Security by Default

In this episode, Fernando Montenegro shares his journey into the cybersecurity industry, insights on industry analysis, and the evolving trends shaping cybersecurity today. Discover how analysts bridge the gap between vendors, buyers, investors, and academia, and learn practical tips for engaging effectively with industry experts.

key Takeaways
Role of industry analysts in cybersecurity
Emerging trends in cybersecurity including AI and attack surface expansion
Effective engagement with analysts for decision support
Strategic cybersecurity budgeting and investment
Influence of economics and incentives on security decisions

sound bites
"Understanding what's going on in the world"
"Good enough security can be effective"
"Workload AI versus workforce AI"

Chapters
00:00 Introduction to Security by Default Podcast
00:53 Fernando Montenegro's Origin Story
05:16 The Role of an Industry Analyst
08:55 Maximizing Value from Analyst Interactions
13:16 Understanding AI in Conversations
15:44 Choosing the Right Solutions
16:40 Decision-Making in Technology and Business
17:13 Trends in Cybersecurity and AI
18:26 Understanding Workload vs. Workforce AI
19:40 The Evolving Role of Security Professionals
21:43 The Strategic Importance of Cybersecurity
23:58 Incentives and Decision-Making in Security
25:53 The Shift Left Approach in Development
27:16 Budgeting for Cybersecurity Investments
30:47 Navigating Cybersecurity Budgets
32:26 Engaging with Analysts and Staying Informed
34:33 Curating Information in a Data-Driven World
36:55 Balancing Operational and Strategic Insights
37:51 Connecting with Analysts and Final Thoughts

Resources
LinkedIn Profile of Fernando Montenegro - https://www.linkedin.com/in/fsmontenegro/
Futurum Group - https://futurumgroup.com/
Obsidian Knowledge Management System - https://obsidian.md/
Book: Why Most Security Budgets Go to Waste by Ross Young - https://a.co/d/02BZPwdO

Join cybersecurity expert Joseph Carson and guest Gary as they explore innovative ways to make cybersecurity engaging, fun, and accessible. Discover how humor, storytelling, and community involvement can transform the industry and attract new talent.

Chapters
00:00 Welcome to the Cybersecurity Chaos
02:32 From Fear to Fun in Cybersecurity
05:27 The Journey of a Cyber Advocate
08:09 The Importance of Community and Collaboration
10:45 Bringing Laughter Back to Cybersecurity
13:13 Rebranding Cybersecurity for New Talent
16:00 The Power of Words in Cybersecurity
18:43 Innovative Approaches to Cyber Awareness
21:29 Lessons from Kids: Simplifying Cybersecurity
24:39 The Inner Child and Cognitive Dissonance
26:40 Gamification and Learning Innovations
28:19 Storytelling in Cybersecurity
29:15 Cybersecurity Starts at Home
30:36 Community Engagement and Employee Connection
32:14 The Importance of Acknowledgment
34:13 Finding Joy in Everyday Life
35:11 Humor as a Coping Mechanism
40:04 The Power of Positive Thinking
45:02 Mission Accomplished: Fun and Safety

Resources
Cyber Heroes Comics - https://cyberheroescomics.com/
Gary's LinkedIn Profile - https://www.linkedin.com/in/gary-berman/

Join Joseph Carson in this insightful episode as he interviews cybersecurity expert Chris Kubecka. They discuss critical infrastructure security, cyber warfare, geopolitical risks, and the evolving landscape of digital threats, providing valuable lessons for cybersecurity professionals and policymakers.
Key Topics
Cybersecurity in critical infrastructure
Geopolitical cyber threats and hybrid warfare
Evolving landscape of digital threats and resilience

Sound bites
"GPS jamming has been a massive challenge."
"Digital Empires: China, Europe, and the US."
"Radio communications are a vital fallback."

Chapters
00:00 Introduction and Background of Chris Kubecka
01:37 Cybersecurity Challenges in Critical Infrastructure
03:37 Evolving Nature of Cyber Threats
05:45 The Role of Drones in Modern Warfare
07:25 Hybrid Warfare and Global Diplomacy
10:10 The Shift in Global Cybersecurity Dynamics
12:18 The Importance of International Cooperation
14:33 Privacy and Ethics in Cybersecurity
16:50 Historical Context and Regional Cooperation
18:55 Cyber Attacks on Civilian Infrastructure
22:04 Personal Experiences in Estonia
24:10 Geopolitical Tensions and Cybersecurity
25:52 Challenges in Maritime Connectivity
28:16 Critical Infrastructure Vulnerabilities
30:22 The Role of Radio in Authoritarian Regimes
33:43 International Maritime Law and Cybersecurity
37:46 Recent Projects and Activism in Cybersecurity
39:51 Staying Informed in a Rapidly Changing Landscape

Resources
Chris Kubecka's LinkedIn - https://www.linkedin.com/in/chriskubecka/
Field Tested: How to Hack a Modern Dictatorship with AI - https://www.amazon.com/dp/B0C7F4XYZ

In this episode of the Security by Default podcast, host Joe Carson speaks with Ian Austin, co-founder of Pwned Labs, about his journey in cybersecurity, the evolution of learning in the field, and the challenges of Cloud and AI security. Ian shares insights on transitioning into cybersecurity roles, the importance of community engagement, and the need for continuous learning in an ever-evolving industry. They discuss the significance of gamification in training and the current trends in cloud security, emphasizing the importance of hands-on experience and collaboration.
Key Takeaways
Ian Austin is a co-founder of Pwned Labs, specializing in cloud and AI security training.
His journey in cybersecurity began with help desk roles and evolved into penetration testing.
Creating content is a great way to learn and contribute to the community.
Cloud security presents unique challenges that require ongoing education and adaptation.
Gamification in training enhances engagement but should not overshadow practical learning.
Community involvement is crucial for personal and professional growth in cybersecurity.
Transitioning into security roles can be done from various backgrounds, including sysadmin and help desk.
Continuous learning is essential in the fast-paced cybersecurity landscape.
Mentorship can significantly impact career development and confidence.
Cloud security is a growing field with increasing demand for skilled professionals.

sound bites
"Learning is a great way to learn."
"Community is a powerful thing."
"Cloud is hard to secure."

Chapters
00:00 Introduction to the Podcast and Guest
00:40 Ian Austin's Journey in Cybersecurity
06:40 Transitioning into Security Roles
10:54 Evolution of Learning in Cybersecurity
16:19 The Importance of Community in Learning
22:58 Challenges in Cloud Security
28:46 Staying Updated in the Cybersecurity Field

Resources:
https://pwnedlabs.io/
https://www.linkedin.com/in/ian-austin/

In this episode of the Security by Default podcast, host Joe Carson welcomes Evil Mog, an expert in password cracking and cybersecurity. They discuss the importance of Hacker Jeopardy in making cybersecurity fun, the ongoing challenges with passwords, and the evolving role of AI in password cracking. The conversation also touches on incident response, the significance of documentation, and the future trends in cybersecurity, including the shift towards passwordless authentication and the impact of AI on both attackers and defenders.
Takeaways
Hacker Jeopardy is a fun way to engage with cybersecurity.
Teaching others helps reinforce your own knowledge.
Passwords will remain a necessary evil in security.
AI is enhancing password cracking methodologies.
Documentation is crucial in incident response.
The cost of hacking is increasing due to advanced techniques.
Collaboration between red and blue teams is essential.
Insider threats are on the rise in cybersecurity.
Password management is fundamentally an asset management issue.
Future trends indicate a shift towards passwordless authentication.

Sound bites
"Teaching helps you learn better."
"Security is about enabling the business."
"The cost of hacking is rising."

Chapters
00:00 Introduction to Evil Mog and Hacker Jeopardy
02:37 The Importance of Community and Teaching in Cybersecurity
05:22 Password Security: The Louvre Incident
07:59 The Evolution of Authentication Methods
10:35 Challenges in Asset Management and Password Management
13:15 Operational Technology (OT) Security Challenges
15:53 The Role of Documentation in Cybersecurity
18:42 AI in Cybersecurity: Automation and Password Recovery
21:52 AI in Password Cracking
24:56 Enhancing Human Capabilities with AI
27:18 The Evolution of Cybercrime
30:02 Trends and Predictions for Cybersecurity
34:41 Collaboration in Cybersecurity
37:24 The Future of Cybercrime and AI
40:59 Connecting with Evil Mog