Podcasts about nist

Do you want to use AI without losing trust? What frameworks help build trust and manage AI responsibly?  Can we really create trust while using AI?In this episode of the FIT4PRIVACY Podcast, host Punit Bhatia and digital trust expert Mark Thomas explain how to govern and manage AI in ways that build real trust with customers, partners, and society.This episode breaks down what it means to use AI responsibly and how strong governance can help avoid risks. You'll also learn about key frameworks like the ISO 42001, the EU AI Act, and the World Economic Forum's Digital Trust Framework—and how they can guide your AI practices.Mark and Punit also talk about how organizational culture, company size, and leadership affect how AI is used—and how trust is built (or lost). They discuss real-world tips for making AI part of your existing business systems, and how to make decisions that are fair, explainable, and trustworthy.

Join 23-year architect Richard Gage, AIA, in this feature-length documentary featuring cutting-edge 9/11 evidence from more than 50 top experts in their fields, including high-rise architects, structural engineers, physicists, chemical engineers, firefighters, metallurgists, explosives experts, controlled demolition technicians, and more. Each is highly qualified in his/her respective fields. Several have Ph. D.s -- including National Medal of Science awardee Lynn Margulis. She, along with the other experts, exposes the fraud of NIST and discusses how the scientific method should have been applied, and acknowledges the "overwhelming" evidence of high-temperature incendiaries in all dust samples of the WTC. High-rise architects and structural engineers lay out the evidence in the features of the destruction of these three high-rises that point inevitably to explosive controlled demolition. 9/11 family members and psychologists ground the technical information with heart-centered support for a new investigation and a close look at the psychology of 9/11in this milestone production of AE911Truth: http://911ExpertsSpeakOut.orgCopyright Disclaimer under section 107 of the Copyright Act of 1976, allowance is made for ‘fair use' for purposes such as criticism, comment, news reporting, teaching, scholarship, education, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing. Non-profit, educational, or personal use tips the balance in favor of fair use.

TOP STORIES - NIST concludes the Surfside Champlain Towers collapse began at the pool deck due to critically low safety margins in the design. Also: passengers stranded on a Bahamas-to-Miami flight, Lauderdale-by-the-Sea considers adding Trump's name to a street sign, a machete-wielding man attacks police in Walmart, jury selection resumes in the Trump assassination attempt trial, Fort Lauderdale fights FDOT's street art removal order, Tyreek Hill's legal team responds to divorce claims, Governor Ron DeSantis pushes open carry while promoting a Second Amendment tax holiday, possible car insurance refunds for Florida drivers, a Clearwater woman battles to keep her pet peacock, Tampa City Council election results, Rays' Wander Franco detained and admitted to a clinic, Hillsborough College emerges as a potential Rays stadium site, and Pinellas County residents may notice a change in their water taste.

Up first, the ASW news of the week. At Black Hat 2025, Doug White interviews Ted Shorter, CTO of Keyfactor, about the quantum revolution already knocking on cybersecurity's door. They discuss the terrifying reality of quantum computing's power to break RSA and ECC encryption—the very foundations of modern digital life. With 2030 set as the deadline for transitioning away from legacy crypto, organizations face a race against time. Ted breaks down what "full crypto visibility" really means, why it's crucial to map your cryptographic assets now, and how legacy tech—from robotic sawmills to outdated hospital gear—poses serious risks. The interview explores NIST's new post-quantum algorithms, global readiness efforts, and how Keyfactor's acquisitions of InfoSec Global and Cipher Insights help companies start the quantum transition today—not tomorrow. Don't wait for the breach. Watch this and start your quantum strategy now. If digital trust is the goal, cryptography is the foundation. Segment Resources: http://www.keyfactor.com/digital-trust-digest-quantum-readiness https://www.keyfactor.com/press-releases/keyfactor-acquires-infosec-global-and-cipherinsights/ For more information about Keyfactor's latest Digital Trust Digest, please visit: https://securityweekly.com/keyfactorbh Live from BlackHat 2025 in Las Vegas, cybersecurity host Jackie McGuire sits down with Seemant Sehgal, founder of BreachLock, to unpack one of the most pressing challenges facing SOC teams today: alert fatigue—and its even more dangerous cousin, vulnerability fatigue. In this must-watch conversation, Seemant reveals how his groundbreaking approach, Adversarial Exposure Validation (AEV), flips the script on traditional defense-heavy security strategies. Instead of drowning in 10,000+ “critical” alerts, AEV pinpoints what actually matters—using Generative AI to map realistic attack paths, visualize kill chains, and identify the exact vulnerabilities that put an organization's crown jewels at risk. From his days leading cybersecurity at a major global bank to pioneering near real-time CVE validation, Seemant shares insights on scaling offensive security, improving executive buy-in, and balancing automation with human expertise. Whether you're a CISO, SOC analyst, red teamer, or security enthusiast, this interview delivers actionable strategies to fight fatigue, prioritize risks, and protect high-value assets. Key topics covered: - The truth about alert fatigue & why it's crippling SOC efficiency - How AI-driven offensive security changes the game - Visualizing kill chains to drive faster remediation - Why fixing “what matters” beats fixing “everything” - The future of AI trust, transparency, and control in cybersecurity Watch now to discover how BreachLock is redefining offensive security for the AI era. Segment Resources: https://www.breachlock.com/products/adversarial-exposure-validation/ This segment is sponsored by Breachlock. Visit https://securityweekly.com/breachlockbh to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-347

Up first, the ASW news of the week. At Black Hat 2025, Doug White interviews Ted Shorter, CTO of Keyfactor, about the quantum revolution already knocking on cybersecurity's door. They discuss the terrifying reality of quantum computing's power to break RSA and ECC encryption—the very foundations of modern digital life. With 2030 set as the deadline for transitioning away from legacy crypto, organizations face a race against time. Ted breaks down what "full crypto visibility" really means, why it's crucial to map your cryptographic assets now, and how legacy tech—from robotic sawmills to outdated hospital gear—poses serious risks. The interview explores NIST's new post-quantum algorithms, global readiness efforts, and how Keyfactor's acquisitions of InfoSec Global and Cipher Insights help companies start the quantum transition today—not tomorrow. Don't wait for the breach. Watch this and start your quantum strategy now. If digital trust is the goal, cryptography is the foundation. Segment Resources: http://www.keyfactor.com/digital-trust-digest-quantum-readiness https://www.keyfactor.com/press-releases/keyfactor-acquires-infosec-global-and-cipherinsights/ For more information about Keyfactor's latest Digital Trust Digest, please visit: https://securityweekly.com/keyfactorbh Live from BlackHat 2025 in Las Vegas, cybersecurity host Jackie McGuire sits down with Seemant Sehgal, founder of BreachLock, to unpack one of the most pressing challenges facing SOC teams today: alert fatigue—and its even more dangerous cousin, vulnerability fatigue. In this must-watch conversation, Seemant reveals how his groundbreaking approach, Adversarial Exposure Validation (AEV), flips the script on traditional defense-heavy security strategies. Instead of drowning in 10,000+ “critical” alerts, AEV pinpoints what actually matters—using Generative AI to map realistic attack paths, visualize kill chains, and identify the exact vulnerabilities that put an organization's crown jewels at risk. From his days leading cybersecurity at a major global bank to pioneering near real-time CVE validation, Seemant shares insights on scaling offensive security, improving executive buy-in, and balancing automation with human expertise. Whether you're a CISO, SOC analyst, red teamer, or security enthusiast, this interview delivers actionable strategies to fight fatigue, prioritize risks, and protect high-value assets. Key topics covered: - The truth about alert fatigue & why it's crippling SOC efficiency - How AI-driven offensive security changes the game - Visualizing kill chains to drive faster remediation - Why fixing “what matters” beats fixing “everything” - The future of AI trust, transparency, and control in cybersecurity Watch now to discover how BreachLock is redefining offensive security for the AI era. Segment Resources: https://www.breachlock.com/products/adversarial-exposure-validation/ This segment is sponsored by Breachlock. Visit https://securityweekly.com/breachlockbh to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-347

Up first, the ASW news of the week. At Black Hat 2025, Doug White interviews Ted Shorter, CTO of Keyfactor, about the quantum revolution already knocking on cybersecurity's door. They discuss the terrifying reality of quantum computing's power to break RSA and ECC encryption—the very foundations of modern digital life. With 2030 set as the deadline for transitioning away from legacy crypto, organizations face a race against time. Ted breaks down what "full crypto visibility" really means, why it's crucial to map your cryptographic assets now, and how legacy tech—from robotic sawmills to outdated hospital gear—poses serious risks. The interview explores NIST's new post-quantum algorithms, global readiness efforts, and how Keyfactor's acquisitions of InfoSec Global and Cipher Insights help companies start the quantum transition today—not tomorrow. Don't wait for the breach. Watch this and start your quantum strategy now. If digital trust is the goal, cryptography is the foundation. Segment Resources: http://www.keyfactor.com/digital-trust-digest-quantum-readiness https://www.keyfactor.com/press-releases/keyfactor-acquires-infosec-global-and-cipherinsights/ For more information about Keyfactor's latest Digital Trust Digest, please visit: https://securityweekly.com/keyfactorbh Live from BlackHat 2025 in Las Vegas, cybersecurity host Jackie McGuire sits down with Seemant Sehgal, founder of BreachLock, to unpack one of the most pressing challenges facing SOC teams today: alert fatigue—and its even more dangerous cousin, vulnerability fatigue. In this must-watch conversation, Seemant reveals how his groundbreaking approach, Adversarial Exposure Validation (AEV), flips the script on traditional defense-heavy security strategies. Instead of drowning in 10,000+ “critical” alerts, AEV pinpoints what actually matters—using Generative AI to map realistic attack paths, visualize kill chains, and identify the exact vulnerabilities that put an organization's crown jewels at risk. From his days leading cybersecurity at a major global bank to pioneering near real-time CVE validation, Seemant shares insights on scaling offensive security, improving executive buy-in, and balancing automation with human expertise. Whether you're a CISO, SOC analyst, red teamer, or security enthusiast, this interview delivers actionable strategies to fight fatigue, prioritize risks, and protect high-value assets. Key topics covered: - The truth about alert fatigue & why it's crippling SOC efficiency - How AI-driven offensive security changes the game - Visualizing kill chains to drive faster remediation - Why fixing “what matters” beats fixing “everything” - The future of AI trust, transparency, and control in cybersecurity Watch now to discover how BreachLock is redefining offensive security for the AI era. Segment Resources: https://www.breachlock.com/products/adversarial-exposure-validation/ This segment is sponsored by Breachlock. Visit https://securityweekly.com/breachlockbh to learn more about them! Show Notes: https://securityweekly.com/asw-347

Dr. Wilson is a research chemist and coordinator of the Cannabis Research Program in the Chemical Sciences Division at the National Institute of Standards & Technology (NIST) in Gaithersburg, Maryland. He received his B.S. degree in Chemistry from Greensboro College followed by a M.S. degree in Chemistry from the same institution. He then moved south to pursue a Ph.D. in Chemistry at the University of Central Florida, training in the lab of Prof. Andres D. Campiglia. In a wide-ranging conversation, we discuss the influence of 2000's television shows such as CSI on Brent's interest in forensic science and analytical chemistry, and how an informal interview at a poster session ultimately led to the position he now holds at NIST. Dr. Wilson shares how he navigated the educational landscapes in forensic science and chemistry, both at the undergraduate and graduate levels. We discuss the evolution of cannabis standards and analytical characterization in recent years, and Brent shares his perspective on the importance of standards in general, the birth of a reference material, and the significant effort it takes to bring these materials to the point where analytical scientists like us can purchase them. Dr. Wilson also describes some of his work on low-temperature emission spectroscopy techniques, where molecule exhibit much narrower and specific emission bands compared to room temperature detection. Brent also shares more about the life of a scientist within NIST, from day-to-day activities, competing for federal funding, and more. Finally, Dr. Wilson shares some professional advice, including the importance of being prepared and adaptable, the value of talking with people at conferences, and the importance of establishing and maintaining relationships over the course of one's career.

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance as he visits with top innovative minds, thinkers and creators in the award-winning Innovation in Compliance podcast. In this episode,  host Tom Fox visits with Lori Crooks, a seasoned professional in the field of cybersecurity and audit assessments, to discuss the evolution of auditing practices from physical infrastructure to cloud and AI.   Lori shares insights from her extensive career, highlighting key federal compliance frameworks like NIST 800-53, FedRAMP, and NIST 800-171. Lori stresses the importance of proactive compliance strategies and scalable GRC programs. As AI integration accelerates, she also touches on the challenges of adjusting compliance frameworks to keep pace with technological advancements, and the necessity of fostering collaboration within organizations to meet regulatory requirements effectively.  Key Highlights  Federal Auditing Frameworks Proactive Compliance Strategies Scalable GRC Programs AI and Compliance Landscape Future of Auditing in the Age of AI  Resources Lori Crooks on Linkedin Cadra  Tom Fox Instagram Facebook YouTube Twitter LinkedIn Check out my latest book Upping Your Game-How Compliance and Risk Management Move to 2023 and Beyond, available from Amazon.com.  Innovation in Compliance was recently honored as the number 4 podcast in Risk Management by 1,000,000 Podcasts.

In this week's Security Sprint, Dave and Andy covered the following topics:Main Topics:Annunciation Catholic Church Attack • Minneapolis Suspect Knew Her Target, but Motive Is a Mystery• Shooter who opened fire on Minneapolis Catholic school posted rambling videos• Robin Westman: Minneapolis gunman was son of church employee• Robin Westman posted a manifesto on YouTube prior to Annunciation Church shooting• Minneapolis school shooter wrote “I am terrorist” and “Kill yourself” in Russian on weapon magazines and listened to Russian rappers• Minneapolis Catholic Church shooter mocked Christ in video before attack• Minneapolis school shooter 'obsessed with idea of killing children', authorities say• Minnesota Mass Shooter Steeped in Far-Right Lore, White Nationalist Murderers• In Secret Diaries, the Church Shooter's Plans for Mass Murder• Minneapolis church shooting search warrants reveal new details and evidence• 'There is no message': The search for ideological motives in the Minneapolis shooting• Minneapolis Church Shooting: Understanding the Suspect's Video• More Of Minnesota Shooter's Writings Uncovered: ‘Gender And Weed F***ed Up My Head'• Classmates say Minnesota school shooter gave Nazi salutes and idolized school shootings back in middle schoolHoax Active Shooter Reports• More than a dozen universities have been targeted by false active shooter reports• This Is the Group That's Been Swatting US Universities• FBI urges students to be vigilant amid wave of swatting hoaxesAI & Cyber Threats • The Era of AI-Generated Ransomware Has Arrived• Researchers flag code that uses AI systems to carry out ransomware attacks & First known AI-powered ransomware uncovered by ESET Research • Anthropic: Detecting and countering misuse of AI: August 2025• A quick look at sextortion at scale: 1,900 messages and 205 Bitcoin addresses spanning four yearsCountering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System• FBI warns Chinese hacking campaign has expanded, reaching 80 countries• Allied spy agencies blame 3 Chinese tech companies for Salt Typhoon attacks• UK NCSC: UK and allies expose China-based technology companies for enabling global cyber campaign against critical networksQuick Hits:• Storm-0501's evolving techniques lead to cloud-based ransomware • Why Hypervisors Are the New-ish Ransomware Target• FBI Releases Use-of-Force Data Update• Denmark summons US envoy over report on covert American ‘influence operations' in Greenland• Falsos Amigos• Surge in coordinated scans targets Microsoft RDP auth servers• Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424• Citrix patches trio of NetScaler bugs – after attackers beat them to it• U.S., Japan, and ROK Join Mandiant to Counter North Korean IT Worker Threats• US sanctions fraud network used by North Korean ‘remote IT workers' to seek jobs and steal money• H1 2025 Malware and Vulnerability Trends • The FDA just overhauled its COVID vaccine guidance. Here's what it means for you• 25 August 2025 NCSC, AFOSI, ACIC, NCIS, DCSA, FBI, ED, NIST, NSF bulletin • DOGE Put Critical Social Security Data at Risk, Whistle-Blower Says• Blistering Wyden letter seeks review of federal court cybersecurity, citing ‘incompetence,' ‘negligence'• Email Phishing Scams Increasingly Target Churches

Kdo by si podle návrhu rozpočtu ministerstva financí na rok 2026 polepšil a kdo by naopak musel šetřit? Jakou pomoc mohou Afghánistánu po silném zemětřesení nabídnout státní úřady a jakou zahraniční humanitární organizace? A jak složité je zřízení nové základní školy pro obce, které chtějí navýšit kapacity pro výuku v novém školním roce?Všechny díly podcastu Hlavní zprávy - rozhovory a komentáře můžete pohodlně poslouchat v mobilní aplikaci mujRozhlas pro Android a iOS nebo na webu mujRozhlas.cz.

Can we build technology today to defend against the threats of tomorrow? This week, Technology Now concludes a double episode on post quantum cryptography and explores the subject of firmware, why it's imperative that it be protected against quantum attacks and why a simple update can't solve every problem. Nigel Edwards, Director of the Security Lab at HPE Labs, tells us more.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Aubrey Lovell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations.About Nigel: https://www.linkedin.com/in/nigel-edwards-170591/?originalSubdomain=ukSources: https://www.theatlantic.com/technology/archive/2016/01/the-long-and-winding-history-of-encryption/423726/https://www.theqrl.org/blog/history-of-cryptography-behind-the-code-episode-1/https://www.theguardian.com/science/2025/may/07/todays-ai-can-crack-second-world-war-enigma-code-in-short-order-experts-say

On today's episode of Govcon Giants, I sit down with Jason Miller, Executive Editor of Federal News Network, to unpack the chaos shaking the government contracting community. Over the last 4–6 months, we've seen partnerships shrink, contracts cut, and entire workforces pushed into early retirement. Jason pulls back the curtain on GSA consolidation, NASA SEWP, consulting contract crackdowns, and the uncertainty surrounding CMMC, NIST 800-171, and small business programs like 8(a). This isn't just noise—it's a direct hit on how small businesses survive and thrive in the federal marketplace. Jason and I go deep on the big numbers—25,000 fewer staff at GSA, programs like CIO-SP3 still stuck in protest, and the seven-year delay of CMMC rollout that's left contractors dangerously exposed. We also discuss how the Trump administration's aggressive cost-cutting, paired with industry silence, could cripple government contractors who refuse to speak up. If you're counting on the old rules to keep you safe, think again—this episode is your wake-up call. Connect with Jason: LinkedIn account: https://www.linkedin.com/in/jasonmillerfnn/ LinkedIn corporate: https://www.linkedin.com/company/federal-news-network/posts/?feedView=all Link to your company: https://federalnewsnetwork.com/  

In this episode of Cybersecurity Today, host Jim Love discusses recent developments in cybersecurity, including a method to bypass GPT5 model safeguards, malware issues in the Google Play Store, NIST's new AI-specific security controls, and a cyber attack that led to a government shutdown in Nevada. The episode also covers a CRM-related breach linked to the Shiny Hunters collective, who used OAuth tokens to gain unauthorized access. Key takeaways emphasize the need for stronger security frameworks and vigilance against evolving cyber threats. 00:00 Introduction and Overview 00:27 Exploiting GPT-5: A Simple Prompt Attack 02:20 Google Play Store's Malware Struggles 04:11 NIST's New AI Security Controls 06:06 Nevada Government Cyber Attack 08:23 Shiny Hunters' CRM Breach 10:41 Conclusion and Contact Information

Join us for the second part of our deep dive into incident response and recovery on the Tech for Business Podcast. In this episode, Todd, COO and CISO, and Nate, Director of Cybersecurity, unpack the challenging balance between acting swiftly and investigating thoroughly. Learn about the critical role of backup systems, the impact of regulatory rules, and the importance of continuous improvement for businesses. They also discuss containment strategies, maintaining business operations during an incident, and how to prepare your organization for future challenges. Don't miss out on their insightful tips and real-life examples!00:00 Introduction to Incident Response and Recovery00:34 Balancing Speed and Thoroughness in Incident Response01:33 Containment and Eradication Strategies05:25 The Importance of Pre-Planning and Backup Systems16:12 Challenges in Incident Removal and Insider Threats18:53 Recovery Time and Prioritization23:20 Lessons Learned and Continuous Improvement28:00 Conclusion and Contact InformationResources: Master Tabletop Exercises: https://www.cit-net.com/mastering-incident-response-tabletop-exercises/ Your Role in Incident response: https://www.cit-net.com/your-role-in-incident-response/ St Paul Cyber Incident: https://www.cit-net.com/city-of-st-paul-cyber-incident/ SonicWall Vulnerability: https://www.cit-net.com/sonicwall-vulnerability-breakdown/ Eliminate VPNS: https://www.cit-net.com/the-end-of-vpns/ NIST: https://csrc.nist.gov/projects/incident-response

In this episode of ATARC's Tech Transforms podcast, host Carolyn Ford sits down with Martin Stanley, Senior Advisor at NIST, to explore how AI is reshaping federal cybersecurity. They dive into NIST's AI Risk Management Framework, the growing need for secure and resilient AI systems, and what it takes to build a “risk-aware” culture in government. Stanley shares insights on guarding against threats like model theft and prompt injection, how agencies are adapting zero trust principles for AI, and why explainability is essential in machine learning models. Whether you're new to AI governance or advancing your cybersecurity strategy, this episode offers practical guidance for navigating the evolving AI risk landscape.

In this episode of Get Plugged In – AI Insights, Dale Hall, Managing Director of Research at the Society of Actuaries, sits down with Dr. Raymond Sheh, Associate Research Scientist at Johns Hopkins University and Guest Researcher at NIST. Together, they explore the concept of Vibe Coding, a new approach to AI-assisted software development that emphasizes intent over syntax. Dr. Sheh unpacks the benefits and the significant risks of relying on tools that “code by vibe,” especially within actuarial workflows. Whether you're a coding novice or an experienced modeler, this episode offers critical insights on how actuaries can use these tools responsibly—without losing rigor or control. To explore more tools and insights about AI in actuarial science, visit the SOA's AI landing page: https://www.soa.org/research/topics/artificial-intelligence-topic-landing Send us your feedback at AI-Insights@soa.org

If you like what you hear, please subscribe, leave us a review and tell a friend!

In this episode, the hosts discuss the intersection of gaming and cybersecurity, focusing on the rise of cheating in video games and its implications for cybersecurity practices. They explore the economic aspects of cheating, the legal ramifications for developers, and the importance of third-party risk management. The conversation also touches on a recent social engineering attack targeting Workday and the release of NIST's draft guide on emerging cybersecurity risks. The hosts emphasize the need for organizations to adopt a risk-based approach to cybersecurity and the importance of continuous monitoring of third-party vendors. Articles: Why Video Game Anti-Cheat Systems Are a Cybersecurity Goldmine https://www.darkreading.com/cyberattacks-data-breaches/video-game-anti-cheat-systems-cybersecurity-goldmine?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExV3FiSDFYZ3RyMVlFYWp0cgEevedCw94Eic6kps9xKd5wt0UB7I0S035MNikNGBTqvmZa2iyuQ1PC0KfHY40_aem_y7_m2RcJUtxen8XZnYkK_g Hackers target Workday in social engineering attack https://www.cybersecuritydive.com/news/hackers-target-workday-in-social-engineering-attack/758095/?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExV3FiSDFYZ3RyMVlFYWp0cgEe1kizFGnCj8nPGGg6_jzCYkagSxaoF3feLP1zZRUFh_JpdJLbxQxEczdXotA_aem_FeqX-Ek-lgpQp9K9NO0qWA NIST Releases Draft Guide to Help Organizations Address Emerging Cybersecurity Risks https://www.executivegov.com/articles/nist-csf-quick-start-draft-guide-feedback?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExV3FiSDFYZ3RyMVlFYWp0cgEe1kizFGnCj8nPGGg6_jzCYkagSxaoF3feLP1zZRUFh_JpdJLbxQxEczdXotA_aem_FeqX-Ek-lgpQp9K9NO0qWA Please LISTEN

In this edition of Campus Technology Insider Podcast Shorts, host Rhea Kelly covers the latest news in education technology. Highlights include the National Institute of Standards and Technology's new guidelines for securing AI systems, Wiley's introduction of innovative AI tools for the zyBooks platform to enhance STEM education, and Columbia Engineering's HyperQ, which virtualizes quantum computing for simultaneous user access. Tune in for more on these exciting developments. 00:00 Introduction and Host Welcome 00:15 NIST's New AI Security Guidelines 00:50 Wiley's AI Tools for STEM Education 01:18 Columbia Engineering's HyperQ Innovation 01:54 Conclusion and Further Resources Source links: NIST Proposes New Cybersecurity Guidelines for AI Systems Wiley Introduces New AI Courseware Tools Columbia Engineering Researchers Develop Cloud-Style Virtualization for Quantum Computing Campus Technology Insider Podcast Shorts are curated by humans and narrated by AI.

This segment is sponsored by Flashpoint. Visit https://securityweekly.com/flashpoint to learn more about them! Recent leaks tied to LockBit and Black Basta have exposed the inner workings of two of the most notorious ransomware groups—revealing their tactics, negotiation strategies, and operational infrastructure. For defenders, this rare window into adversary behavior offers critical intelligence to strengthen incident response and prevention strategies. In this interview, we'll break down what these leaks reveal and how security teams can use this intelligence to proactively harden their defenses, including: Key takeaways from the LockBit and Black Basta leaks—and what they confirm about ransomware operations How leaked playbooks, chats, and toolkits can inform detection and response Practical steps to defend against modern ransomware tactics in 2025 In the security news: Practical exploit code Old vulnerabilities, new attackers AI and web scraping - the battle continues 0-Days: You gotta prove it WinRAR 0-Day LLM patch diffing $20 million bug bounty Your APT is showing Hacking from the routers Its that easy eh? NIST guidance on AI Words have meaning Developers knowingly push vulnerable code My Hackberry PI post is live: https://eclypsium.com/blog/build-the-ultimate-cyberdeck-hackberry-pi/ Resources: Inside the LockBit Leak: Rare Insights Into Their Operations: https://flashpoint.io/blog/inside-the-lockbit-leak/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR 2025 Ransomware Survival Guide: https://flashpoint.io/resources/e-book/2025-ransomware-survival-guide/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR AI and Threat Intelligence: The Defenders' Guide https://go.flashpoint.io/ai-and-threat-intelligence-guide?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-888

Why do quantum computers pose a threat to governments? This week Technology Now starts a two part dive into quantum computing. In this first episode, we ask: how are governments preparing to mitigate the threat posed by a hypothetical quantum computer which could be invented. Ken Rich, Federal CTO at HPE tells us more.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Aubrey Lovell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations.About Ken Rich:https://www.linkedin.com/in/kenrich111/Sources:https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptographyhttps://www.britannica.com/technology/quantum-computerhttps://www.livescience.com/technology/computing/history-of-quantum-computing-key-moments-that-shaped-the-future-of-computingShor, Peter W.. “Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer.” SIAM Rev. 41 (1995): 303-332.P. W. Shor, "Algorithms for quantum computation: discrete logarithms and factoring," Proceedings 35th Annual Symposium on Foundations of Computer Science, Santa Fe, NM, USA, 1994, pp. 124-134, doi: 10.1109/SFCS.1994.365700.https://www.newscientist.com/article/2399246-record-breaking-quantum-computer-has-more-than-1000-qubits/

This segment is sponsored by Flashpoint. Visit https://securityweekly.com/flashpoint to learn more about them! Recent leaks tied to LockBit and Black Basta have exposed the inner workings of two of the most notorious ransomware groups—revealing their tactics, negotiation strategies, and operational infrastructure. For defenders, this rare window into adversary behavior offers critical intelligence to strengthen incident response and prevention strategies. In this interview, we'll break down what these leaks reveal and how security teams can use this intelligence to proactively harden their defenses, including: Key takeaways from the LockBit and Black Basta leaks—and what they confirm about ransomware operations How leaked playbooks, chats, and toolkits can inform detection and response Practical steps to defend against modern ransomware tactics in 2025 In the security news: Practical exploit code Old vulnerabilities, new attackers AI and web scraping - the battle continues 0-Days: You gotta prove it WinRAR 0-Day LLM patch diffing $20 million bug bounty Your APT is showing Hacking from the routers Its that easy eh? NIST guidance on AI Words have meaning Developers knowingly push vulnerable code My Hackberry PI post is live: https://eclypsium.com/blog/build-the-ultimate-cyberdeck-hackberry-pi/ Resources: Inside the LockBit Leak: Rare Insights Into Their Operations: https://flashpoint.io/blog/inside-the-lockbit-leak/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR 2025 Ransomware Survival Guide: https://flashpoint.io/resources/e-book/2025-ransomware-survival-guide/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR AI and Threat Intelligence: The Defenders' Guide https://go.flashpoint.io/ai-and-threat-intelligence-guide?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR Show Notes: https://securityweekly.com/psw-888

This segment is sponsored by Flashpoint. Visit https://securityweekly.com/flashpoint to learn more about them! Recent leaks tied to LockBit and Black Basta have exposed the inner workings of two of the most notorious ransomware groups—revealing their tactics, negotiation strategies, and operational infrastructure. For defenders, this rare window into adversary behavior offers critical intelligence to strengthen incident response and prevention strategies. In this interview, we'll break down what these leaks reveal and how security teams can use this intelligence to proactively harden their defenses, including: Key takeaways from the LockBit and Black Basta leaks—and what they confirm about ransomware operations How leaked playbooks, chats, and toolkits can inform detection and response Practical steps to defend against modern ransomware tactics in 2025 In the security news: Practical exploit code Old vulnerabilities, new attackers AI and web scraping - the battle continues 0-Days: You gotta prove it WinRAR 0-Day LLM patch diffing $20 million bug bounty Your APT is showing Hacking from the routers Its that easy eh? NIST guidance on AI Words have meaning Developers knowingly push vulnerable code My Hackberry PI post is live: https://eclypsium.com/blog/build-the-ultimate-cyberdeck-hackberry-pi/ Resources: Inside the LockBit Leak: Rare Insights Into Their Operations: https://flashpoint.io/blog/inside-the-lockbit-leak/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR 2025 Ransomware Survival Guide: https://flashpoint.io/resources/e-book/2025-ransomware-survival-guide/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR AI and Threat Intelligence: The Defenders' Guide https://go.flashpoint.io/ai-and-threat-intelligence-guide?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-888

This segment is sponsored by Flashpoint. Visit https://securityweekly.com/flashpoint to learn more about them! Recent leaks tied to LockBit and Black Basta have exposed the inner workings of two of the most notorious ransomware groups—revealing their tactics, negotiation strategies, and operational infrastructure. For defenders, this rare window into adversary behavior offers critical intelligence to strengthen incident response and prevention strategies. In this interview, we'll break down what these leaks reveal and how security teams can use this intelligence to proactively harden their defenses, including: Key takeaways from the LockBit and Black Basta leaks—and what they confirm about ransomware operations How leaked playbooks, chats, and toolkits can inform detection and response Practical steps to defend against modern ransomware tactics in 2025 In the security news: Practical exploit code Old vulnerabilities, new attackers AI and web scraping - the battle continues 0-Days: You gotta prove it WinRAR 0-Day LLM patch diffing $20 million bug bounty Your APT is showing Hacking from the routers Its that easy eh? NIST guidance on AI Words have meaning Developers knowingly push vulnerable code My Hackberry PI post is live: https://eclypsium.com/blog/build-the-ultimate-cyberdeck-hackberry-pi/ Resources: Inside the LockBit Leak: Rare Insights Into Their Operations: https://flashpoint.io/blog/inside-the-lockbit-leak/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR 2025 Ransomware Survival Guide: https://flashpoint.io/resources/e-book/2025-ransomware-survival-guide/?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR AI and Threat Intelligence: The Defenders' Guide https://go.flashpoint.io/ai-and-threat-intelligence-guide?utmcampaign=WBHostedSCMedia2025&utmsource=SCMedia&utmmedium=email&sfcampaign_id=701Rc00000S48bZIAR Show Notes: https://securityweekly.com/psw-888

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

Send us a textProfessor JRod makes a triumphant return to Technology Tap after a year-long hiatus, bringing listeners up to speed on his personal journey and diving straight into Security Plus 701 fundamentals. Having completed his doctorate and subsequently focusing on his health—resulting in an impressive 50-pound weight loss—he reconnects with his audience with the same passion and expertise that made his podcast popular.The heart of this comeback episode centers on essential cybersecurity concepts, beginning with the CIA triad (confidentiality, integrity, availability) that forms the foundation of information security. Professor J-Rod expertly breaks down complex frameworks including NIST, ISO/IEC standards, and compliance-driven approaches like HIPAA and GDPR, explaining how organizations should select frameworks based on their specific industry requirements.With his trademark clear explanations, he walks listeners through the process of gap analysis—a methodical approach to identifying differences between current security postures and desired standards. The episode then transitions to a comprehensive overview of access control models, including Discretionary, Mandatory, Role-Based, Attribute-Based, and Rule-Based controls, each illustrated with practical examples that bring abstract concepts to life.What sets this episode apart is the interactive element, as Professor JRod concludes with practice questions that challenge listeners to apply their newly acquired knowledge. This practical approach bridges the gap between theory and real-world implementation, making complex security concepts accessible to professionals and students alike. Whether you're preparing for certification or simply expanding your cybersecurity knowledge, this return episode delivers valuable insights from an educator who clearly missed sharing his expertise with his audience.Support the showIf you want to help me with my research please e-mail me.Professorjrod@gmail.comIf you want to join my question/answer zoom class e-mail me at Professorjrod@gmail.comArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

The devastating 2018 Camp Fire in Paradise, California serves as a haunting reminder of how rapidly wildfires can overwhelm communities. We have not known anything like it - the flames raced through Paradise at four miles per hour, 30,000 residents had mere minutes to evacuate, and many couldn't escape in time. What happens when the fire goes worse than worst case scenario, but still people need to escape? How do we protect lives when escape routes are blocked by fire or gridlocked traffic?Dr. Eric D. Link, NIST's researcher in the groundbreaking ESCAPE Project, takes us deep into these critical questions. The project's findings reveal how temporary refuge areas saved over 1,200 lives during the Camp Fire when people couldn't outrun the flames. These ad-hoc safe zones – parking lots, road intersections, and open spaces with reduced fuel loads – provided crucial protection when primary evacuation plans collapsed.The conversation explores how communities can prepare for these worst-case scenarios by pre-identifying Temporary Fire Refuge Areas (TFRAs) throughout their neighbourhoods. Unlike traditional wildfire safety zones that require enormous clearance, TFRAs offer practical, achievable alternatives that acknowledge the realities of wildland-urban interface communities. The key insight? Even perfect evacuation plans can fail when fires move too quickly, so communities need backup options.We also delve into the concept of "decision zones" for evacuation planning, the challenges of "no-notice fire events," and the potential for developing dedicated fire shelters that could protect large groups during extreme fire conditions. With climate change intensifying wildfire behavior and more communities at risk, these lessons from Paradise provide crucial guidance for protecting lives when evacuation isn't possible.Read further on the ESCAPE project findings at the amazing NIST repository (in general, reading the NIST repository is a good life advice :)): https://www.nist.gov/publications/wui-fire-evacuation-and-sheltering-considerations-assessment-planning-and-execution-0NIST dedicated webpage with more resources, especially for community managers: https://www.nist.gov/publications/wui-fire-evacuation-and-sheltering-considerations-assessment-planning-and-execution-0Trigger boundaries podcast episode: https://www.firescienceshow.com/156-trigger-boundaries-with-harry-mitchell-and-nick-kalogeropoulos/Cover image credit: On the morning of November 8, 2018, the Camp Fire erupted 90 miles (140 kilometers) north of Sacramento, California. By evening, the fast-moving fire had charred around 18,000 acres and remained zero percent contained, according to news reports. The Operational Land Imager on Landsat 8 acquired this image on November 8, 2018, around 10:45 a.m. local time (06:45 Universal Time). The natural-color image was created using bands 4-3-2, along with shortwave infrared light to highlight the active fire. Officials evacuated several towns, including Paradise. They also closed several major highways. NASA, Joshua Stevens - https://earthobservatory.nasa.gov/images/144225/camp-fire-rages-in-california ----The Fire Science Show is produced by the Fire Science Media in collaboration with OFR Consultants. Thank you to the podcast sponsor for their continuous support towards our mission.

What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight IoT crypto. SyncThing moves to v2.0 and beyond. Alien:Earth -- first take. What can we learn from another critical vulnerability? Show Notes - https://www.grc.com/sn/SN-1039-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit bitwarden.com/twit go.acronis.com/twit joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW

Dive deep into the critical aspects of an effective incident response plan. Our guests, Todd, the COO and CISO, and Nate, the Director of Cybersecurity, discuss the importance of having a well-defined, well-tested plan to handle security incidents. Discover key elements, including escalation paths, communication strategies, and preparation steps, to ensure your business can respond swiftly and efficiently to threats. Follow along as we explore real-world examples and share valuable insights on maintaining business resilience. Don't miss part two of this essential discussion coming next week!00:00 Introduction to Incident Response00:34 Key Elements of an Incident Response Plan01:59 Importance of Communication in Incident Response03:20 Preparation and Real-World Examples07:28 Challenges and Adaptability in Incident Response13:55 Testing and Improving Your Plan20:24 Emotional and Practical Aspects of Incident Response24:27 Conclusion and Next StepsResources: Master Tabletop Exercises: https://www.cit-net.com/mastering-incident-response-tabletop-exercises/ Your Role in Incident Response: https://www.cit-net.com/your-role-in-incident-response/ St Paul Cyber Incident: https://www.cit-net.com/city-of-st-paul-cyber-incident/ SonicWall Vulnerability: https://www.cit-net.com/sonicwall-vulnerability-breakdown/ Eliminate VPNS: https://www.cit-net.com/the-end-of-vpns/ NIST: https://csrc.nist.gov/projects/incident-response

Industrial Talk is talking to Sandy Carielli, Vice President at Forrester Research about "Quantum Computing Cybersecurity". Scott Mackenzie and Sandy Carielli discuss the implications of quantum computing on cybersecurity. Quantum computers could potentially break today's public key cryptography, compromising data security. Carielli highlights the importance of transitioning to new, quantum-resistant algorithms, such as those developed by NIST. She emphasizes the urgency for organizations, especially government agencies and financial institutions, to start this migration process. Carielli also warns of the "harvest now, decrypt later" attack scenario, where data is intercepted today and decrypted later with a future quantum computer. The conversation underscores the need for proactive measures to ensure digital trust and security. Action Items [ ] Conduct a cryptographic discovery exercise to inventory the algorithms and protocols currently in use across the organization. [ ] Bring together a cross-functional team to assess the organization's exposure to quantum computing threats and start the process of migrating to post-quantum cryptography. [ ] Incorporate requirements for quantum-resistant cryptography in procurement processes and vendor SLAs. [ ] Prioritize the migration of high-value, long-term data and systems that rely on digital signatures. Outline Introduction and Purpose of Industrial Talk Podcast Scott MacKenzie thanks listeners for their support and highlights the platform's dedication to celebrating achievements and amplifying messages. Scott MacKenzie praises Sandy Carielli from Forrester Research for her contributions to quantum computing and cybersecurity. The conversation aims to explore the transformative impact of quantum computing on cybersecurity. Scott MacKenzie's Perspective on Innovation and Technology Scott MacKenzie discusses the importance of creating content and demonstrating the human side of professionals in various industries. He emphasizes the need for companies to adapt to new technologies and innovations to remain successful. Scott MacKenzie shares themes from his conversations with industrial leaders, such as the importance of education, collaboration, and innovation. He highlights the need for companies to be nimble, trusted, and passionate about solving challenges. Introduction to Sandy Carielli and Quantum Computing Scott MacKenzie introduces Sandy Carielli and her work at Forrester Research on quantum computing and cybersecurity. Sandy Carielli explains the process of selecting topics for research at Forrester, including trends, market exposure, and regulatory changes. The conversation touches on the rapid evolution of technologies and the importance of staying current. Sandy Carielli mentions the annual top 10 emerging technologies report published by Forrester. Quantum Computing and Its Impact on Cybersecurity Sandy Carielli provides an overview of quantum computing and its potential to break today's public key cryptography. She explains the concept of public key cryptography and its role in securing communications and transactions. The discussion covers the potential risks posed by nation-states developing quantum computers and the need for cybersecurity measures. Sandy Carielli highlights the efforts to develop new cryptographic algorithms resistant to quantum computers. Preparing for Quantum...

Plex urges users to immediately update their Media Server due to an undisclosed security flaw. Cisco warns of a critical remote code execution flaw in their Secure Firewall Management Center software.Rockwell Automation discloses multiple critical and high-severity flaws. Hackers breached a Canadian House of Commons database. Active law enforcement and government email accounts are sold online for as little as $40. Telecom giant Colt Technology Services suffers a cyber incident disrupting its customer portal. Taiwan launches new measures to boost hospital cybersecurity after ransomware attacks.  NIST has released a concept paper proposing control overlays for securing AI systems. A date with an AI chatbot ends in tragedy. Our guest is Randall Degges, Snyk's Head of Developer and Security Relations, to discuss how underqualified or outsourced coding support can open doors for nation-state threats. Dutch speed cameras are stuck in a cyber-induced siesta. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Randall Degges, Snyk's Head of Developer and Security Relations, to discuss how underqualified or outsourced coding support can open doors for nation-state threats. Selected Reading Plex warns users to patch security vulnerability immediately (Bleeping Computer) Cisco Discloses Critical RCE Flaw in Firewall Management Software (Infosecurity Magazine) Critical Flaws Patched in Rockwell FactoryTalk, Micro800, ControlLogix Products (SecurityWeek) CISA Releases Thirty-Two Industrial Control Systems Advisories (CISA.gov) Hackers Breach Canadian Government Via Microsoft Exploit (Bank Infosecurity) Compromised Government and Police Email Accounts on the Dark Web (Abnormal.AI) Telco giant Colt suffers attack, takes systems offline (The Register) Taiwan announces measures to protect hospitals from hackers (Focus Taiwan) New NIST Concept Paper Outlines AI-Specific Cybersecurity Framework (Hack Read) A flirty Meta AI bot invited a retiree to meet. He never made it home. (Reuters) Dutch prosecution service attack keeps speed cameras offline (The Register) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Cybersecurity and Infrastructure Security Agency (CISA) is facing significant criticism from state and local officials who feel abandoned due to diminishing federal support for critical cybersecurity programs. Many officials are concerned about their increasing reliance on self-driven initiatives, especially after cuts to the Multi-State Information Sharing and Analysis Center, which has been a crucial source of cybersecurity intelligence for over two decades. A recent survey revealed that a substantial portion of state and local governments lack adequate funding for cybersecurity, with 22% allocating no funds and 42% operating with annual budgets of less than $100,000. This situation raises alarms about the potential for increased vulnerability to cyberattacks, particularly from nation-state actors.In response to the evolving landscape of artificial intelligence, the National Institute of Standards and Technology (NIST) is developing new security guidance aimed at addressing the associated risks. This initiative will clarify how AI interacts with cybersecurity, focusing on securing AI systems, the adversarial use of AI, and leveraging AI to enhance cybersecurity measures. Additionally, a bipartisan bill known as the Validation and Evaluation for Trustworthy Artificial Intelligence Act has been reintroduced in the Senate, aiming to establish guidelines for the responsible development and testing of AI systems. House appropriators are also proposing a significant funding increase for NIST, reflecting a commitment to bolster cybersecurity and innovation.The Federal Risk Management and Authorization Program (FedRAMP) has made strides in streamlining the approval process for government cloud services, achieving a significant reduction in wait times from over a year to approximately five weeks. This shift is part of a broader trend toward more efficient cloud authorization processes, with FedRAMP already approving more than twice as many services in fiscal year 2025 compared to the previous year. This development presents an opportunity for businesses to leverage FedRAMP-authorized stacks for government-related buyers and to build migration strategies accordingly.OpenAI has recently updated its ChatGPT platform, introducing new models and third-party tool connectors while facing scrutiny over the performance and security of its latest model, GPT-5. Despite the introduction of various user-focused options, security assessments have revealed significant vulnerabilities in GPT-5, prompting concerns about its safety and reliability. As companies like ConnectWise implement new credit card surcharges and adjust their workforce in response to market demands, the overarching theme emphasizes the need for operational discipline and strategic planning in navigating the evolving technology landscape. Four things to know today 00:00 Shrinking Cyber Budgets, Emerging AI Rules, and Streamlined FedRAMP Signal Shifts for IT Providers06:43 From Security to SaaS Management, Vendors Roll Out Agentic Features for IT Service Providers10:25 OpenAI Expands GPT-5 Options, Adds Connectors, but Faces Early Security Backlash13:41 ConnectWise Adds Credit Card Surcharges, Trims Staff in Strategic Realignment  Supported by:  https://syncromsp.com/   Tell us about a newsletter!https://bit.ly/biztechnewsletter  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

In Episode 185 of The Citrix Session, Andy Whiteside, Bill Sutton, and Todd Smith explore how Citrix NetScaler is evolving into a true Swiss Army knife for security—delivering protection not just for Citrix workloads, but for all applications. The conversation dives into the looming challenge of quantum computing and the “harvest now, decrypt later” threat, where bad actors collect encrypted data today to exploit when quantum capabilities emerge.Todd and Bill unpack how NetScaler is leading the way with post-quantum cryptography (PQC) readiness, new encryption standards aligned with NIST guidelines, and GA support for quantum-resistant algorithms. They also cover key advancements like HTTP/3 over QUIC, enhanced DNS security, reCAPTCHA v3 integration, and the Netscaler Console for fleet-wide visibility, compliance, and automation.Whether you're concerned about securing sensitive data, meeting future compliance requirements, or leveraging cutting-edge application firewall capabilities, this episode will help you understand why now—not later—is the time to prepare for the quantum era.

Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastDavid Close, Chief Solutions Architect at Futurex, discusses the reality facing our digital world: quantum computing will soon break the encryption protecting everything from mobile banking to satellite communications. But here's the twist — hackers aren't waiting. They're harvesting encrypted data now, betting that quantum computers will eventually crack today's "unbreakable" codes in a strategy called "harvest now, decrypt later." David explains how NIST's new post-quantum cryptography standards are already being deployed by companies like Google and CloudFlare, why crypto agility is essential for future-proofing your security infrastructure, and how you can break into the exciting field of cryptography — even without a PhD in mathematics.0:00 - Intro 1:00 - Cybersecurity Salary Guide3:06 - Meet David Close from Futurex3:52 - David's journey from embedded systems to cryptography5:05 - What Futurex does and 40 years of crypto innovation6:39 - The role of Chief Solutions Architect8:21 - Evolution of cryptography from payments to enterprise10:13 - How David discovered his passion for cryptography13:23 - Post-quantum cryptography explained15:16 - Why quantum computers break current encryption16:05 - The "harvest now, decrypt later" threat18:19 - NIST's new quantum-resistant algorithms20:02 - Real-world quantum threats to satellites and IP22:43 - What organizations can do now25:25 - Crypto agility and future-proofing systems28:41 - Resources for staying current on cryptography30:45 - Career paths in cryptography beyond algorithm development32:18 - Getting started in cryptography careers34:26 - The cryptography landscape in 15 years37:34 - Regulatory enforcement of new crypto standards39:43 - Best career advice: Finding the right vehicle41:29 - David's current reading and recommendations42:35 - Where to find David and Futurex onlineView Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

At Black Hat USA 2025, Danny Jenkins, CEO of ThreatLocker, shares how his team is proving that effective cybersecurity doesn't have to be overly complex. The conversation centers on a straightforward yet powerful principle: security should be simple enough to implement quickly and consistently, while still addressing the evolving needs of diverse organizations.Jenkins emphasizes that the industry has moved beyond selling “magic” solutions that promise to find every threat. Instead, customers are demanding tangible results—tools that block threats by default, simplify approvals, and make exceptions easy to manage. ThreatLocker's platform is built on this premise, enabling over 54,000 organizations worldwide to maintain a secure environment without slowing business operations.A highlight from the event is ThreatLocker's Defense Against Configurations (DAC) module. This feature performs 170 daily checks on every endpoint, aligning them with compliance frameworks like NIST and FedRAMP. It not only detects misconfigurations but also explains why they matter and how to fix them. Jenkins admits the tool even revealed gaps in ThreatLocker's own environment—issues that were resolved in minutes—proving its practical value.The discussion also touches on the company's recent FedRAMP authorization process, a rigorous journey that validates both the product's and the company's security maturity. For federal agencies and contractors, this means faster compliance with CMMC and NIST requirements. For commercial clients, it's an assurance that they're working with a partner whose internal security practices meet some of the highest standards in the industry.As ThreatLocker expands its integrations and modules, Jenkins stresses that simplicity remains the guiding principle. This is achieved through constant engagement with customers—at trade shows, in the field, and within the company's own managed services operations. By actively using their own products at scale, the team identifies friction points and smooths them out before customers encounter them.In short, the message from the booth at Black Hat is clear: effective security comes from strong fundamentals, simplified management, and a relentless focus on the user experience.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Danny Jenkins, CEO of ThreatLocker | On LinkedIn | https://www.linkedin.com/in/dannyjenkinscyber/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Our Bachelor Nation OG Trista Sutter is catching up with Golden Bachelor season one winner Theresa Nist! She shares her hot takes on the new season of Bachelor in Paradise and she holds nothing back when asked about the next Golden Bachelor Mel Owens!Plus, we get an answer on if Theresa would want to be the next Golden Bachelorette, and if she would be more “affectionate” than people expect! See omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Leslie and Theresa might have competed against one another on "The Golden Bachelor," but these two single gals are now thick as thieves! These Golden Girls tell Jennifer Fessler why they're tired of being called "cute" and why the older crew brought the heat to the beach on Bachelor in Paradise. Should you FaceTime before a date? The ladies are giving their unfiltered opinions. Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.

Golden Bachelor favorites, and friends, Susan Noles and Theresa Nist, are giving great girlfriend-approved advice! They're talking about how to avoid being scammed when dating, how to get back out there after losing a partner, and ways to meet people if you live in a small town. Plus, the women give their unfiltered thoughts on the new season of Bachelor in Paradise, and their honest opinions on those ageist comments new Golden Bachelor, Mel Owens, recently made! And Susan and Theresa have a unique idea that producers should implement on Mel's upcoming season! Email us at: IDOPOD@iheartradio.com or call us at 844-4-I Do Pod (844-443-6763)Follow I Do, Part 2 on Instagram and TikTokSee omnystudio.com/listener for privacy information.