2026 is here, and the cybersecurity job market is evolving. Whether you are trying to break into the industry or land your next senior role, the playbook has changed.

In this episode of the DTF Cyber Podcast, Fern and Troy are joined by Gary Perkins (CISO at CISO Global) to break down 8 actionable steps you can take right now to jumpstart your career. From building public red team projects to mastering new attack toolchains like the Flipper Zero, we cover the technical and soft skills that hiring managers actually look for.

We also dive into why networking is your #1 asset, how to contribute to open source projects, and why "learning to script" is non-negotiable for modern security pros.

🚀 In this episode, we cover:

Why you need a public GitHub portfolio (even if you aren't a dev).

How to legally perform "hunts" in your current job to gain experience.

The difference between "scripting" and "developing" and why Python/Bash helps.

Why reading non-cyber books can actually make you a better CISO.

👇 Jump to the 8 Career Hacks:

00:00:00 - Intro: Welcome back to 2026!

00:01:02 - Meet Gary Perkins, CISO at CISO Global

00:07:43 - #1: Build One Public Red Team Project Quarterly

00:14:00 - #2: Master a New Attack Toolchain (Flipper Zero, Bloodhound, etc.)

00:21:16 - #3: Contribute to Open Source Security Projects

00:29:16 - #4: Perform a Weekly Hunt in a Real Environment

00:43:35 - #5: Learn to Script Your Own Tools (Python & Bash)

00:51:18 - #6: Network Like Your Career Depends On It

01:02:17 - #7: Read a Non-Cyber Book (The Phoenix Project, Leaders Eat Last)

01:07:42 - #8: Teach Something Publicly

01:16:20 - Bonus Resource: The Threat Intelligence Support Unit (TISU) Cohort

📚 Resources & Mentions:

Book: The Phoenix Project

Book: Leaders Eat Last by Simon Sinek

Organization: Threat Intelligence Support Unit (TISU) - Free Cybersecurity Cohort

https://www.eventcreate.com/e/tisu8

Connect with the Guest: Gary Perkins (CISO Global)

https://www.linkedin.com/in/perkinsgary/

Subscribe for more no-nonsense cyber insights! #Cybersecurity #InfoSec #CareerAdvice #RedTeam #BlueTeam #CISO #TechCareers #2026

http://cyberpodcast.net

Spotify: http://spotify.cyberpodcast.net

Apple: http://apple.cyberpodcast.net

X: https://x.com/dtfcyberpodcast

IG: https://www.instagram.com/dtfcyberpodcast/

Linkedin:

DTF: https://www.linkedin.com/company/dtf-cyber-podcast/

Damian: https://www.linkedin.com/in/damianchung/

Troy: https://www.linkedin.com/in/kosovotroy/

Fern: https://www.linkedin.com/in/fernrojasaz/

Business Inquiries: dtf at cyberpodcast dot net

Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

Is 2026 the year AI takes over everything—including the crimes? 🤖💸

In the final episode of 2025, Damian and Troy break down their Top 8 Cyber Predictions for 2026. From AI agents executing 90% of breaches to ransomware payouts potentially hitting half a billion dollars, the future of cybersecurity is moving fast. We also discuss the "Harvest Now, Decrypt Later" threat, why your LinkedIn profile picture might already be a lie, and the new $150k entry-level salary standard.

Plus, we’re ending the year with a GIVEAWAY! 🎁 Drop your 2026 prediction in the comments—for every 10 predictions we receive, we’re picking a winner for some exclusive (and secret) DTF Cyber swag.

In this episode, we cover:

Why AI agents (not humans) will be behind 9 out of 10 breaches.

The terrifying potential for a $500M ransomware payout.

How deepfakes will finally cause a major real-world crisis.

"AI Laundering": The new frontier for cleaning dirty crypto.

Why entry-level cyber jobs are hitting $150k salaries (and the catch).

🔔 Subscribe for more unfiltered cybersecurity insights!

⏱️ TIMESTAMPS:

00:00 – Intro: Did AI change the world in 2025?

01:58 – Prediction #1: 90% of breaches will be executed by AI Agents.

07:40 – Prediction #2: Ransomware payouts will break records ($500M?!).

15:15 – Prediction #3: Identity becomes the central pillar (Passkeys backfire?).

20:00 – Prediction #4: A deepfake event will hit major global news.

24:45 – Prediction #5: "Harvest Now, Decrypt Later" goes mainstream.

28:40 – Prediction #6: Mandatory AI Agent audits for federal contractors.

32:30 – Prediction #7: "AI Laundering" becomes the new money laundering.

38:15 – Prediction #8: Entry-level AI Cyber jobs will start at $150k.

45:00 – Bonus Prediction: The consolidation of massive data analytics.

47:00 – GIVEAWAY DETAILS: How to win exclusive swag!

#CyberSecurity #AIPredictions #Ransomware #Deepfakes #TechTrends2026 #InfoSec #Podcast #DTFCyber #AI

The 2025 Cyber Christmas List That Actually Gets You Hired

Happy holidays, nerds!

Your mom just spent $79 on a “hacker hoodie” that says “Trust Me” in Comic Sans…

…while real juniors are out here making six figures with a $29 Yubikey and a Raspberry Pi.

In Episode 30, Damian, Troy & Fern save your Christmas with the only cyber gifts worth buying in 2025:

• Under $50 stocking stuffers that turn into paychecks

• $50–$150 tools that get you interviews

• $150–$300 big wins that scream “I’m serious”

• Free gifts that slap harder than anything paid

• And the absolute coal you should burn before anyone unwraps it

Timestamps

00:00 Intro: The "Hacker Hoodie"

01:37 Why "Hacker" Clothing is Bad OpSec

06:01 The Worst Gifts: "Hacking for Dummies"

08:59 Beware of Knockoff Tools & Malware

12:15 Danger: Pre-loaded Hacking USBs

13:49 Best Gifts Under $100

14:00 Book Rec: The Hardware Hacker

14:20 YubiKeys for MFA

16:21 Lockpicking Sets & Physical Pen Testing

21:42 USB Rubber Ducky

23:25 USB Data Blockers (Juice Jacking Protection)

25:05 RFID Blocking Wallets

28:06 Raspberry Pi Projects (Honeypots & VPNs)

28:45 Best Gifts $100 - $200

30:30 Packet Squirrel: Man-in-the-Middle Attacks

34:20 Flipper Zero: Radio Frequencies & Rolling Codes

39:34 Certifications: Security+ & Network+

44:24 Cloud Credits & AI Subscriptions

46:26 Unlimited Budget Gifts

47:25 Black Hat & DefCon Tickets

48:14 Mac vs. Windows vs. Linux for Hacking

51:53 Giveaway: The "Hacker" Hoodie

57:58 Holiday Security Warning

Giveaway: Comment your dream (or worst) cyber gift — we’ll randomly pick one subscriber for a genuine “hacker” hoodie (minimum 10 comments).

Everything here is our personal hot takes — not our employers, not legal advice.

Just three idiots with mics trying to keep you from bad gifts.

— Damian, Troy & Fern

DTF Cyber Podcast

#CyberGifts #Christmas2025 #CyberSecurity #Infosec #Career

http://cyberpodcast.net

Spotify: http://spotify.cyberpodcast.net

Apple: http://apple.cyberpodcast.net

X: https://x.com/dtfcyberpodcast

IG: https://www.instagram.com/dtfcyberpodcast/

Linkedin:

DTF: https://www.linkedin.com/company/dtf-cyber-podcast/

Damian: https://www.linkedin.com/in/damianchung/

Troy: https://www.linkedin.com/in/kosovotroy/

Fern: https://www.linkedin.com/in/fernrojasaz/

Business Inquiries: dtf at cyberpodcast dot net

Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

2.5 billion daily account-takeover attempts.

That’s one every 34 microseconds.

Damian, Troy & Fern go full send-it mode on the 2025 ATO playbook: SIM swaps, session-token theft, MFA fatigue bombing, rogue QR codes, deep-fake family scams, and the OAuth tokens you granted in 2017 that are still wide open.

Timestamps

00:00 – Intro

05:20 – SIM swaps & losing your phone number in minutes

09:40 – Why password resets are useless (session tokens survive)

14:20 – MFA fatigue / push-notification bombing

19:10 – OAuth & old third-party app tokens nobody revokes

24:30 – Rogue QR codes at restaurants & hotels

30:15 – Enterprise reality – weekly O365 token theft

37:40 – Non-human identities & service-account sprawl

44:50 – Passkeys in 2026 – will increase ATO risk if misconfigured

51:00 – Public Wi-Fi, juice jacking & QR code myths

58:00 – Closing thoughts

Discord (coming soon)

#AccountTakeover #SIMSwap #MFAFatigue #CyberSecurity #Infosec #ZeroTrust

https://www.fcc.gov/consumers/scam-alert/grandparent-scams-get-more-sophisticated

https://newsroom.servicenow.com/press-releases/details/2025/ServiceNow-to-Expand-Security-Portfolio-With-Acquisition-of-Vezas-Leading-AI-native-Identity-Security-Platform/default.aspx

https://thehackernews.com/2025/04/customer-account-takeovers-multi.html

https://www.gartner.com/reviews/market/identity-threat-detection-and-response-itdr

http://cyberpodcast.net

Spotify: http://spotify.cyberpodcast.net

Apple: http://apple.cyberpodcast.net

X: https://x.com/dtfcyberpodcast

IG: https://www.instagram.com/dtfcyberpodcast/

Linkedin:

DTF: https://www.linkedin.com/company/dtf-cyber-podcast/

Damian: https://www.linkedin.com/in/damianchung/

Troy: https://www.linkedin.com/in/kosovotroy/

Fern: https://www.linkedin.com/in/fernrojasaz/

Business Inquiries: dtf at cyberpodcast dot net

Everything here is our personal hot takes — not our employers, not the vendors we roast, not legal advice. Just three idiots with mics trying to keep you from getting pwned.

Anthropic’s new report is a wake-up call: hackers turned Claude into a near-autonomous espionage agent that handled 90% of the attack chain by itself. The future is officially here… and it’s terrifying.

We go deep on how they did it, why current defenses are cooked, and what defenders need to do yesterday.

Timestamps

00:00 – The scariest line Anthropic has ever published

01:17 – “Set it and forget it” – the new AI attack paradigm

04:04 – Breaking attacks into tiny, undetectable chunks

13:48 – Attackers flipped the script: 90% AI, 10% human

17:26 – Why defense has to 10x its speed right now

27:11 – SOC automation, log nightmares & the data problem nobody’s solved

33:18 – Thousands of API calls/sec + AI writing its own evasion logic

40:31 – Regulation debate: should frontier models be locked down?

51:38 – Back to basics… but the basics just changed forever

55:21 – Raw reactions: “Is this even real?”

58:09 – The silver lining (yes, there is one)

01:03:13 – When’s the next one coming?

Like if this freaked you out, comment your biggest fear for 2026, and smash subscribe — the AI cyber war just started.

#AICyberAttack #ClaudeAI #Cybersecurity #AgenticAI # infosec

http://cyberpodcast.net

Spotify: http://spotify.cyberpodcast.net

Apple: http://apple.cyberpodcast.net

X: https://x.com/dtfcyberpodcast

IG: https://www.instagram.com/dtfcyberpodcast/

Linkedin:

DTF: https://www.linkedin.com/company/dtf-cyber-podcast/

Damian: https://www.linkedin.com/in/damianchung/

Troy: https://www.linkedin.com/in/kosovotroy/

Fern: https://www.linkedin.com/in/fernrojasaz/

Business Inquiries: dtf at cyberpodcast dot net

The average company now runs 60+ cybersecurity tools — more apps than most people have on their phone. Is this making us safer… or just creating chaos, alert fatigue, and million-dollar shelf ware?

In this episode, Damian, Troy, and Fern rip apart the tool sprawl epidemic: why CISOs are drowning in overlapping platforms, how 7% of IT budget became the “standard,” when best-of-breed actually beats single-vendor, and how to start consolidating before you go insane.

Real talk from three practitioners who’ve lived the nightmare.

Timestamps (short & sweet edition)

00:00 – 60+ tools per company… are we actually safer?

03:17 – The 7% of IT budget “rule” – is it enough?

06:21 – Cybersecurity isn’t insurance, it’s risk mitigation

11:05 – Shelfware nightmare: tools bought, never used

14:30 – Single-vendor vs best-of-breed debate

28:40 – The shiny new toy problem every CISO faces

36:20 – Analyst alert fatigue is real

40:05 – Best-of-breed wins when tools actually talk

47:36 – You need a 3–5 year roadmap (even if you won’t be there)

49:02 – AI wasn’t on anyone’s 5-year plan… now what?

51:09 – Pro tips for CISOs & analysts

54:35 – Wrap-up & see you next week!

Subscribe so you never miss the raw truth about cybersecurity.

🔔 Turn on notifications – new episode every Monday!

💬 Comment: How many security tools does YOUR org actually use?

#Cybersecurity #ToolSprawl #CybersecurityTools #CISO #BestOfBreed #SecurityConsolidation #DTFCyberPodcast

Linkedin:

Damian: https://www.linkedin.com/in/damianchung/

Troy: https://www.linkedin.com/in/kosovotroy/

Fern: https://www.linkedin.com/in/fernrojasaz/

Business Inquiries: dtf at cyberpodcast dot net

In this eye-opening episode of the DTF Cyber Podcast, hosts Damian, Troy, and Fern tackle the theme of trust in cybersecurity. From external hackers spoofing CEOs in Microsoft Teams to incident response firms secretly double-dipping in ransomware negotiations, and a shocking $106M heist at the Louvre enabled by the password “louvre,” the crew explores real-world threats and defenses. Plus, tips on security training, OSINT risks, mental health in cyber, and protecting against title fraud.

Whether you’re in security or just curious, this episode reminds us: trust but verify—or pay the price.

Timestamps:

00:00 – Intro

01:00 – Microsoft Teams Spoofing Vulnerability Exposed

04:30 – Process Over Tech: Training for Wire Fraud & Deepfakes

08:00 – Data & Identity: Top CISO Concerns

15:32 – CEO Outreach? Double-Check the Source

17:31 – Gamified Training: Making Awareness Stick

20:06 – Why Annual Training Fails—Go Quarterly

26:34 – Instincts Matter: If It Feels Off, Verify

28:18 – IR Brokers Gone Rogue: Representing Both Sides

39:49 – Vetting Vendors & Diversifying Suppliers

42:31 – White-Collar Crime Triggers & Mental Health Support

46:04 – If There’s Money, Expect Cheaters

47:28 – The Louvre Heist: Bucket Trucks & Weak Passwords

50:06 – Camera Password “Louvre” Since 2014

52:10 – Complacency Kills: Beyond Default Passwords

01:07:13 – Title Fraud Scams: Lock Your House & Car Titles

01:10:05 – AI-Fueled Fraud in the Digital Age

01:12:35 – Threat Spectrum: External to Insider Risks

01:15:11 – Pro Tip: Ask a Security Expert—Don’t Guess

Subscribe for unfiltered cyber insights every week.

🔔 Enable notifications—don’t miss an episode!

💬 Comment below: Ever spot a spoofed message in Teams? Share your story!

#Cybersecurity #DTFCyberPodcast #MicrosoftTeams #Ransomware #LouvreHeist #TrustButVerify #InsiderThreats #SecurityTraining

Articles:

https://thehackernews.com/2025/11/microsoft-teams-bugs-let-attackers.html

https://arstechnica.com/security/2025/11/fbi-arrests-ransomware-clean-up-experts-for-planting-ransomware/?utm_campaign=dhtwitter&utm_content=%3Cmedia_url%3E&utm_medium=social&utm_source=twitter

https://cybernews.com/news/louvre-password-heist/

Linkedin:

Damian: https://www.linkedin.com/in/damianchung/

Troy: https://www.linkedin.com/in/kosovotroy/

Fern: https://www.linkedin.com/in/fernrojasaz/

Business Inquiries: dtf at cyberpodcast dot net

Dive into the wild world of cybersecurity certifications on this episode of the DTF Cyber Podcast! Hosts Damien, Troy, and Fern break down whether certs are the golden ticket to a six-figure cyber career, or if passion, experience, and networking matter more. From entry-level tips like CompTIA Security+ to gold standards like CISSP, they share real talk on getting hired, avoiding burnout, and building a standout resume in today's tough job market. Perfect for newbies, mid-career pros, or anyone pivoting into cyber.

🔥 Key Topics:

Do you really need certs to break into cyber?

Best beginner certs vs. advanced ones

The power of home labs, side projects, and networking

Avoiding the "cert collector" trap

Mid-career advice for layoffs and upskilling

🚀 Subscribe for more raw cyber insights, hit the bell for notifications, and drop your cert stories in the comments! Email us at [email protected] or connect on LinkedIn.

Timestamps:

00:00 - From data breaches to six-figure hacker-hunter dreams

03:15 - Fern's confession

06:24 - Continuing education like doctors – Do you need certs to start?

08:03 - No "one cert" guarantees a job – Stand out with initiative

11:08 - Chasing money vs. passion: Burnout risks in cyber

15:35 - "Love your job, never work a day" – Finding your cyber niche

18:19 - New grads: Focus on certs, experience, or networking first?

19:29 - Damien's hiring advice: Internships over Ivy League degrees

22:31 - Entry-level picks: CompTIA Security+, CEH – Show initiative

23:28 - Home labs & side projects: Build and talk about them!

29:33 - Python scripting: The invaluable skill that lands big roles

32:31 - Mid-career: CISSP for screening, but tailor to your path

36:15 - Avoid silos: Broaden skills in big vs. small companies

38:35 - SANS certs: Pricey but powerful

40:14 - Retention: Invest in training, build culture

46:36 - Beat AI resume scanners: Network to bypass bots

50:21 - Salary expectations & red flags in job apps

53:23 - Late-career: Network trumps certs

54:04 - Final tips: Local meetups, be bold, ask for what you want

58:05 - Pro networking hack:

59:27 - Magic tricks as icebreakers?

#Cybersecurity #Certs #CISSP #SecurityPlus #CyberCareer #DTFPodcast

Linkedin:

Damian: https://www.linkedin.com/in/damianchung/

Troy: https://www.linkedin.com/in/kosovotroy/

Fern: https://www.linkedin.com/in/fernrojasaz/

Business Inquiries: dtf at cyberpodcast dot net

Join hosts Fern and Troy as they sit down with legendary negotiator and cybersecurity expert Jean Shapiro (formerly of American Express) for an in-depth discussion on navigating cybersecurity budgets, building trust with vendors, leveraging crises for improvement, and fostering a culture of transparency. From managing $2B budgets to avoiding sales pitfalls and tying security to business impact, Jean shares real-world insights from her decades in the field. Whether you’re dealing with ransomware recovery, brand protection, or innovation funding, this episode is packed with gold nuggets for CISOs, security leaders, and vendors alike.

If you enjoy raw, unfiltered conversations on cyber defense, hit that LIKE button, SUBSCRIBE for more episodes, and drop a comment below: What’s your biggest budgeting challenge in cybersecurity?

🔗 Listen on Spotify/Apple Podcasts:

spotify.cyberpodcast.net

apple.cyberpodcast.net

#Cybersecurity #CISOBudget #SecurityFunding #VendorManagement #Ransomware #CISOAdvice

Timestamps:

00:00 – Intro & Jean Shapiro’s Epic Entrance

03:27 – Why Non-Tech Leaders Struggle to Understand Security

06:10 – Educating Buyers Through Breach News & Real-World Examples

09:06 – Gold Nugget #1: Never Let a Good Crisis Go to Waste

12:36 – Building a Culture of Transparency (No Finger-Pointing)

16:21 – Partnering with CIOs: Fixing Legacy Issues Without Blame

18:46 – Getting Budget: Tie Security to Revenue Loss & Business Impact

23:29 – Risk & Brand Protection in Budget Conversations

26:11 – Risks Breakdown: Litigation, Regulation, Operational Downtime

28:00 – Ransomware Myths: Why Paying Isn’t a Quick Fix

31:56 – Frameworks (NIST, MITRE ATT&CK) for Data-Driven Budgets

37:32 – Carving Out Budget for Innovation & AI Tools

40:46 – Tips: Align with Strategic Initiatives (Don’t Just Slap AI on It)

43:02 – Sales Call Frustrations: “What Keeps You Up at Night?”

47:19 – Protecting Proprietary Info in Vendor Calls (No Recordings!)

51:23 – Post-Sale Support: Don’t Ghost After the Deal

55:38 – Burning Vendor Bridges: When to Replace Tools

58:03 – Sales Ghosting Between Roles: It Bites Back

1:05:16 – Sales Incentives Exposed: Why Renewals Get Weird

1:10:20 – Negotiating with VARs: Avoid Desperation Deals

1:19:00 – Closing Thoughts: Know Your Numbers, Talk Business Language

Thanks for watching! Stay secure out there.

Linkedin:

Damian: https://www.linkedin.com/in/damianchung/

Troy: https://www.linkedin.com/in/kosovotroy/

Fern: https://www.linkedin.com/in/fernrojasaz/

Welcome to Episode 23 of the DTF Cyber Podcast! 🎙️ Join our hosts as they dive into the evolving world of cybersecurity leadership, exploring what it takes to be a CISO in 2025. From technical acumen vs. business savvy to AI’s revolutionary impact on the industry, we unpack critical insights for aspiring and seasoned security pros. Plus, hear about Vegas’s tight-knit cyber community, data breach lessons, and the F1 party vibe! ​​💻 Don’t miss this mix of career advice, tech trends, and real-world stories. Subscribe for weekly cyber insights! 🚀 #Cybersecurity #CISO #AIinCybersecurity #DataBreaches #VegasCyber

Timestamps:

00:00 —Intro & Vegas F1 Excitement

The crew kicks off with Formula 1 hype, Vegas nightlife, and how local cyber pros turn big events into networking gold.

06:35 — The CISO Role Debate

Do you need deep technical chops or business instincts to lead? The team unpacks the “technical vs. strategic” clash lighting up LinkedIn.

14:23 - The Castle & Sword Analogy

Defending your organization like a kingdom; strategy, trust, and the danger of “fighting every battle yourself.”

20:10 — Stats, Pay Gaps & AI’s Influence

Why technical CISOs earn more, how AI is reshaping cybersecurity, and why partnership beats isolation.

28:27 — AI’s Impact on Cybersecurity

Working alongside business units to secure AI-driven projects — and the risks of “vibe-coding” without controls.

33:17 - Leadership Humility

The power of admitting mistakes: how transparency builds trust and kills ego-driven cyber culture.

36:01 — SOC Lifers & Innovation

Why some pros never leave the trenches — balancing hands-on skill with creative problem-solving.

41:01 — The Hybrid Advantage

Why the best CISOs blend technical depth, business vision, and empathy to lead modern security teams.

45:28 — VARs, Pizza & Procurement

How to question vendors the smart way — and why “what fails” matters more than “what sells.”

49:45 — Data Retention & Breaches

Third-party risk, compliance headaches, and why storing IDs “just in case” creates future breaches.

54:34 — Breach Fatigue

Lessons from a 70,000-user data leak — protecting your identity and regaining trust in a breach-saturated world.

Topic Links:

https://www.linkedin.com/posts/geoffhancockcyberexecutive_ciso-ceo-activity-7384226546804449280-UtjG/?utm_source=share&utm_medium=member_ios&rcm=ACoAAAPdJL0B8xce6ECZfPNPS2Hp24evoT2uY0E

https://cybersecuritynews-com.cdn.ampproject.org/c/s/cybersecuritynews.com/discord-data-breach-sensitive-data/amp/

Connect with Us:

• Follow DTF Cyber Podcast on X for updates!

• Share your thoughts in the comments! What’s your take on the CISO role in 2025?