Best CyberScoop Podcasts (2025)

1
Andesite's Brian Carbaugh on how lessons from the CIA can power an AI-powered SOC 27:06

Play Pause

2h ago27:06

27:06

In this week's episode of Safe Mode, Greg Otto talks with Brian Carbaugh, CEO of Andesite, who reveals how lessons learned in the CIA are transforming Andesite’s unique, human-first approach to AI-driven cybersecurity. Carbaugh shares behind-the-scenes stories about building a “bionic SOC,” where cutting-edge artificial intelligence works seamlessl…

1
Censys’ Silas Cutler on how adversaries chain vulns together for big attacks 26:55

5d ago26:55

26:55

In this episode of Safe Mode, Greg talks with Silas Cutler, principal security researcher at Census, how ransomware attackers chain together overlooked vulnerabilities, especially in platforms like SharePoint, and why patch fatigue leaves defenders at risk. Silas breaks down advanced ways criminals maintain access even after patches, and explains w…

1
Third Anniversary Episode: Michael Nuñez, Editor Director, VentureBeat & Fred Vogelstein, Co-Editor and Co-Founder, CrazyStupidTech 55:16

10d ago55:16

55:16

We all know the internet has significantly impacted media's business model over the past three decades, and the conventional wisdom is that AI will do the same. Many believe it will replace reporters, lead to computer-generated news stories, increase misinformation, produce more fake news, and generally make a struggling industry even worse. But wh…

1
Veracode’s Chris Wysopal on the security issues with AI code development 32:14

14d ago32:14

32:14

On this episode of Safe Mode, we’re joined by a renowned cybersecurity expert and CyberScoop 50 winner, Veracode co-founder and CTO Chris Wysopal, to discuss the fast-evolving landscape of AI-assisted software development. Chris shares insights from a recent study examining over 100 large language models and their tendency to introduce security vul…

1
Phosphorus’ Sonu Shankar on IoT Vulnerabilities and Salt Typhoon Tactics 23:50

21d ago23:50

23:50

In this episode, Greg Otto talks with Sonu Shankar, President at Phosphorus, to discuss the unique security challenges facing today’s rapidly expanding Internet of Things landscape, where traditional endpoint protections are ineffective. The episode explores how everyday devices with default passwords and outdated firmware open organizations up to …

1
Halcyon’s Cynthia Kaiser on the state of ransomware 29:13

26d ago29:13

29:13

In this episode, Greg Otto talks with Cynthia Kaiser Sr. Vice President of Halcyon’s Ransomware Research Center, discussing the latest ransomware operations and exploring the latest shifts in the cyber threat landscape. Greg and Cynthia discuss the rise of new groups like DragonForce, SafePay, and Fog, and the decline of once-dominant names such as…

1
What happens if CISA 2015 lapses? 24:41

1M ago24:41

24:41

In this episode of Safe Mode, host Greg Otto talks with Tim Starks about what would happen if the nation’s information sharing law – known as CISA 2015 – expires at the end of September. In our interview segment, Greg talks with Kevin Hanes, CEO of Reveal Security, exploring the critical and often overlooked world of machine identity security. From…

1
Dave DeWalt on how to get a board to buy in on cybersecurity 31:23

1M ago31:23

31:23

In this episode of Safe Mode, host Greg Otto talks with Dave DeWalt, founder and CEO of NightDragon, about advising boards and portfolio companies on making cyber a first-order business issue, not an afterthought. We’ll explore how emerging technologies and remote work reshape risk profiles, when a CISO belongs in the board conversation—or even in …

1
Allie Garfinkle, Senior Finance Reporter, Fortune 52:01

1M ago52:01

52:01

Whatever stodgy image you have in your mind of the typical finance news reporter, I guarantee it isn't Allie Garfinkle. And yet still relatively early in her career, Allie has established herself as one of the best in that business with a resume that includes Forbes, The Deal, Yahoo Finance, and of course Fortune, where she serves as senior finance…

1
Are enterprises having the right AI security conversations? 45:51

2M ago45:51

45:51

In this episode of Safe Mode, host Greg Otto sits down with Chris Sestito, CEO of HiddenLayer Technologies, to discuss the evolving landscape of AI security and where current protection strategies are falling short. Sestito shares insights on how leading enterprises are rethinking their approach to AI asset protection, reveals real-world examples w…

1
What is CISA’s focus moving forward 34:29

2M ago34:29

34:29

On this episode of Safe Mode, Greg Otto sits with two CISA leaders, Chris Butera, Acting Executive Assistant Director for CISA’s Cybersecurity Division, and Bob Costello, CIO of CISA, at the 2025 Black Hat USA Conference to discuss numerous different topics: the recent Microsoft Sharepoint vulnerability, the upcoming CIRCIA rulemaking, the future o…

1
Misadventures in Marketing: Are You Getting the Message? 1:08:54

2M ago1:08:54

1:08:54

This week, we're highlighting another great podcast, Misadventures in Marketing, that is produced by our friends at the American Marketing Association San Francisco (AMASF). In this, the 4th episode of Misadventures in Marketing, hosts Steve Haney and Peter Farago dive into the fun-filled world of corporate messaging, start-up style. They discuss t…

1
Inside the AI Action Plan with Dreadnode’s Daria Bahrami 33:24

2M ago33:24

33:24

On this episode of Safe Mode, host Greg Otto sits down with Daria Bahrami, Head of Policy at Dreadnode, for an in-depth exploration of the new AI Action Plan and its sweeping implications for critical infrastructure security. From the technical hurdles in securing vital systems to the growing need for “secure-by-design” technology standards, Daria …

1
NetRise’s Tom Pace on why telecom’s Salt Typhoon problem may never go away 30:36

2M ago30:36

30:36

In this episode of Safe Mode, Greg talks with Tom Pace, CEO of Netrise, about the recent Salt Typhoon cyberattack against U.S. telecom networks and how the government is responding. Tom explains why it’s so hard to fully protect or fix these giant, complex systems, even when officials say they have stopped the threat. He points out the tough choice…

1
Annie Saunders, Editor, Tech Brew 24:32

2M ago24:32

24:32

Annie Saunders has been a tech journalist for several years now, but her diverse career background, local news, commodities, food, had her questioning why we'd even invite her on this show. No need to question yourself, Annie. Generalists make great tech journalists, as is evidenced by the reporting on AI, EV transportation, and climate tech for Mo…

1
Kemba Walden and Devin Lynch on securing the AI Stack 1:06:31

3M ago1:06:31

1:06:31

Greg is joined in studio with Kemba Walden and Devin Lynch from the Paladin Global Institute about securing the future of AI. They break down the multilayered AI technology stack and highlight where systems are most at risk—from data poisoning to adversarial model extraction. We discuss the adequacy of today’s security standards, the evolving respo…

1
Valence Security’s Yoni Shohet on the growing risk tied to SaaS applications 33:52

3M ago33:52

33:52

Greg is joined in studio with Kemba Walden and Devin Lynch from the Paladin Global Institute about securing the future of AI. They break down the multilayered AI technology stack and highlight where systems are most at risk—from data poisoning to adversarial model extraction. We discuss the adequacy of today’s security standards, the evolving respo…

1
Intel471’s Will Dixon goes behind the scenes on the DanaBot takedown 32:40

3M ago32:40

32:40

This week, Greg talks to Will Dixon, Senior Intelligence Collection Manager for Intel471, about the lifecycle and takedown of DanaBot — one of the most notorious malware-as-a-service (MaaS) platforms of the last decade. We'll explore how DanaBot transformed from a banking trojan into a full-featured MaaS tool, capable of serving both criminal enter…

1
DARPA’s Andrew Carney on AIxCC’s quest for truly autonomous AI 52:28

3M ago52:28

52:28

Greg Otto talks with Andrew Carney, project manager at DARPA, about the AIxCC competition. With the finals set to be held in August during DEF CON, they discuss how these autonomous systems fared in detecting and remediating vulnerabilities, as well as the key lessons learned from live exercises and the semifinals. The conversation highlights DARPA…

1
Julie Bort, Editor, Startups & Venture Capital, TechCrunch 39:53

4M ago39:53

39:53

Julie Bort has been in tech journalism long enough to have had not one, but two tenures of 13 plus years – first at Network World and then at Business Insider, now editor of VCs and startups at TechCrunch. You might be surprised to learn that one of the most prolific voices in B2B Tech reporting nearly became a teacher, and you'll definitely be sur…

1
RSA CEO Rohit Ghai on the promise and peril of passkeys 41:19

4M ago41:19

41:19

Greg Otto talks with RSA CEO Rohit Ghai on the global shift toward passkeys and passwordless authentication. Together, they explore pressing issues including the differences between consumer and enterprise solutions, infrastructure vulnerabilities, regulatory challenges, and how emerging threats are evolving as passwordless adoption accelerates. Th…

1
MIND’s Eran Barak 33:55

4M ago33:55

33:55

Greg Otto talks with Eran Barak, CEO and co-founder of MIND, on the dramatic rise of insider threats in cybersecurity, exploring recent high-profile cases and the factors fueling this surge. He discusses which industries and data types are most at risk, how insider tactics have evolved, and practical strategies for organizations to detect and preve…

1
Bishop Fox’s Rob Ragan and Iron Man Suit for pen testers 30:08

4M ago30:08

30:08

Greg Otto talks with Rob Ragan, Principal Technology Strategist at Bishop Fox, as he shares his vision of building an “Iron Man suit” for human security testers that is shaping how AI is used in offensive cybersecurity. Rob dives into lessons learned from developing adaptive AI tools, the unique challenges and risks facing modern AI systems, and ef…

1
Olivia Rose on why the CISO role may not be the pinnacle of security work 44:48

4M ago44:48

44:48

In this episode, Greg sits down with Olivia Rose, Founder and CISO of the Rose CISO Group, to talk about her role in "CISO: The Worst Job I Ever Wanted," a groundbreaking cybersecurity docuseries that reveals the real experiences of Chief Information Security Officers. This podcast uncovers the pressures, sleepless nights, and personal sacrifices t…

1
Jeremey Owens, Editor-in-Chief, San Francisco Business Times 45:24

4M ago45:24

45:24

Jeremy Owens just landed a new gig as the latest editor in chief of the San Francisco Business Times. In this market, that's a minor miracle. Jeremy joined us to talk about that change, his early plans for the outlet's mission, and why he thinks San Francisco is the New Orleans of the West. That's a new one for this episode of Pressing Matters from…

1
Semperis CEO Mickey Bresman on the power of tabletop exercises 35:07

5M ago35:07

35:07

In this episode, Greg sits down with Semperis CEO Mickey Bresman to explore how organizations can proactively prepare for cyber crises before they strike. The conversation centers on the power of tabletop exercises—simulated attack scenarios that test response plans, reveal hidden vulnerabilities, and build muscle memory across teams. Together, Gre…

1
Expel CEO Dave Merkel on the impact of AI & Automation in modern SOCs 31:58

5M ago31:58

31:58

In this episode, we sit down with Dave Merkel, CEO of Expel to take an honest, practical look at how AI and automation are reshaping the modern Security Operations Center (SOC). Our discussion covers the most tangible changes in daily SOC operations since AI adoption, cutting through industry hype to reveal which claims deserve skepticism and which…

1
Recorded Future’s Alexander Leslie on the ‘MarkoPolo’ traffer team 32:57

5M ago32:57

32:57

In this episode, Greg talks with Alexander Leslie, Threat Intelligence Analyst for Recorded Future’s Insikt Group and his research on “Marko Polo” – a notorious cybercriminal empire that orchestrates an array of scams, primarily using infostealer malware. Discover how this sophisticated syndicate has victimized tens of thousands worldwide and raked…

1
Verizon’s Alex Pinto on the takeaways from the 2025 DBIR 38:42

5M ago38:42

38:42

On this episode of Safe Mode, Greg talks with Alex Pinto, Associate Director of Threat Intelligence at Verizon Business, as we unpack the key findings from this year’s Data Breach Investigations Report (DBIR). Pinto offers expert analysis on the most pressing cybersecurity trends impacting organizations worldwide—including ransomware’s dramatic spi…

1
Matt Kapko, Reporter, CyberScoop 32:50

5M ago32:50

32:50

Are you ready for RSA 2025? Matt Kapko of CyberScoop is, and he definitely doesn't want to hear about AI, although he and I–and everyone listening to the podcast today–all know he will. In addition to AI, Matt joined us to talk about his early days singing in a punk rock band in Orange County, his time in a string of hyperlocal newspapers, and more…

1
Will Pearce on the ever-changing field of offensive AI security 40:34

6M ago40:34

40:34

In this episode, Greg talks with Will Pearce, CEO and Co-founder of Dreadnode about the rapidly evolving field of offensive AI security. Greg and Will discuss the unique challenges researchers face in testing AI models for vulnerabilities compared to traditional software, unveiling how adversarial attacks impact AI security and the ethical consider…

1
Lior Div on how security teams should be using AI agents 34:32

6M ago34:32

34:32

In this episode, Greg talks with Lior Div, co-founder and CEO of 7AI. Lior and Greg explore how security teams are being reinforced with AI Agents and identify the areas where CISO are embracing this technological shift to optimize their talent resources. We'll also discuss the specific security functions these agents are performing, including emai…

1
Ken Bagnall on how companies can work with governments to take down malicious infrastructure 32:38

6M ago32:38

32:38

In this episode, Greg Otto talks with Ken Bagnall, CEO of Silent Push Ken sheds light on the dynamics of the current cybercrime ecosystem. Ken reveals that a significant portion of the infrastructure is actually operated by affiliate networks using pre-existing technologies. During the discussion, Ken elaborates on how this ecosystem is fueled and …

1
Edera’s Alex Zenla on how to make cloud computing and AI secure-by-design 47:20

6M ago47:20

47:20

In this episode, Greg Otto talks with Edera co-founder and CTO Alex Zenla, charting her path from beginnings in Minecraft IRC channels to pioneering container isolation technology. Alex discusses her unique expertise in container security, GPU protection, and AI infrastructure, and how Edera is transforming the tech landscape with a commitment to b…

1
Allie Bohan on how to handle the non-technical side of a ransomware attack 35:51

7M ago35:51

35:51

In this episode, Greg Otto talks with FTI Consulting’s Allie Bohan exploring the challenges organizations face in maintaining effective communication during cyberattacks. Allie and Greg uncover essential strategies for incidents, ensuring companies remain connected with stakeholders even when digital channels are compromised. We also talk on how to…

1
Fred Vogelstein, Co-Editor and Co-Founder, CrazyStupidTech 53:34

7M ago53:34

53:34

Fred Vogelstein wanted to be a Moscow bureau chief. He did manage to get to Berlin as a student in the months after the Berlin Wall fell in 1989, but he still hasn't been to Moscow. Instead, Fred became one of the most influential technology reporters of his generation, with stints at the Wall Street Journal, Wired, The Information, US News, and Fo…

1
Discover’s Sunil Mallik on the ever-changing roles of the CISO 38:34

7M ago38:34

38:34

In this episode, Greg Otto talks with Sunil Mallik, the CISO of Discover Financial Services. Sunil shares his career path and the evolving challenges and responsibilities in cybersecurity, covering how he communicates with his board, strategic approaches to cybersecurity, and the importance of balancing technological investment with personnel train…

1
Chainguard’s Dan Lorenc on the next decade of software supply chain security 28:44

7M ago28:44

28:44

In this episode, Greg Otto talks with Dan Lorenc, CEO and co-founder of Chainguard. They explore the challenges organizations face with CVE management, where dealing with vulnerabilities often drains valuable engineering resources. They also discuss how new visualization tools are redefining this landscape by offering clear insights into CVE trends…

1
Virtru’s John Ackerly on how the feds are keeping data secure and interoperable 34:29

7M ago34:29

34:29

In this episode, Greg Otto talks with Virtru Co-founder and CEO John Ackerly , discussing the significance of open standards, the challenges and successes of implementing the Trusted Data Format across federal agencies, and the critical role of interoperability and compliance. John also gives us details on how close the country was to a national pr…

1
FBI’s Cynthia Kaiser on Salt Typhoon’s ‘indiscriminate’ data collection 20:10

8M ago20:10

20:10

In this episode, you will hear Cynthia Kaiser, deputy assistant director in the bureau’s cyber division talk about the implications of the Salt Typhoon breach, which she spoke about during CyberScoop’s Zero Trust Summit. Kaiser characterized the breach as “a different level of insidiousness” from Beijing, one that reflects its “ambition and reckles…

1
Catherine Sbeglia Nin, Managing Editor, RCR Wireless News 32:41

8M ago32:41

32:41

Unlike most of our previous guests, Catherine Sbeglia Nin didn't set out to be a reporter. She was a doctoral candidate in film theory. When realizing she was miserable, she figured she'd find other ways to tell stories after dipping her toes in the journalism waters. RCR Wireless, one of the magazines of record for Telco Wireless and networking, o…

1
Chainalysis’ Jackie Burns-Koven on the drop in ransomware payments 32:52

8M ago32:52

32:52

Greg Otto talks with Jackie Burns-Koven, Head of Cyber Threat Intelligence at Chainalysis. They discuss research from Chainalysis that shows a 35% drop in ransom payments over the second half of 2024. They also discuss the growing refusal of victims to pay ransoms and how attackers are adapting their tactics. Additionally, she highlights the influe…

1
Google’s John Hultquist on how APTs are using generative AI 27:17

8M ago27:17

27:17

Greg Otto talks with John Hultquist, Chief Analyst for Google Threat Intelligence Group. They explore the qualitative differences between AI-generated and human-crafted social engineering tactics, and discuss the technical limitations of AI when used by less sophisticated threat actors like those in North Korea. Additionally, the episode addresses …

1
Hugh Thompson on what the SEC got right (and wrong) with its cyber incident reporting mandate 43:16

8M ago43:16

43:16

Greg Otto talks with Hugh Thompson, Executive Chairman for RSAC Conference. Greg and Hugh discuss how the SEC's cyber disclosure regulations have fallen short of their intended purpose, failing to provide investors with enhanced transparency due to ongoing debates about materiality and insufficient market consequences. Additionally, they discuss th…

1
Gabrielle Hempel on AI regulation on the federal and state level 39:55

8M ago39:55

39:55

Greg Otto talks with Exabeam’s Gabrielle Hempel about the complex terrain of AI regulation at both the federal and state levels, offering a deep dive into the legislative challenges, and the balancing act of fostering innovation while protecting public interests. They also reflect on how public interaction with AI systems is shaping legislative eff…

1
Patrick Seitz, Senior Writer, Investor's Business Daily 37:31

8M ago37:31

37:31

It's pretty rare these days to find anyone in tech media who has been at the same outlet for a quarter century. But Patrick Seitz has been covering the fascinating world of tech, finance, and the stock market for exactly that: 25 years at Investors' Business Daily. A Chicago-area native who cut his teeth covering courts and crime, Pat switched to c…

1
Guidepoint Security’s Jason Baker on lessons learned from negotiations with ransomware groups 51:58

9M ago51:58

51:58

As we head into 2025, Greg talks with Jason Baker, a ransomware negotiator for Guidepoint Security, on how ransomware has shifted and evolved, and the challenges it poses for businesses and governments alike. Jason also sheds light on the top threat actors, the future of international regulations and where they might fall concerning the contentious…

1
Phil Venables on the State of the CISO 40:58

9M ago40:58

40:58

In the first episode of 2025, Greg Otto dives into a conversation with Phil Venables, the Chief Information Security Officer of Google Cloud, who shares insights from his expansive career in cybersecurity. From his beginnings as Goldman Sachs' first CISO to his current role leading risk and security at Google, Phil discusses the evolving challenges…

1
Vik Phatak on the inherent issues in native cloud firewalls 32:05

10M ago32:05

32:05

In the latest episode of Safe Mode, Greg Otto talks with Vik Phatak, Chairman and CEO of CyberRatings.org. Cyber Ratings recently released a report assessing the native firewalls provided by major cloud service providers like Microsoft, Google, and AWS. These cloud-native firewalls, included with their instances, were put to the test by Cyber Ratin…

1
Michael Krigsman, Host and Publisher, CXOTalk 32:07

10M ago32:07

32:07

Michael Krigsman doesn't call himself a journalist. Yes, he has produced 800 podcasts and videos in the past 11 years as the founder and host of CXOTalk, but he doesn't have a journalism degree or any editorial training, and his pieces are a mix of editorial and sponsored. That said, Michael does have an innate sense of story. He's not afraid to ch…