Best Sprs Podcasts (2025)

1
The Compliance Crucible: Navigating the CMMC 2.0 & SPRS Mandate 24:54

Play Pause

11d ago24:54

24:54

As the Department of Defense activates Phase 1 of the CMMC rollout, government contractors must race to validate their cybersecurity posture or risk losing contract eligibility. This episode breaks down the critical path to Level 2 certification, including the costs of remediation, the 110 controls of NIST SP 800-171, and the mandatory reporting re…

1
Silent Nights & Cyber Frights: The 12 Threats of Christmas 2025 42:56

6h ago42:56

42:56

This episode uncovers the "12 Threats of Christmas" defining the 2025 holiday season, where AI-driven social engineering and deepfakes have turned festive shopping into a high-stakes battlefield. We explore the surge in retail ransomware and "smishing" attacks, while auditing the hidden privacy risks of popular smart toys that may be spying on your…

1
Dominating the Digital Space: The Fight for National Resilience 16:47

1d ago16:47

16:47

This episode unpacks a bold new strategy from the Vanderbilt University Institute of National Security, arguing that the U.S. must undertake a "whole-of-society" mobilization akin to World War II to counter persistent cyber aggression. We discuss the proposed shift to "Integrated Resilience," which focuses defense efforts on the five most critical …

1
Unlocking the 1999 Joint PSYOP Task Force Manual 13:13

2d ago13:13

13:13

This episode dives into the declassified Chairman of the Joint Chiefs of Staff Manual 3500.08, which serves as the master training guide for establishing and operating a Joint Psychological Operations Task Force (JPOTF) headquarters. We explore how military planners were taught to integrate psychological operations with special forces, civil affair…

1
Shadow Networks: Inside the War on Bulletproof Hosting 14:55

5d ago14:55

14:55

Delve into the clandestine industry of Bulletproof Hosting (BPH), where providers utilize sophisticated "infrastructure laundering" and corporate shell games to shield ransomware gangs from the law. We explore how these digital fortresses have evolved from physical bunkers to complex networks of jurisdictional arbitrage and "DMCA ignored" policies …

1
NIST 800-171 and CMMC 2.0: How Assessors Actually Score You 31:17

6d ago31:17

31:17

Submit any questions you would like answered on the podcast! Are assessors judging you on CMMC or NIST 800 171 when audit day arrives? In this episode of the CMMC Compliance Guide Podcast, Stacey and Brooke break down the real relationship between CMMC 2.0 and NIST 800 171 so you are not guessing when it matters most. We walk through how the 110 NI…

1
The ₹250 Crore Question: Navigating India’s Zero-Tolerance Data Privacy Era 15:51

6d ago15:51

15:51

With the operationalization of the DPDP Rules 2025, India has ushered in a stringent "zero-tolerance" regime that mandates reporting every data breach regardless of risk and replaces GDPR-style legitimate interest with strict verifiable consent. We break down the critical compliance timeline leading to full enforcement in May 2027, analyzing how th…

1
Vietnam’s Digital Sovereignty: Navigating the 2026 AI Law 17:33

7d ago17:33

17:33

This episode explores Vietnam's first comprehensive Law on Artificial Intelligence, set to take effect on March 1, 2026, which establishes a risk-based regulatory framework similar to the EU AI Act but with a distinct focus on national sovereignty. We analyze the four distinct risk categories ranging from "unacceptable" prohibitions to "low-risk" s…

1
Crisis Footing: State Threats and the Straining of UK Intelligence 13:19

8d ago13:19

13:19

The Intelligence and Security Committee’s 2023–2025 report reveals an Intelligence Community operating on a permanent "crisis footing," forcing agencies to continuously divert resources from long-term priorities to handle immediate conflicts in Ukraine and the Middle East. While the community pivots to address the complex "whole-of-state" threats p…

1
The Strategic CISO: From Fire Inspector to City Planner 16:43

9d ago16:43

16:43

The Chief Information Security Officer's mandate has shifted from a technical focus on infrastructure to that of a strategic business partner who aligns security directly with value creation. Amidst geopolitical volatility and the "velocity of change," modern CISOs must act as storytellers and resilience guardians to protect the organization's "cro…

1
Hacking the Green Rush: Securing the Cannabis Digital Supply Chain 41:05

10d ago41:05

41:05

This episode uncovers the "perfect storm" of cyber risks facing cannabis operators, from the regulatory "cashless ATM" crackdowns to the sophisticated phishing campaigns responsible for nearly 9 out of 10 industry breaches. We analyze high-profile incidents like the Stiiizy data exposure to show how third-party vendor vulnerabilities can cascade th…

1
De Cyberbeveiligingswet: De Digitale Revolutie van 2026 17:20

12d ago17:20

17:20

In deze aflevering duiken we in de nieuwe Cyberbeveiligingswet (Cbw), die de Europese NIS2-richtlijn naar Nederlandse wetgeving vertaalt en de huidige Wbni vervangt. We bespreken waarom de implementatie is vertraagd tot het tweede kwartaal van 2026 en waarom de Rijksoverheid adviseert om nu al te starten met de tien verplichte zorgplichtmaatregelen…

1
The Cbw Countdown: Surviving the Dutch Cybersecurity Revolution 16:30

12d ago16:30

16:30

This episode unpacks the new timeline for the Cyberbeveiligingswet, the Dutch implementation of NIS2 now projected for the second quarter of 2026, and explains the critical distinction between Essential and Important entities. We dive into the expanded fiduciary duties for board members, who now face mandatory training and potential personal liabil…

1
Carded at the Digital Door: The Surveillance of the Public Square 35:51

13d ago35:51

35:51

As governments from Australia to Texas enforce "digital borders" through mandates like the Social Media Minimum Age Act, the internet is rapidly shifting from an open forum to a surveillance state requiring government ID or biometric scans for entry. While intended to protect children, experts warn these systems create "massive centralized reposito…

1
The Path Toward AGI and Its Impact on CMMC and GRC Platforms 4:16

13d ago4:16

4:16

Thank you for visiting our podcasts on CMMC Cybersecurity! Explore more insights, updates, and expert discussions on our blog: https://cybercomply.us/blog-list Luis G. Batista C.P.M., CPSM Founder & CEO, Armada Cyber Defense | CyberComply [email protected] Office: (305) 306-1800 Ext. 800 CAGE: 9QG33 UEI: K6UZHLE1WUA7 Schedule Introduction: https:…

1
Top CMMC Myths Debunked: Cloud, Vendors, Firewalls, and MFA Mistakes Explained 16:59

13d ago16:59

16:59

Submit any questions you would like answered on the podcast! Today’s episode of the CMMC Compliance Guide Podcast dives into the biggest myths that machine shops, fabricators, CNC shops, and mid-sized defense contractors still believe about CMMC. From cloud misconceptions to vendor promises that fall short, Brooke breaks down why these misunderstan…

1
The Perimeter is Dead: How Vendor Insecurity Ignited a $500 Million Ransomware Crisis 33:39

15d ago33:39

33:39

We investigate the "Firewall Crisis" where the four dominant vendors—Cisco, Fortinet, SonicWall, and Check Point—collectively contributed over 50 actively exploited vulnerabilities to CISA's catalog, effectively transforming defensive appliances into primary attack vectors. The discussion uncovers how this systemic failure enabled the Akira ransomw…

1
The Chat Control Dilemma: Voluntary Surveillance, Age Checks, and the Fight for Encryption 14:27

16d ago14:27

14:27

After years of controversy, EU member states have agreed on a revised position for the "Chat Control" regulation that drops mandatory mass scanning but introduces a framework for "voluntary" detection of private messages. Privacy advocates and security experts warn that this new "risk mitigation" approach, coupled with mandatory age verification, c…

1
Verification Nation: Inside Australia’s Great Social Media Lockout 13:11

17d ago13:11

13:11

Australia is launching a world-first "grand experiment" by banning social media for under-16s and mandating age verification for search engines, threatening fines of up to $49.5 million for tech giants that fail to comply. We explore the massive privacy trade-offs as millions of Australians—adults included—face requirements to submit government IDs…

1
The Minivan Empire: How a Solo CISO Built a Global Intelligence Network from a Honda Odyssey 32:40

19d ago32:40

32:40

Discover how a veteran security consultant rebuilt a media empire from scratch following a business collapse, all while operating full-time from a solar-powered Honda Odyssey with Starlink. We explore how the CyberAdX Network leverages extreme automation to deliver 25 million annual impressions and undercut legacy publishers by 50 to 100 times in c…

1
CISO Insights: The Strategic Security Briefing 12:04

19d ago12:04

12:04

Broadcasting 3-4 episodes weekly, this show delivers critical analysis on data breaches, compliance frameworks, and threat intelligence to a loyal audience of enterprise security practitioners. The listener base is heavily concentrated in the US market (45%), with deep penetration in major tech hubs like California and defense sectors in Virginia. …

1
NIS2 Unlocked: The New Era of European Cyber Resilience 35:19

20d ago35:19

35:19

This episode explores the transformative impact of the NIS2 Directive, which mandates robust cybersecurity risk management and strict "24-72-30" incident reporting timelines for essential and important entities across the EU. We break down the critical distinctions in supervisory regimes and the expanded scope that now includes sectors ranging from…

1
Plain English Guide to CMMC Level 1: Basic Cybersecurity Without the Headache 27:42

20d ago27:42

27:42

Submit any questions you would like answered on the podcast! CMMC Level 1 Self- Assessment Guide: https://dodcio.defense.gov/Portals/0/Documents/CMMC/AG_Level1_V2.0_FinalDraft_20211210_508.pdf In this episode of the CMMC Compliance Guide Podcast, Stacey and Austin from Justice IT Consulting break down CMMC Level 1 in clear, simple terms: what it is…

1
Taming the AI Gold Rush: A New Building Code for Trustworthy Intelligence 13:24

21d ago13:24

13:24

As the tech world races through an "AI gold rush," the gap between rapid innovation and safety standards has created massive risks for organizations deploying Generative AI. This episode breaks down the new OWASP AI Maturity Assessment (AIMA), a comprehensive blueprint that acts as a "building code" to ensure AI systems are secure, reliable, and al…

1
Mastering Digital Resilience: The DORA in Control Framework 13:37

22d ago13:37

13:37

This episode explores the challenges financial institutions face in translating the complex legal requirements of the EU’s Digital Operational Resilience Act (DORA) into practical, daily operations. We dive into the "DORA in Control" framework developed by NOREA, which consolidates the regulation into 95 actionable controls across eight domains to …

1
Agent Zero: The New Era of Autonomous Cybercrime 16:29

24d ago16:29

16:29

This episode explores how the widespread deployment of agentic AI is fundamentally redefining enterprise security by creating fully autonomous, adaptive, and scalable threats that act with growing authority to execute multi-step operations and interact with real systems. We analyze how this shift has industrialized cybercrime, allowing automated op…

1
The Hallucination Trap: Cutting Through AI Vendor Hype and Red Flags 14:40

25d ago14:40

14:40

The cybersecurity market is saturated with "AI washing," forcing CISOs to rigorously vet vendors promising "autonomous" capabilities that often lack genuine intelligence. This episode provides a battle-tested framework for demanding proof over promises, revealing critical technical red flags like claims of zero hallucinations or a lack of essential…

1
When the Cloud Falls: The Systemic Fragility of Modern Infrastructure 31:56

26d ago31:56

31:56

This episode explores the alarming trend of catastrophic, back-to-back outages in late 2025, including the AWS DNS failure, Microsoft’s Azure Front Door configuration cascade, and the Cloudflare collapse, all caused by configuration errors in highly concentrated edge services. We analyze how a single error in one cloud region can create a dependenc…

1
The Digital Lockdown: Australia's Teenagers Take the High Court 15:31

27d ago15:31

15:31

Australia is implementing the world's first nationwide age restriction—commonly called a "ban"—on social media access for users under 16, with full enforcement beginning on December 10, 2025. This controversial law is facing a constitutional challenge in the High Court, led by teenagers who argue the restriction violates the implied freedom of poli…

1
Top 12 CMMC Level 2 Requirements Explained: Gap Assessments, Scope, SSP, and POA&M 42:31

27d ago42:31

42:31

Submit any questions you would like answered on the podcast! In this episode of the CMMC Compliance Guide Podcast, Stacey and Austin from Justice IT Consulting walk through the top 12 essentials every contractor needs to achieve CMMC Level 2 compliance especially small and mid-sized defense manufacturers. You’ll learn how to start compliance the ri…

1
The Dark Pattern Paradox: AI, Phishing, and the Convenience Trap 36:38

28d ago36:38

36:38

The cybersecurity landscape continues to evolve, demonstrating worrying trends as rapidly advancing Generative AI capabilities enable sophisticated attacker tactics, making phishing attempts much more targeted and customized. This episode explores how pervasive digital dark patterns leverage consumer cognitive biases, tricking users into sharing pe…

1
ACR and Alexa: The Mandatory Surveillance of the Modern Smart Home 40:33

29d ago40:33

40:33

Smart devices like Amazon's Alexa and modern smart TVs are perpetually monitoring domestic life, utilizing technologies such as Automatic Content Recognition (ACR) to harvest viewing habits and inadvertently recording private conversations through frequent, long-duration misactivations. These recorded interactions are sent to the cloud for training…

1
Deepfakes, Donations, and Deception: The Psychology of the Cyber Con 40:50

30d ago40:50

40:50

Threat actors are exploiting human psychology using sophisticated techniques like AI-powered deepfakes and emotional manipulation to bypass traditional security defenses. This episode explores how nonprofits and consumer organizations are increasingly targeted by highly effective scams, including CEO impersonation fraud, Business Email Compromise (…

1
The Accidental Leak: Why You're the Biggest Threat to Your Own Data 29:01

1M ago29:01

29:01

We dive into the most financially devastating threats of 2025, revealing how ransomware, which accounted for 76% of incurred losses in one portfolio, and vendor breaches continue to drive significant financial damage. The discussion explores how AI is turbocharging social engineering and credential stuffing (which caused a 250% increase in Account …

1
CyberComply CMMC GRC Partner Rates and Discounts 4:33

30d ago4:33

4:33

Thank you for visiting our podcasts on CMMC Cybersecurity! Explore more insights, updates, and expert discussions on our blog: https://cybercomply.us/blog-list Luis G. Batista C.P.M., CPSM Founder & CEO, Armada Cyber Defense | CyberComply [email protected] Office: (305) 306-1800 Ext. 800 CAGE: 9QG33 UEI: K6UZHLE1WUA7 Schedule Introduction: https:…

1
MTTR: Tactics, Trust, and Time-to-Report 45:15

1M ago45:15

45:15

This podcast dissects adversary tactics, techniques, and procedures (TTPs), focusing on how attackers leverage social engineering and human psychological weaknesses like fear and trust to gain unauthorized access. We explore the proactive strategies of Red Teaming and Breach and Attack Simulation (BAS), which use the MITRE ATT&CK framework to emula…

1
Zero Trust to SCADA: Navigating the InfoSec Mandate 14:25

1M ago14:25

14:25

This podcast explores the comprehensive responsibilities of modern InfoSec professionals, ranging from core security operations like vulnerability management across operating systems, network devices, and containers, to ensuring physical security and managing application development standards. Dive deep into emerging and complex domains such as AI …

1
The Privacy Divide: State Laws, Age Limits, and the Battle for the Under-18 Consumer. 36:11

1M ago36:11

36:11

This episode explores the complex division in state mandates between general consumer privacy laws and specific children’s design codes, which often function as separate acts or amendments. We break down how compliance is determined either by broad, quantitative thresholds like annual gross revenue and high data volume, or by the specific service's…

1
The Crown Jewels of Governance: Australian Cyber Security Priorities for Boards in 2025-26 12:25

1M ago12:25

12:25

Australia faces a heightened global cyber threat environment driven by geopolitical tensions, with malicious actors continuing to target organizations of all types and sizes, which has led to rising cybercrime costs and serious data breaches. Drawing on guidance from the Australian Signals Directorate (ASD) and the Australian Institute of Company D…

1
The Generative Firewall: Securing AI and Using AI for Defense 13:56

1M ago13:56

13:56

This episode explores the transformative challenge of modern security, focusing on how organizations must adapt their strategies to both secure generative AI applications and leverage AI to strengthen existing defenses. We dive into the critical concepts of securing functionally non-deterministic AI systems by implementing external security boundar…

1
Rogue Agents and Railgun Fights: Securing the AI Frontier 42:33

1M ago42:33

42:33

Nation-state hackers are now deploying autonomous AI agents like Claude to execute 80–90% of sophisticated espionage and crime campaigns at machine speed, requiring human intervention at only a few critical decision points. Defenders are thrust into an urgent "AI vs. AI arms race," racing to adopt proactive measures like Google's Big Sleep to detec…

1
The 90% Attack: Inside the First AI-Orchestrated Cyber Espionage Campaign 12:18

1M ago12:18

12:18

Anthropic revealed on November 13, 2025, that Chinese state-sponsored hackers successfully weaponized its Claude AI system to conduct the first documented AI-orchestrated cyber espionage campaign. The sophisticated operation, which targeted approximately 30 global organizations including technology companies, financial institutions, and government …

1
Beyond the First Lie: Building Communication Resilience with the RESIST Framework 17:09

1M ago17:09

17:09

Explore the systematic RESIST 3 framework, which guides government communicators through six sequential steps designed to build resilience against the impacts of manipulated, false, and misleading information (MDM). This episode details the crucial "Recognise" stage, where communicators use the FIRST indicators (Fabrication, Identity, Rhetoric, Sym…

1
From Perimeter to Pipeline: Securing the OWASP Top 10 in the Cloud Era 13:33

1M ago13:33

13:33

The 2025 OWASP Top 10 reveals a fundamental shift in application security, showing how threats have transformed from simple code flaws like buffer overflows to exploiting the systemic complexity of cloud-native and microservices architectures. This newest list confirms the continued dominance of Broken Access Control (A01) and spotlights the critic…

1
From BOLA to Bots: Building a Layered API Defense Against the Modern Top 10 40:03

1M ago40:03

40:03

APIs are the "nervous system" of modern applications, making them the number one attack vector, with flaws like Broken Object Level Authorization (BOLA), Broken Object Property Level Authorization (BOPLA), and Broken Function Level Authorization (BFLA) accounting for a high percentage of breaches. This episode delves into the multi-layered "defense…

1
Orchestrating Security: The DevSecOps Blueprint for 2025 36:08

1M ago36:08

36:08

Driven by a market anticipated to exceed USD 40.6 billion by 2030, DevSecOps Engineers are crucial experts who bridge the gaps between software development, security protocols, and operational efficiency. Successful implementation relies on a socio-technical work system that emphasizes cultural transformation, shared security responsibility, and pr…

1
The Algorithmic Adversary: Tracking the Shift to Novel AI-Enabled Malware 15:36

2M ago15:36

15:36

The Google Threat Intelligence Group (GTIG) has identified a significant shift where adversaries are now deploying novel AI-enabled malware in active operations, moving beyond simple productivity gains observed in 2024. This new operational phase includes "Just-in-Time" AI malware, such as PROMPTFLUX and PROMPTSTEAL, that utilize Large Language Mod…

1
Armada CMMC Strategy and Readiness Tools 5:47

1M ago5:47

5:47

Thank you for visiting our podcasts on CMMC Cybersecurity! Explore more insights, updates, and expert discussions on our blog: https://cybercomply.us/blog-list Luis G. Batista C.P.M., CPSM Founder & CEO, Armada Cyber Defense | CyberComply [email protected] Office: (305) 306-1800 Ext. 800 CAGE: 9QG33 UEI: K6UZHLE1WUA7 Schedule Introduction: https:…

1
CMMC for MSPs and MSSPs Turning Compliance Into a Service Offering 5:16

1M ago5:16

5:16

Thank you for visiting our podcasts on CMMC Cybersecurity! Explore more insights, updates, and expert discussions on our blog: https://cybercomply.us/blog-list Luis G. Batista C.P.M., CPSM Founder & CEO, Armada Cyber Defense | CyberComply [email protected] Office: (305) 306-1800 Ext. 800 CAGE: 9QG33 UEI: K6UZHLE1WUA7 Schedule Introduction: https:…

1
Empower Your Clients’ CMMC Readiness Journey 4:52

2M ago4:52

4:52

Thank you for visiting our podcasts on CMMC Cybersecurity! Explore more insights, updates, and expert discussions on our blog: https://cybercomply.us/blog-list Luis G. Batista C.P.M., CPSM Founder & CEO, Armada Cyber Defense | CyberComply [email protected] Office: (305) 306-1800 Ext. 800 CAGE: 9QG33 UEI: K6UZHLE1WUA7 Schedule Introduction: https:…