Podcasts about security operations

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdf

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdfBecome a supporter of this podcast: https://www.spreaker.com/podcast/the-epstein-chronicles--5003294/support.

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdfBecome a supporter of this podcast: https://www.spreaker.com/podcast/the-epstein-chronicles--5003294/support.

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdf

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdf

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdf

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdfBecome a supporter of this podcast: https://www.spreaker.com/podcast/the-epstein-chronicles--5003294/support.

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdfBecome a supporter of this podcast: https://www.spreaker.com/podcast/the-epstein-chronicles--5003294/support.

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdf

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdfBecome a supporter of this podcast: https://www.spreaker.com/podcast/the-epstein-chronicles--5003294/support.

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdfBecome a supporter of this podcast: https://www.spreaker.com/podcast/the-epstein-chronicles--5003294/support.

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdf

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdfBecome a supporter of this podcast: https://www.spreaker.com/podcast/the-epstein-chronicles--5003294/support.

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdf

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdfBecome a supporter of this podcast: https://www.spreaker.com/podcast/the-epstein-chronicles--5003294/support.

The document is a sworn OIG interview transcript from June 15, 2021, involving the Bureau of Prisons captain who oversaw security operations at MCC New York during the period surrounding Jeffrey Epstein's death. The captain described the command structure inside the jail, including his role supervising lieutenants and reporting up to associate wardens or the warden, while investigators walked him through staffing, rosters, post assignments, suicide-watch procedures, SHU operations, and the chain of responsibility on August 9–10, 2019. The transcript is important because it does not present Epstein's death as a clean, orderly institutional event; instead, it shows a jail struggling with bad staffing, confusing handoffs, unfilled posts, questionable paperwork, and a command structure where critical responsibilities appear to have been either missed, misunderstood, or passed around.The most serious value of the interview is in the irregularities it surfaces. The captain reportedly discussed inaccurate rosters or logs, acknowledged questions around skipped SHU rounds, addressed the fact that Epstein had previously been on suicide watch, and said he would not necessarily have known in real time if officers were failing to conduct required checks. Even more troubling, he expressed concern that certain documents may have been deliberately removed from files that should have been reviewed or audited, and investigators also raised an inmate-count issue involving an inmate named Reyes, whose release may not have been properly reflected in the institution's count — something the captain treated as a protocol violation. Taken together, the transcript adds another layer to the larger Epstein death record: not a single clean explanation, but a bureaucratic mess of missing or questionable documentation, staffing failures, broken supervision, and institutional chaos at precisely the moment when the most high-profile federal inmate in America was supposed to be under careful control.to contact me:bobbycapucci@protonmail.comsource:EFTA00111830.pdfBecome a supporter of this podcast: https://www.spreaker.com/podcast/the-epstein-chronicles--5003294/support.

Send us Fan MailEight terabytes of stolen schematics is not just a scary number, it is a reminder that cyber risk becomes business risk fast. We start with the Wired report on the Foxconn ransomware attack and unpack what a claim like that could mean in the real world: intellectual property exposure, supply chain disruption, customer impact, and the uncomfortable truth that recovery is only one part of the story when data walks out the door.From there, we switch into CISSP Domain 7 Security Operations mode and work through practical exam-style questions with the “how would this hold up at work” mindset. We break down why live forensics imaging can be the right call during an insider threat investigation, using the order of volatility and the kinds of RAM artifacts that disappear the moment you shut a machine down. We also tackle a Patch Tuesday nightmare scenario where a CVSS 9.8 vulnerability is already being exploited but the change advisory board will not meet for ten days, and we explain why an emergency change process plus compensating controls is the mature security operations answer.We also cover a common privileged access failure where a domain admin uses an elevated account for email and browsing, and how least privilege plus a privileged access workstation (PAW) architecture can prevent a single phish from becoming domain compromise. Finally, we sharpen the fundamentals with an RTO/RPO recovery timeline question and a SIEM brute force threshold miss that illustrates false negatives and the need for better tuning and behavioural baselines.Subscribe for weekly CISSP training, share this with a study partner, and leave a review so more security pros can find the show. What topic do you want me to turn into practice questions next?Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

In this episode, host Kim Coombes is joined by security experts John Chirillo and Rob Di Girolamo, along with Microsoft Security expert Robin Camirand, to unpack the most important insights from the RSAC 2026 Conference. The discussion covers the rapid rise of Agentic AI security, the need to defend at machine speed, and the industry's shift toward active defense as traditional response models struggle to keep up. The team also explores the growing importance of post-quantum cryptography as organizations prepare for the next phase of cryptographic risk. Throughout the conversation, the panel reflects on RSAC's defining theme, the “power of community,” and why collective defense is essential as threats become faster, more automated, and more complex. Whether you're tracking AI-driven risks, planning for quantum readiness, or looking for clear takeaways from RSAC 2026, this episode delivers practical insights from experienced security leaders. Moderator: Kimberlee Coombes, Security Solution Architect, Connection Guest: John Chirillo, Principal Security Architect, Connection Guest: Rob Di Girolamo, Senior Security Architect, Connection Guest: Robin Camirand, Inside Solution Architect and Microsoft Security SME, Connection   Show Notes 00:00 Introduction to RSAC 2026 Trends 02:43 AI as a Tool and Threat in Cybersecurity 05:22 Microsoft's Perspective on Identity and Security 08:27 AI as a New Attack Surface 10:58 The Future of Security Operations and SOC 13:31 AI-Driven Attacks and Vulnerability Management 16:17 Quantum Security: A Growing Concern 18:51 Final Thoughts and Future Considerations

RSAC Conference 2026 made one thing impossible to miss: AI is on every sticker, every slide, and every booth. Sorting signal from marketing has never been harder. Lisa Liu, Corporate Marketing and Communications Manager at Stellar Cyber, joins this Brand Highlight to continue a conversation that started on the show floor in San Francisco and was worth picking up again once the noise settled. Stellar Cyber has been incorporating machine learning into every layer of its security platform since 2015, well before AI became the marketing default. The position Lisa Liu brings is direct: AI is not a one-size-fits-all solution. A large language model is not the most efficient way to parse log data, and slapping an AI label on existing functionality is not the same as designing for the analyst pain points at every stage of detection, investigation, and response. The conversation closes on the autonomous SOC question, where Stellar Cyber argues for a human-augmented approach. Promises of complete autonomy deserve healthy skepticism; guardrails matter, and keeping a human analyst in the loop is what allows AI mistakes to be caught and contained before they cascade. It is a Brand Highlight worth a few minutes for anyone trying to separate AI substance from AI theater in security operations. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Lisa Liu, Corporate Marketing and Communications Manager, Stellar Cyber | On LinkedIn: https://www.linkedin.com/in/lisaaliu/ RESOURCES Learn more about Stellar Cyber: https://stellarcyber.ai/ View all of our RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac26 Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Lisa Liu, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, RSAC Conference 2026, Multi-Layer AI, human-augmented autonomous SOC, machine learning, Open XDR, NG-SIEM, security operations, AI in cybersecurity, agentic AI, SOC analyst, security platform Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests: Eric Foster, CEO, Tenex.AI Bashar Abouseido, President,  Tenex.AI Topics: "10X SOC" sounds great.  But for an organization stuck in "SIEM 1.0" with poor data quality and manual workflows, is "AI-native MDR" a "leapfrog" opportunity or a recipe for disaster? We've seen the rise of "Decoupled SIEM" and security data lakes. Does a "Modern SIEM" even need to exist if an MDR platform has an agentic layer doing the heavy lifting?  You've argued for AI-native over AI-bolted-on. For an end user, what are the tangible differences of using "AI inside a legacy SIEM" versus using an "AI-native separate product"? What is the one task you thought AI would handle by now that still requires a senior human analyst to step in? If a CISO is using an AI MDR, "Mean Time to Detect" (MTTD) starts to look like a vanity metric because the machine is instant. What is the new golden metric for an AI-powered SOC? Is it "Time to Context," "Reduction in Human Toil," or something else? How do you help a skeptical SOC Manager—who has been burned by false positives for a decade—trust an autonomous agent to perform a "containment" action at 3:00 AM?   Resources: EP227 AI-Native MDR: Betting on the Future of Security Operations? EP10 SIEM Modernization? Is That a Thing? The original "10X" paper "Autonomic Security Operations: 10X Transformation of the Security Operations Center"

In today's Cloud Wars Minute, I explain how ServiceNow is enabling secure, scalable adoption of AI agents across the enterprise. Highlights 00:03 — ServiceNow is joining forces with Zenity, the first security and governance platform that's been purpose-built for AI agents. Zenity is becoming a ServiceNow build partner, bringing with it a range of capabilities to ServiceNow Security Operations, including agent security, posture management, and vulnerability assessment. 00:25 — Deepak Kolingivadi, VP of Product Management and Head of Security Products at ServiceNow, said the following about this new partnership: “AI agents are transforming how work gets done across the enterprise, including Security Operations. Our partnership with Zenity strengthens the ServiceNow AI control tower and Security Operations solutions.” 01:01 — Now, collectively, these new capabilities bring to ServiceNow customers a greater ability to scale the use of AI agents safely and with full confidence as part of their existing SecOps processes. And what we're seeing here is ultimately a new category, AI Security Operations, or AI SecOps. 01:26 — It's also important to note that by embedding this governance layer through its build partnership, ServiceNow is demonstrating that it's truly ahead of the curve here. All new products delivered by software vendors need integrated security and governance, and agentic AI is no exception. 01:58 — The key word here is scale. ServiceNow has the tools to drive AI across the breadth of a business, and now through Zenity, it's delivering the ability to do this at scale. Visit Cloud Wars for more.

The security industry has spent years debating which tools to buy. Impetum is asking a different question: are the tools you already have actually working? Founded by incident responders who saw the same failures across hundreds of breaches, Impetum built the Persistent Purple Team platform to simulate advanced threat actors inside customer environments on a continuous monthly basis -- not as a one-time engagement, but as an ongoing relationship built around real data, custom TTPs, and a measurable Threat Resilience Score. Matt Stewart and Alex Grohmann spoke with Sean Martin and Marco Ciappelli at RSAC Conference 2026 about what they are hearing on the show floor: agentic AI is accelerating the speed of compromise and exposing vulnerabilities in legacy systems that have been dormant for decades. Against that backdrop, the value of knowing -- not assuming -- that your detection and response capabilities hold up becomes critical. The platform builds that knowledge through live-fire exercises using an organization's own data, validating patch management, XDR, SIEM tuning, and post-compromise detection in a way no annual pen test can. The conversation also touched on the structural talent problem agentic AI is creating inside SOCs. As AI fills the level one analyst role, the pipeline for developing level two analysts and incident responders is narrowing. Impetum sees persistent purple teaming as the training ground that closes that gap -- giving existing teams the repeated, realistic practice they need to respond with confidence when an actual breach begins. Impetum targets mid-size organizations that have the right security tools but lack the budget, bandwidth, and access to industry events to keep those tools continuously validated against evolving attack paths. For those teams, the platform delivers something an annual report cannot: a documented, ongoing record of what works, what does not, and where the program is heading. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Matt Stewart, Co-Founder, Impetum Alex Grohmann, Co-Founder, Impetum LinkedIn: https://www.linkedin.com/in/alexandergrohmann/ RESOURCES Impetum / Persistent Purple Team: https://www.persistentpurpleteam.com ITSPmagazine RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Matt Stewart, Alex Grohmann, Impetum, Persistent Purple Team, Remedium Security, Sean Martin, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast, purple teaming, continuous security validation, threat resilience, CISO, security operations, SOC, red team, blue team, incident response, agentic AI, MITRE ATT&CK, penetration testing, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In the middle of a major incident, security teams face a brutal paradox: the faster things move, the harder it becomes to capture what's actually happening. Cydarm Technologies was built to solve exactly that. Vaughan Shanks, Co-Founder and CEO, describes the platform as a system of record for the SOC -- a purpose-built case management tool that captures who knew what, when, and why, in real time, throughout the lifecycle of an incident. Most of Cydarm's customers sit in government, defense, and critical infrastructure -- organizations where the pressure of regulatory compliance, legal accountability, and board-level reporting is highest. But the value extends well beyond compliance. Shanks draws a direct line from his time in Australian federal government to the philosophy behind Cydarm: good record keeping is good governance. When a capital-I incident is declared, legal, HR, communications, the C-Suite, and the board all need a view in. Cydarm's fine-grained, attribute-based access control makes it possible to give each stakeholder exactly the access they need -- and no more. What sets Cydarm apart from the ticketing systems most teams already have? Shanks puts it plainly: ITSM was built for IT service management, not adversarial cyber threats. The volume, velocity, and variety of SecOps are simply different. Cydarm is designed to feel more like WhatsApp and less like ITSM -- rich data format support, Easy Connect integrations, and a collaborative experience built specifically for high-frequency security operations. Teams that have built workarounds in existing tools know the maintenance burden that comes with it. Cydarm eliminates that mess. The post-incident dimension is where the system of record pays compounding dividends. Shanks outlines three paths: individual incident reports with adjustable significance levels for different audiences; longitudinal metrics capture that reveals the threat environment your controls aren't blocking; and resource justification data that gives security leaders the evidence to defend headcount and budgets. One customer -- a security leader at a major household brand -- had never experienced a breach, and had long struggled to justify the size of their team. With Cydarm's metrics, they finally had the data to make the argument. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Vaughan Shanks, Co-Founder and CEO, Cydarm Technologieshttps://www.linkedin.com/in/vaughan-shanks/ RESOURCES Cydarm Technologies: https://www.cydarm.com KEYWORDS Vaughan Shanks, Cydarm Technologies, Sean Martin, brand spotlight, brand story, brand marketing, marketing podcast, cyber incident response, SOC case management, security operations, incident management platform, system of record, RSAC Conference 2026, NIST incident response, playbook management, SecOps, ITSM alternatives, post-incident review, threat metrics, CISO accountability Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Madhav Nakar — AI Security Researcher and Documentarian of Spirituality and Play   No Password Required Season 7: Episode 3 - Madhav Nakar   Madhav Nakar is a Security Researcher at BeyondTrust specializing in identity threats, endpoint security, and cloud attack paths. With a background in theoretical mathematics, his current research focuses on analyzing attacker behavior to build practical systems of detection.   In this episode, Madhav shares the pivotal moments that shaped his career, including his first experience witnessing a nation-state attack unfold in real time from his seat in a SOC. He explains how mathematical thinking sharpens security strategy and why strong research is rooted in exploration, not predetermined outcomes.   Jack Clabby of Carlton Fields, joined by co-host Kayley Melton of the Cognitive Security Institute, welcomes Madhav for a conversation on modern cyber defense. From AI-driven attacks and agentic systems to privilege escalation risks in role-based access environments, Madhav breaks down what teams are getting wrong about AI and why defending against AI increasingly requires AI-powered tools.   The conversation turns to Madhav's philosophy of “serious play,” where curiosity, experimentation, and failure fuel better research and resilience. He also shares insights from his spiritual and philosophy project, The Fire of Knowing, exploring consciousness and belief through a neutral lens.   In the Lifestyle Polygraph, Madhav pitches a cybersecurity documentary, debates growth versus comfort, and reflects public dancing experiments.  Follow Madhav Nakar here: https://www.linkedin.com/in/madhav-nakar/ Follow "The Fire of Knowing" on Instagram and Youtube!  CHAPTERS:  00:00 Introduction with Kayley and Jack 08:08 Transition from Theoretical Math to Cybersecurity 16:13 Exploring Spiritual Traditions and Madhav's Documentary 19:48 The Intersection of Art and Science in Content Creation 25:20 The Lifestyle Polygraph: Challenging Perspectives on Security

Security teams are under more pressure than ever, reacting at human speed while systems, identities, and AI agents operate at machine speed. In this episode of Security Matters, host David Puner sits down with cybersecurity leader and former FBI executive MK Palmore to explore why defenders struggle to keep pace and what it takes to regain control.From AI agents that overshare sensitive data to cloud misconfigurations that never seem to disappear to the persistent success of ransomware, MK explains how complexity, vendor sprawl, and overloaded teams create gaps that attackers continue to exploit. The conversation highlights how identity across human, machine, and emerging agent types has become the center of modern security and why fundamentals, prioritization, and platform thinking matter more than ever.Listeners will hear insight on: • Identity at machine speed and the rise of autonomous access • Why attackers still win more than 51 percent of the time • How ransomware continues to succeed despite industry progress • Why SMBs face “mission impossible” expectations • The true cost of vendor sprawl and operational overload • What effective security leadership looks like in the current threat environmentIf you work in identity, security operations, strategy, or leadership, this discussion cuts through hype and focuses on the realities defenders face and how to push back against the constant pressure of the tyranny of the now.

⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast On YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Newsletter: https://itspm.ag/future-of-cybersecurity Contact Sean: https://www.seanmartin.com/ ⬥KEYWORDS⬥ richard stiennon, it-harvest, sean martin, soc automation, ai security, security operations center, threat detection, autonomous response, alert triage, security operations, cybersecurity vendors, ai agents, large language models, federated learning, siem, soar, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast On YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Newsletter: https://itspm.ag/future-of-cybersecurity Contact Sean: https://www.seanmartin.com/ ⬥KEYWORDS⬥ richard stiennon, it-harvest, sean martin, soc automation, ai security, security operations center, threat detection, autonomous response, alert triage, security operations, cybersecurity vendors, ai agents, large language models, federated learning, siem, soar, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What does it take to turn the dream of an autonomous SOC into something organizations can actually deploy? Subo Guha, Senior Vice President of Product Management at Stellar Cyber, joins Sean Martin to share how the company's AI-driven security operations platform is making that vision a reality. Stellar Cyber serves SOC teams across more than 50 countries, with a primary focus on MSPs and MSSPs supporting the underserved mid-market, though marquee enterprise customers like Canon are also part of the portfolio.How can agentic AI change the way SOC teams handle alert overload? Guha describes what he calls a "digital army" of AI agents that work around the clock to automate alert triage and catch phishing attacks. The system filters 70 to 80 percent of incoming alerts, allowing analysts to focus on the 20 percent that matter most. With attackers using AI to launch faster and more frequent campaigns, Stellar Cyber takes a human-augmented approach, meaning the AI learns from analyst interactions and continuously guides the SOC team toward faster, more accurate remediation.Why does this matter for MSPs operating on thin margins? Guha explains that the autonomous SOC capability layered on top of Stellar Cyber's XDR platform allows MSSPs to serve more customers, reduce mean time to repair, and grow their tenant base without proportionally increasing staff. When MSSPs grow revenue, Stellar Cyber grows alongside them, creating a mutually beneficial model that ultimately means more organizations get protected.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTSubo Guha, Senior Vice President of Product Management, Stellar Cyber @LinkedInRESOURCESLearn more about Stellar Cyber: https://stellarcyber.aiAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSSubo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, autonomous SOC, agentic AI, security operations, XDR, NDR, MSSP, MSP, alert triage, AI-driven security, Open XDR, Gartner Magic Quadrant, phishing detection, SOC automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What does it take to turn the dream of an autonomous SOC into something organizations can actually deploy? Subo Guha, Senior Vice President of Product Management at Stellar Cyber, joins Sean Martin to share how the company's AI-driven security operations platform is making that vision a reality. Stellar Cyber serves SOC teams across more than 50 countries, with a primary focus on MSPs and MSSPs supporting the underserved mid-market, though marquee enterprise customers like Canon are also part of the portfolio.How can agentic AI change the way SOC teams handle alert overload? Guha describes what he calls a "digital army" of AI agents that work around the clock to automate alert triage and catch phishing attacks. The system filters 70 to 80 percent of incoming alerts, allowing analysts to focus on the 20 percent that matter most. With attackers using AI to launch faster and more frequent campaigns, Stellar Cyber takes a human-augmented approach, meaning the AI learns from analyst interactions and continuously guides the SOC team toward faster, more accurate remediation.Why does this matter for MSPs operating on thin margins? Guha explains that the autonomous SOC capability layered on top of Stellar Cyber's XDR platform allows MSSPs to serve more customers, reduce mean time to repair, and grow their tenant base without proportionally increasing staff. When MSSPs grow revenue, Stellar Cyber grows alongside them, creating a mutually beneficial model that ultimately means more organizations get protected.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTSubo Guha, Senior Vice President of Product Management, Stellar Cyber @LinkedInRESOURCESLearn more about Stellar Cyber: https://stellarcyber.aiAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSSubo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, autonomous SOC, agentic AI, security operations, XDR, NDR, MSSP, MSP, alert triage, AI-driven security, Open XDR, Gartner Magic Quadrant, phishing detection, SOC automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In episode 174 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Kyle Leonard, Cyber Threat Intelligence Analyst at the Center for Internet Security® (CIS®), and Randy Rose, VP of Security Operations & Intelligence at CIS. Together, they continue their discussion of 2026 cybersecurity predictions from seven CIS experts, as shared on the CIS website.Here are some highlights from our episode:02:00. How cross-platform campaigns are becoming the norm03:09. Threat actors' use of generative artificial intelligence (GenAI) to expand their attacks and gain efficiencies05:08. The blurring line of what separates today's script kiddies from nation-state threat actors07:47. Fully autonomous malware: in the realm of possibility but not here yet13:19. How specialization in the criminal ecosystem requires us to rethink analysis itself16:07. Shrinking dwell time: a product of the democratization of complex tools' availability18:02. The effective use of social engineering to lower threat actors' operational costs19:20. Malware's increasing use of trusted infrastructure to thwart cyber defenses20:25. The use of behavioral analysis to apply bottleneck security mechanisms22:40. Evolving threat actors' tradecraft: pseudo-random subdomains, GenAI models, and SEO poisoning26:39. What trust looks like today: something that's dynamic and negotiated at a moment's notice31:25. Supply chain attackers' pivot to edge device vendors and security appliance makers33:43. The ongoing work of CIS to support state and local governments' cybersecurity effortsResourcesEpisode 169: 2026 Cybersecurity Predictions from CIS — Pt 1The Evolving Role of Generative Artificial Intelligence in the Cyber Threat LandscapeSurge of QakBot Activity Using Malspam, Malicious XLSB FilesActive Lumma Stealer Campaign Impacting U.S. SLTTsEpisode 173: Scammer Jousting as Human Risk ManagementClickFix: An Adaptive Social Engineering TechniqueImpact of Federal Funding Cuts to the Value of MS-ISAC CTIEpisode 157: How a Modern, Mission-Driven CIRT OperatesIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

Vincent Stoffer, Field Chief Technology Officer at Corelight, shares his predictions for 2026 and what security teams should prepare for in the coming year. With nearly a decade at Corelight and a background in network and security engineering, Stoffer brings a unique perspective on where the industry is heading.The conversation explores the emergence of the agentic SOC, where AI agents work alongside human analysts to accelerate detection, response, and incident resolution. Stoffer explains that while the protocols and tools have been in development, 2026 is the year organizations will finally see these capabilities deliver real results. The key differentiator, he notes, is data quality. Tools that provide rich, detailed, and comprehensive network evidence will thrive in this AI-enabled environment.Stoffer also addresses the persistent threat from nation-state actors, particularly China's Typhoon campaigns targeting critical infrastructure. From energy and telecoms to international partners, these threats continue to expand with AI-powered acceleration. Understanding your environment and detecting anomalous behavior remains essential for organizations facing these sophisticated adversaries.The discussion concludes with a look at post-quantum readiness. While quantum computing threats may be 10 to 20 years away, Stoffer emphasizes the importance of understanding cryptographic assets now. Corelight has published a white paper detailing how NDR provides the network visibility needed to locate cryptographic assets and plan migration to quantum-ready cipher suites.This is a Brand Highlight. A Brand Highlight is an introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTVincent Stoffer, Field Chief Technology Officer at CorelightOn LinkedIn: https://www.linkedin.com/in/vincent-stoffer-07057827/RESOURCESLearn more about Corelight: https://corelight.comAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSVincent Stoffer, Corelight, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, agentic SOC, network detection and response, NDR, critical infrastructure security, nation-state threats, China Typhoon campaigns, Salt Typhoon, Volt Typhoon, post-quantum cryptography, quantum readiness, AI in cybersecurity, security operations, incident response, network visibility, Zeek Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In episode 171 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Soledad Antelada Toledano, Security Advisor, Office of the CISO, Google Cloud at Google. Together, they discuss securing critical national infrastructure (CNI) in U.S. State, Local, Tribal, and Territorial (SLTT) government organizations through artificial intelligence (AI) adoption.Here are some highlights from our episode:00:50. Introduction to Soledad02:48. How the convergence of informational technology (IT) and operational technology (OT) has created bigger attack surfaces04:10. The proliferation of threat actors targeting critical infrastructure sectors07:24. The challenge of legacy systems for U.S. SLTT owners of CNI08:13. Alert fatigue, limited visibility, and other challenges facing OT networks13:22. The value of automated cyber threat intelligence (CTI)24:46. Building strategic AI implementation around human in the loop (HITL)33:17. U.S. SLTTs' use of the cloud to test and build trust for securing CNIResourcesThe Changing Landscape of Security Operations and Its Impact on Critical InfrastructureCybersecurity for Critical InfrastructureEpisode 139: Community Building for the Cyber-UnderservedEpisode 119: Multidimensional Threat Defense at Large EventsLeveraging Generative Artificial Intelligence for Tabletop Exercise DevelopmentThe Evolving Role of Generative Artificial Intelligence in the Cyber Threat LandscapeEpisode 148: How MDR Helps Shine a Light on Zero-Day AttacksVulnerability Management Policy Template for CIS Control 7CIS Critical Security Controls v8.1 Industrial Control Systems (ICS) GuideIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

Rob Hughes — CISO at RSA and Champion of a Passwordless FutureNo Password Required Season 7:  Episode 1 - Rob HughesRob Hughes, the CISO at RSA, has more than 25 years of experience leading security and cloud infrastructure teams. In this episode, he reflects on his unconventional career path, from co-founding the original Geek.com and serving as its Chief Technologist during the early days of the internet, to leading security and systems design at Philips Home Monitoring.Jack Clabby of Carlton Fields, P.A. and Kayley Melton welcome Rob for a wide-ranging conversation on identity, leadership, and the realities of modern cybersecurity. Rob currently leads RSA's Security and Risk Office, overseeing cybersecurity, information security governance, and risk across both RSA's products and corporate environment.Rob explains his dream for a passwordless future. He unpacks why passwords remain one of the largest sources of cyber risk, how real-world incidents and password-spraying attacks have accelerated change, and why phishing-resistant technologies like passkeys may finally be reaching a tipping point.  The episode wraps with the Lifestyle Polygraph, where Rob lightens the conversation with stories about gaming with his kids, underrated horror films, and classic cars.Follow Rob on LinkedIn: https://www.linkedin.com/in/robert-hughes-816067a4/Chapters: 00:00 Introduction to No Password Required01:43 Meet Rob Hughes, CISO at RSA02:05 The Role of a CISO in a Security Company05:09 Transitioning to the CISO Role08:00 The Early Days of Geek.com12:14 Launching a Startup During the Dot Com Boom14:30 The Push for a Passwordless Future18:21 Tipping Point for Passwordless Adoption20:20 Ongoing Learning in Cybersecurity26:09 Managing Stress in High-Pressure Environments33:46 The Lifestyle Polygraph Begins34:15 Career Insights in Cybersecurity36:08 Dream Cars and Personal Preferences39:58 Underrated Horror Films41:19 Creating a Cybersecurity Monster

Mike Vetri, Sr. Director of Security Operations at Veeva Systems, reflects on transforming SOC investigations through AI-powered data aggregation and building threat operations teams with the analytical mindset required for proactive defense. Mike introduces the C3 Matrix framework for prioritizing security efforts across centers of gravity, crown jewels, and capability enablers, and explains the seven Ds of cyber defense from discovery through deception operations.  Drawing from 10+ years of Air Force cyber intelligence experience, Mike details why threat operations requires fundamentally different system-two thinking than detection engineering, and how this discipline shift moves organizations from reactive firefighting to proactive threat anticipation. He covers practical examples of AI cutting investigation time by aggregating data from multiple tools, the importance of defense in personnel for operational resilience, and strategies for preventing analyst burnout while maintaining effective security operations.  Topics discussed: How AI transforms insider threat investigations by aggregating workstation logs, browsing history, and DLP alerts into single queries The C3 Matrix framework prioritizes security controls across centers of gravity, crown jewels, and capability enablers based on organizational impact and recoverability Why threat operations requires system-two analytical thinking fundamentally different from the engineering mindset The seven Ds of cyber defense: discover, detect, deny, disrupt, degrade, destroy, and deception operations for comprehensive threat mitigation How deception operations provide the most accurate intelligence by studying adversary behavior in controlled environments The distinction between threat intelligence and threat operations, and why mature SOCs need teams focused on proactive defense strategies Defense in personnel ensures multiple team members can handle each security capability, preventing single points of failure Time-sensitive investigation scenarios where AI delivers maximum ROI by eliminating the need to manually query dozens of security tools The evolution of cyber threats from technical attacks to psychological warfare using AI to challenge human judgment and decision-making Why security culture must extend beyond traditional boundaries as AI-powered threats increasingly target HR processes, financial operations, and business functions Listen to more episodes:  Apple  Spotify  YouTube Website

Gary Hunter, Head of Security Operations at Trustpilot, built a security team from scratch at a company synonymous with trust. Gary shares how his ten-person team leverages AI agents across alert triage, multimodal brand protection, and incident response.  He explores why he and his team treat AI agents like interns with codified guardrails, why competitive prompt testing reveals the best approaches, and how restricting AI to specific documentation sets prevents confusion. Gary also offers his tips on building weatherproof team members who adapt to any technology shift and reflects on why constraints breed creativity in resource-limited environments. Topics discussed: Building security operations from scratch by identifying pain points, understanding technology gaps, and systematically increasing detection coverage and visibility Leveraging AI agents for alert triage and workflows to enable teams to run as fast as attackers while maintaining appropriate human oversight Implementing competitive prompt testing by running multiple AI models to identify the most effective approach before deployment Creating cultural buy-in for AI adoption by empowering team members to contribute prompts and democratizing learning across skill levels Using AI for multimodal brand protection, analyzing screenshots and HTML content to score potential infringements and automate response workflows appropriately Treating AI agents like interns, codifying processes, and limiting tool access based on what you'd delegate to junior team members Building detection strategies that focus on behaviors and crown jewels while using AI to triage noisy but potentially valuable alerts Documenting institutional knowledge concisely rather than overwhelming AI models with extensive documentation that creates conflicting or irrelevant responses Shifting team focus from alert triaging to high-impact prevention work, vendor management, and building relationships across the business  Listen to more episodes:  Apple  Spotify  YouTube Website

Gina Yacone — Virtual CISO at Trace3 and Roller Derby Penalty Box VisitorLive from B-Sides Jacksonville, No Password Required welcomes Gina Yacone, Virtual CISO at Trace3. Jack Clabby of Carlton Fields, P.A. and Sarina Gandy, host and producer of the CyberBay Podcast, host a conversation on Gina's unconventional career path, leadership under pressure, and the power of community in cybersecurity. With career stops in private investigation, digital forensics, and executive security, Gina brings a people-first, purpose-driven perspective to complex cyber risk.Gina shares how her early work as a private investigator on high-profile criminal defense cases laid the foundation for her success in cybersecurity. She also reflects on raising her hand for big challenges, the rewards and risks of always saying yes, and how authenticity has guided her. She offers insight on why conference hallway conversations can be just as impactful as keynote sessions.A visible advocate for the cybersecurity community, Gina speaks openly about setting healthy mentorship boundaries and building resilient professional networks.The episode wraps with the Lifestyle Polygraph, where Gina lightens the mood with stories from her roller derby days, dream Amazing Race partners, and why John Wick might just be the ultimate executive assistant.Follow Gina on LinkedIn: https://www.linkedin.com/in/ginayacone/ Chapters:00:00 Introduction to Cybersecurity and B-Sides Jacksonville01:16 Gina Yacone's Unique Journey to Cybersecurity06:22 Navigating Burnout in Cybersecurity08:06 The Importance of Raising Your Hand10:04 Adapting Leadership Styles in Different Roles 14:03 Being a Role Model for Women in Cybersecurity16:34 How to Establish a Good Mentee and Mentor Relationship18:50 Feedback and Constructive Criticism22:55  The Value of Hallway Conversations26:19 The Lifestyle Polygraph: Fun and Insights38:54 Conclusion and Future Connections

On this episode of The Cybersecurity Defenders Podcast we speak with Alec Fenton, VP of Security Operations at Foresite Cybersecurity about his journey from SOC analyst to security leader.Alec Fenton is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his analytical prowess and hands-on approach to leadership.Throughout his career, Alec has navigated the intricate landscape of IT security, working across various sectors including managed service providers and private companies. His tenure as an analyst in the cybersecurity space has not only equipped him with a deep understanding of emerging threats and vulnerabilities but has also shaped his leadership philosophy of "lead from the front."Alec's commitment to excellence and his unwavering dedication to staying ahead of the curve in the ever-evolving field of cybersecurity have earned him recognition as a trusted advisor and thought leader in the industry. When he's not immersed in the world of IT security, Alec enjoys spending time outdoors, and help coach his son's baseball/basketball teams.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

What Security Congress Reveals About the State of CybersecurityThis discussion focuses on what ISC2 Security Congress represents for practitioners, leaders, and organizations navigating constant technological change. Jon France, Chief Information Security Officer at ISC2, shares how the event brings together thousands of cybersecurity practitioners, certification holders, chapter leaders, and future professionals to exchange ideas on the issues shaping the field today.  Themes That Stand OutAI remains a central point of attention. France notes that organizations are grappling not only with adoption but with the shift in speed it introduces. Sessions highlight how analysts are beginning to work alongside automated systems that sift through massive data sets and surface early indicators of compromise. Rather than replacing entry-level roles, AI changes how they operate and accelerates the decision-making path. Quantum computing receives a growing share of focus as well. Attendees hear about timelines, standards emerging from NIST, and what preparedness looks like as cryptographic models shift.  Identity-based attacks and authorization failures also surface throughout the program. With machine-driven compromises becoming easier to scale, the community explores new defenses, stronger controls, and the practical realities of machine-to-machine trust. Operational technology, zero trust, and machine-speed threats create additional urgency around modernizing security operations centers and rethinking human-to-machine workflows.  A Place for Every Stage of the CareerFrance describes Security Congress as a cross-section of the profession: entry-level newcomers, certification candidates, hands-on practitioners, and CISOs who attend for leadership development. Workshops explore communication, business alignment, and critical thinking skills that help professionals grow beyond technical execution and into more strategic responsibilities.  Looking Ahead to the Next CongressThe next ISC2 Security Congress will be held in October in the Denver/Aurora area. France expects AI and quantum to remain key themes, along with contributions shaped by the call-for-papers process. What keeps the event relevant each year is the mix of education, networking, community stories, and real-world problem-solving that attendees bring with them.The ISC2 Security Congress 2025 is a hybrid event taking place from October 28 to 30, 2025 Coverage provided by ITSPmagazineGUEST:Jon France, Chief Information Security Officer at ISC2 | On LinkedIn: https://www.linkedin.com/in/jonfrance/HOST:Sean Martin, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.seanmartin.comFollow our ISC2 Security Congress coverage: https://www.itspmagazine.com/cybersecurity-technology-society-events/isc2-security-congress-2025Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageISC2 Security Congress: https://www.isc2.orgNIST Post-Quantum Cryptography Standards: https://csrc.nist.gov/projects/post-quantum-cryptographyISC2 Chapters: https://www.isc2.org/chaptersWant to share an Event Briefing as part of our event coverage? Learn More

In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Matt Duncan, Vice President of Security Operations and Intelligence at the North American Electric Reliability Corporation's E-ISAC, to explore the cyber threats targeting the North American power grid. Matt breaks down why the grid remains resilient despite increasing pressure from nation-states, cybercriminals, and hacktivists, how AI is lowering the barrier of entry for attackers, and why OT systems and interconnected devices present unique risks.   He also highlights real success stories, the value of large-scale grid exercises, and how strong collaboration and a focus on foundational security practices help defenders keep power flowing safely and reliably.    In this episode you'll learn:       How severe weather events trigger heightened cyber-readiness across utilities  What motivates hacktivist groups and how their tactics differ from other threat actors  Why outdated equipment and legacy systems remain such attractive targets  Some questions we ask:      Are you seeing more educated and capable OT-focused adversaries now?  How do you work with policymakers to help them understand these threats?  If you could eliminate one misconception about securing the grid, what would it be?    Resources:   View Matt Duncan on LinkedIn   View Sherrod DeGrippo on LinkedIn   Learn more about E-ISAC    Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider    The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network. 

PREVIEW — David Daoud — Escalation in Israeli Policing Activity Against Hezbollah. John Batchelor and Daouddiscuss heightened Israeli security operations against Hezbollah along Israel's northern border, indicating Hezbollah'srapid organizational regeneration. While the IDF rarely provides operational commentary, Daoud has documented a significant escalation in recent operations—transitioning from drone reconnaissance strikes to sustained, intensive air strikes designed to ensure target destruction and elimination of leadership cadres. 1900 BEIRUT

Over his 15-year journey through healthcare and financial services security, Ken Bowles, now Director of Security Operations at GreenSky, has collected a plethora of practical strategies for prioritizing crown jewels, managing cloud over-permissions, and building SOCs that scale effectively. He reflects on transforming security operations through AI and intelligent automation and discusses how AI is reducing analyst investigation time dramatically. Ken also asserts the importance of auditing security controls before they silently fail. The conversation touches on the evolving role of the MITRE framework, the concept of signaling versus alerting, and why embracing AI might be the best career move for security professionals navigating rapid technological change in cloud environments. Topics discussed: Building security operations programs around crown jewels and scaling outward to manage the most critical assets first. Managing over-permissions in cloud environments that have snowballed across multiple administrators without proper governance. Using AI to reduce analyst investigation time from 30 minutes to seconds through intelligent data enrichment and context. Creating true single-pane-of-glass visibility by connecting security tools and data sources for more effective threat detection. Training new security analysts with AI assistance to bridge knowledge gaps in SQL, SOAR platforms, and log analysis. Documenting institutional knowledge while encouraging analysts to trust their intuition when something doesn't look right. Understanding the limitations of impossible travel alerts and using AI to establish user behavior baselines for accurate detection. Applying the MITRE framework as a guideline rather than gospel, adapting detection strategies to specific organizational needs. Implementing signaling approaches that label security-relevant events without creating alert fatigue for security operations teams. Auditing security controls regularly to catch configuration drift and ensure protective measures remain effective over time.  Listen to more episodes:  Apple  Spotify  YouTube Website

Cloudflare's outage is rooted in an internal configuration error. The Trump administration is preparing a new national cyber strategy. CISA gives federal agencies a week to secure a new Fortinet flaw. MI5 warns that China is using LinkedIn headhunters and covert operatives to target lawmakers. Experts question the national security risks of TP-Link routers. The China-aligned PlushDaemon threat group hijacks software updates. Researchers discover WhatsApp's entire global member directory accessible online without protection. LG Energy Solution confirms a ransomware attack. ShinySp1d3r makes its debut. Rotem Tsadok, Director of Security Operations and Forensics at Varonis, is sharing lessons learned from thousands of forensics investigations. A judge says Google's claims to water use secrecy are all wet.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Rotem Tsadok, Director of Security Operations and Forensics at Varonis, sharing lessons learned from thousands of forensics investigations. Listen to Rotem's full conversation here. Selected Reading Cloudflare blames this week's massive outage on database issues (Bleeping Computer) National cyber strategy will include focus on ‘shaping adversary behavior,' White House official says (The Record) CISA gives govt agencies 7 days to patch new Fortinet flaw (Bleeping Computer) Chinese Spies Are Using LinkedIn to Target U.K. Lawmakers, MI5 Warns (The New York Times) No evidence that TP-Link routers are a Chinese security threat (CSO Online) PlushDaemon compromises network devices for adversary-in-the-middle attacks (welivesecurity) 3.5 Billion Accounts: Complete WhatsApp Directory Retrieved and Evaluated (heise online) LG Energy Solution reports ransomware attack, hackers claim theft of 1.7 terabytes of data (beyondmachines) Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters (Bleeping Computer) Google Strives To Keep Data Center Water Use Secret After Judge Orders Records Released (Roanoke Rambler) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Joseph Avanzato is the Security Operations and Forensics Group Leader at Varonis. In this episode, he joins host Paul John Spaulding to discuss the common tactics attackers exploit and mistakes made by enterprises that lead breaches, as well as how Varonis is uniquely positioned to help public and private customers around the world investigate, contain, and evict attackers from their network. This episode is brought to you by Varonis, whose AI-powered data security platform secures your data at scale – across IaaS, SaaS, and hybrid cloud environments. To learn more about our sponsor, visit https://www.Varonis.com.

Join host G Mark Hardy in an exciting episode of CISO Tradecraft where we delve into the cutting-edge world of Human AI Security Operation Centers (SOCs). With special guests Brian Carbaugh and William McMillan, former CIA operatives and leading figures in cybersecurity innovation, we explore how AI is transforming the landscape of security operations. Discover the unparalleled efficiency, accuracy, and proactive threat detection offered by AI-driven SOCs compared to traditional platforms. Learn from real-world examples, such as condensing hundreds of investigative hours into just 90 seconds, and understand the critical role of contextual data in modern threat detection. Perfect for CISOs ready to elevate their security strategies, this episode provides actionable insights and expert advice on navigating AI SOC adoption and integration. Don't miss this informative and forward-thinking discussion! Big thanks to our sponsorBig thanks to our sponsor Forcepoint Check out their The Practical Guide to Mastering Data Compliance: https://www.forcepoint.com/resources/ebooks/practical-guide-mastering-data-compliance?utm_source=&sf_src_cmpid=701a600000exxd7AAA&utm_medium=display&utm_content=AW_NC_LinkedInAds_October25_ban&utm_campaign=LinkedInAds_October25William MacMillan - https://www.linkedin.com/in/william-andesite/Brian Carbaugh- https://www.linkedin.com/in/brian-carbaugh-38b339243/

In this episode of Defender Fridays, we talk to Alec Fenton, VP Security Operations at Foresite Cybersecurity, practical career advice for defenders, SOC metrics that actually matter and AI in security operations.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Alec is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his analytical prowess and hands-on approach to leadership.Throughout his career, Alec has navigated the intricate landscape of IT security, working across various sectors including managed service providers and private companies. His tenure as an analyst in the cybersecurity space has not only equipped him with a deep understanding of emerging threats and vulnerabilities but has also shaped his leadership philosophy of "lead from the front."Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In episode 159 of Cybersecurity Where You Are, Sean Atkinson is joined by Joshua Palsgraf, Sr. Cyber Threat Intelligence Analyst at the Center for Internet Security® (CIS®), and Randy Rose, Vice President of Security Operations & Intelligence at CIS. Together, they dive into the scariest malware of 2025 in this special Halloween edition.The conversation explores what makes today's malware truly terrifying, from stealthy threats that hide in plain sight to modular malware that evolves faster than defenses can adapt. The trio also discusses the corporatization of cybercrime, the rise of Malware as a Service, and how generative artificial intelligence (GenAI) is lowering the barrier to entry for cybercriminals.Here are some highlights from our episode:00:42. Introductions to Josh and Randy02:21. What makes the scariest malware of 2025 truly "scary"05:42. Evolution of malware: people, process, and technology09:33. How the corporatization of malware helps to democratize cybercrime11:25. The most "terrifying" malware strains of 202515:49. Malware reincarnation: Old threats with new masks17:20. GenAI as the great equalizer for cybercriminals, especially social engineers23:32. Defense-in-depth and threat-informed strategies24:45. Why incident response playbooks must evolve and become living documents27:02. What incident response looks like for cloud assets in the Fourth Industrial Revolution29:27. Naming malware after horror movie iconsResourcesMulti-State Information Sharing and Analysis Center®Episode 144: Carrying on the MS-ISAC's Character and CultureEpisode 126: A Day in the Life of a CTI AnalystA Short Guide for Spotting Phishing AttemptsThe CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber MaturityEpisode 157: How a Modern, Mission-Driven CIRT OperatesLiving Off the Land: Scheduled TasksCyber defenders sound the alarm as F5 hack exposes broad risksEpisode 134: How GenAI Lowers Bar for Cyber Threat ActorsActive Lumma Stealer Campaign Impacting U.S. SLTTsMS-ISAC Member-Reported Phishing Likely from Tycoon2FA PhaaSClickFix: An Adaptive Social Engineering TechniqueTop 10 Malware Q1 2025CTAs Leveraging Fake Browser Updates in Malware CampaignsItalian police freeze cash from AI-voice scam that targeted business leadersCornCon Cybersecurity ConferenceIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

George Werbacher, Head of Security Operations at Live Oak Bank, reviews the practical realities of implementing AI agents in security operations, sharing his journey from exploring tools like Cursor and Claude Code to building custom agents in-house. He also reflects on the challenges of moving from local development to production-ready systems with proper durability and retry logic. The conversation explores how AI is changing the security analyst role from alert analysis to deeper investigation work, why SOAR platforms face significant disruption, and how MCP servers enable natural language interactions across security tools. George offers pragmatic advice on cutting through AI hype, emphasizing that agents augment rather than replace human expertise while dramatically lowering barriers to automation and query language mastery. Through technical insights and leadership perspective, George illuminates how security teams can embrace AI to improve operational efficiency and mean time to detect without inflating budgets, while maintaining the critical human judgment that effective security demands. Topics discussed: Understanding AI's role in augmenting security analysts rather than replacing them, shifting roles toward investigation and threat hunting. Building custom AI agents using Python and exploring frameworks like LangChain to solve specific SecOps use cases. Managing moving agents from local development to production, including retry logic, failbacks, and durability requirements. Implementing MCP servers to enable natural language interactions with security tools, eliminating the need to learn multiple query languages. Navigating AI hype by focusing on solving specific problems and understanding what agents can realistically accomplish. Predicting SOAR platform disruption as agents take over enrichment, orchestration, and response with simpler automation approaches. Removing platform barriers by enabling analysts to use natural language rather than mastering specific tools or query languages. Exploring context management, prompt engineering, and conversation history techniques essential for building effective agentic systems. Adopting tools like Cursor and Claude Code to empower technical security professionals without deep coding backgrounds.  Listen to more episodes:  Apple  Spotify  YouTube Website

Guest: Monzy Merza, co-founder and CEO at Crogl Topics: We often hear about the aspirational idea of an "IronMan suit" for the SOC—a system that empowers analysts to be faster and more effective. What does this ideal future of security operations look like from your perspective, and what are the primary obstacles preventing SOCs from achieving it today? You've also raised a metaphor of AI in the SOC as a "Dr. Jekyll and Mr. Hyde" situation. Could you walk us through what you see as the "Jekyll"—the noble, beneficial promise of AI—and what are the factors that can turn it into the dangerous "Mr. Hyde"? Let's drill down into the heart of the "Mr. Hyde" problem: the data. Many believe that AI can fix a team's messy data, but you've noted that "it's all about the data, duh." What's the story? "AI ready SOC" - What is the foundational work a SOC needs to do to ensure their data is AI-ready, and what happens when they skip this step? And is there anything we can do to use AI to help with this foundational problem? How do we measure progress towards AI SOC? What gets better at what time? How would we know? What SOC metrics will show improvement? Will anything get worse? Resources: EP242 The AI SOC: Is This The Automation We've Been Waiting For? EP170 Redefining Security Operations: Practical Applications of GenAI in the SOC EP227 AI-Native MDR: Betting on the Future of Security Operations? EP236 Accelerated SIEM Journey: A SOC Leader's Playbook for Modernization and AI EP238 Google Lessons for Using AI Agents for Securing Our Enterprise "Simple to Ask: Is Your SOC AI Ready? Not Simple to Answer!" blog Nassim Taleb "Antifragile" book "AI Superpowers" book "Attention Is All You Need" paper

"The next five years are gonna be wild." That's the verdict from Forrester Principal Analyst Allie Mellen on the state of Security Operations. This episode dives into the "massive reset" that is transforming the SOC, driven by the rise of generative AI and a revolution in data management.Allie explains why the traditional L1, L2, L3 SOC model, long considered a "rite of passage" that leads to burnout is being replaced by a more agile and effective Detection Engineering structure. As a self-proclaimed "AI skeptic," she cuts through the marketing hype to reveal what's real and what's not, arguing that while we are "not really at the point of agentic" AI, the real value lies in specialized triage and investigation agents.Guest Socials -⁠ ⁠⁠⁠Allie's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Security PodcastQuestions asked:(00:00) Introduction(02:35) Who is Allie Mellen?(03:15) What is Security Operations in 2025? The SIEM & XDR Shakeup(06:20) The Rise of Security Data Lakes & Data Pipeline Tools(09:20) A "Great Reset" is Coming for the SOC(10:30) Why the L1/L2/L3 Model is a Burnout Machine(13:25) The Future is Detection Engineering: An "Infinite Loop of Improvement"(17:10) Using AI Hallucinations as a Feature for New Detections(18:30) AI in the SOC: Separating Hype from Reality(22:30) What is "Agentic AI" (and Are We There Yet?)(26:20) "No One Knows How to Secure AI": The Detection & Response Challenge(28:10) The Critical Role of Observability Data for AI Security(31:30) Are SOC Teams Actually Using AI Today?(34:30) How to Build a SOC Team in the AI Era: Uplift & Upskill(39:20) The 3 Things to Look for When Buying Security AI Tools(41:40) Final Questions: Reading, Cooking, and SushiResources:You can read Allie's blogs here

Most security professionals know what a CISO does. But what about a BISO? And why are Fortune 500 companies increasingly creating this executive role?In this episode of The New CISO Podcast, host Steve Moore sits down with Evan Ferree, Staff Vice President and Business Information Security Officer at a Fortune 50 company, to decode one of cybersecurity's most misunderstood leadership positions.What You'll Learn:Understanding the BISO Role:What a Business Information Security Officer actually does (and how it differs from a Deputy CISO)When organizations need a BISO - the size, industry, and complexity indicatorsWhy the BISO serves as a "force multiplier" for the security organizationHow to measure and defend BISO value during organizational changeThe Career Journey:Evan's unconventional path from IT infrastructure to executive security leadershipHow a major cybersecurity breach became his "MBA in cybersecurity" in six monthsWhy volunteering for uncomfortable work during crisis creates career opportunitiesThe progression from vulnerability analyst to SOC leadership to Staff VPThe 90% Influence Principle:Why the BISO role is about influence, not authorityHow to navigate multiple business units with different security needsMastering the "why" behind security initiatives for non-technical audiencesBuilding relationships and organizational awareness over timeExecutive Skills That Matter:The "log lines" storytelling framework from Deloitte CISO AcademyDeveloping executive presence through failure and self-awarenessWhen to end a meeting and start over (and why that's okay)Speaking plain English vs. technical jargon with business leadersPractical Career Advice:Transitioning from tactical security operations to strategic leadership rolesWhy getting uncomfortable is essential for growthBuilding business acumen alongside technical expertiseWhy Evan's best security hires came from outside cybersecurityKey Insight: "You are 90% an influencer in this role. Unlike tactical security work where authority and urgency create credibility, the BISO must master explaining why security matters to the business - in terms the business understands."Whether you're a security professional planning your path to executive leadership, a CISO considering adding a BISO function, or a business leader trying to understand how security enables business outcomes, this episode delivers actionable insights from someone who's lived the journey.Guest: Evan Ferree, Staff Vice President & Business Information Security Officer at a Fortune 50 company, with 11 years of progressive security leadership experience spanning Security Operations, threat management, vulnerability management, and business information security.Hosted by: Steve Moore | Produced in partnership with: Exabeam