Legitimate Cybersecurity Podcasts

Are algorithms helping—or handling—you? Frank and Dustin dive into how recommender systems, data brokers, and AI-powered platforms shape your news, drives, purchases, health, and even relationships. From TikTok fear-mongering to Cambridge Analytica, OPM’s breach fallout, Google Maps routing incentives, Amazon “sponsored” defaults, and Facebook’s engagement shift—this episode asks the hard question: are you in control, or are you being steered? We also hit the nuance: when AI spots tumors earlier and flags outbreaks faster, do the ends justify the data means? Echo chambers, algorithm “poisoning,” privacy laws (or lack thereof in the U.S.), and the real-world line between convenience and manipulation—plus the wild story of a nurse who could smell disease before doctors could test for it. 🎧 Subscribe for sharp, funny, no-fluff cyber talk every week. 💬 Drop your take: are you comfortable trading agency for convenience? — 👥 Hosts: T. Frank Downs & Dustin Brewer 🎙️ Podcast + clips: @LegitimateCybersecurity 🧠 Subreddit: r/LegitimateCyber 🔔 Like, subscribe, and share to beat the algorithm at its own game. Chapter Breaks 00:00 – Cold Open: “If you’re not paying, you’re the product.” 01:20 – TikTok: personalization vs. geopolitics 02:37 – OPM breach & SF-86: the most intimate data spill 04:08 – Data brokers & geolocation: finding anyone (even Congress) 05:22 – The U.S. privacy gap (hello CCPA, goodbye federal law) 06:11 – Shadow credit files: LexisNexis, GM telemetry & your insurance 07:45 – Maps that nudge: are routes sold to brands? 08:23 – Amazon’s “sponsored” defaults & subtle purchase steering 09:39 – “Emergent behaviors” & divisive feed design 10:53 – Can we trust any filter—and do we have options? 11:30 – AI is code (and code is messy): hallucinations & ad-stuffed search 12:27 – Living private vs. living miserable: the balance problem 15:16 – Biased training data: we met the trainer and it’s us 17:47 – Medicine wins: diagnostics vs. the data tradeoff 19:30 – Joy Milne & “the smell of disease”: human pattern-finding #cybersecurity #algorithms #privacy #ai #databrokers #tiktok #opm #EchoChambers #RecommenderSystems #DigitalEthics #Nudging #LegitimateCybersecurity 22:44 – AI for signals, humans for meaning 23:34 – Robots, laundry… and the rental future 24:57 – Do people want out of echo chambers? 26:57 – Comfort vs. being “right”: why rage sells 27:24 – Algorithm poisoning ethics: self-defense or sabotage? 28:11 – The kindness trap: loneliness, AI compliments & harms 30:16 – What practitioners should do: policy, guardrails, education 32:25 – The inevitable? Choosing agency in a steered world 33:16 – Outro: “If this was recommended to you…”

What do submarines, Linux servers, Apple X Servers, and SOC analysts all have in common? They were all part of Chris Adkins’ path into cybersecurity. In this episode of Legitimate Cybersecurity, Frank and Dustin dive deep with Chris as he shares his unique journey from being a sonar technician in the U.S. Navy to breaking into cyber through a SOC—and eventually advising top companies through breaches and building cyber programs. We cover: How non-traditional paths (like the Navy) can launch cyber careers The evolution of SOC life and tools (FireEye, ArcSight, Palo Alto, CrowdStrike, etc.) The AI security paradox: why AI will cause more breaches, not fewer Why leadership culture determines breach resilience The controversial new “Letters of Marque” bill that could legalize U.S. cyber privateers This episode is packed with career lessons, insider war stories, and the kind of weird/funny hypotheticals that only Legitimate Cybersecurity delivers. ⏱️ Chapter Breaks 00:00 – Intro & Chris’ non-traditional entry into cyber 01:20 – Life on submarines & discovering IT underwater 04:20 – From BackTrack to BP: finding cybersecurity as a career 07:00 – SOC life at BP: Panama shifts, POCs, and new tools 10:40 – FireEye, EDR, and the evolution of detection tech 13:50 – Why AI may actually increase breaches 16:30 – Career changers & why it’s hard to “get into cyber” 20:00 – The problem with cybersecurity education & perception 27:30 – The “Letter of Marque” bill: cyber privateers?! 38:40 – Post-breach consulting: calming chaos & fixing culture 44:20 – Bias, assumptions, and the hidden root of breaches 50:00 – If SOCs ran on ChatGPT: complaints & HR problems 52:40 – Funniest phishing excuses & cyber training fails 59:40 – Leadership, culture, and why CEOs define cyber success 1:03:30 – Wrap up & Chris’ future return #Cybersecurity #Hacking #AI #SOC #CyberCareers #LegitimateCybersecurity #NavyToCyber #Infosec

Former FBI agent and attorney Vincent “Vinnie” D’Agostino (now Head of Digital Forensics & Incident Response at BlueVoyant) joins us to unpack dark web takedowns, real DFIR process, and how a “range” of skills (law, tech, stand-up, curiosity) compounds into cyber success. We cover: How a team helped take down the dark web—twice DFIR reality vs myth: scoping, persistence hunts, EDR triage, due diligence in M&A The RDP ≈ drunk driving analogy you’ll never forget FBI - Private sector: what translates (and what doesn’t) Career advice for students & pros in the age of AI: become “rangeful,” seize moments 👥 Guest: Vincent D’Agostino — Head of DFIR @ BlueVoyant; former FBI agent & attorney 🎙 Hosts: Frank Downs & Dustin Brewer 📌 Subscribe for deep, funny, legit cyber every week. Chapter List 0:00 Cold Open — “Dark Web x2” 0:22 Intro & Who is Vincent D’Agostino 1:05 8086, 5MB HDD & falling in love with computers 5:30 From law to FBI: timing, tech, and reality checks 10:45 Cyber squads, TOR, Bitcoin & dark web context 16:30 DFIR in practice: scoping, EDR, persistence hunts 24:30 The RDP ≈ drunk driving analogy every CISO needs 29:30 Competence over politics (how to show up in calls) 34:30 Career “Range”: why hobbies compound into expertise 45:30 M&A due diligence: IR skills without the sirens 51:00 Humor as a tool: rapport in dark situations 57:00 3 Takeaways + Subscribe/Next Episode #DarkWeb #DFIR #DigitalForensics #IncidentResponse #FBI #BlueVoyant #Cybersecurity #CyberPodcast #ThreatHunting #EDR #Velociraptor #SentinelOne #Ransomware #CISO #Bitcoin #TOR #BlueTeam #CareerAdvice #AI #LegitimateCybersecurity #MandA #DueDiligence

ChatGPT-5 is here — but is it really the leap forward everyone’s claiming? In this episode of Legitimate Cybersecurity, Frank and Dustin break down the hype vs. reality. From coding disasters that “look pretty but don’t work,” to AI being more like “that coworker who makes everything harder,” we explore what this means for hackers, defenders, and the future of cybersecurity. 👉 Is ChatGPT-5 truly artificial intelligence, or just machine learning with a better paint job? 👉 Can AI pass cybersecurity exams like the CISSP? 👉 Will AI babysit your kids one day — and should that terrify you? Stay tuned for the myths, the laughs, and the real risks. Watch to the end for a wild take on Star Trek, civil wars, and whether AI could really replace humans. #AI #CyberSecurity #ChatGPT5 #Hacking #TechNews Chapter List: 0:00 – Cold Open (funny/hooky clip) 0:10 – Welcome + Episode Setup 1:00 – What’s Actually New in ChatGPT-5? 3:00 – Pretty Code That Doesn’t Work 5:00 – AI as the Annoying Coworker 7:00 – Is This Really AI or Just ML? 10:00 – Hackers Don’t Care If It’s Wrong 13:00 – Cognitive Offloading + Laziness Debate 15:30 – Weird Time: Frank’s Coding Fail Story 18:30 – The Rise of Prompt Engineers 21:00 – AI Gone Wrong (Teen Suicide Example) 23:30 – Postmodern Truth & Poisoned Data Sources 27:00 – Can AI Pass the CISSP? Cheating & Proctors 33:00 – The Real Definition of AI (John McCarthy 1956) 36:00 – AI Slop in Writing and Coding 38:30 – Certification Exams & The Drunk Security Practitioner 40:30 – Wrap Up: ChatGPT-5 = Faster, Not Smarter #ChatGPT5 #CyberSecurity #ArtificialIntelligence #TechNews #Hacking #MachineLearning #AIHype

What if you could break down every cyberattack into just 7 steps? In this episode of Legitimate Cybersecurity, Frank and Dustin dive deep into the Cyber Kill Chain — Lockheed Martin’s 7-stage framework for understanding and stopping attacks — and compare it to the MITRE ATT&CK framework, hacker methodology, and even… honeypots, magicians, and Christopher Nolan films. We cover: The 7 stages: Recon, Weaponization, Delivery, Exploitation, Installation, C2, and Actions on Objectives Why insurance companies make cyber defense harder Why honeypots are the “magician’s trick” of cybersecurity How to explain attacks to executives so they actually care Tangents about Comic-Con, The Simpsons, Star Trek, and South Park (because of course we did) Whether you’re a seasoned pro or just cyber-curious, this episode makes frameworks fun. And dangerous. And maybe slightly nerdy. 💬 Drop your favorite Kill Chain phase in the comments! #CyberKillChain #CyberSecurity #EthicalHacking #MITREATTACK #PenTesting #InfoSec #Honeypots #CyberInsurance #CyberDefense #NIST #LockheedMartin #LegitimateCybersecurityPodcast Chapter List 00:00 – Welcome & accidental name change to “The Cyber Kill Chain Podcast” 00:37 – Comic-Con chaos & nerd solidarity 01:40 – What is the Cyber Kill Chain? (And why Lockheed Martin made it) 03:18 – Cyber Kill Chain vs. MITRE ATT&CK: Different perspectives 05:22 – Insurance nightmares & cyber policy loopholes 08:03 – The 7 stages explained (Recon → Actions on Objectives) 14:42 – Framework overload & mapping standards 18:59 – Real-world pen test insights & APT patience 21:19 – Teaching grad students & professor naming quirks 23:03 – AI politeness, South Park, and AI “relationships” 25:01 – Cybersecurity fatigue & losing the funding edge 28:22 – Where defenders can actually break the Kill Chain 29:41 – Honeypots: magician’s trick or wizard’s weapon? 34:42 – Christopher Nolan, The Prestige, and Wireshark wizardry 38:13 – Why conveying frameworks simply wins the boardroom 40:26 – Wrapping up: Vote for us & leave your questions

Quantum computing is no longer science fiction—it’s a ticking clock for modern encryption. In this episode of Legitimate Cybersecurity, Frank and Dustin break down Q-Day, the moment when quantum computers may render current cryptography useless. We explore how close we really are, the science (and hype) behind quantum technology, and what CISOs should be doing NOW to prepare. Along the way, expect tangents about Star Trek, Ant-Man, AI, and a few moments that’ll make you laugh out loud. 🎙️ Got a topic or guest suggestion? Email us at: admin@legitimatecybersecurity.com 👍 Like, comment, and subscribe for weekly cybersecurity deep-dives that mix humor with hard truths. Chapters: 00:00 – The ASMR Frank & Star Wars Quantum Vibes 02:12 – What is Q-Day & Why Does It Matter? 05:54 – How Cold is Quantum? (Hint: Near Space Cold!) 09:40 – Breaking Encryption: The Qubit Threat 14:45 – How CISOs Should Handle Quantum Hype 19:16 – Hidden Financial Meltdowns & The Transfer of Wealth 23:32 – Quantum Internet & Faster-Than-Light Data 28:26 – Hackers, Ant-Man, and Sci-Fi Meets Science 33:26 – Turning Q-Day Concerns into Real Security Wins 35:49 – Final Thoughts & How to Prepare Today #quantumcomputing #QDay #cybersecuritypodcast #encryption #postquantumcryptography #ai #nisteoameni #ciso #legitimatecybersecurity #techfuture #startrek #antman

Today on Legitimate Cybersecurity, Frank and Dustin dive deep into the weird, wild, and worrying world of IoT (Internet of Things) — from smart thermostats and connected doorknobs to pacemakers with IP addresses and hacked fish tanks. You’ll hear real-life stories of IoT gone wrong (including a connected beer brewer used for hacking), explore the creepy rise of biohacking and RFID implants, and find out what happens when Roombas spy on you in the bathroom. We also break down why IoT devices are so vulnerable, the challenges with industry standards like Zigbee and Matter, and whether privacy laws like HIPAA and GDPR are enough to protect us in a hyper-connected future. This episode blends expert insight, sarcasm, and actual advice — with a few nostalgic tech throwbacks thrown in. 👉 Tell us in the comments: Would YOU put an RFID chip in your hand? Or is that a step too far? 🧠 Topics Covered: Biohacking at DEF CON IoT in Human Evolution Pacemaker recalls & medical device hacks Why Ring doorbells talked to children The Fish Tank Casino Hack Why Alexa might be gaslighting you ISO standards, Z-Wave, Zigbee, Matter Smart home fails (IKEA blinds, anyone?) Why Apple might be the “luxury” privacy model CRISPR, AI, and Neuralink 🔗 Don’t forget to like, comment, and subscribe. It helps us battle the algorithm overlords and keeps our IoT-connected fridge from judging us. 🗳️ We’ve been nominated for the Podcast Awards! Vote for us at podcastawards.net 📬 Press inquiries, sponsorships, or topic requests? Email us at: admin@legitimatecybersecurity.com Chapter List: 00:00 – Intro: Is IoT Out of Control? 00:27 – How IoT Went from SCADA to Dog Collars 01:50 – IoT & Cognitive Offloading: Are We Getting Lazier? 04:31 – Biohacking: RFID Chips & Pacemaker Hacks 09:02 – Self-CRISPR?! The Shocking Reality 12:15 – Mark of the Beast vs. Palm Scanners: Privacy Panic 15:03 – Your Coffee Maker Could Burn Down Your House 16:26 – Hacking Beer Makers & Server Farms 22:26 – Casino Hacked by a Fish Tank? 23:25 – Ring Cameras Talking to Kids: IoT Nightmares 25:25 – Roombas Spying on You in the Bathroom 27:52 – Cheap IoT: A Privacy Disaster Waiting to Happen? 30:25 – Apple vs. Android: Who’s Winning the Privacy War? 32:03 – Outro & Podcast Awards Announcement #IoT #Biohacking #Cybersecurity #RFIDImplants #CRISPR #SmartHomeSecurity #ConnectedDevices #InternetOfThings #PacemakerHack #FishTankHack #RingCameraHack #PrivacyMatters #AIandCyber #TechEthics #CyberAwareness #Neuralink #HackedDevices #LegitimateCybersecurity #CyberThreats #SmartDeviceFails

Dr. Charles Harry — former NSA leader, cybersecurity strategist, and professor at the University of Maryland — joins Legitimate Cybersecurity to expose the hidden gaps in U.S. cyber defense. From nation-state strategy to local school vulnerabilities, this episode uncovers why most cybersecurity efforts are missing the mark… and how to fix it. We explore: Strategic cyber risk (not just IT vulnerabilities) Mapping 50,000+ exposed devices across U.S. counties The "operational art" of cyber warfare Why grants are being wasted The AI & quantum arms race vs. China 💣 This episode is packed with insights for CISOs, policy makers, military analysts, and tech leaders alike. 🎙️ Listen to the audio version on Spotify, Apple Podcasts & more. 📩 For guest inquiries or partnerships, reach us at: admin@legitimatecybersecurity.com Vote for our podcast at: podcastawards.com #Cybersecurity #CyberWar #CharlesHarry #LegitimateCybersecurity #CyberStrategy #NISTCSF #QuantumSecurity #AIInCybersecurity #PublicSectorCyber #NvidiaVsChina #RiskManagement #CyberGovernance 00:00 – Cold Open + Intro 00:22 – Meet Dr. Charles Harry 01:52 – What Is Strategic Cybersecurity? 05:02 – Risk at the Sector Level 08:22 – Cyber Operational Art: The Missing Middle 13:47 – Mapping 50,000+ Public Sector Devices 21:00 – Why Federal Cybersecurity Grants Fail 28:00 – Red Team vs. Blue Team: The Divide That Shouldn't Exist 34:02 – Risk Frameworks: Useful or Useless? 43:02 – Quantum & AI: Reshaping the Threat Landscape 48:50 – Nvidia vs. China: The True Arms Race 53:10 – Final Thoughts + How to Build a Strategic Cyber Defense

🎙 In this episode of Legitimate Cybersecurity, we dive deep into the unsettling reality of AI in modern cybercrime. Senator Marco Rubio was impersonated by AI in a high-level cyber deception campaign, and that's just the beginning. Frank and Dustin unpack: 🧠 Deepfake threats to democracy 🔐 Signal messaging & nation-state exploitation 🧪 Data poisoning and post-truth dangers 🛡️ AI in cybersecurity: helper or hazard? 🎭 Aquaman scams grandma?! 🗳️ The future of elections in the AI age This is the episode that asks: What is truth? And can we still trust anything we see or hear? 👉 VOTE for us in the Technology category at PodcastAwards.com 👉 Like, Subscribe, and hit that 🔔 — it helps more than you know! #Cybersecurity #AIThreats #Deepfakes #AIinCyber #MarcoRubio #Cybercrime #DataPoisoning #LegitimateCybersecurity #PostTruth #ElectionSecurity #PodcastAwards #AIDeepfakes #ChatGPT #GrokAI #QuantumComputing Chapter Breaks: 00:00 – Welcome to the AI Chaos 01:00 – Marco Rubio’s Deepfake Scandal 03:30 – Signal App, Trust, and Exploitation 06:00 – Grandma Got Catfished by Aquaman (Real Story) 08:30 – AI: Making Hacking Easier or Dumber? 11:00 – Prompt Injection, Scambaiting, and Evil Clippy 13:30 – Deepfakes vs. Quantum Computing 16:00 – The Dystopia of AI Dating and “Spin the DJ” 19:00 – Truth, Misinformation, and Model Poisoning 23:00 – Blockchain for Truth? (Business Idea Alert) 25:30 – Star Wars, White Lotus, and the Collapse of Truth 28:00 – Elections, Echo Chambers, and Deniability 30:00 – Vetting Info in the AI Age 33:00 – Should ChatGPT Run a Town? 34:00 – Final Thoughts + Next Episode Preview (The Economics of Cyber)

Are you curious about penetration testing, aka legal hacking? In this episode of Legitimate Cybersecurity, Frank and Dustin tear down the myths of hacking, break down real-world pen testing, and share hilarious (and horrifying) war stories from the field. We cover: ✅ The skills you actually need to get into pen testing ✅ What certs like OSCP, CEH, and GPEN really mean ✅ Why most companies have no idea what’s on their network ✅ Real pen test experiences gone sideways ✅ Why you might still get arrested after a bug bounty ✅ And how to break into the field—even without a degree 🎙️ WE NEED YOUR HELP! 🎙️ We’re in the running for Best Technology Podcast at PodcastAwards.com — and we’d love your vote! 🗳️ Go to https://www.podcastawards.com, register, and vote for Legitimate Cybersecurity in the Technology category. Your vote helps real, nerdy cybersecurity voices rise to the top! 📌 Like, Subscribe & Share. 🔔 Click the bell to get notified about new episodes (and Frank’s midlife crises). 📎 Check the show notes for career resources, links, and our Hack the Box profile recs! #PenTesting #EthicalHacking #CybersecurityCareers #OSCP #CEH #GPEN #HackTheBox #RedTeam #CyberSecurityPodcast #InfoSec #HackerLife #BugBounty #CybersecurityTraining #CyberMythsBusted #ITSecurity #SecurityTesting #KaliLinux #CyberCareer #podcastawards Chapter Breaks 00:00 - Intro: What Is Penetration Testing? 01:31 - Myths vs. Reality of Hacking 02:40 - What Kind of People Make Good Pen Testers? 05:33 - You Don’t Need a Degree To Be a Hacker 07:19 - Why AI-Generated Code Is Easy to Hack 09:16 - Cybersecurity Certifications (OSCP, CEH, GPEN) 12:16 - Is CEH Still Worth It? 14:42 - What EC in EC-Council *Actually* Stands For 16:20 - Pen Test Expectations vs. Reality 19:35 - Types of Pen Tests: Internal, External, Web App, Social Engineering 22:12 - Cost, Scope & Asset Prioritization 24:00 - What If You Don’t Know Your Own Assets? 26:58 - Pen Test Reports: Why No One Reads Them 28:55 - Remediation Is Scarier Than the Hack 30:49 - Hacker Teams: Foothold → Escalation → Ransom 32:31 - The Most Hilarious Old Systems We’ve Found 34:28 - You Must *Love* Computers To Hack Well 37:03 - Want to Be a Hacker? Here’s Your Roadmap 39:51 - Military & DOD Paths To Cyber Careers 40:44 - Vote for Us, Subscribe, and Frank’s Midlife Crisis

Sorry in advance for the wonk audio!! AI is everywhere—and it's not just writing poems or generating cat pics. In this episode of Legitimate Cybersecurity, Frank Downs and Dustin Burr dive deep into the impact of artificial intelligence on the world of cybersecurity. From the myth of Artificial General Intelligence (AGI) to AI-powered pentesting and blue team burnout, we demystify the buzzwords, talk real-world applications, and get a little weird with some philosophical takes. And yes, Clippy makes a comeback. 🧠 Topics Covered: What AI really is (with NIST definitions) Can AI replace cybersecurity professionals? AI in offensive vs. defensive security LLM hallucinations and real-world risks Deepfakes, phishing, and governance tools The rise of AI girlfriends 😬 🧪 Outrageous Statements Segment: We say wild things. Sometimes they’re true. Sometimes they’re spicy. Always entertaining. 📍 Special shoutouts to: Dr. Charles Harry (coming soon!) Clippy (RIP king) 👂 Listen on Spotify, Apple, or wherever you get your podcasts. 👉 Like, Subscribe, and Share if you want to see Eeyore smile again. #cybersecurity #artificialintelligence #pentesting #podcast #Deepfakes #chatgpt #llm #infosec #aiincybersecurity #generativeai #clippyisback 00:00 – Intro: Art, AI, and Losing Viewers 00:33 – The Hollywood AI Myth: Smart Computer = Death 02:25 – Breaking Down AI Fear and Misunderstanding 03:47 – What AI Actually Is (and Isn’t) 05:19 – Remembering Clippy: The First “AI Assistant” 06:20 – Demystifying AI Through NIST Definitions 08:45 – AI vs. Machine Learning: What’s the Difference? 11:18 – What is a Large Language Model (LLM)? 12:31 – Generative AI & Artificial General Intelligence (AGI) 13:56 – Can AGI Replace Humans? A Futurist’s Perspective 16:00 – AI's Limits: Empathy, Reasoning, and Hallucinations 18:09 – Should AI Do the Menial Work While Humans Create? 19:03 – AI as Friend, Lover, and Therapist: A Cultural Shift 21:00 – The Danger of Replacing Human Connection 22:36 – AI Marriages and Japan's Pillow Brides 24:00 – AI Partners = Modern Incel Cat Ladies? 25:00 – Satire, Safety, and Securing Your AI Spouse 26:31 – Why AI Still Can’t Replace Real Human Emotion 27:19 – Hollywood’s Obsession With AI Relationships 29:03 – Don’t Replace Human Connection With Anything 29:31 – AI in Offensive Cybersecurity & Pen Testing 31:33 – AI-Powered Pentests: Regulation vs. Automation 33:13 – Exploit Development, Intuition & Quantum Chaos 34:45 – Use AI to Handle the Mundane, Focus on the Critical 36:03 – Deepfakes, CEO Scams & Social Engineering 37:23 – AI + Polymorphic Code = Scary Smart Attacks 38:55 – AI for Blue Teams: Helping Analysts, Not Replacing Them 41:21 – AI in Governance: From Policy Writing to NIST Alignment 43:11 – Academic Uses: Research, Summaries, & Cleanups 45:40 – What’s Coming: Academic Deep Dive Next Week 47:06 – Staying Relevant: Experiment, Learn, and Evolve 48:57 – AI as a Communication Tool in Cybersecurity 50:21 – NEW SEGMENT – Outrageous Statements Begins! 51:01 – AI Writes Better Phishing Emails? 51:23 – Will AI Replace SOC Analysts? 52:51 – Can You Use AI to Build a Risk Register? 54:31 – Mickey, MidJourney, and Deepfake Ethics 55:31 – AI Hallucinations Will Cause Real Incidents

In this powerful and wide-ranging episode of Legitimate Cybersecurity, Frank and Dustin are joined by Micah Heaton, Executive Director of Product & Innovation Strategy at BlueVoyant and 2025 Microsoft Security Changemaker. 🎧 We talk: Why Micah champions the quiet defenders in cybersecurity The hidden art of communicating technical truth AI vs hype: what’s real, what’s marketing How tribalism creeps into tech debates—and how to resist it Data ethics, hallucinations, and the environmental cost of LLMs Graham Hancock, Atlantis, and parenting in the AI age (yes, really) Whether you're in the trenches of a SOC or guiding AI strategy at the board level, this is a conversation that will both ground you and challenge you. 📌 Follow Micah on LinkedIn: https://www.linkedin.com/in/micahheaton/ #cybersecuritypodcast, #quietdefenders, #micahheaton, #microsoftchangemaker, #aiethics, #cybersecurityleadership, #llmhype, #dataprivacy, #cyberculture, #cyberresilience, #securitycommunity, #legitimatecybersecurity, #infosec, #cybertruth

What happens when the man who brought down Silk Road and Silk Road 2.0 joins us to talk about the largest credential breach in history? In this episode, Austin Berglas — former Assistant Special Agent in Charge of the FBI’s Cyber Branch in New York — shares behind-the-scenes stories from taking down some of the most infamous dark web marketplaces, tracking cybercriminals through the rise of Tor and Bitcoin, and launching the FBI’s first data wiretap. Today, he serves as Global Head of Professional Services at BlueVoyant, advising Fortune 500 companies on how to stay ahead of evolving threats. We cover: Undercover ops inside early internet predator forums The true story behind the takedown of Ross Ulbricht (Dread Pirate Roberts) How law enforcement flipped LulzSec leader Sabu Why infostealers are the most dangerous cyber tools today What 16 billion leaked credentials really mean for national security The growing gap between technical attackers and reactive defenders What CISOs still don’t understand about modern adversaries How breach fatigue and regulatory fear are undermining incident response Watch to the end for his advice to boardrooms and cybersecurity leaders on how to regain control. 👉 Subscribe for more stories from the front lines of cybersecurity. 🎧 Also available on Apple Podcasts, Spotify, and all major platforms. #Cybersecurity #DarkWeb #SilkRoad #FBI #AustinBerglas #DataBreach #CyberCrime #LegitimateCybersecurity #InfoStealers #RossUlbricht #BlueVoyant cybersecurity, silk road fbi, ross ulbricht, dark web, austin berglas, fbi cyber crime, lulzsec, breach fatigue, infostealers, 16 billion breach, cyber podcast, cybersecurity leadership, bluevoyant, legitimate cybersecurity

🎙️ Welcome back to another episode of Legitimate Cybersecurity, where Frank and Dustin dive deep into the misunderstood world of cyber maturity. From donut shop risk models to executives clicking phishing emails (yes, really), this episode brings laughs, lessons, and legal implications. Learn: What cyber maturity really means Why frameworks like NIST CSF and ISO 27001 matter How corporate culture can make or break your cybersecurity And… how Frank may have cursed a table (seriously). 💥 Plus, find out why lying about NIST 800-171 might now get you sued by the DOJ. 🧠 Insightful. 🎯 Practical. 😂 Occasionally ridiculous. 👇 Watch, like, and subscribe — before someone clicks the wrong link. 📺 Subscribe for weekly cybersecurity content that doesn’t put you to sleep.

In this conversation, Frank and Dustin explore the critical themes surrounding cybersecurity, including its impact on businesses, the vulnerabilities organizations face, the role of leadership in fostering a secure environment, the importance of frameworks and standards, and the necessity of building a culture of cybersecurity. They discuss real-world examples of companies affected by cyber incidents and emphasize the need for proactive measures and continuous education in the field of cybersecurity. Takeaways Cybersecurity is a continuous concern that businesses must address. Recent ransomware attacks have led to significant business failures. Organizations must adopt a proactive approach to cybersecurity. Leadership plays a crucial role in establishing cybersecurity policies. Frameworks like NIST CSF provide essential guidance for cybersecurity practices. Building a culture of cybersecurity is vital for organizational resilience. Employees are often the weakest link in cybersecurity defenses. Training and awareness are key to improving cybersecurity practices. Cybersecurity must be integrated into the overall business strategy. The landscape of cybersecurity is constantly evolving, requiring ongoing adaptation.

After a three-year hiatus, Frank Downs and Dustin Brewer are back—older, wiser, and still talking into microphones they probably shouldn’t be trusted with. In this launch of their new podcast: Legitimate Cybersecurity, the two 20-year cyber veterans tackle one of the industry’s most persistent problems: why patching is still broken in 2025. They explore: The cultural and business reasons patching never gets prioritized How vulnerability management became the garbage collection of cyber Why budget, not breaches, still drives security decision-making The role of AI as both insider and outsider threat And yes—why your dishwasher needs Wi-Fi now Part technical, part philosophical, and all-too-real, this episode lays the groundwork for future conversations on what actually works in cybersecurity—and why so much of it still doesn’t. 🎧 Whether you’re a veteran CISO, a SOC analyst, or just wondering what CVSS stands for (don’t worry, we forgot too), this one’s for you.