Down the Security Rabbithole Podcast (DtSR)

TL;DR: On this week's pod - Sean Scranton and Shawn Tuma make a return appearance to talk about Cyber (Security) Insurance. Some see it as the answer to cyber's problems, while others see it as just another question. Which is it? Is it just a matter of perspective? Listen in and find out!YouTube Video: https://youtube.com/live/GiuheFiFO78Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: This week's pod is all about healthcare-related data that is bought and sold the world over - and how you this data can be utilized while still preserving privacy. In this mind-blowing segment, John Kuhn of Integral joins Jim and I to talk about the vast quantities of data that's bought, sold, and aggregated for healthcare research - and how it can be used for good, while still preserving people's privacy (or what's left of it - debate ensues).YouTube Video: https://youtube.com/live/aa1xKEvhS5E?feature=shareHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: If you've ever wondered what goes through the mind of a top-tier CISO, wonder no longer. This week's episode features Trey Ford talking a little nostalgia, and a little of what's on his mind as a CISO. Fantastic episode, shout out to BugCrowd for the episode.Youtube video: https://youtube.com/live/uFl45Tb93gY?feature=shareHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR:  Let's talk, err, lament, Third Party Risk programs. Who has time for these, and is there any real value in identifying 3rd party risks? Or is it just all theater for the lawyers? Paul Farley joins Jim, James and Rafal to chop it up.Dive in with us, and see what you think.YouTube Video: https://youtube.com/live/Le23nkaybfEHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR:  This week's episode is what happens when I go on vacation and have a little time to think. So here we go - let's talk about this Jaguar Land Rover was compromised and ransomware spread. The damage has been 'extensive' to the point where they stopped everything... are there any lessons here?Linkshttps://www.theguardian.com/business/2025/sep/20/jaguar-land-rover-hack-factories-cybersecurity-jlrhttps://www.theguardian.com/business/2025/sep/20/jaguar-land-rover-hack-factories-cybersecurity-jlrhttps://www.reuters.com/en/tata-motors-jlr-return-manufacturing-after-cyber-attack-2025-09-29/YouTube link: https://youtube.com/live/1wjwskUrztkHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: This podcast features our friend Bo Birdwell who sits down with us to explain the ins and outs of the new DFARS CMMS update. Jim and Bo cover a lot of ground, and James and I are along for the ride asking questions.Great episode if you're in the space, worrying about what this latest update means to you.YouTube Video: https://youtube.com/live/0cl1S4f3g8EHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: This week's returning guest is Doug Cavit, but this time he's here to talk about the Internet apocalypse. Partly driven by AI, but mostly we discuss automated content generation, bots, and consumption as we reach the conclusion that it's all coming crashing down... sooner than we'd like.YouTube Video: https://youtube.com/live/tUJgdrh3ws8Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: Michael Reichstein joins the pod this week to talk about "rock star CISOs" and those who trade equity for their souls. It's an interesting discussion but this one comes with a warning label: If you're easily offended, do not listen to this.Michael's post that started this conversation: https://www.linkedin.com/posts/mreichstein_cybersecurity-leadership-businessethics-activity-7361753110983135233-YSctYouTube video: https://youtube.com/live/N1mD_HLYDxUHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Join Jeff Williams, CTO and founder of Contrast Security with over 30 years in application security, and Anton Chuvakin, a former Gartner analyst known for his expertise in SIEM, as they dive into the hot topic of Application Detection and Response (ADR). They explore how ADR enhances cybersecurity frameworks and contrasts it with traditional defenses. The duo discusses the shift in application security from perimeter defenses to integrated solutions, and the challenges of detecting sophisticated attacks, advocating for improved monitoring in Security Operations Centers.

TL;DR: This week's returning guest is the man, the myth, the Alpaca farmer, Philippe Humeau of CrowdSec. Life comes at you fast, threats come at you faster. The good news is - defenses can keep up. Listen in, then go check out CrowdSec!YouTube video: https://youtube.com/live/7Xc99bXCfwQHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast