Bare Metal Cyber

 In my conversation with Detective Richard Wistocki (Ret.), we talked candidly about a reality that many school leaders and law enforcement professionals already feel in their bones: online threats are constant, confusing, and often paralyzing. This Cyber Talk, developed by BareMetalCyber.com, focuses on what it really takes to track school swatters and potential shooters through “leakage” in social media and online platforms, and then turn that information into timely, lawful action. If you are looking at the video above, this article is here to frame the big ideas and give you a reason to hit play. 

In this episode, you’ll learn how to transform a traditional, forgettable tabletop exercise into something unforgettable: a telenovela. We explore how to recast roles as characters with motives, build dramatic arcs with twists and cliffhangers, and use realistic props to make your IR plan come alive. Instead of walking through checklists, you’ll hear how to stage a story your team will actually remember when a real breach occurs.You’ll also discover the skills that improve when training shifts from paperwork to drama. From sharper communication under pressure, to quicker decision-making, to cross-functional empathy, the tabletop telenovela strengthens instincts that no binder can teach. It turns compliance drills into lived experiences, building resilience through memory and story.Produced by BareMetalCyber.com.

Patch and update management rarely makes headlines, but it quietly determines how exposed your environment really is. In this audio Insight, we walk through the foundations of a solid patch and update management practice, from intake of vendor advisories and scan results through testing, change windows, rollout, and verification. You will hear how this discipline sits between security, operations, and the business, and why predictable patch rhythms do more for real-world risk reduction than one-off fire drills or heroic weekend upgrades.You will also explore everyday patterns that teams use to keep systems current, from quick-win cycles in smaller environments to more risk-driven, strategic approaches in larger estates. Along the way, we unpack the trade-offs around downtime, tooling, skills, legacy systems, and culture, and highlight the warning signs of shallow adoption versus the healthy signals of a mature practice. This narration is developed by Bare Metal Cyber and based on the Tuesday “Insights” feature from Bare Metal Cyber Magazine.

This episode takes you inside the world of the Certified Information Security Manager (CISM), a certification that helps professionals grow from hands-on security work into roles that shape programs, policies, and risk decisions. In clear, beginner-friendly language, the narration explains what CISM is, who it is really for, and how it changes the way you think about governance, risk management, and incident response. The story is developed from my Monday “Certified” feature in Bare Metal Cyber Magazine, so you get a structured walkthrough rather than a loose collection of tips. You will hear how the CISM exam actually tests your judgment through real-world style scenarios, what kinds of responsibilities it supports in the workplace, and where it fits in a long-term security career path. The episode also helps you understand whether a management-focused certification is the right move for your current stage, or a goal to aim for later. If you want to go deeper and turn this overview into a full study plan, you can pair the episode with the dedicated CISM audio course inside the Bare Metal Cyber Audio Academy.

In my Cyber Talks conversation with Craig Taylor the co-founder and CEO of CyberHoot, we dive into a problem that is evolving faster than most organizations can keep up: phishing in the age of agentic AI. Cyber Talks, developed by BareMetalCyber.com, is all about learning from practitioners who are pushing the field forward, and Craig has spent three decades on the front lines of security, risk, and cyber literacy. If you lead security, IT, or risk, the video above is worth a careful watch—because the phishing problem you think you have is not the one you’re actually facing today.