Security by Default

In this special edition recorded live at RSA Conference, Joseph Carson is joined by Gerasimos Marketos (gmar), Chief Product Officer at Hack The Box.
They explore how AI is reshaping cybersecurity skills, why traditional education is struggling to keep up, and how hands-on platforms are redefining how defenders and ethical hackers are trained. From real-world fraud detection to AI-powered CTF competitions, this episode dives into the evolving relationship between humans and machines in cybersecurity.

🔑 Key Themes & Topics
AI vs Humans in cybersecurity competitions
Why AI is an accelerator, not a replacement
The evolution from traditional training → hands-on gamified learning
Closing the cybersecurity skills gap
Red, Blue, and Purple team upskilling
AI governance, risk, and agentic threats
The future of cybersecurity careers and hiring

⏱️ Chapters
00:00 – Introduction & RSA Conference insights
02:00 – GMar’s journey: Data → Fraud → Cybersecurity
06:30 – Who and What is Hack The Box?
10:30 – AI vs Humans: CTF research findings
13:00 – AI as a productivity multiplier
15:30 – Real-world example: AI winning competitions
16:00 – RSAC trends: AI everywhere
17:00 – AI governance & emerging risks
18:00 – AI for security vs security for AI
19:00 – Staying relevant in cybersecurity

🚀 Hack The Box Explained
Hack The Box is a cybersecurity upskilling platform offering:
🎓 Academy – Structured learning paths
🧩 Challenges & Labs – Hands-on environments
🏁 CTFs (Capture The Flag) – Competitive exercises
🏢 Pro Labs – Enterprise-scale simulations
🔎 Talent Search – Connecting skilled professionals with employers

It supports:
Red Teams (Offense)
Blue Teams (Defense)
Purple Teams (Collaboration)

Resources:
https://www.hackthebox.com/
https://www.linkedin.com/in/gmarketos/
https://www.hackthebox.com/ai-augmented-cyber-workforce-report

In this episode, Fernando Montenegro shares his journey into the cybersecurity industry, insights on industry analysis, and the evolving trends shaping cybersecurity today. Discover how analysts bridge the gap between vendors, buyers, investors, and academia, and learn practical tips for engaging effectively with industry experts.

key Takeaways
Role of industry analysts in cybersecurity
Emerging trends in cybersecurity including AI and attack surface expansion
Effective engagement with analysts for decision support
Strategic cybersecurity budgeting and investment
Influence of economics and incentives on security decisions

sound bites
"Understanding what's going on in the world"
"Good enough security can be effective"
"Workload AI versus workforce AI"

Chapters
00:00 Introduction to Security by Default Podcast
00:53 Fernando Montenegro's Origin Story
05:16 The Role of an Industry Analyst
08:55 Maximizing Value from Analyst Interactions
13:16 Understanding AI in Conversations
15:44 Choosing the Right Solutions
16:40 Decision-Making in Technology and Business
17:13 Trends in Cybersecurity and AI
18:26 Understanding Workload vs. Workforce AI
19:40 The Evolving Role of Security Professionals
21:43 The Strategic Importance of Cybersecurity
23:58 Incentives and Decision-Making in Security
25:53 The Shift Left Approach in Development
27:16 Budgeting for Cybersecurity Investments
30:47 Navigating Cybersecurity Budgets
32:26 Engaging with Analysts and Staying Informed
34:33 Curating Information in a Data-Driven World
36:55 Balancing Operational and Strategic Insights
37:51 Connecting with Analysts and Final Thoughts

Resources
LinkedIn Profile of Fernando Montenegro - https://www.linkedin.com/in/fsmontenegro/
Futurum Group - https://futurumgroup.com/
Obsidian Knowledge Management System - https://obsidian.md/
Book: Why Most Security Budgets Go to Waste by Ross Young - https://a.co/d/02BZPwdO

Join cybersecurity expert Joseph Carson and guest Gary as they explore innovative ways to make cybersecurity engaging, fun, and accessible. Discover how humor, storytelling, and community involvement can transform the industry and attract new talent.

Chapters
00:00 Welcome to the Cybersecurity Chaos
02:32 From Fear to Fun in Cybersecurity
05:27 The Journey of a Cyber Advocate
08:09 The Importance of Community and Collaboration
10:45 Bringing Laughter Back to Cybersecurity
13:13 Rebranding Cybersecurity for New Talent
16:00 The Power of Words in Cybersecurity
18:43 Innovative Approaches to Cyber Awareness
21:29 Lessons from Kids: Simplifying Cybersecurity
24:39 The Inner Child and Cognitive Dissonance
26:40 Gamification and Learning Innovations
28:19 Storytelling in Cybersecurity
29:15 Cybersecurity Starts at Home
30:36 Community Engagement and Employee Connection
32:14 The Importance of Acknowledgment
34:13 Finding Joy in Everyday Life
35:11 Humor as a Coping Mechanism
40:04 The Power of Positive Thinking
45:02 Mission Accomplished: Fun and Safety

Resources
Cyber Heroes Comics - https://cyberheroescomics.com/
Gary's LinkedIn Profile - https://www.linkedin.com/in/gary-berman/

Join Joseph Carson in this insightful episode as he interviews cybersecurity expert Chris Kubecka. They discuss critical infrastructure security, cyber warfare, geopolitical risks, and the evolving landscape of digital threats, providing valuable lessons for cybersecurity professionals and policymakers.
Key Topics
Cybersecurity in critical infrastructure
Geopolitical cyber threats and hybrid warfare
Evolving landscape of digital threats and resilience

Sound bites
"GPS jamming has been a massive challenge."
"Digital Empires: China, Europe, and the US."
"Radio communications are a vital fallback."

Chapters
00:00 Introduction and Background of Chris Kubecka
01:37 Cybersecurity Challenges in Critical Infrastructure
03:37 Evolving Nature of Cyber Threats
05:45 The Role of Drones in Modern Warfare
07:25 Hybrid Warfare and Global Diplomacy
10:10 The Shift in Global Cybersecurity Dynamics
12:18 The Importance of International Cooperation
14:33 Privacy and Ethics in Cybersecurity
16:50 Historical Context and Regional Cooperation
18:55 Cyber Attacks on Civilian Infrastructure
22:04 Personal Experiences in Estonia
24:10 Geopolitical Tensions and Cybersecurity
25:52 Challenges in Maritime Connectivity
28:16 Critical Infrastructure Vulnerabilities
30:22 The Role of Radio in Authoritarian Regimes
33:43 International Maritime Law and Cybersecurity
37:46 Recent Projects and Activism in Cybersecurity
39:51 Staying Informed in a Rapidly Changing Landscape

Resources
Chris Kubecka's LinkedIn - https://www.linkedin.com/in/chriskubecka/
Field Tested: How to Hack a Modern Dictatorship with AI - https://www.amazon.com/dp/B0C7F4XYZ

In this episode of the Security by Default podcast, host Joe Carson speaks with Ian Austin, co-founder of Pwned Labs, about his journey in cybersecurity, the evolution of learning in the field, and the challenges of Cloud and AI security. Ian shares insights on transitioning into cybersecurity roles, the importance of community engagement, and the need for continuous learning in an ever-evolving industry. They discuss the significance of gamification in training and the current trends in cloud security, emphasizing the importance of hands-on experience and collaboration.
Key Takeaways
Ian Austin is a co-founder of Pwned Labs, specializing in cloud and AI security training.
His journey in cybersecurity began with help desk roles and evolved into penetration testing.
Creating content is a great way to learn and contribute to the community.
Cloud security presents unique challenges that require ongoing education and adaptation.
Gamification in training enhances engagement but should not overshadow practical learning.
Community involvement is crucial for personal and professional growth in cybersecurity.
Transitioning into security roles can be done from various backgrounds, including sysadmin and help desk.
Continuous learning is essential in the fast-paced cybersecurity landscape.
Mentorship can significantly impact career development and confidence.
Cloud security is a growing field with increasing demand for skilled professionals.

sound bites
"Learning is a great way to learn."
"Community is a powerful thing."
"Cloud is hard to secure."

Chapters
00:00 Introduction to the Podcast and Guest
00:40 Ian Austin's Journey in Cybersecurity
06:40 Transitioning into Security Roles
10:54 Evolution of Learning in Cybersecurity
16:19 The Importance of Community in Learning
22:58 Challenges in Cloud Security
28:46 Staying Updated in the Cybersecurity Field

Resources:
https://pwnedlabs.io/
https://www.linkedin.com/in/ian-austin/