Podcasts about nist

Can we build technology today to defend against the threats of tomorrow? This week, Technology Now concludes a double episode on post quantum cryptography and explores the subject of firmware, why it's imperative that it be protected against quantum attacks and why a simple update can't solve every problem. Nigel Edwards, Director of the Security Lab at HPE Labs, tells us more.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Aubrey Lovell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations.About Nigel: https://www.linkedin.com/in/nigel-edwards-170591/?originalSubdomain=ukSources: https://www.theatlantic.com/technology/archive/2016/01/the-long-and-winding-history-of-encryption/423726/https://www.theqrl.org/blog/history-of-cryptography-behind-the-code-episode-1/https://www.theguardian.com/science/2025/may/07/todays-ai-can-crack-second-world-war-enigma-code-in-short-order-experts-say

On today's episode of Govcon Giants, I sit down with Jason Miller, Executive Editor of Federal News Network, to unpack the chaos shaking the government contracting community. Over the last 4–6 months, we've seen partnerships shrink, contracts cut, and entire workforces pushed into early retirement. Jason pulls back the curtain on GSA consolidation, NASA SEWP, consulting contract crackdowns, and the uncertainty surrounding CMMC, NIST 800-171, and small business programs like 8(a). This isn't just noise—it's a direct hit on how small businesses survive and thrive in the federal marketplace. Jason and I go deep on the big numbers—25,000 fewer staff at GSA, programs like CIO-SP3 still stuck in protest, and the seven-year delay of CMMC rollout that's left contractors dangerously exposed. We also discuss how the Trump administration's aggressive cost-cutting, paired with industry silence, could cripple government contractors who refuse to speak up. If you're counting on the old rules to keep you safe, think again—this episode is your wake-up call. Connect with Jason: LinkedIn account: https://www.linkedin.com/in/jasonmillerfnn/ LinkedIn corporate: https://www.linkedin.com/company/federal-news-network/posts/?feedView=all Link to your company: https://federalnewsnetwork.com/  

In this episode of Cybersecurity Today, host Jim Love discusses recent developments in cybersecurity, including a method to bypass GPT5 model safeguards, malware issues in the Google Play Store, NIST's new AI-specific security controls, and a cyber attack that led to a government shutdown in Nevada. The episode also covers a CRM-related breach linked to the Shiny Hunters collective, who used OAuth tokens to gain unauthorized access. Key takeaways emphasize the need for stronger security frameworks and vigilance against evolving cyber threats. 00:00 Introduction and Overview 00:27 Exploiting GPT-5: A Simple Prompt Attack 02:20 Google Play Store's Malware Struggles 04:11 NIST's New AI Security Controls 06:06 Nevada Government Cyber Attack 08:23 Shiny Hunters' CRM Breach 10:41 Conclusion and Contact Information

If you like what you hear, please subscribe, leave us a review and tell a friend!

In this edition of Campus Technology Insider Podcast Shorts, host Rhea Kelly covers the latest news in education technology. Highlights include the National Institute of Standards and Technology's new guidelines for securing AI systems, Wiley's introduction of innovative AI tools for the zyBooks platform to enhance STEM education, and Columbia Engineering's HyperQ, which virtualizes quantum computing for simultaneous user access. Tune in for more on these exciting developments. 00:00 Introduction and Host Welcome 00:15 NIST's New AI Security Guidelines 00:50 Wiley's AI Tools for STEM Education 01:18 Columbia Engineering's HyperQ Innovation 01:54 Conclusion and Further Resources Source links: NIST Proposes New Cybersecurity Guidelines for AI Systems Wiley Introduces New AI Courseware Tools Columbia Engineering Researchers Develop Cloud-Style Virtualization for Quantum Computing Campus Technology Insider Podcast Shorts are curated by humans and narrated by AI.

This segment is sponsored by Flashpoint. Visit https://securityweekly.com/flashpoint to learn more about them! Recent leaks tied to LockBit and Black Basta have exposed the inner workings of two of the most notorious ransomware groups—revealing their tactics, negotiation strategies, and operational infrastructure. For defenders, this rare window into adversary behavior offers critical intelligence to strengthen incident response and prevention strategies. In this interview, we'll break down what these leaks reveal and how security teams can use this intelligence to proactively harden their defenses, including: Key takeaways from the LockBit and Black Basta leaks—and what they confirm about ransomware operations How leaked playbooks, chats, and toolkits can inform detection and response Practical steps to defend against modern ransomware tactics in 2025 In the security news: Practical exploit code Old vulnerabilities, new attackers AI and web scraping - the battle continues 0-Days: You gotta prove it WinRAR 0-Day LLM patch diffing $20 million bug bounty Your APT is showing Hacking from the routers Its that easy eh? NIST guidance on AI Words have meaning Developers knowingly push vulnerable code My Hackberry PI post is live: https://eclypsium.com/blog/build-the-ultimate-cyberdeck-hackberry-pi/ Resources: Inside the LockBit Leak: Rare Insights Into Their Operations: https://flashpoint.io/blog/inside-the-lockbit-leak/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR 2025 Ransomware Survival Guide: https://flashpoint.io/resources/e-book/2025-ransomware-survival-guide/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR AI and Threat Intelligence: The Defenders' Guide https://go.flashpoint.io/ai-and-threat-intelligence-guide?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-888

Why do quantum computers pose a threat to governments? This week Technology Now starts a two part dive into quantum computing. In this first episode, we ask: how are governments preparing to mitigate the threat posed by a hypothetical quantum computer which could be invented. Ken Rich, Federal CTO at HPE tells us more.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Aubrey Lovell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations.About Ken Rich:https://www.linkedin.com/in/kenrich111/Sources:https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptographyhttps://www.britannica.com/technology/quantum-computerhttps://www.livescience.com/technology/computing/history-of-quantum-computing-key-moments-that-shaped-the-future-of-computingShor, Peter W.. “Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer.” SIAM Rev. 41 (1995): 303-332.P. W. Shor, "Algorithms for quantum computation: discrete logarithms and factoring," Proceedings 35th Annual Symposium on Foundations of Computer Science, Santa Fe, NM, USA, 1994, pp. 124-134, doi: 10.1109/SFCS.1994.365700.https://www.newscientist.com/article/2399246-record-breaking-quantum-computer-has-more-than-1000-qubits/

This segment is sponsored by Flashpoint. Visit https://securityweekly.com/flashpoint to learn more about them! Recent leaks tied to LockBit and Black Basta have exposed the inner workings of two of the most notorious ransomware groups—revealing their tactics, negotiation strategies, and operational infrastructure. For defenders, this rare window into adversary behavior offers critical intelligence to strengthen incident response and prevention strategies. In this interview, we'll break down what these leaks reveal and how security teams can use this intelligence to proactively harden their defenses, including: Key takeaways from the LockBit and Black Basta leaks—and what they confirm about ransomware operations How leaked playbooks, chats, and toolkits can inform detection and response Practical steps to defend against modern ransomware tactics in 2025 In the security news: Practical exploit code Old vulnerabilities, new attackers AI and web scraping - the battle continues 0-Days: You gotta prove it WinRAR 0-Day LLM patch diffing $20 million bug bounty Your APT is showing Hacking from the routers Its that easy eh? NIST guidance on AI Words have meaning Developers knowingly push vulnerable code My Hackberry PI post is live: https://eclypsium.com/blog/build-the-ultimate-cyberdeck-hackberry-pi/ Resources: Inside the LockBit Leak: Rare Insights Into Their Operations: https://flashpoint.io/blog/inside-the-lockbit-leak/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR 2025 Ransomware Survival Guide: https://flashpoint.io/resources/e-book/2025-ransomware-survival-guide/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR AI and Threat Intelligence: The Defenders' Guide https://go.flashpoint.io/ai-and-threat-intelligence-guide?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR Show Notes: https://securityweekly.com/psw-888

This segment is sponsored by Flashpoint. Visit https://securityweekly.com/flashpoint to learn more about them! Recent leaks tied to LockBit and Black Basta have exposed the inner workings of two of the most notorious ransomware groups—revealing their tactics, negotiation strategies, and operational infrastructure. For defenders, this rare window into adversary behavior offers critical intelligence to strengthen incident response and prevention strategies. In this interview, we'll break down what these leaks reveal and how security teams can use this intelligence to proactively harden their defenses, including: Key takeaways from the LockBit and Black Basta leaks—and what they confirm about ransomware operations How leaked playbooks, chats, and toolkits can inform detection and response Practical steps to defend against modern ransomware tactics in 2025 In the security news: Practical exploit code Old vulnerabilities, new attackers AI and web scraping - the battle continues 0-Days: You gotta prove it WinRAR 0-Day LLM patch diffing $20 million bug bounty Your APT is showing Hacking from the routers Its that easy eh? NIST guidance on AI Words have meaning Developers knowingly push vulnerable code My Hackberry PI post is live: https://eclypsium.com/blog/build-the-ultimate-cyberdeck-hackberry-pi/ Resources: Inside the LockBit Leak: Rare Insights Into Their Operations: https://flashpoint.io/blog/inside-the-lockbit-leak/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR 2025 Ransomware Survival Guide: https://flashpoint.io/resources/e-book/2025-ransomware-survival-guide/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR AI and Threat Intelligence: The Defenders' Guide https://go.flashpoint.io/ai-and-threat-intelligence-guide?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-888

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

Send us a textProfessor JRod makes a triumphant return to Technology Tap after a year-long hiatus, bringing listeners up to speed on his personal journey and diving straight into Security Plus 701 fundamentals. Having completed his doctorate and subsequently focusing on his health—resulting in an impressive 50-pound weight loss—he reconnects with his audience with the same passion and expertise that made his podcast popular.The heart of this comeback episode centers on essential cybersecurity concepts, beginning with the CIA triad (confidentiality, integrity, availability) that forms the foundation of information security. Professor J-Rod expertly breaks down complex frameworks including NIST, ISO/IEC standards, and compliance-driven approaches like HIPAA and GDPR, explaining how organizations should select frameworks based on their specific industry requirements.With his trademark clear explanations, he walks listeners through the process of gap analysis—a methodical approach to identifying differences between current security postures and desired standards. The episode then transitions to a comprehensive overview of access control models, including Discretionary, Mandatory, Role-Based, Attribute-Based, and Rule-Based controls, each illustrated with practical examples that bring abstract concepts to life.What sets this episode apart is the interactive element, as Professor JRod concludes with practice questions that challenge listeners to apply their newly acquired knowledge. This practical approach bridges the gap between theory and real-world implementation, making complex security concepts accessible to professionals and students alike. Whether you're preparing for certification or simply expanding your cybersecurity knowledge, this return episode delivers valuable insights from an educator who clearly missed sharing his expertise with his audience.Support the showIf you want to help me with my research please e-mail me.Professorjrod@gmail.comIf you want to join my question/answer zoom class e-mail me at Professorjrod@gmail.comArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

Industrial Talk is talking to Sandy Carielli, Vice President at Forrester Research about "Quantum Computing Cybersecurity". Scott Mackenzie and Sandy Carielli discuss the implications of quantum computing on cybersecurity. Quantum computers could potentially break today's public key cryptography, compromising data security. Carielli highlights the importance of transitioning to new, quantum-resistant algorithms, such as those developed by NIST. She emphasizes the urgency for organizations, especially government agencies and financial institutions, to start this migration process. Carielli also warns of the "harvest now, decrypt later" attack scenario, where data is intercepted today and decrypted later with a future quantum computer. The conversation underscores the need for proactive measures to ensure digital trust and security. Action Items [ ] Conduct a cryptographic discovery exercise to inventory the algorithms and protocols currently in use across the organization. [ ] Bring together a cross-functional team to assess the organization's exposure to quantum computing threats and start the process of migrating to post-quantum cryptography. [ ] Incorporate requirements for quantum-resistant cryptography in procurement processes and vendor SLAs. [ ] Prioritize the migration of high-value, long-term data and systems that rely on digital signatures. Outline Introduction and Purpose of Industrial Talk Podcast Scott MacKenzie thanks listeners for their support and highlights the platform's dedication to celebrating achievements and amplifying messages. Scott MacKenzie praises Sandy Carielli from Forrester Research for her contributions to quantum computing and cybersecurity. The conversation aims to explore the transformative impact of quantum computing on cybersecurity. Scott MacKenzie's Perspective on Innovation and Technology Scott MacKenzie discusses the importance of creating content and demonstrating the human side of professionals in various industries. He emphasizes the need for companies to adapt to new technologies and innovations to remain successful. Scott MacKenzie shares themes from his conversations with industrial leaders, such as the importance of education, collaboration, and innovation. He highlights the need for companies to be nimble, trusted, and passionate about solving challenges. Introduction to Sandy Carielli and Quantum Computing Scott MacKenzie introduces Sandy Carielli and her work at Forrester Research on quantum computing and cybersecurity. Sandy Carielli explains the process of selecting topics for research at Forrester, including trends, market exposure, and regulatory changes. The conversation touches on the rapid evolution of technologies and the importance of staying current. Sandy Carielli mentions the annual top 10 emerging technologies report published by Forrester. Quantum Computing and Its Impact on Cybersecurity Sandy Carielli provides an overview of quantum computing and its potential to break today's public key cryptography. She explains the concept of public key cryptography and its role in securing communications and transactions. The discussion covers the potential risks posed by nation-states developing quantum computers and the need for cybersecurity measures. Sandy Carielli highlights the efforts to develop new cryptographic algorithms resistant to quantum computers. Preparing for Quantum...

Plex urges users to immediately update their Media Server due to an undisclosed security flaw. Cisco warns of a critical remote code execution flaw in their Secure Firewall Management Center software.Rockwell Automation discloses multiple critical and high-severity flaws. Hackers breached a Canadian House of Commons database. Active law enforcement and government email accounts are sold online for as little as $40. Telecom giant Colt Technology Services suffers a cyber incident disrupting its customer portal. Taiwan launches new measures to boost hospital cybersecurity after ransomware attacks.  NIST has released a concept paper proposing control overlays for securing AI systems. A date with an AI chatbot ends in tragedy. Our guest is Randall Degges, Snyk's Head of Developer and Security Relations, to discuss how underqualified or outsourced coding support can open doors for nation-state threats. Dutch speed cameras are stuck in a cyber-induced siesta. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Randall Degges, Snyk's Head of Developer and Security Relations, to discuss how underqualified or outsourced coding support can open doors for nation-state threats. Selected Reading Plex warns users to patch security vulnerability immediately (Bleeping Computer) Cisco Discloses Critical RCE Flaw in Firewall Management Software (Infosecurity Magazine) Critical Flaws Patched in Rockwell FactoryTalk, Micro800, ControlLogix Products (SecurityWeek) CISA Releases Thirty-Two Industrial Control Systems Advisories (CISA.gov) Hackers Breach Canadian Government Via Microsoft Exploit (Bank Infosecurity) Compromised Government and Police Email Accounts on the Dark Web (Abnormal.AI) Telco giant Colt suffers attack, takes systems offline (The Register) Taiwan announces measures to protect hospitals from hackers (Focus Taiwan) New NIST Concept Paper Outlines AI-Specific Cybersecurity Framework (Hack Read) A flirty Meta AI bot invited a retiree to meet. He never made it home. (Reuters) Dutch prosecution service attack keeps speed cameras offline (The Register) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Cybersecurity and Infrastructure Security Agency (CISA) is facing significant criticism from state and local officials who feel abandoned due to diminishing federal support for critical cybersecurity programs. Many officials are concerned about their increasing reliance on self-driven initiatives, especially after cuts to the Multi-State Information Sharing and Analysis Center, which has been a crucial source of cybersecurity intelligence for over two decades. A recent survey revealed that a substantial portion of state and local governments lack adequate funding for cybersecurity, with 22% allocating no funds and 42% operating with annual budgets of less than $100,000. This situation raises alarms about the potential for increased vulnerability to cyberattacks, particularly from nation-state actors.In response to the evolving landscape of artificial intelligence, the National Institute of Standards and Technology (NIST) is developing new security guidance aimed at addressing the associated risks. This initiative will clarify how AI interacts with cybersecurity, focusing on securing AI systems, the adversarial use of AI, and leveraging AI to enhance cybersecurity measures. Additionally, a bipartisan bill known as the Validation and Evaluation for Trustworthy Artificial Intelligence Act has been reintroduced in the Senate, aiming to establish guidelines for the responsible development and testing of AI systems. House appropriators are also proposing a significant funding increase for NIST, reflecting a commitment to bolster cybersecurity and innovation.The Federal Risk Management and Authorization Program (FedRAMP) has made strides in streamlining the approval process for government cloud services, achieving a significant reduction in wait times from over a year to approximately five weeks. This shift is part of a broader trend toward more efficient cloud authorization processes, with FedRAMP already approving more than twice as many services in fiscal year 2025 compared to the previous year. This development presents an opportunity for businesses to leverage FedRAMP-authorized stacks for government-related buyers and to build migration strategies accordingly.OpenAI has recently updated its ChatGPT platform, introducing new models and third-party tool connectors while facing scrutiny over the performance and security of its latest model, GPT-5. Despite the introduction of various user-focused options, security assessments have revealed significant vulnerabilities in GPT-5, prompting concerns about its safety and reliability. As companies like ConnectWise implement new credit card surcharges and adjust their workforce in response to market demands, the overarching theme emphasizes the need for operational discipline and strategic planning in navigating the evolving technology landscape. Four things to know today 00:00 Shrinking Cyber Budgets, Emerging AI Rules, and Streamlined FedRAMP Signal Shifts for IT Providers06:43 From Security to SaaS Management, Vendors Roll Out Agentic Features for IT Service Providers10:25 OpenAI Expands GPT-5 Options, Adds Connectors, but Faces Early Security Backlash13:41 ConnectWise Adds Credit Card Surcharges, Trims Staff in Strategic Realignment  Supported by:  https://syncromsp.com/   Tell us about a newsletter!https://bit.ly/biztechnewsletter  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

In Episode 185 of The Citrix Session, Andy Whiteside, Bill Sutton, and Todd Smith explore how Citrix NetScaler is evolving into a true Swiss Army knife for security—delivering protection not just for Citrix workloads, but for all applications. The conversation dives into the looming challenge of quantum computing and the “harvest now, decrypt later” threat, where bad actors collect encrypted data today to exploit when quantum capabilities emerge.Todd and Bill unpack how NetScaler is leading the way with post-quantum cryptography (PQC) readiness, new encryption standards aligned with NIST guidelines, and GA support for quantum-resistant algorithms. They also cover key advancements like HTTP/3 over QUIC, enhanced DNS security, reCAPTCHA v3 integration, and the Netscaler Console for fleet-wide visibility, compliance, and automation.Whether you're concerned about securing sensitive data, meeting future compliance requirements, or leveraging cutting-edge application firewall capabilities, this episode will help you understand why now—not later—is the time to prepare for the quantum era.

Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastDavid Close, Chief Solutions Architect at Futurex, discusses the reality facing our digital world: quantum computing will soon break the encryption protecting everything from mobile banking to satellite communications. But here's the twist — hackers aren't waiting. They're harvesting encrypted data now, betting that quantum computers will eventually crack today's "unbreakable" codes in a strategy called "harvest now, decrypt later." David explains how NIST's new post-quantum cryptography standards are already being deployed by companies like Google and CloudFlare, why crypto agility is essential for future-proofing your security infrastructure, and how you can break into the exciting field of cryptography — even without a PhD in mathematics.0:00 - Intro 1:00 - Cybersecurity Salary Guide3:06 - Meet David Close from Futurex3:52 - David's journey from embedded systems to cryptography5:05 - What Futurex does and 40 years of crypto innovation6:39 - The role of Chief Solutions Architect8:21 - Evolution of cryptography from payments to enterprise10:13 - How David discovered his passion for cryptography13:23 - Post-quantum cryptography explained15:16 - Why quantum computers break current encryption16:05 - The "harvest now, decrypt later" threat18:19 - NIST's new quantum-resistant algorithms20:02 - Real-world quantum threats to satellites and IP22:43 - What organizations can do now25:25 - Crypto agility and future-proofing systems28:41 - Resources for staying current on cryptography30:45 - Career paths in cryptography beyond algorithm development32:18 - Getting started in cryptography careers34:26 - The cryptography landscape in 15 years37:34 - Regulatory enforcement of new crypto standards39:43 - Best career advice: Finding the right vehicle41:29 - David's current reading and recommendations42:35 - Where to find David and Futurex onlineView Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

At Black Hat USA 2025, Danny Jenkins, CEO of ThreatLocker, shares how his team is proving that effective cybersecurity doesn't have to be overly complex. The conversation centers on a straightforward yet powerful principle: security should be simple enough to implement quickly and consistently, while still addressing the evolving needs of diverse organizations.Jenkins emphasizes that the industry has moved beyond selling “magic” solutions that promise to find every threat. Instead, customers are demanding tangible results—tools that block threats by default, simplify approvals, and make exceptions easy to manage. ThreatLocker's platform is built on this premise, enabling over 54,000 organizations worldwide to maintain a secure environment without slowing business operations.A highlight from the event is ThreatLocker's Defense Against Configurations (DAC) module. This feature performs 170 daily checks on every endpoint, aligning them with compliance frameworks like NIST and FedRAMP. It not only detects misconfigurations but also explains why they matter and how to fix them. Jenkins admits the tool even revealed gaps in ThreatLocker's own environment—issues that were resolved in minutes—proving its practical value.The discussion also touches on the company's recent FedRAMP authorization process, a rigorous journey that validates both the product's and the company's security maturity. For federal agencies and contractors, this means faster compliance with CMMC and NIST requirements. For commercial clients, it's an assurance that they're working with a partner whose internal security practices meet some of the highest standards in the industry.As ThreatLocker expands its integrations and modules, Jenkins stresses that simplicity remains the guiding principle. This is achieved through constant engagement with customers—at trade shows, in the field, and within the company's own managed services operations. By actively using their own products at scale, the team identifies friction points and smooths them out before customers encounter them.In short, the message from the booth at Black Hat is clear: effective security comes from strong fundamentals, simplified management, and a relentless focus on the user experience.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Danny Jenkins, CEO of ThreatLocker | On LinkedIn | https://www.linkedin.com/in/dannyjenkinscyber/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Andrew Cheung boasts over 25 years of invaluable experience as a Chief Executive Officer and Chief Technology Officer of 01 Quantum Inc. Throughout his illustrious career, he has consistently spearheaded cutting-edge innovations, and driven product development, resulting in a portfolio of 9 patents within the computer software industry. Notably, his outstanding contributions were recognized with a nomination for the prestigious Ernst and Young Entrepreneur-Of-The-Year award in 2001.Andrew remains at the forefront of technological advancements with his latest focus on Post-Quantum Cybersecurity.   With over 15 years of hands-on experience and extensive expertise in patent application, prosecution, and litigation processes, he has established himself as a formidable force in the field.  His groundbreaking work in Post-Quantum Cryptography (PQC), leveraging NIST-approved quantum-resistant algorithms, is a testament to his forward-thinking approach.  By combining his PQC engine with patent-protected measures into a wide array of applications, including cryptocurrencies, emails, and AI machine learning systems.  This proactive approach ensures robust protection against potential cyber threats posed by quantum computers, thereby safeguarding the integrity of classical computer systems as we know them today.In this conversation, we discuss:- The history of quantum computing- Quantum's threat to crypto- Building a quantum-safe crypto token- 01's partnership with Hitachi- When will Q-Day arrive?- RSA and elliptic curve encryption- When Q-Day comes, public keys are the most at risk- The crossover of AI and quantum safety- 01 Quantum's partnership with the new crypto foundation01 Quantum IncWebsite: www.01com.comX: @01quantumincLinkedIn: 01 Communique Inc Andrew CheungX: @acheungquantumLinkedIn: Andrew Cheung---------------------------------------------------------------------------------This episode is brought to you by PrimeXBT.PrimeXBT offers a robust trading system for both beginners and professional traders that demand highly reliable market data and performance. Traders of all experience levels can easily design and customize layouts and widgets to best fit their trading style. PrimeXBT is always offering innovative products and professional trading conditions to all customers.  PrimeXBT is running an exclusive promotion for listeners of the podcast. After making your first deposit, 50% of that first deposit will be credited to your account as a bonus that can be used as additional collateral to open positions. Code: CRYPTONEWS50 This promotion is available for a month after activation. Click the link below: PrimeXBT x CRYPTONEWS50

IonQ is poised to redefine the quantum computing landscape, projecting a staggering 80,000 logical qubits by 2030—potentially unlocking the power to crack encryption. NIST has us on a timeline to upgrade to post-quantum cryptography (PQC) by 2035, so this 5-year gap may spell doom for cybersecurity. Of course, these machines will also revolutionize industries from finance to drug discovery to AI. How is IonQ boosting their roadmap by orders of magnitude? Learn about their cutting-edge acquisitions and bold vision for scalable, error-corrected systems in this wide-ranging chat between host Konstantinos Karagiannis and IonQ SVP Dean Kassmann.For more information on IonQ, visit https://ionq.com/.Visit Protiviti at www.protiviti.com/US-en/technology-consulting/quantum-computing-services  to learn more about how Protiviti is helping organizations get post-quantum ready.Follow host Konstantinos Karagiannis on all socials: @KonstantHacker and follow Protiviti on LinkedIn and Twitter: @Protiviti.  Questions and comments are welcome!  Theme song by David Schwartz, copyright 2021.  The views expressed by the participants of this program are their own and do not represent the views of, nor are they endorsed by, Protiviti Inc., The Post-Quantum World, or their respective officers, directors, employees, agents, representatives, shareholders, or subsidiaries.  None of the content should be considered investment advice, as an offer or solicitation of an offer to buy or sell, or as an endorsement of any company, security, fund, or other securities or non-securities offering. Thanks for listening to this podcast. Protiviti Inc. is an equal opportunity employer, including minorities, females, people with disabilities, and veterans.

Here is the link to the free webinar on August 27, 2025 2pm EDT Empowering Agencies with Optimized IT Operations preview Cybersecurity teams are facing a “perfect storm” - more attacks, fewer defenders, and outdated infrastructure.  This week on Feds At The Edge, we offer a sneak peek into an upcoming webinar that will teach you how to truly see what's happening on your network- moving beyond basic monitoring to actionable observation.  Brian Chamberlain, Account Executive, USMC/USN, SolarWinds, Chamberlain breaks down why simple monitoring isn't enough. Without pinpointing blind spots or knowing where to start, agencies waste time, increase risk, and rack up costs. He explores:      Automation: Threats move too fast for humans to manage alone.         Hierarchy: How to prioritize  what matters most.           Compliance: Practical takes on NIST 800-207, FIPS 140-2, and Common Criteria.           AI in Action: How artificial intelligence can reveal inefficiencies and free humans to focus on decisions.   

Our Bachelor Nation OG Trista Sutter is catching up with Golden Bachelor season one winner Theresa Nist! She shares her hot takes on the new season of Bachelor in Paradise and she holds nothing back when asked about the next Golden Bachelor Mel Owens!Plus, we get an answer on if Theresa would want to be the next Golden Bachelorette, and if she would be more “affectionate” than people expect! See omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Send us a textHow do you build AI governance that scales without becoming the innovation police? In our final conversation with tech lawyer Gayle Gorvett, we tackle the ultimate balancing act facing every organization: creating robust AI oversight that moves at the speed of business. From shocking federal court rulings that could force AI companies to retain all user data indefinitely, to the Trump administration's potential overhaul of copyright law, this episode reveals how rapidly the legal landscape is shifting beneath our feet. Gayle breaks down practical frameworks from NIST and Duke University that adapt to your specific business needs while avoiding the dreaded legal bottleneck. Whether you're protecting customer data or designing the future of work, this customer success playbook episode provides the roadmap for scaling governance without sacrificing innovation velocity.Detailed AnalysisThe tension between governance speed and innovation velocity represents one of the most critical challenges facing modern businesses implementing AI at scale. Gayle Gorvett's insights into adaptive risk frameworks offer a compelling alternative to the traditional "slow and thorough" legal approach that often strangles innovation in bureaucratic red tape.The revelation about the OpenAI versus New York Times case demonstrates how quickly the legal landscape can shift with far-reaching implications. A single magistrate judge's ruling requiring OpenAI to retain all user data—regardless of contracts, enterprise agreements, or international privacy laws—illustrates the unpredictable nature of AI regulation. For customer success professionals, this uncertainty demands governance frameworks that can rapidly adapt to new legal realities without completely derailing operational efficiency.The discussion of NIST and Duke University frameworks reveals the democratization of enterprise-level governance tools. These resources make sophisticated risk assessment accessible to organizations of all sizes, eliminating the excuse that "we're too small for proper AI governance." This democratization aligns perfectly with the customer success playbook philosophy of scalable, repeatable processes that deliver consistent outcomes regardless of organizational size.Perhaps most intriguingly, the conversation touches on fundamental questions about intellectual property and compensation models in an AI-driven economy. Kevin's observation about automating human-designed workflows raises profound questions about fair compensation when human knowledge gets embedded into perpetual AI systems. This shift from time-based to value-based compensation models reflects broader changes in how customer success teams will need to demonstrate and capture value in an increasingly automated world.The technical discussion about local versus hosted AI models becomes particularly relevant for customer success teams handling sensitive customer data. The ability to contain AI processing within controlled environments versus leveraging cloud-based solutions represents a strategic decision that balances capability, cost, and compliance considerations.Gayle's emphasis on human oversight—Kevin's offeringPlease Like, Comment, Share and Subscribe. You can also find the CS Playbook Podcast:YouTube - @CustomerSuccessPlaybookPodcastTwitter - @CS_PlaybookYou can find Kevin at:Metzgerbusiness.com - Kevin's person web siteKevin Metzger on Linked In.You can find Roman at:Roman Trebon on Linked In.

Send us a textShe's the legal powerhouse behind IBM's AI ethics strategy — and she makes law fun. In this encore episode, we revisit a fan favorite: Christina Montgomery, formerly IBM's Chief Privacy and Trust Officer, now Chief Privacy and Trust Officer, GM. From guarding the gates of generative AI risk to advising on global regulation, Christina gives us a front-row seat to what's now, what's next, and what needs rethinking when it comes to trust, synthetic data, and the future of AI law.

Send us a textShe's the legal powerhouse behind IBM's AI ethics strategy — and she makes law fun. In this encore episode, we revisit a fan favorite: Christina Montgomery, formerly IBM's Chief Privacy and Trust Officer, now Chief Privacy and Trust Officer, GM. From guarding the gates of generative AI risk to advising on global regulation, Christina gives us a front-row seat to what's now, what's next, and what needs rethinking when it comes to trust, synthetic data, and the future of AI law.

Golden Bachelor favorites, and friends, Susan Noles and Theresa Nist, are giving great girlfriend-approved advice! They're talking about how to avoid being scammed when dating, how to get back out there after losing a partner, and ways to meet people if you live in a small town. Plus, the women give their unfiltered thoughts on the new season of Bachelor in Paradise, and their honest opinions on those ageist comments new Golden Bachelor, Mel Owens, recently made! And Susan and Theresa have a unique idea that producers should implement on Mel's upcoming season! Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Golden Bachelor favorites, and friends, Susan Noles and Theresa Nist, are giving great girlfriend-approved advice! They're talking about how to avoid being scammed when dating, how to get back out there after losing a partner, and ways to meet people if you live in a small town. Plus, the women give their unfiltered thoughts on the new season of Bachelor in Paradise, and their honest opinions on those ageist comments new Golden Bachelor, Mel Owens, recently made! And Susan and Theresa have a unique idea that producers should implement on Mel's upcoming season! Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Golden Bachelor favorites, and friends, Susan Noles and Theresa Nist, are giving great girlfriend-approved advice! They're talking about how to avoid being scammed when dating, how to get back out there after losing a partner, and ways to meet people if you live in a small town. Plus, the women give their unfiltered thoughts on the new season of Bachelor in Paradise, and their honest opinions on those ageist comments new Golden Bachelor, Mel Owens, recently made! And Susan and Theresa have a unique idea that producers should implement on Mel's upcoming season! Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Golden Bachelor favorites, and friends, Susan Noles and Theresa Nist, are giving great girlfriend-approved advice! They're talking about how to avoid being scammed when dating, how to get back out there after losing a partner, and ways to meet people if you live in a small town. Plus, the women give their unfiltered thoughts on the new season of Bachelor in Paradise, and their honest opinions on those ageist comments new Golden Bachelor, Mel Owens, recently made! And Susan and Theresa have a unique idea that producers should implement on Mel's upcoming season! Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Golden Bachelor favorites, and friends, Susan Noles and Theresa Nist, are giving great girlfriend-approved advice! They're talking about how to avoid being scammed when dating, how to get back out there after losing a partner, and ways to meet people if you live in a small town. Plus, the women give their unfiltered thoughts on the new season of Bachelor in Paradise, and their honest opinions on those ageist comments new Golden Bachelor, Mel Owens, recently made! And Susan and Theresa have a unique idea that producers should implement on Mel's upcoming season! Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Golden Bachelor favorites, and friends, Susan Noles and Theresa Nist, are giving great girlfriend-approved advice! They're talking about how to avoid being scammed when dating, how to get back out there after losing a partner, and ways to meet people if you live in a small town. Plus, the women give their unfiltered thoughts on the new season of Bachelor in Paradise, and their honest opinions on those ageist comments new Golden Bachelor, Mel Owens, recently made! And Susan and Theresa have a unique idea that producers should implement on Mel's upcoming season! Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Golden Bachelor favorites, and friends, Susan Noles and Theresa Nist, are giving great girlfriend-approved advice! They're talking about how to avoid being scammed when dating, how to get back out there after losing a partner, and ways to meet people if you live in a small town. Plus, the women give their unfiltered thoughts on the new season of Bachelor in Paradise, and their honest opinions on those ageist comments new Golden Bachelor, Mel Owens, recently made! And Susan and Theresa have a unique idea that producers should implement on Mel's upcoming season! Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Golden Bachelor favorites, and friends, Susan Noles and Theresa Nist, are giving great girlfriend-approved advice! They're talking about how to avoid being scammed when dating, how to get back out there after losing a partner, and ways to meet people if you live in a small town. Plus, the women give their unfiltered thoughts on the new season of Bachelor in Paradise, and their honest opinions on those ageist comments new Golden Bachelor, Mel Owens, recently made! And Susan and Theresa have a unique idea that producers should implement on Mel's upcoming season! Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Golden Bachelor favorites, and friends, Susan Noles and Theresa Nist, are giving great girlfriend-approved advice! They're talking about how to avoid being scammed when dating, how to get back out there after losing a partner, and ways to meet people if you live in a small town. Plus, the women give their unfiltered thoughts on the new season of Bachelor in Paradise, and their honest opinions on those ageist comments new Golden Bachelor, Mel Owens, recently made! And Susan and Theresa have a unique idea that producers should implement on Mel's upcoming season! Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Cybersecurity Insights for Business Leaders: Expert Advice from Derek Kernus of Aethon SecurityIn today's rapidly evolving digital world, cybersecurity is no longer just a concern for large enterprises—it's a critical part of every organization's strategy. In this recent episode of The Thoughtful Entrepreneur, host Josh Elledge sat down with Derek Kernus, CEO of Aethon Security, to discuss how business leaders can protect their organizations from the growing wave of cyber threats. The conversation dives deep into the importance of cybersecurity, compliance, and practical steps that leaders can take to stay ahead of the curve in an increasingly complex landscape.Understanding Cybersecurity and Compliance in Today's Business WorldDerek Kernus opens the conversation by highlighting the current cybersecurity threats faced by businesses today. Nation-state actors from China and Russia are increasingly targeting U.S. government networks and contractors, aiming to steal sensitive information or disrupt critical infrastructures like energy grids, water systems, and healthcare. As businesses digitize more of their operations, the number of potential attack points expands, making it essential for leaders to treat cybersecurity as a core business risk.Derek emphasizes the importance of compliance, particularly for government contractors who must meet cybersecurity standards like the Cybersecurity Maturity Model Certification (CMMC). Failure to comply with these requirements can result in lost contracts, legal penalties, and reputational damage. Even in the private sector, companies are increasingly expected to adopt rigorous cybersecurity measures. By understanding and implementing these frameworks, businesses can ensure that they are protected and ready to meet both governmental and industry-specific standards.The episode also addresses real-world cyber threats, including the Colonial Pipeline attack and attempts to disrupt municipal water systems, underscoring the need for proactive security measures. Derek offers actionable cybersecurity tips for business leaders to improve their organizational defenses and protect sensitive data.Actionable Cybersecurity Tips for Business LeadersDerek shares several practical, actionable cybersecurity steps that leaders can implement immediately to enhance their company's security posture. One of the most essential steps is implementing Multi-Factor Authentication (MFA) across all critical accounts. MFA significantly reduces the risk of unauthorized access, even if passwords are compromised. Derek advises prioritizing MFA for administrative and remote access accounts and training employees on how to use it.Another key recommendation is to conduct regular vulnerability scans. These scans help identify system weaknesses before they can be exploited. Derek stresses the importance of automating these scans, prioritizing high-risk vulnerabilities, and keeping records of the scans and remediation efforts for compliance purposes. Additionally, keeping software and systems up to date is crucial. Outdated software often serves as a gateway for cybercriminals, so applying patches and updates promptly can close those security gaps.Finally, Derek encourages business leaders to leverage federal cybersecurity frameworks like NIST and CMMC to better manage risks and ensure compliance. These frameworks offer structured, proven guidelines to assess and improve cybersecurity defenses, making them invaluable tools for organizations of all sizes. Derek advises that even non-government contractors benefit from adopting these best practices.About Derek KernusDerek Kernus is the CEO of Aethon Security, a cybersecurity consulting firm that helps organizations navigate complex compliance requirements and protect their data from cyber threats. Derek brings years of...

Bob Burke, Chief Information Security Officer at Beyond Identity, challenges the effectiveness of traditional multi-factor authentication (MFA) in the evolving landscape of cybersecurity. He argues that legacy MFA solutions, which often rely on out-of-band authorization methods like push notifications or one-time passwords, are no longer sufficient against the rising tide of sophisticated cyber threats. With the advent of services like phishing-as-a-service, attackers can easily bypass these outdated security measures, necessitating a shift towards phishing-resistant authentication methods. Burke emphasizes the need for organizations to adopt solutions that not only enhance security but also consider device posture and trustworthiness.Burke also critiques the current state of FIDO2 and passkeys, acknowledging their potential while highlighting their limitations, particularly in terms of device posture and user experience. He suggests that small to mid-sized businesses (SMBs) should prioritize phishing-resistant solutions that integrate both browser protection and device authentication. Furthermore, he raises concerns about the pricing models of many Software as a Service (SaaS) providers, which often place essential security features behind higher-tier subscriptions, effectively discouraging customers from adopting more secure practices.The conversation shifts to the endpoint detection and response (EDR) market, where Burke notes that while EDR solutions are still necessary, they are evolving into more comprehensive offerings like extended detection and response (XDR). He points out that many of these solutions are priced for enterprise-level organizations, leaving SMBs and mid-market companies struggling to find affordable options. Burke encourages these organizations to seek out solutions that fit their budget while still providing essential security capabilities.Finally, Burke shares insights from his experience with the FedRAMP certification process, emphasizing the importance of building internal security competencies and integrating security into product design from the outset. He advocates for a clear internal compliance program, such as NIST, to guide organizations in their security efforts. As the cybersecurity landscape continues to evolve, Burke warns that the tempo and scope of attacks are increasing, driven by advancements in AI, and urges organizations to reassess their security architectures to stay ahead of emerging threats.  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech