Claim OwnershipThe Lock & Key Lounge — An ArmorText Original Podcast
Subscribed: 0Played: 0
Subscribe
© 2026 The Lock & Key Lounge — An ArmorText Original Podcast
Description
Welcome to The Lock & Key Lounge, the official podcast from ArmorText, the leader in secure out-of-band communications. Each episode brings you into the conversation with the sharpest minds in cybersecurity, law, critical infrastructure, intelligence, and government. We go beyond the headlines and vendor buzzwords to unpack real-world challenges—from incident response and cybercrime innovation to legal landmines, boardroom decisions, and threat intelligence at scale.
Pull up a chair, pour a drink, and join us as we explore what it takes to stay resilient in a world where operational security, compliance, and communication have never been more intertwined.
Available wherever you stream your podcasts, or right here on ArmorText.com.
22 Episodes
Reverse
In this RIFF, we connect recent headlines to the realities of communicating during a crisis. Headline 1: Verizon and Microsoft 365/Outlook outages When your primary tools go dark, approvals stall, and coordination breaks down. Headline 2: Iran’s Starlink “kill switch” (with the Russia angle) Satellite isn’t a guaranteed “Plan B.” Geopolitics can shut it down. Headline 3: Identity verification and deepfakes With synthetic personas rising, you must be able to trust who’s in the room when you pi...
What the Signal IG Report Teaches Enterprises About Communications Risk This episode touches on a topic we initially covered in Episode #2 where discussed the Signal/Atlantic group chat with Marisa Darden of Benesch Law. The latest DoD IG report has brought the privacy-vs-compliance conflict back to the front page. So, today we’re going to translate those findings for the enterprise.
What the Signal IG Report Teaches Enterprises About Communications Risk This episode touches on a topic we initially covered in Episode #2 where discussed the Signal/Atlantic group chat with Marisa Darden of Benesch Law. The latest DoD IG report has brought the privacy-vs-compliance conflict back to the front page. So, today we’re going to translate those findings for the enterprise.
Join Navroop and his guest Crowell and Moring's Global Co Chair on Privacy and Cyber, Emma Wright live in Riyadh, Saudi Arabia as they continue their discussion over dinner and mock-tails right on the heels of their speaking session at Black Hat MEA 2025. This RIFF session is an unscripted discussion further unpacking how cybersecurity and resilience planning will be potentially impacted by the shifting geopolitics, threats of nation-state sabotage and sanctions. Navroop and Emma furthe...
The Benefits of Developing People Skills That Are Missing From Today’s Cybersecurity Teams Why tomorrow’s cybersecurity leaders will rise not through deeper technical mastery, but through empathy, translation, and human connection. In this episode of The Lock & Key Lounge, host Matt Calligan explores what he calls “The Humanity Firewall,” highlighting an often-overlooked truth in cybersecurity: the most critical skill gap isn’t technical, but human. From communication breakdowns—like CISO...
From Signal getting squeezed by AWS to Microsoft Teams launching what some think as spyware, the stories this week all circle the same theme: trust, resilience, and sovereignty.
Welcome to The Lock & Key Lounge, debuting its first-ever RIFF Edition — a new, unscripted spin on security conversations hosted by Navroop Mitter, Founder and CEO of ArmorText, alongside Matt. In this episode, the duo riff through a series of stories and ideas that caught their attention — from Asahi’s production-halting cyberattack and Jen Easterly’s bold take on “The End of Cybersecurity,” to the alarming rise in text scams among young adults, China’s Phantom Taurus targeting telecoms,...
The Nightmares Acquirers Often Miss Behind the glossy surfaces of emerging tech and M&A deals lies a quiet but critical risk: compromised code, embedded threat actors, and the increasing industrialization of the cybercriminal ecosystem. In this episode, we’re diving into how tech built by startups, often developed with freelance labor and questionable security hygiene, is making its way into the infrastructure of critical industries through acquisition. We’ll talk about how cybercriminals...
The Cyber Risks We’re Still Ignoring In today’s episode, we’re diving into the quiet crises already happening in the fields, warehouses, and distribution networks we depend on every day—and why so few in cybersecurity are paying attention. From the $400M breach you didn’t hear about, to the operational systems federal policies refuse to name, Kristin helps us connect the dots between food, resilience, and the future of critical infrastructure.
Communicating When You Can’t Trust the Network When adversaries can read the playbook—searching email, SharePoint, Teams/Slack, and even joining incident response calls—communication becomes the attack surface. That’s why the FBI now explicitly urges organizations to “plan to use out-of-band communications when normal channels like email and VoIP are compromised.” This episode is about preparedness: defining OOB comms, getting executive buy-in, and exercising realistic failovers so “if you ca...
Unpacking Regulatory, Contractual, and Sanctions Challenges from DPRK-Affiliated Schemes Today, we’re zeroing in on a uniquely challenging scenario—what happens when the insider threat isn’t an employee at all, but rather a remote worker posing under false pretenses, potentially linked to adversarial nations like the DPRK. Landon Winkelvoss is here to help us understand how these investigations play out, what legal and operational pitfalls to avoid, and why secure, out-of-band communications ...
Navigating Remote Worker Deception Today we’ll explore the legal landmines that organizations face when uncovering remote workers connected to adversarial states like the DPRK. We'll unpack critical questions about liability, disclosure obligations, compliance pitfalls, and sanctions risks—helping legal teams prepare to navigate the regulatory maze following remote worker deception discoveries.
How Extreme Weather Disrupts Digital Defenses When the forecast calls for hurricanes, floods, wildfires or heat waves, most organizations are focused on physical risk. But what happens when cyber risk rides shotgun with those storms? In today’s episode, we’ll explore how extreme weather events don’t just disrupt operations—they create windows of opportunity for cyberattacks. Attackers are increasingly timing ransomware, DDoS attacks, and other campaigns to coincide with disasters, when resour...
Cyber Threats to Global Good and the Fight for Collective Defense Why nonprofit organizations are bigger cyber targets than most realize—and how the NGO-ISAC is helping defend the sector. NGOs face a cyber threat landscape that’s as serious—if not more —than private sector organizations. Partly because they often face those challenges with fewer resources, leaner teams, and less public awareness of their risk profiles. Today we’re joined by our friend Frank McGothigan, CISO of the...
Traditional tabletop exercises have a reputation for being, well, a little dry. Picture it—stale slides, scripted injects, and facilitators who may or may not be able to keep an audience engaged. But what if we could change that? What if tabletop exercises felt more like high-stakes crisis simulations, pulling participants into a dynamic, unfolding story rather than another box-checking exercise? That’s exactly what we’ll explore today with Erik and Brian) of RL Leaders—a team that has brou...
Traditional tabletop exercises have a reputation for being, well, a little dry. Picture it—stale slides, scripted injects, and facilitators who may or may not be able to keep an audience engaged. But what if we could change that? What if tabletop exercises felt more like high-stakes crisis simulations, pulling participants into a dynamic, unfolding story rather than another box-checking exercise? That’s exactly what we’ll explore today with Erik and Brian) of RL Leaders—a team that has brou...
Lessons from E-ISAC’s Success Threat intelligence sharing is a critical pillar of cybersecurity, yet not all programs are equally effective. The E-ISAC has distinguished itself as one of the most successful models for cross-industry collaboration, providing timely, actionable intelligence to its participants through various initiatives, including the widely successful Cybersecurity Risk Information Sharing Program (CRISP). So today we’re sitting down with Matt Duncan, to discuss why the...
How Grid Exercises Shape Real-World Resilience The reliability of the electricity sector is increasingly tested by both physical and cyber threats. Large-scale exercises like GridEx have played a critical role in shaping how industry leaders, asset owners, and operators respond to crises. In this episode, we sit down with Jesse Sythe, Program Manager for GridEx at E-ISAC, to discuss the role of these exercises in enhancing industry-wide resilience. We’ll explore how GridEx has evolved over th...
Navigating Threat Intelligence Sharing in Uncertain Times First, we’re joined again by Joe Slowik, formerly a Principal Critical Infrastructure Threat Intelligence Engineer at MITRE and now Director for cybersecurity alerting at Dataminr. Joe’s career spans the U.S. Navy, national labs, and private sector security teams—where he’s led efforts to track adversary behavior and build resilient cyber defense programs. He recently joined us for a previous episode of The Lock & Key Lounge, and t...
What Happens When Government Steps Back Now, on this episode, we'll be exploring a question that has been on a lot of people's minds -- What happens when the federal agencies tasked with cybersecurity begin to pull back? As workforce reductions hit CISA and the Cyber Safety Review Board is disbanded, many are left wondering how critical infrastructure and national cybersecurity posture will adapt. In this episode, we speak with Joe Slowik about the real-world consequences of these decis...
Comments
Download from Google Play
Download from App Store
United States