Shared Security Podcast
Tom Eston, Scott Wright, Kevin Johnson
Shared Security is the the longest-running cybersecurity and privacy podcast where industry veterans Tom Eston, Scott Wright, and Kevin Johnson break down the week’s security WTF moments, privacy fails, human mistakes, and “why is this still a problem?” stories — with humor, honesty, and hard-earned real-world experience. Whether you’re a security pro, a privacy advocate, or just here to hear Kevin yell about vendor nonsense, this podcast delivers insights you’ll actually use — and laughs you probably need. Real security talk from people who’ve lived it.
Episodes
Mentioned books
Nov 24, 2025 • 18min
AI Agent Does the Hacking: First Documented AI-Orchestrated Cyber Espionage
In this episode, we discuss the first reported AI-driven cyber espionage campaign, as disclosed by Anthropic. In September 2025, a state-sponsored Chinese actor manipulated the Claude Code tool to target 30 global organizations. We explain how the attack was executed, why it matters, and its implications for cybersecurity. Join the conversation as we examine the […]
The post AI Agent Does the Hacking: First Documented AI-Orchestrated Cyber Espionage appeared first on Shared Security Podcast.
Nov 17, 2025 • 19min
OWASP Top 10 for 2025: What’s New and Why It Matters
In this episode, we discuss the newly released OWASP Top 10 for 2025. Join hosts Tom Eston, Scott Wright, and Kevin Johnson as they explore the changes, the continuity, and the significance of the update for application security. Learn about the importance of getting involved with the release candidate to provide feedback and suggestions. The […]
The post OWASP Top 10 for 2025: What’s New and Why It Matters appeared first on Shared Security Podcast.
Nov 10, 2025 • 15min
Meet NEO 1X: The Robot That Does Chores and Spies on You?
The future of home robotics is here — and it’s a little awkward. Meet the NEO 1X humanoid robot, designed to help with chores but raising huge cybersecurity and privacy questions. We discuss what it can actually do, the risks of having an always-connected humanoid in your home, and why it’s definitely not the “Robot […]
The post Meet NEO 1X: The Robot That Does Chores and Spies on You? appeared first on Shared Security Podcast.
Nov 3, 2025 • 15min
OpenAI’s ChatGPT Atlas: What It Means for Cybersecurity and Privacy
In this episode, we explore OpenAI’s groundbreaking release GPT Atlas, the AI-powered browser that remembers your activities and acts on your behalf. Discover its features, implications for enterprise security, and the risks it poses to privacy. Join hosts Tom Eston and Scott Wright as they discuss everything from the browser’s memory function to vulnerabilities like […]
The post OpenAI’s ChatGPT Atlas: What It Means for Cybersecurity and Privacy appeared first on Shared Security Podcast.
Oct 27, 2025 • 19min
It’s Always DNS: Lessons from the AWS Outage
In episode 404 (no pun intended!) we discuss the recurring issue of DNS outages, the recent Amazon AWS disruption, and what this reveals about our dependency on cloud services. The conversation touches on the need for tested business continuity plans, the implications of DNS failures, and the misconceptions around cloud infrastructure’s automatic failover capabilities. ** […]
The post It’s Always DNS: Lessons from the AWS Outage appeared first on Shared Security Podcast.
Oct 20, 2025 • 23min
Is Sora 2 the Future of Video? AI, Copyright, and Privacy Issues
OpenAI’s Sora 2 is here — and it’s not just another AI toy. This episode explores how Sora 2 works, how users can insert almost anything into generated content, and why that’s raising alarms about privacy, identity, and copyright. We walk you through the initial opt-out copyright controversy, the backlash from studios and creators, and […]
The post Is Sora 2 the Future of Video? AI, Copyright, and Privacy Issues appeared first on Shared Security Podcast.
Oct 13, 2025 • 21min
Age Verification Laws: A Privacy Disaster in the Making
In this episode, we discuss the surge of age verification laws spreading across the US, including the recent implementation in Ohio. These laws intend to shield children but come at a significant cost to privacy and cybersecurity. We’ll explore how third-party ID verification companies operate, the risks associated with these systems, and the broader definition […]
The post Age Verification Laws: A Privacy Disaster in the Making appeared first on Shared Security Podcast.
Oct 6, 2025 • 27min
Are Phishing Simulations Still Worth It?
Phishing simulations have been a cornerstone of security awareness training for years. But do they actually change user behavior, or are they just creating frustration and fatigue? In this episode, Tom Eston and Scott Wright (CEO of ClickArmor) debate whether simulated phishing attacks are still valuable in 2025. We cover the benefits, challenges, and how […]
The post Are Phishing Simulations Still Worth It? appeared first on Shared Security Podcast.
Sep 29, 2025 • 27min
Milestone Episode 400: Reflecting on 16 Years of Shared Security
Episode 400! In this special milestone edition of the Shared Security Podcast, we look back at 16 years of conversations on security, privacy, and technology. From our very first episodes in 2009 to today’s AI-driven threats, we cover the topics that defined each era, the surprises along the way, and the lessons that still matter. […]
The post Milestone Episode 400: Reflecting on 16 Years of Shared Security appeared first on Shared Security Podcast.
Sep 22, 2025 • 31min
Situational Awareness & Family Safety: Staying Alert in Today’s World with Andy Murphy
Join the Shared Security Podcast for a critical discussion about situational awareness with special guest, Andy Murphy, host of the Secure Family Podcast. In a world where mass shootings and violence in public places are alarming realities, staying alert to your surroundings has never been more important. Andy shares his expertise on personal and family […]
The post Situational Awareness & Family Safety: Staying Alert in Today’s World with Andy Murphy appeared first on Shared Security Podcast.
