Discussions, tips, and debates from security practitioners and vendors on how to work better together to improve security for themselves and everyone else.
…
continue reading
CISO Series Podcasts
Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
…
continue reading
Shaping Cybersecurity Leadership: Today, Tomorrow, Together.
…
continue reading
Microsoft’s Chief Information Security Officer (CISO), Bret Arsenault, chats with his CISO peers and industry leaders about the biggest challenges in cybersecurity today, plus practical guidance for security practitioners. Be sure to listen in and follow us!Security Unlocked: CISO Series with Bret Arsenault is produced by Microsoft and distributed as part of The CyberWire Network. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
The Cyber Leaders podcast focusses on the fast-paced world of cybersecurity, delivering cutting-edge insights and trends with energy, enthusiasm, and professionalism. With high level expertise and thought leadership, we aim to provide invaluable perspectives and actionable strategies to empower leaders in navigating the ever-changing landscape of cybersecurity.
…
continue reading
SecurityWeek podcast series. Hear from cybersecurity industry experts and visionaries. Easy listening, great insights..
…
continue reading
The Social-Engineer Podcast is about humans. Understanding how we interact, communicate and relay information can help us protect, mitigate and understand social engineering attacks
…
continue reading
Redefining CyberSecurity Podcast Hosted by Sean Martin, CISSP Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively? For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, ou ...
…
continue reading
From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges. eSentire is The Authority in Managed Detection and Response, protecting the critical data and applications of 2000+ organizations ...
…
continue reading
Broadcasting Ideas and Connecting Minds at the Intersection of Cybersecurity, Technology and Society. Founded by Sean Martin and Marco Ciappelli in 2015, ITSPmagazine is a multimedia platform exploring how technology, cybersecurity, and society shape our world. For over a decade, we've recognized this convergence as one of the most defining forces of our time—and it's more critical than ever. Our global community encourages intellectual exchange, challenging assumptions and diving deep into ...
…
continue reading

1
Don’t Worry, We’ll Get to Solving Your Problem on Slide 87
36:41
36:41
Play later
Play later
Lists
Like
Liked
36:41All links and images can be found on CISO Series. This week’s episode is hosted by David Spark, producer of CISO Series and Andy Ellis (@csoandy), principal of Duha. Joining them is Daniel Liber, CISO, Monday.com. In this episode: AI security's blind spot problem Vendors don't understand the assignment Marketing budgets overshadow actual innovation…
…
continue reading

1
Unity vulnerability, Oracle zero-day patched, Discord user info exposed
8:31
8:31
Play later
Play later
Lists
Like
Liked
8:31Unity vulnerability puts popular games at risk Oracle zero-day exploit patched Third-party breach claims Discord user info Huge thanks to our sponsor, ThreatLocker Cybercriminals don’t knock — they sneak in through the cracks other tools miss. That’s why organizations are turning to ThreatLocker. As a zero-trust endpoint protection platform, Threat…
…
continue reading

1
ParkMobile breach settlement, UK schools vulnerable, Zimbra calendar attacks
8:03
8:03
Play later
Play later
Lists
Like
Liked
8:03ParkMobile 2021 data breach class action suit concludes UK government study suggests secondary schools larger target than businesses Zimbra Collaboration Suite flaw used in calendar attacks Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. …
…
continue reading

1
Ep. 323 - The Doctor Is In Series - Dreams Placebo and Deja Vu
37:06
37:06
Play later
Play later
Lists
Like
Liked
37:06Welcome to the Social-Engineer Podcast: The Doctor Is In Series – where we will discuss understandings and developments in the field of psychology. In today’s episode, Chris and Dr. Abbie explore the intriguing phenomena of dreams, the placebo effect, and déjà vu. They delve into the mysteries of why dreams can feel more emotionally intense than re…
…
continue reading

1
Lo-Fi Music and the Art of Imperfection — When Technical Limitations Become Creative Liberation | Analog Minds in a Digital World: Part 2 | Musing On Society And Technology Newsletter | Article Written ...
14:33
14:33
Play later
Play later
Lists
Like
Liked
14:33⸻ Podcast: Redefining Society and Technology https://redefiningsocietyandtechnologypodcast.com _____ Newsletter: Musing On Society And Technology https://www.linkedin.com/newsletters/musing-on-society-technology-7079849705156870144/ _____ Watch on Youtube: https://youtu.be/nFn6CcXKMM0 _____ My Website: https://www.marcociappelli.com _______________…
…
continue reading

1
Week in Review: Shutdown furloughs CISA, DoD risk framework, Oracle extortion problem
30:25
30:25
Play later
Play later
Lists
Like
Liked
30:25Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Nick Espinosa, nationally syndicated host of The Deep Dive Radio Show, with guest Steve Zalewski, co-host, Defense in Depth Thanks to our show sponsor, Nudge Security Here’s the thing: your employees are signing up for new apps, sharing data, and connecting tool…
…
continue reading

1
The Hidden Cost of Too Many Cybersecurity Tools (Most CISOs Get This Wrong) | A Conversation with Pieter VanIperen | Redefining CyberSecurity with Sean Martin
52:20
52:20
Play later
Play later
Lists
Like
Liked
52:20⬥GUEST⬥ Pieter VanIperen, CISO and CIO of AlphaSense | On Linkedin: https://www.linkedin.com/in/pietervaniperen/ ⬥HOST⬥ Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥EPISODE NOTES⬥ Real-World Principles for Real-…
…
continue reading

1
The Hidden Cost of Too Many Cybersecurity Tools (Most CISOs Get This Wrong) | A Conversation with Pieter VanIperen | Redefining CyberSecurity with Sean Martin
52:20
52:20
Play later
Play later
Lists
Like
Liked
52:20⬥GUEST⬥ Pieter VanIperen, CISO and CIO of AlphaSense | On Linkedin: https://www.linkedin.com/in/pietervaniperen/ ⬥HOST⬥ Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥EPISODE NOTES⬥ Real-World Principles for Real-…
…
continue reading

1
Shutdown furloughs CISA, Defender BIOS bug, Motilily dealership cyberattack
7:42
7:42
Play later
Play later
Lists
Like
Liked
7:42Government shutdown furloughs most CISA staff Microsoft Defender bug triggers erroneous BIOS update alerts Motility RV software company suffers cyberattack Huge thanks to our sponsor, Nudge Security Here's the thing: your employees are signing up for new apps, sharing data, and connecting tools together, often without anyone knowing. And, AI adopti…
…
continue reading

1
Breaches set for North America, Outlook bug needs Microsoft support, Air Force admits SharePoint issue
8:25
8:25
Play later
Play later
Lists
Like
Liked
8:25Breach notification letters set to flood North America's mailboxes New bug in classic Outlook only fixed via Microsoft support Air Force admits SharePoint privacy issue over breach Huge thanks to our sponsor, Nudge Security AI notetakers like Otter AI spread fast. In fact, one Nudge Security customer discovered 800 new accounts created in only 90 d…
…
continue reading

1
SBOMs in Application Security: From Compliance Trophy to Real Risk Reduction | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 3 | A Musing On the Future of Cybersecurity with Sean Martin and ...
2:33
2:33
Play later
Play later
Lists
Like
Liked
2:33SBOMs were supposed to be the ingredient label for software—bringing transparency, faster response, and stronger trust. But reality shows otherwise. Fewer than 1% of GitHub projects have policy-driven SBOMs. Only 15% of developer SBOM questions get answered. And while 86% of EU firms claim supply chain policies, just 47% actually fund them. So why …
…
continue reading

1
SBOMs in Application Security: From Compliance Trophy to Real Risk Reduction | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 3 | A Musing On the Future of Cybersecurity with Sean Martin and ...
2:33
2:33
Play later
Play later
Lists
Like
Liked
2:33SBOMs were supposed to be the ingredient label for software—bringing transparency, faster response, and stronger trust. But reality shows otherwise. Fewer than 1% of GitHub projects have policy-driven SBOMs. Only 15% of developer SBOM questions get answered. And while 86% of EU firms claim supply chain policies, just 47% actually fund them. So why …
…
continue reading

1
Joe Sullivan on Why Now Is the Best Time to Be in Cybersecurity
1:27:57
1:27:57
Play later
Play later
Lists
Like
Liked
1:27:57Episode Summary: Joe Sullivan returns to The Professional CISO Show for a wide-ranging discussion with host David Malicoat. Together, they unpack the Salesforce hack, SaaS application blind spots, identity and access management, AI noise versus real use cases, and how security teams must evolve. Joe also shares candid lessons from crisis leadership…
…
continue reading

1
China-linked group linked to new malware, 2024 VMware zero-day still exploited, iOS fixes a bevy of glitches
8:28
8:28
Play later
Play later
Lists
Like
Liked
8:28China-Linked Group Hits Governments With Stealth Malware Chinese hackers exploit VMware zero-day since October 2024 Apple's iOS fixes a bevy of glitches Huge thanks to our sponsor, Nudge Security The SaaS supply chain is a hot mesh. As your workforce introduces new SaaS apps and integrations, hidden pathways are created that attackers can exploit t…
…
continue reading

1
Time to Choose a Security Vendor: Dart Board or Spin the Wheel?
44:17
44:17
Play later
Play later
Lists
Like
Liked
44:17All links and images can be found on CISO Series. This week’s episode is hosted by David Spark, producer of CISO Series and Mike Johnson, CISO, Rivian. Joining them is Pavi Ramamurthy, global CISO and CIO, Blackhawk Network. In this episode: We can't promise safe, but we can promise ready Are we accidentally building security nightmares? Being held…
…
continue reading

1
Microsoft blocks AI code, Breach hits WestJet, Harrods suffers new data incident
8:02
8:02
Play later
Play later
Lists
Like
Liked
8:02AI-generated code used in phishing campaign blocked by Microsoft WestJet notifies American consumers of data breach Ukrainian cops spoofed in fileless phishing attacks on Kyiv Huge thanks to our sponsor, Nudge Security AI tools have spread to every corner of your tech stack, which is great for innovation, but not so great for data governance. That'…
…
continue reading

1
Dutch espionage arrest, DOD risk management framework, Oyster malvertising
8:00
8:00
Play later
Play later
Lists
Like
Liked
8:00Dutch teenagers arrested for attempted espionage for Russia DoD announces replacement for risk management framework Fake Microsoft Teams installers deliver Oyster malware Huge thanks to our sponsor, Nudge Security Here's the thing: your employees are signing up for new apps, sharing data, and connecting tools together, often without anyone knowing.…
…
continue reading

1
Ep. 296 - Human Element Series - The Imagination Dilemma with Dr. Lydia Kostopoulos REPLAY
40:56
40:56
Play later
Play later
Lists
Like
Liked
40:56REPLAY (Original Air Date March 10, 2025) Today we are joined by Dr. Lydia Kostopoulos. Dr. Kostopoulos is a globally recognized strategist that brings clarity and context as to what is on the horizon. Her unique expertise at the intersection of emerging technology, security and macro-trends has been sought by the United Nations, U.S. Special Opera…
…
continue reading

1
AI Will Replace Democracy: The Future of Government is Here. Or, is it? Let's discuss! | A Conversation with Eli Lopian | Redefining Society And Technology Podcast With Marco Ciappelli
36:35
36:35
Play later
Play later
Lists
Like
Liked
36:35⸻ Podcast: Redefining Society and Technology https://redefiningsocietyandtechnologypodcast.com ______Title: Tech Entrepreneur and Author's AI Prediction - The Last Book Written by a Human Interview | A Conversation with Jeff Burningham | Redefining Society And Technology Podcast With Marco Ciappelli ______Guest: Eli Lopian Founder of Typemock Ltd |…
…
continue reading

1
Why Identity Must Come First in the Age of AI Agents | A Black Hat SecTor 2025 Conversation with Cristin Flynn Goodwin | On Location Coverage with Sean Martin and Marco Ciappelli
21:45
21:45
Play later
Play later
Lists
Like
Liked
21:45When we talk about AI at cybersecurity conferences these days, one term is impossible to ignore: agentic AI. But behind the excitement around AI-driven productivity and autonomous workflows lies an unresolved—and increasingly urgent—security issue: identity. In this episode, Sean Martin and Marco Ciappelli speak with Cristin Flynn Goodwin, keynote …
…
continue reading

1
Week in Review: Jaguar Land Rover attack, indirect prompt injections, card farms in NYC
26:43
26:43
Play later
Play later
Lists
Like
Liked
26:43Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by David Spark with guests Brett Conlon, CISO, American Century Investments, and TC Niedzialkowski, Head of Security & IT, OpenDoor Thanks to our show sponsor, Conveyor Still stuck in security review chaos week after week? You’re not the only one. But with Conveyor…
…
continue reading

1
Windows 10 extension, teenage Vegas hacker released, Boyd Gaming hacked
8:46
8:46
Play later
Play later
Lists
Like
Liked
8:46Microsoft to offer free Windows 10 security updates in Europe Teenage Vegas casino hacker released to parents Boyd Gaming hacked, employee data stolen Huge thanks to our sponsor, Conveyor Logging into yet another security questionnaire portal on a Friday at 3pm? Yeah, that’s chaos. Conveyor AI is your fast path to calm. It finds every question no m…
…
continue reading

1
How F-Secure Transformed from Endpoint Security to Predicting Scams Before They Happen | A Brand Story Conversation with Dmitri Vellikok, Product and Business Development at F-Secure
36:23
36:23
Play later
Play later
Lists
Like
Liked
36:23The cybersecurity industry operates on a fundamental misconception: that consumers want to understand and manage their digital security. After 17 years at F-Secure and extensive consumer research, Dmitri Vellikok has reached a different conclusion—people simply want security problems to disappear without their involvement. This insight has driven F…
…
continue reading

1
Why Cybersecurity Training Isn’t Working — And What To Do Instead | Human-Centered Cybersecurity Series with Co-Host Julie Haney and Guest Dr. Aunshul Rege | Redefining CyberSecurity with Sean Martin
45:26
45:26
Play later
Play later
Lists
Like
Liked
45:26⬥GUEST⬥ Aunshul Rege, Director at The CARE Lab at Temple University | On Linkedin: https://www.linkedin.com/in/aunshul-rege-26526b59/ ⬥CO-HOST⬥ Julie Haney, Computer scientist and Human-Centered Cybersecurity Program Lead, National Institute of Standards and Technology | On LinkedIn: https://www.linkedin.com/in/julie-haney-037449119/ ⬥HOST⬥ Host: S…
…
continue reading

1
Why Cybersecurity Training Isn’t Working — And What To Do Instead | Human-Centered Cybersecurity Series with Co-Host Julie Haney and Guest Dr. Aunshul Rege | Redefining CyberSecurity with Sean Martin
45:26
45:26
Play later
Play later
Lists
Like
Liked
45:26⬥GUEST⬥ Aunshul Rege, Director at The CARE Lab at Temple University | On Linkedin: https://www.linkedin.com/in/aunshul-rege-26526b59/ ⬥CO-HOST⬥ Julie Haney, Computer scientist and Human-Centered Cybersecurity Program Lead, National Institute of Standards and Technology | On LinkedIn: https://www.linkedin.com/in/julie-haney-037449119/ ⬥HOST⬥ Host: S…
…
continue reading

1
Suspect arrested over airport attack, DDoS attack hits new record, BRICKSTORM backdoor steals IPs
7:37
7:37
Play later
Play later
Lists
Like
Liked
7:37Person arrested in connection with airport attack Record-breaking DDoS attack hits new highs China-linked attackers use ‘BRICKSTORM’ backdoor to steal IP Huge thanks to our sponsor, Conveyor Security reviews don’t have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or an…
…
continue reading

1
European airports restore services, CISA deals with GeoServer exploit, Jaguar Land Rover extends shutdown
6:51
6:51
Play later
Play later
Lists
Like
Liked
6:51European airports restoring services after system breach CISA deals with GeoServer exploit App for outing Charlie Kirk’s critics leaks personal data Huge thanks to our sponsor, Conveyor Have you been personally victimized by a questionnaire this week? The queue never ends. But Conveyor can change that story. With AI that answers questionnaires of a…
…
continue reading

1
Now That You Mention It I HAVE Heard Some Hype Around These AI Tools
34:24
34:24
Play later
Play later
Lists
Like
Liked
34:24All links and images can be found on CISO Series. This week’s episode is hosted by David Spark, producer of CISO Series and Mike Johnson, CISO, Rivian. Joining them is Erwin Lopez, CISO, SLAC National Accelerator Laboratory. In this episode: The AI experimentation phase isn't optional When selling security becomes the hardest part of the job Threat…
…
continue reading

1
EDR-Freeze, DeepMind persuasion, vendors exit ATT&CK
7:46
7:46
Play later
Play later
Lists
Like
Liked
7:46EDR-Freeze tool suspends security software DeepMind updates Frontier Safety Framework Major vendors withdraw from MITRE EDR Evaluations Huge thanks to our sponsor, Conveyor Security reviews don’t have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or answers. But Conveyo…
…
continue reading

1
European airport cyberattack, SMS celltower scam, GPT4-powered ransomware
8:26
8:26
Play later
Play later
Lists
Like
Liked
8:26European airport disruption due to cyberattack check-in and baggage software SMS scammers now using mobile fake cell towers GPT-4-powered MalTerminal malware creates ransomware and Reverse Shell Huge thanks to our sponsor, Conveyor If security questionnaires make you feel like you’re drowning in chaos, you’re not alone. Endless spreadsheets, portal…
…
continue reading

1
Ep. 322 - The 4th Monday Series - Is Your Vintage Game Worth 30000? with Ryan Rosenzweig
24:41
24:41
Play later
Play later
Lists
Like
Liked
24:41Welcome to the Social-Engineer Podcast: The 4th Monday Series with Chris Hadnagy and Mike Holfeld. Chris and Mike will be covering cutting edge global news to help people remain safe, secure and knowledgeable in a world where it is hard to know what is real and what is fake news. Today Chris and Mike are joined by Ryan Rosenzweig. Ryan is the 26 ye…
…
continue reading

1
Week in Review: Student hackers increase, CISA wants CVE, Microsoft called hypocritical
35:56
35:56
Play later
Play later
Lists
Like
Liked
35:56Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Jack Kufahl, CISO, Michigan Medicine, and Nick Espinosa, host, The Deep Dive Radio Show Thanks to our show sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust C…
…
continue reading

1
Google patches zero-day, Copilot’s forced installation, Scattered Spider arrests
8:07
8:07
Play later
Play later
Lists
Like
Liked
8:07Google patches sixth Chrome zero-day exploited in attacks this year Microsoft to force install the Microsoft 365 Copilot app in October Two more Scattered Spider teen suspects arrested Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your secu…
…
continue reading

1
A Mystery In Florence | A Short Story Written By Lucia & Marco Ciappelli (English Version) | Stories Sotto Le Stelle Podcast | Short Stories For Children And The Young At Heart
15:29
15:29
Play later
Play later
Lists
Like
Liked
15:29A Mystery in Florence In Tuscany there is so much magic: hills decorated with olive trees, vineyards and cypresses, bell towers ringing everywhere, hidden gardens, and of course enchanted cities, full of history and beauty, where famous artists have created marvellous works of art. In this tale we find ourselves in the city of Florence, where magic…
…
continue reading

1
Insight Partners warns thousands, Scattered Spider feigns retirement, Consumer Reports calls Microsoft 'hypocritical'
7:58
7:58
Play later
Play later
Lists
Like
Liked
7:58Insight Partners warns thousands after ransomware breach Scattered Spider gang feigns retirement, breaks into bank instead Consumer Reports calls Microsoft 'hypocritical' Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture i…
…
continue reading

1
Why This Cybersecurity Executive Left Corporate to Start Asimily and Secure Healthcare, Manufacturing, and Critical Infrastructure | An Asimily Brand Origin Story with Shankar Somasundaram, CEO and Founder ...
34:52
34:52
Play later
Play later
Lists
Like
Liked
34:52The decision to leave a successful corporate position and start a company requires more than just identifying a market opportunity. For Shankar Somasundaram, it required witnessing firsthand how traditional cybersecurity approaches consistently failed in the environments that matter most to society: hospitals, manufacturing plants, power facilities…
…
continue reading

1
Cyber programs extended, older Apple devices attacked, chatbots aid phishing scams
7:16
7:16
Play later
Play later
Lists
Like
Liked
7:16House lawmakers move to extend two key cyber programs Apple 0-day likely used in spy attacks affected older devices Reuters crafts phishing scam with AI chatbot help Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one…
…
continue reading

1
Wait, SMS Doesn’t Stand for “Super Mega Secure?”
42:55
42:55
Play later
Play later
Lists
Like
Liked
42:55All links and images can be found on CISO Series. This week’s episode is hosted by David Spark, producer of CISO Series and Andy Ellis, principal of Duha. Joining us is our sponsored guest, Brian Long, CEO, Adaptive Security. In this episode: Hiring North Korean operatives on a Tuesday AI coding and the death of specifications Deepfake personas bey…
…
continue reading

1
Android security changes, CISA incentive audit, LLM usage
7:38
7:38
Play later
Play later
Lists
Like
Liked
7:38Android moving to “risk-based” security updates CISA accused of Cyber Incentive mismanagement How security practitioners use LLMs Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giv…
…
continue reading

1
ShinyHunters hits Vietnam, Petya-NotPetya copycat appears, CISA wants CVE
8:44
8:44
Play later
Play later
Lists
Like
Liked
8:44ShinyHunters hits Vietnam National Credit Information Center HybridPetya is a Petya/NotPetya copycat with UEFI Secure Boot bypass CISA seeks control over CVE Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure,…
…
continue reading

1
Ep. 321 - Security Awareness Series - Trust But Verify Even Under Abnormal Circumstances: A Red Team Story with Chris and Faith
29:29
29:29
Play later
Play later
Lists
Like
Liked
29:29Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Faith Kent. Together, they delve into the critical role of effective communication, the art of role adaptation, and the psychological dynamics in crisis situations. The conversation highlights the importance of proactive preparedness and fostering trust within t…
…
continue reading

1
Week in Review: Qantas penalizes executives, UK cyberlegislation delayed, SonicWall VPN flaws
37:26
37:26
Play later
Play later
Lists
Like
Liked
37:26Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Rob Teel, CTO, Oklahoma Department of Commerce and Howard Holton, CEO, GigaOm Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critic…
…
continue reading

1
The Problem With Threat Modeling in Application Security: Too Slow, Too Theoretical, Not Agile | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 2 | A Musing On the Future of Cybersecurity ...
3:58
3:58
Play later
Play later
Lists
Like
Liked
3:58Threat modeling is often called the foundation of secure software design—anticipating attackers, uncovering flaws, and embedding resilience before a single line of code is written. But does it really work in practice? In this episode of AppSec Contradictions, Sean Martin explores why threat modeling so often fails to deliver: It’s treated as a one-…
…
continue reading

1
The Problem With Threat Modeling in Application Security: Too Slow, Too Theoretical, Not Agile | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 2 | A Musing On the Future of Cybersecurity ...
3:58
3:58
Play later
Play later
Lists
Like
Liked
3:58Threat modeling is often called the foundation of secure software design—anticipating attackers, uncovering flaws, and embedding resilience before a single line of code is written. But does it really work in practice? In this episode of AppSec Contradictions, Sean Martin explores why threat modeling so often fails to deliver: It’s treated as a one-…
…
continue reading

1
SonicWall VPM exploits, Fed cyberchief’s priorities, U.S spyware investment triples
8:18
8:18
Play later
Play later
Lists
Like
Liked
8:18SonicWall SSL VPN flaws now being actively exploited Acting federal cyber chief outlines his priorities U.S. based investors in spyware firms nearly tripled in 2024 Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it…
…
continue reading

1
npm update, Cursor Autorun flaw details, Microsoft probe over Ascension hack?
8:03
8:03
Play later
Play later
Lists
Like
Liked
8:03The npm incident: nothing to fret about? Cursor Autorun flaw lets repositories execute code without consent Senator Wyden urges FTC to probe Microsoft over Ascension hack Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but w…
…
continue reading

1
Responsible AI or Responsible Marketing? A CISO’s Take
47:30
47:30
Play later
Play later
Lists
Like
Liked
47:30"I get it. I need to stop banging on the table. This will be fixed in future episodes. Sorry for the poor sound experience." - David Get your Responsible AI Vendor Due Diligence Checklist here: https://webforms.pipedrive.com/f/ccV6a7kFIWKZpodmLcDbBhKhYnVU5N81A2tM20DGC8gepc0UtzfcqYaHXfzBi8gzuz Episode Summary: In this episode of The Professional CIS…
…
continue reading

1
Blood center attack details emerge, Electoral Commission recovers, Plex suffers password breach
7:23
7:23
Play later
Play later
Lists
Like
Liked
7:23Thousands had data leaked in blood center ransomware attack UK Electoral Commission recovers, 3 years after China hack Npm packages with 2 billion weekly downloads targeted in supply chain attack Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is cri…
…
continue reading

1
AI in Application Security: Why False Positives Still Overwhelm Teams Despite the Hype | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 1 | A Musing On the Future of Cybersecurity with Sean ...
2:37
2:37
Play later
Play later
Lists
Like
Liked
2:37AI is everywhere in application security today — but instead of fixing the problem of false positives, it often makes the noise worse. In this first episode of AppSec Contradictions, Sean Martin explores why AI in application security is failing to deliver on its promises. False positives dominate AppSec programs, with analysts wasting time on irre…
…
continue reading

1
AI in Application Security: Why False Positives Still Overwhelm Teams Despite the Hype | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 1 | A Musing On the Future of Cybersecurity with Sean ...
2:37
2:37
Play later
Play later
Lists
Like
Liked
2:37AI is everywhere in application security today — but instead of fixing the problem of false positives, it often makes the noise worse. In this first episode of AppSec Contradictions, Sean Martin explores why AI in application security is failing to deliver on its promises. False positives dominate AppSec programs, with analysts wasting time on irre…
…
continue reading