Podcasts about Security awareness

Show Summary:    Mudita Khurana — Tech Lead at Airbnb and the person who always says, “I got this” No Password Required Season 7: Episode 6 - Mudita Khurana   Mudita Khurana is a Tech Lead for Automated Tooling and Vulnerability Management at Airbnb, where she focuses on building modular, scalable security systems in an era of rapidly evolving AI threats. Before Airbnb, she spent nearly a decade in security roles across Accenture, Meta, and PwC, making bold career pivots along the way, including turning down a PwC return offer to join Facebook's product security team. In this episode, Mudita shares her journey from a family of doctors in India to Carnegie Mellon and into the heart of Big Tech security. She discusses what it means to thrive as a non-traditional engineer in a deeply technical field, why she stepped back from management to get closer to the work, and how she thinks about building security tooling that won't be obsolete in three months. Jack Clabby and co-host Kayley Melton, recording live from Tampa B-Sides at the University of South Florida, talk with Mudita about imposter syndrome, AI's curveballs for security teams, leadership without a leadership title, and the importance of community in staying on top of a field that never stops moving. She also reflects on what great mentorship looks like early in a career and why clarity, ownership, and consistency are the leadership qualities she keeps coming back to. In the Lifestyle Polygraph, Mudita firmly plants her flag in the Harry Potter universe as Hermione, explains why Deadpool doesn't qualify as a superhero, debates gym vs. nature as a reset strategy, and reveals her dream remote work base: a high-altitude Buddhist mountain town in the Himalayas.   Follow Mudita on LinkedIn: https://www.linkedin.com/in/muditakhurana/     In this episode: Mudita shares her unconventional path into cybersecurity, highlighting the importance of mentorship and curiosity (0:25 - 1:37) The significance of mentorship, especially Vandana Verma, in her career development (2:26 - 4:00) Transition from management to technical IC roles and why staying close to technical work matters (9:29 - 10:23) The influence of her education at Carnegie Mellon and how it broadened her problem-solving skills (6:23 - 7:41) Navigating imposter syndrome and embracing challenges as growth opportunities (3:26 - 5:29) How AI is changing cybersecurity strategies—building modular, layered systems for agility (15:31 - 16:26) The importance of community, trust, and consensus in cybersecurity decision-making (17:06 - 17:47) Mudita's favorite places for remote work and balancing planning with spontaneity in travel (23:01 - 24:13) Her personal approach to wellness, exercise, and resets during busy days (21:32 - 22:36) Her unique perspective on superhero characters, favorite places, and cultural roots (18:54 - 19:36, 25:19 - 26:21) Timestamp Highlights: (00:25) Mudita's 10-year journey into cybersecurity starting from India (02:26) Mentorship's critical role in her growth and her admiration for Vandana Verma (09:29) Transition from management back to technical roles and why staying close to the work matters (15:31) How AI fosters layered, modular security systems for faster adaptation (17:06) The importance of community and trusted information sources in security (21:32) Reset routines—gym versus nature hikes—and staying grounded during busy days (25:19) Leh, Ladakh: Mudita's ideal remote work location nestled in Himalayan beauty Resources & Links: Vandana Verma - Influential mentor in cybersecurity ThreatLocker - Supporter of this podcast Cyber Florida – The Mother Ship

In this episode of Fraudology, Karisse Hendrick is joined by Robert Siciliano, a world-renowned security analyst, bestselling author, and the architect of the Strategic Human Firewall. While the industry often obsesses over technological solutions, Robert explores why humans—not hackers—remain the ultimate deciding factor in organizational security.The conversation dives deep into the "Human Blind Spot"—our biological instinct to trust that often overrides digital suspicion. Robert shares his unconventional journey from the streets of Boston to becoming a leading security educator, including the time he bought a working ATM on Craigslist to prove how easily data breaches can be purchased.We also explore the critical shift from "Security Awareness" to "Security Appreciation":The Compliance Trap: Why traditional phishing simulations and "check-the-box" training often lead to security fatigue and victim shaming.The Strategic Human Firewall: How to transform employees from passive targets into active detection layers by filtering intent rather than just traffic.The Kitchen Table Effect: Why the most effective security training is personal, encouraging employees to protect their families so they naturally protect their companies.Overcoming Fatalism: A direct look at why people resist security measures like password managers and home alarms, and how to bridge the "Appreciation Gap" through empathetic dialogue.

You’ve got quick tips galore this week: if your iPad battery’s draining mysteriously, your Apple Pencil might be the culprit, so pop it off when you’re not using it. Want custom emoji? Now you can create your own. LaunchBar fans, there’s a slick way to jump straight into System Settings, and if you’re self-hosting Bitwarden, the guys walk you through adding a local server with Cloudflare Tunnels. Pilot Pete also breaks down getting your digital ID working at TSA — and makes a compelling case that it’s actually more secure than handing over your physical license — plus there’s a look at TSA’s new Touchless ID system. On the AI side, if agentic browsing still makes you nervous, Dave and Pete have practical advice for easing in, and they dig into why the app you use matters just as much as the LLM behind it — including a look at Claude’s upcoming Mythos model. You’ll hear how to tighten your AI agent’s security awareness (Don’t Get Caught slipping on that one), use Comet to become the ultimate “Reply Guy,” let your LLM tell you which apps are available in Setapp, and even have your chatbot generate QR codes . Wrapping up, there’s a fix for Mail not seeing updated Contacts Groups, a cost breakdown of building your own 2026 27-inch iMac, and an honest conversation about whether Plex is getting worse. Press play and enjoy learning at least five new things, folks! 00:00:00 Mac Geek Gab 1137 for Monday, April 13th, 2026 April 13th: National Scrabble Day The MGG Merch Store is Live! MGG Monthly Giveaway – Enter to win a Plex Pass for a year! Congrats to March's SoundSource winners: Ian, Robert, and Jeff Quick Tips 00:00:01 Ian-QT-1136-Apple Pencil can drain an iPad battery 00:03:37 PilotPete-QT-Create Your Own Emoji 00:06:24 Ben-1136-CSF-Use LaunchBar to launch System Settings 00:08:22 Adding a local Bitwarden server Cloudflare Tunnels Cloudflare Workers Uplock app for Apple Passwords 00:21:39 PilotPete-QT- getting digital ID to work at TSA & why it's likely more secure than your license 00:25:59 TSA Touchless ID Sponsors 00:30:28 SPONSOR: CleanMyMac. Get Tidy Today! Try 7 days free and use our code MACGEEK for 20% off at clnmy.com/MACGEEK 00:32:01 SPONSOR: Pocket Hose. For a limited time, you can get a FREE pocket pivot and their 10-pattern sprayer with the purchase of ANY size Copper Head hose. Just text MGG to 64000. AI Side Quest 00:33:40 The Flora-Bama Club 00:35:59 Andy-What can I do if I'm not yet comfortable with agentic browsing? 00:41:20 Your AI app matters as much as the LLM 00:45:08 What's up with Claude's new Mythos LLM? 00:48:42 Jason-QT-Tighten Your AI Agent’s Security Awareness! 00:51:32 Using Comet to help you be “Reply Guy” 00:53:46 Todd-QT-Let your LLM tell you which apps you can get in Setapp 00:55:49 Roy-QT-Let your chatbot create QR codes iQR for QR Codes Your Questions Answered and Tips Shared! 00:58:33 Joe-Why is Mail not seeing my updated Contacts Group? 01:04:12 Brent-Cost breakdown of the 2026 27″ iMac 01:06:16 Matt-Is Plex getting worse? If so, can it get better? Emby Jellyfin 01:19:31 MGG 1137 Outtro MGG Monthly Giveaway Bandwidth Provided by CacheFly Pilot Pete's Aviation Podcast: So There I Was (for Aviation Enthusiasts) The Debut Film Podcast – Adam's new podcast! Dave's Business Brain (for Entrepreneurs) and Gig Gab (for Working Musicians) Podcasts MGG Merch is Available! Mac Geek Gab iOS app Mac Geek Gab YouTube Page Mac Geek Gab Live Calendar This Week's MGG Premium Contributors MGG Apple Podcasts Reviews feedback@macgeekgab.com 224-888-GEEK Active MGG Sponsors and Coupon Codes List BackBeat Media Podcast Network

Die Leitung einer Küche ist Knochenarbeit und braucht ein hohes Mass an Resilienz, Flexibiliät und Kreativität. Janneke Peters hat als Sous Chef, Patissière oder Chefköchin ihre persönliche Resilienz ausgebaut. Seit 10 Jahren ist sie nun in der IT der Helvetia-Baloise Gruppe tätig und bringt ihre Kompetenzen als Security Awareness Managerin ein. Die Quereinsteigerin gibt Marcus und Katja einen Einblick in ihren Arbeitsalltag und das von ihr geführte Security Menü, auf dem persönlicher Kontakt und Networking einen grossen Platz haben. Wolltet ihr schon immer mal wissen, ob Köch:innen den Film "Ratatouille" mögen? Janneke gibt euch die Antwort.   Show Notes: Janneke auf LinkedIn https://www.linkedin.com/in/janneke-peters-913541184/ Helvetia Baloise Gruppe https://www.helvetia-baloise.com/ Baloise Digital Scouts https://www.baloise.com/de/home/ueber-uns/wofuer-wir-stehen/nachhaltigkeit/baloise-digitale-pfadfinder.html Digital Scouts Cyber Security https://www.baloise.com/de/home/ueber-uns/wofuer-wir-stehen/nachhaltigkeit/baloise-digitale-pfadfinder/cyber-security.html Baloise Digital Scouts Broschüre: https://www.baloise.com/dam/jcr:1dee22e6-f465-4cc7-9e17-cdc2800812e4/Baloise%20Digital%20Scouts_CyberSecurity_Broschuere_KMU_d.pdf Digital Scouts Elevator Pitch https://www.youtube.com/watch?v=D_ZVgTvv5jI&list=TLGGh-gNjKepGqowNDAzMjAyNg&t=1s

Cybersecurity awareness is at an all-time high… so why are we still clicking the same sketchy links like it's a hobby? In this episode, we dig into the uncomfortable truth: people know what to do, they just don't do it. Between overwhelming workloads, nonstop digital noise, and a growing sense that "it's inevitable anyway," security has turned into that thing we all agree is important—right before we ignore it to get our jobs done faster. More info at HelpMeWithHIPAA.com/552

This is Derek Miller, Speaking on Business. For the past eight years, Wasatch Security Awareness has partnered with organizations across the Wasatch Front, helping them better understand cybersecurity risks and emerging technologies like artificial intelligence. Owner, Matt Groves, joins us with more. Matt Groves: Most business risk today has very little to do with technology, and everything to do with people. At Wasatch Security Awareness, that's exactly where we focus — because most problems don't start with broken systems, they start with the everyday choices people make at work. That's why we provide customized cybersecurity testing and live training. Real conversations with real people, not just another video everyone clicks through. When people can ask questions and see how threats show up in their day-to-day work, the lessons stick and behavior starts to change. We also help organizations make sense of artificial intelligence. Our AI literacy training helps teams safely implement AI into the workflows they already use — saving time, improving efficiency and supporting better decisions. For Utah businesses, awareness isn't just about reducing risk — it's about building stronger, more resilient teams. The organizations that thrive tomorrow will be the ones who prepare their people today. Derek Miller: Wasatch Security Awareness continues helping Utah businesses navigate cybersecurity challenges, stay informed on emerging technologies, and reduce risk through education and awareness. Learn more about their work and resources at WasatchSecurityAwareness.com. I'm Derek Miller, with the Salt Lake Chamber, Speaking on Business. Originally aired: 3/19/26

Madhav Nakar — AI Security Researcher and Documentarian of Spirituality and Play   No Password Required Season 7: Episode 3 - Madhav Nakar   Madhav Nakar is a Security Researcher at BeyondTrust specializing in identity threats, endpoint security, and cloud attack paths. With a background in theoretical mathematics, his current research focuses on analyzing attacker behavior to build practical systems of detection.   In this episode, Madhav shares the pivotal moments that shaped his career, including his first experience witnessing a nation-state attack unfold in real time from his seat in a SOC. He explains how mathematical thinking sharpens security strategy and why strong research is rooted in exploration, not predetermined outcomes.   Jack Clabby of Carlton Fields, joined by co-host Kayley Melton of the Cognitive Security Institute, welcomes Madhav for a conversation on modern cyber defense. From AI-driven attacks and agentic systems to privilege escalation risks in role-based access environments, Madhav breaks down what teams are getting wrong about AI and why defending against AI increasingly requires AI-powered tools.   The conversation turns to Madhav's philosophy of “serious play,” where curiosity, experimentation, and failure fuel better research and resilience. He also shares insights from his spiritual and philosophy project, The Fire of Knowing, exploring consciousness and belief through a neutral lens.   In the Lifestyle Polygraph, Madhav pitches a cybersecurity documentary, debates growth versus comfort, and reflects public dancing experiments.  Follow Madhav Nakar here: https://www.linkedin.com/in/madhav-nakar/ Follow "The Fire of Knowing" on Instagram and Youtube!  CHAPTERS:  00:00 Introduction with Kayley and Jack 08:08 Transition from Theoretical Math to Cybersecurity 16:13 Exploring Spiritual Traditions and Madhav's Documentary 19:48 The Intersection of Art and Science in Content Creation 25:20 The Lifestyle Polygraph: Challenging Perspectives on Security

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris Hadnagy is joined by Josten Pena for an in-depth discussion on cognitive biases and their impact on cybersecurity. Together, they explore how inherent mental shortcuts can increase susceptibility to social engineering attacks. The conversation emphasizes the importance of recognizing and owning these biases, rather than trying to eliminate them, and highlights practical mitigation strategies like hands-on training and fostering critical thinking. [Feb 16, 2026]  00:00 – Intro 00:47 – Meet the Co-Host: Josten Pena  01:38 – Intro Links: Social-Engineer.com - http://www.social-engineer.com/    Offensive Security Vishing Services - https://www.social-engineer.com/offensive-security/vishing/   Offensive Security SMiShing Services - https://www.social-engineer.com/offensive-security/smishing/   Offensive Security Phishing Services - https://www.social-engineer.com/offensive-security/smishing/   Call Back Phishing - https://www.social-engineer.com/offensive-security/call-back-phishing/   Adversarial Simulation Services - https://www.social-engineer.com/offensive-security/adversarial-simulation/   Social Engineering Risk Assessments - https://www.social-engineer.com/offensive-security/social-engineering-risk-assessment/   Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb   CLUTCH - http://www.pro-rock.com/   02:26 – Innocent Lives Foundation & Music 03:36 – Diving into Cognitive Bias 06:42 – Cognitive Bias in Cybersecurity 09:26 – Real-World Examples & Practical Solutions 18:59 – Recap, Final Thoughts & Outro www.social-engineer.com www.innocentlivesfoundation.org 

Show NotesMost organizations treat cybersecurity as a technology problem. They invest in layers of defense, run phishing tests, and deploy identity and access management tools. Yet headlines about breaches keep coming. Dr. Keri Pearlson, Senior Lecturer and Principal Research Scientist at the MIT Sloan School of Management, argues that the real opportunity lies not in more technology but in changing how people across the organization think about and value cybersecurity.In this episode of the Human-Centered Cybersecurity Series, co-hosted by Julie Haney, Computer Scientist and Lead of the Human-Centered Cybersecurity Program at the National Institute of Standards and Technology (NIST), Dr. Keri Pearlson introduces her framework for cybersecurity culture built around values, attitudes, and beliefs. Rather than simply training employees on what to do, the focus shifts to shaping why they do it. When people genuinely believe cybersecurity matters, they take action without waiting for mandates or programs to tell them how.Dr. Pearlson shares vivid examples from her research: a CISO who hired a marketing professional to run the cybersecurity culture program, a CEO who opens every all-hands meeting with a five-minute cybersecurity story, and organizations that use creative rewards like chocolate chip cookies and digital badges to reinforce positive behaviors. She also outlines a five-stage maturity model for cybersecurity culture, from ad hoc efforts all the way to a dynamic culture that self-regulates as new threats like AI-driven vulnerabilities emerge.The conversation also tackles the relationship between organizational culture and cybersecurity culture, the role of group-level accountability, and why consequences matter just as much as rewards. Dr. Pearlson makes the case that cybersecurity should move from being viewed as an infrastructure play to a strategic advantage, one that can attract customers, reduce costs, and build competitive differentiation.For any leader looking to move the needle on security culture, this episode offers a research-backed roadmap and practical steps that anyone can take starting tomorrow.HostSean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/Guest(s)Dr. Keri Pearlson, Senior Lecturer and Principal Research Scientist at MIT Sloan School of Management | On LinkedIn: https://www.linkedin.com/in/kpearlson/Julie Haney (Co-Host), Computer Scientist and Lead, Human-Centered Cybersecurity Program at National Institute of Standards and Technology (NIST) | On LinkedIn: https://www.linkedin.com/in/julie-haney-037449119/ResourcesLearn more about Dr. Keri Pearlson's research: https://mitsloan.mit.edu/faculty/directory/keri-pearlsonLearn more about the NIST Human-Centered Cybersecurity Program: https://csrc.nist.gov/projects/human-centered-cybersecurityCybersecurity at MIT Sloan (CAMS): https://cams.mit.edu/The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcastRedefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqKeywordsdr. keri pearlson, julie haney, mit sloan, nist, sean martin, cybersecurity culture, security culture, values attitudes beliefs, cyber resilience, human-centered cybersecurity, security awareness, phishing, cybersecurity maturity model, security behavior, cybersecurity strategy, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Show NotesMost organizations treat cybersecurity as a technology problem. They invest in layers of defense, run phishing tests, and deploy identity and access management tools. Yet headlines about breaches keep coming. Dr. Keri Pearlson, Senior Lecturer and Principal Research Scientist at the MIT Sloan School of Management, argues that the real opportunity lies not in more technology but in changing how people across the organization think about and value cybersecurity.In this episode of the Human-Centered Cybersecurity Series, co-hosted by Julie Haney, Computer Scientist and Lead of the Human-Centered Cybersecurity Program at the National Institute of Standards and Technology (NIST), Dr. Keri Pearlson introduces her framework for cybersecurity culture built around values, attitudes, and beliefs. Rather than simply training employees on what to do, the focus shifts to shaping why they do it. When people genuinely believe cybersecurity matters, they take action without waiting for mandates or programs to tell them how.Dr. Pearlson shares vivid examples from her research: a CISO who hired a marketing professional to run the cybersecurity culture program, a CEO who opens every all-hands meeting with a five-minute cybersecurity story, and organizations that use creative rewards like chocolate chip cookies and digital badges to reinforce positive behaviors. She also outlines a five-stage maturity model for cybersecurity culture, from ad hoc efforts all the way to a dynamic culture that self-regulates as new threats like AI-driven vulnerabilities emerge.The conversation also tackles the relationship between organizational culture and cybersecurity culture, the role of group-level accountability, and why consequences matter just as much as rewards. Dr. Pearlson makes the case that cybersecurity should move from being viewed as an infrastructure play to a strategic advantage, one that can attract customers, reduce costs, and build competitive differentiation.For any leader looking to move the needle on security culture, this episode offers a research-backed roadmap and practical steps that anyone can take starting tomorrow.HostSean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/Guest(s)Dr. Keri Pearlson, Senior Lecturer and Principal Research Scientist at MIT Sloan School of Management | On LinkedIn: https://www.linkedin.com/in/kpearlson/Julie Haney (Co-Host), Computer Scientist and Lead, Human-Centered Cybersecurity Program at National Institute of Standards and Technology (NIST) | On LinkedIn: https://www.linkedin.com/in/julie-haney-037449119/ResourcesLearn more about Dr. Keri Pearlson's research: https://mitsloan.mit.edu/faculty/directory/keri-pearlsonLearn more about the NIST Human-Centered Cybersecurity Program: https://csrc.nist.gov/projects/human-centered-cybersecurityCybersecurity at MIT Sloan (CAMS): https://cams.mit.edu/The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcastRedefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqKeywordsdr. keri pearlson, julie haney, mit sloan, nist, sean martin, cybersecurity culture, security culture, values attitudes beliefs, cyber resilience, human-centered cybersecurity, security awareness, phishing, cybersecurity maturity model, security behavior, cybersecurity strategy, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode of Cybersecurity Today, host Jim Love welcomes David Shipley, CEO of Beauceron Security, as a guest. Together, they delve into the latest research from Beauceron  Security with assistance from he University of Montreal. They discuss the effectiveness of phishing simulations, the importance of reporting suspicious activities, and the psychological factors that lead to clicking on phishing emails. The episode also highlights the surprising advantages small businesses have over larger organizations in phishing defense, and how management's attitude towards cybersecurity significantly impacts a company's overall security culture. Don't miss this thorough, insightful conversation that will change how you think about cybersecurity training and culture! Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:19 Meet the Guest: David Shipley 01:46 David's Research with University of Montreal 02:17 Phishing Simulation Training Insights 03:16 The Importance of Real Research 04:30 Human Risk Management vs. Security Awareness 05:49 Understanding Phishing and Its Impact 11:10 The Role of Technology and Human Resilience 14:34 Effective Phishing Training Strategies 19:02 Analyzing Click Behavior and Reporting 27:17 Why People Click: Survey Insights 36:07 High Click Rates and Psychological Safety 38:13 Management's Role in Cybersecurity Culture 39:29 Impact of Tenure and Compensation on Click Rates 40:58 The Importance of Security Awareness Programs 43:35 Feedback and Reporting in Cybersecurity 54:12 Small Companies vs. Large Companies in Cybersecurity 56:44 Surprising Findings and Future Directions 01:02:12 Conclusion and Report Availability

Most security training satisfies compliance expectations, but it doesn't always translate into safer day-to-day behavior.In this episode, Joe Gellatly talks with cybersecurity expert and private investigator Robert Siciliano about why awareness alone isn't enough—and why security has to feel personal before it works at all.They discuss how everyday habits create real exposure, why fear-based training often backfires, and how modern threats like AI-driven scams, deepfakes, and voice cloning are already testing healthcare organizations.The conversation focuses on what actually helps people care about security, not just comply with it.

Rob Hughes — CISO at RSA and Champion of a Passwordless FutureNo Password Required Season 7:  Episode 1 - Rob HughesRob Hughes, the CISO at RSA, has more than 25 years of experience leading security and cloud infrastructure teams. In this episode, he reflects on his unconventional career path, from co-founding the original Geek.com and serving as its Chief Technologist during the early days of the internet, to leading security and systems design at Philips Home Monitoring.Jack Clabby of Carlton Fields, P.A. and Kayley Melton welcome Rob for a wide-ranging conversation on identity, leadership, and the realities of modern cybersecurity. Rob currently leads RSA's Security and Risk Office, overseeing cybersecurity, information security governance, and risk across both RSA's products and corporate environment.Rob explains his dream for a passwordless future. He unpacks why passwords remain one of the largest sources of cyber risk, how real-world incidents and password-spraying attacks have accelerated change, and why phishing-resistant technologies like passkeys may finally be reaching a tipping point.  The episode wraps with the Lifestyle Polygraph, where Rob lightens the conversation with stories about gaming with his kids, underrated horror films, and classic cars.Follow Rob on LinkedIn: https://www.linkedin.com/in/robert-hughes-816067a4/Chapters: 00:00 Introduction to No Password Required01:43 Meet Rob Hughes, CISO at RSA02:05 The Role of a CISO in a Security Company05:09 Transitioning to the CISO Role08:00 The Early Days of Geek.com12:14 Launching a Startup During the Dot Com Boom14:30 The Push for a Passwordless Future18:21 Tipping Point for Passwordless Adoption20:20 Ongoing Learning in Cybersecurity26:09 Managing Stress in High-Pressure Environments33:46 The Lifestyle Polygraph Begins34:15 Career Insights in Cybersecurity36:08 Dream Cars and Personal Preferences39:58 Underrated Horror Films41:19 Creating a Cybersecurity Monster

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Rosa Rowles. Together, they explore the nuances of social engineering, focusing on the critical role of pretexting and impersonation in security assessments. Their conversation underscores the significance of preparation and adaptability, highlighting how embodying different personas can enhance the effectiveness of security operations. [Jan 19, 2026]   00:00 - Intro 00:27 - Rosa Rowles Intro -          LinkedIn: https://www.linkedin.com/in/shelbydacko/ 00:55 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Offensive Security Vishing Services - https://www.social-engineer.com/offensive-security/vishing/ -          Offensive Security SMiShing Services - https://www.social-engineer.com/offensive-security/smishing/ -          Offensive Security Phishing Services - https://www.social-engineer.com/offensive-security/smishing/ -          Call Back Phishing - https://www.social-engineer.com/offensive-security/call-back-phishing/ -          Adversarial Simulation Services - https://www.social-engineer.com/offensive-security/adversarial-simulation/ -          Social Engineering Risk Assessments - https://www.social-engineer.com/offensive-security/social-engineering-risk-assessment/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - https://www.clutchmerch.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                 02:54 - Long Time Listener... 05:24 - Pretexting and Impersonation 10:06 - Becoming the Part 12:04 - An Actor Prepares 13:54 - Sponsor 15:18 - SE for Yourself 23:25 - Saving FASE 25:46 - Principles in Action 29:34 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Join us in this episode of the Know, Grow, Scale podcast as Laura Johns sits down with Matt Lane, President of Managed Services at Scipio Technologies. Discover the journey behind their rebranding, the strategic mergers and acquisitions, and how they consolidated multiple entities under the new name Scipio Technologies. Learn about their approach to managed services, security, and the emerging role of AI in improving efficiency. Celebrate their recognition on the MSP 501 list and explore how their commitment to community and innovation has fueled their growth. Perfect insights for MSP leaders looking to scale their business. 00:00 Introduction and Guest Welcome 00:26 Rebranding Journey of Scipio Technologies 01:18 Challenges and Reasons for Rebranding 02:18 Impact of Rebranding on Clients and Internal Processes 05:05 Recognition and Awards 07:21 Product Offerings and Unique Services 11:48 Future Opportunities and Security Focus 13:22 Adopting AI and Emerging Technologies 14:13 Understanding AI Capabilities and Responsibilities 14:26 AI in National Strategy 15:00 Security Awareness and AI Policies 15:57 Real-World AI Applications 17:50 Creating a GPT Board for Business Solutions 18:54 Growth Strategies for MSPs 23:22 Community Involvement and Nonprofit Work 25:57 Final Thoughts and Future Plans The Business Growers: https://www.instagram.com/thebizgrowers/ _________________________________________________________ About The Business Growers: Many Managed Services Providers and IT companies struggle to grow because they are constantly putting out fires and don't have the bandwidth to focus on the marketing strategy and execution required to scale the business. At The Business Growers, we believe you shouldn't have to hire a full-time marketing team to compete in the marketplace. We work exclusively with MSPs and IT companies, serving as their tech marketing dream team and offering a proven framework for revenue growth. Visit us at https://thebusinessgrowers.com

Chris Johnson and cybersecurity expert Robert Siciliano dive into the human side of security, exploring why default trust and denial make people vulnerable to social engineering and cyber threats. They discuss the cultural framing of security, the importance of personalizing security practices, and why leadership must model proactive behaviors. The conversation introduces the concept of a “strategic human firewall,” emphasizing that proper protection comes from security appreciation, not just awareness. From AI-driven fraud and voice cloning to practical steps like password managers and two-factor authentication, this episode highlights how mindset shifts and personal responsibility are key to resilience in today's threat landscape.

Gina Yacone — Virtual CISO at Trace3 and Roller Derby Penalty Box VisitorLive from B-Sides Jacksonville, No Password Required welcomes Gina Yacone, Virtual CISO at Trace3. Jack Clabby of Carlton Fields, P.A. and Sarina Gandy, host and producer of the CyberBay Podcast, host a conversation on Gina's unconventional career path, leadership under pressure, and the power of community in cybersecurity. With career stops in private investigation, digital forensics, and executive security, Gina brings a people-first, purpose-driven perspective to complex cyber risk.Gina shares how her early work as a private investigator on high-profile criminal defense cases laid the foundation for her success in cybersecurity. She also reflects on raising her hand for big challenges, the rewards and risks of always saying yes, and how authenticity has guided her. She offers insight on why conference hallway conversations can be just as impactful as keynote sessions.A visible advocate for the cybersecurity community, Gina speaks openly about setting healthy mentorship boundaries and building resilient professional networks.The episode wraps with the Lifestyle Polygraph, where Gina lightens the mood with stories from her roller derby days, dream Amazing Race partners, and why John Wick might just be the ultimate executive assistant.Follow Gina on LinkedIn: https://www.linkedin.com/in/ginayacone/ Chapters:00:00 Introduction to Cybersecurity and B-Sides Jacksonville01:16 Gina Yacone's Unique Journey to Cybersecurity06:22 Navigating Burnout in Cybersecurity08:06 The Importance of Raising Your Hand10:04 Adapting Leadership Styles in Different Roles 14:03 Being a Role Model for Women in Cybersecurity16:34 How to Establish a Good Mentee and Mentor Relationship18:50 Feedback and Constructive Criticism22:55  The Value of Hallway Conversations26:19 The Lifestyle Polygraph: Fun and Insights38:54 Conclusion and Future Connections

In this episode of Security Matters, host David Puner welcomes back David Higgins, senior director in CyberArk's Field Technology Office, for a timely conversation about the evolving cyber threat landscape. Higgins explains why today's attackers aren't breaking in—they're logging in—using stolen credentials, AI-powered social engineering, and deepfakes to bypass traditional defenses and exploit trust.The discussion explores how the rise of AI is eroding critical thinking, making it easier for even seasoned professionals to fall for convincing scams. Higgins and Puner break down the dangers of instant answers, the importance of “never trust, always verify,” and why zero standing privilege is essential for defending against insider threats. They also tackle the risks of shadow AI, the growing challenge of misinformation, and how organizations can build a culture of vigilance without creating a climate of mistrust.Whether you're a security leader, IT professional, or just curious about the future of digital trust, this episode delivers actionable insights on identity security, cyber hygiene, and the basics that matter more than ever in 2026 and beyond.

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Shelby Dacko. Chris and Shelby delve into the intricacies of social engineering, focusing on the challenges of pivoting during on-site security assessments. Their discussion highlights the importance of adaptability and teamwork in overcoming unexpected obstacles, emphasizing how diverse communication styles can enhance the effectiveness of security operations. [Dec 15, 2025]   00:00 - Intro 00:34 - Shelby Dacko Intro -          LinkedIn: https://www.linkedin.com/in/shelbydacko/ 01:18 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Offensive Security Vishing Services - https://www.social-engineer.com/offensive-security/vishing/ -          Offensive Security SMiShing Services - https://www.social-engineer.com/offensive-security/smishing/ -          Offensive Security Phishing Services - https://www.social-engineer.com/offensive-security/smishing/ -          Call Back Phishing - https://www.social-engineer.com/offensive-security/call-back-phishing/ -          Adversarial Simulation Services - https://www.social-engineer.com/offensive-security/adversarial-simulation/ -          Social Engineering Risk Assessments - https://www.social-engineer.com/offensive-security/social-engineering-risk-assessment/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                 03:42 - The Importance of Pivoting 05:42 - DISC 06:59 - A Difference in Planning Styles 10:34 - Strength Through Diversity 12:40 - Over the River... 19:29 - And Through the Woods 20:24 - Being Onsite 21:40 - Pivot! Pivot! Pivot! 24:02 - What if? 25:29 - Stray From the Path 28:25 - Strength In Numbers 29:27 - Playing Into Biases 31:43 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Danny Jenkins — Founder of ThreatLocker and the Zero-Trust RevolutionDanny Jenkins is the CEO of ThreatLocker, the leading cybersecurity company that he built alongside his wife. Hosts Jack Clabby of Carlton Fields, P.A., and Kayley Melton of the Cognitive Security Institute follow Danny's journey from a scrappy IT consultant to leading one of the fastest-growing cybersecurity companies in the world.Danny shares the moment everything changed: watching a small business nearly collapse after a catastrophic ransomware attack. That experience reshaped his mission and ultimately sparked the creation of ThreatLocker. He also reflects on the gritty early days—cold-calling from his living room, coding through the night, and taking on debt before finally landing their first $5,000 customer.Danny explains the origins of Zero Trust World, his passion for educating IT teams, and why adopting a hacker mindset is essential for modern defenders.In the Lifestyle Polygraph, Danny relates his early “revenge tech” against school bullies, the place he escapes to when celebrating big wins, and the movie franchise he insists is absolutely a Christmas classic.Follow Danny on LinkedIn: https://www.linkedin.com/in/dannyjenkins/ 00:00 Introduction to Cybersecurity and ThreatLocker02:26 The Birth of ThreatLocker: A Personal Journey05:42 The Evolution of Zero Trust Security08:35 Real-World Impact of Cyber Attacks11:25 The Importance of a Hacker Mindset14:46 The Role of SOC Teams in Cybersecurity17:34 Building a Culture of Security20:23 Hiring for Passion and Skill in Cybersecurity23:44 Understanding Zero Trust: Trust No One26:32 Lifestyle Polygraph: Personal Insights and Fun29:41 Conclusion and Future of ThreatLocker

In this episode of the Fearless Mindset Podcast, we delve into the importance of security and open communication within organizations. With a record number of elections and global distrust in institutions, security teams must foster collaboration and personal connectivity to build trust and ensure everyone's safety. The discussion covers the challenges of balancing security measures with human interaction, the significance of training programs, and how to manage and mitigate workplace anger effectively. The conversation also delves into the role of emotional intelligence in leadership and the need for comprehensive inside threat analysis to preemptively identify and address potential risks.Key TakeawaysSecurity is about collaboration, trust, and meeting people where they are—not just rules and restrictions.Open, honest conversations about difficult topics (like anger and workplace safety) are essential for a healthy organization.Security professionals should serve as culture-bearers, modeling the values and behaviors they want to see.Emotional intelligence and empathy are critical leadership skills, especially post-COVID.Security knowledge should be shared beyond the workplace to benefit families and communities.Addressing insider threats requires long-term, holistic approaches, not just reactive measures.Notable Quotes"The message is not always guns, guards, gates, lock it down. The message is: how do we work together to collectively secure everyone?""You have to meet people where they are. You can't be a robot.""Collaboration and trust are the foundation of civilization—and we need to get back to that.""Security is a primary culture bearer of what we do here.""Anger is real. It's in your organization. We have to be able to have these conversations and deal with it.""It all starts with you."To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen on major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Michelle Li. Chris and Michelle delve into the transformative role of AI in social engineering, highlighting both its potential and pitfalls. Their conversation emphasizes the critical need for empathy in leadership and the importance of maintaining human-centric processes in an increasingly automated world. [Nov 17, 2025]   00:00 - Intro 00:27 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Offensive Security Vishing Services - https://www.social-engineer.com/offensive-security/vishing/ -          Offensive Security SMiShing Services - https://www.social-engineer.com/offensive-security/smishing/ -          Offensive Security Phishing Services - https://www.social-engineer.com/offensive-security/smishing/ -          Call Back Phishing - https://www.social-engineer.com/offensive-security/call-back-phishing/ -          Adversarial Simulation Services - https://www.social-engineer.com/offensive-security/adversarial-simulation/ -          Social Engineering Risk Assessments - https://www.social-engineer.com/offensive-security/social-engineering-risk-assessment/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                 02:34 - Michelle Li Intro 03:14 - A Roundabout Journey 05:40 - The Importance of Legacy 07:26 - Using AI Honorably 10:00 - The Effects of AI on Social Engineering 11:52 - AI for Protection 13:47 - Still About the Human Role 14:49 - Masterclass Ad 16:27 - Origins of FASE 20:01 - Reflection of Self 25:52 - The Role of Core Principles 30:15 - New Kid in Town 34:08 - Find Michelle Li Online -          LinkedIn: https://www.linkedin.com/in/michelle-li-mba-ssbb-0850b975/ -          Website: https://www.bisblox.com/ 34:47 - Book Recommendations -          Blink - Malcolm Gladwell -          The Book of Forgiving - Desmond Tutu 36:11 - Mentors 38:52 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

How appreciation and gamification can improve your employees' security awarenessMaking security behaviours stick – reframing mistakes as opportunities for growthFostering a culture of continuous improvement with an inclusive learning environmentThom Langford, Host, teissTalkhttps://www.linkedin.com/in/thomlangford/Sara Carty, Founder & CEO, Unboringhttps://www.linkedin.com/in/saracarty/Penny Jackson, Director Strategy, Awareness & Engagement (Human Risk Management), Aristos Partnershiphttps://www.linkedin.com/in/pennykjackson/Rebecca Stephenson, Specialist Lead Lecturer, Highlands Collegehttps://www.linkedin.com/in/creative-minds-in-cyber/

As the Verizon Data Breach Investigations Report has stated year after year, most breaches start with human error. We've invested a lot in Security Awareness and Training and Phishing solutions, but yet human error is still the top risk. How do we actually reduce human risk? Rinki Sethi, CSO at Upwind Security, and Nicole Jiang, CEO of Fable Security, share why human risk management is the next frontier for security—and how platforms like Fable Security deliver personalized nudges that help employees build safer habits and stay ahead of threats. Solving human risk starts by changing human behavior. Learn how advancements in Artificial Intelligence (AI) and the application of adtech principles (targeted, personalized, A/B-tested messages delivered when they're most relevant) are delivering faster, more effective behavior change that lasts. Segment Resources: Five must-haves of modern human risk management: https://fablesecurity.com/ebook-five-must-haves/ Starter RFP for modern human risk management: https://fablesecurity.com/starter-rfp-for-modern-hrm/ This segment is sponsored by Fable Security. Visit https://securityweekly.com/fable to learn more about them! In the leadership and communications segment, Inside the CISO Mind: How Security Leaders Choose Solutions, 2026 Leadership Strategy: Mastering Agility and Anticipation for Better Decisions, The Most Human, Strategic, Sought-After Tool in Leadership, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-418

As the Verizon Data Breach Investigations Report has stated year after year, most breaches start with human error. We've invested a lot in Security Awareness and Training and Phishing solutions, but yet human error is still the top risk. How do we actually reduce human risk? Rinki Sethi, CSO at Upwind Security, and Nicole Jiang, CEO of Fable Security, share why human risk management is the next frontier for security—and how platforms like Fable Security deliver personalized nudges that help employees build safer habits and stay ahead of threats. Solving human risk starts by changing human behavior. Learn how advancements in Artificial Intelligence (AI) and the application of adtech principles (targeted, personalized, A/B-tested messages delivered when they're most relevant) are delivering faster, more effective behavior change that lasts. Segment Resources: Five must-haves of modern human risk management: https://fablesecurity.com/ebook-five-must-haves/ Starter RFP for modern human risk management: https://fablesecurity.com/starter-rfp-for-modern-hrm/ This segment is sponsored by Fable Security. Visit https://securityweekly.com/fable to learn more about them! In the leadership and communications segment, Inside the CISO Mind: How Security Leaders Choose Solutions, 2026 Leadership Strategy: Mastering Agility and Anticipation for Better Decisions, The Most Human, Strategic, Sought-After Tool in Leadership, and more! Show Notes: https://securityweekly.com/bsw-418

As the Verizon Data Breach Investigations Report has stated year after year, most breaches start with human error. We've invested a lot in Security Awareness and Training and Phishing solutions, but yet human error is still the top risk. How do we actually reduce human risk? Rinki Sethi, CSO at Upwind Security, and Nicole Jiang, CEO of Fable Security, share why human risk management is the next frontier for security—and how platforms like Fable Security deliver personalized nudges that help employees build safer habits and stay ahead of threats. Solving human risk starts by changing human behavior. Learn how advancements in Artificial Intelligence (AI) and the application of adtech principles (targeted, personalized, A/B-tested messages delivered when they're most relevant) are delivering faster, more effective behavior change that lasts. Segment Resources: Five must-haves of modern human risk management: https://fablesecurity.com/ebook-five-must-haves/ Starter RFP for modern human risk management: https://fablesecurity.com/starter-rfp-for-modern-hrm/ This segment is sponsored by Fable Security. Visit https://securityweekly.com/fable to learn more about them! In the leadership and communications segment, Inside the CISO Mind: How Security Leaders Choose Solutions, 2026 Leadership Strategy: Mastering Agility and Anticipation for Better Decisions, The Most Human, Strategic, Sought-After Tool in Leadership, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-418

As the Verizon Data Breach Investigations Report has stated year after year, most breaches start with human error. We've invested a lot in Security Awareness and Training and Phishing solutions, but yet human error is still the top risk. How do we actually reduce human risk? Rinki Sethi, CSO at Upwind Security, and Nicole Jiang, CEO of Fable Security, share why human risk management is the next frontier for security—and how platforms like Fable Security deliver personalized nudges that help employees build safer habits and stay ahead of threats. Solving human risk starts by changing human behavior. Learn how advancements in Artificial Intelligence (AI) and the application of adtech principles (targeted, personalized, A/B-tested messages delivered when they're most relevant) are delivering faster, more effective behavior change that lasts. Segment Resources: Five must-haves of modern human risk management: https://fablesecurity.com/ebook-five-must-haves/ Starter RFP for modern human risk management: https://fablesecurity.com/starter-rfp-for-modern-hrm/ This segment is sponsored by Fable Security. Visit https://securityweekly.com/fable to learn more about them! In the leadership and communications segment, Inside the CISO Mind: How Security Leaders Choose Solutions, 2026 Leadership Strategy: Mastering Agility and Anticipation for Better Decisions, The Most Human, Strategic, Sought-After Tool in Leadership, and more! Show Notes: https://securityweekly.com/bsw-418

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Carter Zupancich. Chris and Carter explore the evolving landscape of social engineering threats, focusing on the rise of vishing attacks and the role of AI in enhancing these tactics. Their discussion underscores the importance of empowering employees as a human firewall and the need for continuous education and testing to strengthen organizational security. [Oct 20, 2025]   00:00 - Intro 00:31 - Carter Zupancich Intro -          Website: https://carterzupancich.com/ 01:30 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                03:35 - Tools, Tactics and Procedures 05:19 - Tech Advances 08:16 - The Classics 10:01 - The Need for Testing 12:16 - Callback Phishing 17:26 - Setting Expectations 21:56 - Approved Language 23:56 - Verify! 25:16 - Empowerment 26:17 - And Now a Horrible Story 28:47 - Investing In Employees 31:19 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Recorded live at TribalNet 2025, Michelle Bouschor chats with KC Petersen about her session on “Security Awareness—Keeping It New, Updated, and Engaging.” KC shares what's been working for her casino property, how to make security training more effective, and creative ways to turn employee awareness into everyday action.

Jennifer Selby Long reframes security awareness as more than training—it's about earning trust and influence with executives and security teams. She shares leadership lessons on how to build stronger alignment and support for security initiatives. Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-217

In this episode of 'Cybersecurity Today: Our Month in Review,' host Jim welcomes a panel including Tammy Harper from Flair, Laura Payne from White Tuque, and David Shipley, CEO of Beauceron Securities. The discussion kicks off with an overview of their plans for Cybersecurity Month, including reviving the MapleSEC show and the CIO of the Year awards. David shares his experiences at SECTOR, Canada's largest cybersecurity conference, discussing the importance of security awareness training and the risks of irresponsible tech journalism on public perception. The panel also delves into the resurgence of the Clop ransomware group, their shift to data extortion, and their exploitation of vulnerabilities in Oracle EBS applications. Laura highlights a concerning case of insider threats at RBC, emphasizing the importance of process-driven controls. The episode also touches on the human side of cybersecurity, particularly the impact of romance scams and the growing violence in cybercrime. The panelists underscore the need for improved security awareness and the role of AI in identifying scams. Tammy, Laura, and David conclude by discussing the role of insider threats and the ethical boundaries in cybercrime, sharing insights from recent real-world cases. 00:00 Introduction and Panelist Introductions 00:43 Cybersecurity Month Initiatives 02:46 Security Awareness and Phishing Training 04:03 Impact of Irresponsible Tech Journalism 08:27 AI and Cybersecurity: Hype vs. Reality 10:43 Conference Experiences and Networking 18:33 Clop Ransomware and Data Extortion 23:45 Tammy's Insights on Clop's Tactics 24:58 Scattered Lasus and Cyber Warfare 26:32 Media Savvy Cybercriminals 31:36 Human Impact of Cyber Scams 37:17 Insider Threats and Security Awareness 43:21 Physical Security and Cyber Threats 48:33 Cybercrime Targeting Children 50:58 Conclusion and Upcoming Topics

In this episode of Unspoken Security, host A.J. Nash sits down with Marley Salveter, Director of Marketing at Unspoken Security. They explore how digital privacy and security awareness look different for younger generations who have grown up in a world where sharing personal data is routine, not a choice. Marley shares her perspective on adapting to life online, where building a personal brand and protecting personal information often overlap for today's professionals.Marley explains how her generation views data privacy as an accepted tradeoff, not a conscious decision, and why traditional corporate security training rarely feels relevant. She discusses the real risks of living in public—how threats feel less urgent until they get personal and why the rapid response of tech platforms can mask the lasting impact of breaches. She and A.J. dig into the challenge of communicating security risks to a connected generation that rarely sees tangible consequences.Together, they reflect on how open conversations bridge generational gaps and why storytelling and relatable dialogue help people internalize security lessons. Marley argues that making security personal is key to lasting change—especially for those building their careers and brands in the public eye.Send us a textSupport the show

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Faith Kent. Together, they delve into the critical role of effective communication, the art of role adaptation, and the psychological dynamics in crisis situations. The conversation highlights the importance of proactive preparedness and fostering trust within teams to tackle challenges with confidence. [Sept 15, 2025]   00:00 - Intro 00:42 - Faith Kent Intro 01:21 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                03:09 - Breaking & Entering 04:45 - Blending In 07:45 - Frank's Computer 10:13 - Unusual Communications 12:17 - Cochlear Implant 14:19 - Ethical Boundaries 16:11 - Community Pride 18:00 - Leaning Into the Discomfort 21:57 - Not an Afterthought 23:08 - Diversity for Security 27:00 – Trust, But Verify (Always) 28:23 - Wrap Up -          Deaf Gain: Raising the Stakes for Human Diversity -          https://gallaudet.edu/deaf-president-now/ -          https://www.lifeprint.com/ 29:03 - Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Jowan Joseph. Chris and Jowan discuss the importance of effective communication, role adaptation, and the psychological aspects of crisis situations. The discussion emphasizes the need for proactive preparedness and building trust within teams to navigate challenges effectively.  [Aug 18, 2025]   00:00 - Intro 00:32 - Jowan Joseph Intro 00:44 - New Format 01:24 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                03:08 - Tabletop...Child's Play 04:36 - Phase One: Assigning Roles 07:11 - Going Rogue 08:05 - Measuring Tone 09:22 - A Few More Twists 09:57 - Some Heads Are Gonna Roll 10:41 - Communication Breakdown 12:17 - Post Mortem                                                      13:44 - Alignment at Scale 14:57 - Divide and Conquer... Together 17:31 - Proactive Instead of Reactive 20:21 - The Communication Gap 21:22 - Trust Factor 22:15 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

What happens after an employee clicks on a phishing link? Jason Hoenich (hey-nick), the self-proclaimed "Security Awareness Apologist," believes that's where the real education begins. Drawing from his experiences at major entertainment companies like Disney and Sony, Jason shares how live hacking demonstrations where employees witness real-time compromises create powerful, unforgettable learning moments.The conversation dives deep into why traditional security awareness approaches fall short. While phishing simulations and generic training modules check compliance boxes, they rarely drive meaningful behavior change. The most effective programs go beyond making people aware of threats—they make secure behaviors easy and intuitive while building a security-conscious culture from the ground up.One of Jason's most compelling insights revolves around relationship-building. Security awareness professionals who form strategic partnerships with HR, Legal, and Corporate Communications unlock unprecedented program potential. These connections transform potential roadblocks into champions who help tailor messaging and navigate brand considerations when creating engaging content.Security champion programs emerge as another powerful strategy for organizations with global or diverse workforces. By identifying influencers throughout different business units and locations, security teams can extend their reach and ensure messaging resonates across various cultures and job functions. These champions provide invaluable feedback while translating technical concepts into language that connects with their colleagues.The future of human risk management lies in personalization and actionable insights. Rather than just identifying risky behaviors, advanced tools should offer immediate remediation options—imagine a system that not only alerts an employee to unsecured files but offers a one-click solution to fix the vulnerability instantly.Ready to transform your security awareness program? Start by assessing your program's maturity and developing a comprehensive strategy that goes beyond basic tools. Remember Jason's advice: "Strategy, strategy, strategy. If you don't have one, work on it." Your journey toward meaningful security awareness begins with this episode.

Heute ist Katharina Hoffmann (ein paar Blogposts gibts hier) zu Gast, um das Thema Security mal richtig zu beleuchten. Und dabei geht es kaum drum, wie man seinen Node.js Service baut, damit keine Scr…

Maddie Regis speaks with Tom Bowyer, Director of Security at Automox, about the intersection of IT and cybersecurity. Tom shares his career journey, the importance of collaboration between IT and security teams, and insights into SOC compliance reports. He emphasizes the need for transparency, experimentation, and proactive problem-solving in enhancing cybersecurity. This episode originally aired October 17, 2024

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Trent Waterhouse. Trent is the CMO of GlobalMeet, a leading virtual event technology company with a scalable, flexible, and secure hybrid event streaming platform built and supported by experienced event experts. Trent has a proven track record of driving growth and innovation with 35 years of expertise leveraging a field sales marketing model that aligns sales, marketing, and R&D to think like a customer, act like a partner, and measure success through customer satisfaction and net promoters. Built for growth, Trent's unique blend of technology understanding and B2B marketing skills have been proven to help companies grow revenue profitably, improve customer experiences, build new partnerships, and expand opportunity pipelines. [July 21, 2025]   00:00 - Intro 00:50 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                02:30 - Trent Waterhouse Intro 03:11 - Starting Out Pre-Video 04:53 - A Brave New World 08:07 - Going Public 10:21 - Rise of the DeepFakes 13:03 - Video Watermarking 15:23 - A Simple Warning Will Do 19:11 - Staying Up to Date 21:22 - Insider Threat 23:42 - Find Trent Waterhouse Online    -          Website: https://www.globalmeet.com/ -          Instagram: https://www.instagram.com/globalmeet/ -          LinkedIn: https://www.linkedin.com/in/trentonwaterhouse/ 24:44 - Book Recommendations -          Pattern Breakers - Mike Maples, Jr, Peter Ziebelman 27:16 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

In this special live episode of Autonomous IT, Live! we walk through a high-stakes incident response drill that mimics a disturbingly realistic threat scenario: an attacker gains access to your internal tools — not by breaking in, but by logging in.Here's the setup: a user unknowingly reuses compromised credentials with the company's SSO provider. An attacker logs in, flies under the radar, and impersonates internal IT support using Slack, email, and calendar invites. Their goal? Convince employees to install a fake remote access tool—all while avoiding anyone likely to report suspicious behavior.Join Landon Miles, Tom Bowyer, and Ryan Braunstein as they:

REPLAY (Original Air Date Oct 21, 2024)   Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Stacey Edmonds. Stacey is a multi-disciplinary EdTech innovator and Digital Safety Pioneer, driven by a commitment to democratizing knowledge. Stacey's expertise, encompassing social science, education, EdTech, and multi-platform screen production, culminated in the founding of Lively, which we will hear all about on this podcast. Since 2002, Stacey has been designing and delivering enterprise-wide cyber safety upskilling programs. In 2023, embodying her mission to make knowledge accessible, Stacey launched 'Dodgy or Not?' – a social enterprise offering an engaging approach to digital safety education.   She continues to bridge the gap between emerging technologies and practical education, driving innovation in AI ethics and digital literacy - she is also known for deepfaking herself. [Oct 21, 2024]   00:00 - Intro 00:19 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                03:00 - Stacey Edmonds Intro 04:18 - Teaching, Trains & Turkeys 08:43 - Toilets vs Videos 11:16 - Dodgy or Not? 15:15 - Social Engineering for Good! 17:46 - Pause for the Cause 20:17 - Training in Real Time 24:11 - Real Time Threat Detection 27:49 - Culture is Everything 30:33 - Find Stacey Edmonds online -          LinkedIn: in/staceyedmonds/ 31:28 – Mentors -          Carolyn Breeze -          Chris Hadnagy -          Janine Thompson -          Steve Rowe -          Shane Bell 33:58 - Book Recommendations -          Feel The Fear and Do It Anyway - Susan Jeffers -          The Hitchhiker's Guide to the Galaxy - Douglas Adams -          1984 - George Orwell -          Man-Made – Tracey Spicer 35:51 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Looking to network in the cybersecurity world? Fortunately, there's no shortage of industry associations to choose from. Today, we're putting the spotlight on the International Association of Security Awareness Professionals, or IASAP. The IASAP offers security awareness professionals the added insight, creativity and confidence to take their program to the next level of excellence, through webinars, online discussions, and security awareness content available only to members. Learn more at https://iasapgroup.org

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Julie Chatman. Julie is a distinguished cybersecurity executive with nearly two decades of experience in cybersecurity strategy, risk management, and AI governance.   She began her career in the U.S. Navy, serving on active duty as a Hospital Corpsman specializing in Medical Laboratory Science & Technology. Her transition into cybersecurity began at the FBI, where strong mentorship shaped her approach to leadership, problem solving, and talent development.   She currently serves as the Deputy Chief Information Security Officer for Finance at the Virginia Information Technologies Agency (VITA), where she is focused on driving risk reduction across state agencies. The role is part of a strategic engagement through her company, ResilientTech Advisors.   Julie leads CyberPath Coaching, where she draws on her experience as an active CISO to mentor cybersecurity professionals, accelerate their growth, and prepare them for executive roles. She works with individuals breaking into the field, mid-career professionals, aspiring CISOs, and cybersecurity entrepreneurs. [May 19, 2025]   00:00 - Intro 00:53 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                02:03 - Julie Chatman Intro 03:14 - A Hungry Brain 04:25 - We Are Mushroomed 05:54 - Being an Enabler 10:13 - Speak Their Language 13:33 - Assigning Responsibility 16:05 - A Tool, Not a Replacement 20:35 - Career Challenges 22:40 - Strategic Empathy 23:46 - Setting Boundaries 24:15 - Narrative Control 25:38 - Staying Positive 29:39 - The Target is the Same 32:09 - Book Recommendations -          World War Z  - Max Brooks 33:20 - Mentors -          MB Kinder -          Martha Williams 35:14 - Find Julie Chatman Online -          Website: cyberpathcoaching.net -          LinkedIn: linkedin.com/in/julie-chatman-mba-infosec 35:54     Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Join G Mark Hardy, host of CISO Tradecraft, as he breaks down the latest insights from the 2025 Verizon Data Breach Investigations Report (DBIR). In this episode, discover the top 10 takeaways for cybersecurity leaders including the surge in third-party breaches, the persistence of ransomware, and the human factors in security incidents. Learn actionable strategies to enhance your organization's security posture, from improving vendor risk management to understanding industry-specific threats. Stay ahead of cybercriminals and secure your data with practical, data-driven advice straight from one of the industry's most anticipated reports. Verizon DBIR - https://www.verizon.com/business/resources/reports/dbir/ Transcripts - https://docs.google.com/document/d/1h_YMpJvhAMB9wRyx92WkPYiKpFYyW2qz Chapters 00:35 Verizon Data Breach Investigations Report (DBIR) Introduction 01:16 Accessing the DBIR Report 02:38 Key Takeaways from the DBIR 03:15 Third-Party Breaches 04:32 Ransomware Insights 08:08 Exploitation of Vulnerabilities 09:39 Credential Abuse 12:25 Espionage Attacks 14:04 System Intrusions in APAC 15:04 Business Email Compromise (BEC) 18:07 Human Risk and Security Awareness 19:19 Industry-Specific Trends 20:06 Multi-Layered Defense Strategy 21:08 Data Leakage to Gen AI

Join G Mark Hardy, host of CISO Tradecraft, as he breaks down the latest insights from the 2025 Verizon Data Breach Investigations Report (DBIR). In this episode, discover the top 10 takeaways for cybersecurity leaders including the surge in third-party breaches, the persistence of ransomware, and the human factors in security incidents. Learn actionable strategies to enhance your organization's security posture, from improving vendor risk management to understanding industry-specific threats. Stay ahead of cybercriminals and secure your data with practical, data-driven advice straight from one of the industry's most anticipated reports. Verizon DBIR - https://www.verizon.com/business/resources/reports/dbir/ Transcripts - https://docs.google.com/document/d/1h_YMpJvhAMB9wRyx92WkPYiKpFYyW2qz Chapters 00:35 Verizon Data Breach Investigations Report (DBIR) Introduction 01:16 Accessing the DBIR Report 02:38 Key Takeaways from the DBIR 03:15 Third-Party Breaches 04:32 Ransomware Insights 08:08 Exploitation of Vulnerabilities 09:39 Credential Abuse 12:25 Espionage Attacks 14:04 System Intrusions in APAC 15:04 Business Email Compromise (BEC) 18:07 Human Risk and Security Awareness 19:19 Industry-Specific Trends 20:06 Multi-Layered Defense Strategy 21:08 Data Leakage to Gen AI

New breach reports show threat actor dwell times are dropping significantly. It’s a positive development, but there is a caveat. We discuss this caveat and other findings from the 2025 editions of the Verizon Data Breach Investigations Report and the Google M-Trends Report. We also get highlights from the 2025 RSA Conference, and JJ gets... Read more »

New breach reports show threat actor dwell times are dropping significantly. It’s a positive development, but there is a caveat. We discuss this caveat and other findings from the 2025 editions of the Verizon Data Breach Investigations Report and the Google M-Trends Report. We also get highlights from the 2025 RSA Conference, and JJ gets... Read more »

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Travis Farral. Travis has been working in information security since the 90s at places such as Nokia, ExxonMobil, and XTO Energy. He is currently VP & CISO at Archaea Energy, a bp owned, renewable natural gas company based in Houston, Texas. He has spoken at events around world on topics such as Cyber Threat Intelligence, MITRE ATT&CK, and Incident Response. Notable activities during his career include everything from programming logic controllers, building and leading SOCs, driving forklifts, standing up cybersecurity teams, developing threat intelligence programs, and handling responses to incidents, among many other things over the last few decades. [April 21, 2025]   00:00 - Intro 00:18 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                02:08 - Travis Farral Intro 02:58 - A Different Path than Today 05:25 - Healthy Hacking 08:08 - Anything Can Be Weaponized 10:54 - Questionable Behavior 14:31 - Smash That Report Button!!! 18:58 - Improving Our Odds 21:00 - You Have to Keep It Simple 22:25 - Letters to a Young CISO 24:20 - Find Travis Farral online -          LinkedIn: linkedin.com/in/travisfarral 25:01 - Mentors -          Shawn Edwards -          Jay Leek 27:02 - Book Recommendations -          R. E. Lee: A Biography  - Douglas Southall Freeman 29:34 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Today we are celebrating our 300th episode! Chris will be joined by some friends as he discusses how the podcast got started - back in 2009, how it has evolved, including the creation of multiple series, and the direction for the future. [April 14, 2025]   00:00 - Intro 00:22 - Intro Links -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                02:45 - Social-Engineer Origin Story 03:59 - The Human Element Series 05:34 - The Security Awareness Series 06:03 - The Doctor Is In Series 06:12 - The SE ETC. Series 06:28 - The 4th Monday Series 07:05 - The Future 07:43 - Amanda Drops By 08:35 - Ooof! 09:12 - SE Trivia 13:17 - A Video Celebration! 21:16 - Neil Fallon Drops By 52:50 - Wrap Up 53:56 - Outro -           www.social-engineer.com -          www.innocentlivesfoundation.org

BONUS: AI and Cybersecurity - An Introduction to The Hidden Threats in Our Connected World with Dr. Eric Cole In this BONUS episode, we explore the evolving landscape of cybersecurity in the age of artificial intelligence. Dr. Eric Cole, a renowned cybersecurity expert and author of Cyber Crisis: Protecting Your Business from Real Threats in the Virtual World, shares critical insights about how AI is transforming security strategies. From the privacy concerns of our always-connected devices to practical tips for protecting your business and personal information, this conversation offers essential knowledge for navigating our increasingly digital world. The Double-Edged Sword of AI in Cybersecurity "We are giving away our IP, our data, and our privacy. The data set is what gives value to AI." The rise of artificial intelligence presents both opportunities and serious risks in the cybersecurity landscape. Dr. Cole emphasizes that while many focus solely on AI's benefits, we often overlook the fact that we're surrendering vast amounts of our sensitive information, intellectual property, and private data to AI providers. This data becomes the foundation of AI's value and capabilities, creating a significant privacy concern that many organizations fail to properly address. As we embrace these new technologies, we must carefully consider what information we're willing to share and what safeguards should be in place. Modern Attack Vectors: The Human Element "Attacks today are mostly social engineering. We end up having to retrain people to not trust their email." Today's cybersecurity threats have evolved beyond traditional technical exploits to focus primarily on social engineering—manipulating people into compromising their own security. Dr. Cole explains that modern attackers increasingly target the human element, requiring organizations to fundamentally retrain employees to approach communications with healthy skepticism. Particularly concerning are mobile threats, as our phones constantly record audio and other personal data. Dr. Cole warns that "free" apps often come with a hidden price: your privacy and security. Understanding these attack vectors is essential for developing effective defense strategies in both personal and professional contexts. Cybersecurity as a Business Enabler "Security is not a barrier, not an obstacle. Cybersecurity is a business enabler." Dr. Cole challenges the common perception that security measures primarily restrict functionality and impede business operations. Instead, he reframes cybersecurity as a critical business enabler that should be integrated into strategic decision-making. Organizations need to make deliberate decisions about the tradeoffs between security and functionality, understanding that proper security measures protect business continuity and reputation. Dr. Cole particularly warns about supply chain attacks, which have become increasingly prevalent, and emphasizes that awareness is the foundation of any effective protection strategy. He recommends centralizing data for easier security management and advises that client devices should minimize storing sensitive data. Mobile Phones: The Ultimate Tracking Device "You don't go anywhere without your cell phone. Your cell phone is never more than a foot from you it's with you wherever you go... which means if somebody wants to track and monitor you they can." We often worry about theoretical tracking technologies while overlooking the sophisticated tracking device we voluntarily carry everywhere—our mobile phones. Dr. Cole points out the irony that people who would never accept being "chipped" for tracking purposes willingly keep their phones within arm's reach at all times. These devices record our locations, conversations, messages, and activities, creating a comprehensive digital trail of our lives. With access to someone's phone, anyone can trace their movements for months and access an alarming amount of personal information. This risk is compounded when we back up this data to cloud services, effectively giving third parties access to our most sensitive information. Understanding these vulnerabilities is the first step toward more mindful mobile security practices. Business Opportunities in the Security Space "We have too much information, too much data. How can we use that data effectively?" The cybersecurity landscape presents significant business opportunities, particularly in making sense of the overwhelming amount of security data organizations collect. Dr. Cole identifies data correlation and effective data utilization as key investment areas. Modern security systems generate vast quantities of logs and alerts, but transforming this raw information into actionable intelligence remains a challenge. Companies that can develop solutions to effectively analyze, correlate, and extract meaningful insights from security data will find substantial opportunities in the market, helping organizations strengthen their security posture while managing the complexity of modern threats. Essential Training for Security-Conscious Developers "Go for secure coding courses. This helps us understand how software can be exploited." For software developers looking to build more secure applications, Dr. Cole recommends focusing on penetration testing skills and secure coding practices. Understanding how software can be exploited from an attacker's perspective provides invaluable insights for designing more robust systems. By learning the methodologies and techniques used by malicious actors, developers can anticipate potential vulnerabilities and incorporate appropriate safeguards from the beginning of the development process. This proactive approach to security helps create applications that are inherently more resistant to attacks rather than requiring extensive security patches and updates after deployment. About Dr. Eric Cole Dr. Eric Cole is the author of "Cyber Crisis, Protecting Your Business from Real Threats in the Virtual World." He is a renowned cybersecurity expert with over 20 years of experience helping organizations identify vulnerabilities and build robust defense solutions against advanced threats. He has trained over 65,000 professionals worldwide through his best-selling cybersecurity courses and is dedicated to making cyberspace a safe place for all. You can link with Dr. Eric Cole on LinkedIn, or visit his company's website Secure-Anchor.com. 

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Roy Luongo. Roy is the Chief Information Security Officer for the United States Secret Service. He leads a team in the defense and information assurance of all USSS information systems and solutions. Prior to his current role he was the Director, Joint Mission Operations Center for Cyber Command, providing oversight of mission critical Cyber Operations infrastructures. He has also served as Chief, NSA Red Team and Technical Director for Interactive Operations for the NSA. Roy is a retired Army soldier with 20 years' service within the Intelligence and Cyber career fields. [March 17, 2025]   00:00 - Intro 00:17 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                01:55 - Roy Luongo Intro 02:44 - The Path to CISO of the Secret Service 04:58 - Cybersecurity in Early Education 07:50 - The Entry Level Catch-22 12:24 - Quantifying Risk 14:27 - The Best Way Forward 16:51 - The Effects and Future of AI 20:06 - Understanding Your Needs 22:11 - Advise to Young Roy 24:56 - The Cost of Training 29:01 - Mentors -          Ed Skoudis -          Brigadier General Brian D. Vile -          Shawn Turskey 29:55 - Lollipop Moments -          TEDxToronto - Drew Dudley "Leading with Lollipops" 31:33 - Book Recommendations -          Cybersecurity Canon - Rick Howard -          Kingpin - Kevin Poulsen -          Turn the Ship Around! - L. David Marquet 33:49 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org