Best Phosphorus Cybersecurity Podcasts (2025)

1
Phosphorus’ Sonu Shankar on IoT Vulnerabilities and Salt Typhoon Tactics 23:50

Play Pause

14h ago23:50

23:50

In this episode, Greg Otto talks with Sonu Shankar, President at Phosphorus, to discuss the unique security challenges facing today’s rapidly expanding Internet of Things landscape, where traditional endpoint protections are ineffective. The episode explores how everyday devices with default passwords and outdated firmware open organizations up to …

1
Halcyon’s Cynthia Kaiser on the state of ransomware 29:13

5d ago29:13

29:13

In this episode, Greg Otto talks with Cynthia Kaiser Sr. Vice President of Halcyon’s Ransomware Research Center, discussing the latest ransomware operations and exploring the latest shifts in the cyber threat landscape. Greg and Cynthia discuss the rise of new groups like DragonForce, SafePay, and Fog, and the decline of once-dominant names such as…

1
What happens if CISA 2015 lapses? 24:41

12d ago24:41

24:41

In this episode of Safe Mode, host Greg Otto talks with Tim Starks about what would happen if the nation’s information sharing law – known as CISA 2015 – expires at the end of September. In our interview segment, Greg talks with Kevin Hanes, CEO of Reveal Security, exploring the critical and often overlooked world of machine identity security. From…

1
Bridging Worlds: The Evolving Landscape of IoT Security and Regulation 32:32

14d ago32:32

32:32

Aseem Jakhar, Cybersecurity Entrepreneur, Technologist, and Founder of EXPLIoT, joins Phillip Wylie to address the current state and evolution of IoT and hardware security, examining why security has lagged in this sector compared to other technological advances. By exploring regulatory changes, practical security considerations for both researcher…

1
Dave DeWalt on how to get a board to buy in on cybersecurity 31:23

19d ago31:23

31:23

In this episode of Safe Mode, host Greg Otto talks with Dave DeWalt, founder and CEO of NightDragon, about advising boards and portfolio companies on making cyber a first-order business issue, not an afterthought. We’ll explore how emerging technologies and remote work reshape risk profiles, when a CISO belongs in the board conversation—or even in …

1
Are enterprises having the right AI security conversations? 45:51

26d ago45:51

45:51

In this episode of Safe Mode, host Greg Otto sits down with Chris Sestito, CEO of HiddenLayer Technologies, to discuss the evolving landscape of AI security and where current protection strategies are falling short. Sestito shares insights on how leading enterprises are rethinking their approach to AI asset protection, reveals real-world examples w…

1
What is CISA’s focus moving forward 34:29

1M ago34:29

34:29

On this episode of Safe Mode, Greg Otto sits with two CISA leaders, Chris Butera, Acting Executive Assistant Director for CISA’s Cybersecurity Division, and Bob Costello, CIO of CISA, at the 2025 Black Hat USA Conference to discuss numerous different topics: the recent Microsoft Sharepoint vulnerability, the upcoming CIRCIA rulemaking, the future o…

1
Inside the AI Action Plan with Dreadnode’s Daria Bahrami 33:24

1M ago33:24

33:24

On this episode of Safe Mode, host Greg Otto sits down with Daria Bahrami, Head of Policy at Dreadnode, for an in-depth exploration of the new AI Action Plan and its sweeping implications for critical infrastructure security. From the technical hurdles in securing vital systems to the growing need for “secure-by-design” technology standards, Daria …

1
Breaking Down Barriers: Making IoT and Hardware Hacking Accessible to All with Andrew Bellini 31:51

2M ago31:51

31:51

The episode centers on the challenges and opportunities in IoT and OT security, with insights from technical content creator, hardware hacker, and educator Andrew Bellini. It highlights the often-overlooked vulnerabilities of industrial and consumer IoT devices, emphasizing the accessibility of hardware hacking and the need for practical, low-cost …

1
NetRise’s Tom Pace on why telecom’s Salt Typhoon problem may never go away 30:36

2M ago30:36

30:36

In this episode of Safe Mode, Greg talks with Tom Pace, CEO of Netrise, about the recent Salt Typhoon cyberattack against U.S. telecom networks and how the government is responding. Tom explains why it’s so hard to fully protect or fix these giant, complex systems, even when officials say they have stopped the threat. He points out the tough choice…

1
Kemba Walden and Devin Lynch on securing the AI Stack 1:06:31

2M ago1:06:31

1:06:31

Greg is joined in studio with Kemba Walden and Devin Lynch from the Paladin Global Institute about securing the future of AI. They break down the multilayered AI technology stack and highlight where systems are most at risk—from data poisoning to adversarial model extraction. We discuss the adequacy of today’s security standards, the evolving respo…

1
Building IoT Trust: Budgeting, Community, and the Hacker Mindset with Ted Harrington 32:14

2M ago32:14

32:14

Ted Harrington (Founder of IoT Village, Executive Partner for Independent Security Evaluators, Author, Speaker, and Podcaster) examines the ongoing challenges and progress in IoT security, emphasizing how community initiatives, the hacker mindset, and business-oriented communication can drive real change in the industry. Ted and Phil Wylie discuss …

1
Valence Security’s Yoni Shohet on the growing risk tied to SaaS applications 33:52

2M ago33:52

33:52

Greg is joined in studio with Kemba Walden and Devin Lynch from the Paladin Global Institute about securing the future of AI. They break down the multilayered AI technology stack and highlight where systems are most at risk—from data poisoning to adversarial model extraction. We discuss the adequacy of today’s security standards, the evolving respo…

1
Intel471’s Will Dixon goes behind the scenes on the DanaBot takedown 32:40

2M ago32:40

32:40

This week, Greg talks to Will Dixon, Senior Intelligence Collection Manager for Intel471, about the lifecycle and takedown of DanaBot — one of the most notorious malware-as-a-service (MaaS) platforms of the last decade. We'll explore how DanaBot transformed from a banking trojan into a full-featured MaaS tool, capable of serving both criminal enter…

1
From Boardroom to Backend: Cybersecurity Tactics for Emerging Tech in Finance 33:34

2M ago33:34

33:34

Amy Chaney, SVP Technology, COO for Citi, shares a seasoned perspective on driving technological transformation and robust security in large financial institutions. The episode explores practical guidance for aligning business cases with emerging technologies like AI, highlights the importance of agile security policies, and emphasizes the critical…

1
DARPA’s Andrew Carney on AIxCC’s quest for truly autonomous AI 52:28

3M ago52:28

52:28

Greg Otto talks with Andrew Carney, project manager at DARPA, about the AIxCC competition. With the finals set to be held in August during DEF CON, they discuss how these autonomous systems fared in detecting and remediating vulnerabilities, as well as the key lessons learned from live exercises and the semifinals. The conversation highlights DARPA…

1
RSA CEO Rohit Ghai on the promise and peril of passkeys 41:19

3M ago41:19

41:19

Greg Otto talks with RSA CEO Rohit Ghai on the global shift toward passkeys and passwordless authentication. Together, they explore pressing issues including the differences between consumer and enterprise solutions, infrastructure vulnerabilities, regulatory challenges, and how emerging threats are evolving as passwordless adoption accelerates. Th…

1
Breaking In to Break Things: Practical Paths to Hardware Hacking and IoT Security 33:14

3M ago33:14

33:14

Hash Salehi, Reserve Engineer and Founder of RECESSIM, joins host Phillip Wylie to demystify the world of hardware hacking and security, highlighting niche but critical vulnerability research in IoT and embedded devices. Through recounting his own experiences, from customizing low-cost fault injection attacks on automotive microprocessors to revers…

1
MIND’s Eran Barak 33:55

3M ago33:55

33:55

Greg Otto talks with Eran Barak, CEO and co-founder of MIND, on the dramatic rise of insider threats in cybersecurity, exploring recent high-profile cases and the factors fueling this surge. He discusses which industries and data types are most at risk, how insider tactics have evolved, and practical strategies for organizations to detect and preve…

1
Bishop Fox’s Rob Ragan and Iron Man Suit for pen testers 30:08

3M ago30:08

30:08

Greg Otto talks with Rob Ragan, Principal Technology Strategist at Bishop Fox, as he shares his vision of building an “Iron Man suit” for human security testers that is shaping how AI is used in offensive cybersecurity. Rob dives into lessons learned from developing adaptive AI tools, the unique challenges and risks facing modern AI systems, and ef…

1
Real-World Cyber Threats in Healthcare: Balancing Tech, Training, and Human Safety 29:59

4M ago29:59

29:59

Cybersecurity in healthcare is facing heightened challenges as regulations shift, IoT devices proliferate, and ransomware attacks become increasingly devastating. Josh Spencer, Founder, and CIO at FortaTech Security and with over fifteen years in the field including time as CISO/CTO at UT Southwestern, explores why HIPAA changes are necessary, the …

1
Olivia Rose on why the CISO role may not be the pinnacle of security work 44:48

4M ago44:48

44:48

In this episode, Greg sits down with Olivia Rose, Founder and CISO of the Rose CISO Group, to talk about her role in "CISO: The Worst Job I Ever Wanted," a groundbreaking cybersecurity docuseries that reveals the real experiences of Chief Information Security Officers. This podcast uncovers the pressures, sleepless nights, and personal sacrifices t…

1
Semperis CEO Mickey Bresman on the power of tabletop exercises 35:07

4M ago35:07

35:07

In this episode, Greg sits down with Semperis CEO Mickey Bresman to explore how organizations can proactively prepare for cyber crises before they strike. The conversation centers on the power of tabletop exercises—simulated attack scenarios that test response plans, reveal hidden vulnerabilities, and build muscle memory across teams. Together, Gre…

1
Securing the Foundation: Cyber Strategy in the Age of Smart Infrastructure 31:12

4M ago31:12

31:12

Cybersecurity is redefined as a discipline for the curious and adaptable, with a focus on continuous learning, imagination, and embracing change. On location at the RSA Conference, host Phillip Wylie and Anand Singh discusses the evolving challenges of IoT and OT security, the rapid integration of AI, and how organizations must address overlooked e…

1
Expel CEO Dave Merkel on the impact of AI & Automation in modern SOCs 31:58

4M ago31:58

31:58

In this episode, we sit down with Dave Merkel, CEO of Expel to take an honest, practical look at how AI and automation are reshaping the modern Security Operations Center (SOC). Our discussion covers the most tangible changes in daily SOC operations since AI adoption, cutting through industry hype to reveal which claims deserve skepticism and which…

1
Recorded Future’s Alexander Leslie on the ‘MarkoPolo’ traffer team 32:57

4M ago32:57

32:57

In this episode, Greg talks with Alexander Leslie, Threat Intelligence Analyst for Recorded Future’s Insikt Group and his research on “Marko Polo” – a notorious cybercriminal empire that orchestrates an array of scams, primarily using infostealer malware. Discover how this sophisticated syndicate has victimized tens of thousands worldwide and raked…

1
Verizon’s Alex Pinto on the takeaways from the 2025 DBIR 38:42

5M ago38:42

38:42

On this episode of Safe Mode, Greg talks with Alex Pinto, Associate Director of Threat Intelligence at Verizon Business, as we unpack the key findings from this year’s Data Breach Investigations Report (DBIR). Pinto offers expert analysis on the most pressing cybersecurity trends impacting organizations worldwide—including ransomware’s dramatic spi…

1
Will Pearce on the ever-changing field of offensive AI security 40:34

5M ago40:34

40:34

In this episode, Greg talks with Will Pearce, CEO and Co-founder of Dreadnode about the rapidly evolving field of offensive AI security. Greg and Will discuss the unique challenges researchers face in testing AI models for vulnerabilities compared to traditional software, unveiling how adversarial attacks impact AI security and the ethical consider…

1
Identity, AI, and the Unseen Threats in Healthcare Cybersecurity – with vCISO Jason Taule 34:51

5M ago34:51

34:51

Healthcare IoT systems are increasingly targeted by cyber threats, necessitating a shift in strategy from isolated, organization-specific responses to a collaborative, ecosystem-wide approach. James McCarthy sits down with vCISO and 30-year information assurance and cybersecurity veteran Jason Taule. Taule brings important insights into the challen…

1
Lior Div on how security teams should be using AI agents 34:32

5M ago34:32

34:32

In this episode, Greg talks with Lior Div, co-founder and CEO of 7AI. Lior and Greg explore how security teams are being reinforced with AI Agents and identify the areas where CISO are embracing this technological shift to optimize their talent resources. We'll also discuss the specific security functions these agents are performing, including emai…

1
Ken Bagnall on how companies can work with governments to take down malicious infrastructure 32:38

5M ago32:38

32:38

In this episode, Greg Otto talks with Ken Bagnall, CEO of Silent Push Ken sheds light on the dynamics of the current cybercrime ecosystem. Ken reveals that a significant portion of the infrastructure is actually operated by affiliate networks using pre-existing technologies. During the discussion, Ken elaborates on how this ecosystem is fueled and …

1
Edera’s Alex Zenla on how to make cloud computing and AI secure-by-design 47:20

6M ago47:20

47:20

In this episode, Greg Otto talks with Edera co-founder and CTO Alex Zenla, charting her path from beginnings in Minecraft IRC channels to pioneering container isolation technology. Alex discusses her unique expertise in container security, GPU protection, and AI infrastructure, and how Edera is transforming the tech landscape with a commitment to b…

1
The Wild West of IoT: Hacking and Securing Devices with Matt Brown 34:30

6M ago34:30

34:30

Matt Brown, Hardware Security Researcher, Bug Bounty Hunter, and Founder of Brown Fine Security, leaves nothing to the imagination in this conversation with host Eric Johansen on the world of embedded devices and cybersecurity. Matt shares his journey from childhood tinkering to professional vulnerability research, offering insights into the comple…

1
Ep. 18 - Eliminating Human Errors w/ Patrick Thomas 1:13:26

6M ago1:13:26

1:13:26

What if AI-powered security could eliminate human errors in cybersecurity? Meet the founder making it happen. In this episode of Hackers to Founders, I sit down with Patrick Ben Thomas, the founder of NullZec and its advanced malware development division, Shadow Mask. Patrick shares his journey from early cybersecurity research to building a soluti…

1
Allie Bohan on how to handle the non-technical side of a ransomware attack 35:51

6M ago35:51

35:51

In this episode, Greg Otto talks with FTI Consulting’s Allie Bohan exploring the challenges organizations face in maintaining effective communication during cyberattacks. Allie and Greg uncover essential strategies for incidents, ensuring companies remain connected with stakeholders even when digital channels are compromised. We also talk on how to…

1
Discover’s Sunil Mallik on the ever-changing roles of the CISO 38:34

6M ago38:34

38:34

In this episode, Greg Otto talks with Sunil Mallik, the CISO of Discover Financial Services. Sunil shares his career path and the evolving challenges and responsibilities in cybersecurity, covering how he communicates with his board, strategic approaches to cybersecurity, and the importance of balancing technological investment with personnel train…

1
Chainguard’s Dan Lorenc on the next decade of software supply chain security 28:44

6M ago28:44

28:44

In this episode, Greg Otto talks with Dan Lorenc, CEO and co-founder of Chainguard. They explore the challenges organizations face with CVE management, where dealing with vulnerabilities often drains valuable engineering resources. They also discuss how new visualization tools are redefining this landscape by offering clear insights into CVE trends…

1
Virtru’s John Ackerly on how the feds are keeping data secure and interoperable 34:29

7M ago34:29

34:29

In this episode, Greg Otto talks with Virtru Co-founder and CEO John Ackerly , discussing the significance of open standards, the challenges and successes of implementing the Trusted Data Format across federal agencies, and the critical role of interoperability and compliance. John also gives us details on how close the country was to a national pr…

1
The Symbiosis of Tech and Nature: Securing Agriculture with Bill Lucas 42:53

7M ago42:53

42:53

In this episode, host Eric Johansen welcomes Bill Lucas, Senior Director of Cybersecurity at Mastronardi Produce, to explore the evolving security challenges in agricultural IoT. With over sixteen years of experience across the automotive, healthcare, and tech industries, Bill brings a deep understanding of enterprise risk management, endpoint secu…

1
Ep. 17 - How AI is Changing OSINT, Dark Web Investigations, and Fraud Detection w/ Zara Perumal 1:16:32

7M ago1:16:32

1:16:32

What if AI could predict and prevent cyber fraud before it happens? Meet the founder making it possible " On this episode of Hackers to Founders, we feature Zara Perumal, the CTO and co-founder of Overwatch Data. The episode explores Zara’s journey from an early fascination with computer science, influenced by her software developer father, to her …

1
FBI’s Cynthia Kaiser on Salt Typhoon’s ‘indiscriminate’ data collection 20:10

7M ago20:10

20:10

In this episode, you will hear Cynthia Kaiser, deputy assistant director in the bureau’s cyber division talk about the implications of the Salt Typhoon breach, which she spoke about during CyberScoop’s Zero Trust Summit. Kaiser characterized the breach as “a different level of insidiousness” from Beijing, one that reflects its “ambition and reckles…

1
Chainalysis’ Jackie Burns-Koven on the drop in ransomware payments 32:52

7M ago32:52

32:52

Greg Otto talks with Jackie Burns-Koven, Head of Cyber Threat Intelligence at Chainalysis. They discuss research from Chainalysis that shows a 35% drop in ransom payments over the second half of 2024. They also discuss the growing refusal of victims to pay ransoms and how attackers are adapting their tactics. Additionally, she highlights the influe…

1
Google’s John Hultquist on how APTs are using generative AI 27:17

7M ago27:17

27:17

Greg Otto talks with John Hultquist, Chief Analyst for Google Threat Intelligence Group. They explore the qualitative differences between AI-generated and human-crafted social engineering tactics, and discuss the technical limitations of AI when used by less sophisticated threat actors like those in North Korea. Additionally, the episode addresses …

1
IoT Lessons We Learned in 2024 10:11

8M ago10:11

10:11

What did 2024 teach us about securing the IoT and OT landscape? In this special 2024 lookback episode, Alex Nehmy, Asia Pacific CTO at Phosphorus, revisits impactful moments from industry experts and IoT Security Podcast guests, including Jason Taule, Patrick Gillespie, Sean Tufts, Michael Lester, Joel Goins, Khris Woodring, Mike Holcomb, and John …

1
Ep. 16 - The Birth of the CVE System, created by Adam Shostack 1:43:24

8M ago1:43:24

1:43:24

Who created the CVE system? That's Adam! In this insightful episode of "Hackers to Founders," host Chris REal0day Magistrado welcomes Adam Shostack, a renowned cybersecurity expert and co-creator of the Common Vulnerabilities and Exposures (CVE) system. Adam recounts his journey from a curious and geeky childhood, engaging in activities like D&D an…

1
Hugh Thompson on what the SEC got right (and wrong) with its cyber incident reporting mandate 43:16

8M ago43:16

43:16

Greg Otto talks with Hugh Thompson, Executive Chairman for RSAC Conference. Greg and Hugh discuss how the SEC's cyber disclosure regulations have fallen short of their intended purpose, failing to provide investors with enhanced transparency due to ongoing debates about materiality and insufficient market consequences. Additionally, they discuss th…

1
Gabrielle Hempel on AI regulation on the federal and state level 39:55

8M ago39:55

39:55

Greg Otto talks with Exabeam’s Gabrielle Hempel about the complex terrain of AI regulation at both the federal and state levels, offering a deep dive into the legislative challenges, and the balancing act of fostering innovation while protecting public interests. They also reflect on how public interaction with AI systems is shaping legislative eff…

1
Ep. 15 - CISO Lessons from Fox News, Point72, and Phosphorus with John Terrill 1:53:56

8M ago1:53:56

1:53:56

How do you defend Fox News, hedge funds, and global networks while building groundbreaking startups? John Terrill shares his journey. In this episode of Hackers for Founders, cybersecurity executive John Terrill shares his fascinating journey from a curious 12-year-old attending 2600 meetings in Atlanta to becoming a seasoned CISO and co-founder of…

1
Guidepoint Security’s Jason Baker on lessons learned from negotiations with ransomware groups 51:58

8M ago51:58

51:58

As we head into 2025, Greg talks with Jason Baker, a ransomware negotiator for Guidepoint Security, on how ransomware has shifted and evolved, and the challenges it poses for businesses and governments alike. Jason also sheds light on the top threat actors, the future of international regulations and where they might fall concerning the contentious…

1
Ep. 14 - From Education platform to Browser Isolation: The Birth of SquareX w/ Vivek Ramachandran 2:10:17

8M ago2:10:17

2:10:17

Vivek's passion for solving nuanced, bleeding-edge problems in cybersecurity led him to found SquareX, a browser-native security product that addresses client-side web attacks. He emphasizes the importance of authenticity, community engagement, and leveraging one’s expertise to create scalable solutions. Additionally, Vivek delves into the challeng…