<?xml version="1.0" encoding="UTF-8"?><?xml-stylesheet href="https://feeds.captivate.fm/style.xsl" type="text/xsl"?><rss xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom" version="2.0" xmlns:googleplay="http://www.google.com/schemas/play-podcasts/1.0" xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd" xmlns:sy="http://purl.org/rss/1.0/modules/syndication/" xmlns:podcast="https://podcastindex.org/namespace/1.0"><channel><atom:link href="https://feeds.captivate.fm/security-by-default/" rel="self" type="application/rss+xml"/><title><![CDATA[Security by Default]]></title><podcast:guid>b6e97b89-b8fe-5f33-9eef-6c1eb9a6101e</podcast:guid><lastBuildDate>Fri, 26 Jun 2026 12:20:40 +0000</lastBuildDate><generator>Captivate.fm</generator><language><![CDATA[en]]></language><copyright><![CDATA[Copyright 2026 Joseph Carson]]></copyright><managingEditor>Joseph Carson</managingEditor><itunes:summary><![CDATA[Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.]]></itunes:summary><image><url>https://artwork.captivate.fm/99c3c2e8-46d8-4d16-80b5-9bea3fa5408c/SecurityByDefault-Image-sqaure-3000.jpg</url><title>Security by Default</title><link><![CDATA[https://wiretrap.eu/podcast/]]></link></image><itunes:image href="https://artwork.captivate.fm/99c3c2e8-46d8-4d16-80b5-9bea3fa5408c/SecurityByDefault-Image-sqaure-3000.jpg"/><itunes:owner><itunes:name>Joseph Carson</itunes:name></itunes:owner><itunes:author>Joseph Carson</itunes:author><description>Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.</description><link>https://wiretrap.eu/podcast/</link><atom:link href="https://pubsubhubbub.appspot.com" rel="hub"/><itunes:subtitle><![CDATA[Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends.]]></itunes:subtitle><itunes:explicit>false</itunes:explicit><itunes:type>episodic</itunes:type><itunes:category text="Technology"></itunes:category><itunes:category text="Education"></itunes:category><itunes:category text="Business"></itunes:category><podcast:locked>no</podcast:locked><podcast:medium>podcast</podcast:medium><item><title>Why Identity Is Becoming Every CISO&apos;s Biggest Challenge | Vlad Shapiro</title><itunes:title>Why Identity Is Becoming Every CISO&apos;s Biggest Challenge | Vlad Shapiro</itunes:title><description><![CDATA[<p>Vlad Shapiro, a distinguished mathematician turned identity management expert, articulates his transformative journey in this episode, offering profound insights into the intersection of identity and business. He elucidates how the realm of identity has evolved into a critical pillar for organizational functionality, emphasizing that without effective identity management, business operations may falter. Our discussion delves into the implications of this evolution, particularly the necessity for board members to prioritize identity governance alongside traditional business strategies. Furthermore, we explore the pressing gaps within the current identity landscape, including the challenges posed by a lack of standardization and the imperative for innovative thinking to navigate an increasingly complex digital environment. Shapiro's reflections not only highlight the significance of identity management in contemporary business but also underscore the need for a collaborative approach that integrates technological advancements with ethical considerations for future generations.</p><p>In this episode of the Security by Default podcast, host Joe Carson engages with Vladislav Shapiro, who shares his journey from a mathematician to an identity management expert. They discuss the evolution of identity management, its growing importance in business, and the innovations shaping the future of identity technology. The conversation emphasizes the need for a business-oriented approach to identity, the gaps in current practices, and the ethical considerations in technology development. In this conversation, Joseph Carson and Vladislav Shapiro explore the complexities of AI governance, drawing parallels with nuclear energy management. They discuss the importance of control mechanisms, the role of identity in AI, and the emerging threats related to computational workload theft. The conversation emphasizes the need for continuous learning in a rapidly evolving technological landscape and the significance of visibility in understanding both good and bad actors in the AI space.</p><p>The dialogue between Joe Carson and Vlad Shapiro unfolds a captivating narrative that chronicles Vlad's evolution from an accomplished mathematician to a distinguished identity management expert. Vlad's journey is steeped in serendipity and introspection, illustrating the transformative power of career shifts propelled by the dynamics of professional landscapes and personal revelations. As he delves into his past, Vlad reflects on his academic pursuits in Ukraine and his subsequent migration to the United States, where he initially aspired to teach mathematics at a university level. However, as he navigated the academic landscape and its stark contrasts to European standards, he pivoted towards industry, seeking avenues to apply his analytical skills in a pragmatic context. The discussion transitions into a broader exploration of the identity management sector, a field that has burgeoned in significance over recent years. Vlad articulates the paradigm shift that identity management has undergone, now recognized as a critical business function rather than merely an IT concern. The conversation delves into the intricacies of identity governance, emphasizing the need for organizations to reconsider how they manage identity in a world increasingly reliant on digital interactions. Vlad's insights on the intersection of identity management and business strategy underscore the imperative for organizations to engage with this evolving landscape, reflecting on how identity impacts operational efficiency and risk management. As the episode progresses, Vlad shares his perspectives on contemporary challenges within the identity management domain, notably the importance of interoperability among diverse systems and the necessity for organizations to adapt to a rapidly evolving technological environment. His reflections on the ethical dimensions of identity management, particularly concerning data privacy and consumer trust, resonate deeply within the ongoing discourse surrounding digital identities. This episode serves as a profound reminder of the critical role that identity management plays in shaping secure and efficient organizational practices, and it encapsulates the wisdom gleaned from Vlad's unique journey through the realms of mathematics and identity management.</p><p>Takeaways:</p><ul><li>Vlad Shapiro's transition from a trained mathematician to an identity management expert showcases the fluidity of career paths in the technology sector.</li><li>The evolution of identity management has transformed it into a critical business function, emphasizing its integral role in organizational security and efficiency.</li><li>Understanding identity as a business imperative rather than merely a technical challenge is essential for engaging stakeholders and achieving strategic alignment.</li><li>The importance of fostering a culture of curiosity and continuous learning is paramount in the ever-evolving landscape of identity management and cybersecurity.</li><li>Innovations in identity management must prioritize interoperability to ensure seamless integration across diverse systems and platforms.</li><li>The conversation around identity management now encompasses ethical considerations, prompting a reevaluation of policies to mitigate risks associated with technological advancements.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>Vlad Shapiro, a distinguished mathematician turned identity management expert, articulates his transformative journey in this episode, offering profound insights into the intersection of identity and business. He elucidates how the realm of identity has evolved into a critical pillar for organizational functionality, emphasizing that without effective identity management, business operations may falter. Our discussion delves into the implications of this evolution, particularly the necessity for board members to prioritize identity governance alongside traditional business strategies. Furthermore, we explore the pressing gaps within the current identity landscape, including the challenges posed by a lack of standardization and the imperative for innovative thinking to navigate an increasingly complex digital environment. Shapiro's reflections not only highlight the significance of identity management in contemporary business but also underscore the need for a collaborative approach that integrates technological advancements with ethical considerations for future generations.</p><p>In this episode of the Security by Default podcast, host Joe Carson engages with Vladislav Shapiro, who shares his journey from a mathematician to an identity management expert. They discuss the evolution of identity management, its growing importance in business, and the innovations shaping the future of identity technology. The conversation emphasizes the need for a business-oriented approach to identity, the gaps in current practices, and the ethical considerations in technology development. In this conversation, Joseph Carson and Vladislav Shapiro explore the complexities of AI governance, drawing parallels with nuclear energy management. They discuss the importance of control mechanisms, the role of identity in AI, and the emerging threats related to computational workload theft. The conversation emphasizes the need for continuous learning in a rapidly evolving technological landscape and the significance of visibility in understanding both good and bad actors in the AI space.</p><p>The dialogue between Joe Carson and Vlad Shapiro unfolds a captivating narrative that chronicles Vlad's evolution from an accomplished mathematician to a distinguished identity management expert. Vlad's journey is steeped in serendipity and introspection, illustrating the transformative power of career shifts propelled by the dynamics of professional landscapes and personal revelations. As he delves into his past, Vlad reflects on his academic pursuits in Ukraine and his subsequent migration to the United States, where he initially aspired to teach mathematics at a university level. However, as he navigated the academic landscape and its stark contrasts to European standards, he pivoted towards industry, seeking avenues to apply his analytical skills in a pragmatic context. The discussion transitions into a broader exploration of the identity management sector, a field that has burgeoned in significance over recent years. Vlad articulates the paradigm shift that identity management has undergone, now recognized as a critical business function rather than merely an IT concern. The conversation delves into the intricacies of identity governance, emphasizing the need for organizations to reconsider how they manage identity in a world increasingly reliant on digital interactions. Vlad's insights on the intersection of identity management and business strategy underscore the imperative for organizations to engage with this evolving landscape, reflecting on how identity impacts operational efficiency and risk management. As the episode progresses, Vlad shares his perspectives on contemporary challenges within the identity management domain, notably the importance of interoperability among diverse systems and the necessity for organizations to adapt to a rapidly evolving technological environment. His reflections on the ethical dimensions of identity management, particularly concerning data privacy and consumer trust, resonate deeply within the ongoing discourse surrounding digital identities. This episode serves as a profound reminder of the critical role that identity management plays in shaping secure and efficient organizational practices, and it encapsulates the wisdom gleaned from Vlad's unique journey through the realms of mathematics and identity management.</p><p>Takeaways:</p><ul><li>Vlad Shapiro's transition from a trained mathematician to an identity management expert showcases the fluidity of career paths in the technology sector.</li><li>The evolution of identity management has transformed it into a critical business function, emphasizing its integral role in organizational security and efficiency.</li><li>Understanding identity as a business imperative rather than merely a technical challenge is essential for engaging stakeholders and achieving strategic alignment.</li><li>The importance of fostering a culture of curiosity and continuous learning is paramount in the ever-evolving landscape of identity management and cybersecurity.</li><li>Innovations in identity management must prioritize interoperability to ensure seamless integration across diverse systems and platforms.</li><li>The conversation around identity management now encompasses ethical considerations, prompting a reevaluation of policies to mitigate risks associated with technological advancements.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/navigating-identity-insights-from-vlad-shapiro]]></link><guid isPermaLink="false">fbc5b5b3-3029-4376-9e91-d00da9695c30</guid><itunes:image href="https://artwork.captivate.fm/00a22ec6-8738-4aa0-a467-b61f6b1e513e/generated-image-29.jpg"/><pubDate>Tue, 23 Jun 2026 08:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/fbc5b5b3-3029-4376-9e91-d00da9695c30.mp3" length="20913621" type="audio/mpeg"/><itunes:duration>43:34</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>33</itunes:episode><podcast:episode>33</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/55a90ee9-df97-418f-8785-d583b0405724/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/55a90ee9-df97-418f-8785-d583b0405724/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/55a90ee9-df97-418f-8785-d583b0405724/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-9e68c7e8-ae27-4325-ab29-7979eb180152.json" type="application/json+chapters"/></item><item><title>How Hackers Attack AI: The New Battle to Secure Intelligent Machines | Harriet Farlow</title><itunes:title>How Hackers Attack AI: The New Battle to Secure Intelligent Machines | Harriet Farlow</itunes:title><description><![CDATA[<p>This podcast episode delves into the intricate nexus of artificial intelligence and security, featuring an enlightening conversation with Harriet, the author of a newly released book Practical AI Security. We explore her compelling journey from a background in physics and anthropology to becoming a pivotal figure in the realm of cybersecurity, particularly focusing on the challenges posed by adversarial machine learning. Harriet elucidates the pressing necessity for organizations to comprehend and mitigate the security vulnerabilities inherent in AI systems, as well as the broader implications for national security. Our discourse also addresses the critical need for collaboration between cybersecurity professionals and AI developers to ensure that security considerations are embedded within AI design from the outset. Ultimately, we aim to provide our audience with a profound understanding of the evolving landscape of AI security and the imperative of safeguarding these transformative technologies.</p><h2>🎙️ Security by Default Podcast</h2><h1>Practical AI Security: Attacking, Defending, and Securing the Future of AI</h1><h2>With Harriet Farlow — Founder of Mileva Security Labs &amp; Author of <em>Practical AI Security</em></h2><p></p><p>Artificial Intelligence is transforming the way we build technology, automate decisions, analyze data, and solve some of the world’s biggest challenges.</p><p>But as AI becomes more powerful and more deeply embedded into our lives, one critical question becomes increasingly important:</p><p></p><p><strong class="ql-size-large">How do we secure AI itself?</strong></p><p>In this episode of <strong>Security by Default</strong>, host <strong>Joseph Carson</strong> is joined by <strong>Harriet Farlow</strong>, AI security researcher, founder of <strong>Mileva Security Labs</strong>, and author of <strong>“Practical AI Security: A Hands-On Guide to Attacking, Defending, and Securing Modern AI Systems.”</strong></p><p>Together they explore the rapidly evolving world of AI security, adversarial machine learning, and why understanding how AI works is essential before we can protect it.</p><h2></h2><h2>About This Episode</h2><p>AI is often described as the next technological revolution, but securing AI requires us to rethink many traditional cybersecurity approaches.</p><p>Unlike conventional software, AI systems are built on data, probability, optimization, and learning models. They do not always fail in predictable ways, and vulnerabilities are not always solved with a simple patch.</p><p>Harriet shares her fascinating journey from studying <strong>physics and anthropology</strong> to working in <strong>data science, national security, and artificial intelligence</strong>, eventually discovering the world of <strong>adversarial machine learning</strong> — where attackers attempt to manipulate and disrupt AI systems themselves.</p><p>This conversation goes beyond the hype and explores what defenders, developers, and organizations need to understand as AI becomes a critical part of modern technology.</p><h2></h2><h2>What You Will Learn</h2><p>🤖 <strong>Why AI Security Matters More Than Ever</strong></p><p>AI is becoming part of software development, business operations, healthcare, finance, critical infrastructure, and cybersecurity itself.</p><p>As adoption accelerates, organizations must move beyond simply asking:</p><p>“How can we use AI?”</p><p>and start asking:</p><p>“How do we secure AI?”</p><p></p><p>🧠 <strong>Understanding How AI Really Works</strong></p><p>Harriet explains why machine learning systems are fundamentally different from traditional software.</p><p>AI systems are:</p><ul><li>Probabilistic rather than deterministic</li><li>Dependent on training data quality</li><li>Designed around optimization</li><li>Continuously influenced by changing environments</li></ul><br/><p>Understanding these foundations is essential for anyone responsible for protecting AI.</p><p></p><p>🔓 <strong>The World of Adversarial Machine Learning</strong></p><p>What happens when attackers stop targeting only applications and infrastructure…</p><p>…and start targeting the AI model itself?</p><p>The episode explores:</p><ul><li>Model manipulation</li><li>Data poisoning</li><li>AI weaknesses</li><li>Training challenges</li><li>Unexpected behaviors</li><li>The difficulty of understanding model decisions</li></ul><br/><p></p><p>🛠️ <strong>How Do You Patch AI?</strong></p><p>One of the biggest questions facing cybersecurity professionals today:</p><p>If AI learns something wrong, how do we fix it?</p><p>Traditional security follows a familiar process:</p><p>Find vulnerability → Apply patch → Reduce risk</p><p>AI changes that.</p><p>Sometimes protecting AI is not about fixing code.</p><p>It is about understanding and correcting behavior.</p><p></p><p>⚔️ <strong>AI for Security vs Security for AI</strong></p><p>For years, organizations have focused on using AI to improve cybersecurity.</p><p>But now the challenge has expanded.</p><p>Cybersecurity needs AI.</p><p>But AI also needs cybersecurity.</p><p>As AI becomes part of everyday systems, security teams must understand how to protect the models, data, and decisions that organizations rely on.</p><p></p><p>🌍 <strong>Why AI Security Requires Different Skills</strong></p><p>The future of AI security requires collaboration between:</p><ul><li>Cybersecurity professionals</li><li>AI engineers</li><li>Data scientists</li><li>Researchers</li><li>Risk leaders</li><li>Policy experts</li></ul><br/><p>Building trustworthy AI means bringing these worlds together.</p><p>Security must be part of AI from the beginning.</p><h2></h2><h2>Key Topics Discussed</h2><p>🔹 Harriet’s journey from physics and anthropology into AI security</p><p>🔹 Working in data science and national security environments</p><p>🔹 Discovering adversarial machine learning</p><p>🔹 Founding Mileva Security Labs</p><p>🔹 Writing <em>Practical AI Security</em> with No Starch Press</p><p>🔹 Why AI vulnerabilities are different from software vulnerabilities</p><p>🔹 The importance of data quality and model training</p><p>🔹 Understanding probability and machine learning foundations</p><p>🔹 How attackers target AI systems</p><p>🔹 Why securing AI requires a new mindset</p><p>🔹 The future of AI safety and cybersecurity</p><p>🔹 Staying updated in a fast-moving industry</p><p>🔹 Building responsible and secure AI systems</p><h2></h2><h2>Memorable Quotes</h2><p>💬 “Before we can secure AI, we first need to understand how it works.”</p><p>💬 “AI security is not always about fixing a bug. Sometimes it is about correcting a behavior.”</p><p>💬 “Cybersecurity needs AI, but AI also needs cybersecurity.”</p><p>💬 “The future is not just about building smarter AI — it is about building safer AI.”</p><h2></h2><h2>Episode Chapters</h2><p><strong>00:00</strong> – Introduction to Security by Default</p><p><strong>01:03</strong> – Harriet Farlow’s origin story</p><p><strong>04:28</strong> – From data science to cybersecurity</p><p><strong>08:48</strong> – Creating Mileva Security Labs</p><p><strong>10:51</strong> – Conferences, community, and writing Practical AI Security</p><p><strong>17:28</strong> – How AI has evolved</p><p><strong>19:43</strong> – Understanding machine learning models</p><p><strong>21:43</strong> – The challenge of patching AI systems</p><p><strong>23:37</strong> – Training data, quality, and user impact</p><p><strong>25:23</strong> – Why AI models can be difficult to understand</p><p><strong>27:36</strong> – AI and cybersecurity coming together</p><p><strong>30:18</strong> – Why AI fundamentals matter</p><p><strong>32:04</strong> – Practical examples and real-world AI security</p><p><strong>33:38</strong> – Staying updated in AI security</p><p><strong>36:27</strong> – Learning from the AI security community</p><p><strong>38:08</strong> – Ethics and responsible AI development</p><h2></h2><h2>Guest</h2><p><strong>Harriet Farlow</strong></p><p>Founder — Malevra Security Labs</p><p>Author — <em>Practical AI Security</em></p><p>🔗 LinkedIn:</p><p><a href="https://www.linkedin.com/in/harriethfarlow/" rel="noopener noreferrer" target="_blank">https://www.linkedin.com/in/harriet-farlow-654963b7/</a></p><p>📘 Practical AI Security — No Starch Press</p><p><a href="https://nostarch.com" rel="noopener noreferrer" target="_blank">https://nostarch.com</a></p><p>🎓 AI Fundamentals Course</p><p><a href="https://harriethacks.com/courses/ai-fundamentals" rel="noopener noreferrer" target="_blank">https://harriethacks.com/course/</a></p><h2>Listen &amp; Subscribe</h2><p>🎧 <strong>Security by Default Podcast</strong></p><p>Exploring the people, stories, and ideas helping make technology safer.</p><p>Because security should not be an afterthought.</p><p>Security should be by default.</p><p>#SecurityByDefault #AISecurity #Cybersecurity #ArtificialIntelligence #MachineLearning #AdversarialML #AI #ResponsibleAI #SecurityResearch</p><p>Takeaways:</p><ul><li>The podcast episode discusses the importance of understanding AI security in the context of national security and its implications.</li><li>Harriet's journey from a background in physics and anthropology to her current role in AI security demonstrates the interdisciplinary nature of the field.</li><li>The conversation highlights the necessity for collaboration between AI developers and cybersecurity professionals to ensure secure AI systems.</li><li>Listeners are encouraged to engage with various resources to stay informed about the rapidly evolving landscape of AI and cybersecurity.</li><li>The significance of addressing the ethical considerations in AI development is emphasized throughout the discussion, focusing on empowering rather than replacing human effort.</li><li>The episode underscores the idea that AI security is not merely about using AI for cybersecurity but also about securing AI systems from external threats.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>This podcast episode delves into the intricate nexus of artificial intelligence and security, featuring an enlightening conversation with Harriet, the author of a newly released book Practical AI Security. We explore her compelling journey from a background in physics and anthropology to becoming a pivotal figure in the realm of cybersecurity, particularly focusing on the challenges posed by adversarial machine learning. Harriet elucidates the pressing necessity for organizations to comprehend and mitigate the security vulnerabilities inherent in AI systems, as well as the broader implications for national security. Our discourse also addresses the critical need for collaboration between cybersecurity professionals and AI developers to ensure that security considerations are embedded within AI design from the outset. Ultimately, we aim to provide our audience with a profound understanding of the evolving landscape of AI security and the imperative of safeguarding these transformative technologies.</p><h2>🎙️ Security by Default Podcast</h2><h1>Practical AI Security: Attacking, Defending, and Securing the Future of AI</h1><h2>With Harriet Farlow — Founder of Mileva Security Labs &amp; Author of <em>Practical AI Security</em></h2><p></p><p>Artificial Intelligence is transforming the way we build technology, automate decisions, analyze data, and solve some of the world’s biggest challenges.</p><p>But as AI becomes more powerful and more deeply embedded into our lives, one critical question becomes increasingly important:</p><p></p><p><strong class="ql-size-large">How do we secure AI itself?</strong></p><p>In this episode of <strong>Security by Default</strong>, host <strong>Joseph Carson</strong> is joined by <strong>Harriet Farlow</strong>, AI security researcher, founder of <strong>Mileva Security Labs</strong>, and author of <strong>“Practical AI Security: A Hands-On Guide to Attacking, Defending, and Securing Modern AI Systems.”</strong></p><p>Together they explore the rapidly evolving world of AI security, adversarial machine learning, and why understanding how AI works is essential before we can protect it.</p><h2></h2><h2>About This Episode</h2><p>AI is often described as the next technological revolution, but securing AI requires us to rethink many traditional cybersecurity approaches.</p><p>Unlike conventional software, AI systems are built on data, probability, optimization, and learning models. They do not always fail in predictable ways, and vulnerabilities are not always solved with a simple patch.</p><p>Harriet shares her fascinating journey from studying <strong>physics and anthropology</strong> to working in <strong>data science, national security, and artificial intelligence</strong>, eventually discovering the world of <strong>adversarial machine learning</strong> — where attackers attempt to manipulate and disrupt AI systems themselves.</p><p>This conversation goes beyond the hype and explores what defenders, developers, and organizations need to understand as AI becomes a critical part of modern technology.</p><h2></h2><h2>What You Will Learn</h2><p>🤖 <strong>Why AI Security Matters More Than Ever</strong></p><p>AI is becoming part of software development, business operations, healthcare, finance, critical infrastructure, and cybersecurity itself.</p><p>As adoption accelerates, organizations must move beyond simply asking:</p><p>“How can we use AI?”</p><p>and start asking:</p><p>“How do we secure AI?”</p><p></p><p>🧠 <strong>Understanding How AI Really Works</strong></p><p>Harriet explains why machine learning systems are fundamentally different from traditional software.</p><p>AI systems are:</p><ul><li>Probabilistic rather than deterministic</li><li>Dependent on training data quality</li><li>Designed around optimization</li><li>Continuously influenced by changing environments</li></ul><br/><p>Understanding these foundations is essential for anyone responsible for protecting AI.</p><p></p><p>🔓 <strong>The World of Adversarial Machine Learning</strong></p><p>What happens when attackers stop targeting only applications and infrastructure…</p><p>…and start targeting the AI model itself?</p><p>The episode explores:</p><ul><li>Model manipulation</li><li>Data poisoning</li><li>AI weaknesses</li><li>Training challenges</li><li>Unexpected behaviors</li><li>The difficulty of understanding model decisions</li></ul><br/><p></p><p>🛠️ <strong>How Do You Patch AI?</strong></p><p>One of the biggest questions facing cybersecurity professionals today:</p><p>If AI learns something wrong, how do we fix it?</p><p>Traditional security follows a familiar process:</p><p>Find vulnerability → Apply patch → Reduce risk</p><p>AI changes that.</p><p>Sometimes protecting AI is not about fixing code.</p><p>It is about understanding and correcting behavior.</p><p></p><p>⚔️ <strong>AI for Security vs Security for AI</strong></p><p>For years, organizations have focused on using AI to improve cybersecurity.</p><p>But now the challenge has expanded.</p><p>Cybersecurity needs AI.</p><p>But AI also needs cybersecurity.</p><p>As AI becomes part of everyday systems, security teams must understand how to protect the models, data, and decisions that organizations rely on.</p><p></p><p>🌍 <strong>Why AI Security Requires Different Skills</strong></p><p>The future of AI security requires collaboration between:</p><ul><li>Cybersecurity professionals</li><li>AI engineers</li><li>Data scientists</li><li>Researchers</li><li>Risk leaders</li><li>Policy experts</li></ul><br/><p>Building trustworthy AI means bringing these worlds together.</p><p>Security must be part of AI from the beginning.</p><h2></h2><h2>Key Topics Discussed</h2><p>🔹 Harriet’s journey from physics and anthropology into AI security</p><p>🔹 Working in data science and national security environments</p><p>🔹 Discovering adversarial machine learning</p><p>🔹 Founding Mileva Security Labs</p><p>🔹 Writing <em>Practical AI Security</em> with No Starch Press</p><p>🔹 Why AI vulnerabilities are different from software vulnerabilities</p><p>🔹 The importance of data quality and model training</p><p>🔹 Understanding probability and machine learning foundations</p><p>🔹 How attackers target AI systems</p><p>🔹 Why securing AI requires a new mindset</p><p>🔹 The future of AI safety and cybersecurity</p><p>🔹 Staying updated in a fast-moving industry</p><p>🔹 Building responsible and secure AI systems</p><h2></h2><h2>Memorable Quotes</h2><p>💬 “Before we can secure AI, we first need to understand how it works.”</p><p>💬 “AI security is not always about fixing a bug. Sometimes it is about correcting a behavior.”</p><p>💬 “Cybersecurity needs AI, but AI also needs cybersecurity.”</p><p>💬 “The future is not just about building smarter AI — it is about building safer AI.”</p><h2></h2><h2>Episode Chapters</h2><p><strong>00:00</strong> – Introduction to Security by Default</p><p><strong>01:03</strong> – Harriet Farlow’s origin story</p><p><strong>04:28</strong> – From data science to cybersecurity</p><p><strong>08:48</strong> – Creating Mileva Security Labs</p><p><strong>10:51</strong> – Conferences, community, and writing Practical AI Security</p><p><strong>17:28</strong> – How AI has evolved</p><p><strong>19:43</strong> – Understanding machine learning models</p><p><strong>21:43</strong> – The challenge of patching AI systems</p><p><strong>23:37</strong> – Training data, quality, and user impact</p><p><strong>25:23</strong> – Why AI models can be difficult to understand</p><p><strong>27:36</strong> – AI and cybersecurity coming together</p><p><strong>30:18</strong> – Why AI fundamentals matter</p><p><strong>32:04</strong> – Practical examples and real-world AI security</p><p><strong>33:38</strong> – Staying updated in AI security</p><p><strong>36:27</strong> – Learning from the AI security community</p><p><strong>38:08</strong> – Ethics and responsible AI development</p><h2></h2><h2>Guest</h2><p><strong>Harriet Farlow</strong></p><p>Founder — Malevra Security Labs</p><p>Author — <em>Practical AI Security</em></p><p>🔗 LinkedIn:</p><p><a href="https://www.linkedin.com/in/harriethfarlow/" rel="noopener noreferrer" target="_blank">https://www.linkedin.com/in/harriet-farlow-654963b7/</a></p><p>📘 Practical AI Security — No Starch Press</p><p><a href="https://nostarch.com" rel="noopener noreferrer" target="_blank">https://nostarch.com</a></p><p>🎓 AI Fundamentals Course</p><p><a href="https://harriethacks.com/courses/ai-fundamentals" rel="noopener noreferrer" target="_blank">https://harriethacks.com/course/</a></p><h2>Listen &amp; Subscribe</h2><p>🎧 <strong>Security by Default Podcast</strong></p><p>Exploring the people, stories, and ideas helping make technology safer.</p><p>Because security should not be an afterthought.</p><p>Security should be by default.</p><p>#SecurityByDefault #AISecurity #Cybersecurity #ArtificialIntelligence #MachineLearning #AdversarialML #AI #ResponsibleAI #SecurityResearch</p><p>Takeaways:</p><ul><li>The podcast episode discusses the importance of understanding AI security in the context of national security and its implications.</li><li>Harriet's journey from a background in physics and anthropology to her current role in AI security demonstrates the interdisciplinary nature of the field.</li><li>The conversation highlights the necessity for collaboration between AI developers and cybersecurity professionals to ensure secure AI systems.</li><li>Listeners are encouraged to engage with various resources to stay informed about the rapidly evolving landscape of AI and cybersecurity.</li><li>The significance of addressing the ethical considerations in AI development is emphasized throughout the discussion, focusing on empowering rather than replacing human effort.</li><li>The episode underscores the idea that AI security is not merely about using AI for cybersecurity but also about securing AI systems from external threats.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/practical-ai-security-attacking-defending-and-securing-the-future-of-ai-with-harriet-farlow]]></link><guid isPermaLink="false">327cf037-4084-4b11-8588-3e90ce77df7a</guid><itunes:image href="https://artwork.captivate.fm/9c70d233-6003-4367-883d-e7f12176879b/generated-image-23.jpg"/><pubDate>Tue, 09 Jun 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/327cf037-4084-4b11-8588-3e90ce77df7a.mp3" length="20453265" type="audio/mpeg"/><itunes:duration>42:37</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>32</itunes:episode><podcast:episode>32</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/9078ef55-7b72-4c98-8f13-ff37697daa43/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/9078ef55-7b72-4c98-8f13-ff37697daa43/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/9078ef55-7b72-4c98-8f13-ff37697daa43/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-1828a9a5-ae2e-47f2-9c64-2dac89e3bd53.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="Practical AI Security - Attacking, Defending, and Securing the Future of AI with Harriet Farlow"><podcast:source uri="https://youtu.be/nnRyQFNRdz8"/></podcast:alternateEnclosure></item><item><title>AI Is Not Magic: The Truth Behind the Technology Changing Everything | Diana Kelley</title><itunes:title>AI Is Not Magic: The Truth Behind the Technology Changing Everything | Diana Kelley</itunes:title><description><![CDATA[<p>This podcast episode elucidates the evolution of artificial intelligence, particularly focusing on the transition from earlier models such as ELIZA and Watson to contemporary systems like ChatGPT and Claude. Our discussion emphasizes the importance of understanding the context and limitations of AI, as well as the implications of its rapid advancement on our professional landscape. We delve into the nuances of prompt engineering and the necessity of training AI models to interpret context effectively, which has become increasingly pivotal in their application. Furthermore, we address the societal concerns regarding job displacement in the wake of AI proliferation, positing that while certain roles may be rendered obsolete, new opportunities will arise, necessitating continuous adaptation and retraining. Ultimately, our dialogue aims to provide clarity amidst the complexities of AI technology, underscoring the imperative for informed engagement with these transformative tools.</p><p>In this episode of the Security by Default podcast, host Joe Carson welcomes Diana Kelley, a prominent figure in the tech industry, to discuss her journey in technology, the evolution of AI, and its implications for cybersecurity and the job market. They explore the historical context of AI, from early systems like ELIZA to modern advancements like Watson and ChatGPT, and address common misconceptions about AI's capabilities. The conversation also delves into the future of jobs in an AI-driven world, emphasizing the need for training and understanding of AI technologies. In this conversation, Joseph Carson and Diana Kelley discuss the evolution of jobs in the context of technological advancements, particularly focusing on AI and its implications for the workforce. They explore the necessity of continuous retraining and the emergence of new roles, the importance of contextual understanding in AI, and the behavior of AI agents. Additionally, they emphasize the need for control mechanisms in AI development and the importance of empowering women in cybersecurity to address the growing challenges in the field.</p><p></p><p><span class="ql-size-large">Takeaways</span></p><ul><li>The podcast aims to bring clarity and transparency to the chaos in the tech world.</li><li>Diana Kelley has a rich history in technology, starting from the DARPAnet in the 1970s.</li><li>ELIZA was one of the first AI systems, designed to emulate a therapist.</li><li>Watson's success in Jeopardy was due to its speed, not intelligence.</li><li>AI's interaction with humans can lead to misconceptions about its capabilities.</li><li>Chain of thought prompting has improved AI's problem-solving abilities.</li><li>AI is a probability machine, not a sentient being.</li><li>Training is essential for effective AI usage.</li><li>The evolution of AI has implications for job security and creation.</li><li>Legacy systems still require human oversight and expertise. The jobs we have today are constantly evolving due to technology.</li><li>Retraining is essential to stay relevant in the workforce.</li><li>AI will create new job opportunities in various fields.</li><li>Understanding context is crucial for effective AI interaction.</li><li>Prompt engineering is a vital skill in working with AI models.</li><li>Control mechanisms are necessary for managing AI behavior.</li><li>Empowering women in cybersecurity is critical for the industry's future.</li><li>Community support is essential for fostering diversity in tech.</li><li>Continuous learning is key to adapting to technological changes.</li><li>Networking and mentorship play a significant role in career development.</li></ul><br/><p></p><p><span class="ql-size-large">Chapters</span></p><p>00:00 Introduction to the Podcast and Guest</p><p>01:01 Diana Kelley's Journey in Tech</p><p>04:56 The Evolution of AI: From ELIZA to Watson</p><p>10:14 AI in Cybersecurity: Training Watson for Cyber</p><p>14:03 Understanding AI: Human-like Interaction and Misconceptions</p><p>16:33 Advancements in AI: Chain of Thought Prompting</p><p>20:11 The Future of Jobs in the Age of AI</p><p>21:20 The Evolution of Jobs and Skills</p><p>23:51 AI and Human Interaction</p><p>27:06 Contextual Understanding in AI</p><p>29:56 Agent Behavior and Control</p><p>32:58 Staying Informed in a Rapidly Changing Field</p><p>36:07 Empowering Women in Cybersecurity</p><p></p><p><span class="ql-size-large">Resources &amp; Links:</span></p><ul><li><a href="https://en.wikipedia.org/wiki/ELIZA" rel="noopener noreferrer" target="_blank">ELIZA - Joseph Weizenbaum's AI Program</a></li><li><a href="https://www.linkedin.com/in/dianakelleysecuritycurve/" rel="noopener noreferrer" target="_blank">Diana Kelley - LinkedIn</a></li><li><a href="https://genai.owasp.org/" rel="noopener noreferrer" target="_blank">OWASP GenAI Project</a></li><li><a href="https://www.wicys.org/" rel="noopener noreferrer" target="_blank">Women in Cybersecurity (WiCyS)</a></li><li><a href="https://www.ibm.com/watson" rel="noopener noreferrer" target="_blank">IBM Watson</a></li><li><a href="https://openai.com/" rel="noopener noreferrer" target="_blank">OpenAI GPT Models</a></li><li><a href="https://www.anthropic.com/" rel="noopener noreferrer" target="_blank">Anthropic's Claude</a></li></ul><br/><p></p><p><span class="ql-size-large">Connect with Diana Kelley:</span></p><ul><li><a href="https://www.linkedin.com/in/dianakelleysecuritycurve/" rel="noopener noreferrer" target="_blank">LinkedIn</a></li></ul><br/><p></p><p>Enjoy this insightful conversation on the past, present, and future of AI and cybersecurity, highlighting the balance between innovation and responsible deployment.</p><p>The discourse conducted in the latest installment of the Security By Default podcast presents a profound exploration of the evolution of artificial intelligence (AI) and its consequential implications within the cybersecurity domain. The host, Joe Carson, alongside esteemed guest Diana Kelly, embarks on a reflective journey that traverses the historical underpinnings of AI, commencing with early innovations such as the DARPA Net and the pioneering chatbot Eliza, which simulated therapeutic conversation. As the conversation unfolds, they elucidate the transformative journey of AI from rudimentary systems to contemporary models like IBM's Watson and emergent generative AI technologies. The dialogue is rich with insights on how these advancements not only augment human capabilities but also necessitate a reevaluation of cybersecurity protocols, particularly in the context of AI's dual potential for both beneficial applications and nefarious exploits. Through this enlightening exchange, the episode instills a nuanced understanding of the need for responsible AI usage, emphasizing the importance of training and ethical considerations in the burgeoning field of AI-driven technologies.</p><p>Takeaways:</p><ul><li>In this episode, we explore the evolution of AI technologies from early models like Eliza to modern systems such as Claude and ChatGPT, discussing their implications and societal impacts.</li><li>The podcast emphasizes the importance of understanding the context in which AI operates, highlighting that these models do not possess true intelligence or decision-making capabilities.</li><li>We address the urgency of educating users about responsible AI use, advocating for training requirements that ensure individuals comprehend the limitations and potential risks associated with these technologies.</li><li>The discussion includes insights on the future of the workforce, particularly on how AI may transform job roles while also creating new opportunities for skilled professionals.</li><li>We reflect on the historical significance of AI advancements, illustrating how past innovations inform our current understanding and utilization of machine learning algorithms.</li><li>The episode concludes with a call to action for listeners to engage with AI thoughtfully, encouraging them to remain informed and proactive in adapting to the rapidly changing technological landscape.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>This podcast episode elucidates the evolution of artificial intelligence, particularly focusing on the transition from earlier models such as ELIZA and Watson to contemporary systems like ChatGPT and Claude. Our discussion emphasizes the importance of understanding the context and limitations of AI, as well as the implications of its rapid advancement on our professional landscape. We delve into the nuances of prompt engineering and the necessity of training AI models to interpret context effectively, which has become increasingly pivotal in their application. Furthermore, we address the societal concerns regarding job displacement in the wake of AI proliferation, positing that while certain roles may be rendered obsolete, new opportunities will arise, necessitating continuous adaptation and retraining. Ultimately, our dialogue aims to provide clarity amidst the complexities of AI technology, underscoring the imperative for informed engagement with these transformative tools.</p><p>In this episode of the Security by Default podcast, host Joe Carson welcomes Diana Kelley, a prominent figure in the tech industry, to discuss her journey in technology, the evolution of AI, and its implications for cybersecurity and the job market. They explore the historical context of AI, from early systems like ELIZA to modern advancements like Watson and ChatGPT, and address common misconceptions about AI's capabilities. The conversation also delves into the future of jobs in an AI-driven world, emphasizing the need for training and understanding of AI technologies. In this conversation, Joseph Carson and Diana Kelley discuss the evolution of jobs in the context of technological advancements, particularly focusing on AI and its implications for the workforce. They explore the necessity of continuous retraining and the emergence of new roles, the importance of contextual understanding in AI, and the behavior of AI agents. Additionally, they emphasize the need for control mechanisms in AI development and the importance of empowering women in cybersecurity to address the growing challenges in the field.</p><p></p><p><span class="ql-size-large">Takeaways</span></p><ul><li>The podcast aims to bring clarity and transparency to the chaos in the tech world.</li><li>Diana Kelley has a rich history in technology, starting from the DARPAnet in the 1970s.</li><li>ELIZA was one of the first AI systems, designed to emulate a therapist.</li><li>Watson's success in Jeopardy was due to its speed, not intelligence.</li><li>AI's interaction with humans can lead to misconceptions about its capabilities.</li><li>Chain of thought prompting has improved AI's problem-solving abilities.</li><li>AI is a probability machine, not a sentient being.</li><li>Training is essential for effective AI usage.</li><li>The evolution of AI has implications for job security and creation.</li><li>Legacy systems still require human oversight and expertise. The jobs we have today are constantly evolving due to technology.</li><li>Retraining is essential to stay relevant in the workforce.</li><li>AI will create new job opportunities in various fields.</li><li>Understanding context is crucial for effective AI interaction.</li><li>Prompt engineering is a vital skill in working with AI models.</li><li>Control mechanisms are necessary for managing AI behavior.</li><li>Empowering women in cybersecurity is critical for the industry's future.</li><li>Community support is essential for fostering diversity in tech.</li><li>Continuous learning is key to adapting to technological changes.</li><li>Networking and mentorship play a significant role in career development.</li></ul><br/><p></p><p><span class="ql-size-large">Chapters</span></p><p>00:00 Introduction to the Podcast and Guest</p><p>01:01 Diana Kelley's Journey in Tech</p><p>04:56 The Evolution of AI: From ELIZA to Watson</p><p>10:14 AI in Cybersecurity: Training Watson for Cyber</p><p>14:03 Understanding AI: Human-like Interaction and Misconceptions</p><p>16:33 Advancements in AI: Chain of Thought Prompting</p><p>20:11 The Future of Jobs in the Age of AI</p><p>21:20 The Evolution of Jobs and Skills</p><p>23:51 AI and Human Interaction</p><p>27:06 Contextual Understanding in AI</p><p>29:56 Agent Behavior and Control</p><p>32:58 Staying Informed in a Rapidly Changing Field</p><p>36:07 Empowering Women in Cybersecurity</p><p></p><p><span class="ql-size-large">Resources &amp; Links:</span></p><ul><li><a href="https://en.wikipedia.org/wiki/ELIZA" rel="noopener noreferrer" target="_blank">ELIZA - Joseph Weizenbaum's AI Program</a></li><li><a href="https://www.linkedin.com/in/dianakelleysecuritycurve/" rel="noopener noreferrer" target="_blank">Diana Kelley - LinkedIn</a></li><li><a href="https://genai.owasp.org/" rel="noopener noreferrer" target="_blank">OWASP GenAI Project</a></li><li><a href="https://www.wicys.org/" rel="noopener noreferrer" target="_blank">Women in Cybersecurity (WiCyS)</a></li><li><a href="https://www.ibm.com/watson" rel="noopener noreferrer" target="_blank">IBM Watson</a></li><li><a href="https://openai.com/" rel="noopener noreferrer" target="_blank">OpenAI GPT Models</a></li><li><a href="https://www.anthropic.com/" rel="noopener noreferrer" target="_blank">Anthropic's Claude</a></li></ul><br/><p></p><p><span class="ql-size-large">Connect with Diana Kelley:</span></p><ul><li><a href="https://www.linkedin.com/in/dianakelleysecuritycurve/" rel="noopener noreferrer" target="_blank">LinkedIn</a></li></ul><br/><p></p><p>Enjoy this insightful conversation on the past, present, and future of AI and cybersecurity, highlighting the balance between innovation and responsible deployment.</p><p>The discourse conducted in the latest installment of the Security By Default podcast presents a profound exploration of the evolution of artificial intelligence (AI) and its consequential implications within the cybersecurity domain. The host, Joe Carson, alongside esteemed guest Diana Kelly, embarks on a reflective journey that traverses the historical underpinnings of AI, commencing with early innovations such as the DARPA Net and the pioneering chatbot Eliza, which simulated therapeutic conversation. As the conversation unfolds, they elucidate the transformative journey of AI from rudimentary systems to contemporary models like IBM's Watson and emergent generative AI technologies. The dialogue is rich with insights on how these advancements not only augment human capabilities but also necessitate a reevaluation of cybersecurity protocols, particularly in the context of AI's dual potential for both beneficial applications and nefarious exploits. Through this enlightening exchange, the episode instills a nuanced understanding of the need for responsible AI usage, emphasizing the importance of training and ethical considerations in the burgeoning field of AI-driven technologies.</p><p>Takeaways:</p><ul><li>In this episode, we explore the evolution of AI technologies from early models like Eliza to modern systems such as Claude and ChatGPT, discussing their implications and societal impacts.</li><li>The podcast emphasizes the importance of understanding the context in which AI operates, highlighting that these models do not possess true intelligence or decision-making capabilities.</li><li>We address the urgency of educating users about responsible AI use, advocating for training requirements that ensure individuals comprehend the limitations and potential risks associated with these technologies.</li><li>The discussion includes insights on the future of the workforce, particularly on how AI may transform job roles while also creating new opportunities for skilled professionals.</li><li>We reflect on the historical significance of AI advancements, illustrating how past innovations inform our current understanding and utilization of machine learning algorithms.</li><li>The episode concludes with a call to action for listeners to engage with AI thoughtfully, encouraging them to remain informed and proactive in adapting to the rapidly changing technological landscape.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/the-future-of-cybersecurity-in-an-ai-driven-world-with-diana-kelley]]></link><guid isPermaLink="false">8ba08786-7d76-4852-895d-0daa266a1d59</guid><itunes:image href="https://artwork.captivate.fm/dca6ab9a-2384-4618-9322-9e11780a1127/ChatGPT-Image-Jun-16-2026-06-12-18-PM.jpg"/><pubDate>Tue, 26 May 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/8ba08786-7d76-4852-895d-0daa266a1d59.mp3" length="17596070" type="audio/mpeg"/><itunes:duration>36:40</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>31</itunes:episode><podcast:episode>31</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/dfd9f2ec-2b89-47eb-9e62-c7c9ab53ad6d/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/dfd9f2ec-2b89-47eb-9e62-c7c9ab53ad6d/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/dfd9f2ec-2b89-47eb-9e62-c7c9ab53ad6d/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-101e7517-46fe-4378-8e5d-d0685a691d3e.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="The Truth About AI, Security &amp; the Future of Human Jobs"><podcast:source uri="https://youtu.be/drfYmLOFmd4"/></podcast:alternateEnclosure></item><item><title>Why Cybersecurity Fails Without Trust: The Human Side of Defense | JC Vega</title><itunes:title>Why Cybersecurity Fails Without Trust: The Human Side of Defense | JC Vega</itunes:title><description><![CDATA[<p>This podcast episode elucidates the critical importance of effective communication and leadership within the realm of cybersecurity. We engage in a profound discussion with JC Vega, who shares his extensive background in both operational security and cybersecurity, emphasizing the necessity of translating complex technical concepts into relatable business language. We explore the pivotal role of leaders in fostering a secure organizational environment, underscoring that cybersecurity is not merely an IT concern, but an enterprise-wide imperative that encompasses every facet of an organization's operations. The conversation further delves into strategies for empowering champions within organizations to advocate for security practices, thus ensuring that everyone understands the significance of their roles in safeguarding the enterprise. Ultimately, we aspire to convey that a collaborative, informed approach is essential in navigating the complexities of today's security landscape, thereby enhancing both individual and organizational resilience.</p><p>In this episode, cybersecurity expert JC Vega shares insights on effective communication, leadership, and risk management in cybersecurity. He emphasizes the importance of translating technical concepts for business leaders, building trust, and fostering community to enhance organizational resilience.</p><p></p><p><span class="ql-size-large">keywords</span></p><p>cybersecurity, leadership, risk management, communication, trust, community, organizational resilience, cybersecurity education</p><p></p><p><span class="ql-size-large">keytopics</span></p><ul><li>Translating cybersecurity for non-technical audiences</li><li>Building champions within organizations</li><li>The importance of trust and verification in security</li><li>Cybersecurity as an enterprise survival issue</li><li>Leveraging AI and technology responsibly</li></ul><br/><p></p><p><span class="ql-size-large">sound bites</span></p><p>"Validate and verify, don't just trust."</p><p>"Train like it's a Super Bowl."</p><p>"Leave a link, build a community."</p><p></p><p><span class="ql-size-large">Chapters</span></p><p>00:00 Introduction to Cybersecurity Leadership</p><p>02:34 Translating Cybersecurity for Non-Technical Audiences</p><p>05:13 Building a Team of Champions</p><p>08:02 Understanding Business Impact and Risk</p><p>10:39 The Role of AI in Cybersecurity</p><p>12:58 Cybersecurity as an Enterprise Survival Problem</p><p>15:21 The Importance of Ecosystem Relationships</p><p>18:00 Trust and Zero Trust in Cybersecurity</p><p>20:28 Continuous Learning and Community Engagement</p><p></p><p><span class="ql-size-large">resources</span></p><p>Cyber Cannon Project - https://cybercannonproject.org/</p><p>B-Sides Conferences - https://www.bsidescon.org/</p><p>LinkedIn Profile of JC Vega - https://www.linkedin.com/in/jcvega/</p><p>Takeaways:</p><ul><li>The podcast emphasizes the necessity of translating complex cybersecurity concepts into practical business language for effective communication.</li><li>I believe that strong relationships with champions within organizations are crucial for cybersecurity success and operational resilience.</li><li>Our discussion highlights the importance of understanding the operational goals of various stakeholders to better address their cybersecurity needs.</li><li>We advocate for the continuous evolution of skills and knowledge within the cybersecurity field through collaboration and community engagement.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>This podcast episode elucidates the critical importance of effective communication and leadership within the realm of cybersecurity. We engage in a profound discussion with JC Vega, who shares his extensive background in both operational security and cybersecurity, emphasizing the necessity of translating complex technical concepts into relatable business language. We explore the pivotal role of leaders in fostering a secure organizational environment, underscoring that cybersecurity is not merely an IT concern, but an enterprise-wide imperative that encompasses every facet of an organization's operations. The conversation further delves into strategies for empowering champions within organizations to advocate for security practices, thus ensuring that everyone understands the significance of their roles in safeguarding the enterprise. Ultimately, we aspire to convey that a collaborative, informed approach is essential in navigating the complexities of today's security landscape, thereby enhancing both individual and organizational resilience.</p><p>In this episode, cybersecurity expert JC Vega shares insights on effective communication, leadership, and risk management in cybersecurity. He emphasizes the importance of translating technical concepts for business leaders, building trust, and fostering community to enhance organizational resilience.</p><p></p><p><span class="ql-size-large">keywords</span></p><p>cybersecurity, leadership, risk management, communication, trust, community, organizational resilience, cybersecurity education</p><p></p><p><span class="ql-size-large">keytopics</span></p><ul><li>Translating cybersecurity for non-technical audiences</li><li>Building champions within organizations</li><li>The importance of trust and verification in security</li><li>Cybersecurity as an enterprise survival issue</li><li>Leveraging AI and technology responsibly</li></ul><br/><p></p><p><span class="ql-size-large">sound bites</span></p><p>"Validate and verify, don't just trust."</p><p>"Train like it's a Super Bowl."</p><p>"Leave a link, build a community."</p><p></p><p><span class="ql-size-large">Chapters</span></p><p>00:00 Introduction to Cybersecurity Leadership</p><p>02:34 Translating Cybersecurity for Non-Technical Audiences</p><p>05:13 Building a Team of Champions</p><p>08:02 Understanding Business Impact and Risk</p><p>10:39 The Role of AI in Cybersecurity</p><p>12:58 Cybersecurity as an Enterprise Survival Problem</p><p>15:21 The Importance of Ecosystem Relationships</p><p>18:00 Trust and Zero Trust in Cybersecurity</p><p>20:28 Continuous Learning and Community Engagement</p><p></p><p><span class="ql-size-large">resources</span></p><p>Cyber Cannon Project - https://cybercannonproject.org/</p><p>B-Sides Conferences - https://www.bsidescon.org/</p><p>LinkedIn Profile of JC Vega - https://www.linkedin.com/in/jcvega/</p><p>Takeaways:</p><ul><li>The podcast emphasizes the necessity of translating complex cybersecurity concepts into practical business language for effective communication.</li><li>I believe that strong relationships with champions within organizations are crucial for cybersecurity success and operational resilience.</li><li>Our discussion highlights the importance of understanding the operational goals of various stakeholders to better address their cybersecurity needs.</li><li>We advocate for the continuous evolution of skills and knowledge within the cybersecurity field through collaboration and community engagement.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/building-trust-and-community-in-cybersecurity-leadership-with-jc-vega]]></link><guid isPermaLink="false">db00caa8-0c29-426e-ac4e-259e721e119c</guid><itunes:image href="https://artwork.captivate.fm/87c41c40-3de1-4ea6-81f5-17c295e7037c/Building-Trust-and-Community-in-Cybersecurity-with-JC-Vega-Thum.jpg"/><pubDate>Tue, 12 May 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/db00caa8-0c29-426e-ac4e-259e721e119c.mp3" length="17920406" type="audio/mpeg"/><itunes:duration>37:20</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>30</itunes:episode><podcast:episode>30</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/45549993-b74d-4c28-ad12-66a3f0e16715/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/45549993-b74d-4c28-ad12-66a3f0e16715/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/45549993-b74d-4c28-ad12-66a3f0e16715/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-69cf834d-f801-4066-a28f-9bd61d56836f.json" type="application/json+chapters"/></item><item><title>Can AI Beat Hackers? The Future of Cyber Training Has Changed | Hack The Box</title><itunes:title>Can AI Beat Hackers? The Future of Cyber Training Has Changed | Hack The Box</itunes:title><description><![CDATA[<p>The eminent discourse of this podcast episode delves into the pivotal role of artificial intelligence in the contemporary cybersecurity landscape, underscoring the symbiotic relationship between AI and human expertise. I, Joseph Carson, engage in a compelling conversation with Gerasmus, a distinguished figure from Hack the Box, as we explore the transformative impact of AI on both offensive and defensive cybersecurity strategies. Our dialogue illuminates the necessity for practitioners to adapt and evolve their skill sets in tandem with rapid technological advancements, highlighting the significance of platforms such as Hack the Box in fostering a culture of continuous learning and practical application. We further examine the implications of AI governance and the emergence of agentic AI as a potential risk factor, urging a meticulous approach to data management and security protocols. Ultimately, this episode serves as a clarion call for cybersecurity professionals to embrace innovation while preserving the essential human element in safeguarding digital infrastructures.</p><p>In this special edition recorded live at RSA Conference, Joseph Carson is joined by Gerasimos Marketos (gmar), Chief Product Officer at Hack The Box.</p><p>They explore how AI is reshaping cybersecurity skills, why traditional education is struggling to keep up, and how hands-on platforms are redefining how defenders and ethical hackers are trained. From real-world fraud detection to AI-powered CTF competitions, this episode dives into the evolving relationship between humans and machines in cybersecurity.</p><p></p><p><strong class="ql-size-large">🔑 Key Themes &amp; Topics</strong></p><ul><li>AI vs Humans in cybersecurity competitions</li><li>Why <strong>AI is an accelerator, not a replacement</strong></li><li>The evolution from traditional training → hands-on gamified learning</li><li>Closing the cybersecurity skills gap</li><li>Red, Blue, and Purple team upskilling</li><li>AI governance, risk, and agentic threats</li><li>The future of cybersecurity careers and hiring</li></ul><br/><p></p><p><strong class="ql-size-large">⏱️ Chapters</strong></p><ul><li><strong>00:00</strong> – Introduction &amp; RSA Conference insights</li><li><strong>02:00</strong> – GMar’s journey: Data → Fraud → Cybersecurity</li><li><strong>06:30</strong> – Who and What is Hack The Box?</li><li><strong>10:30</strong> – AI vs Humans: CTF research findings</li><li><strong>13:00</strong> – AI as a productivity multiplier</li><li><strong>15:30</strong> – Real-world example: AI winning competitions</li><li><strong>16:00</strong> – RSAC trends: AI everywhere</li><li><strong>17:00</strong> – AI governance &amp; emerging risks</li><li><strong>18:00</strong> – AI for security vs security for AI</li><li><strong>19:00</strong> – Staying relevant in cybersecurity</li></ul><br/><p></p><p><strong class="ql-size-large">🚀 Hack The Box Explained</strong></p><p>Hack The Box is a cybersecurity upskilling platform offering:</p><ul><li>🎓 <strong>Academy</strong> – Structured learning paths</li><li>🧩 <strong>Challenges &amp; Labs</strong> – Hands-on environments</li><li>🏁 <strong>CTFs (Capture The Flag)</strong> – Competitive exercises</li><li>🏢 <strong>Pro Labs</strong> – Enterprise-scale simulations</li><li>🔎 <strong>Talent Search</strong> – Connecting skilled professionals with employers</li></ul><br/><p>It supports:</p><ul><li>Red Teams (Offense)</li><li>Blue Teams (Defense)</li><li>Purple Teams (Collaboration)</li></ul><br/><p></p><p><strong class="ql-size-large">Resources:</strong></p><p>https://www.hackthebox.com/</p><p>https://www.linkedin.com/in/gmarketos/</p><p>https://www.hackthebox.com/ai-augmented-cyber-workforce-report</p><p>Takeaways:</p><ul><li>In our latest episode, we explored the symbiotic relationship between artificial intelligence and cybersecurity, highlighting their mutual dependence.</li><li>The insights gathered from the RCC conference emphasize the necessity of integrating AI to enhance cybersecurity measures effectively.</li><li>We discussed the evolution of Hack the Box, illustrating its transition from a challenge-based platform to a comprehensive cybersecurity training ecosystem.</li><li>The significance of continuous learning in cybersecurity was underscored, particularly in light of rapidly advancing AI technologies and their implications.</li><li>We examined the results of our recent CTF events, showcasing how AI agents can enhance human capabilities in cybersecurity tasks and competitions.</li><li>Lastly, we asserted the importance of maintaining foundational skills in cybersecurity, even as AI tools become increasingly prevalent in the industry.</li></ul><br/><p>Links referenced in this episode:</p><ul><li><a href="https://hackthebox.com" rel="noopener noreferrer" target="_blank">hackthebox.com</a></li></ul><br/><p>Companies mentioned in this episode:</p><ul><li>Segura</li><li>Hack the Box</li></ul><br/>]]></description><content:encoded><![CDATA[<p>The eminent discourse of this podcast episode delves into the pivotal role of artificial intelligence in the contemporary cybersecurity landscape, underscoring the symbiotic relationship between AI and human expertise. I, Joseph Carson, engage in a compelling conversation with Gerasmus, a distinguished figure from Hack the Box, as we explore the transformative impact of AI on both offensive and defensive cybersecurity strategies. Our dialogue illuminates the necessity for practitioners to adapt and evolve their skill sets in tandem with rapid technological advancements, highlighting the significance of platforms such as Hack the Box in fostering a culture of continuous learning and practical application. We further examine the implications of AI governance and the emergence of agentic AI as a potential risk factor, urging a meticulous approach to data management and security protocols. Ultimately, this episode serves as a clarion call for cybersecurity professionals to embrace innovation while preserving the essential human element in safeguarding digital infrastructures.</p><p>In this special edition recorded live at RSA Conference, Joseph Carson is joined by Gerasimos Marketos (gmar), Chief Product Officer at Hack The Box.</p><p>They explore how AI is reshaping cybersecurity skills, why traditional education is struggling to keep up, and how hands-on platforms are redefining how defenders and ethical hackers are trained. From real-world fraud detection to AI-powered CTF competitions, this episode dives into the evolving relationship between humans and machines in cybersecurity.</p><p></p><p><strong class="ql-size-large">🔑 Key Themes &amp; Topics</strong></p><ul><li>AI vs Humans in cybersecurity competitions</li><li>Why <strong>AI is an accelerator, not a replacement</strong></li><li>The evolution from traditional training → hands-on gamified learning</li><li>Closing the cybersecurity skills gap</li><li>Red, Blue, and Purple team upskilling</li><li>AI governance, risk, and agentic threats</li><li>The future of cybersecurity careers and hiring</li></ul><br/><p></p><p><strong class="ql-size-large">⏱️ Chapters</strong></p><ul><li><strong>00:00</strong> – Introduction &amp; RSA Conference insights</li><li><strong>02:00</strong> – GMar’s journey: Data → Fraud → Cybersecurity</li><li><strong>06:30</strong> – Who and What is Hack The Box?</li><li><strong>10:30</strong> – AI vs Humans: CTF research findings</li><li><strong>13:00</strong> – AI as a productivity multiplier</li><li><strong>15:30</strong> – Real-world example: AI winning competitions</li><li><strong>16:00</strong> – RSAC trends: AI everywhere</li><li><strong>17:00</strong> – AI governance &amp; emerging risks</li><li><strong>18:00</strong> – AI for security vs security for AI</li><li><strong>19:00</strong> – Staying relevant in cybersecurity</li></ul><br/><p></p><p><strong class="ql-size-large">🚀 Hack The Box Explained</strong></p><p>Hack The Box is a cybersecurity upskilling platform offering:</p><ul><li>🎓 <strong>Academy</strong> – Structured learning paths</li><li>🧩 <strong>Challenges &amp; Labs</strong> – Hands-on environments</li><li>🏁 <strong>CTFs (Capture The Flag)</strong> – Competitive exercises</li><li>🏢 <strong>Pro Labs</strong> – Enterprise-scale simulations</li><li>🔎 <strong>Talent Search</strong> – Connecting skilled professionals with employers</li></ul><br/><p>It supports:</p><ul><li>Red Teams (Offense)</li><li>Blue Teams (Defense)</li><li>Purple Teams (Collaboration)</li></ul><br/><p></p><p><strong class="ql-size-large">Resources:</strong></p><p>https://www.hackthebox.com/</p><p>https://www.linkedin.com/in/gmarketos/</p><p>https://www.hackthebox.com/ai-augmented-cyber-workforce-report</p><p>Takeaways:</p><ul><li>In our latest episode, we explored the symbiotic relationship between artificial intelligence and cybersecurity, highlighting their mutual dependence.</li><li>The insights gathered from the RCC conference emphasize the necessity of integrating AI to enhance cybersecurity measures effectively.</li><li>We discussed the evolution of Hack the Box, illustrating its transition from a challenge-based platform to a comprehensive cybersecurity training ecosystem.</li><li>The significance of continuous learning in cybersecurity was underscored, particularly in light of rapidly advancing AI technologies and their implications.</li><li>We examined the results of our recent CTF events, showcasing how AI agents can enhance human capabilities in cybersecurity tasks and competitions.</li><li>Lastly, we asserted the importance of maintaining foundational skills in cybersecurity, even as AI tools become increasingly prevalent in the industry.</li></ul><br/><p>Links referenced in this episode:</p><ul><li><a href="https://hackthebox.com" rel="noopener noreferrer" target="_blank">hackthebox.com</a></li></ul><br/><p>Companies mentioned in this episode:</p><ul><li>Segura</li><li>Hack the Box</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/ai-cyber-skills-the-future-of-security-training-with-hack-the-box-with-gerasimos]]></link><guid isPermaLink="false">a152f7a6-0d85-480d-9fdc-6b93c140c7df</guid><itunes:image href="https://artwork.captivate.fm/1b845dc4-aa83-4f53-9d2b-b8c2d0aea8df/ChatGPT-Image-Jun-17-2026-11-55-04-AM.jpg"/><pubDate>Tue, 28 Apr 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/a152f7a6-0d85-480d-9fdc-6b93c140c7df.mp3" length="9432282" type="audio/mpeg"/><itunes:duration>19:39</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>29</itunes:episode><podcast:episode>29</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/483f6142-fd17-41b7-a72b-56cb1d766f5c/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/483f6142-fd17-41b7-a72b-56cb1d766f5c/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/483f6142-fd17-41b7-a72b-56cb1d766f5c/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-41da7581-c3d5-4fcb-99dc-c55a582803b4.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="AI, Cyber Skills &amp; The Future of Security Training with Hack The Box&apos;s Gerasimos"><podcast:source uri="https://youtu.be/JDiM8xWINys"/></podcast:alternateEnclosure></item><item><title>Behind the Scenes: How Cybersecurity Decisions Really Get Made | Fernando Montenegro</title><itunes:title>Behind the Scenes: How Cybersecurity Decisions Really Get Made | Fernando Montenegro</itunes:title><description><![CDATA[<p>Fernando Montenegro, a distinguished industry analyst in cybersecurity, articulates the pivotal best practices that analysts should adopt to navigate the complexities of the cybersecurity landscape effectively. Throughout our discourse, he elucidates the necessity for analysts to function as intermediaries among various stakeholders, including buyers, sellers, and investors, thus facilitating informed decision-making processes. Montenegro emphasizes the importance of clarity in communication, advocating for an open-minded approach during analyst interactions to maximize the value derived from these engagements. He further discusses the strategic implications of cybersecurity decisions, urging organizations to appreciate the multifaceted influences that shape their security postures. Ultimately, this episode serves as an invaluable resource for professionals seeking to enhance their analytical practices within the rapidly evolving cybersecurity domain.</p><p>In this episode, Fernando Montenegro shares his journey into the cybersecurity industry, insights on industry analysis, and the evolving trends shaping cybersecurity today. Discover how analysts bridge the gap between vendors, buyers, investors, and academia, and learn practical tips for engaging effectively with industry experts.</p><p></p><p><span class="ql-size-large">key Takeaways</span></p><ul><li>Role of industry analysts in cybersecurity</li><li>Emerging trends in cybersecurity including AI and attack surface expansion</li><li>Effective engagement with analysts for decision support</li><li>Strategic cybersecurity budgeting and investment</li><li>Influence of economics and incentives on security decisions</li></ul><br/><p></p><p><span class="ql-size-large">sound bites</span></p><p>"Understanding what's going on in the world"</p><p>"Good enough security can be effective"</p><p>"Workload AI versus workforce AI"</p><p></p><p><span class="ql-size-large">Chapters</span></p><p>00:00 Introduction to Security by Default Podcast</p><p>00:53 Fernando Montenegro's Origin Story</p><p>05:16 The Role of an Industry Analyst</p><p>08:55 Maximizing Value from Analyst Interactions</p><p>13:16 Understanding AI in Conversations</p><p>15:44 Choosing the Right Solutions</p><p>16:40 Decision-Making in Technology and Business</p><p>17:13 Trends in Cybersecurity and AI</p><p>18:26 Understanding Workload vs. Workforce AI</p><p>19:40 The Evolving Role of Security Professionals</p><p>21:43 The Strategic Importance of Cybersecurity</p><p>23:58 Incentives and Decision-Making in Security</p><p>25:53 The Shift Left Approach in Development</p><p>27:16 Budgeting for Cybersecurity Investments</p><p>30:47 Navigating Cybersecurity Budgets</p><p>32:26 Engaging with Analysts and Staying Informed</p><p>34:33 Curating Information in a Data-Driven World</p><p>36:55 Balancing Operational and Strategic Insights</p><p>37:51 Connecting with Analysts and Final Thoughts</p><p></p><p><span class="ql-size-large">Resources</span></p><p>LinkedIn Profile of Fernando Montenegro - https://www.linkedin.com/in/fsmontenegro/</p><p>Futurum Group - https://futurumgroup.com/</p><p>Obsidian Knowledge Management System - https://obsidian.md/</p><p>Book: Why Most Security Budgets Go to Waste by Ross Young - https://a.co/d/02BZPwdO</p><p>In this thought-provoking episode, Fernando Montenegro imparts his extensive expertise on the best practices for analysts within the cybersecurity industry. He begins by delineating the multifaceted role of an analyst, which encompasses serving as a conduit for communication between buyers, sellers, investors, and other relevant stakeholders. By elucidating the distinct motivations and concerns of each group, Fernando illustrates how analysts can effectively tailor their insights and recommendations, thereby enhancing the decision-making process for all parties involved. The dialogue further explores the significance of maintaining an open-minded approach during analyst interactions, as well as the necessity for analysts to remain well-informed about emerging trends and challenges in the cybersecurity landscape. Fernando identifies several pivotal trends, including the integration of artificial intelligence, the expansion of the attack surface, and the transition towards a more resilient approach to data protection. Each of these trends reflects the evolving priorities of organizations as they seek to mitigate risks and enhance their security postures. Through this episode, listeners are not only provided with actionable insights into the workings of an industry analyst but are also encouraged to consider the broader implications of their roles in shaping cybersecurity strategies. As Fernando articulates, the responsibility of analysts extends beyond mere data analysis; they must also facilitate meaningful dialogue among stakeholders to drive informed decisions that bolster organizational security in an increasingly complex digital landscape.</p>]]></description><content:encoded><![CDATA[<p>Fernando Montenegro, a distinguished industry analyst in cybersecurity, articulates the pivotal best practices that analysts should adopt to navigate the complexities of the cybersecurity landscape effectively. Throughout our discourse, he elucidates the necessity for analysts to function as intermediaries among various stakeholders, including buyers, sellers, and investors, thus facilitating informed decision-making processes. Montenegro emphasizes the importance of clarity in communication, advocating for an open-minded approach during analyst interactions to maximize the value derived from these engagements. He further discusses the strategic implications of cybersecurity decisions, urging organizations to appreciate the multifaceted influences that shape their security postures. Ultimately, this episode serves as an invaluable resource for professionals seeking to enhance their analytical practices within the rapidly evolving cybersecurity domain.</p><p>In this episode, Fernando Montenegro shares his journey into the cybersecurity industry, insights on industry analysis, and the evolving trends shaping cybersecurity today. Discover how analysts bridge the gap between vendors, buyers, investors, and academia, and learn practical tips for engaging effectively with industry experts.</p><p></p><p><span class="ql-size-large">key Takeaways</span></p><ul><li>Role of industry analysts in cybersecurity</li><li>Emerging trends in cybersecurity including AI and attack surface expansion</li><li>Effective engagement with analysts for decision support</li><li>Strategic cybersecurity budgeting and investment</li><li>Influence of economics and incentives on security decisions</li></ul><br/><p></p><p><span class="ql-size-large">sound bites</span></p><p>"Understanding what's going on in the world"</p><p>"Good enough security can be effective"</p><p>"Workload AI versus workforce AI"</p><p></p><p><span class="ql-size-large">Chapters</span></p><p>00:00 Introduction to Security by Default Podcast</p><p>00:53 Fernando Montenegro's Origin Story</p><p>05:16 The Role of an Industry Analyst</p><p>08:55 Maximizing Value from Analyst Interactions</p><p>13:16 Understanding AI in Conversations</p><p>15:44 Choosing the Right Solutions</p><p>16:40 Decision-Making in Technology and Business</p><p>17:13 Trends in Cybersecurity and AI</p><p>18:26 Understanding Workload vs. Workforce AI</p><p>19:40 The Evolving Role of Security Professionals</p><p>21:43 The Strategic Importance of Cybersecurity</p><p>23:58 Incentives and Decision-Making in Security</p><p>25:53 The Shift Left Approach in Development</p><p>27:16 Budgeting for Cybersecurity Investments</p><p>30:47 Navigating Cybersecurity Budgets</p><p>32:26 Engaging with Analysts and Staying Informed</p><p>34:33 Curating Information in a Data-Driven World</p><p>36:55 Balancing Operational and Strategic Insights</p><p>37:51 Connecting with Analysts and Final Thoughts</p><p></p><p><span class="ql-size-large">Resources</span></p><p>LinkedIn Profile of Fernando Montenegro - https://www.linkedin.com/in/fsmontenegro/</p><p>Futurum Group - https://futurumgroup.com/</p><p>Obsidian Knowledge Management System - https://obsidian.md/</p><p>Book: Why Most Security Budgets Go to Waste by Ross Young - https://a.co/d/02BZPwdO</p><p>In this thought-provoking episode, Fernando Montenegro imparts his extensive expertise on the best practices for analysts within the cybersecurity industry. He begins by delineating the multifaceted role of an analyst, which encompasses serving as a conduit for communication between buyers, sellers, investors, and other relevant stakeholders. By elucidating the distinct motivations and concerns of each group, Fernando illustrates how analysts can effectively tailor their insights and recommendations, thereby enhancing the decision-making process for all parties involved. The dialogue further explores the significance of maintaining an open-minded approach during analyst interactions, as well as the necessity for analysts to remain well-informed about emerging trends and challenges in the cybersecurity landscape. Fernando identifies several pivotal trends, including the integration of artificial intelligence, the expansion of the attack surface, and the transition towards a more resilient approach to data protection. Each of these trends reflects the evolving priorities of organizations as they seek to mitigate risks and enhance their security postures. Through this episode, listeners are not only provided with actionable insights into the workings of an industry analyst but are also encouraged to consider the broader implications of their roles in shaping cybersecurity strategies. As Fernando articulates, the responsibility of analysts extends beyond mere data analysis; they must also facilitate meaningful dialogue among stakeholders to drive informed decisions that bolster organizational security in an increasingly complex digital landscape.</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/the-analysts-role-in-cybersecurity-bridging-gaps-and-shaping-trends-with-fernando]]></link><guid isPermaLink="false">f4fd5a97-d634-4a48-a00d-7af845b1872a</guid><itunes:image href="https://artwork.captivate.fm/4c068978-e1fa-4660-921c-69d6c68ec675/generated-image.jpg"/><pubDate>Tue, 14 Apr 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/f4fd5a97-d634-4a48-a00d-7af845b1872a.mp3" length="19590989" type="audio/mpeg"/><itunes:duration>40:49</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>28</itunes:episode><podcast:episode>28</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/753cb612-ffcf-4dcc-b01a-bcb9749beb99/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/753cb612-ffcf-4dcc-b01a-bcb9749beb99/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/753cb612-ffcf-4dcc-b01a-bcb9749beb99/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-d56be4ae-3f54-40ab-8fdd-18fd0fe7fdc8.json" type="application/json+chapters"/></item><item><title>Can We Make Cybersecurity Fun Again? Turning Fear Into Action | Gary Berman</title><itunes:title>Can We Make Cybersecurity Fun Again? Turning Fear Into Action | Gary Berman</itunes:title><description><![CDATA[<p>This podcast episode delves into the imperative of transforming the often daunting landscape of cybersecurity into a realm of engagement and enjoyment. I, Joe Carson, alongside my esteemed guest Gary, explore how the prevailing culture of fear, uncertainty, and doubt (FUD) can be supplanted by a more vibrant and playful approach. We discuss the significance of fostering a sense of community and support within the cybersecurity field, emphasizing the need to celebrate successes and share positive narratives that can inspire both professionals and newcomers alike. The conversation further highlights innovative methods such as gamification and the incorporation of storytelling to make cybersecurity training more accessible and enjoyable. Ultimately, we aim to ignite a movement that not only safeguards our digital environments but also rekindles the joy and creativity that can be found within this vital industry.</p><p>Join cybersecurity expert Joseph Carson and guest Gary as they explore innovative ways to make cybersecurity engaging, fun, and accessible. Discover how humor, storytelling, and community involvement can transform the industry and attract new talent.</p><p></p><p><strong class="ql-size-large">Chapters</strong></p><p>00:00 Welcome to the Cybersecurity Chaos</p><p>02:32 From Fear to Fun in Cybersecurity</p><p>05:27 The Journey of a Cyber Advocate</p><p>08:09 The Importance of Community and Collaboration</p><p>10:45 Bringing Laughter Back to Cybersecurity</p><p>13:13 Rebranding Cybersecurity for New Talent</p><p>16:00 The Power of Words in Cybersecurity</p><p>18:43 Innovative Approaches to Cyber Awareness</p><p>21:29 Lessons from Kids: Simplifying Cybersecurity</p><p>24:39 The Inner Child and Cognitive Dissonance</p><p>26:40 Gamification and Learning Innovations</p><p>28:19 Storytelling in Cybersecurity</p><p>29:15 Cybersecurity Starts at Home</p><p>30:36 Community Engagement and Employee Connection</p><p>32:14 The Importance of Acknowledgment</p><p>34:13 Finding Joy in Everyday Life</p><p>35:11 Humor as a Coping Mechanism</p><p>40:04 The Power of Positive Thinking</p><p>45:02 Mission Accomplished: Fun and Safety</p><p></p><p><strong class="ql-size-large">Resources</strong></p><p>Cyber Heroes Comics - https://cyberheroescomics.com/</p><p>Gary's LinkedIn Profile - https://www.linkedin.com/in/gary-berman/</p><p>The discourse presented in this episode unveils the intricate relationship between cybersecurity and the often overwhelming sense of fear, uncertainty, and doubt (FUD) that pervades the industry. I, Joe Carson, alongside our distinguished guest Gary, delve into the necessity of transforming the cybersecurity narrative from one steeped in anxiety to a more palatable and enjoyable experience. Gary, who identifies himself as the 'Forrest Gump of cybersecurity,' shares his unique journey into this field, characterized by serendipitous encounters with influential figures and organizations. His advocacy for making cybersecurity engaging is pivotal; he emphasizes the importance of humor and creativity in addressing serious issues that often deter potential talent from entering the field. This conversation highlights the vital need to celebrate successes and communicate effectively, ensuring that cybersecurity is perceived not merely as a defensive measure but as an exciting and essential component of modern society. As our discussion unfolds, we explore the concept of gamification in cybersecurity training, an innovative approach aimed at enhancing engagement and retention of critical security practices. We reflect on the common tendency to focus predominantly on the negative aspects of cybersecurity incidents, neglecting the positive outcomes and triumphs that deserve recognition. By employing storytelling techniques and leveraging humor, we can reshape the perception of cybersecurity, making it accessible and relatable to a broader audience. The episode culminates in a call to action for industry professionals to foster a culture of positivity and collaboration, thereby transforming the cybersecurity landscape into one that is not only secure but also inviting and enjoyable for all. In conclusion, this episode serves as a clarion call for change within the cybersecurity domain. We advocate for the rebranding of cybersecurity from an intimidating realm to one that is engaging, fun, and inclusive. By embracing creativity and humor, we can attract new talent and invigorate the existing workforce, ensuring a robust defense against the ever-evolving landscape of cyber threats. Join us as we embark on this journey of transformation, aiming to illuminate the path ahead in the fascinating world of cybersecurity, where safety and enjoyment can coexist harmoniously.</p><p>Takeaways:</p><ul><li>The podcast emphasizes the necessity of transforming the often fear-driven narrative surrounding cybersecurity into something more engaging and enjoyable for audiences.</li><li>Through humor and storytelling, we can effectively communicate complex cybersecurity concepts, making them accessible to a broader audience, including children and families.</li><li>The discussion highlights the importance of celebrating successes within cybersecurity, as these achievements often go unrecognized, leading to a narrative dominated by fear and negativity.</li><li>The idea of rebranding cybersecurity as a fun and engaging field is critical for attracting new talent, especially in an era where other industries appear more appealing and entertaining.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>This podcast episode delves into the imperative of transforming the often daunting landscape of cybersecurity into a realm of engagement and enjoyment. I, Joe Carson, alongside my esteemed guest Gary, explore how the prevailing culture of fear, uncertainty, and doubt (FUD) can be supplanted by a more vibrant and playful approach. We discuss the significance of fostering a sense of community and support within the cybersecurity field, emphasizing the need to celebrate successes and share positive narratives that can inspire both professionals and newcomers alike. The conversation further highlights innovative methods such as gamification and the incorporation of storytelling to make cybersecurity training more accessible and enjoyable. Ultimately, we aim to ignite a movement that not only safeguards our digital environments but also rekindles the joy and creativity that can be found within this vital industry.</p><p>Join cybersecurity expert Joseph Carson and guest Gary as they explore innovative ways to make cybersecurity engaging, fun, and accessible. Discover how humor, storytelling, and community involvement can transform the industry and attract new talent.</p><p></p><p><strong class="ql-size-large">Chapters</strong></p><p>00:00 Welcome to the Cybersecurity Chaos</p><p>02:32 From Fear to Fun in Cybersecurity</p><p>05:27 The Journey of a Cyber Advocate</p><p>08:09 The Importance of Community and Collaboration</p><p>10:45 Bringing Laughter Back to Cybersecurity</p><p>13:13 Rebranding Cybersecurity for New Talent</p><p>16:00 The Power of Words in Cybersecurity</p><p>18:43 Innovative Approaches to Cyber Awareness</p><p>21:29 Lessons from Kids: Simplifying Cybersecurity</p><p>24:39 The Inner Child and Cognitive Dissonance</p><p>26:40 Gamification and Learning Innovations</p><p>28:19 Storytelling in Cybersecurity</p><p>29:15 Cybersecurity Starts at Home</p><p>30:36 Community Engagement and Employee Connection</p><p>32:14 The Importance of Acknowledgment</p><p>34:13 Finding Joy in Everyday Life</p><p>35:11 Humor as a Coping Mechanism</p><p>40:04 The Power of Positive Thinking</p><p>45:02 Mission Accomplished: Fun and Safety</p><p></p><p><strong class="ql-size-large">Resources</strong></p><p>Cyber Heroes Comics - https://cyberheroescomics.com/</p><p>Gary's LinkedIn Profile - https://www.linkedin.com/in/gary-berman/</p><p>The discourse presented in this episode unveils the intricate relationship between cybersecurity and the often overwhelming sense of fear, uncertainty, and doubt (FUD) that pervades the industry. I, Joe Carson, alongside our distinguished guest Gary, delve into the necessity of transforming the cybersecurity narrative from one steeped in anxiety to a more palatable and enjoyable experience. Gary, who identifies himself as the 'Forrest Gump of cybersecurity,' shares his unique journey into this field, characterized by serendipitous encounters with influential figures and organizations. His advocacy for making cybersecurity engaging is pivotal; he emphasizes the importance of humor and creativity in addressing serious issues that often deter potential talent from entering the field. This conversation highlights the vital need to celebrate successes and communicate effectively, ensuring that cybersecurity is perceived not merely as a defensive measure but as an exciting and essential component of modern society. As our discussion unfolds, we explore the concept of gamification in cybersecurity training, an innovative approach aimed at enhancing engagement and retention of critical security practices. We reflect on the common tendency to focus predominantly on the negative aspects of cybersecurity incidents, neglecting the positive outcomes and triumphs that deserve recognition. By employing storytelling techniques and leveraging humor, we can reshape the perception of cybersecurity, making it accessible and relatable to a broader audience. The episode culminates in a call to action for industry professionals to foster a culture of positivity and collaboration, thereby transforming the cybersecurity landscape into one that is not only secure but also inviting and enjoyable for all. In conclusion, this episode serves as a clarion call for change within the cybersecurity domain. We advocate for the rebranding of cybersecurity from an intimidating realm to one that is engaging, fun, and inclusive. By embracing creativity and humor, we can attract new talent and invigorate the existing workforce, ensuring a robust defense against the ever-evolving landscape of cyber threats. Join us as we embark on this journey of transformation, aiming to illuminate the path ahead in the fascinating world of cybersecurity, where safety and enjoyment can coexist harmoniously.</p><p>Takeaways:</p><ul><li>The podcast emphasizes the necessity of transforming the often fear-driven narrative surrounding cybersecurity into something more engaging and enjoyable for audiences.</li><li>Through humor and storytelling, we can effectively communicate complex cybersecurity concepts, making them accessible to a broader audience, including children and families.</li><li>The discussion highlights the importance of celebrating successes within cybersecurity, as these achievements often go unrecognized, leading to a narrative dominated by fear and negativity.</li><li>The idea of rebranding cybersecurity as a fun and engaging field is critical for attracting new talent, especially in an era where other industries appear more appealing and entertaining.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/the-cyber-hero-adventure-making-security-engaging-and-fun-with-gary-berman]]></link><guid isPermaLink="false">eae97fc9-0e23-4790-b787-e2327c78a2e5</guid><itunes:image href="https://artwork.captivate.fm/7fb952b6-1df2-4d1a-87a4-f044fe4fea46/generated-image-35.jpg"/><pubDate>Tue, 31 Mar 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/eae97fc9-0e23-4790-b787-e2327c78a2e5.mp3" length="22524644" type="audio/mpeg"/><itunes:duration>46:56</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>27</itunes:episode><podcast:episode>27</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/56830bca-71a3-4f05-b0c4-e5a97d151268/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/56830bca-71a3-4f05-b0c4-e5a97d151268/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/56830bca-71a3-4f05-b0c4-e5a97d151268/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-7ebb7c71-d4be-47f5-a364-02459d364382.json" type="application/json+chapters"/></item><item><title>Inside Modern Cyber Warfare: The Invisible Battles Happening Every Day | Chris Kubecka</title><itunes:title>Inside Modern Cyber Warfare: The Invisible Battles Happening Every Day | Chris Kubecka</itunes:title><description><![CDATA[<p>This podcast episode delves into the intricate interplay between global politics, cybersecurity, and the evolving nature of threats faced by critical infrastructure. Our esteemed guest, Chris, shares his compelling journey from early experiences with technology to significant roles in safeguarding vital systems against sophisticated cyber threats. Notably, the discussion illuminates the transformation of cyber warfare, highlighting the emergence of physical attacks that disrupt both digital and physical infrastructures. We also examine collaborative efforts among nations to fortify defenses against such challenges, emphasizing the necessity of cooperation in the face of rising geopolitical tensions. As we navigate this complex digital landscape, it becomes increasingly apparent that a unified approach is paramount to ensuring our collective security and resilience in an interconnected world.</p><p>Join Joseph Carson in this insightful episode as he interviews cybersecurity expert Chris Kubecka. They discuss critical infrastructure security, cyber warfare, geopolitical risks, and the evolving landscape of digital threats, providing valuable lessons for cybersecurity professionals and policymakers.</p><p><strong class="ql-size-large">Key Topics</strong></p><p>Cybersecurity in critical infrastructure</p><p>Geopolitical cyber threats and hybrid warfare</p><p>Evolving landscape of digital threats and resilience</p><p></p><p><strong class="ql-size-large"> Sound bites</strong></p><p>"GPS jamming has been a massive challenge."</p><p>"Digital Empires: China, Europe, and the US."</p><p>"Radio communications are a vital fallback."</p><p></p><p><strong class="ql-size-large">Chapters</strong></p><ul><li>00:00 Introduction and Background of Chris Kubecka</li><li>01:37 Cybersecurity Challenges in Critical Infrastructure</li><li>03:37 Evolving Nature of Cyber Threats</li><li>05:45 The Role of Drones in Modern Warfare</li><li>07:25 Hybrid Warfare and Global Diplomacy</li><li>10:10 The Shift in Global Cybersecurity Dynamics</li><li>12:18 The Importance of International Cooperation</li><li>14:33 Privacy and Ethics in Cybersecurity</li><li>16:50 Historical Context and Regional Cooperation</li><li>18:55 Cyber Attacks on Civilian Infrastructure</li><li>22:04 Personal Experiences in Estonia</li><li>24:10 Geopolitical Tensions and Cybersecurity</li><li>25:52 Challenges in Maritime Connectivity</li><li>28:16 Critical Infrastructure Vulnerabilities</li><li>30:22 The Role of Radio in Authoritarian Regimes</li><li>33:43 International Maritime Law and Cybersecurity</li><li>37:46 Recent Projects and Activism in Cybersecurity</li><li>39:51 Staying Informed in a Rapidly Changing Landscape</li></ul><br/><p></p><p><strong class="ql-size-large">Resources</strong></p><p>Chris Kubecka's LinkedIn - https://www.linkedin.com/in/chriskubecka/</p><p>Field Tested: How to Hack a Modern Dictatorship with AI - https://www.amazon.com/dp/B0C7F4XYZ</p>]]></description><content:encoded><![CDATA[<p>This podcast episode delves into the intricate interplay between global politics, cybersecurity, and the evolving nature of threats faced by critical infrastructure. Our esteemed guest, Chris, shares his compelling journey from early experiences with technology to significant roles in safeguarding vital systems against sophisticated cyber threats. Notably, the discussion illuminates the transformation of cyber warfare, highlighting the emergence of physical attacks that disrupt both digital and physical infrastructures. We also examine collaborative efforts among nations to fortify defenses against such challenges, emphasizing the necessity of cooperation in the face of rising geopolitical tensions. As we navigate this complex digital landscape, it becomes increasingly apparent that a unified approach is paramount to ensuring our collective security and resilience in an interconnected world.</p><p>Join Joseph Carson in this insightful episode as he interviews cybersecurity expert Chris Kubecka. They discuss critical infrastructure security, cyber warfare, geopolitical risks, and the evolving landscape of digital threats, providing valuable lessons for cybersecurity professionals and policymakers.</p><p><strong class="ql-size-large">Key Topics</strong></p><p>Cybersecurity in critical infrastructure</p><p>Geopolitical cyber threats and hybrid warfare</p><p>Evolving landscape of digital threats and resilience</p><p></p><p><strong class="ql-size-large"> Sound bites</strong></p><p>"GPS jamming has been a massive challenge."</p><p>"Digital Empires: China, Europe, and the US."</p><p>"Radio communications are a vital fallback."</p><p></p><p><strong class="ql-size-large">Chapters</strong></p><ul><li>00:00 Introduction and Background of Chris Kubecka</li><li>01:37 Cybersecurity Challenges in Critical Infrastructure</li><li>03:37 Evolving Nature of Cyber Threats</li><li>05:45 The Role of Drones in Modern Warfare</li><li>07:25 Hybrid Warfare and Global Diplomacy</li><li>10:10 The Shift in Global Cybersecurity Dynamics</li><li>12:18 The Importance of International Cooperation</li><li>14:33 Privacy and Ethics in Cybersecurity</li><li>16:50 Historical Context and Regional Cooperation</li><li>18:55 Cyber Attacks on Civilian Infrastructure</li><li>22:04 Personal Experiences in Estonia</li><li>24:10 Geopolitical Tensions and Cybersecurity</li><li>25:52 Challenges in Maritime Connectivity</li><li>28:16 Critical Infrastructure Vulnerabilities</li><li>30:22 The Role of Radio in Authoritarian Regimes</li><li>33:43 International Maritime Law and Cybersecurity</li><li>37:46 Recent Projects and Activism in Cybersecurity</li><li>39:51 Staying Informed in a Rapidly Changing Landscape</li></ul><br/><p></p><p><strong class="ql-size-large">Resources</strong></p><p>Chris Kubecka's LinkedIn - https://www.linkedin.com/in/chriskubecka/</p><p>Field Tested: How to Hack a Modern Dictatorship with AI - https://www.amazon.com/dp/B0C7F4XYZ</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/inside-the-digital-battlefield-cybersecurity-in-geopolitical-conflicts-with-chris-kubecka]]></link><guid isPermaLink="false">3a96c93e-32f9-4450-93ca-6ec9c9659c76</guid><itunes:image href="https://artwork.captivate.fm/4766b134-812c-42c9-a491-cc2eb6c5a219/ChatGPT-Image-Jun-17-2026-12-41-17-PM.jpg"/><pubDate>Tue, 17 Mar 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/3a96c93e-32f9-4450-93ca-6ec9c9659c76.mp3" length="21660723" type="audio/mpeg"/><itunes:duration>45:08</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>26</itunes:episode><podcast:episode>26</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/ac0b53a3-97f5-44aa-8ead-e477eb0c82ad/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/ac0b53a3-97f5-44aa-8ead-e477eb0c82ad/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/ac0b53a3-97f5-44aa-8ead-e477eb0c82ad/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-1ac1a296-3e37-4c75-baae-37ff555df00e.json" type="application/json+chapters"/></item><item><title>How Anyone Can Become a Hacker: Learning Cybersecurity the Right Way | Ian Austin</title><itunes:title>How Anyone Can Become a Hacker: Learning Cybersecurity the Right Way | Ian Austin</itunes:title><description><![CDATA[<p>This podcast episode delves into the evolving landscape of cybersecurity, particularly focusing on the intersection of cloud security and artificial intelligence. Ian Austin, co-founder of Pwned Labs, shares his extensive journey through the cybersecurity domain, highlighting the gradual transition from traditional IT roles to specialized security positions. A salient point discussed is the significance of fostering a community-oriented approach to learning, which enhances knowledge acquisition and practical skills in an increasingly complex environment. Ian emphasizes that current training methodologies must incorporate gamification and hands-on experiences to engage learners effectively, ensuring that knowledge is not only theoretical but also applicable. As we navigate these insights, listeners will uncover valuable strategies for enhancing their own cybersecurity practices and understanding the critical importance of cloud security in today's digital landscape.</p><p>In this episode of the Security by Default podcast, host Joe Carson speaks with Ian Austin, co-founder of Pwned Labs, about his journey in cybersecurity, the evolution of learning in the field, and the challenges of Cloud and AI security. Ian shares insights on transitioning into cybersecurity roles, the importance of community engagement, and the need for continuous learning in an ever-evolving industry. They discuss the significance of gamification in training and the current trends in cloud security, emphasizing the importance of hands-on experience and collaboration.</p><p><span class="ql-size-large"> Key Takeaways</span></p><ul><li>Ian Austin is a co-founder of Pwned Labs, specializing in cloud and AI security training.</li><li>His journey in cybersecurity began with help desk roles and evolved into penetration testing.</li><li>Creating content is a great way to learn and contribute to the community.</li><li>Cloud security presents unique challenges that require ongoing education and adaptation.</li><li>Gamification in training enhances engagement but should not overshadow practical learning.</li><li>Community involvement is crucial for personal and professional growth in cybersecurity.</li><li>Transitioning into security roles can be done from various backgrounds, including sysadmin and help desk.</li><li>Continuous learning is essential in the fast-paced cybersecurity landscape.</li><li>Mentorship can significantly impact career development and confidence.</li><li>Cloud security is a growing field with increasing demand for skilled professionals.</li></ul><br/><p></p><p><span class="ql-size-large">Chapters</span></p><p>00:00 Introduction to the Podcast and Guest</p><p>00:40 Ian Austin's Journey in Cybersecurity</p><p>06:40 Transitioning into Security Roles</p><p>10:54 Evolution of Learning in Cybersecurity</p><p>16:19 The Importance of Community in Learning</p><p>22:58 Challenges in Cloud Security</p><p>28:46 Staying Updated in the Cybersecurity Field</p><p></p><p><span class="ql-size-large">Resources:</span></p><p>https://pwnedlabs.io/</p><p>https://www.linkedin.com/in/ian-austin/</p>]]></description><content:encoded><![CDATA[<p>This podcast episode delves into the evolving landscape of cybersecurity, particularly focusing on the intersection of cloud security and artificial intelligence. Ian Austin, co-founder of Pwned Labs, shares his extensive journey through the cybersecurity domain, highlighting the gradual transition from traditional IT roles to specialized security positions. A salient point discussed is the significance of fostering a community-oriented approach to learning, which enhances knowledge acquisition and practical skills in an increasingly complex environment. Ian emphasizes that current training methodologies must incorporate gamification and hands-on experiences to engage learners effectively, ensuring that knowledge is not only theoretical but also applicable. As we navigate these insights, listeners will uncover valuable strategies for enhancing their own cybersecurity practices and understanding the critical importance of cloud security in today's digital landscape.</p><p>In this episode of the Security by Default podcast, host Joe Carson speaks with Ian Austin, co-founder of Pwned Labs, about his journey in cybersecurity, the evolution of learning in the field, and the challenges of Cloud and AI security. Ian shares insights on transitioning into cybersecurity roles, the importance of community engagement, and the need for continuous learning in an ever-evolving industry. They discuss the significance of gamification in training and the current trends in cloud security, emphasizing the importance of hands-on experience and collaboration.</p><p><span class="ql-size-large"> Key Takeaways</span></p><ul><li>Ian Austin is a co-founder of Pwned Labs, specializing in cloud and AI security training.</li><li>His journey in cybersecurity began with help desk roles and evolved into penetration testing.</li><li>Creating content is a great way to learn and contribute to the community.</li><li>Cloud security presents unique challenges that require ongoing education and adaptation.</li><li>Gamification in training enhances engagement but should not overshadow practical learning.</li><li>Community involvement is crucial for personal and professional growth in cybersecurity.</li><li>Transitioning into security roles can be done from various backgrounds, including sysadmin and help desk.</li><li>Continuous learning is essential in the fast-paced cybersecurity landscape.</li><li>Mentorship can significantly impact career development and confidence.</li><li>Cloud security is a growing field with increasing demand for skilled professionals.</li></ul><br/><p></p><p><span class="ql-size-large">Chapters</span></p><p>00:00 Introduction to the Podcast and Guest</p><p>00:40 Ian Austin's Journey in Cybersecurity</p><p>06:40 Transitioning into Security Roles</p><p>10:54 Evolution of Learning in Cybersecurity</p><p>16:19 The Importance of Community in Learning</p><p>22:58 Challenges in Cloud Security</p><p>28:46 Staying Updated in the Cybersecurity Field</p><p></p><p><span class="ql-size-large">Resources:</span></p><p>https://pwnedlabs.io/</p><p>https://www.linkedin.com/in/ian-austin/</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/how-gamification-and-community-help-beginners-break-into-cloud-and-ai-security]]></link><guid isPermaLink="false">7a4871b9-b33f-4e9d-9be2-788eadef04f8</guid><itunes:image href="https://artwork.captivate.fm/fac6cbb3-859a-4993-a719-662419c8e518/generated-image.jpg"/><pubDate>Tue, 03 Mar 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/7a4871b9-b33f-4e9d-9be2-788eadef04f8.mp3" length="16060697" type="audio/mpeg"/><itunes:duration>33:28</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>25</itunes:episode><podcast:episode>25</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/9a8ccf23-1446-445a-9ac7-eebfb7711d76/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/9a8ccf23-1446-445a-9ac7-eebfb7711d76/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/9a8ccf23-1446-445a-9ac7-eebfb7711d76/index.html" type="text/html"/></item><item><title>Inside Password Cracking: How Hackers Really Break Your Secrets | Evil Mog</title><itunes:title>Inside Password Cracking: How Hackers Really Break Your Secrets | Evil Mog</itunes:title><description><![CDATA[<p>This podcast episode delves into the intricate realm of password security and the evolving landscape of authentication methods, with particular emphasis on the implications of artificial intelligence within this domain. I am joined by the esteemed Evil Mog, an executive managing hacker at IBM, who shares his extensive expertise and insights derived from years of involvement in the password cracking community. Throughout our discussion, we explore the significance of enhancing cybersecurity measures while simultaneously acknowledging the pervasive challenges that continue to manifest, such as the recent incidents of compromised systems. We also reflect on the necessity of fostering a culture of collaboration and knowledge sharing within the cybersecurity community to fortify defenses against increasingly sophisticated threats. Ultimately, this episode serves as a poignant reminder of the delicate balance between security and usability in our ongoing pursuit of safeguarding digital assets.</p><p>In this episode of the Security by Default podcast, host Joe Carson welcomes Evil Mog, an expert in password cracking and cybersecurity. They discuss the importance of Hacker Jeopardy in making cybersecurity fun, the ongoing challenges with passwords, and the evolving role of AI in password cracking. The conversation also touches on incident response, the significance of documentation, and the future trends in cybersecurity, including the shift towards passwordless authentication and the impact of AI on both attackers and defenders.</p><p><strong class="ql-size-large">Takeaways</strong></p><ul><li>Hacker Jeopardy is a fun way to engage with cybersecurity.</li><li>Teaching others helps reinforce your own knowledge.</li><li>Passwords will remain a necessary evil in security.</li><li>AI is enhancing password cracking methodologies.</li><li>Documentation is crucial in incident response.</li><li>The cost of hacking is increasing due to advanced techniques.</li><li>Collaboration between red and blue teams is essential.</li><li>Insider threats are on the rise in cybersecurity.</li><li>Password management is fundamentally an asset management issue.</li><li>Future trends indicate a shift towards passwordless authentication.</li></ul><br/><p></p><p><strong class="ql-size-large"> Sound bites</strong></p><p>"Teaching helps you learn better."</p><p>"Security is about enabling the business."</p><p>"The cost of hacking is rising."</p><p></p><p><strong class="ql-size-large">Chapters</strong></p><ul><li>00:00 Introduction to Evil Mog and Hacker Jeopardy</li><li>02:37 The Importance of Community and Teaching in Cybersecurity</li><li>05:22 Password Security: The Louvre Incident</li><li>07:59 The Evolution of Authentication Methods</li><li>10:35 Challenges in Asset Management and Password Management</li><li>13:15 Operational Technology (OT) Security Challenges</li><li>15:53 The Role of Documentation in Cybersecurity</li><li>18:42 AI in Cybersecurity: Automation and Password Recovery</li><li>21:52 AI in Password Cracking</li><li>24:56 Enhancing Human Capabilities with AI</li><li>27:18 The Evolution of Cybercrime</li><li>30:02 Trends and Predictions for Cybersecurity</li><li>34:41 Collaboration in Cybersecurity</li><li>37:24 The Future of Cybercrime and AI</li><li>40:59 Connecting with Evil Mog</li></ul><br/><p>In a thought-provoking dialogue, Joe Carson and Evil Mog engage in a profound examination of cybersecurity, particularly focusing on the critical role of password management in contemporary security practices. Evil Mog, a distinguished executive managing hacker at IBM and a key participant in various hacking competitions, brings invaluable insights to the discussion, blending his extensive expertise with anecdotes from the vibrant DEFCON community. The conversation underscores the often-overlooked aspect of humor in cybersecurity, showcasing how events like Hacker Jeopardy can serve as both a source of entertainment and a platform for learning and community building. The hosts delve deeply into the pressing issues surrounding password security, using real-world examples to illustrate the dire consequences of poor password practices. They analyze incidents, including the infamous Louvre heist, where a lack of foresight in password management led to significant breaches. This discussion highlights the critical need for organizations to adopt stronger authentication methods, such as passkeys and multi-factor authentication, while acknowledging the challenges that traditional passwords continue to pose in everyday scenarios. Carson and Mog emphasize the importance of balancing security with usability to prevent users from resorting to insecure workarounds. Looking ahead, the conversation shifts toward the future of cybersecurity, with the hosts expressing hope for continued advancements in password management technologies. They advocate for a proactive approach in adapting to new threats, underscoring the necessity of community collaboration and knowledge sharing among cybersecurity professionals. The episode concludes with a resounding reminder of the importance of staying informed and engaged in an ever-evolving landscape of cybersecurity risks.</p><p>Takeaways:</p><ul><li>The podcast emphasizes the importance of community engagement in cybersecurity, advocating for teaching others to enhance personal understanding and benefiting the broader community.</li><li>Evil Mogg discusses the evolution of password security, highlighting the ongoing necessity for shared secrets despite technological advancements in authentication methods.</li><li>The conversation reveals a critical perspective on the complexities of cybersecurity, particularly how simplifying security for users can lead to better compliance and protection.</li><li>Listeners are encouraged to actively participate in events like Hacker Jeopardy to foster a fun and interactive approach to cybersecurity education and awareness.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>This podcast episode delves into the intricate realm of password security and the evolving landscape of authentication methods, with particular emphasis on the implications of artificial intelligence within this domain. I am joined by the esteemed Evil Mog, an executive managing hacker at IBM, who shares his extensive expertise and insights derived from years of involvement in the password cracking community. Throughout our discussion, we explore the significance of enhancing cybersecurity measures while simultaneously acknowledging the pervasive challenges that continue to manifest, such as the recent incidents of compromised systems. We also reflect on the necessity of fostering a culture of collaboration and knowledge sharing within the cybersecurity community to fortify defenses against increasingly sophisticated threats. Ultimately, this episode serves as a poignant reminder of the delicate balance between security and usability in our ongoing pursuit of safeguarding digital assets.</p><p>In this episode of the Security by Default podcast, host Joe Carson welcomes Evil Mog, an expert in password cracking and cybersecurity. They discuss the importance of Hacker Jeopardy in making cybersecurity fun, the ongoing challenges with passwords, and the evolving role of AI in password cracking. The conversation also touches on incident response, the significance of documentation, and the future trends in cybersecurity, including the shift towards passwordless authentication and the impact of AI on both attackers and defenders.</p><p><strong class="ql-size-large">Takeaways</strong></p><ul><li>Hacker Jeopardy is a fun way to engage with cybersecurity.</li><li>Teaching others helps reinforce your own knowledge.</li><li>Passwords will remain a necessary evil in security.</li><li>AI is enhancing password cracking methodologies.</li><li>Documentation is crucial in incident response.</li><li>The cost of hacking is increasing due to advanced techniques.</li><li>Collaboration between red and blue teams is essential.</li><li>Insider threats are on the rise in cybersecurity.</li><li>Password management is fundamentally an asset management issue.</li><li>Future trends indicate a shift towards passwordless authentication.</li></ul><br/><p></p><p><strong class="ql-size-large"> Sound bites</strong></p><p>"Teaching helps you learn better."</p><p>"Security is about enabling the business."</p><p>"The cost of hacking is rising."</p><p></p><p><strong class="ql-size-large">Chapters</strong></p><ul><li>00:00 Introduction to Evil Mog and Hacker Jeopardy</li><li>02:37 The Importance of Community and Teaching in Cybersecurity</li><li>05:22 Password Security: The Louvre Incident</li><li>07:59 The Evolution of Authentication Methods</li><li>10:35 Challenges in Asset Management and Password Management</li><li>13:15 Operational Technology (OT) Security Challenges</li><li>15:53 The Role of Documentation in Cybersecurity</li><li>18:42 AI in Cybersecurity: Automation and Password Recovery</li><li>21:52 AI in Password Cracking</li><li>24:56 Enhancing Human Capabilities with AI</li><li>27:18 The Evolution of Cybercrime</li><li>30:02 Trends and Predictions for Cybersecurity</li><li>34:41 Collaboration in Cybersecurity</li><li>37:24 The Future of Cybercrime and AI</li><li>40:59 Connecting with Evil Mog</li></ul><br/><p>In a thought-provoking dialogue, Joe Carson and Evil Mog engage in a profound examination of cybersecurity, particularly focusing on the critical role of password management in contemporary security practices. Evil Mog, a distinguished executive managing hacker at IBM and a key participant in various hacking competitions, brings invaluable insights to the discussion, blending his extensive expertise with anecdotes from the vibrant DEFCON community. The conversation underscores the often-overlooked aspect of humor in cybersecurity, showcasing how events like Hacker Jeopardy can serve as both a source of entertainment and a platform for learning and community building. The hosts delve deeply into the pressing issues surrounding password security, using real-world examples to illustrate the dire consequences of poor password practices. They analyze incidents, including the infamous Louvre heist, where a lack of foresight in password management led to significant breaches. This discussion highlights the critical need for organizations to adopt stronger authentication methods, such as passkeys and multi-factor authentication, while acknowledging the challenges that traditional passwords continue to pose in everyday scenarios. Carson and Mog emphasize the importance of balancing security with usability to prevent users from resorting to insecure workarounds. Looking ahead, the conversation shifts toward the future of cybersecurity, with the hosts expressing hope for continued advancements in password management technologies. They advocate for a proactive approach in adapting to new threats, underscoring the necessity of community collaboration and knowledge sharing among cybersecurity professionals. The episode concludes with a resounding reminder of the importance of staying informed and engaged in an ever-evolving landscape of cybersecurity risks.</p><p>Takeaways:</p><ul><li>The podcast emphasizes the importance of community engagement in cybersecurity, advocating for teaching others to enhance personal understanding and benefiting the broader community.</li><li>Evil Mogg discusses the evolution of password security, highlighting the ongoing necessity for shared secrets despite technological advancements in authentication methods.</li><li>The conversation reveals a critical perspective on the complexities of cybersecurity, particularly how simplifying security for users can lead to better compliance and protection.</li><li>Listeners are encouraged to actively participate in events like Hacker Jeopardy to foster a fun and interactive approach to cybersecurity education and awareness.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/cracking-passwords-and-the-future-of-passwords-with-evil-mog]]></link><guid isPermaLink="false">f166e3b4-952c-4b53-8009-eed7c72dde1d</guid><itunes:image href="https://artwork.captivate.fm/73bfe065-cff6-4318-a825-7a48c5d22d48/generated-image-32.jpg"/><pubDate>Tue, 17 Feb 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/f166e3b4-952c-4b53-8009-eed7c72dde1d.mp3" length="20298385" type="audio/mpeg"/><itunes:duration>42:17</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>24</itunes:episode><podcast:episode>24</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/924b1949-3a82-48e4-9f37-f7072ab218b6/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/924b1949-3a82-48e4-9f37-f7072ab218b6/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/924b1949-3a82-48e4-9f37-f7072ab218b6/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-583a1ba2-e4c5-4528-b9e8-5edfa4b5f989.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="Cracking the Code: Password Security in Modern Cyber Threats with Evilmog"><podcast:source uri="https://youtu.be/8DToLDtwQcc"/></podcast:alternateEnclosure></item><item><title>Understanding the Critical Role of Identity in Modern Cybersecurity with Charles Chase</title><itunes:title>Understanding the Critical Role of Identity in Modern Cybersecurity with Charles Chase</itunes:title><description><![CDATA[<p>The focal point of today’s discourse centers on the crucial importance of identity security and privileged access management in contemporary organizational frameworks. I am joined by the esteemed Charles Chase, who shares his extensive experience in the realm of identity security, elucidating the pressing trends and best practices that organizations must adopt to safeguard their digital assets. Our conversation delves into the regulatory pressures that compel businesses to enhance their security measures, particularly in light of evolving threats and compliance requirements. Furthermore, we explore the significance of understanding the unknowns within identity management systems and the necessity of maintaining rigorous hygiene practices to mitigate potential vulnerabilities. Through this dialogue, we aim to illuminate the transformative impact of effective identity management strategies on organizational security and operational efficiency.</p><p>In this episode of the Security by Default podcast, host Joe Carson speaks with Charles Chase about his journey into the cybersecurity field, focusing on identity security and privilege access management. They discuss the evolving trends in identity security, the importance of maintaining identity hygiene, and the impact of regulations like NIST 2 and DORA on organizational practices. The conversation also covers the shift towards passwordless security, the role of AI in identity management, and resources for those looking to enter the field. The episode concludes with reflections on the importance of identities in business and society.</p><p><span class="ql-size-large">Takeaways</span></p><ul><li>Charles Chase fell into cybersecurity from a military background.</li><li>The importance of understanding what you don't know in identity security.</li><li>Organizations often have dormant accounts that pose security risks.</li><li>Regulatory bodies are pushing organizations to improve their identity security practices.</li><li>The shift towards passwordless security is gaining momentum.</li><li>AI is becoming a valuable tool in identity management.</li><li>Identity hygiene is crucial for reducing risks in organizations.</li><li>The commoditization of identity solutions allows smaller businesses to implement security measures.</li><li>Engaging with customers is key to understanding their unique identity security needs.</li><li>The future of identity management is focused on user experience and automation.</li></ul><br/><p><span class="ql-size-large">Keywords</span></p><p>cybersecurity, identity security, privilege access management, trends, best practices, passwordless security, AI in identity management, regulatory impact, identity hygiene, resources for cybersecurity</p><p>The podcast commences with an engaging introduction by host Joe Carson, who expresses his enthusiasm for sharing insights and knowledge with the audience. He introduces his guest, Charles, who possesses an extensive background in identity security and privileged access management. Charles recounts his journey into the cybersecurity industry, highlighting his initial experiences in the U.S. Air Force as a network engineer and the serendipitous nature of his entry into the realm of privileged access management. The conversation swiftly transitions to the evolving landscape of identity security, where both speakers reflect on the advancements in tools and practices that have emerged over the years. They discuss the significance of understanding the regulatory landscape and the implications it has for organizations striving to enhance their security posture. Charles emphasizes the necessity for organizations to proactively address their security vulnerabilities and to adopt best practices that mitigate risks associated with identity and access management. He shares anecdotes from his experiences working with various clients, illustrating the startling discoveries often made when analyzing their systems, including the prevalence of dormant accounts and orphaned identities that pose significant security risks. As the dialogue progresses, the speakers delve into current trends in identity security, particularly the move towards passwordless authentication methods and the integration of multifactor authentication solutions. Charles elucidates how organizations are increasingly prioritizing the security of their identity frameworks to comply with regulatory demands while ensuring the integrity of their operations. He shares insights on the importance of continuous learning and adaptation in the field of cybersecurity, noting that each organization's journey is unique, and tailored approaches are essential to address specific challenges. The conversation culminates in a discussion on the future of identity management, where both speakers express optimism about the potential of emerging technologies and the need for organizations to remain vigilant in their security efforts. Ultimately, the episode underscores the critical role that effective identity management plays in safeguarding organizational assets and maintaining trust in today’s digital landscape.</p><p>Takeaways:</p><ul><li>The conversation highlighted the significant evolution in identity security practices over the years, emphasizing the necessity of adopting modern tools and strategies.</li><li>A recurring theme was the critical importance of addressing dormant and orphaned accounts to enhance overall security posture within organizations.</li><li>Regulatory pressures have escalated, compelling organizations to prioritize identity management and security protocols to mitigate risks effectively.</li><li>The speakers discussed the growing trend towards passwordless authentication and the integration of biometric solutions in identity security frameworks.</li><li>The episode underscored the necessity of maintaining a proactive identity hygiene program to prevent security vulnerabilities.</li><li>The importance of continuous education and awareness for professionals entering the identity and access management field was a key discussion point.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>The focal point of today’s discourse centers on the crucial importance of identity security and privileged access management in contemporary organizational frameworks. I am joined by the esteemed Charles Chase, who shares his extensive experience in the realm of identity security, elucidating the pressing trends and best practices that organizations must adopt to safeguard their digital assets. Our conversation delves into the regulatory pressures that compel businesses to enhance their security measures, particularly in light of evolving threats and compliance requirements. Furthermore, we explore the significance of understanding the unknowns within identity management systems and the necessity of maintaining rigorous hygiene practices to mitigate potential vulnerabilities. Through this dialogue, we aim to illuminate the transformative impact of effective identity management strategies on organizational security and operational efficiency.</p><p>In this episode of the Security by Default podcast, host Joe Carson speaks with Charles Chase about his journey into the cybersecurity field, focusing on identity security and privilege access management. They discuss the evolving trends in identity security, the importance of maintaining identity hygiene, and the impact of regulations like NIST 2 and DORA on organizational practices. The conversation also covers the shift towards passwordless security, the role of AI in identity management, and resources for those looking to enter the field. The episode concludes with reflections on the importance of identities in business and society.</p><p><span class="ql-size-large">Takeaways</span></p><ul><li>Charles Chase fell into cybersecurity from a military background.</li><li>The importance of understanding what you don't know in identity security.</li><li>Organizations often have dormant accounts that pose security risks.</li><li>Regulatory bodies are pushing organizations to improve their identity security practices.</li><li>The shift towards passwordless security is gaining momentum.</li><li>AI is becoming a valuable tool in identity management.</li><li>Identity hygiene is crucial for reducing risks in organizations.</li><li>The commoditization of identity solutions allows smaller businesses to implement security measures.</li><li>Engaging with customers is key to understanding their unique identity security needs.</li><li>The future of identity management is focused on user experience and automation.</li></ul><br/><p><span class="ql-size-large">Keywords</span></p><p>cybersecurity, identity security, privilege access management, trends, best practices, passwordless security, AI in identity management, regulatory impact, identity hygiene, resources for cybersecurity</p><p>The podcast commences with an engaging introduction by host Joe Carson, who expresses his enthusiasm for sharing insights and knowledge with the audience. He introduces his guest, Charles, who possesses an extensive background in identity security and privileged access management. Charles recounts his journey into the cybersecurity industry, highlighting his initial experiences in the U.S. Air Force as a network engineer and the serendipitous nature of his entry into the realm of privileged access management. The conversation swiftly transitions to the evolving landscape of identity security, where both speakers reflect on the advancements in tools and practices that have emerged over the years. They discuss the significance of understanding the regulatory landscape and the implications it has for organizations striving to enhance their security posture. Charles emphasizes the necessity for organizations to proactively address their security vulnerabilities and to adopt best practices that mitigate risks associated with identity and access management. He shares anecdotes from his experiences working with various clients, illustrating the startling discoveries often made when analyzing their systems, including the prevalence of dormant accounts and orphaned identities that pose significant security risks. As the dialogue progresses, the speakers delve into current trends in identity security, particularly the move towards passwordless authentication methods and the integration of multifactor authentication solutions. Charles elucidates how organizations are increasingly prioritizing the security of their identity frameworks to comply with regulatory demands while ensuring the integrity of their operations. He shares insights on the importance of continuous learning and adaptation in the field of cybersecurity, noting that each organization's journey is unique, and tailored approaches are essential to address specific challenges. The conversation culminates in a discussion on the future of identity management, where both speakers express optimism about the potential of emerging technologies and the need for organizations to remain vigilant in their security efforts. Ultimately, the episode underscores the critical role that effective identity management plays in safeguarding organizational assets and maintaining trust in today’s digital landscape.</p><p>Takeaways:</p><ul><li>The conversation highlighted the significant evolution in identity security practices over the years, emphasizing the necessity of adopting modern tools and strategies.</li><li>A recurring theme was the critical importance of addressing dormant and orphaned accounts to enhance overall security posture within organizations.</li><li>Regulatory pressures have escalated, compelling organizations to prioritize identity management and security protocols to mitigate risks effectively.</li><li>The speakers discussed the growing trend towards passwordless authentication and the integration of biometric solutions in identity security frameworks.</li><li>The episode underscored the necessity of maintaining a proactive identity hygiene program to prevent security vulnerabilities.</li><li>The importance of continuous education and awareness for professionals entering the identity and access management field was a key discussion point.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/exploring-identity-security-trends-with-charles-chase]]></link><guid isPermaLink="false">fe6b4cc1-f639-4ee6-ac34-722cef1a1e88</guid><itunes:image href="https://artwork.captivate.fm/7df31ca7-3c36-4ea0-a195-f1064a2cd81a/generated-image-31.jpg"/><pubDate>Tue, 03 Feb 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/fe6b4cc1-f639-4ee6-ac34-722cef1a1e88.mp3" length="14453644" type="audio/mpeg"/><itunes:duration>30:07</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>23</itunes:episode><podcast:episode>23</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/e4859e20-e016-4575-aef9-b2ac5b0d0287/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/e4859e20-e016-4575-aef9-b2ac5b0d0287/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/e4859e20-e016-4575-aef9-b2ac5b0d0287/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-eeb8d3a4-115a-4e7f-925c-698197baec8d.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="Exploring Identity Security Trends with Charles Chase"><podcast:source uri="https://youtu.be/96YDfIJflws"/></podcast:alternateEnclosure></item><item><title>A Deep Dive into Cyber Operations and OSINT with The Grugq</title><itunes:title>A Deep Dive into Cyber Operations and OSINT with The Grugq</itunes:title><description><![CDATA[<p>The Grugq, a distinguished expert in the realm of open-source intelligence (OSINT) and cyber operations, elucidates the intricate interplay between information warfare and contemporary security challenges. He articulates the notion that during times of conflict, traditional rules governing cyber operations, such as deniability and stealth, become markedly less pertinent. Instead, the focus shifts towards achieving mission objectives without the necessity for concealment, as the stakes escalate in the context of warfare. Throughout our discourse, we explore the evolution of cyber tactics, emphasizing the shift from sophisticated methodologies to more rudimentary yet effective tools, reflecting a pragmatic approach to cyber engagements. Ultimately, our conversation serves as a profound examination of the current landscape of cyber warfare, underscoring the necessity for adaptability and a nuanced understanding of operational security in an era marked by rapid technological advancements and shifting geopolitical dynamics.</p><p>In this episode of the Security by Default podcast, host Joseph Carson engages with the Grugq, a cybersecurity expert and PhD student, discussing his journey into the field, the evolution of cybersecurity practices, and the complexities of information warfare. The Grugq shares insights on anti-forensics, the importance of understanding human behavior in cybersecurity, and the current landscape of cyber warfare, particularly in the context of the ongoing conflict in Ukraine. The conversation highlights the challenges and changes in the cybersecurity field, emphasizing the need for clarity and understanding in a chaotic information environment.</p><p><span class="ql-size-large">Takeaways</span></p><ul><li>The Grugq's journey into cybersecurity began with a Unix book.</li><li>He transitioned from internships to freelancing in cybersecurity.</li><li>Moving to Thailand helped reduce living costs while consulting.</li><li>Understanding anti-forensics is crucial for effective cybersecurity.</li><li>The rules of cyber warfare differ significantly from peacetime operations.</li><li>Information warfare involves changing how people interpret information.</li><li>The Grugq emphasizes the importance of human behavior in cybersecurity.</li><li>Staying updated in cybersecurity requires monitoring current events and engaging with experts.</li><li>The evolution of cybersecurity tools has made it easier for new actors to operate.</li><li>The Grugq's PhD research focuses on the realities of cyber warfare.</li></ul><br/><p><span class="ql-size-large">Additional Resources:</span></p><p>https://x.com/thegrugq</p><p>https://github.com/grugq</p><p>Engaging with the multifaceted realm of Open Source Intelligence (OSINT) and Cyber Operations, this podcast episode presents an erudite dialogue featuring The Grugq, an esteemed expert in the field. The conversation is initiated by the host, who invites The Grugq to share his origin story, tracing his journey through the labyrinthine world of cybersecurity, beginning from his formative experiences with UNIX systems. The Grugq elucidates how he transitioned from being an independent security researcher to an academic, currently pursuing a PhD focused on cyber warfare. This episode delves into the complexities of operational security, the principles underpinning successful cyber operations, and the significance of understanding human behavior in the cybersecurity domain. The discourse further explores the dynamic interplay between OSINT and cyber operations, emphasizing the critical importance of meticulous analysis and strategic deception in contemporary cyber warfare. The Grugq articulates the evolving nature of threats in this space, and how adversaries utilize increasingly sophisticated techniques to obfuscate their activities. Throughout the episode, listeners are afforded a unique glimpse into the methodologies that underpin effective cyber operations, highlighting the necessity of adapting to the ever-shifting landscape of cybersecurity. Amidst the complexities of the cyber domain, The Grugq offers profound insights into the ethical implications of cyber operations, urging practitioners to consider the broader ramifications of their actions. This episode serves not only as a repository of knowledge but also as a call to action for cybersecurity professionals to reflect on the ethical dimensions of their work. By the conclusion, listeners are left with a rich understanding of the intersection of OSINT and cyber operations, equipped with the knowledge to navigate the tumultuous waters of the cybersecurity landscape with greater acumen and awareness.</p><p>Takeaways:</p><ul><li>The Grugq emphasizes the importance of understanding the principles of operational security and their historical context in the realm of cyber warfare.</li><li>In the discussion, we explore the evolution of cyber operations, highlighting how the dynamics of war have shifted the focus from stealth to achieving mission objectives.</li><li>A key takeaway is the recognition that modern cyber actors often utilize pre-existing techniques rather than creating new ones, complicating attribution efforts in cyber incidents.</li><li>The podcast delves into the significance of information warfare, stressing that the ability to manipulate perceptions is as crucial as the actual data being presented.</li><li>The Grugq shares insights on how the principles of access, humanity, and economy underpin successful cyber operations, framing them within the context of both offense and defense.</li><li>We discuss the blurred lines in modern cyber conflicts, where traditional rules of engagement may not apply, particularly in ongoing large-scale cyber warfare scenarios.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>The Grugq, a distinguished expert in the realm of open-source intelligence (OSINT) and cyber operations, elucidates the intricate interplay between information warfare and contemporary security challenges. He articulates the notion that during times of conflict, traditional rules governing cyber operations, such as deniability and stealth, become markedly less pertinent. Instead, the focus shifts towards achieving mission objectives without the necessity for concealment, as the stakes escalate in the context of warfare. Throughout our discourse, we explore the evolution of cyber tactics, emphasizing the shift from sophisticated methodologies to more rudimentary yet effective tools, reflecting a pragmatic approach to cyber engagements. Ultimately, our conversation serves as a profound examination of the current landscape of cyber warfare, underscoring the necessity for adaptability and a nuanced understanding of operational security in an era marked by rapid technological advancements and shifting geopolitical dynamics.</p><p>In this episode of the Security by Default podcast, host Joseph Carson engages with the Grugq, a cybersecurity expert and PhD student, discussing his journey into the field, the evolution of cybersecurity practices, and the complexities of information warfare. The Grugq shares insights on anti-forensics, the importance of understanding human behavior in cybersecurity, and the current landscape of cyber warfare, particularly in the context of the ongoing conflict in Ukraine. The conversation highlights the challenges and changes in the cybersecurity field, emphasizing the need for clarity and understanding in a chaotic information environment.</p><p><span class="ql-size-large">Takeaways</span></p><ul><li>The Grugq's journey into cybersecurity began with a Unix book.</li><li>He transitioned from internships to freelancing in cybersecurity.</li><li>Moving to Thailand helped reduce living costs while consulting.</li><li>Understanding anti-forensics is crucial for effective cybersecurity.</li><li>The rules of cyber warfare differ significantly from peacetime operations.</li><li>Information warfare involves changing how people interpret information.</li><li>The Grugq emphasizes the importance of human behavior in cybersecurity.</li><li>Staying updated in cybersecurity requires monitoring current events and engaging with experts.</li><li>The evolution of cybersecurity tools has made it easier for new actors to operate.</li><li>The Grugq's PhD research focuses on the realities of cyber warfare.</li></ul><br/><p><span class="ql-size-large">Additional Resources:</span></p><p>https://x.com/thegrugq</p><p>https://github.com/grugq</p><p>Engaging with the multifaceted realm of Open Source Intelligence (OSINT) and Cyber Operations, this podcast episode presents an erudite dialogue featuring The Grugq, an esteemed expert in the field. The conversation is initiated by the host, who invites The Grugq to share his origin story, tracing his journey through the labyrinthine world of cybersecurity, beginning from his formative experiences with UNIX systems. The Grugq elucidates how he transitioned from being an independent security researcher to an academic, currently pursuing a PhD focused on cyber warfare. This episode delves into the complexities of operational security, the principles underpinning successful cyber operations, and the significance of understanding human behavior in the cybersecurity domain. The discourse further explores the dynamic interplay between OSINT and cyber operations, emphasizing the critical importance of meticulous analysis and strategic deception in contemporary cyber warfare. The Grugq articulates the evolving nature of threats in this space, and how adversaries utilize increasingly sophisticated techniques to obfuscate their activities. Throughout the episode, listeners are afforded a unique glimpse into the methodologies that underpin effective cyber operations, highlighting the necessity of adapting to the ever-shifting landscape of cybersecurity. Amidst the complexities of the cyber domain, The Grugq offers profound insights into the ethical implications of cyber operations, urging practitioners to consider the broader ramifications of their actions. This episode serves not only as a repository of knowledge but also as a call to action for cybersecurity professionals to reflect on the ethical dimensions of their work. By the conclusion, listeners are left with a rich understanding of the intersection of OSINT and cyber operations, equipped with the knowledge to navigate the tumultuous waters of the cybersecurity landscape with greater acumen and awareness.</p><p>Takeaways:</p><ul><li>The Grugq emphasizes the importance of understanding the principles of operational security and their historical context in the realm of cyber warfare.</li><li>In the discussion, we explore the evolution of cyber operations, highlighting how the dynamics of war have shifted the focus from stealth to achieving mission objectives.</li><li>A key takeaway is the recognition that modern cyber actors often utilize pre-existing techniques rather than creating new ones, complicating attribution efforts in cyber incidents.</li><li>The podcast delves into the significance of information warfare, stressing that the ability to manipulate perceptions is as crucial as the actual data being presented.</li><li>The Grugq shares insights on how the principles of access, humanity, and economy underpin successful cyber operations, framing them within the context of both offense and defense.</li><li>We discuss the blurred lines in modern cyber conflicts, where traditional rules of engagement may not apply, particularly in ongoing large-scale cyber warfare scenarios.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/cyber-ops-with-the-grugq]]></link><guid isPermaLink="false">5ef666f0-956b-4a88-986a-ba057d6e588e</guid><itunes:image href="https://artwork.captivate.fm/0be991e0-7f75-47c9-9099-3077ab9122cf/generated-image-33.jpg"/><pubDate>Tue, 20 Jan 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/5ef666f0-956b-4a88-986a-ba057d6e588e.mp3" length="22124683" type="audio/mpeg"/><itunes:duration>46:06</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>22</itunes:episode><podcast:episode>22</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/73811930-c1a4-4484-9b30-8e1f515b3700/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/73811930-c1a4-4484-9b30-8e1f515b3700/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/73811930-c1a4-4484-9b30-8e1f515b3700/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-87c0d117-3914-46da-9575-d9fb683a4a6d.json" type="application/json+chapters"/></item><item><title>Building Resilience in Cybersecurity: Lessons from Joe Sullivan</title><itunes:title>Building Resilience in Cybersecurity: Lessons from Joe Sullivan</itunes:title><description><![CDATA[<p>The paramount theme of this podcast episode revolves around the critical necessity of preparing for crises within cybersecurity frameworks. As we navigate an increasingly chaotic landscape, it becomes evident that security must be accessible and comprehensible for all stakeholders involved. We engage in an enlightening dialogue with our esteemed guest, Joe Sullivan, who elucidates his remarkable journey from a federal prosecutor to a prominent figure in security leadership across major tech enterprises. Throughout our conversation, we emphasize the importance of cultivating resilience in the face of potential adversities, advocating for a paradigm shift from mere prevention to proactive crisis management. This episode serves not only as an exploration of individual experiences but also as a clarion call for organizations to invest in robust preparedness strategies to mitigate the impacts of inevitable security incidents.</p><p>In this episode of the Security by Default podcast, host Joseph Carson interviews Joe Sullivan, a prominent figure in cybersecurity. They discuss Joe's journey from a federal prosecutor to the Chief Security Officer at Facebook, exploring the challenges and expectations in transitioning from government to private sector roles. The conversation delves into the evolving landscape of cybersecurity, the impact of ransomware, and the importance of crisis management and preparedness. Joe shares valuable lessons for aspiring security executives and highlights the significance of understanding technology in leadership roles. The episode concludes with Joe's current projects, including his nonprofit initiative, Ukraine Friends, which provides laptops to children affected by the war in Ukraine.</p><p><strong class="ql-size-large">Takeaways</strong></p><ul><li>Security is possible for everyone.</li><li>Joe Sullivan's journey reflects a unique path into cybersecurity.</li><li>Transitioning from government to private sector presents challenges.</li><li>Understanding corporate culture is crucial for success.</li><li>Measuring success in cybersecurity requires clear metrics.</li><li>Ransomware has fundamentally changed the cybersecurity landscape.</li><li>Security leaders are increasingly reporting to CEOs.</li><li>Crisis management is essential for organizational resilience.</li><li>Aspiring security executives should focus on business understanding.</li><li>Giving back to the community is a vital part of the cybersecurity profession.</li></ul><br/><p></p><p><strong class="ql-size-large">Sound bites</strong></p><ul><li>"Security is possible for everyone."</li><li>"I got an MBA through osmosis."</li><li>"The expectations were so high."</li></ul><br/><p></p><p><strong class="ql-size-large">Chapters</strong></p><ul><li>00:00 Introduction to Security by Default Podcast</li><li>01:02 Joe Sullivan's Journey into Cybersecurity</li><li>05:10 Transition from Government to Private Sector</li><li>11:06 Navigating the Corporate Landscape</li><li>15:48 Measuring Success in Security</li><li>20:04 The Impact of Ransomware on Cybersecurity</li><li>28:01 The Evolving Role of Security Leaders</li><li>30:57 Understanding Business Strategy in Security</li><li>32:59 Risk Management and Business Partnership</li><li>33:52 Navigating Technology Risks</li><li>35:54 The Race for AI Innovation</li><li>38:03 Crisis Management and Preparedness</li><li>39:59 Building Resilience in Security Teams</li><li>42:16 The Importance of Response Training</li><li>44:10 Lessons from Emergency Services</li><li>47:41 Community Impact through Technology</li></ul><br/><p></p><p><strong class="ql-size-large">Additional Resources:</strong></p><p>https://www.joesullivansecurity.com/about</p><p>https://ukrainefriends.org/</p><p>https://www.linkedin.com/in/joesu11ivan/</p><p>https://en.wikipedia.org/wiki/Joe_Sullivan_(cybersecurity)</p><p>The discourse presented in this episode of the Security By Default podcast delves into the intricacies of cybersecurity through a rich narrative framed by the experiences of Joe Sullivan, a distinguished figure in the cybersecurity landscape. The conversation commences with a reflection on the current state of security in a world rife with chaos and challenges, emphasizing the necessity for clarity and preparedness in addressing security concerns. Sullivan recounts his unique journey into the realm of cybersecurity, marked by an initial aspiration to pursue law, which ultimately led him to blend his legal expertise with a burgeoning interest in technology. This intersection of law and technology is pivotal in understanding the evolution of cybersecurity practices, as Sullivan highlights the early days of his career at the Department of Justice, where he was thrust into the intricate dynamics of cybercrime prosecution. His narrative underscores the significant shifts in the cybersecurity landscape, illustrating how the role of cybersecurity professionals has evolved into one that requires not only technical prowess but also a profound understanding of business operations and risk management. As the discussion unfolds, listeners are introduced to the concept of operational resilience, a theme underscored by Sullivan's experiences at major corporations such as eBay, PayPal, and Facebook. He elucidates the necessity for security leaders to transition from a purely defensive posture to one that encompasses proactive crisis management and resilience building. Sullivan’s observations regarding the expectations placed upon security professionals in the private sector contrast sharply with his experiences in government service, where the pace and metrics of success differ markedly. This dichotomy serves to illuminate the complexities faced by modern security executives who must navigate not only the technical challenges of cybersecurity but also the imperative to align their strategies with broader business objectives. In conclusion, the episode encapsulates the essence of security as a multifaceted discipline that extends beyond mere technical solutions. Sullivan advocates for a paradigm shift in how organizations perceive and invest in security, urging a balanced allocation of resources towards both prevention and crisis preparedness. His insights serve as a clarion call for security professionals to engage more deeply with the business side of their organizations, fostering a culture where security is seen as an integral component of operational success rather than a mere compliance obligation. The conversation ultimately reinforces the notion that in the face of evolving threats, a proactive and well-prepared security posture is paramount for organizational resilience and success in an increasingly digital world.</p>]]></description><content:encoded><![CDATA[<p>The paramount theme of this podcast episode revolves around the critical necessity of preparing for crises within cybersecurity frameworks. As we navigate an increasingly chaotic landscape, it becomes evident that security must be accessible and comprehensible for all stakeholders involved. We engage in an enlightening dialogue with our esteemed guest, Joe Sullivan, who elucidates his remarkable journey from a federal prosecutor to a prominent figure in security leadership across major tech enterprises. Throughout our conversation, we emphasize the importance of cultivating resilience in the face of potential adversities, advocating for a paradigm shift from mere prevention to proactive crisis management. This episode serves not only as an exploration of individual experiences but also as a clarion call for organizations to invest in robust preparedness strategies to mitigate the impacts of inevitable security incidents.</p><p>In this episode of the Security by Default podcast, host Joseph Carson interviews Joe Sullivan, a prominent figure in cybersecurity. They discuss Joe's journey from a federal prosecutor to the Chief Security Officer at Facebook, exploring the challenges and expectations in transitioning from government to private sector roles. The conversation delves into the evolving landscape of cybersecurity, the impact of ransomware, and the importance of crisis management and preparedness. Joe shares valuable lessons for aspiring security executives and highlights the significance of understanding technology in leadership roles. The episode concludes with Joe's current projects, including his nonprofit initiative, Ukraine Friends, which provides laptops to children affected by the war in Ukraine.</p><p><strong class="ql-size-large">Takeaways</strong></p><ul><li>Security is possible for everyone.</li><li>Joe Sullivan's journey reflects a unique path into cybersecurity.</li><li>Transitioning from government to private sector presents challenges.</li><li>Understanding corporate culture is crucial for success.</li><li>Measuring success in cybersecurity requires clear metrics.</li><li>Ransomware has fundamentally changed the cybersecurity landscape.</li><li>Security leaders are increasingly reporting to CEOs.</li><li>Crisis management is essential for organizational resilience.</li><li>Aspiring security executives should focus on business understanding.</li><li>Giving back to the community is a vital part of the cybersecurity profession.</li></ul><br/><p></p><p><strong class="ql-size-large">Sound bites</strong></p><ul><li>"Security is possible for everyone."</li><li>"I got an MBA through osmosis."</li><li>"The expectations were so high."</li></ul><br/><p></p><p><strong class="ql-size-large">Chapters</strong></p><ul><li>00:00 Introduction to Security by Default Podcast</li><li>01:02 Joe Sullivan's Journey into Cybersecurity</li><li>05:10 Transition from Government to Private Sector</li><li>11:06 Navigating the Corporate Landscape</li><li>15:48 Measuring Success in Security</li><li>20:04 The Impact of Ransomware on Cybersecurity</li><li>28:01 The Evolving Role of Security Leaders</li><li>30:57 Understanding Business Strategy in Security</li><li>32:59 Risk Management and Business Partnership</li><li>33:52 Navigating Technology Risks</li><li>35:54 The Race for AI Innovation</li><li>38:03 Crisis Management and Preparedness</li><li>39:59 Building Resilience in Security Teams</li><li>42:16 The Importance of Response Training</li><li>44:10 Lessons from Emergency Services</li><li>47:41 Community Impact through Technology</li></ul><br/><p></p><p><strong class="ql-size-large">Additional Resources:</strong></p><p>https://www.joesullivansecurity.com/about</p><p>https://ukrainefriends.org/</p><p>https://www.linkedin.com/in/joesu11ivan/</p><p>https://en.wikipedia.org/wiki/Joe_Sullivan_(cybersecurity)</p><p>The discourse presented in this episode of the Security By Default podcast delves into the intricacies of cybersecurity through a rich narrative framed by the experiences of Joe Sullivan, a distinguished figure in the cybersecurity landscape. The conversation commences with a reflection on the current state of security in a world rife with chaos and challenges, emphasizing the necessity for clarity and preparedness in addressing security concerns. Sullivan recounts his unique journey into the realm of cybersecurity, marked by an initial aspiration to pursue law, which ultimately led him to blend his legal expertise with a burgeoning interest in technology. This intersection of law and technology is pivotal in understanding the evolution of cybersecurity practices, as Sullivan highlights the early days of his career at the Department of Justice, where he was thrust into the intricate dynamics of cybercrime prosecution. His narrative underscores the significant shifts in the cybersecurity landscape, illustrating how the role of cybersecurity professionals has evolved into one that requires not only technical prowess but also a profound understanding of business operations and risk management. As the discussion unfolds, listeners are introduced to the concept of operational resilience, a theme underscored by Sullivan's experiences at major corporations such as eBay, PayPal, and Facebook. He elucidates the necessity for security leaders to transition from a purely defensive posture to one that encompasses proactive crisis management and resilience building. Sullivan’s observations regarding the expectations placed upon security professionals in the private sector contrast sharply with his experiences in government service, where the pace and metrics of success differ markedly. This dichotomy serves to illuminate the complexities faced by modern security executives who must navigate not only the technical challenges of cybersecurity but also the imperative to align their strategies with broader business objectives. In conclusion, the episode encapsulates the essence of security as a multifaceted discipline that extends beyond mere technical solutions. Sullivan advocates for a paradigm shift in how organizations perceive and invest in security, urging a balanced allocation of resources towards both prevention and crisis preparedness. His insights serve as a clarion call for security professionals to engage more deeply with the business side of their organizations, fostering a culture where security is seen as an integral component of operational success rather than a mere compliance obligation. The conversation ultimately reinforces the notion that in the face of evolving threats, a proactive and well-prepared security posture is paramount for organizational resilience and success in an increasingly digital world.</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/from-prosecutor-to-cso-joe-sullivan-on-cybersecurity-leadership-crisis-and-resilience]]></link><guid isPermaLink="false">4d73b768-8f8a-44ae-9438-452b4c837927</guid><itunes:image href="https://artwork.captivate.fm/d0c3f3e0-8654-4f15-b98a-a07f92d0e96b/generated-image.jpg"/><pubDate>Tue, 06 Jan 2026 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/4d73b768-8f8a-44ae-9438-452b4c837927.mp3" length="22948246" type="audio/mpeg"/><itunes:duration>47:49</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>21</itunes:episode><podcast:episode>21</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/f87d10be-67ef-40c1-b991-e9461d0cc23c/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/f87d10be-67ef-40c1-b991-e9461d0cc23c/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/f87d10be-67ef-40c1-b991-e9461d0cc23c/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-a004c967-479e-4127-b7b3-9adcc1a15bd3.json" type="application/json+chapters"/></item><item><title>Laughing with Cyber - A Standup Comedy Special with Ian Murphy</title><itunes:title>Laughing with Cyber - A Standup Comedy Special with Ian Murphy</itunes:title><description><![CDATA[<p>This podcast episode delves into the often-overlooked notion that the field of cybersecurity can be both enjoyable and engaging, rather than solely characterized by its daunting challenges and threats. We, Joe Carson and Ian Murphy, reflect on our shared experiences within the industry, emphasizing the importance of maintaining a sense of humor and joy amidst the chaos often associated with cybersecurity. Ian recounts his journey from the early days of the internet and his unconventional entry into the cybersecurity realm, highlighting how his background in mechanics and passion for storytelling have shaped his unique approach to security awareness. Our conversation touches on the significance of creativity in effectively communicating complex topics, as well as the necessity of fostering a more approachable and less fear-driven narrative within the cybersecurity space. Ultimately, we aspire to illuminate the path toward a more vibrant and connected community, where laughter and camaraderie thrive alongside security.</p><p>In this episode of the Security by Default podcast, host Joseph Carson welcomes Ian Murphy, a cybersecurity expert and stand-up comedian. They discuss Ian's unconventional journey into cybersecurity, his experiences at the MOD and Symantec, and his transition to self-employment and comedy. Ian shares insights on the importance of storytelling in both cybersecurity awareness and comedy, as well as navigating online criticism and audience interactions. The conversation highlights the need for humor in serious industries and the value of real human connections.</p><p><span class="ql-size-large">Takeaways</span></p><ul><li>Ian's journey into cybersecurity was unplanned and unconventional.</li><li>The importance of storytelling in both cybersecurity and comedy.</li><li>Self-employment offers freedom but comes with challenges.</li><li>Humor can be a powerful tool in serious industries.</li><li>Navigating online criticism requires thick skin and perspective.</li><li>Comedy is subjective, and not everyone will appreciate it.</li><li>Real human interactions are essential in today's digital age.</li><li>Learning from experiences is crucial for growth in any field.</li><li>Networking and peer relationships are vital for success.</li><li>Life is better when you find joy and laughter in everyday situations.</li></ul><br/><p></p><p><span class="ql-size-large">Sound bites</span></p><p>"I wanted to be a footballer."</p><p>"Comedy is subjective."</p><p>"You need to grow the fuck up."</p><p></p><p><span class="ql-size-large">Chapters</span></p><ul><li>00:00 Introduction to the Podcast and Guest</li><li>00:56 Ian's Origin Story and Journey into Cybersecurity</li><li>06:29 Experiences at MOD and Symantec</li><li>10:44 Transitioning to Self-Employment and Freedom</li><li>14:27 The Switch to Stand-Up Comedy</li><li>22:05 The Impact of Humor in Cybersecurity Awareness</li><li>30:06 Audience Feedback and Social Media Interaction</li><li>31:54 The Power of Audience Engagement</li><li>34:49 Navigating Controversy in Comedy</li><li>37:43 The Art of Timing and Response</li><li>40:47 Comedy as a Reflection of Life</li><li>43:44 The Evolution of Comedy and Storytelling</li><li>49:53 Learning and Growth Through Comedy</li><li>53:50 Connecting with the Audience</li></ul><br/><p>Takeaways:</p><ul><li>The podcast emphasizes the importance of maintaining joy and humor in the cybersecurity field despite its often serious nature.</li><li>We explored how humor can be a powerful tool in security awareness, making the subject more engaging for audiences.</li><li>Ian shared his remarkable journey from mechanic to cybersecurity expert, illustrating the value of diverse experiences in shaping one’s career.</li><li>The discussion highlighted the challenges of transitioning from corporate environments to freelance work, emphasizing the freedom and responsibility it entails.</li><li>Both speakers reflected on the necessity of fostering human connections in the tech world, counteracting the isolation often felt in digital spheres.</li><li>The podcast concluded with a call to action for listeners to embrace humor and creativity in their professional lives, enhancing both workplace culture and personal fulfillment.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>This podcast episode delves into the often-overlooked notion that the field of cybersecurity can be both enjoyable and engaging, rather than solely characterized by its daunting challenges and threats. We, Joe Carson and Ian Murphy, reflect on our shared experiences within the industry, emphasizing the importance of maintaining a sense of humor and joy amidst the chaos often associated with cybersecurity. Ian recounts his journey from the early days of the internet and his unconventional entry into the cybersecurity realm, highlighting how his background in mechanics and passion for storytelling have shaped his unique approach to security awareness. Our conversation touches on the significance of creativity in effectively communicating complex topics, as well as the necessity of fostering a more approachable and less fear-driven narrative within the cybersecurity space. Ultimately, we aspire to illuminate the path toward a more vibrant and connected community, where laughter and camaraderie thrive alongside security.</p><p>In this episode of the Security by Default podcast, host Joseph Carson welcomes Ian Murphy, a cybersecurity expert and stand-up comedian. They discuss Ian's unconventional journey into cybersecurity, his experiences at the MOD and Symantec, and his transition to self-employment and comedy. Ian shares insights on the importance of storytelling in both cybersecurity awareness and comedy, as well as navigating online criticism and audience interactions. The conversation highlights the need for humor in serious industries and the value of real human connections.</p><p><span class="ql-size-large">Takeaways</span></p><ul><li>Ian's journey into cybersecurity was unplanned and unconventional.</li><li>The importance of storytelling in both cybersecurity and comedy.</li><li>Self-employment offers freedom but comes with challenges.</li><li>Humor can be a powerful tool in serious industries.</li><li>Navigating online criticism requires thick skin and perspective.</li><li>Comedy is subjective, and not everyone will appreciate it.</li><li>Real human interactions are essential in today's digital age.</li><li>Learning from experiences is crucial for growth in any field.</li><li>Networking and peer relationships are vital for success.</li><li>Life is better when you find joy and laughter in everyday situations.</li></ul><br/><p></p><p><span class="ql-size-large">Sound bites</span></p><p>"I wanted to be a footballer."</p><p>"Comedy is subjective."</p><p>"You need to grow the fuck up."</p><p></p><p><span class="ql-size-large">Chapters</span></p><ul><li>00:00 Introduction to the Podcast and Guest</li><li>00:56 Ian's Origin Story and Journey into Cybersecurity</li><li>06:29 Experiences at MOD and Symantec</li><li>10:44 Transitioning to Self-Employment and Freedom</li><li>14:27 The Switch to Stand-Up Comedy</li><li>22:05 The Impact of Humor in Cybersecurity Awareness</li><li>30:06 Audience Feedback and Social Media Interaction</li><li>31:54 The Power of Audience Engagement</li><li>34:49 Navigating Controversy in Comedy</li><li>37:43 The Art of Timing and Response</li><li>40:47 Comedy as a Reflection of Life</li><li>43:44 The Evolution of Comedy and Storytelling</li><li>49:53 Learning and Growth Through Comedy</li><li>53:50 Connecting with the Audience</li></ul><br/><p>Takeaways:</p><ul><li>The podcast emphasizes the importance of maintaining joy and humor in the cybersecurity field despite its often serious nature.</li><li>We explored how humor can be a powerful tool in security awareness, making the subject more engaging for audiences.</li><li>Ian shared his remarkable journey from mechanic to cybersecurity expert, illustrating the value of diverse experiences in shaping one’s career.</li><li>The discussion highlighted the challenges of transitioning from corporate environments to freelance work, emphasizing the freedom and responsibility it entails.</li><li>Both speakers reflected on the necessity of fostering human connections in the tech world, counteracting the isolation often felt in digital spheres.</li><li>The podcast concluded with a call to action for listeners to embrace humor and creativity in their professional lives, enhancing both workplace culture and personal fulfillment.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/laughing-with-cyber-a-standup-comedy-special-with-ian]]></link><guid isPermaLink="false">a7d030f8-245d-4700-b5eb-2fbec43cdd88</guid><itunes:image href="https://artwork.captivate.fm/015cde60-6b0a-4244-99e9-105635809f7e/ChatGPT-Image-Jun-17-2026-12-11-45-PM.jpg"/><pubDate>Tue, 23 Dec 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/a7d030f8-245d-4700-b5eb-2fbec43cdd88.mp3" length="27251345" type="audio/mpeg"/><itunes:duration>56:46</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>20</itunes:episode><podcast:episode>20</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/8edbe081-7c39-45b5-9865-2089c4e39c61/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/8edbe081-7c39-45b5-9865-2089c4e39c61/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/8edbe081-7c39-45b5-9865-2089c4e39c61/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-8d5ae0d6-0110-41d9-8762-7e6c50853224.json" type="application/json+chapters"/></item><item><title>From Teenage Hacker to Hollywood: A Cybersecurity Story You Won’t Believe | Alissa Knight</title><itunes:title>From Teenage Hacker to Hollywood: A Cybersecurity Story You Won’t Believe | Alissa Knight</itunes:title><description><![CDATA[<p>This podcast episode features an enlightening conversation with Alissa Knight, a notable figure in the cybersecurity landscape, who shares her unique journey into the realm of hacking and cybersecurity. From her early days of curiosity and mischief, starting at the tender age of thirteen, to her transformative experiences following a pivotal arrest, Alissa reflects on the lessons learned and the paths forged in the aftermath. The discussion delves into the evolution of hacking practices and the current landscape of API security, which Alissa identifies as a critical area of concern due to its expanding attack surface in contemporary technology. As we navigate through the complexities of artificial intelligence's role in cybersecurity, Alissa emphasizes the necessity of integrating security practices into the development process. This episode serves not only to illuminate Alissa's personal narrative but also to provide valuable insights for aspiring cybersecurity professionals and organizations alike.</p><p>In this episode of the Security by Default podcast, host Joe Carson engages with cybersecurity expert Alissa Knight, who shares her unique journey into the world of hacking and cybersecurity. They discuss the evolution of hacking, the challenges of API security, and the transformative impact of AI on the industry. Alissa emphasizes the importance of continuous learning and adapting to new technologies, while also reflecting on her career shifts and the significance of storytelling in cybersecurity marketing. The conversation highlights the need for organizations to invest in their employees' education and the future of cybersecurity innovation.</p><p><span class="ql-size-large">Takeaways</span></p><ul><li>Alissa started hacking at the age of 13, driven by curiosity.</li><li>The early days of hacking were like the wild west, with fewer resources.</li><li>A significant turning point in Alissa's life was her arrest at 17.</li><li>Cybersecurity offers lucrative career opportunities for skilled individuals.</li><li>API security is a growing concern as more services rely on APIs.</li><li>AI is reshaping the cybersecurity landscape, creating new challenges and opportunities.</li><li>Continuous learning is essential in the fast-evolving field of cybersecurity.</li><li>Organizations must invest in training their developers in secure coding practices.</li><li>Storytelling can be a powerful tool in cybersecurity marketing.</li><li>The future of cybersecurity will heavily involve AI and automation.</li></ul><br/><p></p><p><span class="ql-size-large">Sound bites</span></p><p>"It was the wild, wild west."</p><p>"I was arrested on my school campus."</p><p>"This industry pays very well."</p><p></p><p><span class="ql-size-large">Chapters</span></p><ul><li>00:00 Introduction to the Podcast and Guest</li><li>00:57 Alissa Knight's Unique Origin Story</li><li>05:30 The Evolution of Hacking and Cybersecurity</li><li>10:54 Turning Points and Career Shifts</li><li>16:10 The Impact of DDoS Attacks on Career Paths</li><li>20:57 The Importance of API Security</li><li>24:06 Hacking APIs and Security Vulnerabilities</li><li>27:52 The Evolution of AI in Coding</li><li>31:30 From Cybersecurity to Hollywood</li><li>36:32 Introducing ARIES: AI for Cybersecurity</li><li>39:03 The Importance of Continuous Learning in Cybersecurity</li></ul><br/><p></p><p><span class="ql-size-large">Resources</span></p><p>https://www.linkedin.com/in/alissaknight/</p><p>https://www.knightgroup.co/</p><p>https://microreels.com/</p><p>https://www.youtube.com/@AlissaKnightArchives</p><p></p><p>The Security By Default podcast presents an engaging dialogue between Joe Carson and Alissa Knight, a seasoned cybersecurity expert with a rich and unique background in hacking and security. Alissa recounts her journey into the cyber realm, beginning at the tender age of thirteen when her curiosity led her to explore the inner workings of technology. Her early experiences with bulletin board systems (BBS) and the hacking community shaped her understanding of cybersecurity, illustrating the evolution from the rudimentary practices of the past to the sophisticated techniques employed today. Alissa reflects on her misadventures, including a pivotal incident that resulted in her arrest at seventeen, which ultimately redirected her path towards a career in cybersecurity. This incident, rather than being a mere setback, served as a catalyst for her transformation, providing her with insights into the resilience required in the face of adversity. Throughout the discussion, Alissa emphasizes the importance of continuous learning and adaptation in the ever-evolving field of cybersecurity. She highlights the shift in focus towards API security and the challenges posed by artificial intelligence in code development. The conversation delves into the significance of secure coding practices and the necessity for organizations to invest in the education of their developers. Alissa's insights illuminate the critical nature of understanding the vulnerabilities that arise in modern applications and the imperative for cybersecurity professionals to stay abreast of these developments. The episode encapsulates a narrative of growth, resilience, and the pursuit of knowledge, encouraging listeners to embrace their journeys and strive for continuous improvement in the cybersecurity domain.</p>]]></description><content:encoded><![CDATA[<p>This podcast episode features an enlightening conversation with Alissa Knight, a notable figure in the cybersecurity landscape, who shares her unique journey into the realm of hacking and cybersecurity. From her early days of curiosity and mischief, starting at the tender age of thirteen, to her transformative experiences following a pivotal arrest, Alissa reflects on the lessons learned and the paths forged in the aftermath. The discussion delves into the evolution of hacking practices and the current landscape of API security, which Alissa identifies as a critical area of concern due to its expanding attack surface in contemporary technology. As we navigate through the complexities of artificial intelligence's role in cybersecurity, Alissa emphasizes the necessity of integrating security practices into the development process. This episode serves not only to illuminate Alissa's personal narrative but also to provide valuable insights for aspiring cybersecurity professionals and organizations alike.</p><p>In this episode of the Security by Default podcast, host Joe Carson engages with cybersecurity expert Alissa Knight, who shares her unique journey into the world of hacking and cybersecurity. They discuss the evolution of hacking, the challenges of API security, and the transformative impact of AI on the industry. Alissa emphasizes the importance of continuous learning and adapting to new technologies, while also reflecting on her career shifts and the significance of storytelling in cybersecurity marketing. The conversation highlights the need for organizations to invest in their employees' education and the future of cybersecurity innovation.</p><p><span class="ql-size-large">Takeaways</span></p><ul><li>Alissa started hacking at the age of 13, driven by curiosity.</li><li>The early days of hacking were like the wild west, with fewer resources.</li><li>A significant turning point in Alissa's life was her arrest at 17.</li><li>Cybersecurity offers lucrative career opportunities for skilled individuals.</li><li>API security is a growing concern as more services rely on APIs.</li><li>AI is reshaping the cybersecurity landscape, creating new challenges and opportunities.</li><li>Continuous learning is essential in the fast-evolving field of cybersecurity.</li><li>Organizations must invest in training their developers in secure coding practices.</li><li>Storytelling can be a powerful tool in cybersecurity marketing.</li><li>The future of cybersecurity will heavily involve AI and automation.</li></ul><br/><p></p><p><span class="ql-size-large">Sound bites</span></p><p>"It was the wild, wild west."</p><p>"I was arrested on my school campus."</p><p>"This industry pays very well."</p><p></p><p><span class="ql-size-large">Chapters</span></p><ul><li>00:00 Introduction to the Podcast and Guest</li><li>00:57 Alissa Knight's Unique Origin Story</li><li>05:30 The Evolution of Hacking and Cybersecurity</li><li>10:54 Turning Points and Career Shifts</li><li>16:10 The Impact of DDoS Attacks on Career Paths</li><li>20:57 The Importance of API Security</li><li>24:06 Hacking APIs and Security Vulnerabilities</li><li>27:52 The Evolution of AI in Coding</li><li>31:30 From Cybersecurity to Hollywood</li><li>36:32 Introducing ARIES: AI for Cybersecurity</li><li>39:03 The Importance of Continuous Learning in Cybersecurity</li></ul><br/><p></p><p><span class="ql-size-large">Resources</span></p><p>https://www.linkedin.com/in/alissaknight/</p><p>https://www.knightgroup.co/</p><p>https://microreels.com/</p><p>https://www.youtube.com/@AlissaKnightArchives</p><p></p><p>The Security By Default podcast presents an engaging dialogue between Joe Carson and Alissa Knight, a seasoned cybersecurity expert with a rich and unique background in hacking and security. Alissa recounts her journey into the cyber realm, beginning at the tender age of thirteen when her curiosity led her to explore the inner workings of technology. Her early experiences with bulletin board systems (BBS) and the hacking community shaped her understanding of cybersecurity, illustrating the evolution from the rudimentary practices of the past to the sophisticated techniques employed today. Alissa reflects on her misadventures, including a pivotal incident that resulted in her arrest at seventeen, which ultimately redirected her path towards a career in cybersecurity. This incident, rather than being a mere setback, served as a catalyst for her transformation, providing her with insights into the resilience required in the face of adversity. Throughout the discussion, Alissa emphasizes the importance of continuous learning and adaptation in the ever-evolving field of cybersecurity. She highlights the shift in focus towards API security and the challenges posed by artificial intelligence in code development. The conversation delves into the significance of secure coding practices and the necessity for organizations to invest in the education of their developers. Alissa's insights illuminate the critical nature of understanding the vulnerabilities that arise in modern applications and the imperative for cybersecurity professionals to stay abreast of these developments. The episode encapsulates a narrative of growth, resilience, and the pursuit of knowledge, encouraging listeners to embrace their journeys and strive for continuous improvement in the cybersecurity domain.</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/from-hacker-to-hollywood-alissa-knights-journey]]></link><guid isPermaLink="false">c106e38f-f96b-4ba6-9ef4-dfbee746c88e</guid><itunes:image href="https://artwork.captivate.fm/f24eb236-70d7-4a3a-941f-937457f81f46/generated-image.jpg"/><pubDate>Tue, 16 Dec 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/c106e38f-f96b-4ba6-9ef4-dfbee746c88e.mp3" length="22455890" type="audio/mpeg"/><itunes:duration>46:47</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>19</itunes:episode><podcast:episode>19</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/1d918a2a-1e04-4027-87ab-41329a6656cc/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/1d918a2a-1e04-4027-87ab-41329a6656cc/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/1d918a2a-1e04-4027-87ab-41329a6656cc/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-9ae29716-2250-4c7b-89e8-18cb455b2fbb.json" type="application/json+chapters"/></item><item><title>Understanding Customer Success: Beyond Support in Cybersecurity</title><itunes:title>Understanding Customer Success: Beyond Support in Cybersecurity</itunes:title><description><![CDATA[<p>This podcast episode elucidates the essential nature of customer success within the realm of cybersecurity, positing that the discipline transcends mere technical proficiency to encompass a broader business perspective. I convey that security is no longer confined to IT; rather, it is a multifaceted issue that intertwines with various organizational domains such as finance, sales, and human resources. The dialogue with our esteemed guest, David Muniz, highlights the importance of understanding customer expectations and the role of trust in fostering meaningful relationships between organizations and their clients. We explore the distinction between customer support and customer success, emphasizing that the latter is a long-term endeavor focused on guiding clients toward their defined objectives. Ultimately, our conversation underscores the imperative of adopting a customer-centric approach to ensure that cybersecurity solutions not only protect but also enhance the overall business experience.</p><p>In this episode of the Security by Default podcast, Joseph Carson engages with David Muniz to explore the evolving landscape of cybersecurity. They discuss the importance of diversity in the field, the distinction between customer success and support, and the critical role of trust in business relationships. The conversation also delves into the Zero Trust paradigm, emphasizing the need for a human-centric approach in cybersecurity. David shares insights on staying updated in a rapidly changing industry and the significance of happiness in the workplace, concluding with thoughts on the human element in cybersecurity.</p><p><strong class="ql-size-large">Keywords</strong></p><p>cybersecurity, customer success, zero trust, trust in business, diversity in tech, human relationships, customer support, industry insights, happiness in work, staying updated</p><p><strong class="ql-size-large">Takeaways</strong></p><p>·       Customer success focuses on long-term relationships, not just immediate problem-solving.</p><p>·       Trust is a key component in building successful customer relationships.</p><p>·       Zero Trust is about managing trust dynamically, not eliminating it.</p><p>·       Customer success involves understanding what success means to the customer.</p><p>·       Building trust requires consistent and reliable service.</p><p>·       Human interactions are crucial in customer success, even in a digital world.</p><p>·       Customer success can lead to increased revenue through renewals and up-selling.</p><p>·       Trust in cybersecurity involves both technical and human elements.</p><p>·       Effective customer success strategies can differentiate a company in the market.</p><p>·       Balancing security with user experience is essential for customer satisfaction.</p><p></p><p><strong class="ql-size-large">Sound bites</strong></p><p>·       "Customer success is about long-term relationships."</p><p>·       "Trust is not just assumed; it must be earned."</p><p>·       "Zero Trust is about managing trust, not eliminating it."</p><p>·       "Success is defined by the customer's perspective."</p><p>·       "Human interactions are crucial in a digital world."</p><p>·       "Trust leads to increased revenue and loyalty."</p><p>·       "Cybersecurity involves both technical and human elements."</p><p>·       "Balancing security with user experience is key."</p><p>·       "Customer success can differentiate a company."</p><p>·       "Trust is a business differentiator."</p><p></p><p><strong class="ql-size-large">Chapters</strong></p><p>00:00 Introduction to Cybersecurity and Guest Background</p><p>04:10 The Importance of Diversity in Cybersecurity</p><p>08:41 Understanding Customer Success vs. Customer Support</p><p>12:52 Building Trust in Customer Relationships</p><p>17:15 The Role of Zero Trust in Cybersecurity</p><p>22:07 Understanding Zero Trust and Its Implications</p><p>27:33 The Dynamic Nature of Trust in Cybersecurity</p><p>32:01 The Human Element in Building Trust</p><p></p><p><strong class="ql-size-large">Additional Resources</strong></p><p><strong>The Trust Paradox: A Cybersecurity Mindset for Human Relationships</strong></p><p>https://www.linkedin.com/pulse/trust-paradox-cybersecurity-mindset-human-david-muniz-f9fzf</p><p><strong>The Hidden ROI of Trust in Business and Cybersecurity </strong></p><p>https://www.linkedin.com/pulse/hidden-roi-trust-business-cybersecurity-david-muniz-7r3jc</p><p></p><p>https://segura.security/</p><p>https://segura.security/blog</p><p>https://en.wikipedia.org/wiki/The_Power_of_Now</p><p>The podcast episode delves into the intricate subject of cybersecurity, emphasizing the necessity for clarity amidst the chaos that often accompanies it. The host, Joseph, expresses his enthusiasm for engaging with industry luminaries and cultivating thought-provoking discussions that aim to enhance the safety and security of organizations and individuals alike. Joseph is joined by David Muniz, a seasoned professional with a diverse background in computer science, project management, and cybersecurity. David recounts his unconventional journey into the field, highlighting how his academic pursuits led him to realize his passion for addressing issues related to fraud detection and risk management. The conversation gradually transitions to the importance of customer success within the realm of cybersecurity. David delineates the distinction between customer support and customer success, asserting that the latter is focused on understanding the customer's definition of success and facilitating their achievement of it. This involves a long-term commitment to building relationships and trust, as well as comprehending the various business objectives that drive customers to adopt cybersecurity solutions. The podcast underscores the need for a shift in perspective, viewing cybersecurity not merely as a technical challenge but as a fundamental business issue that necessitates the involvement of diverse stakeholders across an organization. Throughout the episode, a recurring theme emerges: the emphasis on trust as a cornerstone of effective cybersecurity practices. Both speakers advocate for a change in hiring practices, proposing that organizations should prioritize passion and willingness to learn over rigid certification requirements. As the discussion unfolds, the duo reflects on the evolving landscape of cybersecurity, addressing the concept of zero trust and the importance of a dynamic approach to risk management. They conclude by reiterating that the epitome of customer success is rooted in the cultivation of genuine relationships, where trust and open communication play pivotal roles, ultimately enabling organizations to navigate the complexities of cybersecurity with greater efficacy.</p>]]></description><content:encoded><![CDATA[<p>This podcast episode elucidates the essential nature of customer success within the realm of cybersecurity, positing that the discipline transcends mere technical proficiency to encompass a broader business perspective. I convey that security is no longer confined to IT; rather, it is a multifaceted issue that intertwines with various organizational domains such as finance, sales, and human resources. The dialogue with our esteemed guest, David Muniz, highlights the importance of understanding customer expectations and the role of trust in fostering meaningful relationships between organizations and their clients. We explore the distinction between customer support and customer success, emphasizing that the latter is a long-term endeavor focused on guiding clients toward their defined objectives. Ultimately, our conversation underscores the imperative of adopting a customer-centric approach to ensure that cybersecurity solutions not only protect but also enhance the overall business experience.</p><p>In this episode of the Security by Default podcast, Joseph Carson engages with David Muniz to explore the evolving landscape of cybersecurity. They discuss the importance of diversity in the field, the distinction between customer success and support, and the critical role of trust in business relationships. The conversation also delves into the Zero Trust paradigm, emphasizing the need for a human-centric approach in cybersecurity. David shares insights on staying updated in a rapidly changing industry and the significance of happiness in the workplace, concluding with thoughts on the human element in cybersecurity.</p><p><strong class="ql-size-large">Keywords</strong></p><p>cybersecurity, customer success, zero trust, trust in business, diversity in tech, human relationships, customer support, industry insights, happiness in work, staying updated</p><p><strong class="ql-size-large">Takeaways</strong></p><p>·       Customer success focuses on long-term relationships, not just immediate problem-solving.</p><p>·       Trust is a key component in building successful customer relationships.</p><p>·       Zero Trust is about managing trust dynamically, not eliminating it.</p><p>·       Customer success involves understanding what success means to the customer.</p><p>·       Building trust requires consistent and reliable service.</p><p>·       Human interactions are crucial in customer success, even in a digital world.</p><p>·       Customer success can lead to increased revenue through renewals and up-selling.</p><p>·       Trust in cybersecurity involves both technical and human elements.</p><p>·       Effective customer success strategies can differentiate a company in the market.</p><p>·       Balancing security with user experience is essential for customer satisfaction.</p><p></p><p><strong class="ql-size-large">Sound bites</strong></p><p>·       "Customer success is about long-term relationships."</p><p>·       "Trust is not just assumed; it must be earned."</p><p>·       "Zero Trust is about managing trust, not eliminating it."</p><p>·       "Success is defined by the customer's perspective."</p><p>·       "Human interactions are crucial in a digital world."</p><p>·       "Trust leads to increased revenue and loyalty."</p><p>·       "Cybersecurity involves both technical and human elements."</p><p>·       "Balancing security with user experience is key."</p><p>·       "Customer success can differentiate a company."</p><p>·       "Trust is a business differentiator."</p><p></p><p><strong class="ql-size-large">Chapters</strong></p><p>00:00 Introduction to Cybersecurity and Guest Background</p><p>04:10 The Importance of Diversity in Cybersecurity</p><p>08:41 Understanding Customer Success vs. Customer Support</p><p>12:52 Building Trust in Customer Relationships</p><p>17:15 The Role of Zero Trust in Cybersecurity</p><p>22:07 Understanding Zero Trust and Its Implications</p><p>27:33 The Dynamic Nature of Trust in Cybersecurity</p><p>32:01 The Human Element in Building Trust</p><p></p><p><strong class="ql-size-large">Additional Resources</strong></p><p><strong>The Trust Paradox: A Cybersecurity Mindset for Human Relationships</strong></p><p>https://www.linkedin.com/pulse/trust-paradox-cybersecurity-mindset-human-david-muniz-f9fzf</p><p><strong>The Hidden ROI of Trust in Business and Cybersecurity </strong></p><p>https://www.linkedin.com/pulse/hidden-roi-trust-business-cybersecurity-david-muniz-7r3jc</p><p></p><p>https://segura.security/</p><p>https://segura.security/blog</p><p>https://en.wikipedia.org/wiki/The_Power_of_Now</p><p>The podcast episode delves into the intricate subject of cybersecurity, emphasizing the necessity for clarity amidst the chaos that often accompanies it. The host, Joseph, expresses his enthusiasm for engaging with industry luminaries and cultivating thought-provoking discussions that aim to enhance the safety and security of organizations and individuals alike. Joseph is joined by David Muniz, a seasoned professional with a diverse background in computer science, project management, and cybersecurity. David recounts his unconventional journey into the field, highlighting how his academic pursuits led him to realize his passion for addressing issues related to fraud detection and risk management. The conversation gradually transitions to the importance of customer success within the realm of cybersecurity. David delineates the distinction between customer support and customer success, asserting that the latter is focused on understanding the customer's definition of success and facilitating their achievement of it. This involves a long-term commitment to building relationships and trust, as well as comprehending the various business objectives that drive customers to adopt cybersecurity solutions. The podcast underscores the need for a shift in perspective, viewing cybersecurity not merely as a technical challenge but as a fundamental business issue that necessitates the involvement of diverse stakeholders across an organization. Throughout the episode, a recurring theme emerges: the emphasis on trust as a cornerstone of effective cybersecurity practices. Both speakers advocate for a change in hiring practices, proposing that organizations should prioritize passion and willingness to learn over rigid certification requirements. As the discussion unfolds, the duo reflects on the evolving landscape of cybersecurity, addressing the concept of zero trust and the importance of a dynamic approach to risk management. They conclude by reiterating that the epitome of customer success is rooted in the cultivation of genuine relationships, where trust and open communication play pivotal roles, ultimately enabling organizations to navigate the complexities of cybersecurity with greater efficacy.</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/building-trust-in-customer-success-with-david-muniz]]></link><guid isPermaLink="false">735f24d6-d1bf-4aa3-b75d-d9680e86ec03</guid><itunes:image href="https://artwork.captivate.fm/1112ece7-751b-4dff-9fac-2e4c916ef7c1/generated-image.jpg"/><pubDate>Tue, 09 Dec 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/735f24d6-d1bf-4aa3-b75d-d9680e86ec03.mp3" length="20096928" type="audio/mpeg"/><itunes:duration>41:52</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>18</itunes:episode><podcast:episode>18</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/ec1a6f85-a66e-4816-ae91-7b4435664cf2/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/ec1a6f85-a66e-4816-ae91-7b4435664cf2/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/ec1a6f85-a66e-4816-ae91-7b4435664cf2/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-28a8282a-edf3-43b6-87bd-36b9e4497e1b.json" type="application/json+chapters"/></item><item><title>Personalizing Cybersecurity Training: The Key to Modern Defense Strategies Michael Waite</title><itunes:title>Personalizing Cybersecurity Training: The Key to Modern Defense Strategies Michael Waite</itunes:title><description><![CDATA[<p>The primary focus of today's discussion revolves around the profound implications of artificial intelligence (AI) on the cybersecurity landscape, particularly emphasizing the heightened sophistication and frequency of cyberattacks. As we navigate through the intricacies of this evolving domain, we aim to elucidate how the advent of advanced AI technologies is transforming both the methods employed by threat actors and the strategies utilized for organizational defense. Our esteemed guest, Michael Waite, brings invaluable insights from his extensive experience in technology and cybersecurity, highlighting the necessity for a paradigm shift in how we approach security awareness and training. We delve into the critical need for personalized training programs that address specific risks associated with individual roles within an organization, moving away from outdated, one-size-fits-all methods. Ultimately, our dialogue seeks to foster a deeper understanding of the current threat landscape, advocating for a collaborative and informed approach to safeguarding not only corporate environments but also the personal digital lives of individuals.</p><p>In this episode of <em>Security by Default</em>, host Joe Carson sits down with Michael Waite from Dune Security to explore how AI is reshaping cybersecurity and why it’s time to rethink traditional awareness training.</p><p>As cyber threats become more sophisticated, personalized, and AI-powered, organizations can no longer rely on outdated, one-size-fits-all learning models. Joe and Michael break down what modern cybersecurity training should look like, how to engage employees more effectively, and why empowering people both inside and outside the office is essential to strong defense.</p><h2><strong class="ql-size-large">What You’ll Learn</strong></h2><ul><li>How AI is transforming both cyber attacks and defensive strategies</li><li>Why the volume and quality of phishing attempts continue to rise</li><li>The limitations of traditional annual awareness training</li><li>The shift toward personalized, role-based learning</li><li>How real-time intervention improves security habits</li><li>Why cybersecurity awareness must extend beyond the workplace</li><li>Practical ways to engage employees and build a security-first culture</li><li>The importance of collaboration and communication across teams</li><li>How threat intelligence informs more effective training programs</li></ul><br/><h2><strong class="ql-size-large">Key Takeaways</strong></h2><ul><li>AI is rewriting the threat landscape.</li><li>Attackers are faster, more convincing, and more scalable than ever.</li><li>Generic awareness training is no longer enough.</li><li>Personalization is essential to reducing real-world risk.</li><li>Engagement drives stronger security culture and better outcomes.</li><li>Cybersecurity begins at home, not just at work.</li><li>Bite-sized, real-time lessons are more effective than long annual videos.</li><li>Employees are part of the detection engine—and must be empowered accordingly.</li></ul><br/><h2><strong class="ql-size-large">Memorable Quotes</strong></h2><ul><li>“Cybersecurity doesn’t start in the office.”</li><li>“The one size fits all approach is dead.”</li><li>“We need to democratize security.”</li><li>“Let’s give individuals the tools they need.”</li><li>“We need to make cybersecurity more fun.”</li><li>“This is my favorite thing to talk about.”</li></ul><br/><h2><strong class="ql-size-large">Episode Chapters</strong></h2><p><strong>00:00</strong> – Introduction to the Chaos of Cybersecurity</p><p><strong>03:05</strong> – The Impact of AI on Cybersecurity</p><p><strong>09:40</strong> – Best Practices for Cybersecurity Awareness</p><p><strong>18:51</strong> – Personalizing Cybersecurity Training</p><p><strong>27:00</strong> – Engaging Employees in Cybersecurity</p><p><strong>29:20</strong> – Resources for Further Learning</p><p><strong class="ql-size-large">Additional Resources:</strong></p><p>https://www.linkedin.com/in/mr-michael-waite/</p><p>https://www.dune.security/</p><p>https://www.dune.security/threat-intelligence-report</p><p>The dialogue commences with a cordial greeting, establishing a warm rapport between the host, Joe Carson, and his guest, Michael Waite. The podcast elucidates the dynamic and tumultuous landscape of cybersecurity, accentuating the incessant evolution of technological advancements and the corresponding threats that arise therein. Joe articulates a desire to dispel the chaos that often pervades the security realm, striving instead to illuminate the positive strides being made to foster a safer digital environment. Michael subsequently shares his professional journey, revealing a notable transition from a decade-long consultancy with Accenture to a foray into the cybersecurity sector. This pivot was serendipitously catalyzed by a chance encounter during a flight, wherein a conversation with a fellow passenger sparked the inception of his entrepreneurial aspirations in security.</p>]]></description><content:encoded><![CDATA[<p>The primary focus of today's discussion revolves around the profound implications of artificial intelligence (AI) on the cybersecurity landscape, particularly emphasizing the heightened sophistication and frequency of cyberattacks. As we navigate through the intricacies of this evolving domain, we aim to elucidate how the advent of advanced AI technologies is transforming both the methods employed by threat actors and the strategies utilized for organizational defense. Our esteemed guest, Michael Waite, brings invaluable insights from his extensive experience in technology and cybersecurity, highlighting the necessity for a paradigm shift in how we approach security awareness and training. We delve into the critical need for personalized training programs that address specific risks associated with individual roles within an organization, moving away from outdated, one-size-fits-all methods. Ultimately, our dialogue seeks to foster a deeper understanding of the current threat landscape, advocating for a collaborative and informed approach to safeguarding not only corporate environments but also the personal digital lives of individuals.</p><p>In this episode of <em>Security by Default</em>, host Joe Carson sits down with Michael Waite from Dune Security to explore how AI is reshaping cybersecurity and why it’s time to rethink traditional awareness training.</p><p>As cyber threats become more sophisticated, personalized, and AI-powered, organizations can no longer rely on outdated, one-size-fits-all learning models. Joe and Michael break down what modern cybersecurity training should look like, how to engage employees more effectively, and why empowering people both inside and outside the office is essential to strong defense.</p><h2><strong class="ql-size-large">What You’ll Learn</strong></h2><ul><li>How AI is transforming both cyber attacks and defensive strategies</li><li>Why the volume and quality of phishing attempts continue to rise</li><li>The limitations of traditional annual awareness training</li><li>The shift toward personalized, role-based learning</li><li>How real-time intervention improves security habits</li><li>Why cybersecurity awareness must extend beyond the workplace</li><li>Practical ways to engage employees and build a security-first culture</li><li>The importance of collaboration and communication across teams</li><li>How threat intelligence informs more effective training programs</li></ul><br/><h2><strong class="ql-size-large">Key Takeaways</strong></h2><ul><li>AI is rewriting the threat landscape.</li><li>Attackers are faster, more convincing, and more scalable than ever.</li><li>Generic awareness training is no longer enough.</li><li>Personalization is essential to reducing real-world risk.</li><li>Engagement drives stronger security culture and better outcomes.</li><li>Cybersecurity begins at home, not just at work.</li><li>Bite-sized, real-time lessons are more effective than long annual videos.</li><li>Employees are part of the detection engine—and must be empowered accordingly.</li></ul><br/><h2><strong class="ql-size-large">Memorable Quotes</strong></h2><ul><li>“Cybersecurity doesn’t start in the office.”</li><li>“The one size fits all approach is dead.”</li><li>“We need to democratize security.”</li><li>“Let’s give individuals the tools they need.”</li><li>“We need to make cybersecurity more fun.”</li><li>“This is my favorite thing to talk about.”</li></ul><br/><h2><strong class="ql-size-large">Episode Chapters</strong></h2><p><strong>00:00</strong> – Introduction to the Chaos of Cybersecurity</p><p><strong>03:05</strong> – The Impact of AI on Cybersecurity</p><p><strong>09:40</strong> – Best Practices for Cybersecurity Awareness</p><p><strong>18:51</strong> – Personalizing Cybersecurity Training</p><p><strong>27:00</strong> – Engaging Employees in Cybersecurity</p><p><strong>29:20</strong> – Resources for Further Learning</p><p><strong class="ql-size-large">Additional Resources:</strong></p><p>https://www.linkedin.com/in/mr-michael-waite/</p><p>https://www.dune.security/</p><p>https://www.dune.security/threat-intelligence-report</p><p>The dialogue commences with a cordial greeting, establishing a warm rapport between the host, Joe Carson, and his guest, Michael Waite. The podcast elucidates the dynamic and tumultuous landscape of cybersecurity, accentuating the incessant evolution of technological advancements and the corresponding threats that arise therein. Joe articulates a desire to dispel the chaos that often pervades the security realm, striving instead to illuminate the positive strides being made to foster a safer digital environment. Michael subsequently shares his professional journey, revealing a notable transition from a decade-long consultancy with Accenture to a foray into the cybersecurity sector. This pivot was serendipitously catalyzed by a chance encounter during a flight, wherein a conversation with a fellow passenger sparked the inception of his entrepreneurial aspirations in security.</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/transforming-cybersecurity-awareness-training-with-michael-waite]]></link><guid isPermaLink="false">07edf3b9-29f2-4eca-b97d-d89794d645d3</guid><itunes:image href="https://artwork.captivate.fm/86ba3107-3362-4cff-8cc3-63ee91969b74/generated-image.jpg"/><pubDate>Wed, 03 Dec 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/07edf3b9-29f2-4eca-b97d-d89794d645d3.mp3" length="15272635" type="audio/mpeg"/><itunes:duration>31:49</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>17</itunes:episode><podcast:episode>17</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/0f629987-cbec-4a84-ae0b-06c9468a66de/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/0f629987-cbec-4a84-ae0b-06c9468a66de/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/0f629987-cbec-4a84-ae0b-06c9468a66de/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-79d79291-185e-4403-9bbd-085659189109.json" type="application/json+chapters"/></item><item><title>The Future of Trustworthy AI: Insights from Satu Korhonen</title><itunes:title>The Future of Trustworthy AI: Insights from Satu Korhonen</itunes:title><description><![CDATA[<p>Satu Korhonen elucidates the intricacies of hacking artificial intelligence, emphasizing the necessity of understanding both the vulnerabilities and ethical considerations inherent in AI systems. She advocates for a paradigm shift where cybersecurity and AI development converge, fostering collaboration rather than division among these domains. Central to her discussion is the notion that AI, while a powerful tool, is fundamentally probabilistic, thereby requiring a critical approach to its outputs and implications. Korhonen further highlights the educational imperative of familiarizing individuals with AI vulnerabilities, suggesting that playful engagement through gamified experiences can enhance comprehension and awareness. This discourse not only illuminates the challenges posed by AI but also underscores the potential for human-AI synergy in navigating the complexities of modern technology.</p><p>In this episode of the Security by Default podcast, Joseph Carson and guest Satu Korhonen a passionate practitioner, researcher and founder of Helheim Labs delve into the intersection of AI and cybersecurity. They discuss the challenges and opportunities in creating trustworthy AI systems, the importance of collaboration between AI and cybersecurity professionals, and the role of regulation in ensuring AI safety. Satu shares her journey from education to AI, highlighting key moments and insights from her career. The conversation also touches on the EU AI Act, the importance of understanding AI's limitations, and the need for a balanced approach to AI development.</p><p><strong class="ql-size-large">Key Takeaways</strong></p><ul><li>AI systems are fundamentally probability-based, not perfect.</li><li>Collaboration between AI and cybersecurity is crucial for safety.</li><li>The EU AI Act focuses on human rights and risk management.</li><li>Understanding AI's limitations is key to using it effectively.</li><li>AI can enhance productivity but requires careful implementation.</li><li>Training AI with both good and bad data improves its robustness.</li><li>AI should serve humans, not the other way around.</li><li>Hacking AI can reveal vulnerabilities and improve security.</li><li>Community events like hacker camps foster innovation and learning.</li><li>AI's role in society should be carefully considered and discussed.</li></ul><br/><p><strong class="ql-size-large">Chapters</strong></p><p>00:00:00 Introduction to AI and Cybersecurity</p><p>00:03:00 Satu's Journey into AI</p><p>00:09:00 Trustworthy AI and the EU AI Act</p><p>00:15:00 Challenges in AI and Cybersecurity Collaboration</p><p>00:21:00 The Role of Community and Events in AI</p><p><strong class="ql-size-large">Resources:</strong></p><p>https://hackai.quest/</p><p>https://helheimlabs.ai/</p><p>https://helheimlabs.ai/about-satu-korhonen/</p><p>https://www.linkedin.com/in/satu-m-korhonen/</p><p>https://why2025.org/</p><p>https://www.ccc.de/en/home</p><p>https://events.ccc.de/en/</p><p>https://disobey.fi/2026/</p><p></p><p>In a riveting dialogue with cybersecurity expert Satu Korhonen, we embark on a comprehensive exploration of the intricate dynamics between artificial intelligence and security vulnerabilities. Korhonen, whose journey into the cybersecurity realm was catalyzed by the surge of AI technologies around 2016, delves into the ethical challenges and potential risks posed by these advancements. She emphasizes the necessity of integrating security practices early in the AI development process, highlighting the perilous consequences of neglecting this crucial aspect. The conversation elucidates how AI systems, often perceived as independent entities, are inextricably linked to cybersecurity protocols. Korhonen shares her insights on fostering collaboration between AI developers and cybersecurity professionals, advocating for a unified approach to mitigate risks and enhance system reliability. As we dissect the role of frameworks like the EU's AI Act, the dialogue crystallizes around the importance of human rights considerations in AI deployment, urging the need for regulatory measures that prioritize ethical standards and accountability.</p>]]></description><content:encoded><![CDATA[<p>Satu Korhonen elucidates the intricacies of hacking artificial intelligence, emphasizing the necessity of understanding both the vulnerabilities and ethical considerations inherent in AI systems. She advocates for a paradigm shift where cybersecurity and AI development converge, fostering collaboration rather than division among these domains. Central to her discussion is the notion that AI, while a powerful tool, is fundamentally probabilistic, thereby requiring a critical approach to its outputs and implications. Korhonen further highlights the educational imperative of familiarizing individuals with AI vulnerabilities, suggesting that playful engagement through gamified experiences can enhance comprehension and awareness. This discourse not only illuminates the challenges posed by AI but also underscores the potential for human-AI synergy in navigating the complexities of modern technology.</p><p>In this episode of the Security by Default podcast, Joseph Carson and guest Satu Korhonen a passionate practitioner, researcher and founder of Helheim Labs delve into the intersection of AI and cybersecurity. They discuss the challenges and opportunities in creating trustworthy AI systems, the importance of collaboration between AI and cybersecurity professionals, and the role of regulation in ensuring AI safety. Satu shares her journey from education to AI, highlighting key moments and insights from her career. The conversation also touches on the EU AI Act, the importance of understanding AI's limitations, and the need for a balanced approach to AI development.</p><p><strong class="ql-size-large">Key Takeaways</strong></p><ul><li>AI systems are fundamentally probability-based, not perfect.</li><li>Collaboration between AI and cybersecurity is crucial for safety.</li><li>The EU AI Act focuses on human rights and risk management.</li><li>Understanding AI's limitations is key to using it effectively.</li><li>AI can enhance productivity but requires careful implementation.</li><li>Training AI with both good and bad data improves its robustness.</li><li>AI should serve humans, not the other way around.</li><li>Hacking AI can reveal vulnerabilities and improve security.</li><li>Community events like hacker camps foster innovation and learning.</li><li>AI's role in society should be carefully considered and discussed.</li></ul><br/><p><strong class="ql-size-large">Chapters</strong></p><p>00:00:00 Introduction to AI and Cybersecurity</p><p>00:03:00 Satu's Journey into AI</p><p>00:09:00 Trustworthy AI and the EU AI Act</p><p>00:15:00 Challenges in AI and Cybersecurity Collaboration</p><p>00:21:00 The Role of Community and Events in AI</p><p><strong class="ql-size-large">Resources:</strong></p><p>https://hackai.quest/</p><p>https://helheimlabs.ai/</p><p>https://helheimlabs.ai/about-satu-korhonen/</p><p>https://www.linkedin.com/in/satu-m-korhonen/</p><p>https://why2025.org/</p><p>https://www.ccc.de/en/home</p><p>https://events.ccc.de/en/</p><p>https://disobey.fi/2026/</p><p></p><p>In a riveting dialogue with cybersecurity expert Satu Korhonen, we embark on a comprehensive exploration of the intricate dynamics between artificial intelligence and security vulnerabilities. Korhonen, whose journey into the cybersecurity realm was catalyzed by the surge of AI technologies around 2016, delves into the ethical challenges and potential risks posed by these advancements. She emphasizes the necessity of integrating security practices early in the AI development process, highlighting the perilous consequences of neglecting this crucial aspect. The conversation elucidates how AI systems, often perceived as independent entities, are inextricably linked to cybersecurity protocols. Korhonen shares her insights on fostering collaboration between AI developers and cybersecurity professionals, advocating for a unified approach to mitigate risks and enhance system reliability. As we dissect the role of frameworks like the EU's AI Act, the dialogue crystallizes around the importance of human rights considerations in AI deployment, urging the need for regulatory measures that prioritize ethical standards and accountability.</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/hacking-ai-and-building-trustworthy-systems-insights-from-satu-korhonen]]></link><guid isPermaLink="false">8905bf12-8c80-4328-b353-d39249af4385</guid><itunes:image href="https://artwork.captivate.fm/7574ca5b-a2a3-43e9-930c-e2d106b2553e/generated-image.jpg"/><pubDate>Wed, 19 Nov 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/8905bf12-8c80-4328-b353-d39249af4385.mp3" length="19434071" type="audio/mpeg"/><itunes:duration>40:29</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>16</itunes:episode><podcast:episode>16</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/0926f82f-a5a9-4540-83af-d627b8df0116/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/0926f82f-a5a9-4540-83af-d627b8df0116/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/0926f82f-a5a9-4540-83af-d627b8df0116/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-9a5fcf64-b978-4bd6-b1d2-aa0b24fb3d0d.json" type="application/json+chapters"/></item><item><title>The Evolving Landscape of Identity Threats: Strategies for Mitigation and Awareness</title><itunes:title>The Evolving Landscape of Identity Threats: Strategies for Mitigation and Awareness</itunes:title><description><![CDATA[<p>This podcast episode delves into the pressing issue of identity threats and the evolving trends surrounding them. Our esteemed guest, Philippe Peters, who leads Identity Threat Labs at Segura, provides invaluable insights into the methodologies employed by cybercriminals in their quest to exploit vulnerabilities associated with credentials. We explore the alarming shift in tactics, where attackers increasingly purchase credentials rather than relying solely on zero-day exploits, highlighting the importance of vigilance in monitoring user behavior and implementing robust security measures. Moreover, we discuss the significance of events such as BSides, which serve as platforms for knowledge exchange, networking, and community engagement in the cybersecurity landscape. This episode aims to equip listeners with a deeper understanding of identity threats and the proactive steps necessary to mitigate these risks in their organizations.</p><p>In this episode of the Security by Default podcast, host Joe Carson welcomes back Filipi Pires, <strong>Head of Identity Threat Labs &amp; Global Product Advocate at Segura®</strong> to discuss the latest trends in identity threats and cybersecurity. They explore the evolution of attacks, particularly focusing on social engineering and the role of AI in both offensive and defensive strategies. Filipi shares insights from recent events, including the significance of BSides conferences in fostering community and knowledge sharing. The conversation emphasizes the importance of a zero trust approach and the need for continuous education in cybersecurity.</p><p>Key Takeaways</p><ul><li>The BSides community is essential for cybersecurity education.</li><li>Attackers are increasingly using social engineering techniques.</li><li>AI is being leveraged by both attackers and defenders.</li><li>Zero trust is a critical framework for modern security.</li><li>Organizations must implement multiple layers of protection.</li><li>Credential theft is a major concern in identity threats.</li><li>B-Sides events provide networking opportunities for newcomers.</li><li>Cybersecurity Awareness Month is a time for reflection and improvement.</li><li>The rise of AI in social engineering poses new challenges.</li><li>Community-driven events like B-Sides foster collaboration and learning.</li></ul><br/><p>Chapters</p><ul><li>00:00 Introduction to Security by Default Podcast</li><li>01:59 Understanding BSides Events</li><li>05:57 Current Trends in Identity Threats</li><li>11:50 The Evolution of Authentication Methods</li><li>14:57 The Rise of InfoStealer Malware</li><li>18:52 AI's Role in Cybersecurity Threats</li><li>21:13 AI in Cybersecurity: Defensive and Offensive Perspectives</li><li>24:36 The Role of APIs and Observers in Cybersecurity</li><li>26:06 Best Practices for Securing AI in Organizations</li><li>31:04 BSides Porto: Community and Event Insights</li><li>39:06 Future BSides: Expanding to Porto Alegre</li></ul><br/><p>Resources:</p><p>https://www.linkedin.com/in/filipipires/</p><p>https://segura.security/</p><p>https://www.instagram.com/filipipires.sec/</p><p>https://segura.security/events/filipi-pires</p><p>https://www.linkedin.com/showcase/identity-threat-labs/about/</p><p>https://labs.segura.blog/</p><p></p><p><strong>About Segura®</strong></p><p>Segura® is an Identity Security Platform built to help organizations secure privileged access, detect identity threats, and respond rapidly to attacks targeting human and machine identities.</p><p></p><p>Designed for hybrid and high-risk environments, Segura delivers identity threat detection and response (ITDR), secure remote access, and privileged session protection — ensuring that only verified users, devices, and applications can access critical systems.</p><p></p><p>From infrastructure and servers to cloud platforms and the supply chain, Segura provides unified visibility and control across every identity interaction. By combining advanced analytics, behavioural detection, and Zero Trust access principles, Segura empowers companies to prevent credential misuse, lateral movement, and privilege escalation before damage occurs.</p>]]></description><content:encoded><![CDATA[<p>This podcast episode delves into the pressing issue of identity threats and the evolving trends surrounding them. Our esteemed guest, Philippe Peters, who leads Identity Threat Labs at Segura, provides invaluable insights into the methodologies employed by cybercriminals in their quest to exploit vulnerabilities associated with credentials. We explore the alarming shift in tactics, where attackers increasingly purchase credentials rather than relying solely on zero-day exploits, highlighting the importance of vigilance in monitoring user behavior and implementing robust security measures. Moreover, we discuss the significance of events such as BSides, which serve as platforms for knowledge exchange, networking, and community engagement in the cybersecurity landscape. This episode aims to equip listeners with a deeper understanding of identity threats and the proactive steps necessary to mitigate these risks in their organizations.</p><p>In this episode of the Security by Default podcast, host Joe Carson welcomes back Filipi Pires, <strong>Head of Identity Threat Labs &amp; Global Product Advocate at Segura®</strong> to discuss the latest trends in identity threats and cybersecurity. They explore the evolution of attacks, particularly focusing on social engineering and the role of AI in both offensive and defensive strategies. Filipi shares insights from recent events, including the significance of BSides conferences in fostering community and knowledge sharing. The conversation emphasizes the importance of a zero trust approach and the need for continuous education in cybersecurity.</p><p>Key Takeaways</p><ul><li>The BSides community is essential for cybersecurity education.</li><li>Attackers are increasingly using social engineering techniques.</li><li>AI is being leveraged by both attackers and defenders.</li><li>Zero trust is a critical framework for modern security.</li><li>Organizations must implement multiple layers of protection.</li><li>Credential theft is a major concern in identity threats.</li><li>B-Sides events provide networking opportunities for newcomers.</li><li>Cybersecurity Awareness Month is a time for reflection and improvement.</li><li>The rise of AI in social engineering poses new challenges.</li><li>Community-driven events like B-Sides foster collaboration and learning.</li></ul><br/><p>Chapters</p><ul><li>00:00 Introduction to Security by Default Podcast</li><li>01:59 Understanding BSides Events</li><li>05:57 Current Trends in Identity Threats</li><li>11:50 The Evolution of Authentication Methods</li><li>14:57 The Rise of InfoStealer Malware</li><li>18:52 AI's Role in Cybersecurity Threats</li><li>21:13 AI in Cybersecurity: Defensive and Offensive Perspectives</li><li>24:36 The Role of APIs and Observers in Cybersecurity</li><li>26:06 Best Practices for Securing AI in Organizations</li><li>31:04 BSides Porto: Community and Event Insights</li><li>39:06 Future BSides: Expanding to Porto Alegre</li></ul><br/><p>Resources:</p><p>https://www.linkedin.com/in/filipipires/</p><p>https://segura.security/</p><p>https://www.instagram.com/filipipires.sec/</p><p>https://segura.security/events/filipi-pires</p><p>https://www.linkedin.com/showcase/identity-threat-labs/about/</p><p>https://labs.segura.blog/</p><p></p><p><strong>About Segura®</strong></p><p>Segura® is an Identity Security Platform built to help organizations secure privileged access, detect identity threats, and respond rapidly to attacks targeting human and machine identities.</p><p></p><p>Designed for hybrid and high-risk environments, Segura delivers identity threat detection and response (ITDR), secure remote access, and privileged session protection — ensuring that only verified users, devices, and applications can access critical systems.</p><p></p><p>From infrastructure and servers to cloud platforms and the supply chain, Segura provides unified visibility and control across every identity interaction. By combining advanced analytics, behavioural detection, and Zero Trust access principles, Segura empowers companies to prevent credential misuse, lateral movement, and privilege escalation before damage occurs.</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/identity-threats-ai-attacks-and-the-power-of-community-with-filipi-pires]]></link><guid isPermaLink="false">05988a75-3db6-4e73-bc39-5b58824e7f91</guid><itunes:image href="https://artwork.captivate.fm/20ee44e1-3851-4dd1-bf15-f6822a0a1fba/generated-image.jpg"/><pubDate>Wed, 05 Nov 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/05988a75-3db6-4e73-bc39-5b58824e7f91.mp3" length="18528746" type="audio/mpeg"/><itunes:duration>38:36</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>15</itunes:episode><podcast:episode>15</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/470e086b-10d9-46f3-9d49-2b39f99db28a/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/470e086b-10d9-46f3-9d49-2b39f99db28a/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/470e086b-10d9-46f3-9d49-2b39f99db28a/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-54d8d9c2-b787-4106-848a-84343cd0859d.json" type="application/json+chapters"/></item><item><title>Cyber Law Unveiled: Bridging Security and Legal Perspectives with Pamela Victor Ibitamuno</title><itunes:title>Cyber Law Unveiled: Bridging Security and Legal Perspectives with Pamela Victor Ibitamuno</itunes:title><description><![CDATA[<p>The salient point of this episode revolves around the intricate relationship between cybersecurity and cyber law, emphasizing the challenges faced in regulating the rapidly evolving digital landscape. I, Joe Carson, host of the Security By Default podcast, engage in a profound dialogue with our esteemed guest, Pamela Victor Ibitamuno, a legal expert with a unique background in penetration testing. Pamela elucidates her journey from experiencing cybercrime victimization to her commitment to merging her passions for law and cybersecurity through the field of cyber law. This discussion critically examines the difficulties legal professionals encounter in comprehending technical aspects of cyber incidents, as well as the pressing need for legal frameworks that genuinely address the complexities of cybercrime rather than merely responding to technological advancements in haste. Ultimately, we explore the necessity for a collaborative approach between legal practitioners and cybersecurity experts to establish effective regulations that safeguard society while fostering innovation.</p><p>In this episode of the Security by Default podcast, host Joe Carson engages with Pamela Victor Ibitamuno, a lawyer with a unique background in penetration testing. They discuss the critical intersection of cyber law and cybersecurity, exploring the challenges faced in prosecuting cyber crimes, the importance of understanding intent, and the need for adaptive legal frameworks in the face of rapid technological advancements. The conversation also delves into the role of AI in the legal field and how professionals can stay updated in this ever-evolving landscape.</p><p><strong>Takeaways</strong></p><ul><li>Pamela's journey from penetration testing to cyber law highlights the importance of understanding both fields.</li><li>Legal professionals often struggle to grasp the technicalities of cybersecurity.</li><li>Regulations may not effectively address the problems they aim to solve.</li><li>Cyber crime often transcends borders, complicating prosecution efforts.</li><li>Partnerships between tech companies and governments can enhance cyber crime prevention.</li><li>Misconceptions about hacking can hinder legal processes.</li><li>Intent is a crucial factor in determining the legality of cyber actions.</li><li>The law is lagging behind technological innovations, necessitating updates.</li><li>AI can streamline legal processes but cannot replace human empathy.</li><li>Staying informed through conferences and subscriptions is vital for legal professionals.</li></ul><br/><p><strong>Chapters</strong></p><ul><li>00:00 Introduction to Cyber Law and Its Importance</li><li>02:57 Pamela's Journey: From Penetration Testing to Cyber Law</li><li>06:08 The Intersection of Law and Cybersecurity</li><li>08:50 Challenges in Cyber Crime Prosecution</li><li>12:04 The Role of Intent in Cyber Crime</li><li>14:58 The Need for Adaptive Legal Frameworks</li><li>17:50 AI's Impact on Cyber Law</li><li>20:53 Staying Updated in Cyber Law</li><li>23:59 Conclusion and Future Outlook</li></ul><br/><p>The exploration of cyber law within the context of cybersecurity unfolds through a compelling dialogue between myself, Joe Carson, and Pamela Victor Ibitamuno, a legal expert whose background in penetration testing profoundly informs her perspective. Pamela recounts the genesis of her interest in cyber law, rooted in her experiences as a victim of cybercrime, which ignited her curiosity about the methodologies employed by cybercriminals. This personal narrative sets the stage for a broader examination of the systemic challenges that legal professionals encounter when attempting to navigate the complexities of cyber law. We delve into the critical interplay between legal frameworks and the rapidly evolving landscape of technology, emphasizing the necessity for laws that are not only reflective of current threats but also adaptable to future innovations. A salient point of our discussion revolves around the urgency of establishing cohesive regulatory measures that adequately address the dynamic nature of cyber threats. Pamela articulates the difficulties that arise when legal statutes lag behind technological advancements, particularly in the realm of international cybercrime. The conversation highlights the imperative for legal practitioners to possess a comprehensive understanding of the technical intricacies involved in cybersecurity to ensure effective prosecution and enforcement of laws. Furthermore, we explore the challenges of jurisdictional discrepancies that complicate the investigation and prosecution of cybercriminals, underscoring the need for enhanced international cooperation and standardized protocols to combat these global offenses. As we traverse the complexities of cyber law, we also consider the potential implications of artificial intelligence on legal practices. While acknowledging the advantages of employing AI to streamline legal processes, we emphasize the irreplaceable role of human judgment and empathy in delivering personalized legal counsel. The episode culminates in a thoughtful reflection on the future of cyber law, advocating for a legal system that evolves dynamically in response to technological advancements, thereby fostering a secure and just digital environment. This discussion illuminates the critical need for ongoing collaboration between cybersecurity experts and legal authorities to effectively address the multifaceted challenges posed by cybercrime.</p>]]></description><content:encoded><![CDATA[<p>The salient point of this episode revolves around the intricate relationship between cybersecurity and cyber law, emphasizing the challenges faced in regulating the rapidly evolving digital landscape. I, Joe Carson, host of the Security By Default podcast, engage in a profound dialogue with our esteemed guest, Pamela Victor Ibitamuno, a legal expert with a unique background in penetration testing. Pamela elucidates her journey from experiencing cybercrime victimization to her commitment to merging her passions for law and cybersecurity through the field of cyber law. This discussion critically examines the difficulties legal professionals encounter in comprehending technical aspects of cyber incidents, as well as the pressing need for legal frameworks that genuinely address the complexities of cybercrime rather than merely responding to technological advancements in haste. Ultimately, we explore the necessity for a collaborative approach between legal practitioners and cybersecurity experts to establish effective regulations that safeguard society while fostering innovation.</p><p>In this episode of the Security by Default podcast, host Joe Carson engages with Pamela Victor Ibitamuno, a lawyer with a unique background in penetration testing. They discuss the critical intersection of cyber law and cybersecurity, exploring the challenges faced in prosecuting cyber crimes, the importance of understanding intent, and the need for adaptive legal frameworks in the face of rapid technological advancements. The conversation also delves into the role of AI in the legal field and how professionals can stay updated in this ever-evolving landscape.</p><p><strong>Takeaways</strong></p><ul><li>Pamela's journey from penetration testing to cyber law highlights the importance of understanding both fields.</li><li>Legal professionals often struggle to grasp the technicalities of cybersecurity.</li><li>Regulations may not effectively address the problems they aim to solve.</li><li>Cyber crime often transcends borders, complicating prosecution efforts.</li><li>Partnerships between tech companies and governments can enhance cyber crime prevention.</li><li>Misconceptions about hacking can hinder legal processes.</li><li>Intent is a crucial factor in determining the legality of cyber actions.</li><li>The law is lagging behind technological innovations, necessitating updates.</li><li>AI can streamline legal processes but cannot replace human empathy.</li><li>Staying informed through conferences and subscriptions is vital for legal professionals.</li></ul><br/><p><strong>Chapters</strong></p><ul><li>00:00 Introduction to Cyber Law and Its Importance</li><li>02:57 Pamela's Journey: From Penetration Testing to Cyber Law</li><li>06:08 The Intersection of Law and Cybersecurity</li><li>08:50 Challenges in Cyber Crime Prosecution</li><li>12:04 The Role of Intent in Cyber Crime</li><li>14:58 The Need for Adaptive Legal Frameworks</li><li>17:50 AI's Impact on Cyber Law</li><li>20:53 Staying Updated in Cyber Law</li><li>23:59 Conclusion and Future Outlook</li></ul><br/><p>The exploration of cyber law within the context of cybersecurity unfolds through a compelling dialogue between myself, Joe Carson, and Pamela Victor Ibitamuno, a legal expert whose background in penetration testing profoundly informs her perspective. Pamela recounts the genesis of her interest in cyber law, rooted in her experiences as a victim of cybercrime, which ignited her curiosity about the methodologies employed by cybercriminals. This personal narrative sets the stage for a broader examination of the systemic challenges that legal professionals encounter when attempting to navigate the complexities of cyber law. We delve into the critical interplay between legal frameworks and the rapidly evolving landscape of technology, emphasizing the necessity for laws that are not only reflective of current threats but also adaptable to future innovations. A salient point of our discussion revolves around the urgency of establishing cohesive regulatory measures that adequately address the dynamic nature of cyber threats. Pamela articulates the difficulties that arise when legal statutes lag behind technological advancements, particularly in the realm of international cybercrime. The conversation highlights the imperative for legal practitioners to possess a comprehensive understanding of the technical intricacies involved in cybersecurity to ensure effective prosecution and enforcement of laws. Furthermore, we explore the challenges of jurisdictional discrepancies that complicate the investigation and prosecution of cybercriminals, underscoring the need for enhanced international cooperation and standardized protocols to combat these global offenses. As we traverse the complexities of cyber law, we also consider the potential implications of artificial intelligence on legal practices. While acknowledging the advantages of employing AI to streamline legal processes, we emphasize the irreplaceable role of human judgment and empathy in delivering personalized legal counsel. The episode culminates in a thoughtful reflection on the future of cyber law, advocating for a legal system that evolves dynamically in response to technological advancements, thereby fostering a secure and just digital environment. This discussion illuminates the critical need for ongoing collaboration between cybersecurity experts and legal authorities to effectively address the multifaceted challenges posed by cybercrime.</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/navigating-the-complex-world-of-cyber-law-insights-from-a-pentester-turned-lawyer-with-pamela]]></link><guid isPermaLink="false">30416607-eec0-4cdf-b61b-e2ce57331f78</guid><itunes:image href="https://artwork.captivate.fm/d88e50fa-c61c-462d-8e98-aecbc88eb8c8/ChatGPT-Image-Jun-18-2026-08-07-51-PM.jpg"/><pubDate>Wed, 22 Oct 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/30416607-eec0-4cdf-b61b-e2ce57331f78.mp3" length="13876233" type="audio/mpeg"/><itunes:duration>28:55</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>14</itunes:episode><podcast:episode>14</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/60b09e4a-d010-466b-9ad8-4f6b0fd4bf9e/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/60b09e4a-d010-466b-9ad8-4f6b0fd4bf9e/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/60b09e4a-d010-466b-9ad8-4f6b0fd4bf9e/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-ddc4212e-1c43-4c73-9652-02a71122e211.json" type="application/json+chapters"/></item><item><title>The Role of Game Design in Cybersecurity Training with Peadar</title><itunes:title>The Role of Game Design in Cybersecurity Training with Peadar</itunes:title><description><![CDATA[<p>This podcast episode elucidates the pivotal role of game design in enhancing cybersecurity training, presented through an engaging dialogue between the host, Joe Carson, and guest Peadar. The discussion commences with Peadar's fascinating transition from education to game design, highlighting the necessity of bridging the gap between technical and non-technical audiences in the cybersecurity sphere. We delve into the essential components of effective games, which encompass goals, rules, feedback systems, and voluntary participation—elements critical for fostering engagement and retention of knowledge. The conversation further explores how games can serve as metaphors for complex concepts, enabling participants to internalize essential cybersecurity principles while navigating the intricacies of communication between diverse stakeholders. Ultimately, this episode underscores the transformative potential of integrating game mechanics into cybersecurity training, advocating for an approach that prioritizes understanding over mere rote learning.</p><p>In this episode of the Security by Default podcast, host Joe Carson engages with game designer Peadar, Gamification Lecturer at Tallinn University to explore the intersection of game design and cybersecurity training. Peadar shares his journey from teaching to game design, emphasizing the importance of using games to facilitate learning in complex subjects like cybersecurity. The conversation delves into the fundamental elements of games, the challenges of creating effective training games, and the need for conceptual transfer games that bridge the gap between technical and non-technical audiences. Peadar also discusses the future of cybersecurity training, the significance of soft skills, and the different player types in game design. The episode concludes with recommended resources for those interested in game design and cybersecurity.</p><p>Peadar Callaghan, Gamification Lecturer at Tallinn University, Digital Learning Games Lab, Digital Technologies Institute, Tallinn University.</p><p>Lecturer in Gamification, Learning Game Design, and Fundamentals of Game Design in the Digital Learning Games Master's program.</p><p><span class="ql-size-large">Key Takeaways</span></p><ul><li>Games can help people understand complex subjects.</li><li>Cybersecurity is a business problem, not just an IT problem.</li><li>Effective training requires engaging and simple game mechanics.</li><li>Checkbox training is ineffective for real learning.</li><li>Conceptual transfer games are essential for non-technical audiences.</li><li>The average age of gamers is increasing, indicating a shift in demographics.</li><li>Soft skills are crucial for effective communication in cybersecurity.</li><li>Games can create a safe space for learning from failure.</li><li>Understanding player types can enhance game design for training.</li><li>The future of cybersecurity training lies in small-scale, experiential games.</li></ul><br/><p></p><p><span class="ql-size-large">Chapters</span></p><ul><li>00:00 Introduction to Cybersecurity and Game Design</li><li>02:45 The Role of Games in Learning and Cybersecurity</li><li>05:52 Fundamental Elements of Game Design</li><li>09:00 Applying Game Mechanics to Cybersecurity Training</li><li>11:46 Challenges in Cybersecurity Training Games</li><li>14:38 Conceptual Transfer Games for Non-Technical Audiences</li><li>17:44 The Future of Cybersecurity Training</li><li>20:52 Understanding Player Types in Game Design</li><li>23:47 The Importance of Soft Skills in Cybersecurity</li><li>26:28 Recommended Resources for Game Design and Cybersecurity</li><li>29:24 Conclusion and Future Directions</li></ul><br/><p></p><p><span class="ql-size-large">Resources:</span></p><p>https://www.linkedin.com/in/peadar-callaghan-a218721a/</p><p>https://www.linkedin.com/school/tallinn-university/</p><p>https://www.tlu.ee/</p><p>Book - Reality Is Broken: Why Games Make Us Better and How They Can Change the World - https://a.co/d/hzvwYtf</p><p>Book - Game Design Workshop: A Playcentric Approach to Creating Innovative Games by Tracey Fullerton- https://a.co/d/5jnbDg6</p><p>The discourse encapsulated within the latest installment of the Security By Default podcast illuminates the intersection of gaming and cybersecurity, as host Joe Carson engages in a profound dialogue with Peadar, a distinguished game designer whose journey from education to cybersecurity amalgamates two seemingly disparate realms into a cohesive narrative. Peadar's evolution into the cybersecurity domain stems from his profound interest in how games facilitate learning and comprehension of complex topics, specifically within the cybersecurity landscape. Their conversation traverses the pivotal role of communication between technical experts and non-technical stakeholders, emphasizing the necessity for a shared lexicon that bridges the gap between these divergent groups. Peadar elucidates his belief that security has transcended its traditional confines as merely an IT concern, asserting its emergence as a fundamental business issue that necessitates collective understanding and collaboration across organizational hierarchies. Furthermore, the discussion delves into the fundamental components of game design, wherein Peadar asserts that a game is defined by its objectives, rules, feedback systems, and voluntary participation. He critiques the prevalent practices within cybersecurity training, advocating for the incorporation of engaging and accessible game mechanics that foster genuine understanding and behavioral change rather than rote memorization. Through the lens of his doctoral research, Peadar advocates for the development of conceptual transfer games that align technical knowledge with business implications, elucidating the significance of understanding the repercussions of cybersecurity threats on organizational operations. This episode lays bare the transformative potential of integrating game mechanics into training methodologies, positing that such an approach not only enhances engagement but also facilitates a deeper grasp of cybersecurity's critical nature. The conversation further unfolds as Peadar discusses various game dynamics and their implications for cybersecurity training. He critiques the tendency for training games to become overly complex, thereby hindering their effectiveness in engaging learners. By drawing on the principles of successful game design, Peadar emphasizes the need for simplicity and clarity, allowing participants to focus on the learning objectives without being overwhelmed by convoluted mechanics. He shares his perspective on the importance of experiential learning through games, advocating for smaller-scale games that serve as effective icebreakers, fostering receptiveness to deeper educational content. This notion resonates throughout the dialogue, highlighting the necessity for organizations to adopt a more nuanced and thoughtful approach to training that transcends traditional methodologies. In summation, this episode serves as a clarion call for the cybersecurity domain to embrace innovative pedagogical strategies through the lens of game design. By recognizing the multifaceted nature of cybersecurity as both a technical and business challenge, practitioners can cultivate an environment where learning is not merely a checkbox exercise but a dynamic, engaging experience that empowers individuals across all levels of an organization. Peadar's insights challenge the status quo, urging a reimagining of how we approach training and education within the cybersecurity landscape, making a compelling case for the integration of gaming principles to foster greater understanding and collaboration in an increasingly complex digital world.</p>]]></description><content:encoded><![CDATA[<p>This podcast episode elucidates the pivotal role of game design in enhancing cybersecurity training, presented through an engaging dialogue between the host, Joe Carson, and guest Peadar. The discussion commences with Peadar's fascinating transition from education to game design, highlighting the necessity of bridging the gap between technical and non-technical audiences in the cybersecurity sphere. We delve into the essential components of effective games, which encompass goals, rules, feedback systems, and voluntary participation—elements critical for fostering engagement and retention of knowledge. The conversation further explores how games can serve as metaphors for complex concepts, enabling participants to internalize essential cybersecurity principles while navigating the intricacies of communication between diverse stakeholders. Ultimately, this episode underscores the transformative potential of integrating game mechanics into cybersecurity training, advocating for an approach that prioritizes understanding over mere rote learning.</p><p>In this episode of the Security by Default podcast, host Joe Carson engages with game designer Peadar, Gamification Lecturer at Tallinn University to explore the intersection of game design and cybersecurity training. Peadar shares his journey from teaching to game design, emphasizing the importance of using games to facilitate learning in complex subjects like cybersecurity. The conversation delves into the fundamental elements of games, the challenges of creating effective training games, and the need for conceptual transfer games that bridge the gap between technical and non-technical audiences. Peadar also discusses the future of cybersecurity training, the significance of soft skills, and the different player types in game design. The episode concludes with recommended resources for those interested in game design and cybersecurity.</p><p>Peadar Callaghan, Gamification Lecturer at Tallinn University, Digital Learning Games Lab, Digital Technologies Institute, Tallinn University.</p><p>Lecturer in Gamification, Learning Game Design, and Fundamentals of Game Design in the Digital Learning Games Master's program.</p><p><span class="ql-size-large">Key Takeaways</span></p><ul><li>Games can help people understand complex subjects.</li><li>Cybersecurity is a business problem, not just an IT problem.</li><li>Effective training requires engaging and simple game mechanics.</li><li>Checkbox training is ineffective for real learning.</li><li>Conceptual transfer games are essential for non-technical audiences.</li><li>The average age of gamers is increasing, indicating a shift in demographics.</li><li>Soft skills are crucial for effective communication in cybersecurity.</li><li>Games can create a safe space for learning from failure.</li><li>Understanding player types can enhance game design for training.</li><li>The future of cybersecurity training lies in small-scale, experiential games.</li></ul><br/><p></p><p><span class="ql-size-large">Chapters</span></p><ul><li>00:00 Introduction to Cybersecurity and Game Design</li><li>02:45 The Role of Games in Learning and Cybersecurity</li><li>05:52 Fundamental Elements of Game Design</li><li>09:00 Applying Game Mechanics to Cybersecurity Training</li><li>11:46 Challenges in Cybersecurity Training Games</li><li>14:38 Conceptual Transfer Games for Non-Technical Audiences</li><li>17:44 The Future of Cybersecurity Training</li><li>20:52 Understanding Player Types in Game Design</li><li>23:47 The Importance of Soft Skills in Cybersecurity</li><li>26:28 Recommended Resources for Game Design and Cybersecurity</li><li>29:24 Conclusion and Future Directions</li></ul><br/><p></p><p><span class="ql-size-large">Resources:</span></p><p>https://www.linkedin.com/in/peadar-callaghan-a218721a/</p><p>https://www.linkedin.com/school/tallinn-university/</p><p>https://www.tlu.ee/</p><p>Book - Reality Is Broken: Why Games Make Us Better and How They Can Change the World - https://a.co/d/hzvwYtf</p><p>Book - Game Design Workshop: A Playcentric Approach to Creating Innovative Games by Tracey Fullerton- https://a.co/d/5jnbDg6</p><p>The discourse encapsulated within the latest installment of the Security By Default podcast illuminates the intersection of gaming and cybersecurity, as host Joe Carson engages in a profound dialogue with Peadar, a distinguished game designer whose journey from education to cybersecurity amalgamates two seemingly disparate realms into a cohesive narrative. Peadar's evolution into the cybersecurity domain stems from his profound interest in how games facilitate learning and comprehension of complex topics, specifically within the cybersecurity landscape. Their conversation traverses the pivotal role of communication between technical experts and non-technical stakeholders, emphasizing the necessity for a shared lexicon that bridges the gap between these divergent groups. Peadar elucidates his belief that security has transcended its traditional confines as merely an IT concern, asserting its emergence as a fundamental business issue that necessitates collective understanding and collaboration across organizational hierarchies. Furthermore, the discussion delves into the fundamental components of game design, wherein Peadar asserts that a game is defined by its objectives, rules, feedback systems, and voluntary participation. He critiques the prevalent practices within cybersecurity training, advocating for the incorporation of engaging and accessible game mechanics that foster genuine understanding and behavioral change rather than rote memorization. Through the lens of his doctoral research, Peadar advocates for the development of conceptual transfer games that align technical knowledge with business implications, elucidating the significance of understanding the repercussions of cybersecurity threats on organizational operations. This episode lays bare the transformative potential of integrating game mechanics into training methodologies, positing that such an approach not only enhances engagement but also facilitates a deeper grasp of cybersecurity's critical nature. The conversation further unfolds as Peadar discusses various game dynamics and their implications for cybersecurity training. He critiques the tendency for training games to become overly complex, thereby hindering their effectiveness in engaging learners. By drawing on the principles of successful game design, Peadar emphasizes the need for simplicity and clarity, allowing participants to focus on the learning objectives without being overwhelmed by convoluted mechanics. He shares his perspective on the importance of experiential learning through games, advocating for smaller-scale games that serve as effective icebreakers, fostering receptiveness to deeper educational content. This notion resonates throughout the dialogue, highlighting the necessity for organizations to adopt a more nuanced and thoughtful approach to training that transcends traditional methodologies. In summation, this episode serves as a clarion call for the cybersecurity domain to embrace innovative pedagogical strategies through the lens of game design. By recognizing the multifaceted nature of cybersecurity as both a technical and business challenge, practitioners can cultivate an environment where learning is not merely a checkbox exercise but a dynamic, engaging experience that empowers individuals across all levels of an organization. Peadar's insights challenge the status quo, urging a reimagining of how we approach training and education within the cybersecurity landscape, making a compelling case for the integration of gaming principles to foster greater understanding and collaboration in an increasingly complex digital world.</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/the-power-of-games-in-cybersecurity-with-peadar]]></link><guid isPermaLink="false">8169912a-f3b5-4a64-bb80-26fc01faa830</guid><itunes:image href="https://artwork.captivate.fm/2948f1ac-84e2-444e-aff7-9fedde91cd08/generated-image-34.jpg"/><pubDate>Wed, 08 Oct 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/8169912a-f3b5-4a64-bb80-26fc01faa830.mp3" length="19987632" type="audio/mpeg"/><itunes:duration>41:38</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>13</itunes:episode><podcast:episode>13</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/39a04ba6-30d0-465c-8508-666451626f5b/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/39a04ba6-30d0-465c-8508-666451626f5b/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/39a04ba6-30d0-465c-8508-666451626f5b/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-7268958d-615f-4ff1-9654-8f6864b360e4.json" type="application/json+chapters"/></item><item><title>Your Security Badge Can Be Hacked: RFID Secrets Exposed | Iceman</title><itunes:title>Your Security Badge Can Be Hacked: RFID Secrets Exposed | Iceman</itunes:title><description><![CDATA[<p>Christian Herman, known in the hacking community as Iceman, joins us to delve into the intricacies of RFID hacking, with a particular focus on the Proxmark device. This episode elucidates the journey of Iceman from his early encounters with technology to becoming a prominent figure in the RFID hacking domain. We discuss not only the technical aspects of utilizing the Proxmark for various hacking endeavors but also the challenges and learning curves inherent in mastering such a sophisticated tool. Iceman shares his personal anecdotes of overcoming obstacles in his hacking career, emphasizing the importance of community support and knowledge sharing. Through this dialogue, we aim to inspire listeners to engage with the world of hacking, highlighting both its complexities and its potential for innovation.</p><p>In this episode of the Security by Default podcast, host Joe Carson interviews Christian Herrmann, also known as Iceman, who shares his journey into the world of RFID hacking. The conversation covers Christian's origin story, his passion for technology, and the challenges he faced while learning and developing his skills. They discuss the importance of community engagement, open-source contributions, and the evolution of hacking tools like Proxmark. The episode also touches on risk management in cybersecurity, the ethical implications of hacking tools, and the significance of finding balance in personal and professional life. Christian emphasizes the value of asking for help and surrounding oneself with supportive individuals in the tech community.</p><p><strong>Takeaways</strong></p><ul><li>Christian Herrmann, known as Iceman, shares his journey into RFID hacking.</li><li>He emphasizes the importance of community engagement and open-source contributions.</li><li>The evolution of Proxmark has significantly impacted the RFID hacking community.</li><li>Tools used in hacking can have ethical implications that need to be considered.</li><li>Risk management is a crucial aspect of cybersecurity and hacking.</li><li>Finding balance between personal life and professional commitments is essential.</li><li>Asking for help and engaging with the community can accelerate learning.</li><li>Surrounding oneself with supportive individuals enhances personal growth.</li><li>The importance of continuous learning and adapting in the tech field.</li><li>Gamification can be an effective way to improve hacking skills.</li></ul><br/><p><strong>Chapters</strong></p><ul><li>00:00 Introduction and Guest Background</li><li>01:23 The Journey into Hacking and RFID</li><li>09:23 The Thrill of Hacking and Career Development</li><li>20:03 Open Source Contributions and Community Engagement</li><li>30:54 Navigating Tools and Legal Considerations in Hacking</li><li>36:03 Conference Experiences and Community Engagement</li><li>42:00 Tools and Their Misinterpretations</li><li>44:25 Risk Management in Technology</li><li>46:06 Current Projects and Future Plans</li><li>49:40 The Importance of Hobbies and Balance</li><li>55:33 Learning from Failures and Community Support</li><li>01:02:22 The Value of Networking and Collaboration</li></ul><br/><p>Takeaways:</p><ul><li>The Proxmark 3 is an essential tool for anyone interested in RFID hacking, as it allows users to interact with various RFID card systems and understand their vulnerabilities.</li><li>Christian Herman, also known as Iceman, shares his journey from personal challenges to becoming a prominent figure in the RFID hacking community, emphasizing the importance of resilience and curiosity in learning.</li><li>The open-source nature of Proxmark 3 has fostered a collaborative environment where individuals can contribute to the tool's development, leading to more effective RFID hacking methods.</li><li>Iceman discusses the significance of embracing failure and asking questions in the learning process, highlighting that persistence and community support are crucial for success in technical fields.</li><li>The podcast emphasizes the need for ethical considerations and responsible use of hacking tools, as they can be misinterpreted and labeled as burglar tools depending on the user's intent.</li><li>Listeners are encouraged to engage with the community through platforms like Discord, where they can seek assistance and share knowledge with others involved in RFID hacking.</li></ul><br/><p>Companies mentioned in this episode:</p><ul><li>Proxmark 3</li><li>DEFCON</li><li>bsides Talent</li><li>Raspberry PI</li><li>Dark Matter</li><li>Flipper</li><li>Chameleon</li></ul><br/>]]></description><content:encoded><![CDATA[<p>Christian Herman, known in the hacking community as Iceman, joins us to delve into the intricacies of RFID hacking, with a particular focus on the Proxmark device. This episode elucidates the journey of Iceman from his early encounters with technology to becoming a prominent figure in the RFID hacking domain. We discuss not only the technical aspects of utilizing the Proxmark for various hacking endeavors but also the challenges and learning curves inherent in mastering such a sophisticated tool. Iceman shares his personal anecdotes of overcoming obstacles in his hacking career, emphasizing the importance of community support and knowledge sharing. Through this dialogue, we aim to inspire listeners to engage with the world of hacking, highlighting both its complexities and its potential for innovation.</p><p>In this episode of the Security by Default podcast, host Joe Carson interviews Christian Herrmann, also known as Iceman, who shares his journey into the world of RFID hacking. The conversation covers Christian's origin story, his passion for technology, and the challenges he faced while learning and developing his skills. They discuss the importance of community engagement, open-source contributions, and the evolution of hacking tools like Proxmark. The episode also touches on risk management in cybersecurity, the ethical implications of hacking tools, and the significance of finding balance in personal and professional life. Christian emphasizes the value of asking for help and surrounding oneself with supportive individuals in the tech community.</p><p><strong>Takeaways</strong></p><ul><li>Christian Herrmann, known as Iceman, shares his journey into RFID hacking.</li><li>He emphasizes the importance of community engagement and open-source contributions.</li><li>The evolution of Proxmark has significantly impacted the RFID hacking community.</li><li>Tools used in hacking can have ethical implications that need to be considered.</li><li>Risk management is a crucial aspect of cybersecurity and hacking.</li><li>Finding balance between personal life and professional commitments is essential.</li><li>Asking for help and engaging with the community can accelerate learning.</li><li>Surrounding oneself with supportive individuals enhances personal growth.</li><li>The importance of continuous learning and adapting in the tech field.</li><li>Gamification can be an effective way to improve hacking skills.</li></ul><br/><p><strong>Chapters</strong></p><ul><li>00:00 Introduction and Guest Background</li><li>01:23 The Journey into Hacking and RFID</li><li>09:23 The Thrill of Hacking and Career Development</li><li>20:03 Open Source Contributions and Community Engagement</li><li>30:54 Navigating Tools and Legal Considerations in Hacking</li><li>36:03 Conference Experiences and Community Engagement</li><li>42:00 Tools and Their Misinterpretations</li><li>44:25 Risk Management in Technology</li><li>46:06 Current Projects and Future Plans</li><li>49:40 The Importance of Hobbies and Balance</li><li>55:33 Learning from Failures and Community Support</li><li>01:02:22 The Value of Networking and Collaboration</li></ul><br/><p>Takeaways:</p><ul><li>The Proxmark 3 is an essential tool for anyone interested in RFID hacking, as it allows users to interact with various RFID card systems and understand their vulnerabilities.</li><li>Christian Herman, also known as Iceman, shares his journey from personal challenges to becoming a prominent figure in the RFID hacking community, emphasizing the importance of resilience and curiosity in learning.</li><li>The open-source nature of Proxmark 3 has fostered a collaborative environment where individuals can contribute to the tool's development, leading to more effective RFID hacking methods.</li><li>Iceman discusses the significance of embracing failure and asking questions in the learning process, highlighting that persistence and community support are crucial for success in technical fields.</li><li>The podcast emphasizes the need for ethical considerations and responsible use of hacking tools, as they can be misinterpreted and labeled as burglar tools depending on the user's intent.</li><li>Listeners are encouraged to engage with the community through platforms like Discord, where they can seek assistance and share knowledge with others involved in RFID hacking.</li></ul><br/><p>Companies mentioned in this episode:</p><ul><li>Proxmark 3</li><li>DEFCON</li><li>bsides Talent</li><li>Raspberry PI</li><li>Dark Matter</li><li>Flipper</li><li>Chameleon</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/unlocking-the-secrets-of-rfid-hacking-with-iceman]]></link><guid isPermaLink="false">7edf8131-85eb-4a9a-83a3-68f48843a482</guid><itunes:image href="https://artwork.captivate.fm/d097dd04-89cb-43d5-b852-6bdc2ecec97f/ChatGPT-Image-Jun-18-2026-04-35-10-PM.jpg"/><pubDate>Wed, 24 Sep 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/7edf8131-85eb-4a9a-83a3-68f48843a482.mp3" length="31512674" type="audio/mpeg"/><itunes:duration>01:05:39</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>12</itunes:episode><podcast:episode>12</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/02a1c68a-ae43-49b3-bf93-f4023593a4ee/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/02a1c68a-ae43-49b3-bf93-f4023593a4ee/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/02a1c68a-ae43-49b3-bf93-f4023593a4ee/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-3ad0ec1b-845d-44f6-886b-771d8e394aaf.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="The Art of RFID Hacking: Insights from ICEMAN on Proxmark Mastery"><podcast:source uri="https://youtu.be/bP2KXn3hCp4"/></podcast:alternateEnclosure></item><item><title>Understanding Cybersecurity: The Importance of Effective Storytelling</title><itunes:title>Understanding Cybersecurity: The Importance of Effective Storytelling</itunes:title><description><![CDATA[<p>This podcast episode delves into the multifaceted nature of branding and communication within the realm of cybersecurity, emphasizing that cybersecurity is no longer merely an IT concern but rather a societal issue that necessitates a broader perspective. We engage with George, a distinguished podcast host and community leader, who shares his insights on the importance of understanding human behavior in building effective cybersecurity communities. The discussion highlights the significance of storytelling in branding, illuminating the necessity for organizations to connect with their audience on a deeper level to convey their value propositions effectively. Furthermore, we explore the role of communication in fostering relationships and creating meaningful interactions within the industry, underlining the importance of listening and adapting to the needs of others. Ultimately, this episode serves as a compelling reminder that successful branding and community building in cybersecurity hinge on authenticity, understanding, and effective communication strategies.</p><p>In this episode, Joe Carson speaks with George Kamide about the evolving landscape of cybersecurity, emphasizing the importance of community building, branding, and effective communication. They discuss how cybersecurity is no longer just an IT issue but a societal one, and how understanding user experience is crucial for success. The conversation also highlights the role of podcasts in educating the cybersecurity community and the challenges of building meaningful connections in a digital world.</p><p><strong>Takeaways</strong></p><ul><li>Cybersecurity is a societal problem, not just an IT issue.</li><li>Branding is essential for standing out in a crowded market.</li><li>Understanding user experience is critical for product success.</li><li>Podcasts can provide valuable education and insights in cybersecurity.</li><li>Building communities takes time and effort without immediate ROI.</li><li>Effective communication is key to conveying value propositions.</li><li>Listening to customers is more important than broadcasting solutions.</li><li>Time is the most valuable resource we have.</li><li>Engagement on social media should be curated and positive.</li><li>Building relationships requires giving before asking.</li></ul><br/><p><strong>Chapters</strong></p><p>00:00 Introduction to Cybersecurity and Community Building</p><p>02:25 The Importance of Branding in Cybersecurity</p><p>08:54 User Experience and Customer Understanding</p><p>19:36 The Role of Podcasts in Cybersecurity Education</p><p>22:42 Building Communities and Navigating Social Media</p><p>The discourse presented within this podcast episode encompasses a profound exploration of the evolving landscape of cybersecurity and the critical importance of community building within this domain. The dialogue initiates with the host, Joe Carson, articulating his enthusiasm for engaging with leading figures in cybersecurity, wherein he aims to disseminate invaluable insights and best practices aimed at augmenting individual and organizational success in the field. The guest speaker, George, who boasts extensive experience in the cybersecurity sector, elucidates his unconventional journey into the industry, which was catalyzed by a background in anthropology and marketing, ultimately leading to his current role as the head of community at the CISO Society. This narrative serves as a testament to the multifaceted nature of cybersecurity, illustrating that it transcends traditional IT confines and necessitates a broader societal perspective. A salient theme that emerges throughout the dialogue is the imperative of effective communication in fostering robust cybersecurity communities. Both Carson and George emphasize the necessity of understanding the audience's needs and perspectives, underscoring that the success of any cybersecurity initiative hinges upon the establishment of meaningful connections and a dialogue rooted in mutual understanding and collaboration. George articulates the dangers of adopting a one-sided communication approach, which often leads to a disconnect between providers and practitioners. Instead, he advocates for a listening-first strategy that prioritizes the cultivation of relationships, ensuring that the communication is not merely a broadcast of solutions, but a collaborative dialogue aimed at addressing real-world challenges faced by practitioners. Furthermore, the episode delves into branding within the cybersecurity space, positing that brand identity is not merely a superficial concern but a fundamental element that influences perception and engagement. George provides insightful perspectives on how brands can differentiate themselves in a crowded market through authenticity and a clear articulation of their value propositions. By leveraging storytelling and a deep understanding of the audience's pain points, brands can foster trust and credibility, which are paramount in a sector often plagued by skepticism. The episode ultimately culminates in a call to action for listeners to engage in proactive community building and to embrace a mindset centered on empathy, collaboration, and continuous learning as they navigate the complexities of cybersecurity.</p>]]></description><content:encoded><![CDATA[<p>This podcast episode delves into the multifaceted nature of branding and communication within the realm of cybersecurity, emphasizing that cybersecurity is no longer merely an IT concern but rather a societal issue that necessitates a broader perspective. We engage with George, a distinguished podcast host and community leader, who shares his insights on the importance of understanding human behavior in building effective cybersecurity communities. The discussion highlights the significance of storytelling in branding, illuminating the necessity for organizations to connect with their audience on a deeper level to convey their value propositions effectively. Furthermore, we explore the role of communication in fostering relationships and creating meaningful interactions within the industry, underlining the importance of listening and adapting to the needs of others. Ultimately, this episode serves as a compelling reminder that successful branding and community building in cybersecurity hinge on authenticity, understanding, and effective communication strategies.</p><p>In this episode, Joe Carson speaks with George Kamide about the evolving landscape of cybersecurity, emphasizing the importance of community building, branding, and effective communication. They discuss how cybersecurity is no longer just an IT issue but a societal one, and how understanding user experience is crucial for success. The conversation also highlights the role of podcasts in educating the cybersecurity community and the challenges of building meaningful connections in a digital world.</p><p><strong>Takeaways</strong></p><ul><li>Cybersecurity is a societal problem, not just an IT issue.</li><li>Branding is essential for standing out in a crowded market.</li><li>Understanding user experience is critical for product success.</li><li>Podcasts can provide valuable education and insights in cybersecurity.</li><li>Building communities takes time and effort without immediate ROI.</li><li>Effective communication is key to conveying value propositions.</li><li>Listening to customers is more important than broadcasting solutions.</li><li>Time is the most valuable resource we have.</li><li>Engagement on social media should be curated and positive.</li><li>Building relationships requires giving before asking.</li></ul><br/><p><strong>Chapters</strong></p><p>00:00 Introduction to Cybersecurity and Community Building</p><p>02:25 The Importance of Branding in Cybersecurity</p><p>08:54 User Experience and Customer Understanding</p><p>19:36 The Role of Podcasts in Cybersecurity Education</p><p>22:42 Building Communities and Navigating Social Media</p><p>The discourse presented within this podcast episode encompasses a profound exploration of the evolving landscape of cybersecurity and the critical importance of community building within this domain. The dialogue initiates with the host, Joe Carson, articulating his enthusiasm for engaging with leading figures in cybersecurity, wherein he aims to disseminate invaluable insights and best practices aimed at augmenting individual and organizational success in the field. The guest speaker, George, who boasts extensive experience in the cybersecurity sector, elucidates his unconventional journey into the industry, which was catalyzed by a background in anthropology and marketing, ultimately leading to his current role as the head of community at the CISO Society. This narrative serves as a testament to the multifaceted nature of cybersecurity, illustrating that it transcends traditional IT confines and necessitates a broader societal perspective. A salient theme that emerges throughout the dialogue is the imperative of effective communication in fostering robust cybersecurity communities. Both Carson and George emphasize the necessity of understanding the audience's needs and perspectives, underscoring that the success of any cybersecurity initiative hinges upon the establishment of meaningful connections and a dialogue rooted in mutual understanding and collaboration. George articulates the dangers of adopting a one-sided communication approach, which often leads to a disconnect between providers and practitioners. Instead, he advocates for a listening-first strategy that prioritizes the cultivation of relationships, ensuring that the communication is not merely a broadcast of solutions, but a collaborative dialogue aimed at addressing real-world challenges faced by practitioners. Furthermore, the episode delves into branding within the cybersecurity space, positing that brand identity is not merely a superficial concern but a fundamental element that influences perception and engagement. George provides insightful perspectives on how brands can differentiate themselves in a crowded market through authenticity and a clear articulation of their value propositions. By leveraging storytelling and a deep understanding of the audience's pain points, brands can foster trust and credibility, which are paramount in a sector often plagued by skepticism. The episode ultimately culminates in a call to action for listeners to engage in proactive community building and to embrace a mindset centered on empathy, collaboration, and continuous learning as they navigate the complexities of cybersecurity.</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/special-episode-building-cybersecurity-communities-with-george-kamide]]></link><guid isPermaLink="false">b9f6ff1a-e3d9-46f9-b565-6049aec7ff9d</guid><itunes:image href="https://artwork.captivate.fm/b267f642-292e-4884-ac65-ec879880d649/generated-image.jpg"/><pubDate>Tue, 23 Sep 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/b9f6ff1a-e3d9-46f9-b565-6049aec7ff9d.mp3" length="13768634" type="audio/mpeg"/><itunes:duration>28:41</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>11</itunes:episode><podcast:episode>11</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/63a013fe-7cbe-4e62-85eb-ed3abe745cd3/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/63a013fe-7cbe-4e62-85eb-ed3abe745cd3/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/63a013fe-7cbe-4e62-85eb-ed3abe745cd3/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-a7058dc7-7ad4-4b2b-92d4-782f2ae404e2.json" type="application/json+chapters"/></item><item><title>Exploring the Intricacies of Cybersecurity Marketing with Zara Pirzada</title><itunes:title>Exploring the Intricacies of Cybersecurity Marketing with Zara Pirzada</itunes:title><description><![CDATA[<p>The discussion presented in this episode revolves around the intricate dynamics of the cybersecurity industry, emphasizing the multifaceted roles within it. Our esteemed guest, Zara Pirzada, the managing partner and owner of Infinitus Management Consulting, elucidates her journey into cybersecurity, highlighting the importance of understanding various market strategies for startups. She articulates a profound perspective on the necessity of aligning marketing strategies with genuine product value, thereby ensuring that organizations effectively communicate their unique selling propositions. Additionally, Zara draws attention to the critical nature of fostering trust and transparency in client relations, particularly within the context of evolving technological landscapes. As we delve deeper into these themes, listeners will gain invaluable insights into navigating the complexities of cybersecurity practices and the imperative of continuous learning and adaptation in this ever-changing field.</p><p>#Cybersecurity #MarketingChallenges #Podcast</p><p><strong>Takeaways</strong></p><ul><li>Zaira Pirzada's journey into cybersecurity was unintentional but evolved into a passion.</li><li>Open source intelligence (OSINT) played a crucial role in Zaira's early career.</li><li>Listening and learning from others is vital in the cybersecurity industry.</li><li>The transition from analyst to CMO involves understanding market dynamics and customer needs.</li><li>Unique value propositions are essential for startups to stand out in a crowded market.</li><li>Data is a key asset in cybersecurity, influencing decision-making and strategy.</li><li>Building trust and reliability is crucial in cybersecurity communications.</li><li>Negotiation in cybersecurity is evolving with the introduction of AI and data valuation.</li><li>Education and knowledge sharing are fundamental to success in the cybersecurity community.</li><li>Continuous learning is necessary to keep up with the fast-paced changes in the industry.</li></ul><br/><p>The discourse presented in this podcast episode is a profound examination of the multifaceted nature of cybersecurity, featuring an engaging dialogue between the host, Joe Carson, and his esteemed guest, Zara Pirzada, the managing partner of Infinitus Management Consulting. The conversation commences with an exploration of Zara's unconventional journey into the cybersecurity domain, which was catalyzed by her academic pursuits in security policy and civil affairs. This formative background has endowed her with a unique perspective on the intersection of military and civilian dynamics in cybersecurity, particularly as it pertains to the emerging threats posed by asymmetric warfare in the digital realm. Zara elaborates on her transition from studying militant non-state actors to delving into the intricacies of governance, risk, and compliance (GRC), a field she notes serves as a pivotal entry point for many aspiring cybersecurity professionals. As the dialogue progresses, the hosts delve into the critical role of effective communication within the cybersecurity landscape, emphasizing the imperative for professionals to cultivate a shared understanding across diverse roles. This theme is further elaborated upon through the discussion of the evolving nature of cyber threats and the necessity for holistic security practices that transcend traditional silos. The conversation also touches upon the challenges associated with keeping pace with rapid technological advancements and the implications for organizational security posture. The episode culminates in a reflection on the significance of mentorship and knowledge sharing within the cybersecurity community, highlighting the collective responsibility of seasoned professionals to educate and empower the next generation of experts. Throughout the discussion, Zara's insights resonate with the audience, underscoring the importance of adaptability, collaboration, and continuous learning in navigating the complex cybersecurity landscape.</p>]]></description><content:encoded><![CDATA[<p>The discussion presented in this episode revolves around the intricate dynamics of the cybersecurity industry, emphasizing the multifaceted roles within it. Our esteemed guest, Zara Pirzada, the managing partner and owner of Infinitus Management Consulting, elucidates her journey into cybersecurity, highlighting the importance of understanding various market strategies for startups. She articulates a profound perspective on the necessity of aligning marketing strategies with genuine product value, thereby ensuring that organizations effectively communicate their unique selling propositions. Additionally, Zara draws attention to the critical nature of fostering trust and transparency in client relations, particularly within the context of evolving technological landscapes. As we delve deeper into these themes, listeners will gain invaluable insights into navigating the complexities of cybersecurity practices and the imperative of continuous learning and adaptation in this ever-changing field.</p><p>#Cybersecurity #MarketingChallenges #Podcast</p><p><strong>Takeaways</strong></p><ul><li>Zaira Pirzada's journey into cybersecurity was unintentional but evolved into a passion.</li><li>Open source intelligence (OSINT) played a crucial role in Zaira's early career.</li><li>Listening and learning from others is vital in the cybersecurity industry.</li><li>The transition from analyst to CMO involves understanding market dynamics and customer needs.</li><li>Unique value propositions are essential for startups to stand out in a crowded market.</li><li>Data is a key asset in cybersecurity, influencing decision-making and strategy.</li><li>Building trust and reliability is crucial in cybersecurity communications.</li><li>Negotiation in cybersecurity is evolving with the introduction of AI and data valuation.</li><li>Education and knowledge sharing are fundamental to success in the cybersecurity community.</li><li>Continuous learning is necessary to keep up with the fast-paced changes in the industry.</li></ul><br/><p>The discourse presented in this podcast episode is a profound examination of the multifaceted nature of cybersecurity, featuring an engaging dialogue between the host, Joe Carson, and his esteemed guest, Zara Pirzada, the managing partner of Infinitus Management Consulting. The conversation commences with an exploration of Zara's unconventional journey into the cybersecurity domain, which was catalyzed by her academic pursuits in security policy and civil affairs. This formative background has endowed her with a unique perspective on the intersection of military and civilian dynamics in cybersecurity, particularly as it pertains to the emerging threats posed by asymmetric warfare in the digital realm. Zara elaborates on her transition from studying militant non-state actors to delving into the intricacies of governance, risk, and compliance (GRC), a field she notes serves as a pivotal entry point for many aspiring cybersecurity professionals. As the dialogue progresses, the hosts delve into the critical role of effective communication within the cybersecurity landscape, emphasizing the imperative for professionals to cultivate a shared understanding across diverse roles. This theme is further elaborated upon through the discussion of the evolving nature of cyber threats and the necessity for holistic security practices that transcend traditional silos. The conversation also touches upon the challenges associated with keeping pace with rapid technological advancements and the implications for organizational security posture. The episode culminates in a reflection on the significance of mentorship and knowledge sharing within the cybersecurity community, highlighting the collective responsibility of seasoned professionals to educate and empower the next generation of experts. Throughout the discussion, Zara's insights resonate with the audience, underscoring the importance of adaptability, collaboration, and continuous learning in navigating the complex cybersecurity landscape.</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/the-power-of-osint-data-and-differentiation-in-cybersecurity-with-zaira-pirzada]]></link><guid isPermaLink="false">3063379d-2416-4b6e-ad26-67d71114cfa1</guid><itunes:image href="https://artwork.captivate.fm/b75aa007-c348-442d-b190-5c8096638f94/generated-image.jpg"/><pubDate>Wed, 10 Sep 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/3063379d-2416-4b6e-ad26-67d71114cfa1.mp3" length="24395012" type="audio/mpeg"/><itunes:duration>50:49</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>10</itunes:episode><podcast:episode>10</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/7202556b-7bad-453d-ab7e-36ff399acf4a/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/7202556b-7bad-453d-ab7e-36ff399acf4a/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/7202556b-7bad-453d-ab7e-36ff399acf4a/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-f1a2d102-bb23-4e68-acf6-748a6ed9a60f.json" type="application/json+chapters"/></item><item><title>Bringing Clarity to Cybersecurity: A Conversation with Harry Coker Jr.</title><itunes:title>Bringing Clarity to Cybersecurity: A Conversation with Harry Coker Jr.</itunes:title><description><![CDATA[<p>Today, we delve into the profound insights of Mr. Secretary Harry Coker Jr., who elucidates the imperative of fostering clarity amidst the pervasive chaos inherent in cybersecurity. In our discourse, he emphasizes the necessity for defenders to perceive disruption not as a hindrance, but as an opportunity for innovation and growth within the realm of online security. Coker recounts his own journey into this field, which commenced long before the terminology of "cybersecurity" was widely adopted. He reflects on the pivotal moments and mentorships that shaped his trajectory, underscoring the significance of accountability in leadership. As we navigate through this episode, listeners will glean valuable lessons that resonate with the broader themes of resilience and strategic adaptation in the face of continuous technological evolution.</p><p>In this episode of the Security by Default podcast, host Joe Carson speaks with Secretary Harry Coker Jr. about his journey into cybersecurity, the importance of mentorship, and the challenges faced in leadership roles. They discuss the evolving role of AI in government and cybersecurity, the significance of resilience in the face of failures, and personal interests that help them unplug from their busy lives. The conversation emphasizes the need for clarity in chaos and the importance of learning from every experience.</p><p><strong class="ql-size-large">Takeaways</strong></p><ul><li>Bringing clarity to chaos is essential for success.</li><li>Mentorship plays a crucial role in career development.</li><li>Every day in leadership presents new challenges and opportunities.</li><li>Learning from both successes and failures is vital.</li><li>Trust but verify is a key principle in leadership.</li><li>AI is transforming government operations and cybersecurity.</li><li>Cyber resilience is becoming more important than ever.</li><li>Personal interests help leaders to unplug and recharge.</li><li>Success is often shared, while failure is solitary.</li><li>The human element must remain in AI decision-making.</li></ul><br/><p><strong class="ql-size-large">Chapters</strong></p><p>00:00 Introduction to Cybersecurity and Personal Journeys</p><p>06:05 The Importance of Mentorship and Teamwork</p><p>11:48 A Day in the Life of a Cybersecurity Leader</p><p>17:51 Lessons Learned from Challenges and Failures</p><p>21:53 The Impact of AI on Cybersecurity and Governance</p><p>29:42 Personal Interests and Unplugging from Work</p><p><strong class="ql-size-large">Resources</strong></p><p>The following books and resources were mentioned:</p><ol><li><strong>"Character" by retired U.S. Army General Stan McChrystal</strong> - Harry Coker mentioned he started reading this book and found it insightful, particularly about self-awareness and challenging oneself.</li><li><strong>"The Power of Now"</strong> - Joseph Carson mentioned this book as one he was recommended to read and was working towards.</li></ol><br/><p>The podcast episode features a compelling conversation between Joe Carson and Harry Coker Jr., focusing on the dynamic and often chaotic world of cybersecurity. Coker, who has a rich background in the field, articulates the importance of perceiving chaos as an opportunity for growth and innovation rather than a mere obstacle. He recounts his personal journey, which began in an era when technology was not as prevalent, and shares how his educational pursuits led him to a successful career in cybersecurity. This narrative emphasizes the significance of adaptability and the willingness to embrace change amidst rapid technological advancements. As the dialogue unfolds, Coker highlights the necessity for organizations to cultivate cyber resilience, advocating for a proactive approach that not only seeks to prevent breaches but also prepares for effective recovery from incidents. He stresses that in an age where cyber threats are pervasive, developing a resilient infrastructure is essential for safeguarding critical information. The discussion also delves into the role of mentorship and the importance of learning from both successes and failures in the cybersecurity landscape, illustrating how collaborative efforts can strengthen the industry's overall resilience. Towards the conclusion of the episode, the conversation shifts to the implications of artificial intelligence in government and society. Coker discusses the potential benefits and challenges associated with AI, urging for a balanced approach that maintains human oversight in decision-making processes. This multifaceted discussion illuminates the complexities of navigating cybersecurity in the modern era, providing listeners with valuable insights into the evolving landscape and the critical role of leadership, mentorship, and ethical considerations in shaping the future of the industry.</p><p>Takeaways:</p><ul><li>The podcast emphasizes the necessity of bringing clarity to chaos within cybersecurity, which is essential for making informed decisions.</li><li>Harry Coker Jr. reflects on his unexpected journey into cybersecurity, highlighting the importance of mentorship and adaptability.</li><li>The conversation addresses the critical role of cyber resilience, advocating for the understanding that compromises will occur, thus necessitating recovery strategies.</li><li>The discussion reveals the growing influence of artificial intelligence on government operations, underscoring the need for ethical considerations in its deployment.</li><li>There is a focus on the significance of accountability and leadership in the face of challenges and failures within the cybersecurity field.</li><li>The dialogue concludes by reiterating the mission of making security accessible to all, reinforcing the belief that cybersecurity should not be a privilege of the few.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>Today, we delve into the profound insights of Mr. Secretary Harry Coker Jr., who elucidates the imperative of fostering clarity amidst the pervasive chaos inherent in cybersecurity. In our discourse, he emphasizes the necessity for defenders to perceive disruption not as a hindrance, but as an opportunity for innovation and growth within the realm of online security. Coker recounts his own journey into this field, which commenced long before the terminology of "cybersecurity" was widely adopted. He reflects on the pivotal moments and mentorships that shaped his trajectory, underscoring the significance of accountability in leadership. As we navigate through this episode, listeners will glean valuable lessons that resonate with the broader themes of resilience and strategic adaptation in the face of continuous technological evolution.</p><p>In this episode of the Security by Default podcast, host Joe Carson speaks with Secretary Harry Coker Jr. about his journey into cybersecurity, the importance of mentorship, and the challenges faced in leadership roles. They discuss the evolving role of AI in government and cybersecurity, the significance of resilience in the face of failures, and personal interests that help them unplug from their busy lives. The conversation emphasizes the need for clarity in chaos and the importance of learning from every experience.</p><p><strong class="ql-size-large">Takeaways</strong></p><ul><li>Bringing clarity to chaos is essential for success.</li><li>Mentorship plays a crucial role in career development.</li><li>Every day in leadership presents new challenges and opportunities.</li><li>Learning from both successes and failures is vital.</li><li>Trust but verify is a key principle in leadership.</li><li>AI is transforming government operations and cybersecurity.</li><li>Cyber resilience is becoming more important than ever.</li><li>Personal interests help leaders to unplug and recharge.</li><li>Success is often shared, while failure is solitary.</li><li>The human element must remain in AI decision-making.</li></ul><br/><p><strong class="ql-size-large">Chapters</strong></p><p>00:00 Introduction to Cybersecurity and Personal Journeys</p><p>06:05 The Importance of Mentorship and Teamwork</p><p>11:48 A Day in the Life of a Cybersecurity Leader</p><p>17:51 Lessons Learned from Challenges and Failures</p><p>21:53 The Impact of AI on Cybersecurity and Governance</p><p>29:42 Personal Interests and Unplugging from Work</p><p><strong class="ql-size-large">Resources</strong></p><p>The following books and resources were mentioned:</p><ol><li><strong>"Character" by retired U.S. Army General Stan McChrystal</strong> - Harry Coker mentioned he started reading this book and found it insightful, particularly about self-awareness and challenging oneself.</li><li><strong>"The Power of Now"</strong> - Joseph Carson mentioned this book as one he was recommended to read and was working towards.</li></ol><br/><p>The podcast episode features a compelling conversation between Joe Carson and Harry Coker Jr., focusing on the dynamic and often chaotic world of cybersecurity. Coker, who has a rich background in the field, articulates the importance of perceiving chaos as an opportunity for growth and innovation rather than a mere obstacle. He recounts his personal journey, which began in an era when technology was not as prevalent, and shares how his educational pursuits led him to a successful career in cybersecurity. This narrative emphasizes the significance of adaptability and the willingness to embrace change amidst rapid technological advancements. As the dialogue unfolds, Coker highlights the necessity for organizations to cultivate cyber resilience, advocating for a proactive approach that not only seeks to prevent breaches but also prepares for effective recovery from incidents. He stresses that in an age where cyber threats are pervasive, developing a resilient infrastructure is essential for safeguarding critical information. The discussion also delves into the role of mentorship and the importance of learning from both successes and failures in the cybersecurity landscape, illustrating how collaborative efforts can strengthen the industry's overall resilience. Towards the conclusion of the episode, the conversation shifts to the implications of artificial intelligence in government and society. Coker discusses the potential benefits and challenges associated with AI, urging for a balanced approach that maintains human oversight in decision-making processes. This multifaceted discussion illuminates the complexities of navigating cybersecurity in the modern era, providing listeners with valuable insights into the evolving landscape and the critical role of leadership, mentorship, and ethical considerations in shaping the future of the industry.</p><p>Takeaways:</p><ul><li>The podcast emphasizes the necessity of bringing clarity to chaos within cybersecurity, which is essential for making informed decisions.</li><li>Harry Coker Jr. reflects on his unexpected journey into cybersecurity, highlighting the importance of mentorship and adaptability.</li><li>The conversation addresses the critical role of cyber resilience, advocating for the understanding that compromises will occur, thus necessitating recovery strategies.</li><li>The discussion reveals the growing influence of artificial intelligence on government operations, underscoring the need for ethical considerations in its deployment.</li><li>There is a focus on the significance of accountability and leadership in the face of challenges and failures within the cybersecurity field.</li><li>The dialogue concludes by reiterating the mission of making security accessible to all, reinforcing the belief that cybersecurity should not be a privilege of the few.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/from-chaos-to-clarity-a-cybersecurity-journey-with-secretary-harry-coker-jr-]]></link><guid isPermaLink="false">62dc53ba-dace-4586-b630-2c76924bf613</guid><itunes:image href="https://artwork.captivate.fm/ac2e3b72-49d7-4151-80fa-e9a60a67bad0/ChatGPT-Image-Jun-18-2026-05-02-19-PM.jpg"/><pubDate>Wed, 27 Aug 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/62dc53ba-dace-4586-b630-2c76924bf613.mp3" length="17642672" type="audio/mpeg"/><itunes:duration>36:45</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>9</itunes:episode><podcast:episode>9</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/5ecb8107-96a4-4e4a-abc9-31ab406e40e6/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/5ecb8107-96a4-4e4a-abc9-31ab406e40e6/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/5ecb8107-96a4-4e4a-abc9-31ab406e40e6/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-3aa3c00a-773a-4f76-925e-4593e577a337.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="Bringing Clarity to Cybersecurity: A Conversation with Harry Coker Jr."><podcast:source uri="https://youtu.be/F1HlNisoD3Y"/></podcast:alternateEnclosure></item><item><title>A Legacy of Malware: Mikko Hyppönen Reflects on His Career</title><itunes:title>A Legacy of Malware: Mikko Hyppönen Reflects on His Career</itunes:title><description><![CDATA[<p>Mikko Hyppönen, a luminary in the realm of cybersecurity, reflects on his illustrious career during this insightful dialogue. With over three decades of experience, he articulates the evolution of his professional journey, transitioning from programming to the intricate domain of malware analysis. He recounts his initial encounter with malware, specifically the Omega virus, which ignited his passion for reverse engineering and paved the way for his enduring contributions to security. Moreover, Hyppönen unveils his recent shift toward drone defense technology, indicating a profound commitment to addressing contemporary challenges in military applications. As he prepares to leave the cybersecurity landscape, he expresses gratitude for the community that has supported him throughout his tenure, underscoring the importance of collaboration in making the digital world a safer environment.</p><p>In this special edition episode of the Security by Default podcast, Mikko discusses his extensive career in cybersecurity, his transition to a new role in drone defense, and the innovative Museum of Malware that showcases the intersection of art and cybersecurity. He reflects on his journey, memorable experiences, and the importance of storytelling in engaging audiences</p><p>Takeaways</p><ul><li>Mikko's alternative career choice was journalism.</li><li>He started in programming and transitioned to cybersecurity.</li><li>Keynote speaking at Black Hat involves storytelling.</li><li>Experience reduces anxiety in public speaking.</li><li>The Omega virus was Mikko's first memorable malware.</li><li>The Museum of Malware archives the history of cyber threats.</li><li>The museum features art inspired by malware and cyberattacks.</li><li>Mikko is transitioning to a drone defense company.</li><li>He sees parallels between cybersecurity and drone defense.</li><li>Mikko expresses gratitude for his 34 years in the cybersecurity industry.</li></ul><br/><p></p><p>Resources:</p><p>https://www.withsecure.com/en/experiences/museum-of-malware-art</p>]]></description><content:encoded><![CDATA[<p>Mikko Hyppönen, a luminary in the realm of cybersecurity, reflects on his illustrious career during this insightful dialogue. With over three decades of experience, he articulates the evolution of his professional journey, transitioning from programming to the intricate domain of malware analysis. He recounts his initial encounter with malware, specifically the Omega virus, which ignited his passion for reverse engineering and paved the way for his enduring contributions to security. Moreover, Hyppönen unveils his recent shift toward drone defense technology, indicating a profound commitment to addressing contemporary challenges in military applications. As he prepares to leave the cybersecurity landscape, he expresses gratitude for the community that has supported him throughout his tenure, underscoring the importance of collaboration in making the digital world a safer environment.</p><p>In this special edition episode of the Security by Default podcast, Mikko discusses his extensive career in cybersecurity, his transition to a new role in drone defense, and the innovative Museum of Malware that showcases the intersection of art and cybersecurity. He reflects on his journey, memorable experiences, and the importance of storytelling in engaging audiences</p><p>Takeaways</p><ul><li>Mikko's alternative career choice was journalism.</li><li>He started in programming and transitioned to cybersecurity.</li><li>Keynote speaking at Black Hat involves storytelling.</li><li>Experience reduces anxiety in public speaking.</li><li>The Omega virus was Mikko's first memorable malware.</li><li>The Museum of Malware archives the history of cyber threats.</li><li>The museum features art inspired by malware and cyberattacks.</li><li>Mikko is transitioning to a drone defense company.</li><li>He sees parallels between cybersecurity and drone defense.</li><li>Mikko expresses gratitude for his 34 years in the cybersecurity industry.</li></ul><br/><p></p><p>Resources:</p><p>https://www.withsecure.com/en/experiences/museum-of-malware-art</p>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/special-edition-mikko-hypponen-from-malware-to-drones-a-black-hat-farewell]]></link><guid isPermaLink="false">78e4f57e-e154-42ae-952a-aa279f56ef1d</guid><itunes:image href="https://artwork.captivate.fm/396330e1-9f75-417b-b9f4-7c55672f6101/ChatGPT-Image-Jun-16-2026-08-22-39-PM.jpg"/><pubDate>Thu, 14 Aug 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/78e4f57e-e154-42ae-952a-aa279f56ef1d.mp3" length="4556579" type="audio/mpeg"/><itunes:duration>09:30</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>8</itunes:episode><podcast:episode>8</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/be400f63-acf4-4466-9440-f03c2210923b/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/be400f63-acf4-4466-9440-f03c2210923b/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/be400f63-acf4-4466-9440-f03c2210923b/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-11483779-e930-4d69-b22a-66bb47943f85.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="A Legacy of Malware: Mikko Hyppönen Reflects on His Career"><podcast:source uri="https://youtu.be/6b-WWmHfxSY"/></podcast:alternateEnclosure></item><item><title>Unveiling the Complexity of Non-Human Identities in Cybersecurity with Evandro Goncalves</title><itunes:title>Unveiling the Complexity of Non-Human Identities in Cybersecurity with Evandro Goncalves</itunes:title><description><![CDATA[<p>The discussion with Evandro Goncalves centers on the critical topic of machine identities, which are non-human identities operating within IT environments. As organizations increasingly rely on automation, understanding and managing these identities has become paramount. Evandro elucidates the complexities and challenges associated with machine identities, highlighting the vast number of such identities in comparison to human counterparts and the potential risks they pose, including misconfigurations and privilege abuse. He emphasizes the importance of visibility and accountability in managing these identities, advocating for best practices such as implementing secure vaults and applying the principle of least privilege. This episode serves as a vital resource for those seeking to enhance their understanding of machine identities and bolster their organization's security posture.</p><p>In this episode of the Security by Default podcast, Joseph Carson and Evandro Goncalves discuss the critical topic of machine identities also known as non-human identities (NHI), exploring their definitions, challenges, and best practices for management. They delve into the complexities of managing non-human identities in cybersecurity, emphasizing the importance of visibility, risk management, and the principle of least privilege.</p><p>The conversation also highlights experiences from the NATO Lock Shield event, showcasing the real-world implications of identity security. Evandro shares insights on staying updated in the cybersecurity field and the importance of hands-on learning.</p><p>Takeaways</p><ul><li>The podcast aims to make security accessible to everyone.</li><li>Machine identities are non-interactive identities used in IT environments.</li><li>Organizations may have up to 80 machine identities for every human identity.</li><li>Visibility and management of machine identities are significant challenges.</li><li>Over-privileged accounts are a common issue in organizations.</li><li>Applying the principle of least privilege is crucial for security.</li><li>Communication and coordination are vital during cybersecurity events.</li><li>Hands-on experience and laboratories are effective for learning new technologies.</li><li>Staying updated with threat reports is essential for cybersecurity professionals.</li><li>Networking through platforms like LinkedIn is beneficial for knowledge sharing.</li></ul><br/><p>Keywords</p><p>machine identities, cybersecurity, identity security,</p><p>non-human identities, security management, best practices, NATO Lock Shield,</p><p>visibility, risk management, zero trust</p><p>The dialogue presented in this episode transcends a mere discussion; it represents a comprehensive inquiry into the multifaceted nature of machine identities, as articulated by the esteemed Evandro Goncalves of Aseguru. The conversation meticulously unravels the intricate tapestry of machine identities, often referred to as non-human identities, emphasizing their pivotal role within the contemporary IT ecosystem. Evandro posits that the ratio of machine identities to human identities can reach an astonishing 80 to 1, a statistic that underscores the pressing need for organizations to develop robust strategies for managing these identities effectively. As the discourse unfolds, the speakers delve into the inherent risks associated with machine identities, highlighting the rapid operational pace at which these identities function, often rendering traditional security measures insufficient. The dialogue further explores the criticality of visibility in identity management, as Evandro advocates for the establishment of comprehensive monitoring solutions that can provide organizations with insights into their machine identity landscape. He discusses the transition from conventional password management techniques to more advanced methodologies, such as the implementation of ephemeral accounts and just-in-time access strategies. This transformative approach not only enhances security but also aligns with the operational intricacies of modern IT environments, wherein machine identities operate without human intervention. Additionally, the conversation touches upon the principle of least privilege, urging organizations to reassess their access control measures to prevent the common pitfalls of privilege abuse that can compromise security integrity. In conclusion, the episode serves as a vital resource for security professionals, offering a wealth of knowledge and practical insights into the evolving domain of machine identities. Evandro Goncalves’s expertise, coupled with the engaging dialogue, equips listeners with the necessary understanding to navigate the complexities of identity management in an increasingly digital world. This episode is not merely an exposition of the challenges; it is a clarion call for organizations to adopt proactive measures in safeguarding their digital assets against the myriad threats posed by the contemporary cyber landscape.</p><p>Takeaways:</p><ul><li>Evandro Goncalves elaborated on the evolving landscape of machine identities, emphasizing their significance in modern IT environments.</li><li>The discussion highlighted that organizations may have up to 80 machine identities for each human identity, illustrating the complexity of identity management.</li><li>Goncalves stressed the importance of visibility and accountability in managing machine identities to mitigate security risks effectively.</li><li>One key takeaway was the necessity of adhering to the principle of least privilege to prevent over-privileged machine identities from becoming security liabilities.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>The discussion with Evandro Goncalves centers on the critical topic of machine identities, which are non-human identities operating within IT environments. As organizations increasingly rely on automation, understanding and managing these identities has become paramount. Evandro elucidates the complexities and challenges associated with machine identities, highlighting the vast number of such identities in comparison to human counterparts and the potential risks they pose, including misconfigurations and privilege abuse. He emphasizes the importance of visibility and accountability in managing these identities, advocating for best practices such as implementing secure vaults and applying the principle of least privilege. This episode serves as a vital resource for those seeking to enhance their understanding of machine identities and bolster their organization's security posture.</p><p>In this episode of the Security by Default podcast, Joseph Carson and Evandro Goncalves discuss the critical topic of machine identities also known as non-human identities (NHI), exploring their definitions, challenges, and best practices for management. They delve into the complexities of managing non-human identities in cybersecurity, emphasizing the importance of visibility, risk management, and the principle of least privilege.</p><p>The conversation also highlights experiences from the NATO Lock Shield event, showcasing the real-world implications of identity security. Evandro shares insights on staying updated in the cybersecurity field and the importance of hands-on learning.</p><p>Takeaways</p><ul><li>The podcast aims to make security accessible to everyone.</li><li>Machine identities are non-interactive identities used in IT environments.</li><li>Organizations may have up to 80 machine identities for every human identity.</li><li>Visibility and management of machine identities are significant challenges.</li><li>Over-privileged accounts are a common issue in organizations.</li><li>Applying the principle of least privilege is crucial for security.</li><li>Communication and coordination are vital during cybersecurity events.</li><li>Hands-on experience and laboratories are effective for learning new technologies.</li><li>Staying updated with threat reports is essential for cybersecurity professionals.</li><li>Networking through platforms like LinkedIn is beneficial for knowledge sharing.</li></ul><br/><p>Keywords</p><p>machine identities, cybersecurity, identity security,</p><p>non-human identities, security management, best practices, NATO Lock Shield,</p><p>visibility, risk management, zero trust</p><p>The dialogue presented in this episode transcends a mere discussion; it represents a comprehensive inquiry into the multifaceted nature of machine identities, as articulated by the esteemed Evandro Goncalves of Aseguru. The conversation meticulously unravels the intricate tapestry of machine identities, often referred to as non-human identities, emphasizing their pivotal role within the contemporary IT ecosystem. Evandro posits that the ratio of machine identities to human identities can reach an astonishing 80 to 1, a statistic that underscores the pressing need for organizations to develop robust strategies for managing these identities effectively. As the discourse unfolds, the speakers delve into the inherent risks associated with machine identities, highlighting the rapid operational pace at which these identities function, often rendering traditional security measures insufficient. The dialogue further explores the criticality of visibility in identity management, as Evandro advocates for the establishment of comprehensive monitoring solutions that can provide organizations with insights into their machine identity landscape. He discusses the transition from conventional password management techniques to more advanced methodologies, such as the implementation of ephemeral accounts and just-in-time access strategies. This transformative approach not only enhances security but also aligns with the operational intricacies of modern IT environments, wherein machine identities operate without human intervention. Additionally, the conversation touches upon the principle of least privilege, urging organizations to reassess their access control measures to prevent the common pitfalls of privilege abuse that can compromise security integrity. In conclusion, the episode serves as a vital resource for security professionals, offering a wealth of knowledge and practical insights into the evolving domain of machine identities. Evandro Goncalves’s expertise, coupled with the engaging dialogue, equips listeners with the necessary understanding to navigate the complexities of identity management in an increasingly digital world. This episode is not merely an exposition of the challenges; it is a clarion call for organizations to adopt proactive measures in safeguarding their digital assets against the myriad threats posed by the contemporary cyber landscape.</p><p>Takeaways:</p><ul><li>Evandro Goncalves elaborated on the evolving landscape of machine identities, emphasizing their significance in modern IT environments.</li><li>The discussion highlighted that organizations may have up to 80 machine identities for each human identity, illustrating the complexity of identity management.</li><li>Goncalves stressed the importance of visibility and accountability in managing machine identities to mitigate security risks effectively.</li><li>One key takeaway was the necessity of adhering to the principle of least privilege to prevent over-privileged machine identities from becoming security liabilities.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/exploring-machine-identities-in-cybersecurity-with-evandro]]></link><guid isPermaLink="false">10b6451e-b890-48b9-9728-b901c9ea2f3f</guid><itunes:image href="https://artwork.captivate.fm/c232a4a7-0d81-457b-bc23-1226137c3dc3/ChatGPT-Image-Jun-16-2026-06-28-35-PM.jpg"/><pubDate>Wed, 13 Aug 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/10b6451e-b890-48b9-9728-b901c9ea2f3f.mp3" length="18912014" type="audio/mpeg"/><itunes:duration>39:24</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>7</itunes:episode><podcast:episode>7</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/cb8f31f1-fc55-4f7c-8b6a-cb327680b5c3/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/cb8f31f1-fc55-4f7c-8b6a-cb327680b5c3/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/cb8f31f1-fc55-4f7c-8b6a-cb327680b5c3/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-6b5d8bcd-51a7-4a8b-aa1f-29a47ca600ec.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="Unveiling the Complexity of Non-Human Identities in Cybersecurity with Evandro Goncalves"><podcast:source uri="https://youtu.be/YpTioV6sy0E"/></podcast:alternateEnclosure></item><item><title>From Cybercriminal to Defender: An Incredible Hacker Redemption Story | Hieu Minh Ngo</title><itunes:title>From Cybercriminal to Defender: An Incredible Hacker Redemption Story | Hieu Minh Ngo</itunes:title><description><![CDATA[<p>Hieu Minh Ngo, a former cybercriminal turned cyber threat investigator, shares his remarkable journey from the dark depths of hacking to a profound commitment to cybersecurity. In this episode, we delve into Hieu's transformation, which commenced with his early fascination with computers in Vietnam and evolved into illicit activities on the dark web. Following a significant prison sentence, Hieu emerged with renewed purpose, dedicating himself to combating cybercrime and educating others about online safety. His experience highlights the critical importance of mentorship and community in guiding young hackers towards ethical paths. Through his work with the Vietnamese government and various organizations, Hieu is now actively shaping a safer digital landscape while inspiring the next generation to utilize their skills for good.</p><p>In this episode of the Security by Default podcast, host Joe Carson interviews Hieu Minh Ngo, a former cyber-criminal turned cybersecurity advocate. Hieu shares his journey from a curious teenager in Vietnam to a successful hacker, his time in prison, and his eventual redemption as he now works to help others avoid the pitfalls he faced. He discusses the importance of honesty, mentorship, and using one's skills for good, emphasizing the need for awareness in cybersecurity and the potential for change in the lives of young hackers.</p><p><strong>Takeaways</strong></p><ul><li>Hieu Minh Ngo transitioned from a cyber-criminal to a cybersecurity advocate.</li><li>His journey began with curiosity about computers and the internet.</li><li>He faced severe consequences for his hacking activities, including imprisonment.</li><li>Prison became a time for self-reflection and personal growth for Hieu.</li><li>He emphasizes the importance of being honest with oneself.</li><li>After prison, he was recruited by the Vietnamese government for cybersecurity work.</li><li>Hieu now mentor’s young hackers to use their skills for good.</li><li>He believes in the power of community and positive influences.</li><li>Hieu encourages young hackers to participate in bug bounty programs.</li><li>He stresses that good things will happen when you do the right thing.</li></ul><br/><p><strong>Chapters</strong></p><ul><li>00:00 Introduction to Cybercrime and Transformation</li><li>11:56 The Journey from Hacking to Cybersecurity</li><li>23:48 The Dark Web and Identity Theft</li><li>29:46 Finding Purpose in Prison</li><li>31:41 The Journey to Redemption</li><li>35:59 Consequences and Redemption</li><li>37:27 Life After Prison: A New Beginning</li><li>42:31 Using Skills for Good</li><li>49:23 Awards and Recognition</li><li>51:22 Future Aspirations and Mentorship</li></ul><br/><p>The dialogue unfolds with an engaging introduction from the host, Joe Carson, who expresses his excitement about welcoming Hieu Minh Ngo, a guest with a compelling narrative. Hieu, a former cybercriminal turned cybercrime investigator, recounts his remarkable journey that began during his adolescence in Vietnam. His early curiosity about computers and the Internet led him down a dark path where he engaged in illegal activities on the dark web. He shares vivid memories of his past, including the thrill of hacking and the eventual consequences that landed him in prison for nearly seven years. Through introspective reflections, Hieu emphasizes the importance of honesty to oneself, a lesson he learned during his incarceration. Hieu's transformation is marked by his commitment to using his skills for good, as he now works with the Vietnamese government and engages in community outreach to educate others on cybersecurity. His story serves as a powerful reminder of the potential for redemption and the significance of guiding the next generation of hackers toward positive uses of their talents.</p><p>Takeaways:</p><ul><li>Hieu Minh Ngo's transformation from a cybercriminal to a cybersecurity investigator exemplifies the profound impact of personal change.</li><li>The importance of fostering curiosity and learning in young hackers to guide their skills towards constructive paths.</li><li>Engagement in bug bounty programs is essential for aspiring hackers to develop their skills ethically and effectively.</li><li>The collaboration between former cybercriminals and law enforcement can significantly enhance crime prevention strategies.</li><li>The role of community support in rehabilitation and personal growth is vital for individuals with troubled pasts.</li><li>Raising awareness about cybersecurity can drastically reduce the incidence of cybercrime in society.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>Hieu Minh Ngo, a former cybercriminal turned cyber threat investigator, shares his remarkable journey from the dark depths of hacking to a profound commitment to cybersecurity. In this episode, we delve into Hieu's transformation, which commenced with his early fascination with computers in Vietnam and evolved into illicit activities on the dark web. Following a significant prison sentence, Hieu emerged with renewed purpose, dedicating himself to combating cybercrime and educating others about online safety. His experience highlights the critical importance of mentorship and community in guiding young hackers towards ethical paths. Through his work with the Vietnamese government and various organizations, Hieu is now actively shaping a safer digital landscape while inspiring the next generation to utilize their skills for good.</p><p>In this episode of the Security by Default podcast, host Joe Carson interviews Hieu Minh Ngo, a former cyber-criminal turned cybersecurity advocate. Hieu shares his journey from a curious teenager in Vietnam to a successful hacker, his time in prison, and his eventual redemption as he now works to help others avoid the pitfalls he faced. He discusses the importance of honesty, mentorship, and using one's skills for good, emphasizing the need for awareness in cybersecurity and the potential for change in the lives of young hackers.</p><p><strong>Takeaways</strong></p><ul><li>Hieu Minh Ngo transitioned from a cyber-criminal to a cybersecurity advocate.</li><li>His journey began with curiosity about computers and the internet.</li><li>He faced severe consequences for his hacking activities, including imprisonment.</li><li>Prison became a time for self-reflection and personal growth for Hieu.</li><li>He emphasizes the importance of being honest with oneself.</li><li>After prison, he was recruited by the Vietnamese government for cybersecurity work.</li><li>Hieu now mentor’s young hackers to use their skills for good.</li><li>He believes in the power of community and positive influences.</li><li>Hieu encourages young hackers to participate in bug bounty programs.</li><li>He stresses that good things will happen when you do the right thing.</li></ul><br/><p><strong>Chapters</strong></p><ul><li>00:00 Introduction to Cybercrime and Transformation</li><li>11:56 The Journey from Hacking to Cybersecurity</li><li>23:48 The Dark Web and Identity Theft</li><li>29:46 Finding Purpose in Prison</li><li>31:41 The Journey to Redemption</li><li>35:59 Consequences and Redemption</li><li>37:27 Life After Prison: A New Beginning</li><li>42:31 Using Skills for Good</li><li>49:23 Awards and Recognition</li><li>51:22 Future Aspirations and Mentorship</li></ul><br/><p>The dialogue unfolds with an engaging introduction from the host, Joe Carson, who expresses his excitement about welcoming Hieu Minh Ngo, a guest with a compelling narrative. Hieu, a former cybercriminal turned cybercrime investigator, recounts his remarkable journey that began during his adolescence in Vietnam. His early curiosity about computers and the Internet led him down a dark path where he engaged in illegal activities on the dark web. He shares vivid memories of his past, including the thrill of hacking and the eventual consequences that landed him in prison for nearly seven years. Through introspective reflections, Hieu emphasizes the importance of honesty to oneself, a lesson he learned during his incarceration. Hieu's transformation is marked by his commitment to using his skills for good, as he now works with the Vietnamese government and engages in community outreach to educate others on cybersecurity. His story serves as a powerful reminder of the potential for redemption and the significance of guiding the next generation of hackers toward positive uses of their talents.</p><p>Takeaways:</p><ul><li>Hieu Minh Ngo's transformation from a cybercriminal to a cybersecurity investigator exemplifies the profound impact of personal change.</li><li>The importance of fostering curiosity and learning in young hackers to guide their skills towards constructive paths.</li><li>Engagement in bug bounty programs is essential for aspiring hackers to develop their skills ethically and effectively.</li><li>The collaboration between former cybercriminals and law enforcement can significantly enhance crime prevention strategies.</li><li>The role of community support in rehabilitation and personal growth is vital for individuals with troubled pasts.</li><li>Raising awareness about cybersecurity can drastically reduce the incidence of cybercrime in society.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/from-hacker-to-hero-hieu-minh-ngos-journey]]></link><guid isPermaLink="false">1f47656c-a775-4f40-8421-23362e5e5ee8</guid><itunes:image href="https://artwork.captivate.fm/4a5f9832-784f-468e-be48-de40a3a57806/ChatGPT-Image-Jun-16-2026-05-43-37-PM.jpg"/><pubDate>Wed, 30 Jul 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/1f47656c-a775-4f40-8421-23362e5e5ee8.mp3" length="23277389" type="audio/mpeg"/><itunes:duration>48:30</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>6</itunes:episode><podcast:episode>6</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/986e8aac-f4c8-428f-a1aa-9c2683c35a40/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/986e8aac-f4c8-428f-a1aa-9c2683c35a40/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/986e8aac-f4c8-428f-a1aa-9c2683c35a40/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-826a4f5a-16c4-44fa-aab9-6f811e120110.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="From Cybercriminal to Cybersecurity Advocate: The Journey of Hieu Minh Ngo"><podcast:source uri="https://youtu.be/NiBVjz8KRdM"/></podcast:alternateEnclosure></item><item><title>Understanding Identity Threats in Cybersecurity with Filipi Pires</title><itunes:title>Understanding Identity Threats in Cybersecurity with Filipi Pires</itunes:title><description><![CDATA[<p>In this episode of the Security by Default podcast, host Joe Carson speaks with Filipi Pires, a cybersecurity expert with a diverse background in both technical and sales roles. They discuss Filipi's journey into cybersecurity, the importance of identity in security, and the challenges organizations face with misconfiguration. The conversation also covers tools and techniques used in cybersecurity research, the significance of observability, and the need for continuous learning in the field. Filipi shares insights on community engagement and the importance of respecting the journey in one's cybersecurity career.</p><p><strong class="ql-size-large">Takeaways</strong></p><ul><li>Identity is a central theme in cybersecurity.</li><li>Misconfiguration is a leading cause of security issues.</li><li>Continuous learning is essential in the cybersecurity field.</li><li>Tools should be used to understand techniques, not just for their own sake.</li><li>Community engagement is vital for knowledge sharing.</li><li>Phishing remains a simple yet effective attack method.</li><li>Legacy software poses significant risks to organizations.</li><li>Observability is crucial for effective security management.</li><li>Respecting the journey in cybersecurity is important for growth.</li></ul><br/><p><strong class="ql-size-large">Chapters</strong></p><ul><li>00:00 Introduction to Cybersecurity Journey</li><li>02:49 Exploring Cybersecurity Research and Trends</li><li>05:32 Tools and Techniques in Cybersecurity Research</li><li>08:34 Learning Through Capture The Flag Events</li><li>11:28 Identity Threats and Misconfigurations</li><li>14:16 Legacy Systems and Their Impact on Security</li><li>25:40 Understanding Use Cases in Security Permissions</li><li>27:36 The Principle of Least Privilege</li><li>29:31 The Complexity of Identity Management</li><li>30:28 Challenges in Observability and Access Control</li><li>32:16 Navigating Multi-Cloud Permissions</li><li>34:07 Tools for Enhancing Security Visibility</li><li>36:14 Continuous Learning in Cybersecurity</li><li>41:53 Community Engagement and Knowledge Sharing</li><li>45:32 Respecting the Journey in Cybersecurity</li></ul><br/><p>Companies mentioned in this episode:</p><ul><li>Segura</li><li>Trend Micro</li><li>Black Hat</li><li>Defcon</li><li>BSIDES</li><li>AWS</li><li>GCP</li><li>Azure</li><li>CrowdStrike</li></ul><br/>]]></description><content:encoded><![CDATA[<p>In this episode of the Security by Default podcast, host Joe Carson speaks with Filipi Pires, a cybersecurity expert with a diverse background in both technical and sales roles. They discuss Filipi's journey into cybersecurity, the importance of identity in security, and the challenges organizations face with misconfiguration. The conversation also covers tools and techniques used in cybersecurity research, the significance of observability, and the need for continuous learning in the field. Filipi shares insights on community engagement and the importance of respecting the journey in one's cybersecurity career.</p><p><strong class="ql-size-large">Takeaways</strong></p><ul><li>Identity is a central theme in cybersecurity.</li><li>Misconfiguration is a leading cause of security issues.</li><li>Continuous learning is essential in the cybersecurity field.</li><li>Tools should be used to understand techniques, not just for their own sake.</li><li>Community engagement is vital for knowledge sharing.</li><li>Phishing remains a simple yet effective attack method.</li><li>Legacy software poses significant risks to organizations.</li><li>Observability is crucial for effective security management.</li><li>Respecting the journey in cybersecurity is important for growth.</li></ul><br/><p><strong class="ql-size-large">Chapters</strong></p><ul><li>00:00 Introduction to Cybersecurity Journey</li><li>02:49 Exploring Cybersecurity Research and Trends</li><li>05:32 Tools and Techniques in Cybersecurity Research</li><li>08:34 Learning Through Capture The Flag Events</li><li>11:28 Identity Threats and Misconfigurations</li><li>14:16 Legacy Systems and Their Impact on Security</li><li>25:40 Understanding Use Cases in Security Permissions</li><li>27:36 The Principle of Least Privilege</li><li>29:31 The Complexity of Identity Management</li><li>30:28 Challenges in Observability and Access Control</li><li>32:16 Navigating Multi-Cloud Permissions</li><li>34:07 Tools for Enhancing Security Visibility</li><li>36:14 Continuous Learning in Cybersecurity</li><li>41:53 Community Engagement and Knowledge Sharing</li><li>45:32 Respecting the Journey in Cybersecurity</li></ul><br/><p>Companies mentioned in this episode:</p><ul><li>Segura</li><li>Trend Micro</li><li>Black Hat</li><li>Defcon</li><li>BSIDES</li><li>AWS</li><li>GCP</li><li>Azure</li><li>CrowdStrike</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/understanding-identity-threats-in-cybersecurity-with-filipi-pires]]></link><guid isPermaLink="false">b5e2bdcb-4c84-46fd-9a38-4c6a649a397c</guid><itunes:image href="https://artwork.captivate.fm/750e1213-10ee-4f24-a27c-f854c0bfbedb/ChatGPT-Image-Jun-16-2026-04-17-10-PM.jpg"/><pubDate>Wed, 16 Jul 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/b5e2bdcb-4c84-46fd-9a38-4c6a649a397c.mp3" length="23375426" type="audio/mpeg"/><itunes:duration>48:42</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>5</itunes:episode><podcast:episode>5</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/cc25552e-5555-48a4-9ea6-2fafe0c0bf1b/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/cc25552e-5555-48a4-9ea6-2fafe0c0bf1b/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/cc25552e-5555-48a4-9ea6-2fafe0c0bf1b/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-15c47c1b-85cf-4832-9e74-d90e455dbd46.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="Understanding Identity Threats in Cybersecurity with Filipi Pires"><podcast:source uri="https://youtu.be/k_Jw1IFIIMA"/></podcast:alternateEnclosure></item><item><title>The Hacker Building AI Tools to Find Security Weaknesses | Carlos Polop</title><itunes:title>The Hacker Building AI Tools to Find Security Weaknesses | Carlos Polop</itunes:title><description><![CDATA[<p>The primary focus of this podcast episode revolves around the innovative contributions of Carlos Polop to the field of cybersecurity, particularly through his work on HackTricks and various vulnerability assessment tools. Carlos shares his journey into the realm of hacking, which began later than most, ignited by a curiosity to overcome Wi-Fi challenges. He elaborates on the creation of Hack Tricks, a comprehensive repository of hacking techniques that serves not only as a personal resource but also as a pivotal educational tool for the cybersecurity community. Throughout our dialogue, we delve into the transformative impact of artificial intelligence on the industry, examining how tools like Hack Tricks AI facilitate learning and vulnerability detection. Additionally, Carlos emphasizes the importance of embracing AI as a powerful ally in enhancing one's skills and knowledge within this ever-evolving landscape of cybersecurity.</p><p>In this episode of the Security by Default podcast, host Joe Carson welcomes back cybersecurity expert Carlos Polop. They discuss Carlos's journey into the cybersecurity field, the creation and impact of HackTricks, and the role of AI in cybersecurity. Carlos shares insights on using large language models for hacking, the future of AI, and upcoming training courses.</p><p>The conversation emphasizes the importance of ethical hacking and the need for continuous learning in the rapidly evolving tech landscape.</p><p><strong>Key Takeaways</strong></p><ul><li>HackTricks was created as a personal resource for learning and sharing knowledge.</li><li>The community has greatly benefited from HackTricks in their learning journeys.</li><li>AI is revolutionizing the field of cybersecurity and coding.</li><li>Large language models can assist in finding vulnerabilities and automating tasks.</li><li>It's important to ask the right questions when using AI tools.</li><li>Carlos is developing new training courses focused on cloud security and privilege escalation.</li><li>Hacktricks AI is designed to help users with specific cybersecurity queries.</li><li>The future of AI in cybersecurity is promising but requires ethical considerations.</li><li>Continuous learning and adaptation are crucial in the cybersecurity field.</li></ul><br/><p><strong>Chapters:</strong></p><ul><li>00:00 Introduction to Cybersecurity and Hacktricks</li><li>02:54 The Journey into Hacking and OSCP</li><li>05:54 The Impact of Hacktricks on the Community</li><li>08:58 Recent Projects and Innovations in Cybersecurity</li><li>12:00 The Role of AI in Cybersecurity</li><li>14:57 Automating Code Creation with AI</li><li>18:01 Future of Hacktricks and Upcoming Courses</li><li>20:53 Final Thoughts on AI and Cybersecurity</li></ul><br/><p><strong>Resources:</strong></p><p><a href="https://book.hacktricks.wiki/en/index.html" rel="noopener noreferrer" target="_blank">https://book.hacktricks.wiki/en/index.html</a></p><p><a href="https://training.hacktricks.xyz/" rel="noopener noreferrer" target="_blank">https://training.hacktricks.xyz/</a></p><p><a href="https://www.hacktricks.ai/" rel="noopener noreferrer" target="_blank">https://www.hacktricks.ai/</a></p><p><a href="https://github.com/peass-ng/PEASS-ng" rel="noopener noreferrer" target="_blank">https://github.com/peass-ng/PEASS-ng</a></p><p>Links referenced in this episode:</p><ul><li><a href="https://hacktricks.xyz" rel="noopener noreferrer" target="_blank">hacktricks.xyz</a></li><li><a href="https://hacktricks.ai" rel="noopener noreferrer" target="_blank">hacktricks.ai</a></li></ul><br/>]]></description><content:encoded><![CDATA[<p>The primary focus of this podcast episode revolves around the innovative contributions of Carlos Polop to the field of cybersecurity, particularly through his work on HackTricks and various vulnerability assessment tools. Carlos shares his journey into the realm of hacking, which began later than most, ignited by a curiosity to overcome Wi-Fi challenges. He elaborates on the creation of Hack Tricks, a comprehensive repository of hacking techniques that serves not only as a personal resource but also as a pivotal educational tool for the cybersecurity community. Throughout our dialogue, we delve into the transformative impact of artificial intelligence on the industry, examining how tools like Hack Tricks AI facilitate learning and vulnerability detection. Additionally, Carlos emphasizes the importance of embracing AI as a powerful ally in enhancing one's skills and knowledge within this ever-evolving landscape of cybersecurity.</p><p>In this episode of the Security by Default podcast, host Joe Carson welcomes back cybersecurity expert Carlos Polop. They discuss Carlos's journey into the cybersecurity field, the creation and impact of HackTricks, and the role of AI in cybersecurity. Carlos shares insights on using large language models for hacking, the future of AI, and upcoming training courses.</p><p>The conversation emphasizes the importance of ethical hacking and the need for continuous learning in the rapidly evolving tech landscape.</p><p><strong>Key Takeaways</strong></p><ul><li>HackTricks was created as a personal resource for learning and sharing knowledge.</li><li>The community has greatly benefited from HackTricks in their learning journeys.</li><li>AI is revolutionizing the field of cybersecurity and coding.</li><li>Large language models can assist in finding vulnerabilities and automating tasks.</li><li>It's important to ask the right questions when using AI tools.</li><li>Carlos is developing new training courses focused on cloud security and privilege escalation.</li><li>Hacktricks AI is designed to help users with specific cybersecurity queries.</li><li>The future of AI in cybersecurity is promising but requires ethical considerations.</li><li>Continuous learning and adaptation are crucial in the cybersecurity field.</li></ul><br/><p><strong>Chapters:</strong></p><ul><li>00:00 Introduction to Cybersecurity and Hacktricks</li><li>02:54 The Journey into Hacking and OSCP</li><li>05:54 The Impact of Hacktricks on the Community</li><li>08:58 Recent Projects and Innovations in Cybersecurity</li><li>12:00 The Role of AI in Cybersecurity</li><li>14:57 Automating Code Creation with AI</li><li>18:01 Future of Hacktricks and Upcoming Courses</li><li>20:53 Final Thoughts on AI and Cybersecurity</li></ul><br/><p><strong>Resources:</strong></p><p><a href="https://book.hacktricks.wiki/en/index.html" rel="noopener noreferrer" target="_blank">https://book.hacktricks.wiki/en/index.html</a></p><p><a href="https://training.hacktricks.xyz/" rel="noopener noreferrer" target="_blank">https://training.hacktricks.xyz/</a></p><p><a href="https://www.hacktricks.ai/" rel="noopener noreferrer" target="_blank">https://www.hacktricks.ai/</a></p><p><a href="https://github.com/peass-ng/PEASS-ng" rel="noopener noreferrer" target="_blank">https://github.com/peass-ng/PEASS-ng</a></p><p>Links referenced in this episode:</p><ul><li><a href="https://hacktricks.xyz" rel="noopener noreferrer" target="_blank">hacktricks.xyz</a></li><li><a href="https://hacktricks.ai" rel="noopener noreferrer" target="_blank">hacktricks.ai</a></li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/hacktricks-ai-the-ethical-cybersecurity-ai-assistant]]></link><guid isPermaLink="false">44cb12c9-47a9-49fd-af6a-12979a3f94a3</guid><itunes:image href="https://artwork.captivate.fm/387b0180-4cab-458b-9f40-a5fe86d74a66/generated-image.jpg"/><pubDate>Wed, 02 Jul 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/44cb12c9-47a9-49fd-af6a-12979a3f94a3.mp3" length="13779893" type="audio/mpeg"/><itunes:duration>28:42</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>4</itunes:episode><podcast:episode>4</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/df9065ff-a9e0-4c22-88e8-8f91d9d7f6c2/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/df9065ff-a9e0-4c22-88e8-8f91d9d7f6c2/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/df9065ff-a9e0-4c22-88e8-8f91d9d7f6c2/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-9d548e13-8f70-48cd-9f37-1f65f6e535c4.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="Exploring the Genesis of HackTricks with Cybersecurity Expert Carlos Polop"><podcast:source uri="https://youtu.be/-v9UmOTAgqk"/></podcast:alternateEnclosure></item><item><title>Exploring the Evolution of Identity Governance and Administration with Martin Sandren</title><itunes:title>Exploring the Evolution of Identity Governance and Administration with Martin Sandren</itunes:title><description><![CDATA[<p>This podcast episode delves profoundly into the intricate nuances of Identity Governance and Administration (IGA) within the broader context of Identity and Access Management (IAM). We engage in a comprehensive dialogue with Martin, a seasoned expert in the field, who elucidates the fundamental distinctions between IGA and IAM while tracing the historical evolution of IGA systems, notably highlighting the transformative impact of regulatory developments. Our conversation further explores the contemporary challenges facing IGA, particularly in light of the dynamic workforce and the escalating sophistication of cyber threats, underscoring the necessity for organizations to adapt their identity strategies accordingly. Additionally, we examine the pivotal role of artificial intelligence and cloud technologies in modernizing IGA frameworks, thereby enhancing operational efficiency and security posture. This episode promises to furnish listeners with invaluable insights and perspectives that are essential for navigating the complexities of identity management in today’s ever-evolving digital landscape.</p><p>In this conversation, Joseph Carson and Martin Sandren delve into the evolving landscape of Identity Governance and Access Management (IGA). They discuss the significance of IGA in modern organizations, the challenges faced, and the impact of cloud solutions and AI on identity management. The conversation highlights the need for contextual and adaptive policies, the importance of interoperability, and the role of community engagement through conferences to stay updated in this rapidly changing field.</p><p>Key Takeaways</p><ul><li>IGA is essential for managing access and compliance in organizations.</li><li>The shift to cloud-based IGA solutions has transformed the landscape.</li><li>Contextual and adaptive policies are becoming the norm in identity management.</li><li>AI is playing a crucial role in enhancing identity governance.</li><li>Interoperability between systems is a significant challenge.</li><li>Phishing attacks are increasingly sophisticated due to AI advancements.</li><li>Zero trust principles emphasize reducing friction in access management.</li><li>Shadow IT and shadow AI pose risks to organizational security.</li><li>The signal-to-noise ratio in ITDR systems is a major concern.</li><li>Engagement in conferences and communities is vital for professional growth in IGA.</li></ul><br/><p>Chapters</p><ul><li>00:00 Introduction to Identity Governance and Administration</li><li>01:43 Understanding IGA vs. IAM</li><li>04:02 Challenges and Shortcomings of IGA</li><li>10:05 The Role of IGA in Modern Organizations</li><li>17:20 Modernizing IGA: Cloud Solutions and Innovations</li><li>19:07 The Acceleration of Cloud Adoption</li><li>21:01 Evolving Identity Management Landscape</li><li>22:53 AI's Role in Identity Governance</li><li>24:41 Managing Non-Human Identities</li><li>26:05 The Rise of Shadow IT and AI</li><li>28:37 Future of AI in Identity Management</li><li>30:35 Staying Updated in a Rapidly Changing Field</li></ul><br/><p>Resources:</p><p>Join an IdentiBeer meetup near you</p><p>https://identi.beer/</p><p>The exploration of Identity Governance and Administration (IGA) within this podcast episode reveals its paramount significance in the landscape of Identity and Access Management (IAM). The discussion is anchored by host Joe Carson, who introduces his guest Martin, a seasoned expert in the field, with a professional history that spans nearly 25 years. Martin's journey, which began as a computer lab administrator, culminates in his current role at IKEA, where he leads initiatives related to identity and access, thus providing a rich contextual foundation for the conversation. As the dialogue unfolds, Martin elucidates the distinctions between IGA and IAM, framing IGA as an essential framework for managing user identities and access rights in large organizations. He recounts the historical context of IGA's emergence, particularly its role in sectors requiring efficient user provisioning, such as hospitality and retail. The conversation further delves into the complexities introduced by modern technological advancements, such as cloud computing and the rise of remote work, necessitating a reevaluation of traditional IGA practices to enhance compliance and security. Martin emphasizes the critical importance of automation in IGA processes, which not only streamline operations but also mitigate risks associated with user access management. The latter portions of the episode engage in a critical analysis of the challenges organizations face today in implementing effective IGA strategies. Martin and Joe discuss the implications of emerging technologies, particularly artificial intelligence, in reshaping IGA practices by enabling adaptive policy frameworks that respond to the dynamic nature of user access. The conversation culminates in a forward-looking vision for IGA, advocating for a transition towards more context-aware and flexible governance structures. By the conclusion of the episode, listeners are left with a profound understanding of the vital role IGA plays in ensuring organizational integrity and security in an ever-evolving digital landscape.</p><p>Takeaways:</p><ul><li>The podcast emphasizes the importance of understanding the differences between Identity Governance Administration (IGA) and Identity and Access Management (IAM) in modern security frameworks.</li><li>Listeners are encouraged to recognize the evolution of identity management systems towards more cloud-based solutions that enhance efficiency and adaptability for organizations.</li><li>The discussion highlights the critical role of compliance and regulatory frameworks, such as GDPR, in shaping the landscape of identity management and security protocols.</li><li>Both speakers reflect on the growing challenges posed by remote work and the necessity of adapting security measures to protect against evolving threats and vulnerabilities.</li><li>The conversation underscores the significance of integrating artificial intelligence into identity management processes to streamline operations and improve security measures.</li><li>Lastly, the podcast advocates for a balanced approach between productivity and security to minimize friction while ensuring robust access control within organizations.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>This podcast episode delves profoundly into the intricate nuances of Identity Governance and Administration (IGA) within the broader context of Identity and Access Management (IAM). We engage in a comprehensive dialogue with Martin, a seasoned expert in the field, who elucidates the fundamental distinctions between IGA and IAM while tracing the historical evolution of IGA systems, notably highlighting the transformative impact of regulatory developments. Our conversation further explores the contemporary challenges facing IGA, particularly in light of the dynamic workforce and the escalating sophistication of cyber threats, underscoring the necessity for organizations to adapt their identity strategies accordingly. Additionally, we examine the pivotal role of artificial intelligence and cloud technologies in modernizing IGA frameworks, thereby enhancing operational efficiency and security posture. This episode promises to furnish listeners with invaluable insights and perspectives that are essential for navigating the complexities of identity management in today’s ever-evolving digital landscape.</p><p>In this conversation, Joseph Carson and Martin Sandren delve into the evolving landscape of Identity Governance and Access Management (IGA). They discuss the significance of IGA in modern organizations, the challenges faced, and the impact of cloud solutions and AI on identity management. The conversation highlights the need for contextual and adaptive policies, the importance of interoperability, and the role of community engagement through conferences to stay updated in this rapidly changing field.</p><p>Key Takeaways</p><ul><li>IGA is essential for managing access and compliance in organizations.</li><li>The shift to cloud-based IGA solutions has transformed the landscape.</li><li>Contextual and adaptive policies are becoming the norm in identity management.</li><li>AI is playing a crucial role in enhancing identity governance.</li><li>Interoperability between systems is a significant challenge.</li><li>Phishing attacks are increasingly sophisticated due to AI advancements.</li><li>Zero trust principles emphasize reducing friction in access management.</li><li>Shadow IT and shadow AI pose risks to organizational security.</li><li>The signal-to-noise ratio in ITDR systems is a major concern.</li><li>Engagement in conferences and communities is vital for professional growth in IGA.</li></ul><br/><p>Chapters</p><ul><li>00:00 Introduction to Identity Governance and Administration</li><li>01:43 Understanding IGA vs. IAM</li><li>04:02 Challenges and Shortcomings of IGA</li><li>10:05 The Role of IGA in Modern Organizations</li><li>17:20 Modernizing IGA: Cloud Solutions and Innovations</li><li>19:07 The Acceleration of Cloud Adoption</li><li>21:01 Evolving Identity Management Landscape</li><li>22:53 AI's Role in Identity Governance</li><li>24:41 Managing Non-Human Identities</li><li>26:05 The Rise of Shadow IT and AI</li><li>28:37 Future of AI in Identity Management</li><li>30:35 Staying Updated in a Rapidly Changing Field</li></ul><br/><p>Resources:</p><p>Join an IdentiBeer meetup near you</p><p>https://identi.beer/</p><p>The exploration of Identity Governance and Administration (IGA) within this podcast episode reveals its paramount significance in the landscape of Identity and Access Management (IAM). The discussion is anchored by host Joe Carson, who introduces his guest Martin, a seasoned expert in the field, with a professional history that spans nearly 25 years. Martin's journey, which began as a computer lab administrator, culminates in his current role at IKEA, where he leads initiatives related to identity and access, thus providing a rich contextual foundation for the conversation. As the dialogue unfolds, Martin elucidates the distinctions between IGA and IAM, framing IGA as an essential framework for managing user identities and access rights in large organizations. He recounts the historical context of IGA's emergence, particularly its role in sectors requiring efficient user provisioning, such as hospitality and retail. The conversation further delves into the complexities introduced by modern technological advancements, such as cloud computing and the rise of remote work, necessitating a reevaluation of traditional IGA practices to enhance compliance and security. Martin emphasizes the critical importance of automation in IGA processes, which not only streamline operations but also mitigate risks associated with user access management. The latter portions of the episode engage in a critical analysis of the challenges organizations face today in implementing effective IGA strategies. Martin and Joe discuss the implications of emerging technologies, particularly artificial intelligence, in reshaping IGA practices by enabling adaptive policy frameworks that respond to the dynamic nature of user access. The conversation culminates in a forward-looking vision for IGA, advocating for a transition towards more context-aware and flexible governance structures. By the conclusion of the episode, listeners are left with a profound understanding of the vital role IGA plays in ensuring organizational integrity and security in an ever-evolving digital landscape.</p><p>Takeaways:</p><ul><li>The podcast emphasizes the importance of understanding the differences between Identity Governance Administration (IGA) and Identity and Access Management (IAM) in modern security frameworks.</li><li>Listeners are encouraged to recognize the evolution of identity management systems towards more cloud-based solutions that enhance efficiency and adaptability for organizations.</li><li>The discussion highlights the critical role of compliance and regulatory frameworks, such as GDPR, in shaping the landscape of identity management and security protocols.</li><li>Both speakers reflect on the growing challenges posed by remote work and the necessity of adapting security measures to protect against evolving threats and vulnerabilities.</li><li>The conversation underscores the significance of integrating artificial intelligence into identity management processes to streamline operations and improve security measures.</li><li>Lastly, the podcast advocates for a balanced approach between productivity and security to minimize friction while ensuring robust access control within organizations.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/the-evolution-of-identity-governance-in-modern-organizations]]></link><guid isPermaLink="false">b1c70caa-4da1-46b5-b78b-e7df6f1f7bad</guid><itunes:image href="https://artwork.captivate.fm/13ebe984-a765-4131-876a-0c99f0722967/generated-image.jpg"/><pubDate>Wed, 18 Jun 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/b1c70caa-4da1-46b5-b78b-e7df6f1f7bad.mp3" length="16691397" type="audio/mpeg"/><itunes:duration>34:46</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>3</itunes:episode><podcast:episode>3</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/2df6460d-1699-4d9e-af01-0d6edb3d4f6e/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/2df6460d-1699-4d9e-af01-0d6edb3d4f6e/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/2df6460d-1699-4d9e-af01-0d6edb3d4f6e/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-8ecd2c0f-c524-4e0f-b014-e92231eb642d.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="Exploring the Evolution of Identity Governance and Administration with Martin Sandren"><podcast:source uri="https://youtu.be/VKOJvcaOYI4"/></podcast:alternateEnclosure></item><item><title>Unveiling the Art of Hardware Hacking with Joe Grand</title><itunes:title>Unveiling the Art of Hardware Hacking with Joe Grand</itunes:title><description><![CDATA[<p>This podcast episode centers on the exploration of hardware hacking, emphasizing the significance of continuous learning and community engagement within the hacker culture. I am joined by the esteemed Joe Grand, a prominent figure in the hardware hacking domain, who shares his extensive knowledge and experiences. Throughout our conversation, we elucidate the importance of collaboration and mentorship as pivotal elements that foster innovation and drive progress in the field. Grand reflects on his own journey, highlighting the challenges and triumphs he has encountered, ultimately inspiring listeners to embrace their curiosity and pursue their passions in technology. As we delve into the nuances of hacking and security, we hope to ignite a fervor for exploration and knowledge-sharing among our audience.</p><p>In this episode, Joe Carson interviews Joe Grand, a renowned hardware hacker and educator. They discuss Joe Grand's journey into hacking, the importance of community and collaboration in the field, and the evolution of technology and security challenges over the years. Joe shares his early experiences with computers, his transition from engineering to hardware hacking, and the pivotal role of the Loft in shaping his career. The conversation also touches on the founding of @Stake (ATstake, Inc.) and the challenges of balancing passion with corporate expectations in the cybersecurity industry.</p><p>In this conversation, Joe Grand discusses his journey in the hacking community, including his experiences designing badges for Defcon, the importance of artistic engineering, and the impact of live hacking events. He shares insights on parenting in the digital age, the significance of legacy software security, and the challenges of vendor communication. Joe also highlights his current projects, the learning process through failure, and resources for aspiring hackers, culminating in a discussion about his involvement in a film related to cryptocurrency.</p><h2><strong>Takeaways</strong></h2><ul><li>Community and collaboration are vital in the hacking world.</li><li>Hacking is a continuous learning process; you never know everything.</li><li>Early experiences with computers often start with games and curiosity.</li><li>The Loft provided a transformative experience for Joe Grand.</li><li>Transitioning from engineering to hacking can be a natural progression.</li><li>AtStake was a significant step in Joe's career, merging hacking with business.</li><li>Finding purpose in teaching others about hardware hacking is fulfilling.</li><li>The importance of viewing security from an adversarial perspective.</li><li>Hacking and engineering can complement each other in unique ways. Joe Grand returned to design the Defcon badge after years away.</li><li>He emphasizes the blend of art and engineering in hacking.</li><li>Live events showcase the real-time problem-solving process in hacking.</li><li>Parenting involves guiding children through the digital landscape.</li><li>Not all hacks need to be groundbreaking to be significant.</li><li>Legacy software security remains a critical issue.</li><li>Effective communication between vendors and hackers is essential.</li><li>Current projects focus on refining fault injection techniques.</li><li>Learning through failure is a vital part of the hacking process.</li><li>Documentation is crucial for replicating and building on work.</li></ul><br/><h2><strong>Chapters</strong></h2><ul><li>00:00 Introduction to the Podcast and Guest</li><li>01:43 The Journey of a Hardware Hacker</li><li>05:16 The Importance of Community in Hacking</li><li>09:50 Early Experiences and Hacker Origins</li><li>14:41 Transitioning from Engineering to Hardware Hacking</li><li>18:16 The Loft: A Transformational Experience</li><li>23:51 From Passion to Career: The AtStake Journey</li><li>30:56 Finding Purpose in Teaching and Hacking</li><li>33:21 Reviving the Defcon Badge Design</li><li>34:47 Exploring Artistic Engineering in Hacking</li><li>35:44 The Impact of Live Hacking Events</li><li>37:33 Parenting in the Digital Age</li><li>39:28 Lessons from Hacking Time</li><li>42:48 The Importance of Legacy Software Security</li><li>46:37 Vendor Communication and Security</li><li>48:58 Current Projects and Future Directions</li><li>51:51 Learning Through Failure</li><li>54:54 Resources for Aspiring Hackers</li><li>58:56 The Intersection of Hacking and Film</li></ul><br/><h2><strong>Additional Resources:</strong></h2><p>https://grandideastudio.com/</p><p>https://www.youtube.com/watch?v=o5IySpAkThg</p><p>https://www.imdb.com/title/tt27307826/</p><p>The latest episode features an in-depth conversation with Joe Grand, a prominent figure in the realm of hardware hacking. Grand, who is affectionately known in the community as 'kingpin', shares his extensive journey from a curious young hacker to a seasoned professional dedicated to teaching and inspiring others in the field. The discussion is rich with insights about the evolution of hacking culture, the significance of community engagement at conferences, and the intrinsic motivations that fuel a hacker's passion for exploration and innovation. Throughout the dialogue, Grand emphasizes the importance of continuous learning and adaptation in a rapidly changing technological landscape, noting that the challenges faced by hackers today echo those from decades past. This episode serves as a testament to the resilience of the hacker community and the collaborative spirit that drives individuals to share knowledge and skills, ultimately fostering a safer digital environment for all.</p><p>Takeaways:</p><ul><li>The podcast explores the journeys of individuals in the hardware hacking community, emphasizing the importance of sharing knowledge and experiences.</li><li>Listeners are encouraged to attend conferences and engage with fellow hackers to enhance their learning and stay inspired.</li><li>The discussion highlights the significance of community support in overcoming challenges encountered in the hacking and engineering fields.</li><li>Throughout the episode, the speakers reflect on the evolution of technology and the recurring security issues that arise with new innovations.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>This podcast episode centers on the exploration of hardware hacking, emphasizing the significance of continuous learning and community engagement within the hacker culture. I am joined by the esteemed Joe Grand, a prominent figure in the hardware hacking domain, who shares his extensive knowledge and experiences. Throughout our conversation, we elucidate the importance of collaboration and mentorship as pivotal elements that foster innovation and drive progress in the field. Grand reflects on his own journey, highlighting the challenges and triumphs he has encountered, ultimately inspiring listeners to embrace their curiosity and pursue their passions in technology. As we delve into the nuances of hacking and security, we hope to ignite a fervor for exploration and knowledge-sharing among our audience.</p><p>In this episode, Joe Carson interviews Joe Grand, a renowned hardware hacker and educator. They discuss Joe Grand's journey into hacking, the importance of community and collaboration in the field, and the evolution of technology and security challenges over the years. Joe shares his early experiences with computers, his transition from engineering to hardware hacking, and the pivotal role of the Loft in shaping his career. The conversation also touches on the founding of @Stake (ATstake, Inc.) and the challenges of balancing passion with corporate expectations in the cybersecurity industry.</p><p>In this conversation, Joe Grand discusses his journey in the hacking community, including his experiences designing badges for Defcon, the importance of artistic engineering, and the impact of live hacking events. He shares insights on parenting in the digital age, the significance of legacy software security, and the challenges of vendor communication. Joe also highlights his current projects, the learning process through failure, and resources for aspiring hackers, culminating in a discussion about his involvement in a film related to cryptocurrency.</p><h2><strong>Takeaways</strong></h2><ul><li>Community and collaboration are vital in the hacking world.</li><li>Hacking is a continuous learning process; you never know everything.</li><li>Early experiences with computers often start with games and curiosity.</li><li>The Loft provided a transformative experience for Joe Grand.</li><li>Transitioning from engineering to hacking can be a natural progression.</li><li>AtStake was a significant step in Joe's career, merging hacking with business.</li><li>Finding purpose in teaching others about hardware hacking is fulfilling.</li><li>The importance of viewing security from an adversarial perspective.</li><li>Hacking and engineering can complement each other in unique ways. Joe Grand returned to design the Defcon badge after years away.</li><li>He emphasizes the blend of art and engineering in hacking.</li><li>Live events showcase the real-time problem-solving process in hacking.</li><li>Parenting involves guiding children through the digital landscape.</li><li>Not all hacks need to be groundbreaking to be significant.</li><li>Legacy software security remains a critical issue.</li><li>Effective communication between vendors and hackers is essential.</li><li>Current projects focus on refining fault injection techniques.</li><li>Learning through failure is a vital part of the hacking process.</li><li>Documentation is crucial for replicating and building on work.</li></ul><br/><h2><strong>Chapters</strong></h2><ul><li>00:00 Introduction to the Podcast and Guest</li><li>01:43 The Journey of a Hardware Hacker</li><li>05:16 The Importance of Community in Hacking</li><li>09:50 Early Experiences and Hacker Origins</li><li>14:41 Transitioning from Engineering to Hardware Hacking</li><li>18:16 The Loft: A Transformational Experience</li><li>23:51 From Passion to Career: The AtStake Journey</li><li>30:56 Finding Purpose in Teaching and Hacking</li><li>33:21 Reviving the Defcon Badge Design</li><li>34:47 Exploring Artistic Engineering in Hacking</li><li>35:44 The Impact of Live Hacking Events</li><li>37:33 Parenting in the Digital Age</li><li>39:28 Lessons from Hacking Time</li><li>42:48 The Importance of Legacy Software Security</li><li>46:37 Vendor Communication and Security</li><li>48:58 Current Projects and Future Directions</li><li>51:51 Learning Through Failure</li><li>54:54 Resources for Aspiring Hackers</li><li>58:56 The Intersection of Hacking and Film</li></ul><br/><h2><strong>Additional Resources:</strong></h2><p>https://grandideastudio.com/</p><p>https://www.youtube.com/watch?v=o5IySpAkThg</p><p>https://www.imdb.com/title/tt27307826/</p><p>The latest episode features an in-depth conversation with Joe Grand, a prominent figure in the realm of hardware hacking. Grand, who is affectionately known in the community as 'kingpin', shares his extensive journey from a curious young hacker to a seasoned professional dedicated to teaching and inspiring others in the field. The discussion is rich with insights about the evolution of hacking culture, the significance of community engagement at conferences, and the intrinsic motivations that fuel a hacker's passion for exploration and innovation. Throughout the dialogue, Grand emphasizes the importance of continuous learning and adaptation in a rapidly changing technological landscape, noting that the challenges faced by hackers today echo those from decades past. This episode serves as a testament to the resilience of the hacker community and the collaborative spirit that drives individuals to share knowledge and skills, ultimately fostering a safer digital environment for all.</p><p>Takeaways:</p><ul><li>The podcast explores the journeys of individuals in the hardware hacking community, emphasizing the importance of sharing knowledge and experiences.</li><li>Listeners are encouraged to attend conferences and engage with fellow hackers to enhance their learning and stay inspired.</li><li>The discussion highlights the significance of community support in overcoming challenges encountered in the hacking and engineering fields.</li><li>Throughout the episode, the speakers reflect on the evolution of technology and the recurring security issues that arise with new innovations.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/the-journey-of-a-hardware-hacker-with-joe-grand]]></link><guid isPermaLink="false">fd03a84e-890d-4d1e-8fa4-38cc59a63c07</guid><itunes:image href="https://artwork.captivate.fm/70358d51-4ba4-4c68-aba7-c03e5a63b9fe/generated-image-21.jpg"/><pubDate>Wed, 04 Jun 2025 15:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/fd03a84e-890d-4d1e-8fa4-38cc59a63c07.mp3" length="26100285" type="audio/mpeg"/><itunes:duration>54:23</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>2</itunes:episode><podcast:episode>2</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/a84eeadd-5dd4-409a-8a4a-f636c26928cf/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/a84eeadd-5dd4-409a-8a4a-f636c26928cf/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/a84eeadd-5dd4-409a-8a4a-f636c26928cf/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-ef4683fa-9c29-4f7d-bf1f-a48e24c4a8b9.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="Unveiling the Art of Hardware Hacking with Joe Grand"><podcast:source uri="https://youtu.be/eLA2Vu7tveY"/></podcast:alternateEnclosure></item><item><title>Harnessing AI: The Future of Cybersecurity and Data Governance with Terence Jackson</title><itunes:title>Harnessing AI: The Future of Cybersecurity and Data Governance with Terence Jackson</itunes:title><description><![CDATA[<p>The primary focus of this podcast episode is the evolving role of Chief Information Security Officers (CISOs) in the contemporary cybersecurity landscape, particularly in relation to the integration of artificial intelligence (AI) into security strategies. We engage in a profound discussion about the necessity for CISOs to adapt their approaches in light of increasing data complexities and the rapid advancement of AI technologies, which pose both new challenges and opportunities for organizations. The conversation highlights the critical importance of foundational cybersecurity practices such as identity and access management, data governance, and the implementation of zero trust frameworks. Moreover, we explore the pressing need for CISOs to move beyond traditional IT security paradigms, embracing their roles as risk managers who facilitate secure business operations rather than merely enforcing restrictions. As we delve into this intricate subject, we underscore the significance of a proactive and informed approach to managing cybersecurity risks in an era marked by relentless technological evolution.</p><p>In this episode of the Security by Default podcast, host Joseph Carson speaks with cybersecurity expert Terence Jackson about the evolving landscape of cybersecurity, the challenges faced by CISOs, and the importance of data security and governance. They discuss the impact of AI on security practices, the role of the CISO as a risk manager, and the need for organizations to prioritize foundational security measures in a rapidly changing technological environment.</p><p>In this conversation, Terence Jackson and Joseph discuss the evolving landscape of cybersecurity, emphasizing the importance of asset management, the role of AI in business intelligence, and the need for a balance between security and user experience. They explore the future of CISOs in a world increasingly governed by digital intelligence and the necessity of continuous learning and community engagement in the cybersecurity field.</p><p><strong>Key Takeaways</strong></p><ul><li>The cybersecurity landscape is constantly evolving, with new challenges emerging.</li><li>AI is transforming both the attack and defense sides of cybersecurity.</li><li>Data security remains a critical concern for organizations.</li><li>CISOs are increasingly seen as risk managers rather than just security officers.</li><li>Governance and compliance are essential for effective data management.</li><li>Organizations must prioritize identity and access management.</li><li>The role of the CISO has become more strategic and board-level.</li><li>Understanding data exposure risks is crucial for compliance.</li><li>Foundational security practices are necessary for effective defense.</li><li>Continuous learning and adaptation are vital in the fast-paced tech world. AI will play a crucial role in enhancing business intelligence.</li><li>Effective asset management is foundational for organizational security.</li><li>Zero trust must be balanced with zero friction for user experience.</li><li>Creating a positive security culture is essential for engagement.</li><li>CISOs will increasingly focus on data governance and business risks.</li><li>The proliferation of AI agents presents new security challenges.</li><li>Security should be integrated seamlessly into user workflows.</li><li>Continuous learning is vital in the rapidly changing cybersecurity landscape.</li><li>Community engagement fosters knowledge sharing and support.</li><li>Focusing on the basics is key to effective cybersecurity.</li></ul><br/><p><strong>Chapters</strong></p><ul><li>00:00 Introduction to Cybersecurity Journeys</li><li>02:17 Challenges in Cybersecurity Today</li><li>06:43 The Evolving Role of the CISO</li><li>11:06 Governance, Compliance, and Data Security</li><li>14:56 Prioritizing Security in a Fast-Paced World</li><li>19:39 The Role of AI in Business Intelligence</li><li>20:02 Importance of Asset Management</li><li>21:52 Zero Trust and Zero Friction Security</li><li>23:38 Creating a Positive Security Culture</li><li>24:27 The Future of CISOs and Digital Intelligence</li><li>29:32 Continuous Learning and Community Engagement</li></ul><br/><p><strong>Additional Resources:</strong></p><p>Connect with Terence: https://www.linkedin.com/in/terencejackson/</p><p>https://www.terencedjackson.com/</p><p>The podcast episode presents a profound and enlightening dialogue between two seasoned professionals in the realm of cybersecurity, highlighting the evolving role of Chief Information Security Officers (CISOs) in today's digital landscape. The conversation commences with an introduction to Terence, a veteran in the cybersecurity industry, whose extensive experience spans over two decades. He provides a candid glimpse into his early fascination with technology, tracing it back to his first computer, the Commodore 64, and his subsequent academic pursuits in information systems. This personal narrative seamlessly transitions into a professional discourse on the pressing challenges that CISOs face in the contemporary landscape, particularly in light of the rapid advancements in artificial intelligence (AI). The discussion delves into the critical importance of identity and access management, data security, and the perennial struggle of organizations to maintain robust cybersecurity postures amidst a backdrop of increasing threats such as ransomware. Terence articulates how the current AI transformation has not only intensified existing security challenges but has also underscored the necessity for organizations to adopt a forward-thinking approach to their cybersecurity strategies. Moreover, the dialogue shifts to address the integration of AI within cybersecurity frameworks, emphasizing the need for CISOs to leverage AI as both a defensive tool and a potential adversarial threat. The speakers explore the nuances of deploying AI responsibly while ensuring that ethical considerations and governance frameworks are firmly in place. The conversation culminates in a reflection on the fundamental principles that underpin effective cybersecurity practices, advocating for a return to the basics as a means of fortifying organizations against emerging threats. Ultimately, the episode serves as a clarion call for CISOs to embrace a mindset of continuous learning and adaptation, recognizing that the landscape of cybersecurity is inextricably linked to the broader context of societal safety and organizational resilience.</p><p>Takeaways:</p><ul><li>The ongoing transformation in AI has exacerbated long-standing issues related to identity and access management.</li><li>CISOs are increasingly being viewed as enterprise risk managers rather than merely IT security officials.</li><li>The evolution of digital agents necessitates robust governance to mitigate associated risks effectively.</li><li>Data security remains a paramount concern, particularly in light of AI's impact on access to sensitive information.</li><li>A focus on foundational cybersecurity principles is essential for developing effective defense strategies.</li><li>The integration of security within organizational workflows must balance robust protections with user experience to avoid friction.</li></ul><br/>]]></description><content:encoded><![CDATA[<p>The primary focus of this podcast episode is the evolving role of Chief Information Security Officers (CISOs) in the contemporary cybersecurity landscape, particularly in relation to the integration of artificial intelligence (AI) into security strategies. We engage in a profound discussion about the necessity for CISOs to adapt their approaches in light of increasing data complexities and the rapid advancement of AI technologies, which pose both new challenges and opportunities for organizations. The conversation highlights the critical importance of foundational cybersecurity practices such as identity and access management, data governance, and the implementation of zero trust frameworks. Moreover, we explore the pressing need for CISOs to move beyond traditional IT security paradigms, embracing their roles as risk managers who facilitate secure business operations rather than merely enforcing restrictions. As we delve into this intricate subject, we underscore the significance of a proactive and informed approach to managing cybersecurity risks in an era marked by relentless technological evolution.</p><p>In this episode of the Security by Default podcast, host Joseph Carson speaks with cybersecurity expert Terence Jackson about the evolving landscape of cybersecurity, the challenges faced by CISOs, and the importance of data security and governance. They discuss the impact of AI on security practices, the role of the CISO as a risk manager, and the need for organizations to prioritize foundational security measures in a rapidly changing technological environment.</p><p>In this conversation, Terence Jackson and Joseph discuss the evolving landscape of cybersecurity, emphasizing the importance of asset management, the role of AI in business intelligence, and the need for a balance between security and user experience. They explore the future of CISOs in a world increasingly governed by digital intelligence and the necessity of continuous learning and community engagement in the cybersecurity field.</p><p><strong>Key Takeaways</strong></p><ul><li>The cybersecurity landscape is constantly evolving, with new challenges emerging.</li><li>AI is transforming both the attack and defense sides of cybersecurity.</li><li>Data security remains a critical concern for organizations.</li><li>CISOs are increasingly seen as risk managers rather than just security officers.</li><li>Governance and compliance are essential for effective data management.</li><li>Organizations must prioritize identity and access management.</li><li>The role of the CISO has become more strategic and board-level.</li><li>Understanding data exposure risks is crucial for compliance.</li><li>Foundational security practices are necessary for effective defense.</li><li>Continuous learning and adaptation are vital in the fast-paced tech world. AI will play a crucial role in enhancing business intelligence.</li><li>Effective asset management is foundational for organizational security.</li><li>Zero trust must be balanced with zero friction for user experience.</li><li>Creating a positive security culture is essential for engagement.</li><li>CISOs will increasingly focus on data governance and business risks.</li><li>The proliferation of AI agents presents new security challenges.</li><li>Security should be integrated seamlessly into user workflows.</li><li>Continuous learning is vital in the rapidly changing cybersecurity landscape.</li><li>Community engagement fosters knowledge sharing and support.</li><li>Focusing on the basics is key to effective cybersecurity.</li></ul><br/><p><strong>Chapters</strong></p><ul><li>00:00 Introduction to Cybersecurity Journeys</li><li>02:17 Challenges in Cybersecurity Today</li><li>06:43 The Evolving Role of the CISO</li><li>11:06 Governance, Compliance, and Data Security</li><li>14:56 Prioritizing Security in a Fast-Paced World</li><li>19:39 The Role of AI in Business Intelligence</li><li>20:02 Importance of Asset Management</li><li>21:52 Zero Trust and Zero Friction Security</li><li>23:38 Creating a Positive Security Culture</li><li>24:27 The Future of CISOs and Digital Intelligence</li><li>29:32 Continuous Learning and Community Engagement</li></ul><br/><p><strong>Additional Resources:</strong></p><p>Connect with Terence: https://www.linkedin.com/in/terencejackson/</p><p>https://www.terencedjackson.com/</p><p>The podcast episode presents a profound and enlightening dialogue between two seasoned professionals in the realm of cybersecurity, highlighting the evolving role of Chief Information Security Officers (CISOs) in today's digital landscape. The conversation commences with an introduction to Terence, a veteran in the cybersecurity industry, whose extensive experience spans over two decades. He provides a candid glimpse into his early fascination with technology, tracing it back to his first computer, the Commodore 64, and his subsequent academic pursuits in information systems. This personal narrative seamlessly transitions into a professional discourse on the pressing challenges that CISOs face in the contemporary landscape, particularly in light of the rapid advancements in artificial intelligence (AI). The discussion delves into the critical importance of identity and access management, data security, and the perennial struggle of organizations to maintain robust cybersecurity postures amidst a backdrop of increasing threats such as ransomware. Terence articulates how the current AI transformation has not only intensified existing security challenges but has also underscored the necessity for organizations to adopt a forward-thinking approach to their cybersecurity strategies. Moreover, the dialogue shifts to address the integration of AI within cybersecurity frameworks, emphasizing the need for CISOs to leverage AI as both a defensive tool and a potential adversarial threat. The speakers explore the nuances of deploying AI responsibly while ensuring that ethical considerations and governance frameworks are firmly in place. The conversation culminates in a reflection on the fundamental principles that underpin effective cybersecurity practices, advocating for a return to the basics as a means of fortifying organizations against emerging threats. Ultimately, the episode serves as a clarion call for CISOs to embrace a mindset of continuous learning and adaptation, recognizing that the landscape of cybersecurity is inextricably linked to the broader context of societal safety and organizational resilience.</p><p>Takeaways:</p><ul><li>The ongoing transformation in AI has exacerbated long-standing issues related to identity and access management.</li><li>CISOs are increasingly being viewed as enterprise risk managers rather than merely IT security officials.</li><li>The evolution of digital agents necessitates robust governance to mitigate associated risks effectively.</li><li>Data security remains a paramount concern, particularly in light of AI's impact on access to sensitive information.</li><li>A focus on foundational cybersecurity principles is essential for developing effective defense strategies.</li><li>The integration of security within organizational workflows must balance robust protections with user experience to avoid friction.</li></ul><br/>]]></content:encoded><link><![CDATA[https://wiretrap.eu/podcast/shadow-ai-and-ais-impact-on-cybersecurity-strategies]]></link><guid isPermaLink="false">121c341e-7c27-4ef6-9a34-ed1a562bd0c1</guid><itunes:image href="https://artwork.captivate.fm/00f4fb2e-453b-4f3f-9ee8-7c368dfa1fd4/EP001-Thumbnail.jpg"/><pubDate>Wed, 21 May 2025 14:00:00 +0300</pubDate><enclosure url="https://episodes.captivate.fm/episode/121c341e-7c27-4ef6-9a34-ed1a562bd0c1.mp3" length="16707932" type="audio/mpeg"/><itunes:duration>34:48</itunes:duration><itunes:explicit>false</itunes:explicit><itunes:episodeType>full</itunes:episodeType><itunes:season>1</itunes:season><itunes:episode>1</itunes:episode><podcast:episode>1</podcast:episode><podcast:season>1</podcast:season><podcast:transcript url="https://transcripts.captivate.fm/transcript/4e37f3b3-7602-4566-9a14-7814e0b9086a/transcript.json" type="application/json"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/4e37f3b3-7602-4566-9a14-7814e0b9086a/transcript.srt" type="application/srt" rel="captions"/><podcast:transcript url="https://transcripts.captivate.fm/transcript/4e37f3b3-7602-4566-9a14-7814e0b9086a/index.html" type="text/html"/><podcast:chapters url="https://transcripts.captivate.fm/chapter-266ccece-c364-4e39-a274-7e052e21fd4b.json" type="application/json+chapters"/><podcast:alternateEnclosure type="video/youtube" title="EP001 - Harnessing AI: The Future of Cybersecurity and Data Governance with Terence Jackson"><podcast:source uri="https://youtu.be/CIA5EOnEOYI"/></podcast:alternateEnclosure></item></channel></rss>