaceflights, Astrox Corporation, Dr. Haym Benaroya of Rutgers University, The Space Settlement Progress Blog by John Jossy, The Atlantis Project, and Artless EntertainmentOur Toll Free Line for Live Broadcasts: 1-866-687-7223 (Not in service at this time)For real time program participation, email Dr. Space at: drspace@thespaceshow.com for instructions and access.The Space Show is a non-profit 501C3 through its parent, One Giant Leap Foundation, Inc. To donate via Pay Pal, use:To donate with Zelle, use the email address: david@onegiantleapfoundation.org.If you prefer donating with a check, please make the check payable to One Giant Leap Foundation and mail to:One Giant Leap Foundation, 11035 Lavender Hill Drive Ste. 160-306 Las Vegas, NV 89135Upcoming Programs:Broadcast 4457: ZOOM Dr. Roger Launius | Friday 07 Nov 2025 930AM PTGuests: Dr. Roger LauniusZoom: Dr. Launius talks about his new book, “NACA to NASA to Now.”Broadcast 4458 ZOOM Open Lines Discussion | Sunday 09 Nov 2025 1200PM PTGuests: Dr. David LivingstonZoom: Open Lines Discussion Get full access to The Space Show-One Giant Leap Foundation at doctorspace.substack.com/subscribe

Shandy is thrilled to welcome Theresa Nist for an EXCLUSIVE in-studio conversation. You know Theresa as the winner of the mega-hit season 1 of The Golden Bachelor. She wound up engaged to Gerry Turner, their televised wedding was watched by millions, but they announced their divorce only 3 months later. What *really* happened behind the scenes, after the wedding, and after the cameras turned off?In light of Gerry's new tell-all book describing his version of events, Theresa sits down with Shandy for her most raw, unfiltered interview to date. How did it feel for Theresa to learn that Gerry wondered if he should have chosen his runner-up, Leslie? Did she mislead Gerry about quitting her career, did she misrepresent her finances, and did she read "How To Win The Bachelor" during filming, as he claimed in the book? Did she really make Gerry sleep on the sofa?! Theresa is normally very private but could not stay silent in light of the book's many accusations. Do not miss her brutally honest account.Thanks to our sponsors!- Go to https://www.squarespace.com/SHANDY and use code SHANDY for 10% off your first website or domain!- Get up to 40% off your entire order at https://laundrysauce.com/SHANDY (their biggest sale of the year!)- Go to https://mudwtr.com and use code SHANDY to get up to 43% off your entire order, Free Shipping and a Free Rechargeable Frother!More Theresa:- Instagram: https://www.instagram.com/theresa_nist- TikTok: https://www.tiktok.com/@theresa_nistPast Dear Shandy episodes covering Gerry & Theresa:- Love Fest: https://youtu.be/hWCr91mBGb0?si=LOOwxXqEToxIpIBY- Golden Divorce: https://youtu.be/PyiFysUZJMc?si=OzqnEI2Ee4_gm8gSTime Stamps:0:00 - Welcome To Theresa Nist10:08 - Leslie19:32 - Temper22:22 - “East Coast Mentality”27:44 - Finances, Her Work, The Prenup42:18 - Lifestyle45:00 - House Shopping47:50 - Her Home49:26 - Physical Intimacy55:50 - Her Intentions1:05:59 - Her Character1:16:05 - Regrets1:20:18 - Message To GerryIf you have a relationship question, write us at: dearshandy@gmail.comSubscribe and watch the episodes on YouTube! https://bit.ly/SubscribeDearShandyMore Dear ShandyInstagram - https://www.instagram.com/dearshandyFacebook - https://fb.me/dearshandyMore SharleenInstagram - https://www.instagram.com/sharleenjoyntBlog - http://www.alltheprettypandas.comMore AndyInstagram - https://www.instagram.com/machinelevineProduced by Gabrielle Galon - https://www.instagram.com/gabsamillionSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Live from Authenticate 2025, Jeff Steadman and Jim McDonald sit down with Dr. Tina Srivastava, an IDPro board member and co-founder of Badge Inc., for a crucial discussion on the rapidly evolving landscape of identity and authentication.Tina shares her insights on the conference, the evolution from physical hacks to sophisticated AI-driven threats like supercharged phishing, and the current challenges facing the industry. The conversation delves into the complexities of synced Passkeys, the critical vulnerability of account recovery processes, and the slow pace of regulation in keeping up with technology.As a board member for IDPro, Tina highlights the immense value of the practitioner-focused community, the supportive culture within its Slack channels, and makes an exciting announcement about the creation of new member-driven committees to shape the future of the organization. They explore the concept of the "AI arms race" and why identity professionals cannot afford to wait for the next big thing, emphasizing that collaboration and information sharing through communities like IDPro are essential to staying ahead of adversaries.Connect with Tina: https://www.linkedin.com/in/tina-s-8291438a/Find out more about IDPro: https://www.idpro.org/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapters00:00 Introduction and Greetings00:16 Highlights from Authenticate 202501:39 FIDO Feud Rematch Discussion03:17 Guest Introduction: Tina Srivastava03:46 Conference Insights and AI Challenges06:16 Regulatory Environment and Passkeys09:11 Phishing and AI Supercharged Attacks12:28 QR Codes and Accessibility Issues13:09 The Importance of Phishing Resistant Authentication22:24 IDPro Community and Practitioner Support25:18 Community Support and Engagement26:26 IDPro's Role in Identity Events27:48 Future Directions for IDPro29:19 Introducing Committees in IDPro30:39 AI and Identity Verification37:07 The Importance of Information Sharing45:35 Public Speaking and Personal Growth50:58 Conclusion and Final ThoughtsKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Tina Srivastava, IDPro, Authenticate 2025, Passkeys, AI, Artificial Intelligence, Cybersecurity, Phishing, Deepfakes, Authentication, Account Recovery, Biometrics, Identity and Access Management, IAM, NIST, Regulation, Identity Verification, Synced Passkeys, FIDO Alliance

Live from #DCDVirginia 2025, Alexandra Bromson, Managing Director of Origination at Available Infrastructure, joins JSA TV to discuss the urgent need for national security-grade cyber protection for smart cities and digital infrastructure.In this discussion, Alexandra breaks down the serious risks of "AI Poisoning" where attackers corrupt AI models by feeding them bad data and how it can be used to cause serious risk to operations, safety and reputation.Learn how Available Infrastructure's SanQtum AI platform provides a defense, using a CISA-compliant zero trust architecture, NIST-approved quantum-resilient encryption, and a nationwide fleet of quantum-ready micro data centers to protect the future of AI. #CriticalInfrastructure #Cybersecurity #AIPoisoning

NIST recently selected a second Key Exchange Module (KEM) among the PQC algorithms, HQC. We explain this code-based algorithm.

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

VHEADLINE: DeepSeek AI: Chinese LLM Performance and Security Flaws Revealed Amid Semiconductor Export Circumvention GUEST NAME: Jack Burnham SUMMARY: John Batchelor speaks with Jack Burnham about competition in Large Language Models between the US and China's DeepSeek. A NIST study found US models superior in software engineering, though DeepSeek showed parity in scientific questions. Critically, DeepSeek models exhibited significant security flaws. China attempts to circumvent US export controls on GPUs by smuggling and using cloud computing centers in Southeast Asia. Additionally, China aims to dominate global telecommunications through control of supply chains and legal mechanisms granting the CCP access to firm data.E 1959

CBS EYE ON THE WORLD WITH JOHN BATCHELOR 1900 KYIV THE SHOW BEGINS IN THE DOUBTS THAT CONGRESS IS CAPABLE OF CUTTING SPENDING..... 10-8-25 FIRST HOUR 9-915 HEADLINE: Arab Intellectuals Fail Palestinians by Prioritizing Populism and Victimhood Narrative in Gaza ConflictGUEST NAME: Hussain Abdul-Hussain SUMMARY: John Batchelor speaks with Hussain Abdul-Hussain about Hamas utilizing the power of victimhood to justify atrocities and vilify opponents. Arab and Muslim intellectuals have failed Palestinians by prioritizing populism over introspection and self-critique. Regional actors like Egypt prioritize populist narratives over national interests, exemplified by refusing to open the Sinai border despite humanitarian suffering. The key recommendation is challenging the narrative and fostering a reliable, mature Palestinian government. 915-930 HEADLINE: Arab Intellectuals Fail Palestinians by Prioritizing Populism and Victimhood Narrative in Gaza ConflictGUEST NAME: Hussain Abdul-Hussain SUMMARY: John Batchelor speaks with Hussain Abdul-Hussain about Hamas utilizing the power of victimhood to justify atrocities and vilify opponents. Arab and Muslim intellectuals have failed Palestinians by prioritizing populism over introspection and self-critique. Regional actors like Egypt prioritize populist narratives over national interests, exemplified by refusing to open the Sinai border despite humanitarian suffering. The key recommendation is challenging the narrative and fostering a reliable, mature Palestinian government. 930-945 HEADLINE: Russian Oil and Gas Revenue Squeezed as Prices Drop, Turkey Shifts to US LNG, and China Delays Pipeline GUEST NAME: Michael Bernstam SUMMARY: John Batchelor speaks with Michael Bernstam about Russia facing severe budget pressure due to declining oil prices projected to reach $40 per barrel for Russian oil and global oil surplus. Turkey, a major buyer, is abandoning Russian natural gas after signing a 20-year LNG contract with the US. Russia refuses Indian rupee payments, demanding Chinese renminbi, which India lacks. China has stalled the major Power of Siberia 2 gas pipeline project indefinitely. Russia utilizes stablecoin and Bitcoin via Central Asian banks to circumvent payment sanctions. 945-1000 HEADLINE: UN Snapback Sanctions Imposed on Iran; Debate Over Nuclear Dismantlement and Enrichment GUEST NAME: Andrea Stricker SUMMARY: John Batchelor speaks with Andrea Stricker about the US and Europe securing the snapback of UN sanctions against Iran after 2015 JCPOA restrictions expired. Iran's non-compliance with inspection demands triggered these severe sanctions. The discussion covers the need for full dismantlement of Iran's nuclear program, including both enrichment and weaponization capabilities, to avoid future conflict. Concerns persist about Iran potentially retaining enrichment capabilities through low-level enrichment proposals and its continued non-cooperation with IAEA inspections. SECOND HOUR 10-1015 HEADLINE: Commodities Rise and UK Flag Controversy: French Weather, Market Trends, and British Politics GUEST NAME: Simon Constable SUMMARY: John Batchelor speaks with Simon Constable about key commodities like copper up 16% and steel up 15% signaling strong economic demand. Coffee prices remain very high at 52% increase. The conversation addresses French political turmoil, though non-citizens cannot vote. In the UK, the St. George's flag has become highly controversial, viewed by some as associated with racism, unlike the Union Jack. This flag controversy reflects a desire among segments like the white working class to assert English identity. 1015-1030 HEADLINE: Commodities Rise and UK Flag Controversy: French Weather, Market Trends, and British Politics GUEST NAME: Simon Constable SUMMARY: John Batchelor speaks with Simon Constable about key commodities like copper up 16% and steel up 15% signaling strong economic demand. Coffee prices remain very high at 52% increase. The conversation addresses French political turmoil, though non-citizens cannot vote. In the UK, the St. George's flag has become highly controversial, viewed by some as associated with racism, unlike the Union Jack. This flag controversy reflects a desire among segments like the white working class to assert English identity. 1030-1045 HEADLINE: China's Economic Contradictions: Deflation and Consumer Wariness Undermine GDP Growth ClaimsGUEST NAME: Fraser Howie SUMMARY: John Batchelor speaks with Fraser Howie about China facing severe economic contradictions despite high World Bank forecasts. Deflation remains rampant with frequently negative CPI and PPI figures. Consumer wariness and high youth unemployment at one in seven persist throughout the economy. The GDP growth figure is viewed as untrustworthy, manufactured through debt in a command economy. Decreased container ship arrivals point to limited actual growth, exacerbated by higher US tariffs. Economic reforms appear unlikely as centralization under Xi Jinping continues. 1045-1100 HEADLINE: Takaichi Sanae Elected LDP Head, Faces Coalition Challenge to Become Japan's First Female Prime Minister GUEST NAME: Lance Gatling SUMMARY: John Batchelor speaks with Lance Gatling about Takaichi Sanae being elected head of Japan's LDP, positioning her to potentially become the first female Prime Minister. A conservative figure, she supports visits to the controversial Yasukuni Shrine. Her immediate challenge is forming a majority coalition, as the junior partner Komeito disagrees with her conservative positions and social policies. President Trump praised her election, signaling potential for strong bilateral relations. THIRD HOUR 1100-1115 VHEADLINE: DeepSeek AI: Chinese LLM Performance and Security Flaws Revealed Amid Semiconductor Export Circumvention GUEST NAME: Jack Burnham SUMMARY: John Batchelor speaks with Jack Burnham about competition in Large Language Models between the US and China's DeepSeek. A NIST study found US models superior in software engineering, though DeepSeek showed parity in scientific questions. Critically, DeepSeek models exhibited significant security flaws. China attempts to circumvent US export controls on GPUs by smuggling and using cloud computing centers in Southeast Asia. Additionally, China aims to dominate global telecommunications through control of supply chains and legal mechanisms granting the CCP access to firm data.E V 1115-1130 HEADLINE: DeepSeek AI: Chinese LLM Performance and Security Flaws Revealed Amid Semiconductor Export Circumvention GUEST NAME: Jack Burnham SUMMARY: John Batchelor speaks with Jack Burnham about competition in Large Language Models between the US and China's DeepSeek. A NIST study found US models superior in software engineering, though DeepSeek showed parity in scientific questions. Critically, DeepSeek models exhibited significant security flaws. China attempts to circumvent US export controls on GPUs by smuggling and using cloud computing centers in Southeast Asia. Additionally, China aims to dominate global telecommunications through control of supply chains and legal mechanisms granting the CCP access to firm data. 1130-1145 HEADLINE: Taiwanese Influencer Charged for Threatening President; Mainland Chinese Influence Tactics ExposedGUEST NAME: Mark Simon SUMMARY: John Batchelor speaks with Mark Simon about internet personality Holger Chen under investigation in Taiwan for calling for President William Lai's decapitation. This highlights mainland Chinese influence operations utilizing influencers who push themes of military threat and Chinese greatness. Chen is suspected of having a mainland-affiliated paymaster due to lack of local commercial support. Taiwan's population primarily identifies as Taiwanese and is unnerved by constant military threats. A key propaganda goal is convincing Taiwan that the US will not intervene. 1145-1200 HEADLINE: Sentinel ICBM Modernization is Critical and Cost-Effective Deterrent Against Great Power CompetitionGUEST NAME: Peter Huessy SUMMARY: John Batchelor speaks with Peter Huessy about the Sentinel program replacing aging 55-year-old Minuteman ICBMs, aiming for lower operating costs and improved capabilities. Cost overruns stem from necessary infrastructure upgrades, including replacing thousands of miles of digital command and control cabling and building new silos. Maintaining the ICBM deterrent is financially and strategically crucial, saving hundreds of billions compared to relying solely on submarines. The need for modernization reflects the end of the post-Cold War "holiday from history," requiring rebuilding against threats from China and Russia. FOURTH HOUR 12-1215 HEADLINE: Supreme Court Battles Over Presidential Impoundment Authority and the Separation of Powers GUEST NAME: Josh Blackman SUMMARY: John Batchelor speaks with Josh Blackman about Supreme Court eras focusing on the separation of powers. Currently, the court is addressing presidential impoundment—the executive's authority to withhold appropriated funds. Earlier rulings, particularly 1975's Train v. City of New York, constrained this power. The Roberts Court appears sympathetic to reclaiming presidential authority lost during the Nixon era. The outcome of this ongoing litigation will determine the proper balance between executive and legislative branches. 1215-1230 HEADLINE: Supreme Court Battles Over Presidential Impoundment Authority and the Separation of Powers GUEST NAME: Josh Blackman SUMMARY: John Batchelor speaks with Josh Blackman about Supreme Court eras focusing on the separation of powers. Currently, the court is addressing presidential impoundment—the executive's authority to withhold appropriated funds. Earlier rulings, particularly 1975's Train v. City of New York, constrained this power. The Roberts Court appears sympathetic to reclaiming presidential authority lost during the Nixon era. The outcome of this ongoing litigation will determine the proper balance between executive and legislative branches. 1230-1245 HEADLINE: Space Force Awards Contracts to SpaceX and ULA; Juno Mission Ending, Launch Competition Heats UpGUEST NAME: Bob Zimmerman SUMMARY: John Batchelor speaks with Bob Zimmerman about Space Force awarding over $1 billion in launch contracts to SpaceX for five launches and ULA for two launches, highlighting growing demand for launch services. ULA's non-reusable rockets contrast with SpaceX's cheaper, reusable approach, while Blue Origin continues to lag behind. Other developments include Firefly entering defense contracting through its Scitec acquisition, Rocket Lab securing additional commercial launches, and the likely end of the long-running Juno Jupiter mission due to budget constraints. 1245-100 AM HEADLINE: Space Force Awards Contracts to SpaceX and ULA; Juno Mission Ending, Launch Competition Heats UpGUEST NAME: Bob Zimmerman SUMMARY: John Batchelor speaks with Bob Zimmerman about Space Force awarding over $1 billion in launch contracts to SpaceX for five launches and ULA for two launches, highlighting growing demand for launch services. ULA's non-reusable rockets contrast with SpaceX's cheaper, reusable approach, while Blue Origin continues to lag behind. Other developments include Firefly entering defense contracting through its Scitec acquisition, Rocket Lab securing additional commercial launches, and the likely end of the long-running Juno Jupiter mission due to budget constraints.

VHEADLINE: DeepSeek AI: Chinese LLM Performance and Security Flaws Revealed Amid Semiconductor Export Circumvention GUEST NAME: Jack Burnham SUMMARY: John Batchelor speaks with Jack Burnham about competition in Large Language Models between the US and China's DeepSeek. A NIST study found US models superior in software engineering, though DeepSeek showed parity in scientific questions. Critically, DeepSeek models exhibited significant security flaws. China attempts to circumvent US export controls on GPUs by smuggling and using cloud computing centers in Southeast Asia. Additionally, China aims to dominate global telecommunications through control of supply chains and legal mechanisms granting the CCP access to firm data. 1942