DTF Cyber Podcast

Is the "Cyber Skills Gap" a myth? In this episode, Damian, Troy, and Fern strip away the HR fluff and talk about the cold, hard reality of the 2026 job market. From entry-level SOC roles being "squeezed" by AI to $3.5M CISO roles that come with massive personal liability, we’re breaking down what you’re actually worth and why your resume is likely being ghosted by a bot. If you aren't negotiating your insurance and building your own AI tools, you're falling behind. THE DEEP DIVE: •⁠ ⁠00:00 – Intro•⁠ ⁠01:11 – Fern’s 2026 Job Hunt: Why 50 applications led to zero interviews. •⁠ ⁠04:20 – The "Skills Gap" Debate: Do companies actually want to hire? •⁠ ⁠09:02 – SALARY: The Entry-Level SOC Analyst floor in 2026. •⁠ ⁠14:15 – The Grocery Store Phone Call: How networking beats the portal every time. •⁠ ⁠19:40 – Damian’s Warning: Why "Prompting" AI makes you obsolete. •⁠ ⁠25:10 – The "AI Squeeze": Can a $200 license replace a Tier 1 Analyst? •⁠ ⁠31:30 – The Reporting Trap: Why CISOs reporting to CIOs is a massive risk. •⁠ ⁠35:41 – SALARY: Engineering, Pen-Testing, and Cloud Security ranges. •⁠ ⁠40:11 – The "AI Premium": How to add 20% to your base salary right now. •⁠ ⁠41:51 – The "Clearance Bump": Is the polygraph worth the extra $30k? •⁠ ⁠43:24 – SALARY: The $3.5 Million CISO—who is actually making this? •⁠ ⁠48:50 – D&O Insurance: If you aren't a "Named Director," you aren't protected. •⁠ ⁠55:30 – Risk Management vs. "Check-the-box" Compliance. •⁠ ⁠01:04:56 – Final Advice: Don't be a holdout for a dead salary. EPISODE HIGHLIGHTS: •⁠ ⁠The AI Squeeze: Troy explains why entry-level salaries are stagnating as automation handles the "low-hanging fruit." •⁠ ⁠Building vs. Prompting: Damian breaks down why the "Prompt Engineer" is a temporary role—you need to build the infrastructure to survive. •⁠ ⁠Executive Liability: Why you should never take a CISO role without checking the company's Directors and Officers (D&O) insurance policy. Are you seeing these salary shifts in your neck of the woods? Drop a comment below with your role and your 2026 outlook. #Cybersecurity #CISO #TechSalaries #AI #CareerAdvice #DTFPodcast #CyberJobs http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inquiries: dtf at cyberpodcast dot net Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

Chances are you’ve got the best tech money can buy, the latest AI, and the biggest firewalls—but you’re still losing. In this episode of the DTF Cyber Podcast, Damian and Fern sit down with Vancouver-based leadership coach and "positivity troll" Dom Vogel to discuss why the weakest link in cybersecurity isn’t a line of code, it’s the person behind the keyboard.We’re ignoring the hardware today to focus on the Human Side of Security. Dom shares his 20+ years of experience transitioning from corporate burnout to coaching cyber leaders on empathy, branding, and "connected leadership" in the AI era.In this episode, we dive into:* The CIO Branding Problem: A real-world story of how a helpdesk’s "likability index" changed a CEO’s perception of IT.* The 1,000 Applicant Crisis: Why junior roles are getting overwhelmed and how to "short-circuit" the online application black hole.* Certs vs. Communication: Why technical certifications are now "table stakes" and how soft skills are the real differentiator in 2026.* Authentic Leadership: Why vulnerability is a leader’s most powerful tool for building trust and mental resiliency within teams.* Personal Brand vs. Reputation: Understanding the "visceral emotional reaction" people have to your name.Connect with Dom Vogel:LinkedIn: https://www.linkedin.com/in/domvogel/Website: https://www.vogelleadershipcoaching.comSubscribe to DTF Cyber: Don't miss our upcoming deep dive into 2026 Cyber Salaries and the "AI Premium" in Episode 37!Video Timestamps00:00 – The Weakest Link: Tech vs. Humans02:18 – Meet Dom Vogel: The Ball Cap & Beard Guy03:33 – The CIO Branding Problem: A Helpdesk Story06:12 – Translating Risk into "Boardroom Conversation"08:12 – The 1,000 Applicant Problem: Standing Out in Noise10:07 – Why Applying Online is a "Black Hole"12:23 – Technical Skills are Now "Table Stakes"14:51 – Photography & Networking: Fern’s Origin Story19:05 – Stop Investing Only in Certs21:07 – Vulnerability: A Leader’s Most Powerful Tool24:42 – Story: The Helpdesk Manager Who Loved Marketing28:01 – Will AI Replace the Human Craving for Interaction?33:32 – Creating Psychological Safety in Your Team37:56 – The Janitor Test: How to Hire for Culture Fit42:07 – Operational Leverage: Reinvesting in Your People47:28 – The "Soft Skills" Payday: Why CISOs Need Sales Training51:06 – Remote Work vs. Office: The Choice Matters55:30 – What is a "Positivity Troll"?59:54 – Personal Brand vs. Reputation: What They Say When You Leave01:05:02 – How Content Creation Leads to Job Offershttp://cyberpodcast.netSpotify: http://spotify.cyberpodcast.netApple: http://apple.cyberpodcast.netX: https://x.com/dtfcyberpodcastIG: https://www.instagram.com/dtfcyberpodcast/Linkedin:DTF: https://www.linkedin.com/company/dtf-cyber-podcast/Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot netEverything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

In this episode, Damian, Troy, and Fern dive into the heated controversy surrounding new federal reporting mandates. We explore the "Feds vs. Firewalls" dynamic: does mandatory reporting actually help stop the bad guys, or is it just a massive resource drain on teams already fighting for their lives?We break down the 72-hour reporting window for significant incidents and the even tighter 24-hour requirement if you decide to pay a ransom. From the ambiguity of what defines a "significant incident" to the personal liability risks for CISOs, we’re looking at the real-world implications of these 2026 directives.Key topics include:* The struggle between immediate threat response and mandatory paperwork.* How the SBA size threshold might pull 30,000 "non-critical" companies into these rules.* The "minimum viable content" framework for initial reports.* Why the "don’t pay" mantra is harder to follow when human lives are on the line.Timestamps00:00 – Intro02:46 – The Car Crash Analogy: Should you call 911 or save the body?03:55 – Defining Critical Infrastructure: Telecom, Energy, and Gas.04:41 – The Ticking Clock: Does the 72 hours start at detection or declaration?05:15 – The 24-Hour Ransom Rule: What happens if you pay?06:48 – Private Sector Concerns: Will this extend beyond the 16 critical sectors?09:34 – The Executive War Room: Who is responsible for the communications?10:47 – Partnering with the FBI: Intel sharing vs. criminal investigation12:23 – Global Context: The EU’s 24-hour "Early Warning" requirement15:03 – The Resource Drain: Why incident responders are in revolt16:59 – CISA vs. FBI: Simplifying the reporting paperwork20:49 – The ROI of Reporting: What’s in it for the private company?21:49 – The 30,000 Entity Controversy: Mid-sized companies as "covered entities"25:56 – Cyber Awareness: Learning from past incidents to prevent future attacks28:56 – "Minimum Viable Content": Reporting when facts are still changing34:00 – Legal Risks: Consent to search and "anything you say can be used against you"36:59 – The "Office Space" Effect: Bureaucracy vs. Collaboration.40:41 – Voluntary vs. Mandated: The role of ISACs and InfraGard.48:22 – The Moral Dilemma: Why outlawing ransom payments is complicated51:13 – 2026 Deadlines: Upcoming CISA Town Halls and feedback loops.54:33 – Career Implications: Will GRC finally get the respect it deserves?http://cyberpodcast.netSpotify: http://spotify.cyberpodcast.netApple: http://apple.cyberpodcast.netX: https://x.com/dtfcyberpodcastIG: https://www.instagram.com/dtfcyberpodcast/Linkedin:DTF: https://www.linkedin.com/company/dtf-cyber-podcast/Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot netEverything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

In this episode of the DTF Cyber Podcast, Damian, Troy , and Fern dive into the rapid and often confusing shift from tools like Clawdbot to Moltbot and finally OpenClaw. They discuss why these autonomous agents are more than just a productivity trend—they represent a significant new attack surface for the modern enterprise.From the "Toddler with a Chainsaw" analogy to the risk of "Shadow AI" in the workplace, we break down the security implications of giving AI bots unfettered access to your network and credentials.00:00 – Intro01:19 – The rebranding maze: From Clawdbot to OpenClaw02:35 – What is an AI bot? First impressions of autonomous control05:02 – The "Poor Installation" risk and isolated environments07:21 – The "Age of Ultron" scenario: Efficiency vs. Security08:45 – Privacy concerns: Bots with access to banking and travel rewards10:15 – The Starbucks test: Automation vs. user friction12:15 – When AI goes rogue: Extortion and covering tracks in closed environments16:04 – Third-party AI risk and the lifespan of autonomous agents18:24 – Shadow AI: Bots as the new high-tech "mouse jiggler"20:19 – Inherited Identity: When bots gain your admin privileges21:40 – Advice for Organizations: How to check your environment for OpenClaw26:36 – A nightmare for the SoC: Signals, logs, and new attack surfaces28:53 – 6,000 actions a minute: Why human analysts can't keep up37:38 – The "Toddler with a Chainsaw" warning42:07 – Action Items: Three steps to secure AI in your organization55:35 – Lessons from outages: Why you shouldn't "open the world" on day one!

Is the constant wave of alerts keeping you up at 3 a.m.?In this episode of the DTF Cyber Podcast, industry veterans Damian, Troy, and Fern dive deep into the reality of mental health and burnout in the cybersecurity industry. Special guest CISO, Vito Rocco jumps deep into this conversation.With 78% of professionals feeling stressed out and 62% citing alert overload as a primary cause, it's clear the industry needs a culture shift. We discuss the pressures of catastrophic risk , the fear of missing critical alerts, and actionable strategies for leaders and analysts to combat fatigue—from tuning systems to building empathy.Plus, we explore the importance of diverse leadership and setting personal boundaries in a 24/7 world. If you are feeling stressed out and think you need help, please don't go through it alone—seek support from friends, leadership, or a mental health professional.Timestamps:00:00 - Intro: The reality of cybersecurity exhaustion.04:19 - 78% of the industry is stressed: The anticipation and reality of major incidents. 07:33 - The hidden stress of the SOC: Alert overload, perfectionism, and the fear of missing the "big one."12:50 - Building the pipeline: Training talent from within vs. hunting for unicorns. 15:06 - Beating alert fatigue: How to automate, tune the noise, and grow from entry-level to senior analyst.18:24 - Burnout isn't just about workload: Why empathy and recognition from leadership matter.23:05 - Building a support system: The importance of therapy and talking it out.25:05 - Leadership strategies: Connecting with your team beyond transactional work. 35:37 - Why you must use your PTO (and the trap of "Unlimited PTO").42:25 - Setting personal boundaries and managing communication in a 24/7 global team.53:07 - Using turnover rates as a measurement for team health.1:07:48 - The power of diverse leadership and the rise of female CISOs.1:18:01 - Conclusion and final thoughts on seeking help.http://cyberpodcast.netSpotify: http://spotify.cyberpodcast.netApple: http://apple.cyberpodcast.netX: https://x.com/dtfcyberpodcastIG: https://www.instagram.com/dtfcyberpodcast/Linkedin:DTF: https://www.linkedin.com/company/dtf-cyber-podcast/Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot netEverything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

2026 is here, and the cybersecurity job market is evolving. Whether you are trying to break into the industry or land your next senior role, the playbook has changed.In this episode of the DTF Cyber Podcast, Fern and Troy are joined by Gary Perkins (CISO at CISO Global) to break down 8 actionable steps you can take right now to jumpstart your career. From building public red team projects to mastering new attack toolchains like the Flipper Zero, we cover the technical and soft skills that hiring managers actually look for.We also dive into why networking is your #1 asset, how to contribute to open source projects, and why "learning to script" is non-negotiable for modern security pros.🚀 In this episode, we cover:Why you need a public GitHub portfolio (even if you aren't a dev).How to legally perform "hunts" in your current job to gain experience.The difference between "scripting" and "developing" and why Python/Bash helps.Why reading non-cyber books can actually make you a better CISO.👇 Jump to the 8 Career Hacks:00:00:00 - Intro: Welcome back to 2026!00:01:02 - Meet Gary Perkins, CISO at CISO Global00:07:43 - #1: Build One Public Red Team Project Quarterly00:14:00 - #2: Master a New Attack Toolchain (Flipper Zero, Bloodhound, etc.)00:21:16 - #3: Contribute to Open Source Security Projects00:29:16 - #4: Perform a Weekly Hunt in a Real Environment00:43:35 - #5: Learn to Script Your Own Tools (Python & Bash)00:51:18 - #6: Network Like Your Career Depends On It01:02:17 - #7: Read a Non-Cyber Book (The Phoenix Project, Leaders Eat Last)01:07:42 - #8: Teach Something Publicly01:16:20 - Bonus Resource: The Threat Intelligence Support Unit (TISU) Cohort📚 Resources & Mentions:Book: The Phoenix ProjectBook: Leaders Eat Last by Simon SinekOrganization: Threat Intelligence Support Unit (TISU) - Free Cybersecurity Cohorthttps://www.eventcreate.com/e/tisu8Connect with the Guest: Gary Perkins (CISO Global)https://www.linkedin.com/in/perkinsgary/Subscribe for more no-nonsense cyber insights! #Cybersecurity #InfoSec #CareerAdvice #RedTeam #BlueTeam #CISO #TechCareers #2026http://cyberpodcast.netSpotify: http://spotify.cyberpodcast.netApple: http://apple.cyberpodcast.netX: https://x.com/dtfcyberpodcastIG: https://www.instagram.com/dtfcyberpodcast/Linkedin:DTF: https://www.linkedin.com/company/dtf-cyber-podcast/Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot netEverything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

Is 2026 the year AI takes over everything—including the crimes? 🤖💸In the final episode of 2025, Damian and Troy break down their Top 8 Cyber Predictions for 2026. From AI agents executing 90% of breaches to ransomware payouts potentially hitting half a billion dollars, the future of cybersecurity is moving fast. We also discuss the "Harvest Now, Decrypt Later" threat, why your LinkedIn profile picture might already be a lie, and the new $150k entry-level salary standard.Plus, we’re ending the year with a GIVEAWAY! 🎁 Drop your 2026 prediction in the comments—for every 10 predictions we receive, we’re picking a winner for some exclusive (and secret) DTF Cyber swag.In this episode, we cover:Why AI agents (not humans) will be behind 9 out of 10 breaches.The terrifying potential for a $500M ransomware payout.How deepfakes will finally cause a major real-world crisis."AI Laundering": The new frontier for cleaning dirty crypto.Why entry-level cyber jobs are hitting $150k salaries (and the catch).🔔 Subscribe for more unfiltered cybersecurity insights!⏱️ TIMESTAMPS:00:00 – Intro: Did AI change the world in 2025?01:58 – Prediction #1: 90% of breaches will be executed by AI Agents.07:40 – Prediction #2: Ransomware payouts will break records ($500M?!).15:15 – Prediction #3: Identity becomes the central pillar (Passkeys backfire?).20:00 – Prediction #4: A deepfake event will hit major global news.24:45 – Prediction #5: "Harvest Now, Decrypt Later" goes mainstream.28:40 – Prediction #6: Mandatory AI Agent audits for federal contractors.32:30 – Prediction #7: "AI Laundering" becomes the new money laundering.38:15 – Prediction #8: Entry-level AI Cyber jobs will start at $150k.45:00 – Bonus Prediction: The consolidation of massive data analytics.47:00 – GIVEAWAY DETAILS: How to win exclusive swag!#CyberSecurity #AIPredictions #Ransomware #Deepfakes #TechTrends2026 #InfoSec #Podcast #DTFCyber #AI

The 2025 Cyber Christmas List That Actually Gets You HiredHappy holidays, nerds!Your mom just spent $79 on a “hacker hoodie” that says “Trust Me” in Comic Sans……while real juniors are out here making six figures with a $29 Yubikey and a Raspberry Pi.In Episode 30, Damian, Troy & Fern save your Christmas with the only cyber gifts worth buying in 2025:• Under $50 stocking stuffers that turn into paychecks• $50–$150 tools that get you interviews• $150–$300 big wins that scream “I’m serious”• Free gifts that slap harder than anything paid• And the absolute coal you should burn before anyone unwraps itTimestamps00:00 Intro: The "Hacker Hoodie"01:37 Why "Hacker" Clothing is Bad OpSec06:01 The Worst Gifts: "Hacking for Dummies"08:59 Beware of Knockoff Tools & Malware12:15 Danger: Pre-loaded Hacking USBs13:49 Best Gifts Under $10014:00 Book Rec: The Hardware Hacker14:20 YubiKeys for MFA16:21 Lockpicking Sets & Physical Pen Testing21:42 USB Rubber Ducky23:25 USB Data Blockers (Juice Jacking Protection)25:05 RFID Blocking Wallets28:06 Raspberry Pi Projects (Honeypots & VPNs)28:45 Best Gifts $100 - $20030:30 Packet Squirrel: Man-in-the-Middle Attacks34:20 Flipper Zero: Radio Frequencies & Rolling Codes39:34 Certifications: Security+ & Network+44:24 Cloud Credits & AI Subscriptions46:26 Unlimited Budget Gifts47:25 Black Hat & DefCon Tickets48:14 Mac vs. Windows vs. Linux for Hacking51:53 Giveaway: The "Hacker" Hoodie57:58 Holiday Security WarningGiveaway: Comment your dream (or worst) cyber gift — we’ll randomly pick one subscriber for a genuine “hacker” hoodie (minimum 10 comments).Everything here is our personal hot takes — not our employers, not legal advice.Just three idiots with mics trying to keep you from bad gifts.— Damian, Troy & FernDTF Cyber Podcast#CyberGifts #Christmas2025 #CyberSecurity #Infosec #Careerhttp://cyberpodcast.netSpotify: http://spotify.cyberpodcast.netApple: http://apple.cyberpodcast.netX: https://x.com/dtfcyberpodcastIG: https://www.instagram.com/dtfcyberpodcast/Linkedin:DTF: https://www.linkedin.com/company/dtf-cyber-podcast/Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot netEverything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

2.5 billion daily account-takeover attempts.That’s one every 34 microseconds.Damian, Troy & Fern go full send-it mode on the 2025 ATO playbook: SIM swaps, session-token theft, MFA fatigue bombing, rogue QR codes, deep-fake family scams, and the OAuth tokens you granted in 2017 that are still wide open.Timestamps00:00 – Intro05:20 – SIM swaps & losing your phone number in minutes09:40 – Why password resets are useless (session tokens survive)14:20 – MFA fatigue / push-notification bombing19:10 – OAuth & old third-party app tokens nobody revokes24:30 – Rogue QR codes at restaurants & hotels30:15 – Enterprise reality – weekly O365 token theft37:40 – Non-human identities & service-account sprawl44:50 – Passkeys in 2026 – will increase ATO risk if misconfigured51:00 – Public Wi-Fi, juice jacking & QR code myths58:00 – Closing thoughtsDiscord (coming soon) #AccountTakeover #SIMSwap #MFAFatigue #CyberSecurity #Infosec #ZeroTrusthttps://www.fcc.gov/consumers/scam-alert/grandparent-scams-get-more-sophisticatedhttps://newsroom.servicenow.com/press-releases/details/2025/ServiceNow-to-Expand-Security-Portfolio-With-Acquisition-of-Vezas-Leading-AI-native-Identity-Security-Platform/default.aspxhttps://thehackernews.com/2025/04/customer-account-takeovers-multi.htmlhttps://www.gartner.com/reviews/market/identity-threat-detection-and-response-itdrhttp://cyberpodcast.netSpotify: http://spotify.cyberpodcast.netApple: http://apple.cyberpodcast.netX: https://x.com/dtfcyberpodcastIG: https://www.instagram.com/dtfcyberpodcast/Linkedin:DTF: https://www.linkedin.com/company/dtf-cyber-podcast/Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot netEverything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

Anthropic’s new report is a wake-up call: hackers turned Claude into a near-autonomous espionage agent that handled 90% of the attack chain by itself. The future is officially here… and it’s terrifying.We go deep on how they did it, why current defenses are cooked, and what defenders need to do yesterday.Timestamps00:00 – The scariest line Anthropic has ever published01:17 – “Set it and forget it” – the new AI attack paradigm04:04 – Breaking attacks into tiny, undetectable chunks13:48 – Attackers flipped the script: 90% AI, 10% human17:26 – Why defense has to 10x its speed right now27:11 – SOC automation, log nightmares & the data problem nobody’s solved33:18 – Thousands of API calls/sec + AI writing its own evasion logic40:31 – Regulation debate: should frontier models be locked down?51:38 – Back to basics… but the basics just changed forever55:21 – Raw reactions: “Is this even real?”58:09 – The silver lining (yes, there is one)01:03:13 – When’s the next one coming? Like if this freaked you out, comment your biggest fear for 2026, and smash subscribe — the AI cyber war just started.#AICyberAttack #ClaudeAI #Cybersecurity #AgenticAI # infosechttp://cyberpodcast.netSpotify: http://spotify.cyberpodcast.netApple: http://apple.cyberpodcast.netX: https://x.com/dtfcyberpodcastIG: https://www.instagram.com/dtfcyberpodcast/Linkedin:DTF: https://www.linkedin.com/company/dtf-cyber-podcast/Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot net

The average company now runs 60+ cybersecurity tools — more apps than most people have on their phone. Is this making us safer… or just creating chaos, alert fatigue, and million-dollar shelf ware?In this episode, Damian, Troy, and Fern rip apart the tool sprawl epidemic: why CISOs are drowning in overlapping platforms, how 7% of IT budget became the “standard,” when best-of-breed actually beats single-vendor, and how to start consolidating before you go insane.Real talk from three practitioners who’ve lived the nightmare.Timestamps (short & sweet edition)00:00 – 60+ tools per company… are we actually safer?03:17 – The 7% of IT budget “rule” – is it enough?06:21 – Cybersecurity isn’t insurance, it’s risk mitigation11:05 – Shelfware nightmare: tools bought, never used14:30 – Single-vendor vs best-of-breed debate28:40 – The shiny new toy problem every CISO faces36:20 – Analyst alert fatigue is real40:05 – Best-of-breed wins when tools actually talk47:36 – You need a 3–5 year roadmap (even if you won’t be there)49:02 – AI wasn’t on anyone’s 5-year plan… now what?51:09 – Pro tips for CISOs & analysts54:35 – Wrap-up & see you next week!Subscribe so you never miss the raw truth about cybersecurity.🔔 Turn on notifications – new episode every Monday!💬 Comment: How many security tools does YOUR org actually use?#Cybersecurity #ToolSprawl #CybersecurityTools #CISO #BestOfBreed #SecurityConsolidation #DTFCyberPodcastLinkedin:Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot net

In this eye-opening episode of the DTF Cyber Podcast, hosts Damian, Troy, and Fern tackle the theme of trust in cybersecurity. From external hackers spoofing CEOs in Microsoft Teams to incident response firms secretly double-dipping in ransomware negotiations, and a shocking $106M heist at the Louvre enabled by the password “louvre,” the crew explores real-world threats and defenses. Plus, tips on security training, OSINT risks, mental health in cyber, and protecting against title fraud. Whether you’re in security or just curious, this episode reminds us: trust but verify—or pay the price.Timestamps:00:00 – Intro01:00 – Microsoft Teams Spoofing Vulnerability Exposed04:30 – Process Over Tech: Training for Wire Fraud & Deepfakes08:00 – Data & Identity: Top CISO Concerns15:32 – CEO Outreach? Double-Check the Source17:31 – Gamified Training: Making Awareness Stick20:06 – Why Annual Training Fails—Go Quarterly26:34 – Instincts Matter: If It Feels Off, Verify28:18 – IR Brokers Gone Rogue: Representing Both Sides39:49 – Vetting Vendors & Diversifying Suppliers42:31 – White-Collar Crime Triggers & Mental Health Support46:04 – If There’s Money, Expect Cheaters47:28 – The Louvre Heist: Bucket Trucks & Weak Passwords50:06 – Camera Password “Louvre” Since 201452:10 – Complacency Kills: Beyond Default Passwords01:07:13 – Title Fraud Scams: Lock Your House & Car Titles01:10:05 – AI-Fueled Fraud in the Digital Age01:12:35 – Threat Spectrum: External to Insider Risks01:15:11 – Pro Tip: Ask a Security Expert—Don’t GuessSubscribe for unfiltered cyber insights every week.🔔 Enable notifications—don’t miss an episode!💬 Comment below: Ever spot a spoofed message in Teams? Share your story!#Cybersecurity #DTFCyberPodcast #MicrosoftTeams #Ransomware #LouvreHeist #TrustButVerify #InsiderThreats #SecurityTrainingArticles:https://thehackernews.com/2025/11/microsoft-teams-bugs-let-attackers.htmlhttps://arstechnica.com/security/2025/11/fbi-arrests-ransomware-clean-up-experts-for-planting-ransomware/?utm_campaign=dhtwitter&utm_content=%3Cmedia_url%3E&utm_medium=social&utm_source=twitterhttps://cybernews.com/news/louvre-password-heist/Linkedin:Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot net

Dive into the wild world of cybersecurity certifications on this episode of the DTF Cyber Podcast! Hosts Damien, Troy, and Fern break down whether certs are the golden ticket to a six-figure cyber career, or if passion, experience, and networking matter more. From entry-level tips like CompTIA Security+ to gold standards like CISSP, they share real talk on getting hired, avoiding burnout, and building a standout resume in today's tough job market. Perfect for newbies, mid-career pros, or anyone pivoting into cyber.🔥 Key Topics:Do you really need certs to break into cyber?Best beginner certs vs. advanced onesThe power of home labs, side projects, and networkingAvoiding the "cert collector" trapMid-career advice for layoffs and upskilling🚀 Subscribe for more raw cyber insights, hit the bell for notifications, and drop your cert stories in the comments! Email us at dtf@cyberpodcast.net or connect on LinkedIn.Timestamps:00:00 - From data breaches to six-figure hacker-hunter dreams03:15 - Fern's confession06:24 - Continuing education like doctors – Do you need certs to start?08:03 - No "one cert" guarantees a job – Stand out with initiative11:08 - Chasing money vs. passion: Burnout risks in cyber15:35 - "Love your job, never work a day" – Finding your cyber niche18:19 - New grads: Focus on certs, experience, or networking first?19:29 - Damien's hiring advice: Internships over Ivy League degrees22:31 - Entry-level picks: CompTIA Security+, CEH – Show initiative23:28 - Home labs & side projects: Build and talk about them!29:33 - Python scripting: The invaluable skill that lands big roles32:31 - Mid-career: CISSP for screening, but tailor to your path 36:15 - Avoid silos: Broaden skills in big vs. small companies38:35 - SANS certs: Pricey but powerful 40:14 - Retention: Invest in training, build culture46:36 - Beat AI resume scanners: Network to bypass bots50:21 - Salary expectations & red flags in job apps53:23 - Late-career: Network trumps certs54:04 - Final tips: Local meetups, be bold, ask for what you want58:05 - Pro networking hack:59:27 - Magic tricks as icebreakers? #Cybersecurity #Certs #CISSP #SecurityPlus #CyberCareer #DTFPodcastLinkedin:Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot net

Join hosts Fern and Troy as they sit down with legendary negotiator and cybersecurity expert Jean Shapiro (formerly of American Express) for an in-depth discussion on navigating cybersecurity budgets, building trust with vendors, leveraging crises for improvement, and fostering a culture of transparency. From managing $2B budgets to avoiding sales pitfalls and tying security to business impact, Jean shares real-world insights from her decades in the field. Whether you’re dealing with ransomware recovery, brand protection, or innovation funding, this episode is packed with gold nuggets for CISOs, security leaders, and vendors alike.If you enjoy raw, unfiltered conversations on cyber defense, hit that LIKE button, SUBSCRIBE for more episodes, and drop a comment below: What’s your biggest budgeting challenge in cybersecurity?🔗 Listen on Spotify/Apple Podcasts:spotify.cyberpodcast.netapple.cyberpodcast.net#Cybersecurity #CISOBudget #SecurityFunding #VendorManagement #Ransomware #CISOAdviceTimestamps:00:00 – Intro & Jean Shapiro’s Epic Entrance 03:27 – Why Non-Tech Leaders Struggle to Understand Security06:10 – Educating Buyers Through Breach News & Real-World Examples09:06 – Gold Nugget #1: Never Let a Good Crisis Go to Waste12:36 – Building a Culture of Transparency (No Finger-Pointing)16:21 – Partnering with CIOs: Fixing Legacy Issues Without Blame18:46 – Getting Budget: Tie Security to Revenue Loss & Business Impact23:29 – Risk & Brand Protection in Budget Conversations26:11 – Risks Breakdown: Litigation, Regulation, Operational Downtime28:00 – Ransomware Myths: Why Paying Isn’t a Quick Fix31:56 – Frameworks (NIST, MITRE ATT&CK) for Data-Driven Budgets37:32 – Carving Out Budget for Innovation & AI Tools40:46 – Tips: Align with Strategic Initiatives (Don’t Just Slap AI on It)43:02 – Sales Call Frustrations: “What Keeps You Up at Night?”47:19 – Protecting Proprietary Info in Vendor Calls (No Recordings!)51:23 – Post-Sale Support: Don’t Ghost After the Deal55:38 – Burning Vendor Bridges: When to Replace Tools58:03 – Sales Ghosting Between Roles: It Bites Back1:05:16 – Sales Incentives Exposed: Why Renewals Get Weird1:10:20 – Negotiating with VARs: Avoid Desperation Deals1:19:00 – Closing Thoughts: Know Your Numbers, Talk Business LanguageThanks for watching! Stay secure out there. Linkedin:Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/

Welcome to Episode 23 of the DTF Cyber Podcast! 🎙️ Join our hosts as they dive into the evolving world of cybersecurity leadership, exploring what it takes to be a CISO in 2025. From technical acumen vs. business savvy to AI’s revolutionary impact on the industry, we unpack critical insights for aspiring and seasoned security pros. Plus, hear about Vegas’s tight-knit cyber community, data breach lessons, and the F1 party vibe! ​​💻 Don’t miss this mix of career advice, tech trends, and real-world stories. Subscribe for weekly cyber insights! 🚀 #Cybersecurity #CISO #AIinCybersecurity #DataBreaches #VegasCyberTimestamps:00:00 —Intro & Vegas F1 ExcitementThe crew kicks off with Formula 1 hype, Vegas nightlife, and how local cyber pros turn big events into networking gold.06:35 — The CISO Role DebateDo you need deep technical chops or business instincts to lead? The team unpacks the “technical vs. strategic” clash lighting up LinkedIn.14:23 - The Castle & Sword AnalogyDefending your organization like a kingdom; strategy, trust, and the danger of “fighting every battle yourself.”20:10 — Stats, Pay Gaps & AI’s InfluenceWhy technical CISOs earn more, how AI is reshaping cybersecurity, and why partnership beats isolation.28:27 — AI’s Impact on CybersecurityWorking alongside business units to secure AI-driven projects — and the risks of “vibe-coding” without controls.33:17 - Leadership HumilityThe power of admitting mistakes: how transparency builds trust and kills ego-driven cyber culture.36:01 — SOC Lifers & InnovationWhy some pros never leave the trenches — balancing hands-on skill with creative problem-solving.41:01 — The Hybrid AdvantageWhy the best CISOs blend technical depth, business vision, and empathy to lead modern security teams.45:28 — VARs, Pizza & ProcurementHow to question vendors the smart way — and why “what fails” matters more than “what sells.”49:45 — Data Retention & BreachesThird-party risk, compliance headaches, and why storing IDs “just in case” creates future breaches.54:34 — Breach FatigueLessons from a 70,000-user data leak — protecting your identity and regaining trust in a breach-saturated world.Topic Links:https://www.linkedin.com/posts/geoffhancockcyberexecutive_ciso-ceo-activity-7384226546804449280-UtjG/?utm_source=share&utm_medium=member_ios&rcm=ACoAAAPdJL0B8xce6ECZfPNPS2Hp24evoT2uY0Ehttps://cybersecuritynews-com.cdn.ampproject.org/c/s/cybersecuritynews.com/discord-data-breach-sensitive-data/amp/Connect with Us: • Follow DTF Cyber Podcast on X for updates! • Share your thoughts in the comments! What’s your take on the CISO role in 2025?

Join Damian, Troy, and Fern on Episode 22 of the DTF Cyber Podcast (@DTFCyberPodcast) as we tear into Deloitte’s $290K AI hallucination disaster—fake references, a misquoted judge, and a botched Australian government report that’s shaking trust in AI. From AI’s role in cyber chaos to practical tips for validation, we’ve got CISOs and tech lovers covered. Timestamps (Extracted from Transcript):Timestamps (Extracted from Transcript):00:00 – 01:26 | Intro: AI Hallucinations & Holiday Banter01:26 – 15:34 | Cyber News: Deloitte’s AI-Generated Report15:34 – 30:06 | Deep Dive: Accountability & Ethics Fallout30:06 – 43:10 | AI Ethics in Security & Vendor Data Use43:10 – 57:12 | Audits, Maturity Scores & Frameworks57:12 – 01:09:49 | Outro: Real Talk on Jobs, AI & AccountabilityLinks:• Fortune Article: https://fortune.com/2025/10/07/deloitte-ai-australia-government-report-hallucinations-technology-290000-refund/• NIST AI RMF: https://www.nist.gov/itl/ai-risk-management-framework• Join us on X: https://x.com/DTFCyberPodcast• AI Ethics Cheat Sheet: [Link to PDF - TBD]Subscribe: Catch our weekly cyber takedowns! Smash that bell and join the DTF crew fighting hype, one ethical byte at a time. 🛡️Linkedin:Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot net

Buckle up for a wild ride through cyber chaos at 30,000 feet! With Damian out slaying dragons elsewhere, Troy and Fern team up with special guest Shannon Wilkinson (Troy's better half, CIO/CISO at Findlay Auto, and reigning "double belt cyber champ"). We dissect the September 2025 ransomware meltdown that grounded 63+ flights at Heathrow, Brussels, and Berlin—thanks to a Collins Aerospace supply chain hack. From botched check-ins to a shocking UK arrest in under a week, we unpack the third-party terror, AI's automation pitfalls, and why your next layover could be a hacker's playground. Plus: Real talk on business impact analysis (BIA), dodging "juice jacking," VPN myths, and why employees aren't your "weakest link" (but untrained ones sure are). Shannon drops gems from her new book on AI ethics, and we roast everything from fast-food kiosks to boardroom budget battles. Laughs, lessons, and low-hanging fruit alerts—because if airports can crash, so can your data. Stay encrypted, travelers! 🚨✈️Timestamps:00:00 - Ransomware Grounds Europe – Collins hack chaos.02:59 - Tech Couples – Can they unplug?05:11 - Airport Attack – Heathrow arrests & CrowdStrike déjà vu.08:07 - AI Trap – Automation gone wrong.14:39 - Boardroom Battles – Layoffs vs. efficiency.19:34 - AI Revolution – Jobs, tools, & reality check.27:52 - BIA 101 – Spot risks before chaos.33:25 - Cyber Risk in Dollars – Board storytelling without FUD.40:43 - Cyber Spend – $2B budgets & quick wins.45:25 - Employees – Weak link or weapon?47:24 - SMS Scams – Bill panic & verification tips.49:35 - Travel Security – VPNs, hotspots, identity fabrics.53:51 - Hotspot Hype – Cell signals vs. VPN traps.57:51 - Juice Jacking – Airport USB risks explained.01:03:16 - Book Spotlight 01:06:23 - Sales Tactics Roast – Cupcakes as cold calls.01:10:02 - Wrap-UpGrab Shannon's book: "Prompted, Not Present" on Amazon – DM her on LinkedIn for a signed copy!Love the pod? Smash that 👍, subscribe for weekly cyber roasts, and drop your wildest travel hack fail in the comments. New eps every Monday—next up: Deepfakes in the wild?🔗 Full episodes & merch: dtfcypberpodcast.net📱 Follow us: YouTube @DTFCyberPodcast | X @DTFCyberPodecast | LinkedIn#Ransomware #AirportHack #TravelCybersecurity #AIEthics #CyberPodcast #DTFCyber #SupplyChainAttack #VPNtips #JuiceJacking #BusinessResilienceArticles:https://www.theguardian.com/world/2025/sep/22/flight-delays-europe-cyber-attack-heathrow-brussels-berlinhttps://levelblue.com/blogs/security-essentials/securing-your-digital-footprint-while-traveling-in-2025Shannon's Book: https://www.amazon.com/Prompted-Not-Present-Reclaiming-Thoughtful/dp/B0FF5D87S9/ref=sr_1_1?crid=2BIWF9F0E79D6&dib=eyJ2IjoiMSJ9.X1QHcoWjhBDfHDtebgE0l4gwmpAfCC5WWrEVbCo-sygfPtSsH6pEv62iZnv9oFIQlhSqfObQU_AqUtM-T389Uh2Wp-nU71BK5Ht-XMU0LmlLRqWNUvmPgpdGXv4btnYZIsMXucdOo6EPaGeVckxFncbhY4BrmwSI0mdVEvbIivynUqp9JhrHyZFn-c7OihOlA6QW6gYMu2IhE0w_KVSjMA.GK0phjXd49yIOHuQSahz5k88KN5tbvARge-P1ntZs4g&dib_tag=se&keywords=shannon+wilkinson&qid=1759709566&sprefix=shannon+wilk%2Caps%2C134&sr=8-1Linkedin:Shannon: https://www.linkedin.com/in/swilkinsoncyber/Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot net

Welcome to Episode 20 of the DTF Cyber Podcast! 🚨 Join hosts Damian and Fern, with special guest Gary Chan, the Security Mentalist, as they dive into the wild world of rogue AI agents—autonomous systems that wreak havoc when they go off-script. From AI browsers falling for phishing scams to coding agents wiping out databases and chatbots selling $76,000 SUVs for a buck, we unpack real-world incidents shaking the cybersecurity world in 2025. Gary’s psychological manipulation expertise reveals how AI vulnerabilities mirror human tricks, making this a must-watch for tech pros and curious minds alike! 🧠💻🔔 Subscribe to @DTFCyberPodcast for weekly cybersecurity deep dives: youtube.com/@DTFCyberPodcast💬 Drop your rogue AI stories in the comments and let us know what topics you want next!📩 Want Gary’s security mentalism for your company? Visit https://www.gschan2000.comTimestamps00:00 - Intro: Damian and Fern set the stage for rogue AI agents, introducing Gary Chan with a WWE-style entrance!03:27 - Guest Spotlight: Gary explains security mentalism—blending psychological tricks with cybersecurity awareness.08:59 - Perplexity’s Comet AI Browser Exploit: How this AI browser got tricked into buying fake items and leaking data.27:02 - Replit AI Database Disaster: A coding agent deletes a production database and fakes logs to cover it up!42:45 - Chevrolet Chatbot Fiasco: A chatbot “sells” a $76,000 Tahoe for $1 via social engineering.54:42 - Roundtable: AI Risks & Fixes: 80% of companies face rogue AI—how do we secure these agents?68:47 - Outro & Takeaways: Key lessons on testing, governance, and trusting AI, plus a call to subscribe!Key TopicsPerplexity Comet Exploit: How phishing and prompt injection led to unauthorized purchases and data leaks.Replit Database Wipeout: A coding AI’s catastrophic error and attempt to hide it.Chevrolet Chatbot Blunder: Social engineering tricks a bot into absurd deals, raising liability questions.Mitigations: Testing in dev environments, strict permissions, and rollback plans to tame rogue AI.Gary’s Take: How mentalism reveals AI’s susceptibility to manipulation, with tips for secure deployment.Security Mentalist:https://www.gschan2000.comArticle 1: https://www.bleepingcomputer.com/news/security/perplexitys-comet-ai-browser-tricked-into-buying-fake-items-online/Article 2: https://www.tomshardware.com/tech-industry/artificial-intelligence/ai-coding-platform-goes-rogue-during-code-freeze-and-deletes-entire-company-database-replit-ceo-apologizes-after-ai-engine-says-it-made-a-catastrophic-error-in-judgment-and-destroyed-all-production-dataArticle 3: https://www.upworthy.com/prankster-tricks-a-gm-dealership-chatbot-to-sell-him-a-76000-chevy-tahoe-for-ex1Article 4:https://www.digit.fyi/80-of-firms-say-their-ai-agents-have-taken-rogue-actions/?utm_source=chatgpt.comLinkedin:Gary Chan: https://www.linkedin.com/in/gschan2000/Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot net

Welcome to Episode 19 of the DTF Cyber Podcast, where Damian, Troy, and Fern dive into the wild world of cybersecurity with our special guest, Lester Godsey, CISO at Arizona State University! This week, we unpack the massive Salesloft Drift supply chain breach that rocked companies like Cloudflare, Palo Alto Networks, and Zscaler. From OAuth token risks to third and fourth-party vulnerabilities, we break down what went wrong, why it matters, and how to protect your organization from the next supply chain nightmare. Expect technical deep dives, real-world insights, and our signature banter—because even in chaos, we keep it real. Subscribe, like, and join us every Monday for more cyber talk!Follow us on X: @DTFCyberPodcastWatch on YouTube: https://www.youtube.com/@DTFCyberPodcastTimestamps00:00 - Intro: Welcome to the DTF Cyber Podcast00:33 - Guest Introduction: Meet Lester Godsey, ASU’s CISO01:41 - Lester’s 8-Hour Retirement & Transition to Private Sector03:12 - Talk Track 1: The Breach Breakdown – Salesloft Drift Incident04:49 - Why Third-Party Risk Management (TPRM) Needs More Hype06:26 - The Skills Gap in Governance, Risk, and Compliance (GRC)09:57 - Do CISOs Need to Be Super Technical? The Debate13:22 - Talk Track 2: OAuth Token Risks – The Double-Edged Sword18:04 - Analogies: Amazon Garage Access vs. OAuth Token Exposure23:20 - Talk Track 3: Third and Fourth-Party Risks – Hidden Layers26:30 - Vendor Transparency and Proactive Disclosure29:01 - Shadow IT and the Challenges of Vendor Visibility31:20 - Talk Track 4: Mitigation Strategies – Auditing and Non-Human Identities36:02 - Managing Up: Communicating Risks to Leadership39:15 - Gen Z Slang and Workplace Communication Challenges43:32 - Recap: Key Takeaways on OAuth, Audits, and Risk47:46 - Future Topics: Non-Human Identities and Agentic AI51:02 - Actionable Advice: Audit Your OAuth Tokens Now54:41 - Closing Thoughts from Troy, Damian, Fern, and LesterWhat You’ll Learn- How attackers exploited OAuth tokens in the Salesloft Drift breach- The cascading risks of third and fourth-party vendors- Practical steps to audit and secure OAuth tokens and APIs- Why non-human identity management is critical for modern cybersecurityHave you audited your OAuth tokens lately? Drop your thoughts on supply chain risks in the comments or hit us up on X (@DTFCyberPodcast). If you found this episode helpful, smash that like button, subscribe, and share with your cyber crew! Let’s stay one step ahead of the hackers. #Cybersecurity #SupplyChainSecurity #OAuthRisks #DTFCyberPodcastLinkedin:Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot net

🎙️ Welcome to the DTF Cyber Podcast! In Episode 18, “Why Cybersecurity Training is Often Ignored,” we dive into the real struggles of staying sharp in cyber roles. From budget battles to justifying big conferences like Black Hat and RSA, this episode uncovers why training gets sidelined—and how to fight back! 💻🔒🔑 Key Topics:• Why training costs (like $8,000 SANS courses) scare off CEOs• Budget hacks: Vendor deals, free meetups (e.g., Phoenix East Valley), and LinkedIn Learning• Justifying conferences with ROI (reports, team training)• Employee initiative vs. leadership responsibility• Training as part of compensation and culture• Staying ahead with job research and the “seven whys”😂 Bonus: Hear about the hostel pinkeye saga—a lesson in cost-cutting gone wild!📌 Timestamps:0:00:00 - Intro: Staying Up-to-Date0:02:34 - Budgeting Challenges0:09:05 - Vendor Training Tricks0:18:23 - Justifying Conferences0:36:02 - Free Training Options0:43:10 - Employee & Leader Roles0:54:26 - Black Hat Cost Breakdown1:05:26 - Closing Tips💬 Drop your training hacks in the comments! Subscribe @DTFCyberPodcast for more cyber realness. Join us next week—stay safe!🔗 Full Episode: [Link to Episode 18]🌐 Learn more: https://www.youtube.com/@DTFCyberPodcast#Cybersecurity #Training #BlackHat #RSAConference #CyberCareer #DTFCyberPodcastPhoenix Cyber Meetup:EVSec https://www.meetup.com/evsecazSANS pricing: https://www.sans.org/cyber-security-courses/advanced-security-essentials-enterprise-defenderUI/UX:https://www.linkedin.com/posts/cyber-uxcellence_a-milestone-moment-for-ux-in-cybersecurity-activity-7361758949525622785-Rsha?utm_source=social_share_send&utm_medium=member_desktop_web&rcm=ACoAAAPdJL0B8xce6ECZfPNPS2Hp24evoT2uY0EOnline Training Resources: https://explore.skillbuilder.aws/learn (AWS Skill Builder – Security Learning Plans)https://www.cloudskillsboost.google/ (Google Cloud Skills Boost – Security Labs & Quests)Use of "Five Why's" : https://www.corporatecomplianceinsights.com/want-better-incident-response-keep-asking-why/Phoenix Community Meetup Groups:https://owasp.org/www-chapter-phoenix/ (OWASP Phoenix)https://engage.isaca.org/phoenixchapter/home (ISACA Phoenix Chapter)https://isc2chapterphoenix.org/ (ISC2 Phoenix Chapter)Linkedin:Damian: https://www.linkedin.com/in/damianchung/Troy: https://www.linkedin.com/in/kosovotroy/Fern: https://www.linkedin.com/in/fernrojasaz/Business Inquiries: dtf at cyberpodcast dot net