Shows
Phishing For AnswersFrom Disney to the Mavs: Philip McKibbins on Building Human-Centric SecuritySend a textWhen it comes to cybersecurity, we're not hacking systems—we're hacking behaviors. This enlightening conversation with Philip McKibbins, CIO and CTO of the Dallas Mavericks, reveals how human psychology, not just technology, forms the foundation of truly effective security.McKibbins brings extraordinary perspective from his 30-year career spanning Walt Disney (where he wrote their business continuity and disaster recovery plan), ESPN, the Los Angeles Dodgers, and now the NBA. His journey demonstrates how security principles remain consistent even across vastly different industries.The podcast delves into practical strategies for motivating em...
2025-06-0435 minPhishing For AnswersFrom Disney to the Mavs: Philip McKibbins on Building Human-Centric SecuritySend us a textWhen it comes to cybersecurity, we're not hacking systems—we're hacking behaviors. This enlightening conversation with Philip McKibbins, CIO and CTO of the Dallas Mavericks, reveals how human psychology, not just technology, forms the foundation of truly effective security.McKibbins brings extraordinary perspective from his 30-year career spanning Walt Disney (where he wrote their business continuity and disaster recovery plan), ESPN, the Los Angeles Dodgers, and now the NBA. His journey demonstrates how security principles remain consistent even across vastly different industries.The podcast delves into practical strategies for mo...
2025-06-0435 min
The Virtual CISO MomentS7E17 - A Conversation with Joshua CrumbaughJoshua Crumbaugh joins us for a special Thursday edition of The Virtual CISO Moment. With over 20 years of experience in cybersecurity, he is the CEO of PhishFirewall, a company that helps organizations solve their phishing problem. He has a credential in Offensive Security and has published a book on cybersecurity education and awareness. Join us as we discuss the human factor in securing information. Also, if you're in the Huntsville Alabama area, catch his keynote at BSides Huntsville THIS SATURDAY (April 12, 2025), where he will discuss the launch of an exciting new product. Here's a hint from a recent post...
2025-04-1026 minPhishing For AnswersAI in Healthcare Security: Oracle Health's CISO SpeaksSend a textSteve Fridakis, CISO of Oracle Health, shares his journey through cybersecurity across industries and explores the transformative impact of AI on healthcare security.• 25 years of cybersecurity experience spanning airlines, United Nations, media (HBO), and healthcare• Common security foundations across industries despite significant differences in threat landscapes• AI enabling physicians to capture diagnoses using natural language while validating against patient history• AI security tools helping validate systems and correlate petabytes of daily log information• Current cybersecurity mindset shifting equal focus to recovery capabilities alongside prevention• Zero Trust implementation minimizing b...
2025-03-0744 minPhishing For AnswersAI in Healthcare Security: Oracle Health's CISO SpeaksSend us a textSteve Fridakis, CISO of Oracle Health, shares his journey through cybersecurity across industries and explores the transformative impact of AI on healthcare security.• 25 years of cybersecurity experience spanning airlines, United Nations, media (HBO), and healthcare• Common security foundations across industries despite significant differences in threat landscapes• AI enabling physicians to capture diagnoses using natural language while validating against patient history• AI security tools helping validate systems and correlate petabytes of daily log information• Current cybersecurity mindset shifting equal focus to recovery capabilities alongside prevention• Zero Trust implementati...
2025-03-0744 min
Phishing For AnswersPhishing Gone Wild: Tales from the TrenchesSend a textKevin Walsh joins us to share his wealth of experience in cybersecurity and the crucial role of human elements in security strategy. The discussion touches on compliance, phishing simulations, and the impact of AI in the realm of cybersecurity. • Importance of understanding human behavior in cybersecurity • Compliance: Balancing act between requirements and effective security • The security culture: Building a proactive environment • Phishing simulations: Making training relevant and effective • AI's role in modern cybersecurity landscape • Vendor security: Addressing the weakest link • Strategies to engage all levels of staff in security pra...
2025-03-0445 minPhishing For AnswersTransforming Cybersecurity Training with Engaging StrategiesSend a textThe episode delves into the essential role of human factors in cybersecurity, emphasizing the need for integrating security awareness into daily operations. Eric Harris shares insights on effective training strategies, the importance of understanding social media risks, and the evolving landscape shaped by AI and deepfakes. • Discussing Eric Harris's background and journey in cybersecurity • Human-centric approach to tackling cybersecurity threats • Analyzing social media risks, especially linked to professional platforms • Strategies for creating effective security awareness programs • The importance of positive reinforcement in training initiatives • Leveraging AI while addressing its imp...
2025-03-0447 min
Phishing For AnswersHow Quantum Computing Will Change EverythingSend a textA transformative look at quantum computing's implications for businesses, especially around cybersecurity, with industry expert Bill Genovese from Kyndryl. Key insights into navigating this technology are presented, emphasizing urgency and strategic planning.• Quantum computing's transformative potential in everyday business • Bill's extensive background in leading global tech initiatives • The urgency for businesses to adapt to quantum threats • Exploring post-quantum encryption and its necessity • The convergence of quantum and AI technologies • The importance of developing a strategic framework for risk management • Lessons from past tech disruptions like Y2K • Practical s...
2025-03-0448 minPhishing For AnswersTransforming Cybersecurity Training with Engaging StrategiesSend us a textThe episode delves into the essential role of human factors in cybersecurity, emphasizing the need for integrating security awareness into daily operations. Eric Harris shares insights on effective training strategies, the importance of understanding social media risks, and the evolving landscape shaped by AI and deepfakes. • Discussing Eric Harris's background and journey in cybersecurity • Human-centric approach to tackling cybersecurity threats • Analyzing social media risks, especially linked to professional platforms • Strategies for creating effective security awareness programs • The importance of positive reinforcement in training initiatives • Leveraging AI while addressing i...
2025-03-0447 minPhishing For AnswersPhishing Gone Wild: Tales from the TrenchesSend us a textKevin Walsh joins us to share his wealth of experience in cybersecurity and the crucial role of human elements in security strategy. The discussion touches on compliance, phishing simulations, and the impact of AI in the realm of cybersecurity. • Importance of understanding human behavior in cybersecurity • Compliance: Balancing act between requirements and effective security • The security culture: Building a proactive environment • Phishing simulations: Making training relevant and effective • AI's role in modern cybersecurity landscape • Vendor security: Addressing the weakest link • Strategies to engage all levels of staff in security...
2025-03-0445 minPhishing For AnswersHow Quantum Computing Will Change EverythingSend us a textA transformative look at quantum computing's implications for businesses, especially around cybersecurity, with industry expert Bill Genovese from Kyndryl. Key insights into navigating this technology are presented, emphasizing urgency and strategic planning.• Quantum computing's transformative potential in everyday business • Bill's extensive background in leading global tech initiatives • The urgency for businesses to adapt to quantum threats • Exploring post-quantum encryption and its necessity • The convergence of quantum and AI technologies • The importance of developing a strategic framework for risk management • Lessons from past tech disruptions like Y2K • Practical...
2025-03-0448 minPhishing For AnswersDeaf Relay Scam Unveiled: Tim Krabeck’s Cybersecurity Journey from Help Desk to FBI PartnershipSend us a textIn this episode, we dive deep into the human element of cybersecurity, exploring how personal experiences inform our understanding of threats and defenses. Tim Krabeck shares his journey from help desk IT to becoming a cybersecurity expert, emphasizing the importance of communication, collaboration, and continuous education in the fight against cyber threats.• Tim's entry into cybersecurity through a phishing scam • Importance of personal stories in understanding cybersecurity • Role of red and blue teams in security practices • Discussing the MITRE ATT&CK framework • The significance of system hardening and user exper...
2025-02-1241 minPhishing For AnswersDeaf Relay Scam Unveiled: Tim Krabeck’s Cybersecurity Journey from Help Desk to FBI PartnershipSend a textIn this episode, we dive deep into the human element of cybersecurity, exploring how personal experiences inform our understanding of threats and defenses. Tim Krabeck shares his journey from help desk IT to becoming a cybersecurity expert, emphasizing the importance of communication, collaboration, and continuous education in the fight against cyber threats.• Tim's entry into cybersecurity through a phishing scam • Importance of personal stories in understanding cybersecurity • Role of red and blue teams in security practices • Discussing the MITRE ATT&CK framework • The significance of system hardening and user experienc...
2025-02-1241 minPhishing For AnswersThe Cyber-Psychology Connection: Futureproofing with AISend us a textUncover the fascinating intersection of human behavior and cybersecurity through the eyes of Tolgay Kizilelman, an expert in IT and cybersecurity. Explore how his career journey, from IT management to the pivotal role of CISO at the University of California, has shaped his unique perspective on the human element in cybersecurity. As we exchange stories, I share my own path from marketing to ethical hacking, highlighting the unexpected ways human psychology plays a critical role in both fields. This episode will leave you questioning the traditional approach to cybersecurity and appreciating the complexity...
2025-02-1051 minPhishing For AnswersThe Cyber-Psychology Connection: Futureproofing with AISend a textUncover the fascinating intersection of human behavior and cybersecurity through the eyes of Tolgay Kizilelman, an expert in IT and cybersecurity. Explore how his career journey, from IT management to the pivotal role of CISO at the University of California, has shaped his unique perspective on the human element in cybersecurity. As we exchange stories, I share my own path from marketing to ethical hacking, highlighting the unexpected ways human psychology plays a critical role in both fields. This episode will leave you questioning the traditional approach to cybersecurity and appreciating the complexity of...
2025-02-1051 minPhishing For AnswersPhishing Exposed: Ashok Kakani’s Game Plan for Cyber Leadership & AI Risk ManagementSend a textCybersecurity is evolving, with human behavior at its core and the need for robust security awareness training becoming more critical. Through the journey of Ashok Kakani, we explore the intersection of personal experiences, phishing incidents, and innovative approaches to training that engage employees and build a resilient cyber culture.• Ashok's transition from science to cybersecurity • Importance of front-line training in mitigating phishing • Real-life phishing incident and lessons learned • The role of AI in enhancing and complicating security • Dangers of inadequate PII management • Need for role-based training to combat specific t...
2025-02-1046 minPhishing For AnswersPhishing Exposed: Ashok Kakani’s Game Plan for Cyber Leadership & AI Risk ManagementSend us a textCybersecurity is evolving, with human behavior at its core and the need for robust security awareness training becoming more critical. Through the journey of Ashok Kakani, we explore the intersection of personal experiences, phishing incidents, and innovative approaches to training that engage employees and build a resilient cyber culture.• Ashok's transition from science to cybersecurity • Importance of front-line training in mitigating phishing • Real-life phishing incident and lessons learned • The role of AI in enhancing and complicating security • Dangers of inadequate PII management • Need for role-based training to combat specifi...
2025-02-1046 minPhishing For AnswersPhishing for Answers: Maxing Out Cyber Defense with Nigel MillerSend us a textWe explore how human behavior is the front line of cybersecurity, reshaping interactions between security teams and employees for a more collaborative approach. Nigel Miller highlights the significance of role-based training, the evolving threats posed by AI, and the importance of building a community around security awareness.• The shift from “Department of No” to enabling security culture • Importance of role-based training tailored to job functions • AI creates new phishing challenges but also enhances training methodologies • Psychological principles can deepen training impacts on behavior • Fostering an open community encourages proacti...
2025-02-0746 minPhishing For AnswersLicense to Secure: Joshua Kuntz on Protecting Texas from Cyber ThreatsSend a textJosh Kuntz shares his extensive journey through cybersecurity, emphasizing the balance of compliance, risk management, and the mentorship of the next generation. The episode discusses the evolution of security roles, the impact of AI, and the importance of understanding organizational objectives in strengthening cybersecurity culture.• Biography of Josh Kuntz and his career path• Transitioning from military to civilian cybersecurity roles• Importance of compliance and developing security programs• Adapting to remote work during COVID-19 challenges• Concept of risk acceptance in cybersecurity practices• Significance of training and mentorship in building tal...
2025-02-0748 minPhishing For AnswersPhishing for Answers: Maxing Out Cyber Defense with Nigel MillerSend a textWe explore how human behavior is the front line of cybersecurity, reshaping interactions between security teams and employees for a more collaborative approach. Nigel Miller highlights the significance of role-based training, the evolving threats posed by AI, and the importance of building a community around security awareness.• The shift from “Department of No” to enabling security culture • Importance of role-based training tailored to job functions • AI creates new phishing challenges but also enhances training methodologies • Psychological principles can deepen training impacts on behavior • Fostering an open community encourages proactive security...
2025-02-0746 minPhishing For AnswersLicense to Secure: Joshua Kuntz on Protecting Texas from Cyber ThreatsSend us a textJosh Kuntz shares his extensive journey through cybersecurity, emphasizing the balance of compliance, risk management, and the mentorship of the next generation. The episode discusses the evolution of security roles, the impact of AI, and the importance of understanding organizational objectives in strengthening cybersecurity culture.• Biography of Josh Kuntz and his career path• Transitioning from military to civilian cybersecurity roles• Importance of compliance and developing security programs• Adapting to remote work during COVID-19 challenges• Concept of risk acceptance in cybersecurity practices• Significance of training and mentorship in building...
2025-02-0748 minPhishing For AnswersWhy Washington’s CISO Says You’re Targeting the Wrong RiskSend a textWe discuss the evolving landscape of cybersecurity with Ralph Johnson, emphasizing the importance of collaboration, training, and the role of AI in addressing modern threats. Key topics include motivating teams, learning from past incidents, and the necessity of tailored, engaging security awareness programs. • Ralph’s personal journey into cybersecurity • Carrot vs. stick: motivation in teams • Embracing AI in training and security protocols • A real ransomware case study and its lessons • The importance of security hygiene and basic practices • Role-based training for diverse job functions • Gamification techniques to engage employees •...
2025-02-0654 minPhishing For AnswersCIO Confession: The #1 Mistake Holding Back City SecuritySend us a textArt Thompson, CIO of the city of Detroit, shares essential cybersecurity insights in this interactive discussion. He emphasizes the importance of open communication and the need for role-based training to safeguard against the growing number of phishing attempts.• Art’s journey from supply chain to IT and cybersecurity• Emphasis on zero tolerance for suspicious activities• Importance of communication regarding cybersecurity at work and home• Personal anecdote highlighting the need for multi-factor authentication• Discussion on the increasing threat of phishing attacks and deep fakes• Need for updated, role-based tra...
2025-02-0638 minPhishing For AnswersCIO Confession: The #1 Mistake Holding Back City SecuritySend a textArt Thompson, CIO of the city of Detroit, shares essential cybersecurity insights in this interactive discussion. He emphasizes the importance of open communication and the need for role-based training to safeguard against the growing number of phishing attempts.• Art’s journey from supply chain to IT and cybersecurity• Emphasis on zero tolerance for suspicious activities• Importance of communication regarding cybersecurity at work and home• Personal anecdote highlighting the need for multi-factor authentication• Discussion on the increasing threat of phishing attacks and deep fakes• Need for updated, role-based training progr...
2025-02-0638 minPhishing For AnswersWhy Washington’s CISO Says You’re Targeting the Wrong RiskSend us a textWe discuss the evolving landscape of cybersecurity with Ralph Johnson, emphasizing the importance of collaboration, training, and the role of AI in addressing modern threats. Key topics include motivating teams, learning from past incidents, and the necessity of tailored, engaging security awareness programs. • Ralph’s personal journey into cybersecurity • Carrot vs. stick: motivation in teams • Embracing AI in training and security protocols • A real ransomware case study and its lessons • The importance of security hygiene and basic practices • Role-based training for diverse job functions • Gamification techniques to engage employees
2025-02-0654 minPhishing For AnswersSecuring AI and Minds: Steve Winterfeld on Cyber Threats, Behavioral Science, and Building Robust Security CulturesSend us a textOur conversation with Steve Winterfeld unveils critical insights for anyone looking to forge a successful career in cybersecurity. We discuss the importance of strategic planning, building a security culture, and adapting to the rapid evolution of threats, especially phishing and social engineering attacks.• Exploring three career paths in cybersecurity • The importance of strategic career objectives • Carrot versus stick: fostering an inclusive security culture • Evolving threats: phishing beyond email • The role of AI in enhancing and challenging security • Understanding cognitive biases in decision-making • Effective metrics for measuring security a...
2025-02-0550 min