Podcasts about zero trust

Legion of Doom, step aside. There's a new elite hacker group in town, and they're calling themselves Masters of Deception (MoD). With tactics that are grittier and more sophisticated than those of the LoD, MoD has targeted high-profile entities and left an indelible mark on the internet.This is part 2 of the LoD/MoD series.SponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.This show is sponsored by Red Canary. Red Canary is a leading provider of Managed Detection and Response (MDR), helping nearly 1,000 organizations detect and stop threats before they cause harm. With a focus on accuracy across identities, endpoints, and cloud, we deliver trusted security operations and a world-class customer experience. Learn more at redcanary.com.This show is sponsored by [Maze][http://mazehq.com/darknet]. Maze uses AI agents to triage and remediate cloud vulnerabilities by figuring out what's actually exploitable, not just what's theoretically risky. They remove the noise, prioritize vulns that matter, and manage remediation, so your team stops wasting time on meaningless vulns. Visit [MazeHQ.com/darknet][http://mazehq.com/darknet] for more information.Sources Book: Masters of Deception Book: The Hacker Crackdown https://content.time.com/time/subscriber/article/0,33009,982254-1,00.html https://www.nytimes.com/1995/01/14/nyregion/reprogramming-convicted-hacker-his-line-friends-phiber-optik-virtual-hero.html https://www.gutenberg.org/cache/epub/101/pg101-images.html https://phrack.org/issues/31/5 https://www.thisamericanlife.org/2/small-scale-sin

All links and images can be found on CISO Series. This week's episode is hosted by David Spark, producer of CISO Series and Andy Ellis, principal of Duha. Joining them is Sara Madden, CISO, Convera. In this episode: Hold developers accountable Credibility through candor Be strategic with AI deployment Resources don't guarantee security Huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

Jen Easterly to helm RSAC Windows January update causes login problems UK police blame Copilot for intelligence mistake Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com.  

U.S. weighs private companies' cyberwarfare roles China: stop using US and Israeli cybersecurity software DeadLock uses smart contracts to hide work Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.  

What happens when the web browser stops being a passive window to information and starts acting like an intelligent coworker, and why does that suddenly make security everyone's problem? At the start of 2026, I sat down with Michael Shieh from Mammoth Cyber to unpack a shift that is quietly redefining how work gets done. AI browsers are moving fast from consumer curiosity to enterprise reality, embedding agentic AI directly into the place where most work already happens, the browser. Search, research, comparison, analysis, and decision support are no longer separate steps. They are becoming one continuous workflow. In this conversation, we talk openly about why consumer adoption has surged while enterprise teams remain hesitant. Many employees already rely on AI-powered browsing at home because it removes ads, personalizes results, and saves time.  Inside organizations, however, the same tools raise difficult questions around data exposure, credential safety, and indirect prompt injection. Once an AI agent starts reading untrusted external content, the browser itself becomes a new attack surface. Michael explains why this risk is often misunderstood and why the real danger is not internal documents, but external websites designed to manipulate AI behavior. We dig into how Mammoth Cyber approaches this challenge differently, starting with a secure-first architecture that isolates trusted internal data from untrusted external sources. Every AI action, from memory to model connections to data access, is monitored and governed by policy. It is a practical response to a problem many security teams know is coming but feel unprepared to manage. We also explore how AI browsers change day-to-day work. A task like competitive analysis, which once took days of manual research and document comparison, can now be completed in minutes when an AI browser securely connects internal knowledge with external intelligence. That productivity gain is real, but only if enterprises trust the environment it runs in. We touch on Zero Trust principles, including work influenced by Chase Cunningham, and why 2026 looks like a tipping point for enterprise AI browsing. The technology is maturing, security controls are catching up, and businesses are starting to accept that blocking AI outright is no longer realistic. If you are curious to see how this works in practice, Mammoth Cyber offers a free Enterprise AI Browser that lets you experience what secure AI-powered browsing actually looks like, without putting your organization at risk. I have included the link so you can explore it yourself and decide whether this is where work is heading next. So, as AI browsers become the new workflow hub for knowledge workers everywhere, is your organization ready to secure the browser before it becomes your most exposed endpoint, and what would adopting one safely change about how your teams work? If you want to see what an enterprise-grade AI browser looks like when security is built in from day one, Mammoth Cyber is offering free access to its Enterprise AI Browser.  It gives you a hands-on way to experience how agentic AI can automate real work inside the browser while keeping internal data isolated from untrusted external sources. You can explore it yourself and decide whether this is how your organization should be approaching AI-powered browsing in 2026. Useful Links Learn more about the Mammoth Enterprise Browser and try it for free  Connect with Michael Shieh on LinkedIn Thanks to our sponsors, Alcor, for supporting the show.

Get featured on the show by leaving us a Voice Mail: https://bit.ly/MIPVM  Discover how organisations are building practical AI capability with Microsoft Copilot, Zero Trust, and robust data security. Learn actionable strategies for readiness, compliance, and continuous professional development in a rapidly evolving tech landscape featuring insights from Sam Brazier-Hollins.

My conversation with Kurtis Minder cuts through the fantasy land most people live in when they talk about ransomware.This isn't about movie-style hackers or “just restore from backup” nonsense. It's about the industrialized ransomware economy—where threat actors operate with rules, quotas, minimum payouts, and negotiation playbooks that look a lot more like organized business than random crime.We get into the ugly realities organizations face when ransomware hits:How ransom negotiations actually work todayWhy cyber insurance often shapes decisions more than security teams doAnd the uncomfortable ethical tradeoffs executives are forced to make under real pressureWe also call out one of the biggest contributors to successful ransomware attacks: complacency. Most organizations have incident response plans that look great in PowerPoint and fall apart the second reality shows up. If you're not rehearsing, testing, and updating those plans, they're effectively worthless.Finally, we talk about what actually moves the needle. Not buzzwords. Not vendor bingo. Real strategy:Zero Trust done correctlyLeast privilege enforced, not “eventually planned”Microsegmentation that limits blast radius instead of praying backups workRansomware isn't going away. The only question is whether your organization is architected to absorb impact and survive, or whether you're funding the next criminal enterprise.Key TakeawaysRansomware is a structured business model, not chaos—negotiations follow rules and economics.Complacency kills response efforts; untested incident plans fail every time.Zero Trust, least privilege, and microsegmentation materially reduce ransomware blast radius when implemented correctly.

GoBruteforcer targets blockchain projects Android accessibility issue just a bug Verizon to stop automatic phone unlocks Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.  

Instagram denies breach post-data leak Sweden detains consultant suspected of spying n8n supply chain attack steals OAuth tokens Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.  

Guest: Royal Hansen, VP of Engineering at Google, former CISO of Alphabet Topics: The "God-Like Designer" Fallacy: You've argued that we need to move away from the "God-like designer" model of security—where we pre-calculate every risk like building a bridge—and towards a biological model. Can you explain why that old engineering mindset is becoming risky in today's cloud and AI environments? Resilience vs. Robustness: In your view, what is the practical difference between a robust system (like a fortress that eventually breaks) and a resilient system (like an immune system)? How does a CISO start shifting their team's focus from creating the former to nurturing the latter? Securing the Unknown: We're entering an era where AI agents will call other agents, creating pathways we never explicitly designed. If we can't predict these interactions, how can we possibly secure them? What does "emergent security" look like in practice? Primitives for Agents: You mentioned the need for new "biological primitives" for these agents—things like time-bound access or inherent throttling. Are these just new names for old concepts like Zero Trust, or is there something different about how we need to apply them to AI? The Compliance Friction: There's a massive tension between this dynamic, probabilistic reality and the static, checklist-based world of many compliance regimes. How do you, as a leader, bridge that gap? How do you convince an auditor or a board that a "probabilistic" approach doesn't just mean "we don't know for sure"?  "Safe" Failures: How can organizations get comfortable with the idea of designing for allowable failure in their subsystems, rather than striving for 100% uptime and security everywhere? Resources: Video version EP189 How Google Does Security Programs at Scale: CISO Insights BigSleep and CodeMender agents "Chasing the Rabbit" book   "How Life Works: A User's Guide to the New Biology" book

BreachForums hacking forum database leaked exposing 324,000 accounts Instagram breach exposes user data, creates password reset panic UK government exempts self from flagship cyber law Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com.    

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Johna Till Johnson, CEO and Founder, Nemertes (check out the Nemertes substack) and Jason Shockey, CISO, Cenlar FSB. Jason will be speaking at MBA Servicing Solution26 in Texas in late February. Details here. Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. All links and the video of this episode can be found on CISO Series.com 

All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Ejona Preci, group CISO, LINDAL Group. In this episode:  Consequence, not controls The credibility gap Defining the undefined Expanding the mandate A huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

Corey Quinn sits down with Avery Pennarun, co-founder and CEO of Tailscale, for a deep dive into how the company is reinventing networking for the modern era. From finally making VPNs behave the way they should to tackling AI security with zero-click authentication, Avery shares candid insights on building infrastructure people actually love using, and love talking about.They get into everything: surviving 100% year-over-year growth, why running on two tailnets at once is pure chaos, and how Tailscale makes “secure by default” feel effortless. Plus, they dig into why FreeBSD firewalls needed some tough love, the uncomfortable truth behind POCs, and even the surprisingly useful trick of turning your Apple TV into an exit node.About Avery: Avery Pennarun is the co-founder and CEO of Tailscale, where he's redefining secure networking with a simple, Zero Trust approach. A veteran software engineer with experience ranging from startups to Google, he's known for turning complex systems into approachable, user-friendly tools. His contributions to projects like wvdial, bup, and sshuttle reflect his belief that great technology should be both powerful and easy to use. With a mix of technical depth and dry humor, Avery shares insights on modern networking, internet evolution, and the realities of scaling a startup.Highlights:(0:00) Introduction to Tailscale and Security(00:52) Sponsorship and Personal Experiences(02:07) Technical Deep Dive into Tail Scale(06:10) Challenges and Future of Tail Scale(22:45) Building the Tail Net's API(23:54) Connecting Cloud Providers with Tailscale(25:22) Tailscale as a Security Solution(26:44) Innovations and Future of TailscaleSponsored by: duckbillhq.com

In this Brand Highlight, we talk with Denny LeCompte, CEO and Co-Founder of Portnox, about how identity and access control are changing as AI-driven agents and synthetic identities become active participants inside enterprise environments.Passwords still sit at the root of many security failures, which is why the conversation starts with the fundamentals: controlling who can access data, from where, and under what device and policy conditions. Certificate-based authentication emerges as a practical way to reduce password dependency while keeping enforcement tied to managed devices and policy compliance.The discussion then shifts to what is changing for security leaders. CISOs may feel more confident managing traditional cyber threats, but uncertainty rises quickly when AI-generated and non-human identities enter the picture. Agentic AI turns automation into an entity that touches networks and applications, making access control a first-order requirement rather than an afterthought.A clear theme emerges throughout the conversation: synthetic identities are not hypothetical. They appear anywhere autonomous agents require permissions to act, from software development to workflow automation. Applying the same discipline used for human identities, including least privilege, scope limitation, and policy enforcement, becomes essential to maintaining control as AI adoption accelerates.Note: This story contains promotional content. Learn more.GuestDenny LeCompte, CEO and Co-Founder of Portnoxhttps://www.linkedin.com/in/dennylecompte/ResourcesLearn more about Portnox: https://www.portnox.com/Are you interested in telling your story?Full Length Brand Story: https://www.studioc60.com/content-creation#fullBrand Spotlight Story: https://www.studioc60.com/content-creation#spotlightBrand Highlight Story: https://www.studioc60.com/content-creation#highlightKeywords: sean martin, denny lecompte, portnox, identity, access, zero trust, passwordless, certificates, agentic ai, synthetic identities, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The Legion of Doom (LoD) wasn't just a “hacker group”, it captured the essence of underground hacking in the 80s/90s. BBSes, phreaking, rival crews, and the crackdowns that changed everything. From those humble beginnings came a legacy that still echoes through modern security culture today.SponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.This show is sponsored by Rippling. Rippling is the unified platform for Global HR, Payroll, IT, and Finance. They've helped millions replace their mess of cobbled-together tools with one system designed to give leaders clarity, speed, and control. With Rippling, you can run your entire HR, IT, and Finance operations as one, or pick and choose the products that best fill the gaps in your software stack. Learn more rippling.com/darknet.This show is sponsored by Meter, the company building networks from the ground up. Meter delivers a complete networking stack - wired, wireless, and cellular - in one solution that's built for performance and scale. Meter's full-stack solution covers everything from first site survey to ongoing support, giving you a single partner for all your connectivity needs. Go to meter.com/darknet to book a demo now!Sources Book: Masters of Deception (https://amzn.to/4q3O0gJ) Book: The Hacker Crackdown (https://amzn.to/3N4bovY)

The guys debate Breece Hall's future, whether the Jets missed their chance to trade him, and why he may have no reason to return to a losing organization. Plus, a brutal breakdown of Garrett Wilson's shocking stat line, ownership accountability (or lack thereof), and why Woody Johnson would never face the fans the way James Dolan just did. Also Madden Ratings, 100-Fry Oil, and are pig spankings coming back?

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com When cloud computing was introduced, it was quite a simple concept: leverage other people's hardware to scale easily. Not too much to manage. However, today's cloud world has metastasized. Today, federal leaders live in a world of on-prem, multiple clouds, private clouds, hybrid clouds, and even sovereign clouds. Complications arise when they are burdened with compliance requirements and staff reductions. Today, we sat down with Ryan McArthur from Zscaler to discuss how to effectively manage a cloud environment when challenged with deploying Zero Trust. He begins by sharing his experience helping federal leaders understand the inherent risks of the VPN system. Few realize that VPN technology was first introduced by Microsoft back in 1996, and then popularized with Windows 4.0, which included built-in support. Thirty-year-old technology can present severe limitations. Unfortunately, the popularity of VPN technology increased with the demands of remote computing during COVID. We are now in a situation where many enterprises have built their architecture on this dated technology. Ryan mentions that one key to juggling clouds is to focus on the applications themselves. He emphasized Zscaler's ability to securely connect users. If you want more information about Zscaler, you should attend the Zscaler Public Sector Summit in March, where you can discuss and collaborate further.

S3E14: What's Trending NOW is the uncomfortable reality that healthcare's AI adoption is happening faster than its governance, often invisibly. On this episode Shahid and guest Tamer Baker, Healthcare CTO at Zscaler, map the “hidden risk” landscape (data exfiltration, copilots turning loose internal content, prompt manipulation, model poisoning), then pivot to what actually works: measure AI usage, enable safe experimentation by blocking PHI/sensitive prompts, and anchor the program in Zero Trust while layering in AI-specific controls and education. The “B-roll” after the formal close goes even further: the two dig into who holds clinical and product risk as AI becomes more autonomous, why incumbents may hesitate, how regulation (HIPAA NPRM) and defense models (CMMC) might inform healthcare, and why “orchestration” becomes the next trust battleground. To stream our Station live 24/7 visit www.HealthcareNOWRadio.com or ask your Smart Device to “….Play Healthcare NOW Radio”. Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen

How is artificial intelligence transforming the way businesses operate? Can cutting-edge technology be the key to scaling success? In this episode, Ephraim Ebstein, Founder and CEO of Fit Solutions, sits down to share his insights… Fit Solutions is a $30 million IT and cybersecurity firm that helps thousands of businesses increase efficiency, reduce IT costs, and protect against cyber threats. Ephraim is also the Co-Founder of AI Integrators, a venture focused on leveraging AI to streamline business operations and optimize performance. With over 15 years in the tech industry, Ephraim has a background in managed IT services, network engineering, and cybersecurity consulting. Before founding Fit Solutions, he served as Senior Systems Engineering Team Lead at All Covered, a division of Konica Minolta. He holds a Bachelor's degree in Management Information Systems and has a proven track record in scaling tech businesses while fostering a strong company culture. In this discussion, we cover: The difference between an enterprise and a medium-sized business.  How AI "employees" are transforming customer service and operational efficiency. Why company culture and leadership systems are essential to business growth. How AI and automation are reducing costs while driving revenue. Find out more about Fit Solutions and their AI initiatives by visiting their website!

NYC mayoral inauguration bans Flipper Zero and Raspberry Pi devices Crypto must now share account details with UK tax officials Finland seizes suspected cable sabotage ship  Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com.  

In this New Year's episode of Life of a CISO, Dr. Eric Cole reflects on the challenges of 2025 and delivers a powerful reset framework for CISOs entering 2026. Drawing from real-world coaching, executive leadership principles, and personal experience, Dr. Cole challenges security leaders to stop thinking like technologists and start acting like true chief officers. This episode breaks down three essential pillars every world-class CISO must define: who you need to become, your single top priority, and your North Star. Dr. Cole explains why consistency, discipline, and executive alignment matter more than tools, why most CISOs struggle with focus, and how habits, planning, and accountability can rapidly transform your impact and credibility. From redefining the CISO role as a future CEO pipeline, to practical strategies like executive one-on-ones, time blocking, and choosing a guiding North Star such as Zero Trust or data protection, this episode provides a clear roadmap to leadership growth. If you want to reset your mindset, elevate your influence, and lead cybersecurity as a business function in 2026, this episode is a must-listen.  

Hackers drain millions from Unleash Protocol DarkSpectre campaigns exposed Shai-Hulud attack led Trust Wallet heist Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 atztw.com.

In this conversation, I break down the state of cybersecurity heading into 2025—and it's not pretty. Ransomware isn't “ramping up,” it's eating the market alive, while too many organizations are still betting their future on outdated controls, checkbox compliance, and the fantasy that perimeter security is a strategy. I call out the continued failure of traditional security models, the uncomfortable reality of high-profile vendor missteps, and the industry's habit of confusing tool sprawl with actual risk reduction.My bottom line is simple: Zero Trust isn't a buzzword; it's the only approach that aligns with how modern environments actually operate—cloud-first, identity-driven, and constantly under attack. If you want real improvement, start treating identity like the control plane, tighten your cloud and endpoint fundamentals, get serious visibility into what's connecting and what's executing, and stop pretending “prevention” alone is a plan. Initial access is going to happen—so engineer for containment and resiliency. I wrap up with practical steps you can apply immediately to harden posture and quit treating cyber defense like a yearly renewal rather than a continuous operational discipline.TakeawaysRansomware incidents surged in 2025, impacting critical infrastructure.Traditional defenses are failing to contain ransomware attacks.Using a password manager is essential for security.Cybercrime costs are projected to reach $10 trillion by 2025.Misconfigurations in cloud services are a major risk factor.Identity management is a solvable problem that needs attention.Vendors in cybersecurity are not immune to breaches.Organizations should partner with service providers for cybersecurity.Research and data should guide cybersecurity strategies.A proactive approach is necessary to mitigate cyber threats.

Silver Fox targets Indian users Mustang Panda deploys ToneShell Will prompt injection ever be 'solved'? Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 atztw.com.

Coupang recovers laptop allegedly thrown into river Trust Wallet reports 2k+ wallets drained Sax discloses 2024 data breach Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 atztw.com.

Rainbow Six Siege suffers breach, gamers go shopping Diesel generators and aircraft engines in high demand to power AI LastPass 2022 breach reverberates through crypto world  Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. Find the stories behind the headlines at CISOseries.com.  

Link to episode page To end off a tumultuous year, our final Department of Know episode of 2025 features a chat between host Rich Stroffolino and producer Steve Prentice. Join them as they chat about the biggest stories of 2025, the trends we are seeing, and what we can expect in the new year. Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. All links and the video of this episode can be found on CISO Series.com  

In this episode of The Digital Executive, host Brian Thomas speaks with Dr. Ravi Kiran Nizampatnam, an internationally recognized expert in network security and enterprise cybersecurity architecture. With more than a decade of experience protecting mission-critical infrastructure across finance, healthcare, and media, Ravi explains how today's most dangerous attacks no longer look like breaches—but like normal, trusted activity driven by compromised identities, APIs, and supply chains.The conversation dives deep into what Zero Trust done right really means, why treating it as a product instead of an architecture leads to failure, and how organizations can minimize blast radius and contain breaches in minutes rather than months. Ravi also shares the real-world frustrations that inspired his cybersecurity patents, the gaps created by siloed security tools, and why context—not more alerts—is the missing link. Looking ahead, he outlines how AI, cloud-native systems, and regulatory pressure will reshape enterprise security, emphasizing that resilient, identity-centric architecture—not just smarter algorithms—will define the next generation of secure organizations.If you liked what you heard today, please leave us a review - Apple or Spotify. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Active exploitation of Fortinet VPN bypass utility observed Google possibly allowing users to change default gmail address June Aflac attack resulted in data theft  Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.   Find the stories behind the headlines at CISOseries.com

Coordinated scams target MENA region Pen Test Partners accused of 'blackmail' Hackers steal record $2.7B in crypto in 2025 Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

The threat that puts you out of business probably won't look like a movie hack, it'll look like a normal email from your CEO.   In this episode of the Registered Investment Advisor Podcast, Seth Greene interviews Scott Alldridge, CEO of IP Services and bestselling author of the VisibleOps series, who explains how modern cybercrime actually works and why most small and mid-sized companies are far more vulnerable than they think. Scott shares real breach stories, including how something as simple as leaving a printer password as “1234” led to a $187,000 theft and forced a firm into a merger. He breaks down why cybersecurity is now a board-level issue, how AI is being weaponized by attackers, and what leaders need to be doing right now to protect their data, their money, and their survival.   Key Takeaways: → Most companies think “we're too small to be a target,” but attackers actively go after businesses with as few as 100 employees — and even under $1M in revenue. → Only about 1 in 7 cybersecurity breaches ever gets reported, so what you read in the news is a tiny fraction of what's actually happening. → A single weak password (like “1234” on a networked printer) can give a threat actor a doorway into your entire system. → Attackers don't smash and grab; they sit quietly for weeks or months, watch how you communicate, then imitate leadership to trigger wire transfers that look totally normal. → The “human layer” is still the biggest risk: phishing, social engineering, and reused or weak credentials are where most compromises begin.   Scott Alldridge has spent three decades on the frontlines of cyber warfare—turning escalating threats into competitive advantage for business leaders. As co-founder of the IT Process Institute and creator of the globally adopted VisibleOps framework (400,000+ copies sold), he shaped how enterprises worldwide secure and scale technology.   His Amazon bestseller, VisibleOps Cybersecurity, is the definitive roadmap for integrating Zero Trust principles into real business results. Today, as CEO of IP Services, one of America's most trusted MSSPs, Scott helps executives verify—not just trust—their cybersecurity posture.   Driven by both expertise and altruism, Scott's mission is to ensure businesses of all sizes are resilient and protected—not only to safeguard revenue, but to prevent the devastating personal and professional fallout of cyberattacks. A globally recognized thought leader with 618K+ social media followers, he leverages his platform to raise awareness, share real-world breach stories, and arm leaders with actionable strategies that save companies before it's too late.   Connect With Scott: Website: https://ipservices.com/ Instagram: https://www.instagram.com/scottalldridge1/ LinkedIn: https://www.linkedin.com/in/scott-alldridge-1a976/ FREE OFFERSText "Secure25" to 1-541-359-1269 to receive your free Visible Ops Executive Companion book and a free Penetration Scan Test (first 3 listeners only) Learn more about your ad choices. Visit megaphone.fm/adchoices

ServiceNow to acquire cybersecurity startup Armis MacSync Stealer adopts quieter installation Nissan customer data stolen in Red Hat raid Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

A manufacturer gets hit with ransomware. A hospital too. Learn how Threatlocker stops these types of attacks. This episode is brought to you by Threatlocker.SponsorsThis episode is sponsored by ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.

This is part 4 of a 4-part series. Randy and I were recently invited to podcast on the floor of the 2025 Cyber Winter Wonderland at the beautiful Madison Loft. My guest host of the day was host of the Great Security Debate, Brian Schneble. Enjoy the listen, and THANK YOU to CXO Forum for partnering with us to podcast at your event! Part 1 Steve Monato and Ken Sowinski of UWM Part 1’s discussion focuses on the evolving role of AI within organizations, touching on AI use cases, data security, and the necessity for clean, organized data for effective AI modeling. The panelists emphasize the shift from understanding AI to implementing and deriving business value from it. They also discuss the importance of communication between IT and business units to promote effective AI adoption, the impact of automation on employee tasks, and the future role of AI in sectors like mortgage processing. The conversation explores the balance between AI-driven automation and human oversight to ensure efficiency and address challenges associated with new AI tools. Part 2 Eric Olmstead Palo Alto Networks and Jonathan Gough of Pellera Part 2 is a discussion of the evolution and current trends in IT security and technology integration. Pellera Technologies provides a detailed overview of their global operations, focusing on AI, data cloud, and cybersecurity solutions. The discussion covers Palo Alto Networks’ advancements in security, including the integration of AI in their security platforms and the concept of Zero Trust, emphasizing its continued relevance. The conversation also explores the complexities of AI implementation, the challenges of non-human identities (NHIs), and the importance of robust security measures in a rapidly evolving tech landscape. Both companies highlight the need for innovation and vigilance in managing current and emerging security threats. Part 3 Brandon Allen and Pete Sheldon of Prophet Security Part 3 focuses on the challenges faced by Security Operations Centers (SOCs) amid a growing volume of alerts and the role of AI and machine learning in addressing these challenges. Profit Security is utilizing AI-driven platforms to enhance alert investigation and reduce false positives, allowing analysts to focus on more critical issues. The conversation delves into topics like the evolution from traditional machine learning to modern AI, the importance of context and reasoning in alert processing, and the continuous need for human oversight and expert feedback in AI systems. Additionally, the discussion touches on industry-specific issues such as the energy costs associated with running AI and compute centers, the adaptability of AI to new threat vectors, and the potential for AI to improve operational efficiency within organizations. Part 4 Björn Olson of Pellera and Henry Samson of Palo Alto Networks. Part 4 covers the evolving landscape of technology and security. The discussion covers the prevalent issues in the automotive and manufacturing industries, including underutilization of tools, data protection challenges, and the impact of technological advancements on security practices. The conversation also touches on the importance of understanding customer needs, the necessity of solving real problems, and the need to plan for future challenges like quantum computing. The roundtable aims to provide insights into balancing sales with genuine problem-solving and advancing security measures while managing financial constraints.

This is part 3 of a 4-part series. Randy and I were recently invited to podcast on the floor of the 2025 Cyber Winter Wonderland at the beautiful Madison Loft. My guest host of the day was host of the Great Security Debate, Brian Schneble. Enjoy the listen, and THANK YOU to CXO Forum for partnering with us to podcast at your event! Part 1 Steve Monato and Ken Sowinski of UWM Part 1’s discussion focuses on the evolving role of AI within organizations, touching on AI use cases, data security, and the necessity for clean, organized data for effective AI modeling. The panelists emphasize the shift from understanding AI to implementing and deriving business value from it. They also discuss the importance of communication between IT and business units to promote effective AI adoption, the impact of automation on employee tasks, and the future role of AI in sectors like mortgage processing. The conversation explores the balance between AI-driven automation and human oversight to ensure efficiency and address challenges associated with new AI tools. Part 2 Eric Olmstead Palo Alto Networks and Jonathan Gough of Pellera Part 2 is a discussion of the evolution and current trends in IT security and technology integration. Pellera Technologies provides a detailed overview of their global operations, focusing on AI, data cloud, and cybersecurity solutions. The discussion covers Palo Alto Networks’ advancements in security, including the integration of AI in their security platforms and the concept of Zero Trust, emphasizing its continued relevance. The conversation also explores the complexities of AI implementation, the challenges of non-human identities (NHIs), and the importance of robust security measures in a rapidly evolving tech landscape. Both companies highlight the need for innovation and vigilance in managing current and emerging security threats. Part 3 Brandon Allen and Pete Sheldon of Prophet Security Part 3 focuses on the challenges faced by Security Operations Centers (SOCs) amid a growing volume of alerts and the role of AI and machine learning in addressing these challenges. Profit Security is utilizing AI-driven platforms to enhance alert investigation and reduce false positives, allowing analysts to focus on more critical issues. The conversation delves into topics like the evolution from traditional machine learning to modern AI, the importance of context and reasoning in alert processing, and the continuous need for human oversight and expert feedback in AI systems. Additionally, the discussion touches on industry-specific issues such as the energy costs associated with running AI and compute centers, the adaptability of AI to new threat vectors, and the potential for AI to improve operational efficiency within organizations. Part 4 Björn Olson of Pellera and Henry Samson of Palo Alto Networks. Part 4 covers the evolving landscape of technology and security. The discussion covers the prevalent issues in the automotive and manufacturing industries, including underutilization of tools, data protection challenges, and the impact of technological advancements on security practices. The conversation also touches on the importance of understanding customer needs, the necessity of solving real problems, and the need to plan for future challenges like quantum computing. The roundtable aims to provide insights into balancing sales with genuine problem-solving and advancing security measures while managing financial constraints.

This is part 2 of a 4-part series. Randy and I were recently invited to podcast on the floor of the 2025 Cyber Winter Wonderland at the beautiful Madison Loft. My guest host of the day was host of the Great Security Debate, Brian Schneble. Enjoy the listen, and THANK YOU to CXO Forum for partnering with us to podcast at your event! Part 1 Steve Monato and Ken Sowinski of UWM Part 1’s discussion focuses on the evolving role of AI within organizations, touching on AI use cases, data security, and the necessity for clean, organized data for effective AI modeling. The panelists emphasize the shift from understanding AI to implementing and deriving business value from it. They also discuss the importance of communication between IT and business units to promote effective AI adoption, the impact of automation on employee tasks, and the future role of AI in sectors like mortgage processing. The conversation explores the balance between AI-driven automation and human oversight to ensure efficiency and address challenges associated with new AI tools. Part 2 Eric Olmstead Palo Alto Networks and Jonathan Gough of Pellera Part 2 is a discussion of the evolution and current trends in IT security and technology integration. Pellera Technologies provides a detailed overview of their global operations, focusing on AI, data cloud, and cybersecurity solutions. The discussion covers Palo Alto Networks’ advancements in security, including the integration of AI in their security platforms and the concept of Zero Trust, emphasizing its continued relevance. The conversation also explores the complexities of AI implementation, the challenges of non-human identities (NHIs), and the importance of robust security measures in a rapidly evolving tech landscape. Both companies highlight the need for innovation and vigilance in managing current and emerging security threats. Part 3 Brandon Allen and Pete Sheldon of Prophet Security Part 3 focuses on the challenges faced by Security Operations Centers (SOCs) amid a growing volume of alerts and the role of AI and machine learning in addressing these challenges. Profit Security is utilizing AI-driven platforms to enhance alert investigation and reduce false positives, allowing analysts to focus on more critical issues. The conversation delves into topics like the evolution from traditional machine learning to modern AI, the importance of context and reasoning in alert processing, and the continuous need for human oversight and expert feedback in AI systems. Additionally, the discussion touches on industry-specific issues such as the energy costs associated with running AI and compute centers, the adaptability of AI to new threat vectors, and the potential for AI to improve operational efficiency within organizations. Part 4 Björn Olson of Pellera and Henry Samson of Palo Alto Networks. Part 4 covers the evolving landscape of technology and security. The discussion covers the prevalent issues in the automotive and manufacturing industries, including underutilization of tools, data protection challenges, and the impact of technological advancements on security practices. The conversation also touches on the importance of understanding customer needs, the necessity of solving real problems, and the need to plan for future challenges like quantum computing. The roundtable aims to provide insights into balancing sales with genuine problem-solving and advancing security measures while managing financial constraints.

This is part 1 of a 4-part series. Randy and I were recently invited to podcast on the floor of the 2025 Cyber Winter Wonderland at the beautiful Madison Loft. My guest host of the day was host of the Great Security Debate, Brian Schneble. Enjoy the listen, and THANK YOU to CXO Forum for partnering with us to podcast at your event! Part 1 Steve Monato and Ken Sowinski of UWM Part 1’s discussion focuses on the evolving role of AI within organizations, touching on AI use cases, data security, and the necessity for clean, organized data for effective AI modeling. The panelists emphasize the shift from understanding AI to implementing and deriving business value from it. They also discuss the importance of communication between IT and business units to promote effective AI adoption, the impact of automation on employee tasks, and the future role of AI in sectors like mortgage processing. The conversation explores the balance between AI-driven automation and human oversight to ensure efficiency and address challenges associated with new AI tools. Part 2 Eric Olmstead Palo Alto Networks and Jonathan Gough of Pellera Part 2 is a discussion of the evolution and current trends in IT security and technology integration. Pellera Technologies provides a detailed overview of their global operations, focusing on AI, data cloud, and cybersecurity solutions. The discussion covers Palo Alto Networks’ advancements in security, including the integration of AI in their security platforms and the concept of Zero Trust, emphasizing its continued relevance. The conversation also explores the complexities of AI implementation, the challenges of non-human identities (NHIs), and the importance of robust security measures in a rapidly evolving tech landscape. Both companies highlight the need for innovation and vigilance in managing current and emerging security threats. Part 3 Brandon Allen and Pete Sheldon of Prophet Security Part 3 focuses on the challenges faced by Security Operations Centers (SOCs) amid a growing volume of alerts and the role of AI and machine learning in addressing these challenges. Profit Security is utilizing AI-driven platforms to enhance alert investigation and reduce false positives, allowing analysts to focus on more critical issues. The conversation delves into topics like the evolution from traditional machine learning to modern AI, the importance of context and reasoning in alert processing, and the continuous need for human oversight and expert feedback in AI systems. Additionally, the discussion touches on industry-specific issues such as the energy costs associated with running AI and compute centers, the adaptability of AI to new threat vectors, and the potential for AI to improve operational efficiency within organizations. Part 4 Björn Olson of Pellera and Henry Samson of Palo Alto Networks. Part 4 covers the evolving landscape of technology and security. The discussion covers the prevalent issues in the automotive and manufacturing industries, including underutilization of tools, data protection challenges, and the impact of technological advancements on security practices. The conversation also touches on the importance of understanding customer needs, the necessity of solving real problems, and the need to plan for future challenges like quantum computing. The roundtable aims to provide insights into balancing sales with genuine problem-solving and advancing security measures while managing financial constraints.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Jason Taule, CISO, Luminis Health, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. All links and the video of this episode can be found on CISO Series.com

Spotify music library scraped DDoS disrupts France's postal and banking services Fake delivery websites hit holiday shoppers Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

President signs defense bill funding Cyber Command, Pentagon phone security Iranian APT Infy resurfaces with new malware Massive Android botnet Kimwolf launches DDoS attack Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.   Find the stories behind the headlines at CISOseries.com.

All links and images can be found on CISO Series. Check out this post by Binoy Koonammavu of Secusy AI for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining them is best-selling cybersecurity author Peter Gregory. His upcoming study guide on AI governance can be pre-ordered here. In this episode: Speaking the language of leadership Beyond translation: the trust factor Making risk tangible When translation isn't enough Huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

Welcome to Episode 417 of the Microsoft Cloud IT Pro Podcast. In this episode of the Microsoft Cloud IT Pro Podcast, Jay Leask joins Ben once more as the two of them recap their experience at Workplace Ninjas US in Dallas, Texas. They discuss conference highlights, the unique hackathon, engaging sessions, the Clippy Bucks system, and the importance of community and inclusion. The conversation also covers upcoming events, memorable attendee interactions, and new traditions for future conferences. Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options. Show Notes Jay Leask on LinkedIn Workplace Ninja’s US Follow Workplace Ninjas US on LinkedIn Workplace Ninja’s US Microsoft Zero Trust Guidance Center Microsoft Zero Trust Assessment Tool Conditional Access Ben’s YouTube video on Authentication Context and Conditional Access About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!

We were inundated with new Windows features in 2025, but which ones actually moved the needle? Fortnite isn't just back on iPhone and Android, it's available on Windows 11 on Arm, and it works great! Plus, 2 big mobile wins for Epic Games and some thoughts on the "right" way to roll out AI features.Windows 11 Best Windows 11 updates of 2025, in no particular order... Dark mode improvements to File Explorer Widgets major overhaul with separate widgets and Discovery feed Xbox Full Screen experience - especially good on handhelds, of course, but also any PC you use for gaming with a controller Click to Do (Copilot+ PC only) External fingerprint reader support for Windows Hello ESS -External/USB webcams supported by Windows Studio Effects (Copilot+ PC only) Quick Machine Recovery is the tip of a wave of new foundational features like Admin Protection, Smart App Control (updates), and more that go beyond surface-level look and feel Redesigned Start menu isn't perfect but it's a nice improvement Copilot Vision, though this type of thing may make more sense on phones AI features in Paint, Photos, Notepad, and Snipping Tool Natural language interactions like the agent in Settings, file search, and more (mostly Copilot+ PC only, but you can do this in Copilot as well) Bluetooth LE support for improved audio quality in game chat, voice calls Gaming on Windows 11 on Arm and Snapdragon X: Major steps forward, but the same issue as always Looking ahead to 2026: 26H1, Agentic features that work, potential Windows 12, and AI PCs AI An extensive new interview with Mustafa Suleyman confirms why this guy is special and how confusing it is that Copilot is so disrespected Microsoft Copilot is auto-installing on LG smart TVs and there's no way to remove it GPT-5.2 is OpenAI's answer to Gemini 3 ChatGPT Images is OpenAI's answer to Nano Banana Pro Disney invests $1 billion OpenAI, sues Google Opera Neon is now generally available for $20 per month AI is moving quick as we all know but the bigger issue may be the incessant marketing about features like agents that don't even work now Microsoft is getting pushback on forced Copilot usage, price hikes Google is expanding its use of "experiments" outside of mainstream products with things like NotebookLM, Mixboard, CC, and much more. Maybe this is the better approach: Test separately and then integrate it into existing products Oddly enough, Microsoft does have a Windows AI Lab for this kind of experimentation Many small models vs. one big LLM in the cloud Mobile Fortnite is back in the Google Play Store in the U.S. as Google plays nice Apple loses its contempt appeal, the end of "junk fees" (Apple Tax) is in sight Xbox and gaming Xbox December Update has one big update for the mobile app and one big update for Xbox Wireless Headphones There's a new Xbox Developer Direct coming in January Half-Life 3 may really be happening, but it will be a Steam Machine launch title so it could be a while Tips & picks Tip of the year: De-enshittify Windows 11 App pick of the year: Fortnite RunAs Radio this week: Zero Trust in 2026 with Michele Bustamante Brown liquor pick of the week: Lark Symphony No. 1 These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/963 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: auraframes.com/ink framer.com/design promo code WW outsystems.com/twit cachefly.com/twit

We were inundated with new Windows features in 2025, but which ones actually moved the needle? Fortnite isn't just back on iPhone and Android, it's available on Windows 11 on Arm, and it works great! Plus, 2 big mobile wins for Epic Games and some thoughts on the "right" way to roll out AI features.Windows 11 Best Windows 11 updates of 2025, in no particular order... Dark mode improvements to File Explorer Widgets major overhaul with separate widgets and Discovery feed Xbox Full Screen experience - especially good on handhelds, of course, but also any PC you use for gaming with a controller Click to Do (Copilot+ PC only) External fingerprint reader support for Windows Hello ESS -External/USB webcams supported by Windows Studio Effects (Copilot+ PC only) Quick Machine Recovery is the tip of a wave of new foundational features like Admin Protection, Smart App Control (updates), and more that go beyond surface-level look and feel Redesigned Start menu isn't perfect but it's a nice improvement Copilot Vision, though this type of thing may make more sense on phones AI features in Paint, Photos, Notepad, and Snipping Tool Natural language interactions like the agent in Settings, file search, and more (mostly Copilot+ PC only, but you can do this in Copilot as well) Bluetooth LE support for improved audio quality in game chat, voice calls Gaming on Windows 11 on Arm and Snapdragon X: Major steps forward, but the same issue as always Looking ahead to 2026: 26H1, Agentic features that work, potential Windows 12, and AI PCs AI An extensive new interview with Mustafa Suleyman confirms why this guy is special and how confusing it is that Copilot is so disrespected Microsoft Copilot is auto-installing on LG smart TVs and there's no way to remove it GPT-5.2 is OpenAI's answer to Gemini 3 ChatGPT Images is OpenAI's answer to Nano Banana Pro Disney invests $1 billion OpenAI, sues Google Opera Neon is now generally available for $20 per month AI is moving quick as we all know but the bigger issue may be the incessant marketing about features like agents that don't even work now Microsoft is getting pushback on forced Copilot usage, price hikes Google is expanding its use of "experiments" outside of mainstream products with things like NotebookLM, Mixboard, CC, and much more. Maybe this is the better approach: Test separately and then integrate it into existing products Oddly enough, Microsoft does have a Windows AI Lab for this kind of experimentation Many small models vs. one big LLM in the cloud Mobile Fortnite is back in the Google Play Store in the U.S. as Google plays nice Apple loses its contempt appeal, the end of "junk fees" (Apple Tax) is in sight Xbox and gaming Xbox December Update has one big update for the mobile app and one big update for Xbox Wireless Headphones There's a new Xbox Developer Direct coming in January Half-Life 3 may really be happening, but it will be a Steam Machine launch title so it could be a while Tips & picks Tip of the year: De-enshittify Windows 11 App pick of the year: Fortnite RunAs Radio this week: Zero Trust in 2026 with Michele Bustamante Brown liquor pick of the week: Lark Symphony No. 1 These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/963 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: auraframes.com/ink framer.com/design promo code WW outsystems.com/twit cachefly.com/twit

We were inundated with new Windows features in 2025, but which ones actually moved the needle? Fortnite isn't just back on iPhone and Android, it's available on Windows 11 on Arm, and it works great! Plus, 2 big mobile wins for Epic Games and some thoughts on the "right" way to roll out AI features.Windows 11 Best Windows 11 updates of 2025, in no particular order... Dark mode improvements to File Explorer Widgets major overhaul with separate widgets and Discovery feed Xbox Full Screen experience - especially good on handhelds, of course, but also any PC you use for gaming with a controller Click to Do (Copilot+ PC only) External fingerprint reader support for Windows Hello ESS -External/USB webcams supported by Windows Studio Effects (Copilot+ PC only) Quick Machine Recovery is the tip of a wave of new foundational features like Admin Protection, Smart App Control (updates), and more that go beyond surface-level look and feel Redesigned Start menu isn't perfect but it's a nice improvement Copilot Vision, though this type of thing may make more sense on phones AI features in Paint, Photos, Notepad, and Snipping Tool Natural language interactions like the agent in Settings, file search, and more (mostly Copilot+ PC only, but you can do this in Copilot as well) Bluetooth LE support for improved audio quality in game chat, voice calls Gaming on Windows 11 on Arm and Snapdragon X: Major steps forward, but the same issue as always Looking ahead to 2026: 26H1, Agentic features that work, potential Windows 12, and AI PCs AI An extensive new interview with Mustafa Suleyman confirms why this guy is special and how confusing it is that Copilot is so disrespected Microsoft Copilot is auto-installing on LG smart TVs and there's no way to remove it GPT-5.2 is OpenAI's answer to Gemini 3 ChatGPT Images is OpenAI's answer to Nano Banana Pro Disney invests $1 billion OpenAI, sues Google Opera Neon is now generally available for $20 per month AI is moving quick as we all know but the bigger issue may be the incessant marketing about features like agents that don't even work now Microsoft is getting pushback on forced Copilot usage, price hikes Google is expanding its use of "experiments" outside of mainstream products with things like NotebookLM, Mixboard, CC, and much more. Maybe this is the better approach: Test separately and then integrate it into existing products Oddly enough, Microsoft does have a Windows AI Lab for this kind of experimentation Many small models vs. one big LLM in the cloud Mobile Fortnite is back in the Google Play Store in the U.S. as Google plays nice Apple loses its contempt appeal, the end of "junk fees" (Apple Tax) is in sight Xbox and gaming Xbox December Update has one big update for the mobile app and one big update for Xbox Wireless Headphones There's a new Xbox Developer Direct coming in January Half-Life 3 may really be happening, but it will be a Steam Machine launch title so it could be a while Tips & picks Tip of the year: De-enshittify Windows 11 App pick of the year: Fortnite RunAs Radio this week: Zero Trust in 2026 with Michele Bustamante Brown liquor pick of the week: Lark Symphony No. 1 These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/963 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: auraframes.com/ink framer.com/design promo code WW outsystems.com/twit cachefly.com/twit

We were inundated with new Windows features in 2025, but which ones actually moved the needle? Fortnite isn't just back on iPhone and Android, it's available on Windows 11 on Arm, and it works great! Plus, 2 big mobile wins for Epic Games and some thoughts on the "right" way to roll out AI features.Windows 11 Best Windows 11 updates of 2025, in no particular order... Dark mode improvements to File Explorer Widgets major overhaul with separate widgets and Discovery feed Xbox Full Screen experience - especially good on handhelds, of course, but also any PC you use for gaming with a controller Click to Do (Copilot+ PC only) External fingerprint reader support for Windows Hello ESS -External/USB webcams supported by Windows Studio Effects (Copilot+ PC only) Quick Machine Recovery is the tip of a wave of new foundational features like Admin Protection, Smart App Control (updates), and more that go beyond surface-level look and feel Redesigned Start menu isn't perfect but it's a nice improvement Copilot Vision, though this type of thing may make more sense on phones AI features in Paint, Photos, Notepad, and Snipping Tool Natural language interactions like the agent in Settings, file search, and more (mostly Copilot+ PC only, but you can do this in Copilot as well) Bluetooth LE support for improved audio quality in game chat, voice calls Gaming on Windows 11 on Arm and Snapdragon X: Major steps forward, but the same issue as always Looking ahead to 2026: 26H1, Agentic features that work, potential Windows 12, and AI PCs AI An extensive new interview with Mustafa Suleyman confirms why this guy is special and how confusing it is that Copilot is so disrespected Microsoft Copilot is auto-installing on LG smart TVs and there's no way to remove it GPT-5.2 is OpenAI's answer to Gemini 3 ChatGPT Images is OpenAI's answer to Nano Banana Pro Disney invests $1 billion OpenAI, sues Google Opera Neon is now generally available for $20 per month AI is moving quick as we all know but the bigger issue may be the incessant marketing about features like agents that don't even work now Microsoft is getting pushback on forced Copilot usage, price hikes Google is expanding its use of "experiments" outside of mainstream products with things like NotebookLM, Mixboard, CC, and much more. Maybe this is the better approach: Test separately and then integrate it into existing products Oddly enough, Microsoft does have a Windows AI Lab for this kind of experimentation Many small models vs. one big LLM in the cloud Mobile Fortnite is back in the Google Play Store in the U.S. as Google plays nice Apple loses its contempt appeal, the end of "junk fees" (Apple Tax) is in sight Xbox and gaming Xbox December Update has one big update for the mobile app and one big update for Xbox Wireless Headphones There's a new Xbox Developer Direct coming in January Half-Life 3 may really be happening, but it will be a Steam Machine launch title so it could be a while Tips & picks Tip of the year: De-enshittify Windows 11 App pick of the year: Fortnite RunAs Radio this week: Zero Trust in 2026 with Michele Bustamante Brown liquor pick of the week: Lark Symphony No. 1 These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/windows-weekly/episodes/963 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Sponsors: auraframes.com/ink framer.com/design promo code WW outsystems.com/twit cachefly.com/twit

Interview Segment: Tony Kelly Illuminating Data Blind Spots As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we'll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over their most sensitive assets. Our guest will break down how DSPM differs from adjacent technologies like DLP, CSPM, and DSP, and how it integrates into broader Zero Trust and cloud security strategies. We'll also explore how compliance and regulatory pressures are shaping the next evolution of the DSPM market—and what security leaders should be doing now to prepare. Segment Resources: https://static.fortra.com/corporate/pdfs/brochure/fta-corp-fortra-dspm-br.pdf This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Topic Segment: We've got passkeys, now what? Over this year on this podcast, we've talked a lot about infostealers. Passkeys are a clear solution to implementing phishing and theft-resistant authentication, but what about all these infostealers stealing OAuth keys and refresh tokens? As long as session hijacking is as simple as moving a cookie from one machine to another, securing authentication seems like solving only half the problem. Locking the front door, but leaving a side door unlocked. After doing some research, it appears that there has been some work on this front, including a few standards that have been introduced: DBSC (Device Bound Session Credentials) for browsers DPoP (Demonstrating Proof of Possession) for OAuth applications We'll address a few key questions in this segment: 1. how do these new standards help stop token theft? 2. how broadly have they been adopted? Segment Resources: FIDO Alliance White Paper: DBSC/DPOP as Complementary Technologies to FIDO Authentication News Segment Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-437

In today's evolving digital environment, many leaders are facing unprecedented levels of complexity. Cyber threats are escalating, regulatory demands are tightening, and organizations are expected to maintain resilience while embracing innovation. Few people understand this landscape more deeply than Scott Alldridge, CEO of IP Services, President of the IT Process Institute, and author of the globally acclaimed VisibleOps series. With more than three decades of experience guiding technical and non-technical teams alike, Scott has built a reputation for transforming complicated cybersecurity concepts into clear, actionable strategies. His people-process-technology framework has helped organizations strengthen governance, reduce risk, and build cyber-mature cultures capable of thriving in high-stakes environments.  In this episode, we discuss: How boards can elevate their cybersecurity oversight. Why organizations fail at cyber risk management, and how to fix it. Common misconceptions surrounding cybersecurity maturity. Scott's strategies for fostering ethical leadership and a security-first culture. Scott's most recent book, VisibleOps Cybersecurity, is an Amazon Best Seller and continues to influence executives, boards, and cybersecurity professionals around the world. Join us in this conversation as he breaks down the mindset and practices leaders need to stay ahead of current and future threats… You can connect with Scott and his work on his website! 

Why do smart people still click when every instinct tells them they should pause first? That question sits at the heart of this conversation with Denny LeCompte, CEO of Portnox and a rare cybersecurity leader who brings a background in cognitive psychology to identity, trust, and human error.   It is a discussion that pulls back the curtain on the habits, shortcuts, and blind spots that shape our decisions long before a breach becomes a headline.   Denny explains why people rely on benevolence cues, confirmation biases, and loss aversion, and then shows how attackers weaponize each. He explains why training alone cannot fix human fallibility and why a different design mindset is needed if we want security people can actually live with.   Through clear examples and thought-provoking analogies, he describes how teams can build environments that remove opportunities for mistakes rather than punishing people for being human.   We also explore what Zero Trust really means beyond marketing-speak. Denny cuts through the noise and frames it as a mindset shift rather than a product category. He draws on real conversations with CISOs to explain why passwordless adoption moves slowly and why the next wave of identity risk will come from AI agents operating within networks. It is a future in which the line between human and machine identity blurs, requiring access control to evolve just as quickly.   Later, Denny shares a personal story about a mentor who influenced his views, then explains Portnox's unified access control approach as organizations retire VPNs and passwords. His main point: security only works when systems reflect human nature, removing friction and helping people make safe choices. Every policy and workflow is a decision that impacts security outcomes.   What part of Denny's perspective made you reconsider your habits?   Useful Links Connect with Denny LeCompte, CEO of Portnox Learn more about Portnox Tech Talks Daily is sponsored by Denodo