Send us a text

The episode focuses on the evolving threats posed by phishing scams enhanced by artificial intelligence, particularly in corporate settings. Tim Chase shares real-life experiences and insights into the changing landscape of cybersecurity and the need for tailored training to empower employees in recognizing and combating these threats.

• Discusses a significant gift card scam incident 
• Examines the evolution of phishing tactics and AI's role 
• Emphasizes the necessity of role-based security training 
• Highlights the importance of social engineering awareness 
• Advocates for creating a culture of communication about suspicious emails 
• Suggests positive reinforcement techniques to promote cybersecurity awareness 

You can also align future security initiatives with effective training methods, focusing on current challenges arising from evolving threats.

Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations.

PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

Send us a text

Jess Vachon shares insights into her calm approach as a CISO and how empathy in cybersecurity can significantly transform organizational culture. The episode emphasizes the importance of effective communication, role-based training, and the evolving impact of artificial intelligence on how organizations secure their operations. 

• Exploring personal journeys into cybersecurity 
• Importance of mentorship and coaching in the field 
• Balancing cybersecurity budgets and investments 
• Communication as a key to successful cybersecurity strategies 
• Tailored role-based training for improved retention 
• Challenges and opportunities presented by AI in security 
• Building a compassionate and cooperative security culture

Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations.

PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

Send us a text

In our latest episode, Angela Chen, CIO of the University of Delaware, shares her personal experience with phishing, revealing the profound emotional and psychological impacts of these attacks. We discuss the importance of making cybersecurity a collective responsibility that spans generational divides and the need for tailored education to enhance awareness among vulnerable populations. 

• Angela's personal experience highlights the emotional toll of phishing 
• The impact of phishing on trust and mental health is profound 
• Younger and older generations are particularly vulnerable 
• Universities face challenges in effectively educating students on cybersecurity 
• The dual-role of AI in enhancing and threatening cybersecurity 
• Effective communication is crucial for changing security behaviors 
• Positive reinforcement ("carrot") approach over punitive measures ("stick") 
• Collaboration and learning from one another are key in boosting awareness

Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations.

PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

Send us a text

The episode emphasizes the critical role of security awareness in protecting organizations from cyber threats, particularly phishing attacks. Andrew Obadiaru, CISO of Cobalt, discusses strategies for enhancing employee education, implementing phishing simulations, and leveraging AI to stay ahead of evolving cybercriminal tactics.

• The human element is key in cybersecurity defense 
• Importance of security awareness training for all employees 
• Insights into conducting phishing simulations and their benefits 
• Current trends in phishing attacks and use of AI 
• Strategies for engaging employees in security training 
• Tips for maintaining vigilance against cyber threats 
• AI as a tool for enhancing security and its associated risks

Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations.

PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

Send us a text

Ever thought attending a security awareness class could make you more vulnerable to phishing attacks? Join us as Wendy Nather, a former CISO, unravels this unexpected phenomenon and challenges industry norms. We tackle the complexities of security training and explore why traditional methods might not be hitting the mark. Wendy shares insights into designing systems that protect against human errors, advocating for a collaborative approach that includes everyone from developers to IT staff in building robust cybersecurity frameworks.

Our conversation takes a turn as we highlight the importance of role-based training and engaging diverse personality types in cybersecurity education. Drawing from real-life anecdotes, like the Starbucks gift card phishing fiasco, we stress the need for clear communication and the introduction of security principles from a young age. This episode emphasizes how early tech exposure shapes user behavior, and we discuss tailored education strategies for different organizational roles to build a culture of security mindfulness.

Finally, we explore the art of empowering employees to recognize and report suspicious activities, sharing personal stories of innovative attacker tactics. From gamification to competitive training exercises, we propose fresh ways to make security training more engaging and effective. As we challenge long-held industry assumptions, we advocate for an environment where users feel safe to report mistakes, continuously reassessing and innovating cybersecurity practices to keep ahead of threats.

Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations.

PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

Send us a text

What if the key to fortifying your organization's cybersecurity was hidden in the ethical deployment of AI? Join us for an enlightening conversation with Dr. Joshua Scarpino, a dual expert in cybersecurity as CISO VP of Information Security at TrustEngine and CEO of Assess Intelligence. Our episode charts the powerful intersection of AI and cybersecurity, exploring how AI can both shield against and execute cyber threats, and why a comprehensive risk management approach is crucial for any enterprise. Dr. Scarpino's insights highlight the pressing need for responsible AI practices, addressing biases, and maintaining fairness in automated decisions.

Our discussion takes a deep dive into the innovative methods of security training, including the potent mix of continuous education and gamification. We explore the significance of understanding the risk landscape and the necessity of personalized security education, particularly for new hires who may be more susceptible to targeted attacks. From interactive modules to scenario-based learning, discover how these dynamic training methods can enhance engagement and retention, contrasting starkly with the often monotonous governmental training programs. The episode underscores the pivotal role of feedback in refining training programs, fostering a culture that bridges gaps between personal and professional security practices.

We conclude by emphasizing the integral role of building partnerships and fostering cybersecurity engagement within organizations. This includes challenging the misconception that security impedes business progress, and instead, highlighting how it can be a key enabler. The conversation pivots to the role of ethical AI, privacy concerns, and the need for transparency as technology continues to evolve rapidly. Dr. Scarpino advocates for a proactive and supportive cybersecurity culture that integrates AI into foundational risk management processes. Tune in to learn how to create a robust security-aware culture, where employees at all levels actively participate in safeguarding organizational assets.

Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations.

PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

Send us a text

Join us for an insightful conversation with Ira Winkler, the Chief Information Security Officer of CYE Security, as we explore the often-overlooked human element in cybersecurity. With a rich career spanning more than 30 years, Ira shares compelling insights drawn from his experiences at the NSA, Walmart, and HP. Together, we challenge the traditional notion that users are the last line of defense in cybersecurity, advocating instead for intelligent system designs that don't place undue blame on individuals. Drawing on safety science principles and his latest book, "You Can Stop Stupid," Ira unpacks the importance of creating systems resilient enough to withstand human error.

Embark on a thrilling journey through the unpredictable world of security testing and compliance challenges. Through fascinating anecdotes and humorous tales of social engineering, we reveal the ingenuity required to outsmart technical defenses. A surprising encounter with a facility's operations manager provides a glimpse into the nuanced nature of security testing, showcasing the creativity and quick thinking needed in high-stakes situations. These stories highlight the essential human strategies that underpin robust security measures and the excitement that comes with penetration testing.

As we wrap up, the conversation shifts to the integration of behavioral science in cybersecurity and the importance of a balanced "just culture" within organizations. By examining AI-driven threats like deep fakes and contrasting approaches to policy violations, we underline the need for comprehensive training and effective security awareness metrics. Ira's insights drive home the message that meaningful discussions and diverse perspectives can enrich the security culture, ultimately enhancing an organization's resilience against evolving threats. Join us in this engaging session of "Fishing for Answers with Ira Winkler" and be prepared to challenge your assumptions about the role of humans in cybersecurity.

Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations.

PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

Send us a text

In this enlightening episode of “Phishing for Answers,” Kevin Gowen, CISO at Synovus, takes us on a journey through three decades of transformation—both for himself and the bank. From his start in IT and risk management to a near-instant leap into the top security role, Kevin shares how Synovus’ security culture has evolved alongside industry threats. Host Joshua Crumbaugh digs into Kevin’s perspectives on AI-driven attacks, employee-focused training, and why the “human element” remains cybersecurity’s biggest challenge—and greatest opportunity. Tune in for a candid look at how one financial powerhouse balances innovative defenses with real-world practicality, proving that strong security is, ultimately, all about people.

Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations.

PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

Send us a text

In this candid conversation, Allan Abrams, CISO at Kipu Health, joins “Phishing for Answers” to share how an early fascination with computers (and a few 2600 magazine exploits) set him on the path to cybersecurity leadership. Host Joshua Crumbaugh digs into Allan’s journey—from poking around pay phones in high school to defending PHI in a cutting-edge healthcare environment. Along the way, they unpack why a carrot beats a stick in security awareness, how personalizing training fosters a truly collaborative security culture, and where AI can take us next (for good or for ill) in protecting sensitive data. If you’ve ever wanted real-world tips on turning employees into engaged cyber-defenders—at work and at home—tune in for Allan’s fresh insights on building empathy-driven, people-first security programs.

Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations.

PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!

Send us a text

What happens when a sneaky phish nabs your domain credentials and quietly reroutes your customers to a competitor’s site? Today’s guest Jyotin (Jotun) Gambhir has seen it all—and that’s just one of his many cautionary tales. In this special Security Awareness Month edition of “Phishing for Answers,” Jyotin draws on 20+ years of cybersecurity consulting (with stints at Deloitte Touche, IBM Tivoli, and BMC Software) to spotlight the evolving threat landscape—especially how AI is supercharging both scams and defense strategies.

From AI-crafted deepfakes that can clone a colleague’s voice to old-school tailgating attacks where politeness becomes your vulnerability, Jyotin reminds us that human behavior is still the ultimate playing field. He shares why small policy tweaks (think strict wire-transfer rules) may stop AI-spoofed executives, and why “carrot over stick” is the key to building a truly vigilant security culture. Plus, if you’re an entrepreneur in cyber, don’t miss Jyotin candid insights on balancing top-notch tech with real-world sales and marketing chops.

No matter the tech—IoT, AI, or legacy systems—Jyotin preaches the basics: know your risks, respond fast, and proactively protect. Because in an era where a single lapse in judgment can turn your business upside down, continuous monitoring and ongoing awareness training isn’t just a best practice—it’s the cost of staying in the game.

Joshua Crumbaugh is a world-renowned ethical hacker and a subject matter expert in social engineering and behavioral science. As the CEO and Founder of PhishFirewall, he brings a unique perspective on cybersecurity, leveraging his deep expertise to help organizations understand and combat human-centered vulnerabilities in their security posture. His work focuses on redefining security awareness through cutting-edge AI, behavioral insights, and innovative phishing simulations.

PhishFirewall uses AI-driven micro-training and continuous, TikTok-style video content to eliminate 99% of risky clicks—zero admin effort required. Ready to see how we can fortify your team against phishing threats? Schedule a quick demo today!