This episode explores the dramatic transformation of the global cybersecurity services market in 2025, driven significantly by AI integration, evolving threat landscapes, and new regulatory pressures. We delve into how AI is fundamentally disrupting traditional per-user pricing models, paving the wa
Cognitive warfare is a national security imperative to understand, as it focuses on influencing an opponent's reasoning, decisions, and actions to secure strategic objectives, often with less military effort. Russia is a key player in this space, using cognitive warfare to shape global decision-maki
This episode delves into the critical role of the Chief Information Security Officer (CISO) in navigating complex information protection landscapes and managing corporate-level security risks for sustained growth. We explore how modern security threats, such as ransomware, increasingly bypass tradit
Facing unprecedented cyber threats and a severe global talent shortage, organizations are compelled to rethink how they secure their digital assets and operations. This episode explores various strategic solutions, from leveraging fractional CISOs and managed security service providers to integratin
Boards often struggle to grasp complex cyber risks due to technical jargon and inconsistent, non-financial reporting, leading to an "accountability gap". This podcast explores how to effectively communicate cyber threats and vulnerabilities in financial and business terms, enabling informed decision
In an era where most cyber breaches originate from human error, "Human Firewall" explores how organizations can empower their employees to become their most formidable defense against digital threats. This podcast delves into the essential strategies for cultivating a positive security culture, focu
This podcast explores the critical intersection where Information Technology (IT), Operational Technology (OT), and the Internet of Things (IoT) converge, dissolving traditional limitations but introducing complex cyber-physical threats. We delve into the unique challenges and escalating risks faced
This podcast explores MITRE's SAFE-AI framework, a comprehensive guide for securing AI-enabled systems, developed by authors such as J. Kressel and R. Perrella. It builds upon established NIST standards and the MITRE Adversarial Threat Landscape for Artificial Intelligence Systems (ATLAS)™ framework
In today's interconnected world, organizational supply chains stretch far beyond direct vendors, creating complex multi-tiered ecosystems where risks lurk deep within the 'invisible links' of fourth-party providers and beyond. Organizations often "fly blind" regarding these deeper dependencies, yet
In today's increasingly complex regulatory landscape, organizations frequently grapple with manual processes, audit fatigue, and duplicated efforts across multiple frameworks, leading to significant costs and inefficiencies. This episode delves into how GRC platforms and automation are fundamentally
This podcast explores how Artificial Intelligence (AI) is fundamentally transforming Data Loss Prevention (DLP) and cloud security, moving beyond outdated rule-based systems to offer dynamic and intelligent protection in complex multi-cloud environments. We delve into how AI-powered DLP enhances dat
In a world where identity is recognized as the new perimeter, organizations face the critical challenge of balancing robust security measures with seamless user experiences and operational efficiency in identity management. This episode delves into key strategies such as implementing phishing-resist
This podcast uncovers China's state-driven campaign to dominate global artificial intelligence, revealing a sweeping national buildout of AI data centers and a strategic fusion of commercial capacity with geopolitical intent. We explore how the People's Republic of China's (PRC) rapid infrastructure
This podcast is your essential guide to building a robust cybersecurity risk management strategy for network and information systems across Europe, as mandated by the NIS2 Directive. We delve into ENISA's Technical Implementation Guidance, breaking down its core components, such as risk management f
The evolving landscape of cybersecurity now places Chief Information Security Officers (CISOs) at significant personal legal risk, evidenced by landmark cases such as Uber's Joe Sullivan conviction for covering up a data breach and the SEC's charges against SolarWinds' CISO Tim Brown for misrepresen
Deepfake attacks are transforming the cybersecurity landscape by exploiting fundamental human vulnerabilities, creating hyper-realistic, AI-generated audio and video that mimics real individuals, making it increasingly difficult to distinguish between authentic and fabricated content. In the corpora
Multi-cloud environments offer immense flexibility but introduce complex security challenges, from fragmented identities and inconsistent policies to critical visibility gaps across diverse platforms. This podcast delves into the most impactful practices, including unified identity and access manage
Today's cybersecurity leaders face immense pressure from a persistent talent shortage, escalating cyber threats, and dynamic economic and regulatory landscapes. Their roles are rapidly evolving from purely technical oversight to strategic business risk management, encompassing areas like AI strategy
Explore the fascinating disconnect between how we feel about security and the actual risks we face, a phenomenon rooted in deep-seated human psychological biases. This podcast delves into why our brains are ill-equipped for modern threats, often leading to irrational decisions and the prevalence of
Quantum computing is on the horizon, poised to break today's standard encryption and enable "harvest now, decrypt later" attacks, threatening sensitive data worldwide. This episode explores the critical technical and financial hurdles organizations face in migrating to post-quantum cryptography (PQC
Achieving robust cybersecurity often clashes with the demands of user productivity and organizational efficiency, leading employees to bypass critical safeguards for convenience or due to security fatigue. This podcast explores how businesses can overcome this inherent tension by understanding human
This episode delves into how Zero Trust principles revolutionize an organization's data protection strategy by adopting a "never trust, always verify" approach, continuously authenticating every user, device, and connection to minimize the attack surface and limit lateral movement. We explore key de
The modern digital supply chain is an intricate web, where risks often extend far beyond your direct third-party vendors to hidden fourth, fifth, and Nth parties. This episode dives into the critical demands of the Digital Operational Resilience Act (DORA), emphasizing why understanding and managing
In today's interconnected landscape, a cybersecurity breach is not merely a technical incident but a profound test of an organization's resilience and public trust. This podcast delves into the intricate art of navigating the public aftermath of cyberattacks, examining how timely, transparent commun
Mergers and acquisitions, while promising growth, expose organizations to complex cybersecurity risks including hidden breaches, compliance gaps, and significant technical debt. This episode explores why comprehensive cybersecurity due diligence is paramount, moving beyond self-disclosures to uncove
This episode confronts the common fear among SOC analysts that automation will lead to job elimination, illustrating how, historically, technology transforms and improves roles rather than eradicating them. We delve into how automation liberates security professionals from tedious, repetitive tasks
In an increasingly interconnected world, organizations face the dual imperative of adhering to complex and evolving data protection laws while simultaneously fortifying their defenses against escalating cyber threats driven by geopolitical tensions. This podcast explores the critical role of Chief I
Explore the critical challenges of securing artificial intelligence as we delve into a series of real-world malicious operations leveraging AI for deceptive employment schemes, cyber threats, social engineering, and covert influence. This episode uncovers how threat actors from various countries are
Cyber deception is undergoing a significant transformation, moving beyond static honeypots to become a dynamic and proactive defense strategy against sophisticated threats. This episode explores how artificial intelligence and advanced frameworks are revolutionizing deception, enabling adaptive defe
This episode dives into the evolving landscape of insider threats, from accidental negligence to sophisticated nation-state operations leveraging remote work environments. We explore how "trusted persons" with authorized access can intentionally or unintentionally compromise an organization's assets
This podcast explores how cybersecurity risk management can be seamlessly integrated into broader enterprise privacy and operational processes. We delve into the critical need for CISOs to translate technical jargon into business-oriented language, focusing on financial impacts, operational risks, a
In the rapidly evolving landscape of artificial intelligence, traditional executive roles like the CAIO, CTO, and CISO inadequately address unique AI security challenges, leading to significant gaps in coverage and specialized expertise. This episode delves into the foundational distinctions between
During escalating civil unrest, traditional emergency resources can become overwhelmed, leaving individuals and businesses to fend for themselves. This podcast delves into the critical strategies of personal self-protection, including the 'Gray Man' theory for blending in, and property hardening, fr
Cybersecurity leaders, including CISOs, face immense pressure due to continuously evolving threats, expanding responsibilities like AI risk management, and increased regulatory demands, often leading to significant stress and high turnover rates. This episode explores how strong internal partnership
In an era of escalating cyber threats and a fragmented global regulatory landscape, organizations face unprecedented challenges in securing their data and ensuring adherence to diverse international laws. This podcast explores how to proactively implement robust data security measures, navigate comp
Nearly all organizations (99%) are grappling with API-related security issues annually, driven by the rapid expansion of API ecosystems that often outpace existing security measures, creating vast new vulnerabilities and complexities. Attackers frequently exploit known weaknesses like security misco
In an industry facing high stress levels and the "Great Resignation," retaining skilled cybersecurity professionals is a critical challenge for organizations. Offering flexible work arrangements, including remote options, has emerged as a key competitive differentiator that significantly improves em
This episode explores how geopolitical actors, particularly Russia and China, precisely adapt their messaging in response to global events and for specific audiences. We'll delve into their sophisticated strategies, from opportunistically exploiting major events like the US elections and the Ukraine
Join us as we explore the alarming evolution of cyber-physical attacks, where digital breaches cause real-world damage and disrupt critical infrastructure. We dive into the "Cyber-Physical Six" – Stuxnet, BlackEnergy, Industroyer, Trisis, Industroyer 2, and Incontroller – which are the only known cy
Dive into the intricate world of digital forensics, the specialized field dedicated to uncovering and interpreting electronic evidence after a cyber incident. This podcast explores how forensic experts meticulously identify, collect, preserve, and analyze digital artifacts to understand attack metho
The increasing complexity and state sponsorship of cyber threats are blurring the lines between cybercrime and cyberwarfare, creating significant challenges for attributing attacks and impacting diplomatic relations. This episode explores how international cooperation through stronger alliances, new
Your cybersecurity posture is no longer just about protection; it's the cornerstone of obtaining effective cyber insurance coverage and managing rising costs in 2025. With threats becoming more sophisticated and regulatory landscapes shifting, insurers are scrutinizing security measures more closely
Hybrid and remote work arrangements, accelerated by recent events, have significantly increased the challenge of detecting and mitigating insider threats from trusted individuals like employees and contractors who have authorized access to organizational resources. Employee monitoring technologies,
Mergers and acquisitions are complex processes often driven by financial, operational, and positioning goals. However, critical cybersecurity risks, stemming from overlooked areas like integrating divergent security cultures, unknown user practices, and complex data separation, frequently go undiscu
A tabletop exercise is a discussion-based simulation designed to help teams determine how to respond to a crisis. These exercises provide a safe environment to test and refine an organization's incident response plan and identify weaknesses in processes. By engaging key personnel in simulated scenar
Evolving cyber threats are a significant business risk that boards and executives must oversee, moving beyond simply protecting systems to building resilience. This episode explores how a focus on preparedness, including robust incident response plans and regular testing, combined with continuous ma
This episode delves into the essential methodologies and services organizations use to assess their cybersecurity posture. We explore techniques like Enterprise Risk Assessments, Threat Analysis, Vulnerability Management and Assessment, and Penetration Testing. Learn how understanding attacker tacti
Large language models present new security challenges, especially when they leverage external data sources through Retrieval Augmented Generation (RAG) architectures . This podcast explores the unique attack techniques that exploit these systems, including indirect prompt injection and RAG poisoning
The financial sector is a frequent target for cyberattacks, facing a staggering rise in cases and significant costs from data breaches. Preparing for these threats requires understanding ransomware-as-a-service (RaaS), phishing, and other malicious activities, as well as implementing robust cybersec
The 2025 Worldwide Threat Assessment by the Defense Intelligence Agency describes a rapidly changing global security environment where national security threats are expanding, fueled by advanced technology. It identifies key regional security flashpoints, including threats to the U.S. Homeland and S
2025 saw unprecedented international law enforcement efforts shatter major cybercrime networks like the LummaC2 infostealer, the Cracked and Nulled forums, the 8Base ransomware gang, and the Zservers bulletproof hosting service. These coordinated operations, involving over 20 nations and resulting i
Artificial intelligence is rapidly transforming industries, but its increasing power necessitates robust governance and compliance. This episode delves into the evolving global regulatory landscape, exploring key frameworks like the EU AI Act and the NIST AI Risk Management Framework that aim to ens
Discover how Artificial Intelligence is reshaping the demanding world of the Security Operations Center, moving beyond the overwhelming volume of alerts and analyst burnout that plague traditional SOCs. We explore how AI automates routine tasks, enhances threat detection, and accelerates incident re
Explore the latest cloud security landscape by analyzing recent real-world breach cases from the CSA Top Threats Deep Dive. We dive into the technical details, business impacts, and contributing factors like misconfigurations, inadequate identity management, and supply chain weaknesses. Gain crucial
In today's interconnected world, supply chains are increasingly vulnerable to sophisticated cyberattacks. This episode explores the primary threats impacting these vital networks, from exploiting trust relationships with third-party vendors to the dangers of malware and compromised software. We'll d
Welcome to "Bridging the Gap: Translating Cyber Risk for the Boardroom." In today's complex digital landscape, Chief Information Security Officers (CISOs) face the crucial challenge of communicating intricate technical risks in a way that resonates with executive leaders and board members. This podc
The role of the Chief Information Security Officer (CISO) is more critical and demanding than ever, placing leaders in a persistent high-stress environment. This podcast delves into the unique pressures faced by CISOs and cybersecurity professionals, including the immense responsibility and potentia
The digital transformation journey in critical infrastructure organizations and other sectors like healthcare is increasingly connecting operational technology (OT) and integrating Internet of Things (IoT) devices. While this convergence of OT and IT creates efficiencies, it also introduces new vuln
Delve into the essential and intricate application of Zero Trust (ZT) principles within Operational Technology (OT) and Industrial Control Systems (ICS) environments. This episode explores the unique challenges of securing critical infrastructure, where safety, reliability, and availability are prim
Explore the emerging practice of bundling cyber insurance with security products and services, a strategy aimed at enhancing cyber resilience by incentivizing policyholders to adopt proactive security measures from the outset. This episode delves into the potential benefits, such as encouraging bett
In the ever-evolving digital landscape, security teams face the immense challenge of evaluating over a hundred million newly observed domains registered each year. This episode dives into how analytical methods are providing crucial insights into domain intelligence threats. We explore techniques li
Explore the complex and rapidly evolving landscape of US state data privacy laws, drawing on insights from recent legislative developments across states like California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, and Texa
Tune in to explore the rapidly evolving cyber threat landscape of 2024 from Huntress 2025 global Cyber Threat Report, where attackers standardized sophisticated techniques across businesses of all sizes. We dissect the significant shifts in ransomware strategies, including the fragmentation of major
Delve into the complex and rapidly transforming world of cyber threats. This episode examines notorious ransomware groups like Black Basta, LockBit, BlackCat/ALPHV, Phobos/8Base, Medusa, and Clop, exploring their Ransomware-as-a-Service (RaaS) models and distinctive tactics, techniques, and procedur
In this episode, we dive into the recent developments shaping the cybersecurity landscape as of May 2025. We discuss major incidents like the significant breach of the LockBit ransomware gang, which exposed sensitive data including negotiation messages and user credentials. We'll also explore the gr
Join us for a deep dive into the Global Threat Landscape Report 2025 by FortiGuard Labs. This episode explores the dramatic escalation in cyberattacks, revealing how adversaries are moving faster than ever, leveraging automation, commoditized tools, and AI to gain advantage. We'll shed light on the
This podcast delves into the critical insights found within the 2025 Cybersecurity Attacks Playbooks, exploring the diverse and evolving threat landscape organizations face. We examine playbooks covering threats from AI-enhanced phishing and advanced ransomware to the complexities of supply chain co
In this episode, we dive deep into the findings of the State of Pentesting Report 2025 to explore the real state of cybersecurity. Organizations may feel confident, but pentesting consistently reveals hidden, exploitable vulnerabilities that automated scanners miss. We'll uncover the most significan
In the dynamic world of cybersecurity, professionals face constant challenges that demand adherence to strict ethical and legal guidelines. This episode delves into the key ethical and legal considerations, such as protecting individual privacy, ensuring robust data protection, maintaining confident
Join us as we delve into the complex and pervasive world of cyber risk, exploring the threats, vulnerabilities, and far-reaching consequences for organizations today. Drawing on insights from experts, we'll discuss how cyber attacks can lead to outcomes ranging from regulatory fines and reputational
Multi-Agent Systems (MAS), characterized by multiple autonomous agents coordinating to achieve shared goals, introduce additional complexity and expand the attack surface compared to single-agent systems. This episode delves into the unique security challenges presented by MAS, drawing on the OWASP
In today's complex threat landscape, adversaries are constantly evolving their tactics to evade traditional defenses. Behavioral threat hunting offers a proactive methodology to identify cyber threats that have infiltrated systems undetected and disrupt them before they cause significant damage, ult
AI agents, programs designed to autonomously collect data and take actions toward specific objectives using LLMs and external tools, are rapidly becoming widespread in applications from customer service to finance. While built on LLMs, they introduce new risks by integrating tools like APIs and data
Drawing on open-source information and eight years of collected data, the CSIS Aerospace Security Project's 2025 Space Threat Assessment explores the key developments in foreign counterspace weapons and the evolving security landscape in Earth orbit. This assessment highlights how space is becoming
This episode explores the costs associated with implementing essential cyber hygiene as outlined by the CIS Critical Security Controls Implementation Group 1 (IG1). We delve into the different approaches enterprises can take – utilizing on-premises tools, leveraging Cloud Service Providers (CSPs), o
Join us as we dive into Google Threat Intelligence Group's (GTIG) comprehensive analysis of zero-day exploitation in 2024. Drawing directly from the latest research, this episode explores the 75 zero-day vulnerabilities tracked in the wild. While the overall number saw a slight decrease from 2023, t
Join us as we unpack the critical insights from the Verizon 2025 Data Breach Investigations Report. This episode dives deep into the report's most prominent themes, highlighting the ever-increasing involvement of third parties in data breaches and the persistent influence of the human element, which
Explore the complex and widespread cybersecurity threat landscape currently facing the European Union. This episode delves into the findings of recent reports, highlighting how geopolitical tensions and the rapid pace of digitisation are fueling a surge in malicious cyber activity. We discuss the su
Incident response is a critical part of cybersecurity risk management and should be integrated across organizational operations. This episode explores the recommendations and considerations for incorporating cybersecurity incident response throughout an organization’s cybersecurity risk management a
Achieving cyber resilience is a complex and dynamic journey with no one-size-fits-all solution. This episode explores how organizations can significantly improve their cyber resilience posture by leveraging the shared experiences, insights, and front-line practices of their peers and the wider ecosy
Join us as we delve into the European Data Protection Board's (EDPB) 2024 Annual Report to understand how they championed data protection in a year marked by significant technological and regulatory shifts. This episode will cover the key milestones and priorities outlined in the EDPB's 2024-2027 St
Join us as we delve into the key findings of the FBI's 2024 Internet Crime Complaint Center (IC3) Annual Report. This year marks the 25th anniversary of IC3, which serves as the primary destination for the public to report cyber-enabled crime and fraud. The report reveals a staggering new record for
Navigate the complex cybersecurity landscape of Q2 and Summer 2025 as we delve into the escalating convergence of AI-driven cyberattacks, the persistent vulnerabilities of the expanding Internet of Things (IoT), and the challenges of establishing robust security and governance frameworks. Based on r
The first four months of 2025 witnessed an alarming surge in global cybersecurity incidents, with ransomware attacks reaching unprecedented levels. Join us as we dissect the key trends, including the evolution of ransomware tactics like double extortion, the increasing sophistication of social engin
This podcast delves into the NIST Privacy Framework 1.1, a voluntary tool developed to help organizations identify and manage privacy risk while fostering innovation and protecting individuals' privacy. We explore its three core components: Core, Organizational Profiles, and Tiers, and how they enab
Dive into the dynamic world of offensive cybersecurity with insights from leading experts and real-world scenarios. We explore the critical role of techniques like penetration testing, adversary simulation, and red team exercises in proactively identifying vulnerabilities and strengthening defenses
Explore the rapidly evolving landscape where artificial intelligence intersects with criminality and societal risks. Drawing on expert research, this podcast delves into the transformative potential of AI-enabled crime, from sophisticated financial fraud using deepfakes to the generation of child se
We delve into the urgent need for organizations to prepare for the era of quantum computing, which threatens to break today's standard encryption methods. We examine the "harvest now, break later" (HNDL) threat, where malicious actors are already collecting encrypted data for future decryption by qu
Explore the escalating threats posed by artificial intelligence incidents, sophisticated disinformation campaigns like the Doppelgänger network targeting nations from France to Israel, and the cyber espionage activities of threat actors such as UAC-0050 and UAC-0006 as revealed by Intrinsec's analys
This podcast we are exploring the critical cybersecurity challenges facing today's interconnected urban environments. We delve into the evolving threats arising from smart city infrastructure and the Internet of Things (IoT), including ransomware attacks on critical infrastructure, the expanded atta
Is your attack surface spiraling out of control with multi-cloud, SaaS, and third-party integrations? Join us as we delve into how AI-powered automation is becoming critical for modern Attack Surface Management (ASM). We'll explore the challenges organizations face in achieving comprehensive visibil
Welcome to Deep Dive, where we tackle complex topics head-on. In this episode, we delve into the fascinating and increasingly concerning world of deepfakes: AI-generated audio and visual content designed to deceive. We'll explore the technology behind deepfakes, from face-swapping to voice cloning t
In a world increasingly shaped by digital interactions and artificial intelligence, online scams are becoming more sophisticated and pervasive. Scam Savvy delves into the tactics employed by fraudsters, from exploiting emotions in charity and romance scams to leveraging AI for deepfakes and personal
This podcast dives into the critical world of vulnerability disclosure programs (VDPs), exploring how organizations and security researchers work together to identify and address security weaknesses. We'll examine the core principles that underpin effective VDPs, including establishing clear reporti
Navigating the complex landscape of U.S. state data privacy laws can be challenging. Join us as we break down the key aspects of these regulations, including consumer rights, business obligations, data breach notification requirements, and enforcement trends. We'll explore the nuances of laws like t
Explore the exciting future of cryptocurrency payments through the lens of cybersecurity and privacy. We delve into the potential benefits and significant risks, offering insights into best practices and the crucial role of regulation in this evolving landscape. www.myprivacy.blog/navigating-the-cry
This podcast delves into the critical aspects of data privacy laws like GDPR and the Connecticut Data Privacy Law, alongside the essential Payment Card Industry Data Security Standard (PCI DSS) compliance for e-commerce success. We explore how retailers can craft clear privacy policies, manage user
Dive deep into the rapidly evolving landscape of AI-powered cyberattacks with insights from cutting-edge research, including the framework for evaluating AI cyber capabilities developed by Google DeepMind. Explore how AI is shifting the balance between offense and defense in cybersecurity, potential
Delve into the principles and practical applications of Zero Trust Architecture (ZTA), a modern cybersecurity paradigm that moves away from traditional perimeter-based security by embracing the core tenet of "never trust, always verify". Learn about the key components, tenets, and benefits of ZTA, a
Explore the critical cybersecurity challenges facing the financial services industry today, from the increased risk of data breaches and sophisticated cyber attacks to emerging threats like quantum computing and client-side vulnerabilities. Drawing insights from the cutting-edge solutions featured i
Navigating the complex world of healthcare cybersecurity. Join us as we delve into the HIPAA Security Rule, its purpose in safeguarding electronic Protected Health Information (ePHI), and the latest updates addressing evolving threats like AI and quantum computing. We'll break down compliance requir
Join us for SOC Insights, the podcast dedicated to demystifying the world of the Security Operations Center. We delve into the core functions of a SOC including collection, detection, triage, investigation, and incident response. Explore essential SOC tools like SIEMs, Threat Intelligence Platforms,
Explore the dynamic landscape of digital forensics in the face of rapidly evolving technologies. We delve into the impact of trends like IoT, 5G networks, AI-driven attacks, advanced file systems (APFS, NTFS), cloud integration, and sophisticated anti-forensic techniques across Mac OS, network infra
Delve into the critical security vulnerabilities of Artificial Intelligence, exploring the dangerous world of prompt injection, leaking, and jailbreaking as highlighted in SANS' Critical AI Security Controls and real-world adversarial misuse of generative AI like Gemini by government-backed actors.
This podcast explores the multifaceted impact of artificial intelligence on the landscape of cybersecurity and military strategy. We delve into how AI is being leveraged for advanced cyber defense, including identifying vulnerabilities and accelerating incident response. while also examining the eme
Join us as we delve into the critical realm of risk management for General-Purpose AI (GPAI) and foundation models. Drawing insights from the UC Berkeley Center for Long-Term Cybersecurity's profile, we explore the unique risks associated with these increasingly multi-purpose AI systems, from their
Navigate the world of SOC 2 compliance specifically for SaaS companies. We break down the Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, and Privacy) explain the difference between Type I and Type II audits, and offer best practices for achieving and maintain
Explore how artificial intelligence is transforming the core of organizational collaboration. We delve into the groundbreaking research from "The Cybernetic Teammate" study, revealing how AI-powered tools are impacting team performance, breaking down expertise silos, and even influencing social enga
This podcast dives deep into the 2025 Annual Threat Assessment by the U.S. Intelligence Community, analyzing the most serious threats to U.S. national security posed by major state actors like China and Russia, non-state transnational criminals and terrorists such as ISIS, and the growing trend of a
This podcast dives into the shocking findings of a live honeypot experiment that recorded over 570,000 cyber attacks in just seven days. We explore the attack trends, including brute-force attempts, stolen credentials, automated bots, and known vulnerabilities, offering valuable insights for SOC ana
Delve into the critical artificial intelligence trends shaping 2025, as highlighted in the statworx AI Trends Report. This podcast explores the rapid advancements in AI, the ongoing global competition for AI supremacy, the impact of European regulations like the AI Act, and the potential bursting of
Explore the dynamic world of artificial intelligence through a global lens, examining key trends identified in India and Africa. We delve into the balance between AI innovation and regulatory frameworks. Discover how AI is being applied for public sector transformation in India, addressing accessibi
Delve into the key cybercrime trends observed in 2024 by Israel National Crime Directorate (INCD), from the pervasive use of infostealers and the rise of encryption-less ransomware to the emerging threats involving AI and decentralized technologies. We analyze how cybercriminals are adapting their t
This podcast delves into the findings of the European Union Serious and Organised Crime Threat Assessment (EU-SOCTA) 2025, exploring the changing DNA of serious and organised crime in Europe as it becomes increasingly nurtured online and accelerated by AI and other new technologies. We examine the d
This podcast delves into the findings of Red Canary's 2025 Threat Detection Report, dissecting the major cybersecurity trends observed in 2024. We explore the surge in ransomware, increasingly sophisticated initial access techniques like "paste and run," the dramatic rise of identity attacks targeti
Are you struggling to understand and manage your organization's data security risks? Based on the latest insights, we delve into the key challenges hindering effective data protection, including gaps in risk understanding, the critical misalignment between management and staff on security strategies
Dive into the alarming world of secrets sprawl, exploring the growing number of exposed API keys, passwords, and other sensitive credentials across development environments, collaboration tools, and cloud platforms. Based on the latest data analysis from GitGuardian's "The State of Secrets Sprawl 20
This podcast breaks down the complexities of the Department of Defense's Cybersecurity Maturity Model Certification (CMMC) framework. We delve into the fundamental differences between Level 1's basic safeguarding requirements, Level 2's alignment with NIST SP 800-171 Rev 2, and Level 3's enhanced se
This podcast delves into the growing privacy vulnerabilities and cybersecurity risks inherent in the deeply interconnected systems of modern smart cities. We explore the challenges of data protection, the expanding attack surface created by IoT devices, and the governance and regulatory gaps that ca
This podcast delves into the findings of Lithuania's "National Threat Assessment 2025," dissecting the primary external state actors posing the most significant risks to its national security. We examine the multifaceted threats emanating from an increasingly aggressive Russia, Belarus with its grow
In an era where cyber and physical threats increasingly intersect, critical infrastructure faces unprecedented risks. This podcast delves into the crucial need for security convergence, exploring how organizations can break down security silos between IT, physical security, and operational technolog
In this episode, we delve into the alarming rise of edge device exploitation in 2024 from the Check Point Threat Intel report, where cybercriminals and nation-states alike targeted routers, firewalls, and VPN appliances to gain initial access, establish ORBs for covert operations, and leverage a sur
Navigate the complex landscape of Connected Autonomous Vehicle (CAV) cybersecurity. We delve into the critical vulnerabilities in intra- and inter-vehicle communication, explore potential attack motivations ranging from operational disruption to data theft and physical control, and discuss the signi
This podcast delves into the crucial aspects of cyber security incident response maturity. We explore how organizations can assess and improve their capabilities using tools like the detailed assessment based on 15 steps. We discuss key concepts such as criticality assessments, threat analysis, and
Join us as we explore the NIST Cybersecurity Framework (CSF) 2.0, the essential guide for organizations looking to manage and reduce cybersecurity risks. We delve into the six core Functions: Govern, Identify, Protect, Detect, Respond, and Recover, examining the key changes and updates from previous
Discover how CISO Marketplace's latest innovations, GeneratePolicy.com and CyberAgent.Exchange, are transforming cybersecurity for startups and SMBs. Learn how AI-driven policy generation simplifies compliance and documentation, and how AI-powered agents automate critical security roles, enhancing e
This podcast delves into the complex world of Artificial Intelligence, exploring the cybersecurity risks associated with its adoption and the evolving regulatory landscape, particularly focusing on the EU AI Act. We break down the key aspects of the AI Act, including definitions of AI systems and ge
This podcast explores the evolving cybersecurity landscape, drawing insights from the Microsoft Digital Defense Report 2024 and the ENISA Threat Landscape. We delve into the tactics of nation-state actors and cybercriminals, the growing impact of AI on both attacks and defenses, and strategies for b
Explore the cutting-edge intersection of artificial intelligence and red team operations in cybersecurity. We delve into how AI is revolutionizing traditional cyber offense and defense methodologies, enhancing adaptability, fostering innovation, and pushing the boundaries of cyber operations in an e
Based on the Arctic Wolf 2025 Threat Report, this podcast explores the key cybersecurity threats that organizations will face in the coming year. We delve into the prevalence of ransomware and data extortion, the ongoing challenges of business email compromise, and the persistent risks posed by intr
This episode dives into the key findings of Recorded Future's 2024 Malicious Infrastructure Report, revealing the dominant malware families like LummaC2 and AsyncRAT, the continued reign of Cobalt Strike, and the evolving tactics of threat actors, including the abuse of legitimate internet services
Delve into the key findings of ThreatDown's 2025 State of Malware report, exploring the anticipated impact of agentic AI on cybercrime and the evolving ransomware landscape, including the emergence of smaller, more agile "dark horse" groups. We'll discuss how cybercriminals are leveraging AI to scal
Dive into the key findings of the Greynoise 2025 Mass Internet Exploitation Report. We dissect how attackers are reviving old vulnerabilities, the impact of home router exploits, and the speed at which new vulnerabilities are weaponized. Discover actionable defense strategies for staying ahead of ma
A deep dive into the latest trends, threat actors, and defense strategies in Operational Technology and Industrial Control Systems cybersecurity. We discuss how geopolitical tensions, ransomware, and hacktivist activities are shaping the threat landscape, and provide actionable insights to improve y
Explore the evolving landscape of cyber threats with insights from the CrowdStrike 2025 Global Threat Report. We delve into the tactics, techniques, and procedures of modern adversaries, from social engineering and AI-driven attacks to cloud exploitation and vulnerability exploits. Learn how to proa
This episode dissects the cyber threat landscape of 2024, drawing insights from a comprehensive analysis of malicious activities targeting Union entities and their vicinity. We explore the major trends, including the rise of cyber espionage and prepositioning the exploitation of zero-day vulnerabili
Explore the inner workings of the Black Basta ransomware group through leaked chat logs and technical analysis. Discover their tactics, techniques, and procedures (TTPs), from initial access and lateral movement to data exfiltration and encryption. Learn how the group exploited vulnerabilities, mana
This podcast episode explores Vietnam's new Law on Data, effective July 1, 2025, and its implications for businesses. We'll break down the law's key aspects, including scope of application, digital data definitions, data ownership rights, regulations on cross-border data transfers (especially for "i
Understand the critical data breach notification requirements under Malaysia's Personal Data Protection Act (PDPA) 2010. Learn how to identify "significant harm" and when you must notify the Personal Data Protection Commissioner and affected data subjects. Stay informed about potential penalties for
This podcast explores how AI companies are uniquely positioned to disrupt malicious uses of AI models. We delve into real-world case studies, such as surveillance operations, deceptive employment schemes, and influence campaigns, to understand how these threats are identified and neutralized. Join u
Venture into the murky world where Silicon Valley's ethical lines blur as AI giants like Google and OpenAI chase lucrative military contracts. Explore how once-sacred principles are being abandoned in favor of algorithms that now dictate life-and-death decisions on the battlefield. Uncover the impli
This episode examines the rising threats to encrypted communications and the geopolitical implications of cyber espionage. We analyze how Russian threat actors exploit vulnerabilities in messaging apps like Signal and how platforms like Telegram have become hubs for cybercrime. Also examined is the
From understanding end-to-end encryption (E2EE) on WhatsApp to mastering privacy settings on Snapchat and managing ad preferences on X (Twitter), MyPrivacy.blog equips you with the knowledge to navigate the social media landscape with confidence. Learn about the nuances of private versus public acco
Explore the cybersecurity and privacy challenges posed by Large Language Models (LLMs) through the lens of DeepSeek R1 red teaming. Dive into the vulnerabilities uncovered in DeepSeek R1, from harmful content generation to insecure code and biased outputs. Learn about practical strategies and framew
The intersection of technology and geopolitics is creating unprecedented challenges in cybersecurity and AI governance. Global powers are competing in AI and semiconductor technologies, leading to rising tensions and potential risks. Experts at the Munich Security Conference 2025 emphasized the urge
This podcast explores the diverse cybersecurity challenges facing the African continent, from state-sponsored attacks to cybercriminal networks. It examines the development and implementation of legal and regulatory frameworks, as well as regional cooperation efforts to combat cyber threats. The pod
Cybercrime is a growing threat affecting all sectors, fueling a shadow economy with projected costs reaching $10.5 trillion by 2025. This episode explores the cybercrime ecosystem, from dark web platforms and cybercriminal psychology to specific attack techniques like social engineering and ransomwa
Decoding Digital Spain 2025" explores Spain's ambitious plan for digital transformation, focusing on key initiatives in connectivity, 5G, cybersecurity, and AI. The podcast examines how Spain aims to bridge digital divides, enhance public services, and boost its economy through strategic investments
Explore the cyber espionage campaigns of People's Republic of China (PRC)-affiliated threat actors, such as Volt Typhoon, targeting critical infrastructure. Understand their techniques, including living off the land (LOTL) tactics to maintain anonymity within IT infrastructures. Learn about recommen
Uncover the disturbing trend of nation-states utilizing cybercriminals to achieve their strategic objectives. This episode examines how countries like Russia, Iran, China, and North Korea leverage cybercriminals for espionage, disruption, and revenue generation. Explore the various ways states colla
The podcast explores the key principles and obligations outlined in Singapore's Personal Data Protection Act (PDPA). It offers insights for organizations on how to comply with the PDPA's requirements for collecting, using, and disclosing personal data. It also examines individuals' rights to access
Dive into Canada's National Cyber Security Strategy for 2025 and explore how it aims to protect Canadians and businesses from evolving cyber threats. This podcast examines the strategy's key pillars, including forging partnerships, promoting innovation, and disrupting cyber threat actors. Discover h
The Phobos ransomware, operating under a Ransomware-as-a-Service (RaaS) model since 2019, targets various sectors, demanding millions in ransom. This episode explores Phobos's tactics, such as exploiting vulnerable RDP ports, phishing campaigns, and open-source tools like Smokeloader, to infiltrate
Dive into the transformative world of AI in urban environments, exploring both the exciting potential and the significant risks. From UN reports and cybersecurity concerns to real-world case studies, we uncover how AI is reshaping our cities. Join us as we discuss key questions about ethics, governa
The Digital Operational Resilience Act (DORA) is a European regulation designed to ensure the financial sector can withstand, respond to, and recover from ICT-related disruptions. This episode breaks down the key pillars of DORA, including ICT risk management, incident reporting, digital resilience
Are you ready to get a 360° view of your organization’s cybersecurity posture? In this episode, we dive into the 20 Key Performance Indicators (KPIs) that CISOs use to measure and enhance their security programs. Learn how to track risk reduction, incident detection, patch compliance, and more to ma
The NIS2 Directive is here, and it's changing the cybersecurity landscape for EU businesses. This episode breaks down the complex requirements of NIS2, explaining who it affects and what steps organizations must take to comply. We'll explore key changes, risk management measures, incident reporting,
As AI becomes more prevalent, understanding its risks and ensuring compliance are critical. This episode explores the crucial role of internal audit in guiding organizations toward responsible AI implementation. We delve into key areas like risk assessment, data governance, and transparency, offerin
Explore the complex landscape of artificial intelligence risks with the MIT AI Risk Repository. This podcast delves into the repository's comprehensive database, causal and domain taxonomies, and methodologies for identifying and classifying AI threats. Join experts as they discuss how policymakers,
This episode explores the growing conflict between farmers and agricultural equipment manufacturers over the right to repair their own machinery. We delve into how intellectual property laws and proprietary software limit farmers' access to repair tools and information, often creating a manufacturer
This episode explores the growing cybersecurity risks associated with the increasing connectivity of modern equipment across industries. We examine how the integration of IoT devices and digital technologies in construction, agriculture, and transportation introduces vulnerabilities that can be expl
This episode delves into the rapid rise of the Chinese AI startup DeepSeek, exploring its cutting-edge technology that rivals major competitors and its recent challenges including a cyberattack and mounting global scrutiny. We'll examine the concerns surrounding data privacy, censorship, and regulat
The cybersecurity landscape in 2024 saw a dramatic 20% surge in exploited vulnerabilities, with attackers increasingly targeting network edge devices and cloud infrastructure. This episode dives into the key statistics, trends, and major incidents, highlighting the critical need for proactive securi
This podcast explores the critical landscape of AI security, drawing on insights from leading experts and resources. We delve into the unique challenges and risks associated with AI systems, including both machine learning and heuristic models. We will discuss the various types of threats, such as t
This episode explores the escalating cybersecurity landscape, with a particular focus on how generative AI is enabling more sophisticated and personalized cyberattacks. We delve into the ways AI is being used by cybercriminals to refine social engineering tactics, create more convincing phishing att
This episode examines recent trends in GDPR enforcement, including the shift towards personal liability for management, the rise of class action lawsuits, and the importance of compliant data transfer mechanisms. We'll discuss how the EU court's recent award of damages for illegal data transfers wit
Ever get the feeling you're being watched online? Like every click, every like, every share is feeding some invisible monster? Well, you're not wrong. This podcast explores the dark side of Meta, the company formerly known as Facebook, and how its vast empire impacts your privacy, security, and even
Join us as we explore the latest cybersecurity advisory from the NSA and its international partners, revealing the most exploited vulnerabilities of 2023. We break down complex technical jargon into understandable concepts, highlighting real-world examples like the Microsoft Outlook vulnerability th
Large Language Models (LLMs) are revolutionizing the world, powering everything from chatbots to content creation. But as with any new technology, there are security risks lurking beneath the surface. Join us as we explore the OWASP Top 10 for LLMs, a guide that exposes the most critical vulnerabili
This episode breaks down the evolution of ransomware over the past two years (December 2022 to November 2024), using a trove of cyber insights reports. Listeners will gain a clear understanding of how ransomware has transformed from basic encryption schemes to sophisticated attacks involving data ex
This episode examines Spain's proactive approach to online child safety. We explore the Spanish Data Protection Agency's (AEPD) innovative framework for age verification and its emphasis on safeguarding children's rights in the digital age. COPAA, KOSA, TDPSA
This episode explores the complex challenges and opportunities facing the U.S. in the realm of cybersecurity. Experts weigh in on a new report outlining a roadmap for the incoming administration, emphasizing the need for a comprehensive national strategy, public-private partnerships, and a robust cy
This podcast explores the alarming trend of North Korean IT workers infiltrating US companies, using their positions to generate revenue, evade sanctions, and potentially engage in cyber espionage. Discover the tactics they employ and how businesses can protect themselves.
Explore the EU's groundbreaking law regulating artificial intelligence. We break down the risk-based system, banned practices, and global impact. Join us as we decode the AI Act and its implications for the future of technology.
This podcast examines the SolarWinds cyber breach, a sophisticated supply chain attack that sent shockwaves through the cybersecurity landscape. It explores the attack's mechanics, how malicious code embedded in SolarWinds' Orion software updates compromised thousands of organizations, including pro
Experts break down the latest cybersecurity reports, revealing how threat actors are evolving their tactics and accelerating their attacks. Learn what's changing, who's being targeted, and what you can do to protect yourself and your organization. www.breached.company
Join us as we explore the evolving landscape of AI governance, comparing the US, EU, and Chinese approaches, and discussing the implications for society.
Join us as we explore the hidden world of Terms of Service and End User License Agreements. We'll examine how companies and governments collect and use your data, the implications for your privacy and freedoms, and what you can do to protect yourself in the digital age.
Learn how scammers plan attacks around holidays and your habits! This episode breaks down common seasonal scams, how to spot them, and how to protect yourself. Plus, we explore the world of scam baiting! visit: www.ScamWatchHQ.com
This episode explores Brazil's General Data Protection Law (LGPD), examining its impact on businesses worldwide, key principles, and enforcement.
Every week, another company is slapped with a hefty fine for violating data privacy. This podcast explores the financial fallout of data breaches and ransomware attacks, discussing high-profile cases and the evolving regulatory landscape. Are companies taking data security seriously or just writing
From water bills held hostage to artists losing their savings, this week's cyberattacks expose our digital vulnerabilities. We unpack the motives, the players, and the tech shaping this digital battleground. Plus, what you can do to protect yourself.
Ever order takeout online? You're thinking about food, not data, right? But somewhere a company is processing your order, your address, and even your payment information, possibly sending it across borders. This podcast is your crash course on data privacy laws and cross-border data transfers. Learn
Ever get the feeling like someone's listening in on your digital life? Well, Texas has heard you! In this episode, we break down the Texas Data Privacy and Security Act (TDPSA), a game-changing law designed to give Texans more control over their personal data.
Explore landmark legal cases like USA v. Sullivan and SEC v. SolarWinds and learn about the evolving responsibilities of CISOs and the impact of cyber security on financial stability.
Learn what it takes to be a Chief Information Security Officer in this deep dive into building a security culture.
This podcast provides a comprehensive overview of the essential cybersecurity laws that shape how we interact with data in the digital age. Listeners will gain a clear understanding of the key regulations, including GDPR, CCPA, HIPAA, and PCI DSS, and how these laws work in concert to protect person
Tired of the annual PCI scramble? This episode explores how to make PCI DSS part of your everyday security posture. We'll discuss practical tips, new technologies, and the evolving threat landscape, emphasizing that security is a journey, not a destination!
Feeling lost in a sea of acronyms like NIST, ISO 27001, and CIS? This podcast is your guide to understanding and choosing the right cybersecurity framework for your organization. We break down the jargon, explore the strengths of each framework, and help you ask the right questions to find the perfe
In a world driven by data, are you truly protected? Join us as we explore the complexities of cyber insurance, empowering businesses and individuals to make informed decisions in the face of evolving digital threats.
Schools, hospitals, airports, and even a global energy giant weren't safe from cyberattacks this summer. Listen as we unpack the major events, new ransomware players, and the alarming trend of attacks on essential services.
Millions in recovery costs. Chaos for residents. The Suffolk County cyberattack was a major wake-up call. Join us as we unpack the recent report revealing the perfect storm of missed warnings, systemic failures, and poor decisions that left Suffolk County vulnerable to attack.
Black Cat, also known as ALPHV, was one of the most prolific and feared ransomware groups in the world. This episode examines Black Cat's rise to prominence, their use of the ransomware-as-a-service model, and the events that led to their dramatic downfall. Learn how they exploited a critical vulner
LockBit ransomware has dominated headlines for its ruthless attacks and lucrative business model. This podcast goes beyond the headlines, exploring LockBit's evolution, its notorious triple extortion tactics, and the impact on victims worldwide. Listen as experts analyze real attack breakdowns and o
Join us as we trace Evil Corp’s evolution from their early days developing banking trojans like Dridex and BitPaymer to their more recent adoption of ransomware-as-a-service models like LockBit. We'll investigate the key players behind the operation, including the elusive mastermind Maksim Yakubets
Join us as we unpack the alarming findings from Proofpoint's Voice of the CISO report. This episode explores the anxieties keeping CISOs awake at night, from the looming threat of major cyberattacks to the struggle with burnout in the face of mounting pressure.
Join us as we explore the complex world of AI regulations. We'll break down the latest laws and guidelines from around the world, discuss their impact on businesses and individuals, and examine the ethical considerations shaping the future of AI. Get ready to understand the rules governing the AI re
Join us as we unravel the complex world of deepfakes. We'll expose the technology behind these AI-generated illusions, explore their potential for harm and deception, and equip you with the knowledge to spot these digital deceptions. From imposter scams and disinformation campaigns to the liar's div
This episode explores the risks of "confabulation" in AI, where systems generate outputs that appear credible but are actually fabricated. The hosts discuss a NIST report highlighting this issue and emphasizing the importance of proactive measures to mitigate the potential for AI misuse.
Confused by the growing number of state privacy laws? Join us as we break down these complex regulations, empowering you to protect your data and navigate the evolving world of digital privacy. We will discuss how states like Connecticut, Florida, Texas, Maine, Montana, and Oregon are tackling these
In this CISO Insights episode, we unpack the GDPR and its impact on you and your business. Learn the key principles of data privacy, how companies are adapting, and get practical tips on managing data inventory, consent, and breach responses. Whether you're a business owner or tech enthusiast, disco
In this episode, we explore HIPAA and HITECH, their impact on healthcare data privacy, and how these regulations affect everyone. We'll discuss HIPAA's evolution and how HITECH strengthened it with stricter standards for electronic health records, business associates, and breach notifications. Learn