Send us a text

Grant McCracken shares his groundbreaking PhD research on satellite security, revealing how vulnerable our orbital infrastructure is to cyberattacks and the urgent need for better security measures before quantum computing renders current encryption obsolete.

• Satellites face unique security challenges with limited patching windows of only 15 minutes during orbit
• Most satellites run on outdated technology with numerous vulnerabilities that can allow complete takeover
• A real-world attack in 2022 showed how Russia could penetrate ground stations and control entire satellite constellations
• Post-quantum encryption will be essential within 5-10 years according to global experts
• CubeSats (small satellites) can be purchased and tested by anyone, creating both research opportunities and security risks
• Bug bounty programs provide unique opportunities for security researchers to specialize and potentially earn substantial rewards
• Zero trust principles must be applied to satellite security before launch since patching in orbit is extremely difficult
• The infrastructure dependent on satellites includes GPS, cellular communications, and financial transactions

You can find Grant on LinkedIn by searching "Grant McCracken Dark Horse" or contact him directly at [email protected]. His company Dark Horse Security helps organizations at all budget levels improve their security posture, including pro bono work for those who cannot afford security services.

Support the show

Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube: https://www.youtube.com/@securityunfilteredpodcast

Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast

Send us a text

In this episode, we delve into the transformative journey of artificial intelligence and its profound impact on job markets worldwide. From automation to innovation, AI is reshaping industries, creating new opportunities, and challenging traditional employment paradigms. Join us as we explore how AI is redefining work, the skills needed for the future, and the balance between technological advancement and human potential. Tune in to understand the dynamics of this AI-driven era and what it means for the workforce of tomorrow.

00:00 The Journey of Persistence
02:46 The Importance of Personal Branding
05:04 Navigating the AI Landscape
10:26 The Future of Work and AI Displacement
15:42 Ethics and Governance in AI
20:54 The Power and Risks of AI Technology
25:32 The Complexity of AI Threats
29:14 The AI Arms Race
32:52 Human Value in an AI-Driven World
37:35 The Reliability of AI as a Fact Checker
39:56 Understanding AI Bias and Transparency
47:49 Navigating AI Governance and Security


Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube:    / @securityunfilteredpodcast  

Instagram:   / @secunfpodcast  
Twitter:   / @secunfpodcast

Support the show

Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube: https://www.youtube.com/@securityunfilteredpodcast

Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast

Send us a text

Carlos Corrador shares his journey from aspiring lawyer to founding Condor Agency, a specialized marketing firm for B2B tech services companies. We explore how deep specialization, personal branding, and adapting to AI are critical for survival in today's rapidly changing business landscape.

• Started as a sports journalist in Venezuela before discovering digital marketing through website building
• Moved to Chicago for a master's in digital marketing before founding Condor Agency
• Specializing in a niche is crucial - "the riches are in the niches"
• Marketing effectively requires understanding who your ideal customer is before investing in campaigns
• Personal branding requires focusing on an industry or specific topic where you can provide unique insights
• Content should provide deeper value than what people can get from ChatGPT
• The "crawl, walk, run" approach ensures businesses build proper foundations before scaling marketing efforts
• Paid promotion of specialized content can put you in front of decision-makers who would never find you organically
• With AI disrupting traditional roles, specialists will survive while generalists may struggle
• Focusing on what AI cannot yet do well positions you to thrive during technological disruption

Find Carlos at condoragency.com or connect with him on LinkedIn.

Support the show

Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube: https://www.youtube.com/@securityunfilteredpodcast

Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast

Send us a text

Sergey Novikov shares his fascinating journey from early days at Kaspersky Lab through his evolution as a malware analyst and cybersecurity expert, offering unique insights into the changing threat landscape and ethical considerations of security research.

• Started at Kaspersky in 2002 when it was a small startup with fewer than 100 employees
• Applied mathematics background led to research correlating human epidemic models with computer virus propagation
• Worked as a "woodpecker" malware analyst detecting threats 24/7
• Became part of Kaspersky's elite Global Research and Analysis Team (GREAT)
• Team took pride in identifying APTs regardless of national origin to protect customers worldwide
• Described security researchers as "paleontologists" uncovering complex digital threats
• Participated in analysis of sophisticated threats like Stuxnet requiring specialized knowledge
• Left Kaspersky in 2022 after Russia-Ukraine conflict began
• Transitioned to pharmaceutical industry cybersecurity before joining CyberProof
• Observes modern threats have blurred lines between nation-state actors, cybercriminals and hacktivists
• Believes cybersecurity professionals must maintain perpetual learning mindset
• Recommends self-learning and hands-on experience for aspiring security researchers
• Notes AI is enabling more agile, automated attacks rather than quantum computing threats

Connect with Sergey on LinkedIn or visit cyberproof.com to learn more about their security services and research blog.

Support the show

Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube: https://www.youtube.com/@securityunfilteredpodcast

Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast

Send us a text

SaaS platforms represent a significant security blind spot for many organizations, with misconceptions about the shared responsibility model leaving sensitive data vulnerable to exposure. Aaron Costello, Chief of SaaS Security Research at AppOmni, shares insights from his research uncovering five zero-day vulnerabilities in Salesforce Industry Clouds and explains why SaaS security requires specialized expertise.

• Security teams often mistakenly believe SaaS vendors are fully responsible for security
• The shared responsibility model means customers must secure their own configurations and customizations
• Nearly a third of Salesforce customers use Industry Cloud solutions, which were found to contain significant vulnerabilities
• Agentic AI introduces new security challenges requiring strict access control implementation
• AppOmni provides visibility by connecting to SaaS platforms and analyzing security metadata
• Effective SaaS security requires collaboration between platform administrators and security teams
• Acquisition scenarios create particular security challenges when integrating new technologies
• The most effective approach combines administrative knowledge with security expertise

If you're interested in learning more about SaaS security or accessing the full Salesforce Industry Clouds research paper, visit appomni.com and check out the AO Labs section of their blog.

Support the show

Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube: https://www.youtube.com/@securityunfilteredpodcast

Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast

Send us a text

Cybersecurity expert Bob Kochan from Beyond Identity discusses the evolution of security from network defense to identity-first approaches. He shares insights on how AI is transforming security operations while creating new threat vectors, emphasizing the need for phishing-resistant authentication solutions in today's threat landscape.

• Traditional security focused on network layers, but SaaS adoption exposed vulnerable identity systems
• Zero Trust architecture must start with device-level security and extend through the entire authentication chain
• AI will augment rather than replace security professionals, making systems-thinkers 10x more effective
• Government agencies are often driving cybersecurity innovation faster than private industry
• Security solutions must prioritize usability or users will inevitably find workarounds
• Legacy MFA solutions are insufficient against modern attack methods like phishing and deepfakes
• Security should be designed into systems from the start rather than bolted on as "security through configuration"
• Nation-state funded threat actors have created their own innovation ecosystem rivaling private sector development
• Beyond Identity offers phishing-resistant authentication that eliminates password vulnerabilities

Check us out at beyondidentity.com or visit us at our booth at Black Hat this year.

00:00 The Entrepreneurial Spirit

02:35 Passion and Problem-Solving in Startups

05:12 The Evolution of Cybersecurity

07:49 AI's Impact on Security

10:19 The Role of Engineers in Cybersecurity

12:51 AI and the Future of Cybersecurity

15:16 Research and AI Tools in Cybersecurity

22:05 The Impact of AI on Employment

Support the show

Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube: https://www.youtube.com/@securityunfilteredpodcast

Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast

Send us a text

Aksa Taylor shares her journey from electrical engineering to cybersecurity, highlighting how curiosity and focused passion can open unexpected career doors in the security industry.

• Finding specific interests within cybersecurity rather than trying to "get into security" broadly
• Building a personal brand through knowledge sharing and community contributions
• Quantum computing's progression from theoretical to practical applications in security
• The challenges posed by unrealistic job descriptions and automated filtering systems
• How AI capabilities create both opportunities and new risks for security teams
• Weighing the tradeoffs between established security vendors and innovative startups
• The critical importance of customer support quality when evaluating security solutions
• Community-building as a foundational element of the security profession

Abstract Security recently published a free community resource book called "Applied Security Data Strategy" for those interested in security data operations.

Support the show

Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube: https://www.youtube.com/@securityunfilteredpodcast

Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast

Send us a text

Ric Prado shares his remarkable journey from Cuban refugee to CIA Senior Operations Officer, revealing how being separated from his parents at age 8 during Castro's revolution eventually led him to America where he found purpose in military service and intelligence work.

• Escaped Cuba at age 8 through Operation Peter Pan, sent alone to a Colorado orphanage
• Joined Air Force Pararescue (PJs), enduring brutal training that forged his determination and resilience
• Transitioned to CIA where his Spanish language skills and paramilitary background made him uniquely valuable
• Spent three years in Contra camps fighting against the same communist forces that drove him from Cuba
• Co-founded the Bin Laden Task Force in 1996, gathering intelligence on threats before most knew the name
• Served as Chief of Operations at the CIA Counterterrorism Center during 9/11
• Wrote his memoir "Black Ops" to honor fallen colleagues and correct misconceptions about the CIA

Find Ric Prado's book and more information at www.ricprado.com

Support the show

Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube: https://www.youtube.com/@securityunfilteredpodcast

Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast

Send us a text

Support the show

Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube: https://www.youtube.com/@securityunfilteredpodcast

Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast

Send us a text

Anurag Lal discusses the critical importance of quantum-resistant encryption for enterprise messaging and the urgent need for organizations to prepare for the coming quantum computing revolution that will render current encryption methods obsolete.

• Anurag's extensive background in technology from Apple to Sprint and participation in the National Broadband Task Force
• How mobile messaging has infiltrated enterprises without proper security consideration
• Consumer messaging apps were never designed to be secure, controlled by IT, or regulatory-compliant
• What "true end-to-end encryption" means and why most platforms claiming it actually decrypt messages in transit
• The concept of "Q-Day" - when quantum computers will break current encryption methods
• Biden administration's executive order mandating quantum-resistant encryption by 2028
• How cyber capabilities have been weaponized by nation-states, creating unprecedented threats
• AI-powered phishing attacks becoming increasingly sophisticated, including voice cloning
• The importance of implementing quantum-proof encryption now rather than waiting
• Netsphere's approach to quantum-resistant security for enterprise messaging

Find Anurag on LinkedIn (Anurag Lal) and learn more about Netsphere at netsphere.com

Chapters

00:00 Introduction and Background of Anurag Lal
05:52 Netsphere: A Solution for Secure Enterprise Messaging
12:08 The Importance of Encryption and Quantum Security
18:03 Apple's Approach to Security and Personal Experiences
28:34 Security Perspectives: Apple vs. Android
35:46 The Urgency of Quantum Security
43:10 Access Control: The Weakest Link in Security
49:42 AI in Phishing: A Real-World Example

Support the show

Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube: https://www.youtube.com/@securityunfilteredpodcast

Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast