90% of Twitter users are represented by only 3% of tweets. When you scroll through your feed and form opinions about what "people are saying" about politics, you're not seeing the voices of nine out of ten users. You're seeing the loudest, most extreme 10% who create 97% of all political content on the platform.In this episode of SecureTalk, host Justin Beals explores the "invisible majority problem" with Dr. Claire Robertson, Assistant Professor at Colby College. Together they examine how moderate voices have been algorithmically erased from our public discourse, creating pluralistic ignorance that threatens democracy itself.Dr. Robertson's journey began at Kenyon College during the 2016 election—a blue island in a sea of red where Trump won the county by 40 points but the campus precinct went 90% blue. Surrounded by good people who saw the same election completely differently, she dedicated her career to understanding how we end up living in different realities.Topics covered:The psychology behind false polarizationHow extreme voices get mathematically amplifiedWhy conflict drives engagement in the attention economyThe abandonment of scientific rigor in AI deploymentResearch methods for understanding our digital public squareResources: Claire E. Robertson, Kareena S. del Rosario, Jay J. Van Bavel,Inside the funhouse mirror factory: How social media distorts perceptions of norms,Current Opinion in Psychology,Volume 60,2024,101918,ISSN 2352-250X,https://doi.org/10.1016/j.copsyc.2024.101918.(https://www.sciencedirect.com/science/article/pii/S2352250X24001313)
The cybersecurity landscape just shifted permanently, and most organizations aren't ready. While CISOs struggle with alert fatigue from 40+ security tools, a new threat vector is emerging that makes traditional identity management obsolete: AI agents acting autonomously across enterprise systems.Join Secure Talk host Justin Beals for a critical conversation with Rishi Bhargava, the security architect who built Demisto into a $560M category-defining platform and now leads Descope in solving the next impossible challenge. This episode delivers actionable insights for everyone—from Fortune 500 CISOs managing complex threat landscapes to business leaders evaluating AI adoption risks.For Security Professionals, you'll discover: • How AI agent proliferation creates an "identity explosion" that traditional IAM can't handle • Why probabilistic AI systems require fundamentally different access controls than deterministic human users • Advanced WebAuthn and FIDO2 implementation strategies for zero-trust architectures • SOC2 compliance frameworks adapted for AI-human hybrid workflows • Real-world SOAR evolution lessons from the Demisto acquisitionFor Business Leaders, you'll learn: • Why passwordless authentication directly impacts customer acquisition and retention • The hidden costs of password-related support tickets and user drop-offs • How early AI identity management adoption creates competitive advantages • Risk assessment frameworks for AI agent deployment in sensitive environmentsFor Everyone: • Why your current passwords are a ticking time bomb in an AI-first world • How biometric authentication actually works (and why it's more secure than you think) • Practical steps to future-proof your digital security todayWhether you're architecting enterprise security for thousands of employees or simply trying to understand why your login experience keeps getting more complex, this episode reveals the forces reshaping digital identity. The organizations that master AI agent authentication will lead their industries—those that don't risk catastrophic breaches and customer exodus.#CISO #AIAuthentication #EnterpriseIdentity #ZeroTrust #PasswordlessSecurity #CyberSecurityStrategy #IAM #BiometricAuth #SecurityCompliance #AIAgents
The most dangerous threats don't break down the door - they already have the keys.March 23, 2003, Kuwait: Command Sergeant Major Bart Womack was loading ammunition and watching Tiger Woods play golf at 1 AM when a grenade rolled into his tent. What followed was every leader's worst nightmare - discovering that one of your own had been planning to destroy you all along.This isn't just a military story. It's a threat to security we face everywhere.In today's world of workplace shootings, corporate espionage, and school violence, the statistics are terrifying:• Insider threats cause 60% of all security breaches• From Sandy Hook to Fort Hood - trusted insiders inflict maximum damage• Corporate employees steal billions in trade secrets annually• The average insider threat goes undetected for 85 daysWhat makes this episode essential viewing:Real Combat Experience: CSM Womack survived two Bronze Star combat situations, including a firefight with North Korean forces in the DMZThe Diary Revelations: The attacker's own writings revealed: "Destroying America was my plan as a child" - written YEARS before joining the ArmyLife-Saving Strategies: The 6 proactive methods that could prevent workplace violence, school shootings, and corporate sabotageUniversal Application: These hard-learned lessons apply to offices, schools, places of worship, and anywhere people gatherThe Shocking Truth: While 5,000 soldiers searched for "insurgents," the real enemy was wearing the same uniform, had taken the same oath, and was sleeping in the tent next door.Why This Matters to YOU:Whether you're a parent worried about school safety, a manager responsible for employee welfare, or simply someone who wants to protect your community - the warning signs are the same. Political polarization, social media radicalization, and workplace tensions create the perfect storm for insider threats.What You'll Learn:✅ The "Trust No One" philosophy (and what it really means)✅ How to implement "Observe, Listen, Report" in your environment ✅ Why your gut instinct is your strongest security tool✅ The evolution from belief → radicalized → extreme✅ Real warning signs that leaders consistently missCSM Bart Womack transformed his traumatic experience into a mission: preventing others from experiencing what he and his soldiers endured. His insights have protected countless workplaces, schools, and communities.The Bottom Line: In an era where conspiracy theories fuel real violence, where workplace tensions explode into tragedy, and where trusted insiders become active threats - these lessons could save your life.🎖️ 29-year Army veteran, 101st Airborne Division📖 Author of "Embedded Enemy" 🎤 Professional security consultant and keynote speaker🔒 Insider threat prevention expertThis episode contains discussions of violence and may not be suitable for all audiences.#InsiderThreat #WorkplaceSafety #SchoolSecurity #Cybersecurity #MilitaryStory #SecurityAwareness #ThreatPrevention #CorporateSecurity #NationalSecurity #CrisisManagement #SecurityLeadership #RiskManagement #EmergencyPreparedness #SafetyTraining #SecurityEducationSubscribe for more real-world security insights that could save lives. Your safety depends on what you don't see coming.
Machines Running Amok: We've Created More Than We Can SecureTwenty years ago, you could count the servers in your data center. Today, we've unleashed an army of digital entities that's spiraling beyond our control. For every human employee, there are 50-100 machine identities operating in your environment—containers, serverless functions, and automated processes that spawn and disappear by the minute. We've created more computing power than we have the ability to secure, and the machines are running amok.In this episode of SecureTalk, we dive deep into the invisible crisis affecting 91% of organizations: machine identity breaches. Join host Justin Beals and cybersecurity expert Oded Hareven, CEO of Akeyless, as they explore why password rotation is dead, how ephemeral computing is breaking traditional security models, and what revolutionary approaches like distributed fragment cryptography mean for the future of cybersecurity.What You'll Learn: • Why 85% of identity breaches now come from compromised machines, not humans • The fundamental mismatch between static security and dynamic infrastructure • How military-grade cybersecurity innovations are transforming commercial applications • Why the AI-quantum computing convergence is forcing us to rethink encryption • Practical steps toward "SSO for machines" and ephemeral security modelsKey Topics:Machine identity management at scaleZero-knowledge cryptographyQuantum-resistant security architecturesThe evolution from static → rotation → ephemeral securityBuilding security that matches cloud-native infrastructureGuest: Oded Hareven, Co-founder & CEO of Akeyless.Timestamps: 00:00 Introduction to Cybersecurity and Machine Identities04:37 The Evolution of Security Paradigms09:30 Akeyless and Machine Identity Management13:53 Zero Trust and Ephemeral Security18:36 The Impact of AI and Quantum Computing on Security23:19 Future Trends in Cybersecurity and Akeyless's VisionResources:Akeyless: https://akeyless.ioSecureTalk Podcast: www.securetalkpodcast.com#Cybersecurity #CloudSecurity #MachineLearning #QuantumComputing #DevSecOps #IdentityManagement #ZeroTrust
Open Source vs Commercial: How "Winning Culture" Has Made Us More Vulnerable | Greg EpsteinSilicon Valley's shift from collaborative open-source principles to winner-take-all commercial dominance hasn't just changed business models—it's made us fundamentally more vulnerable. When companies prioritize winning everything over building secure, collaborative ecosystems, we all pay the price. But there's a profound irony: the more desperately these leaders chase absolute victory, the more they reveal themselves as losers of the most important game—building meaningful human communities.In this episode, Harvard and MIT Humanist Chaplain Greg Epstein explores how tech's false prophets have led us astray and, more importantly, how we might find our way back to building human-centered security that actually works. The strongest security has never come from building higher walls—it comes from creating ecosystems where everyone's success strengthens the whole. When we understand how to work together better, we all create better security.What You'll Learn: • How winner-take-all thinking creates systemic vulnerabilities • Why collaborative open-source principles build more resilient systems • The hidden security costs of commercial dominance • Practical strategies for building multi-stakeholder security • How to shift from competition to collaboration in your organizationWatch this episode to discover how changing your approach to teamwork and partnerships can dramatically improve your security posture.About Greg M. Epstein: Greg serves as Humanist Chaplain at Harvard University and MIT, and spent 18 months at TechCrunch exploring the ethics of companies shifting our definition of humanity. He's the author of "Tech Agnostic: How Technology Became the World's Most Powerful Religion, and Why it Desperately Needs a Reformation."Timestamps: Chapters00:00 The Corruption of Winning Culture02:39 The Role of Community in Security05:44 Navigating the Media Landscape08:20 The Algorithmic Influence on Information11:01 The Cult of Personality in Tech13:44 The Messianic Figures in Technology16:24 The Fall of Tech Prophets19:15 The Importance of Losing21:44 The Future of Technology and Humanity24:29 The Need for Ethical Technology26:56 The Role of Men in Modern Society29:39 The Impact of AI on Society32:15 The Cult-like Nature of Tech Culture34:54 The Importance of Human Connection37:43 The Future of Humanism in Tech40:11 The Path Forward for Technology and Humanity#TechEthics #CommunityBuilding #DigitalSecurity #TechCulture #HumanistChaplain #SiliconValley #TechReformation
When one of the world's largest enterprises deploys AI across 10,000+ developers, the security challenges are unlike anything most organizations have faced. In this episode of SecureTalk, we explore the critical security and strategic considerations for deploying AI tools at enterprise scale with Tobias Yergin, who led AI transformation initiatives at Walmart.Key Topics Covered:Why traditional security rules fail with probabilistic AI systemsThe exponential risk of scaling AI agents from dozens to thousandsBuilding secure data foundations for enterprise AI deploymentProtecting AI agents that operate beyond your firewallStrategic approaches to AI implementation that balance innovation with riskThe ontological framework for mapping AI capabilities to business tasksFirst principles thinking for AI security architectureTobias brings over two decades of experience in digital transformation, having held senior leadership roles at Intel, VMware, Panasonic, and Citrix Systems. His practical insights from implementing AI at Walmart's massive scale offer invaluable guidance for CISOs and security professionals navigating the complexities of enterprise AI adoption.Perfect for: CISOs, Security Architects, IT Leaders, Enterprise Risk Managers, and anyone responsible for securing AI implementations in large organizations.
SecureTalk 2025 Security Awareness Training | Complete Compliance GuideWelcome to SecureTalk's comprehensive 2025 Security Awareness Training video! This annually updated training is designed to help organizations meet their security compliance requirements while building a strong security culture.🎯 What You'll Learn:Social Engineering & AI-Enhanced ThreatsAdvanced phishing detection in the AI eraVoice and video deepfake attack recognitionFinancial verification protocols to prevent fraudHealthcare data protection against social engineeringCloud Security & InfrastructureCommon cloud misconfigurations and preventionSecure AI model development and deploymentFinancial data protection in cloud environmentsPackage dependency management and vulnerability scanningSupply Chain & Third-Party RiskVendor security assessment frameworksZero Trust architecture implementationHIPAA compliance for business associatesAI vendor risk evaluation checklistsInsider Threats & Hybrid Work SecurityBehavioral analytics for threat detectionEnvironment-adaptive security controlsData loss prevention in remote work settingsSegregation of duties in digital workflowsRegulatory Compliance & Automation2025-2026 regulatory calendar overviewControl-centric compliance approachContinuous monitoring and automation strategiesMulti-framework compliance alignmentBuilding Security CultureSecurity mindset vs. rule-following approachPositive reinforcement security programsOrganizational security maturity modelsLeadership's role in security culture💼 Compliance Frameworks This Training Addresses:SOC 2 Type I & IIISO 27001HIPAA & Healthcare SecurityPCI DSSCMMC (Cybersecurity Maturity Model Certification)GDPR & EU AI ActAI Accountability ActNIST Cybersecurity FrameworkState privacy laws (CCPA, CPRA, etc.)🏆 Perfect For:Annual security awareness training requirementsCompliance audit preparationNew employee onboardingSecurity culture developmentMulti-framework compliance programs🎓 Certification Available: Complete the training and receive a certification of completion for your compliance documentation. https://4dont.share.hsforms.com/2EVBbDWdBQyKG5Udaaj0baA📺 About SecureTalk: SecureTalk explores critical information security innovation and compliance topics. Hosted by Justin Beals, founder and CEO of StrikeGraph, featuring expert insights from cybersecurity professionals across finance, healthcare, engineering, and compliance.🔔 Subscribe for more security insights and compliance guidance!Chapters: 0:00 Introduction & Training Overview 3:18 Social Engineering with Steven Ferrell (IT Compliance Expert) 15:00 Advanced Threats with Kenneth Webb (CISA, CISSP) 30:30 Cloud Security with Josh (Head of Engineering) 44:55 Insider Threats with Elmy Peralta (Assessments Manager) 49:09 Regulatory Compliance with Micah Spieler (Chief Product Officer) 1: 01:42 Security Culture with Juliett Eck (CFO)#CybersecurityTraining #SecurityAwareness #ComplianceTraining #SOC2 #HIPAA #ISO27001 #SecurityCulture #StrikeGraph #SecureTalk
🌙 THE MIDNIGHT SECURITY GUARDIAN: A CISO'S ORIGIN STORYAt 2 AM, most people are dreaming. Satyam Patel is wide awake, sending texts to his security team: "Are we secure? Did we patch that server? Is MFA enabled on that service account?"This isn't insomnia—it's the origin story of how a "big firewall guy" transformed into one of cybersecurity's most forward-thinking leaders, and why his journey from infrastructure skeptic to AI evangelist mirrors the entire industry's evolution.📖 THE THREE-ACT TRANSFORMATION:Act I: The Infrastructure Skeptic's Awakening Watch Satyam's journey from traditional "firewall and load balancer guy" to realizing that employees can't be forced behind VPNs anymore. The moment he discovered that flexibility doesn't mean vulnerability—it means evolution. Learn how this mindset shift led him from protecting perimeters to protecting people.Act II: The Culture Shock That Changed Everything Picture this: After years of doing "security roadshows" and begging for budget, Satyam walks into Kandji and experiences reverse culture shock. Instead of chasing people for security buy-in, they come to HIM asking, "What does security think?" Witness the CEO moment that flipped his world: "It's not a request—it's a mandate to protect our company at ANY cost."Act III: The AI Prophet's Dilemma The heated boardroom debate that keeps CISOs awake: Replace human SOC analysts with AI, or keep the human element? Follow Satyam's internal struggle as he weighs 10,000 daily AI-analyzed calls against human intuition, leading to his bold prediction about "Minority Report" style predictive cybersecurity.🎭 CHARACTER-DRIVEN MOMENTS:The Paranoid Father: Why Satyam forces his family to use alphanumeric passwords and what Tom Cruise's "Minority Report" taught him about threat prediction.The Reformed Skeptic: How a career infrastructure guy learned to embrace endpoint security and why he now believes MDM is the new perimeter.The Reluctant Prophet: His uncomfortable realization that automation will replace thousands of cybersecurity jobs—and why he's helping it happen.⚡ PLOT TWISTS YOU WON'T SEE COMING:The university graduate's graduation post that led to complete identity theftWhy 99% security equals 100% vulnerability (and the math that proves it)The Signal app scandal that changed how he thinks about mobile security🎬 THE SUPPORTING CAST:Adam (Kandji CEO): The leader who gave unlimited security budgetThe Development Team: Who learned to ask security questions firstThe 2 AM Security Team: Who actually appreciate the paranoid textsThe AI SOC Analyst: The non-human teammate changing everything🚀 MEET THE PROTAGONIST: Satyam Patel isn't your typical CISO. He's the guy who went from customer to C-suite, from skeptic to believer, from infrastructure defender to AI advocate. With 25+ years of plot twists, failed budgets, successful breaches prevented, and one very understanding family who puts up with alphanumeric phone passwords.#CISOStory #CyberSecurityJourney #AIvsHuman #ZeroTrust #SecurityLeadership #ThreatDetection #Kandji #EndpointSecurity #ParanoidCISO #CyberStory #SecurityCulture #TechTransformationThis isn't just another security interview—it's a cybersecurity thriller with real-world consequences. Subscribe for more stories from the digital frontlines! 🎬🔐
Can Security be “Agile”? with Brian WagnerIn this comprehensive interview, Brian Wagner, CTO at Revenir and former AWS security executive, shares insights from his new book "Redefining Information Security" and explains why the cybersecurity industry needs a fundamental shift in approach. With over 20 years of experience leading security transformations across enterprise organizations, Wagner presents a practical framework for moving beyond reactive security models.About the Guest:Brian Wagner brings extensive C-suite experience from Amazon Web Services, Moody's RMS, Bulletproof, and Defense.com. Based in London, he speaks globally on cloud security, AI-driven solutions, and security transformation. His latest book "Redefining Information Security" introduces a three-level maturity framework that's gaining attention from security leaders worldwide.Key Discussion Points:The Security Maturity Framework: Wagner outlines his three-level approach—Reactive, Proactive, and Adaptive security—explaining how organizations can assess their current position and plan strategic improvements. He emphasizes that most companies remain stuck in reactive mode, responding to threats after damage occurs.From Cybersecurity to Information Safety: The conversation explores Wagner's concept of treating security as "information safety" rather than traditional cybersecurity. This cultural shift makes digital protection everyone's responsibility, transforming potential vulnerabilities into defensive assets.AI in Security Applications: Drawing from his work at Revenir, where the company handles sensitive financial and personal data across international borders, Wagner discusses practical AI implementations for pattern recognition, fraud detection, and compliance monitoring. He explains why AI excels at identifying normal versus abnormal patterns in security contexts.Security as Business Enabler: Wagner demonstrates how security can function as a competitive advantage rather than a cost center. He shares strategies for communicating security value to go-to-market teams and integrating security features into product development cycles.Compliance vs. Security Balance: The discussion addresses the relationship between regulatory compliance and actual security, with Wagner explaining how compliance represents minimum standards while effective security requires ongoing investment and adaptation.Open Source and Democratic Security: Wagner advocates for open source collaboration in cybersecurity, arguing that community-based approaches provide more transparent and accessible security solutions, especially important given recent changes in vulnerability disclosure programs.Practical Implementation: The conversation includes real-world examples, from detecting sophisticated employment fraud schemes to integrating security practices into agile development workflows. Wagner emphasizes incremental improvements and measurable outcomes.Book Recommendation:"Redefining Information Security" offers a strategic approach to security leadership, focusing on cultural transformation and business alignment rather than purely technical solutions. The book provides frameworks for security professionals and business leaders looking to modernize their approach to digital protection.Link to the book: https://www.koganpage.com/risk-compliance/redefining-information-security-9781398620018This interview provides valuable insights for cybersecurity professionals, technology leaders, and anyone interested in understanding how AI and modern approaches are reshaping enterprise security practices.#Cybersecurity #InformationSecurity #AI #SecurityMaturity #AWS #CloudSecurity #CTO #CISO #ThreatDetection #SecurityCulture #CyberThreats #SecurityLeadership
What happens when you realize your life's work is being used to destroy what you hoped to create?Meet De Kai - the man who helped build Google Translate, Siri, and modern AI systems. In 1990s Hong Kong, he dreamed of AI that could bridge cultural divides. Thirty years later, he experienced his "Oppenheimer moment" - the same machine learning he pioneered to unite people was dividing humanity through social media algorithms.The Reality Check: We don't just have 8 billion humans anymore. We have 800 billion AI systems learning our behavior 24/7 - "digital children" growing up without parental guidance.🎯 KEY INSIGHTS:• The Translation Paradox: How unity technology became division engines • The Blind Men & Elephant: Ancient parable explaining why we misunderstand AI • Digital Parenting Crisis: Why we're raising 800 billion unguided AI systems • The Psychology of Manipulation: How AI exploits cognitive weaknesses • Four Futures Scenario: Humanity's possible paths with AI🧠 AI MANIPULATION TACTICS REVEALED:Anchoring attacks that shape your thinkingBelief perseverance traps that backfire fact-checkingHow algorithms turn gossip into social weapons📖 ABOUT "RAISING AI":De Kai's book explores the question we should be asking: Not "Will AI replace us?" but "How do we raise AI ethically?" Written by Google's AI Ethics Council founding member, it reveals why current AI needs 15 million times more data than human children and provides a framework for ethical AI development.🔬 DE KAI'S CREDENTIALS:• AI pioneer & Founding Fellow in computational linguistics • Independent Director of AI ethics think tank The Future Society • One of 8 inaugural members of Google's AI Ethics Council • Joint appointment at HKUST Computer Science & Berkeley's International Computer Science Institute • Electronic musician exploring AI creativity💭 QUESTIONS ANSWERED:How translation tech became social manipulation?What makes AI behave like "unparented teenagers"?How to be a good "AI parent" in organizations?Why human-AI merger might be our best survival strategy?The Timeline is Accelerating. 99% of people are "frozen like deer in headlights" facing humanity's most disruptive transformation. Organizations ignoring AI governance face competitive extinction within five years.This isn't academic theory - it's a confession and warning from someone who helped create the systems now shaping global culture.Book: Raising AI: An Essential Guide to Parenting Our Future#AIEthics #GoogleTranslate #ArtificialIntelligence #MachineLearning #RaisingAI #TechnologyLeadership #AIGovernance #DigitalTransformation #FutureOfWork #AIStrategy #Innovation #TechLeadership #AICompliance #BusinessStrategy
Episode Description: Every device around you is collecting data about you and everyone you interact with. Amazon Echo recordings are being subpoenaed in murder trials. Period tracking apps are being used to prosecute women. Ancestry websites are revealing family secrets. We're participants in the largest social experiment in human history—and we never opted in.In this episode of SecureTalk, host Justin Beals sits down with Dr. Aram Sinnreich and Jesse Gilbert, co-authors of "The Secret Life of Data," to explore a revolutionary approach to digital security: data kindness.🎯 KEY TOPICS COVERED: • Why our biggest security threat is social fragmentation, not just technical vulnerabilities • How tech companies profit from division (anger drives 5x more engagement than approval) • The food allergy transformation: how society changed practices organically in 20 years • Practical data kindness: simple actions that rebuild digital trust • Why cooperation is our best defense in an age of surveillance • How to reclaim agency over your digital life🚨 CRITICAL INSIGHTS:We can't rely on tech companies (profit over people) or Congress (no data protection laws passed)Change must happen from the ground up through shared cultural practicesSimple acts like unplugging smart devices for guests or consulting family before DNA uploads matterDivided societies are vulnerable societies—cooperation is a security strategy👥 ABOUT THE GUESTS: Dr. Aram Sinnreich serves as a Professor and Graduate Director within the Communication Studies department at American University’s School of Communication. His research addresses the convergence of culture, law, and technology, focusing particularly on topics such as surveillance and privacy, intellectual property, digital rights, digital culture, democracy, governance, and music. Sinnreich has authored five books: Mashed Up (2010), The Piracy Crusade (2013), The Essential Guide to Intellectual Property (2019), the science fiction novel A Second Chance for Yesterday (2023; coauthored with Rachel Hope Cleves as R.A. Sinn), and The Secret Life of Data (2024; coauthored with Jesse Gilbert). Additionally, his writing has appeared in various publications including The New York Times, Billboard, Wired, The Daily Beast, and Rolling Stone. He is a core faculty member of the SOC doctoral program and the MA in Media, Technology & Democracy, regularly collaborating with SOC graduate students on research publications and projects. Jesse Gilbert is an interdisciplinary artist focused on the convergence of visual art, sound, and software design through his firm, Dark Matter Media. He previously served as the founding Chair of the Media Technology department at Woodbury University and has taught interactive software design at CalArts and UC San Diego.Since 2010, Gilbert's work has revolved around his innovative software, SpectralGL, which is an interactive listening instrument that creates real-time visual landscapes in response to sound. Drawing on his background as a composer, sound designer, and lifelong technologist, his creative output investigates the phenomenological aspects of listening through improvisation and collaborative dialogue. His work has been showcased at numerous concert halls, festivals, and projection-mapped installations worldwide.In 2007, Gilbert co-founded Dark Matter Media LLC to facilitate his independent creative projects and provide consultancy on emerging technologies across various public and private environments. From 2011 to 2017, he held the founding Chair position in the Department of Media Technology at Woodbury University and taught interactive software design at both CalArts and UC San Diego.After documenting the problems in their first book, Aram and Jesse recently published insights in Time Magazine and are working on a new book about building cooperative societies with kindness embedded in technology design.🔗 CONNECT WITH SECURETALK: • Subscribe for weekly cybersecurity insights • Follow Justin Beals on LinkedIn • RESOURCES:Sinnreich, A., & Gilbert, J. (2025, April 3). How to be kind in a world that's always monitoring you. Time Magazine. https://time.com/7273469/data-monitoring-kindness-essay/Sinnreich, A., & Gilbert, J. (2024). The secret life of data: Navigating hype and uncertainty in the age of algorithmic surveillance. MIT Press. Beals, J. (Host). (2024, May 14) The Algorithmic Mirror: Reflecting on Data's Role in Modern Life. in Secure Talk Podcast, Ep 173 with Aram Sinnreich and Jesse Gilbert
***Are you attending the Gartner GRC Summit? If so, come along on our Sunset Trip on June 10, 2025. Register here! https://www.strikegraph.com/boat-party-2025?utm_source=secure-talk&utm_medium=podcast&utm_campaign=gartner-boat-partyEpisode Description: When quantum computing pioneer Michele Mosca met Peter Shor in the 1990s, he thought quantum computing was "science fiction." Now, he's warning that we're just "a few quarters" away from quantum computers capable of shattering the encryption protecting our global financial system, government communications, and critical infrastructure.In this must-listen episode, the Oxford-educated mathematician and co-founder of Evolution Q breaks down why symmetric key infrastructure (SKI) and "cryptographic resilience" are essential as quantum computing advances faster than our security preparations. With remarkable clarity, Mosca explains how the nine-year NIST standardization process signals both progress and concerning delays in our quantum readiness.The interview explores why most organizations are unprepared, how quantum networks could provide a novel security solution, and what businesses should be doing now to protect their long-term data security. Mosca also details the latest breakthroughs in quantum error correction across ion traps, neutral atoms, and superconducting qubits that are bringing us closer to fault-tolerant quantum computing.Key Topics Covered:The evolution of quantum computing from theoretical concept to imminent realityHow close we are to breaking modern encryption standardsEvolution Q's innovative approach to quantum resilienceThe concept of symmetric key infrastructure (SKI) as a defense mechanismRecent breakthroughs in quantum error correctionWhy organizations need both defense-in-depth and cryptographic diversityThe limitations of the NIST standardization process and what it means for securityEpisode Highlights:"I met Don Coppersmith... he told me he was helping a colleague improve his algorithm where you'd trap these atoms and you'd shine lasers on them, do exponentiation and then do a Fourier transform... I thought he was joking. I'd never heard of this before.""We look at it as an engineering challenge. Oh, how much does it cost to scale this up? By a factor of 10 or 100 or 1,000, but 1,000, it's like 10 bits of security... It's not that much of a security buffer. The one we're used to in cryptography between what we could break and those we can't, we want an enormous gap."About the Guest: Michele Mosca is the CEO and co-founder of evolutionQ, a start-up that provides scalable defense-in-depth with post-quantum cryptography (PQC) and quantum key distribution (QKD) software solutions for cryptographic resilience and quantum-safe security.Michele is a renowned expert in cryptography and among the world's leading experts at the intersection of quantum computing and cybersecurity. He has been instrumental in working with the business community to share the importance of cryptography as acritical cybersecurity control protecting both data and communications.Prior to evolutionQ, Michele was a founder of the world-leading Institute for Quantum Computing, a Professor in the Department of Combinatorics & Optimization at the University of Waterloo, and a founding member of the Perimeter Institute for Theoretical Physics. His work on quantum computing has been published widely in top journals and textbooks.Michele worked on cryptography during his BMath (Waterloo) and MSc (Oxford) and obtained his Doctorate (Oxford) in Quantum Computer Algorithms. He was appointed as a Knight in the Order of Merit by the Government of Italy in 2018. The Knighthoodrecognizes Michele’s contributions in quantum information science and digital security, as well as teaching and outreach.Connect and Learn More:Stay updated on quantum security developments: quantum-safe.caSubscribe to SecureTalk on your favorite podcast platformJoin the conversation with #QuantumSecurity #PostQuantumCryptography #QuantumThreat #CyberResilience
In this riveting episode of SecureTalk, host Justin Beals welcomes back decorated military leader and security expert Mike LeFever, Executive Vice President of National Security at Concentric, to discuss the intersection of physical security, geopolitical instability, and the future of national defense. From the polarization of American politics to the innovative warfare tactics in Ukraine, this conversation offers cybersecurity professionals an essential perspective on how global security dynamics impact the digital landscape.## Key Topics Covered:- 🔒 **Physical Security Crisis**: How political polarization has created new security challenges for high-profile individuals and organizations- 🌍 **Soft Power Erosion**: The concerning reduction in USAID and diplomatic initiatives and its impact on national security- 🇺🇦 **Ukraine's Tech Innovation**: Revolutionary drone warfare tactics and rapid adaptation changing the future of military strategy- 💻 **Information Warfare**: The growing "truth decay" problem and how disinformation campaigns are reshaping public discourse- 🏛️ **Constitutional Challenges**: Analysis of current governance issues and threats to democratic institutions- 🔍 **Leadership in Chaos**: Strategic insights for security professionals navigating turbulent times## Episode Highlights:### The Business of ProtectionLeFever discusses how Concentric provides comprehensive security for high-net-worth individuals, including physical security, intelligence products, due diligence, and privacy protection in an increasingly polarized environment where public figures face heightened threats.### The Crisis in GovernanceThe conversation examines concerning trends in the federal workforce, with both experts highlighting how dismissing experienced personnel creates institutional knowledge gaps and damages trust in critical security domains.### The Value of Soft PowerDrawing from his experience leading earthquake relief efforts in Pakistan, LeFever explains how humanitarian initiatives like USAID build crucial international relationships that enhance national security more effectively than purely kinetic operations.### Innovations in Modern WarfareAnalysis of Ukraine's remarkable technological adaptations against Russia, showcasing how smaller forces can effectively counter larger opponents through rapid innovation and precision drone strikes.### Leadership WisdomLeFever shares invaluable advice for security leaders navigating chaos: maintain strategic focus on end goals while building resilience against tactical disruptions.## About the Guests:**Mike LeFever** is Executive Vice President of National Security at Concentric, providing comprehensive physical and privacy security solutions. His distinguished military career included leadership roles in counterterrorism and diplomatic security initiatives across multiple global hotspots.**Justin Beals** is the host of SecureTalk and a recognized expert in cybersecurity strategy and implementation.## Connect & Learn More:- Visit www.securetalk.com For more episodes
Episode Summary: In this eye-opening episode of Secure Talk, host Justin Beals investigates how foreign disinformation campaigns have evolved to target AI systems. NewsGuard researchers McKenzie Sadeghi and Isis Blachez reveal their groundbreaking investigation into the Moscow-based Pravda network that has successfully infiltrated Western AI chatbots, creating a new frontier in information warfare that bypasses human readers to directly corrupt the technology we rely on for information.Key Insights:Leading AI chatbots repeated Russian disinformation 33% of the time when tested on key geopolitical topicsThe Pravda network has expanded from 50 to over 150 websites specifically designed to influence AI training dataModern disinformation operations now prioritize "LLM grooming" over targeting human readersEven when AI systems attempt to debunk false claims, they often cite unreliable sources, further legitimizing themHuman oversight remains essential as these networks constantly evolve to evade automated detectionNotable Quotes: "Bad actors are targeting AI models to get their information to appear in those responses, but they're also weaponizing AI to produce disinformation at scale." - McKenzie Sadeghi"What is changing is really the delivery of the disinformation... it's reaching a much larger audience and an audience that's not targeted as specifically because now practically anyone is using ChatGPT or other chatbots." - Isis Blachez"This network does not invest any money or resources into spreading its content online... It's sort of serving as a centralized hub. And as a result, it appears very high not only in search results but also in chatbot responses." - McKenzie SadeghiResources: Sadeghi, M., & Blachez, I. (2025, March 6). A well-funded Moscow-based global disinformation network. NewsGuard Reality Check. https://www.newsguardrealitycheck.com/p/a-well-funded-moscow-based-global
In this episode of SecureTalk, host Justin Beals explores the evolving world of API technology and security with Sam Chehab, Head of Security at Postman - the platform used by over 35 million developers and 90% of Fortune 500 companies.Episode Insights:Postman's Strategic Position: Learn why Sam joined Postman in September 2024 and how they're positioned to be the connective tissue for the emerging AI agent ecosystemAPIs as Agent Infrastructure: Sam explains how Postman's catalog of hundreds of thousands of documented APIs creates the perfect foundation for AI agent interactionsSecurity by Design: Discover how Postman is embedding security throughout the API lifecycle - from conception to deploymentThe Human Factor in Security: Why security remains a collaborative responsibility across organizations and how to foster a security-minded cultureNext-Gen Challenges: Sam's perspective on balancing innovation with fundamental security hygiene concerns like supply chain vulnerabilities"I see such a larger ecosystem that's really going to get built here beyond what's out in the market today," says Sam, discussing how Postman will facilitate human-agent collaboration in building the next generation of applications.Sam brings unique insights from his previous roles at technology giants like Palo Alto Networks and NVIDIA, where he once demonstrated an early chatbot prototype to Jensen Huang himself. His experience taking products through rigorous FedRAMP certification processes provides a valuable perspective on enterprise-grade security implementation.This episode offers essential insights for developers, security professionals, and technology leaders interested in the intersection of APIs, AI, and enterprise security in today's rapidly evolving digital landscape.
In this eye-opening episode of SecureTalk, host Justin Beals welcomes Bryant Tow, Chief Security Officer at LeapFrog Services, to discuss why technology alone can't solve cybersecurity challenges. Bryant reveals how the "Ring of Security" concept shows that up to half of your attack surface lies outside of technology—in governance, policies, people, and processes. The conversation explores real-world examples like the Change Healthcare breach, why security frameworks often fall short, and how building a culture of security requires connecting protection of company assets to personal security concerns.Key TopicsThe Change Healthcare breach: How a single oversight led to a $2.9 billion loss despite substantial technology investmentsWhy frameworks like CIS are great starting points but insufficient on their ownHow the "Ring of Security" approach addresses the complete attack surfaceBuilding a security culture that resonates with employees on a personal levelWhy a business impact analysis is critical but often missing from frameworksThe importance of understanding your data before implementing AI solutionsNotable Quotes"When you do the root cause analysis on headline breaches, nearly all of them started somewhere outside the technology." - Bryant Tow"Even if you do your technology perfectly, you're leaving half of your attack surface open." - Bryant Tow"Strategy drives governance. Governance drives operation." - Bryant TowAbout the GuestBryant Tow serves as Chief Security Officer at LeapFrog Services, where he assists clients with comprehensive security programs including strategy, governance, and operations. Previously, he owned Cyber Risk Solutions and served on the Department of Homeland Security Sector Coordinating Council. His "Ring of Security" concept emphasizes that cybersecurity is an organizational problem that uses technology as just one tool in the solution.Resources MentionedThe "Ring of Security" conceptCIS Framework limitationsBusiness Impact AnalysisAI Readiness AssessmentDepartment of Homeland Security Sector Coordinating CouncilSecureTalk is hosted by Justin Beals, focusing on cybersecurity strategy, governance, and best practices for organizations of all sizes.
In this eye-opening episode of SecureTalk, host Justin Beals welcomes Joe Gronemeyer, Solutions Engineer at Akamai Technologies, for a masterclass in how internet security has evolved from basic content delivery to sophisticated edge protection powering 30% of global web traffic. From stories of literally burning servers in 1999 to today's quantum-resistant cryptography, this conversation tracks the incredible journey of cybersecurity infrastructure.### Key Highlights:- **The Birth of Edge Networks**: How Akamai transformed from emergency content delivery savior to cybersecurity powerhouse- **Massive Security Scale**: Processing 26 billion web attacks monthly and analyzing 7 trillion DNS queries daily- **Zero Trust Evolution**: Why identity-aware proxies are replacing traditional VPNs for enterprise security- **Micro-segmentation Explained**: Creating "mini-firewalls" at every endpoint to contain breaches and limit attack radius- **Bot Attack Revolution**: The evolution from simple DDoS to sophisticated credential abuse and account takeover attempts- **API Security Challenges**: Why APIs have become the new security frontier as other defenses improve- **Client-Side Security**: How PCI DSS v4 is forcing new approaches to JavaScript security monitoring- **Quantum-Resistant Future**: Akamai's implementation of NIST-approved quantum-resistant cryptography### Notable Quotes:"If you had our auto rules applied during the Log4J incident, you wouldn't have had to take any action during Christmas - it would have been protecting you automatically." - Joe Gronemeyer"At some point I think it was in 2011-2012, is when we would start looking at the traffic coming in and protecting websites from attacks as well. So applying security at the edge, keeping the bad actors away from your servers." - Joe Gronemeyer### About Our Guest:Joe Gronemeyer serves as a Solutions Engineer at Akamai Technologies with nearly a decade of experience. Previously, he spent 13 years at Accenture as a Senior Manager leading digital solutions for Fortune 500 companies across pharmaceuticals, consumer goods, and telecommunications industries. He holds a BS in Industrial and Systems Engineering from Georgia Tech and is CISSP certified.### Resources Mentioned:- Web Application Firewall (WAF) technology- Zero Trust Network Access (ZTNA)- Enterprise Application Access- Client-Side Access and Compliance (formerly Page Integrity Manager)- OWASP Top 10 for web, API, and AI security- PCI DSS version 4 compliance requirements- NIST standards for quantum-resistant cryptography*Don't miss our next episode where we'll continue exploring cutting-edge cybersecurity approaches for enterprise organizations.*#EdgeSecurity #ZeroTrust #MicroSegmentation #APIProtection #WAF #PCICompliance #QuantumCryptography #CyberDefense
In this eye-opening episode of SecureTalk, host Justin Beals sits down with Nick Furneaux, renowned cryptocurrency investigator and author of the provocatively titled book "There's No Such Thing as Crypto Crime." Furneaux shares his extensive expertise on blockchain technology, cryptocurrency investigations, and the evolving landscape of digital financial crimes.Key Topics Discussed:The meaning behind Furneaux's book title "There's No Such Thing as Crypto Crime" and why traditional investigation skills remain relevantThe fundamental differences between Bitcoin and newer cryptocurrencies like Ethereum and SolanaHow blockchain technology actually helps investigators through its open ledger systemThe mechanics behind "rug pulls" and other crypto-related scamsThe role of mining in cryptocurrency ownership and valueHow TRM Forensics tools help trace illicit cryptocurrency transactionsThe concerning rise of human trafficking in crypto scam operationsHow AI is transforming both criminal schemes and investigation techniquesNotable Quotes:"There is no such thing as a crypto-only crime. There is no new criminal category. There is just a new payment mechanism." - Nick Furneaux"The Bitcoin source code is some of the most beautiful code ever written. It is extraordinary... and it's never been hacked." - Nick Furneaux"We're in a situation now where the victim is a victim, and the scammer is a victim." - Nick Furneaux on trafficking in scam compoundsAbout Nick Furneaux:Nick Furneaux is a digital forensics expert, cryptocurrency investigator, and cybersecurity specialist. He has worked in digital forensics for many years and is known for his expertise in cryptocurrency investigations. He has served as a trainer and consultant for law enforcement agencies and private organizations on matters related to digital forensics and cryptocurrency tracing.He is the author of *There’s No Such Thing as Cryptocrime* (2024) and *Investigating Cryptocurrencies* (2018). He has trained thousands of investigators in the essential skills needed to track cryptocurrencies involved in criminal activities. Currently, he works as a Blockchain Intelligence Expert and Master Trainer at TRM Labs and serves as an advisor to the Board of Asset Reality.Resources Mentioned:Book: "There's No Such Thing as Crypto Crime" by Nick Furneaux (link)Book: "Investigating Cryptocurrencies" by Nick Furneaux (link)TRM Forensics Investigative ToolkitThis episode provides invaluable insights for cybersecurity professionals, financial investigators, and anyone interested in understanding cryptocurrency's role in modern digital crime investigations.SecureTalk is hosted by Justin Beals, bringing you expert conversations with the leading minds in cybersecurity.#Cryptocurrency #BlockchainForensics #CryptoInvestigation #Cybersecurity #DigitalForensics #Bitcoin #Ethereum #CryptoScams #FinancialCrime
In this eye-opening episode of SecureTalk, host Justin Beals interviews Johann Rehberger, a seasoned cybersecurity expert and Red Team Director at Electronic Arts, about his groundbreaking discovery of a critical vulnerability in ChatGPT's memory system. Johann shares how his security background and curiosity about AI led him to uncover the "SPAIWARE" attack - a persistent malicious instruction that can be injected into ChatGPT's long-term memory, potentially leading to data exfiltration and other security risks.Key Topics CoveredJohann's journey from Microsoft development consultant to becoming a leading red team expert specializing in AI securityThe discovery of ChatGPT's memory system vulnerability and how it could be exploitedHow traditional security concepts like the CIA security triad (Confidentiality, Integrity, Availability) apply to AI systemsThe development of "SPAIWARE" - a persistent prompt injection attack that can leak user dataCommand and control infrastructure using prompt injection techniquesThe challenges of securing agentic AI systems that can control web browsers and execute tasksThe evolving relationship between security researchers and AI companies like OpenAINotable Quotes"I think using this system is just so important because it can help you. They are so powerful. I started using it daily. But the security mindset of course too, because I use it for my productivity, but I always use it for trying to find the flaws and trying to understand how it works." - Johann Rehberger"What I did basically was use that technique and then insert that instruction in memory. So that whenever there's a conversation turn, the user has a question, ChatGPT responds. Every single conversation turn will be sent to the third-party server. So this is where the word spyware basically kind of came from." - Johann Rehberger"The better the models become, the better they follow instructions, including attacker instructions." - Johann RehbergerAbout Johann RehbergerJohann Rehberger is the Red Team Director at Electronic Arts with extensive experience in cybersecurity. His career includes roles at Microsoft, where he led the Red Team for Azure Data, and Uber, where he served as Red Team Lead. Johann is known for his pioneering work in AI security, specifically identifying and responsibly disclosing vulnerabilities in large language models like ChatGPT.Resources MentionedJohann's blog on machine learning security (https://embracethered.com/blog/index.html)Black Hat Europe presentation on ChatGPT security vulnerabilitiesLLM Owasp Top 10 vulnerability classificationsConnect With UsFollow SecureTalk for more insights on cybersecurity trends and emerging threats. Visit our website at www.securetalkpodcast.com for more episodes and resources.#AISecurityRisks #PromptInjection #ChatGPT #Cybersecurity #AIVulnerabilities #RedTeaming #SecureTalk
What if there was a way to precisely predict the risk of a major data breach when sharing information? In this illuminating episode of Secure Talk, Justin Beals sits down with Simson Garfinkel, renowned computer scientist, journalist, and author who helped implement differential privacy for the U.S. Census Bureau's 2020 census. As a fellow of the American Association for the Advancement of Science, the Association for Computing Machinery, and the IEEE, and with leadership positions at both the Department of Homeland Security and U.S. Census Bureau, Garfinkel offers unparalleled insights into how mathematics is creating an entirely new frontier in privacy protection in his new book “Differential Privacy”.Differential privacy is a reliable mathematical framework that quantifies privacy risk or the potential for a major breach. It can transform how organizations understand, measure, and control data exposure. Yet most security, compliance, and legal professionals haven't grasped its revolutionary implications for measuring and predicting a major privacy breach.Join Justin and Simson as they reveal:- How differential privacy allows organizations to calculate privacy risk with mathematical precision- Why this new field of privacy research eliminates guesswork when combining and distributing sensitive data- The revolutionary balance between data utility and privacy protection that was previously impossible- How forward-thinking organizations are using these mathematical formula to unlock data value safelyThis isn't abstract theory – it's a practical revolution in how we approach data sharing. Garfinkel, who literally wrote the book on "Differential Privacy," shares real-world examples from his work with the U.S. Census Bureau, where differential privacy enabled the release of valuable population data while mathematically predicting individual privacy. In his book, Simson breaks down complex mathematical concepts into clear, actionable insights for security leaders, compliance officers, and legal counsel.Listen now to discover how differential privacy is creating a future where data-sharing decisions are based on mathematical certainty rather than best guesses and crossed fingers.Link to Simson's book: https://mitpress.mit.edu/9780262551656/differential-privacy/