Security Unfiltered

Send us a text We trade last‑minute schedules and kid chaos for a deep dive into how modern phones leak data, why “Ask App Not to Track” isn’t enforcement, and what a third platform built for privacy and free speech looks like. Joe shares his Apple-to-Unplugged journey, the Raxxis findings, and practical features that make privacy usable. • zero‑to‑one background from Nomi acquisition to Apple services • motivation for a third platform beyond Apple and Google • Raxxis test revealing 3,400 sessions and 210,000 packets in one hour • third‑party data brokers, pattern‑of‑life risks, Fourth Amendment gaps • layered threat model from passive tracking to seizure and signals • emergency reset, false PIN wipe, and hardware battery cut‑off • first‑party vs third‑party privacy and ecosystem incentives • “Ask App Not to Track” as preference vs permission • Time Away to reduce engagement and regain attention • firewall, USB data blocking, 2G limits, Bluetooth controls • camouflaged VPN and operational noise in repressive networks • app compatibility layer and broader app sourcing without Google • clear business model: hardware and subscriptions, no data sale PodMatch PodMatch Automatically Matches Ideal Podcast Guests and Hosts For Interviews Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text David Brockler, AI security researcher at NCC Group, explores the rapidly evolving landscape of AI security and the fundamental challenges posed by integrating Large Language Models into applications. We discuss how traditional security approaches fail when dealing with AI components that dynamically change their trustworthiness based on input data. • LLMs present unique security challenges beyond prompt injection or generating harmful content • Traditional security models focusing on component-based permissions don't work with AI systems • "Source-sink chains" are key vulnerability points where attackers can manipulate AI behavior • Real-world examples include data exfiltration through markdown image rendering in AI interfaces • Security "guardrails" are insufficient first-order controls for protecting AI systems • The education gap between security professionals and actual AI threats is substantial • Organizations must shift from component-based security to data flow security when implementing AI • Development teams need to ensure high-trust AI systems only operate with trusted data Watch for NCC Group's upcoming release of David's Black Hat presentation on new security fundamentals for AI and ML systems. Connect with David on LinkedIn (David Brockler III) or visit the NCC Group research blog at research.nccgroup.com. Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Art Poghosyan shares his journey from IT security consultant to CEO of Britive, a cloud-native identity and access management company. His experience during economic downturns shaped his understanding of how cybersecurity services remain resilient through various market cycles. • Started in IT security right after completing a master's in technology risk management • Worked with early IAM solutions including LDAP directories, SSO, and authentication systems • Founded Advanced Technology Solutions focusing on IAM implementation services • Identified growing challenges with traditional IAM solutions in cloud environments • Created Britive to address cloud-native identity management challenges • Witnessed explosion of machine identities in cloud environments creating security risks • Now focused on securing new identity types including AI and agentic identities • Cybersecurity consulting proves relatively recession-proof as security needs persist in both growth and contraction • Capital One AWS breach highlighted risks of excessive privileges in cloud environments • Current focus includes securing agent-to-agent interactions in AI systems Connect with Art on LinkedIn or email him at art@britive.com to learn more about Britive's solutions for cloud and AI identity challenges. 😇 Affiliates and Paid Promotions 😇 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ➡️ OffGrid Faraday Bags: https://offgrid.co/?ref=gabzvajh ➡️ OffGrid Coupon Code: JOE ➡️ Unplugged Phone: https://unplugged.com/ Unplugged's UP Phone - The performance you expect, with the privacy you deserve. Meet the alternative. Use Code UNFILTERED at checkout *See terms and conditions at affiliated webpages. Offers are subject to change. These are affiliated/paid promotions. Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Ted Harrington shares insights about achieving difficult goals through disciplined habits rather than relying on fleeting inspiration. He explains how the hacker mindset—being curious, non-conforming, committed, and creative—can help anyone overcome challenges and find overlooked opportunities. • Breaking big goals into smaller, manageable pieces makes difficult tasks achievable • Inspiration only gets you started; habits and consistency are what help you finish • The four traits of the hacker mindset: curiosity, non-conformity, commitment, and creativity • Focus on genuinely helping others rather than self-promotion in professional interactions • Applying the hacker mindset can reveal opportunities others miss in any field • AI is changing both attack and defense strategies in cybersecurity, but fundamental principles remain the same Check out Ted's new book "Inner Hacker" to learn how to apply the hacker mindset to achieve your own goals and find hidden opportunities in your life. Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Artificial intelligence is developing at unprecedented speed, becoming a transformative force that may rival nuclear technology in its impact on human civilization. The rapid evolution of AI capabilities presents both extraordinary opportunities and profound challenges that we're only beginning to understand. • AI development is accelerating faster than any previous technology, with research papers becoming outdated within weeks or months • Current AI systems function primarily as prediction engines rather than truly conscious entities, despite sometimes exhibiting behaviors that appear sentient • Companies often implement AI solutions without clearly understanding the problems they're trying to solve or the technology's actual capabilities • AI regulation is developing globally, with the EU currently leading efforts to establish comprehensive frameworks and security standards • Most organizations will benefit more from using AI to augment human capabilities rather than attempting to replace workers entirely • The cybersecurity job market has become increasingly competitive, with automation making application processes more challenging for job seekers • When looking for jobs on LinkedIn, changing the URL parameter from 84,000 to 3,600 helps find postings from the last hour instead of the last 24 hours Connect with Chris Cochran on LinkedIn to learn more about his work in AI and cybersecurity or to request assistance with making connections in the field. Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Grant McCracken shares his groundbreaking PhD research on satellite security, revealing how vulnerable our orbital infrastructure is to cyberattacks and the urgent need for better security measures before quantum computing renders current encryption obsolete. • Satellites face unique security challenges with limited patching windows of only 15 minutes during orbit • Most satellites run on outdated technology with numerous vulnerabilities that can allow complete takeover • A real-world attack in 2022 showed how Russia could penetrate ground stations and control entire satellite constellations • Post-quantum encryption will be essential within 5-10 years according to global experts • CubeSats (small satellites) can be purchased and tested by anyone, creating both research opportunities and security risks • Bug bounty programs provide unique opportunities for security researchers to specialize and potentially earn substantial rewards • Zero trust principles must be applied to satellite security before launch since patching in orbit is extremely difficult • The infrastructure dependent on satellites includes GPS, cellular communications, and financial transactions You can find Grant on LinkedIn by searching "Grant McCracken Dark Horse" or contact him directly at grant@darkhorsesh.com. His company Dark Horse Security helps organizations at all budget levels improve their security posture, including pro bono work for those who cannot afford security services. Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text In this episode, we delve into the transformative journey of artificial intelligence and its profound impact on job markets worldwide. From automation to innovation, AI is reshaping industries, creating new opportunities, and challenging traditional employment paradigms. Join us as we explore how AI is redefining work, the skills needed for the future, and the balance between technological advancement and human potential. Tune in to understand the dynamics of this AI-driven era and what it means for the workforce of tomorrow. 00:00 The Journey of Persistence 02:46 The Importance of Personal Branding 05:04 Navigating the AI Landscape 10:26 The Future of Work and AI Displacement 15:42 Ethics and Governance in AI 20:54 The Power and Risks of AI Technology 25:32 The Complexity of AI Threats 29:14 The AI Arms Race 32:52 Human Value in an AI-Driven World 37:35 The Reliability of AI as a Fact Checker 39:56 Understanding AI Bias and Transparency 47:49 Navigating AI Governance and Security Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: / @securityunfilteredpodcast Instagram: / @secunfpodcast Twitter: / @secunfpodcast Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Carlos Corrador shares his journey from aspiring lawyer to founding Condor Agency, a specialized marketing firm for B2B tech services companies. We explore how deep specialization, personal branding, and adapting to AI are critical for survival in today's rapidly changing business landscape. • Started as a sports journalist in Venezuela before discovering digital marketing through website building • Moved to Chicago for a master's in digital marketing before founding Condor Agency • Specializing in a niche is crucial - "the riches are in the niches" • Marketing effectively requires understanding who your ideal customer is before investing in campaigns • Personal branding requires focusing on an industry or specific topic where you can provide unique insights • Content should provide deeper value than what people can get from ChatGPT • The "crawl, walk, run" approach ensures businesses build proper foundations before scaling marketing efforts • Paid promotion of specialized content can put you in front of decision-makers who would never find you organically • With AI disrupting traditional roles, specialists will survive while generalists may struggle • Focusing on what AI cannot yet do well positions you to thrive during technological disruption Find Carlos at condoragency.com or connect with him on LinkedIn. Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Sergey Novikov shares his fascinating journey from early days at Kaspersky Lab through his evolution as a malware analyst and cybersecurity expert, offering unique insights into the changing threat landscape and ethical considerations of security research. • Started at Kaspersky in 2002 when it was a small startup with fewer than 100 employees • Applied mathematics background led to research correlating human epidemic models with computer virus propagation • Worked as a "woodpecker" malware analyst detecting threats 24/7 • Became part of Kaspersky's elite Global Research and Analysis Team (GREAT) • Team took pride in identifying APTs regardless of national origin to protect customers worldwide • Described security researchers as "paleontologists" uncovering complex digital threats • Participated in analysis of sophisticated threats like Stuxnet requiring specialized knowledge • Left Kaspersky in 2022 after Russia-Ukraine conflict began • Transitioned to pharmaceutical industry cybersecurity before joining CyberProof • Observes modern threats have blurred lines between nation-state actors, cybercriminals and hacktivists • Believes cybersecurity professionals must maintain perpetual learning mindset • Recommends self-learning and hands-on experience for aspiring security researchers • Notes AI is enabling more agile, automated attacks rather than quantum computing threats Connect with Sergey on LinkedIn or visit cyberproof.com to learn more about their security services and research blog. Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text SaaS platforms represent a significant security blind spot for many organizations, with misconceptions about the shared responsibility model leaving sensitive data vulnerable to exposure. Aaron Costello, Chief of SaaS Security Research at AppOmni, shares insights from his research uncovering five zero-day vulnerabilities in Salesforce Industry Clouds and explains why SaaS security requires specialized expertise. • Security teams often mistakenly believe SaaS vendors are fully responsible for security • The shared responsibility model means customers must secure their own configurations and customizations • Nearly a third of Salesforce customers use Industry Cloud solutions, which were found to contain significant vulnerabilities • Agentic AI introduces new security challenges requiring strict access control implementation • AppOmni provides visibility by connecting to SaaS platforms and analyzing security metadata • Effective SaaS security requires collaboration between platform administrators and security teams • Acquisition scenarios create particular security challenges when integrating new technologies • The most effective approach combines administrative knowledge with security expertise If you're interested in learning more about SaaS security or accessing the full Salesforce Industry Clouds research paper, visit appomni.com and check out the AO Labs section of their blog. Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods. Listen on: Apple Podcasts Spotify Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Cybersecurity expert Bob Kochan from Beyond Identity discusses the evolution of security from network defense to identity-first approaches. He shares insights on how AI is transforming security operations while creating new threat vectors, emphasizing the need for phishing-resistant authentication solutions in today's threat landscape. • Traditional security focused on network layers, but SaaS adoption exposed vulnerable identity systems • Zero Trust architecture must start with device-level security and extend through the entire authentication chain • AI will augment rather than replace security professionals, making systems-thinkers 10x more effective • Government agencies are often driving cybersecurity innovation faster than private industry • Security solutions must prioritize usability or users will inevitably find workarounds • Legacy MFA solutions are insufficient against modern attack methods like phishing and deepfakes • Security should be designed into systems from the start rather than bolted on as "security through configuration" • Nation-state funded threat actors have created their own innovation ecosystem rivaling private sector development • Beyond Identity offers phishing-resistant authentication that eliminates password vulnerabilities Check us out at beyondidentity.com or visit us at our booth at Black Hat this year. 00:00 The Entrepreneurial Spirit 02:35 Passion and Problem-Solving in Startups 05:12 The Evolution of Cybersecurity 07:49 AI's Impact on Security 10:19 The Role of Engineers in Cybersecurity 12:51 AI and the Future of Cybersecurity 15:16 Research and AI Tools in Cybersecurity 22:05 The Impact of AI on Employment Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods. Listen on: Apple Podcasts Spotify Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Aksa Taylor shares her journey from electrical engineering to cybersecurity, highlighting how curiosity and focused passion can open unexpected career doors in the security industry. • Finding specific interests within cybersecurity rather than trying to "get into security" broadly • Building a personal brand through knowledge sharing and community contributions • Quantum computing's progression from theoretical to practical applications in security • The challenges posed by unrealistic job descriptions and automated filtering systems • How AI capabilities create both opportunities and new risks for security teams • Weighing the tradeoffs between established security vendors and innovative startups • The critical importance of customer support quality when evaluating security solutions • Community-building as a foundational element of the security profession Abstract Security recently published a free community resource book called "Applied Security Data Strategy" for those interested in security data operations. Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods. Listen on: Apple Podcasts Spotify Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Ric Prado shares his remarkable journey from Cuban refugee to CIA Senior Operations Officer, revealing how being separated from his parents at age 8 during Castro's revolution eventually led him to America where he found purpose in military service and intelligence work. • Escaped Cuba at age 8 through Operation Peter Pan, sent alone to a Colorado orphanage • Joined Air Force Pararescue (PJs), enduring brutal training that forged his determination and resilience • Transitioned to CIA where his Spanish language skills and paramilitary background made him uniquely valuable • Spent three years in Contra camps fighting against the same communist forces that drove him from Cuba • Co-founded the Bin Laden Task Force in 1996, gathering intelligence on threats before most knew the name • Served as Chief of Operations at the CIA Counterterrorism Center during 9/11 • Wrote his memoir "Black Ops" to honor fallen colleagues and correct misconceptions about the CIA Find Ric Prado's book and more information at www.ricprado.com PodMatch PodMatch Automatically Matches Ideal Podcast Guests and Hosts For Interviews Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods. Listen on: Apple Podcasts Spotify Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text PodMatch PodMatch Automatically Matches Ideal Podcast Guests and Hosts For Interviews Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods. Listen on: Apple Podcasts Spotify Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Anurag Lal discusses the critical importance of quantum-resistant encryption for enterprise messaging and the urgent need for organizations to prepare for the coming quantum computing revolution that will render current encryption methods obsolete. • Anurag's extensive background in technology from Apple to Sprint and participation in the National Broadband Task Force • How mobile messaging has infiltrated enterprises without proper security consideration • Consumer messaging apps were never designed to be secure, controlled by IT, or regulatory-compliant • What "true end-to-end encryption" means and why most platforms claiming it actually decrypt messages in transit • The concept of "Q-Day" - when quantum computers will break current encryption methods • Biden administration's executive order mandating quantum-resistant encryption by 2028 • How cyber capabilities have been weaponized by nation-states, creating unprecedented threats • AI-powered phishing attacks becoming increasingly sophisticated, including voice cloning • The importance of implementing quantum-proof encryption now rather than waiting • Netsphere's approach to quantum-resistant security for enterprise messaging Find Anurag on LinkedIn (Anurag Lal) and learn more about Netsphere at netsphere.com Chapters 00:00 Introduction and Background of Anurag Lal 05:52 Netsphere: A Solution for Secure Enterprise Messaging 12:08 The Importance of Encryption and Quantum Security 18:03 Apple's Approach to Security and Personal Experiences 28:34 Security Perspectives: Apple vs. Android 35:46 The Urgency of Quantum Security 43:10 Access Control: The Weakest Link in Security 49:42 AI in Phishing: A Real-World Example Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods. Listen on: Apple Podcasts Spotify Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Security is increasingly viewed as a strategic business advantage rather than just a necessary cost center. The dialogue explores how companies are leveraging their security posture to gain competitive advantages in sales cycles and build customer trust. • Taylor's journey from aspiring physical therapist to cybersecurity expert through a chance college course • The importance of diverse experience across different security domains for career longevity • How healthcare organizations have become prime targets due to valuable data and outdated security • The emerging AI arms race creating unprecedented security challenges and opportunities • Voice cloning technology enabling sophisticated social engineering attacks, including an almost successful $20 million fraud • Emerging trends in security validation with tools pulling data directly from security systems • The shift from viewing security as a cost center to leveraging it as a sales advantage • Why enterprises are driving security standards more effectively than regulators Eden Data provides outsourced security, compliance, and privacy services for technology companies at all stages, from pre-revenue startups to publicly traded enterprises, helping them build robust security programs aligned with regulatory frameworks and customer expectations. Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods. Listen on: Apple Podcasts Spotify Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Ihab Shraim shares his expertise on domain security and why it represents the "missing chapter" in modern cybersecurity strategy. We explore how AI is accelerating cyber threats from years to weeks and why protecting your online presence is more critical than ever. • Domain security is often overlooked despite being critical to an organization's reputation and online presence • Over 93% of security professionals can't identify their company's domain registrar or DNS provider • Modern cyber criminals are sophisticated organizations who target "soft targets" rather than heavily defended perimeters • AI-powered tools like FraudGPT and WormGPT enable custom malware creation for as little as $200 on the dark web • Voice cloning and deepfake technologies are being used in increasingly convincing social engineering attacks • Zero Trust architecture and layered security approaches are essential for comprehensive protection • Blended attacks targeting multiple systems simultaneously represent the future of cyber warfare • Reputation management encompasses domain protection, brand abuse prevention, and counterfeit detection • Personal data protection requires vigilance about what you share online and implementing proper security at home • Companies must have actionable response plans, not just detection capabilities Connect with Ihab Shraim on LinkedIn or email him at ihab.shraim@cscglobal.com to learn more about domain security and protecting your online presence. Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods. Listen on: Apple Podcasts Spotify Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods. Listen on: Apple Podcasts Spotify Root.io Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you. Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text In this episode, Joe sits down with John Carse, Field CISO at SquareX, to dive into the often-overlooked world of browser security and the evolving landscape of cybersecurity. Recorded despite a 12-hour time difference (Singapore to the US!), John shares: The Browser Security Gap: Why 85% of user time in browsers is a growing risk for SaaS and cloud environments . SquareX’s Solution: How SquareX acts as an EDR for browsers, detecting and responding to threats like polymorphic extensions . Career Journey: From early IT days to field CISO, John reveals how foundational IT skills (help desk, field services) make better cyber professionals . Real-World Insights: Lessons from working with the US Navy and the importance of understanding IT systems for effective cybersecurity . Check Your Browser Security: Visit SquareX Browser Security to assess your controls. Learn More About SquareX: Explore their solution at sqrx.com. Connect with John: Find him on X @JohnCarse Chapters 00:00 Introduction and Time Zone Challenges 02:54 John Carse's Journey into IT 06:05 Transitioning to Cybersecurity 08:46 The Importance of Customer Service in IT 11:36 Formative Experiences in Help Desk and Field Services 14:35 Understanding IT Systems for Cybersecurity 23:51 The Interplay Between IT Skills and Cybersecurity 24:41 The Role of Security Engineers in IT 28:43 Understanding the Complexity of Cybersecurity 29:33 Exploring the Field CISO Role 32:55 The Browser as a Security Frontier 42:07 Challenges in SaaS Security 46:20 The Importance of Browser Security Awareness Subscribe for more cybersecurity insights and career tips! Share your thoughts in the comments—how are you securing your browser? Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast

Send us a text Join Joe as he reconnects with Matthew Alderman, Chief Product Officer at CyberSaint, in this insightful episode of the podcast! With over 250 episodes under his belt, Joe dives deep with Matthew, a cybersecurity veteran, podcast host, and advisor, to explore: CyberSaint’s Game-Changing Approach: How CyberSaint uses historical loss data to revolutionize cyber risk quantification, helping CISOs justify budgets with real financial metrics. Career Insights: Matthew shares his journey, from running startups to advising new ventures, and how he balances multiple roles (CPO, podcast host, advisor, and family man). Leadership & Communication: Why CISOs need to speak the language of business to earn a seat at the boardroom table. Practical Tips: Advice on avoiding burnout, building a mentorship network, and leveraging your personal brand in cybersecurity. Free Cyber Risk Analysis: Visit CyberSaint.io to benchmark your organization’s cyber risk against industry peers. Connect with Matthew: Find him on LinkedIn Matthew Alderman or X @Maldermania Listen to Matthew’s Podcast: Check out Business Security Weekly at securityweekly.com/BSW. Chapters 00:00 Reconnecting and Reflecting on Podcasting Journey 02:19 Balancing Multiple Roles and Responsibilities 05:44 The Importance of Personal Well-being 07:53 Career Goals and Retirement Aspirations 10:31 Integrating Consulting and Podcasting 11:55 The Value of Mentorship in Professional Growth 15:02 Building Trust and Reputation in Networking 16:39 Leveraging Podcasting for Career Opportunities 18:20 Innovations in Cyber Risk Management 23:07 Integrating Risk and Control Data 25:30 The Importance of Risk Quantification 28:33 Communicating Cyber Risk to the Board 30:41 CISO's Role in Business Strategy 33:03 Free Cyber Risk Analysis Offering 36:20 Customizing Risk Models 39:58 Real-Time Risk Monitoring 42:24 Targeting Public Companies for Cyber Risk Solutions 45:14 Closing Thoughts and Future Directions Subscribe for more cybersecurity insights, leadership tips, and industry trends! Drop your thoughts in the comments below—how do you approach cyber risk in your organization? Support the show Follow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/ Twitter: https://twitter.com/SecUnfPodcast