Safe Mode Podcast

In this episode, Greg Otto talks with FTI Consulting’s Allie Bohan exploring the challenges organizations face in maintaining effective communication during cyberattacks. Allie and Greg uncover essential strategies for incidents, ensuring companies remain connected with stakeholders even when digital channels are compromised. We also talk on how to keep morale boosted within an organization during a time that many would consider one of the worst chapters in a business’s history. In our reporter chat, Greg talks with Matt Kapko about who is sending those massively annoying scam text messages about unpaid toll violations.

In this episode, Greg Otto talks with Sunil Mallik, the CISO of Discover Financial Services. Sunil shares his career path and the evolving challenges and responsibilities in cybersecurity, covering how he communicates with his board, strategic approaches to cybersecurity, and the importance of balancing technological investment with personnel training. In our reporter chat, Greg talks with Tim Starks about Sean Plankey being nominated for CISA director. Editor's Note: At 13:42, Mallik misspoke about his former employer. He was previously employed by Freddie Mac, not Fannie Mae.

In this episode, Greg Otto talks with Dan Lorenc, CEO and co-founder of Chainguard. They explore the challenges organizations face with CVE management, where dealing with vulnerabilities often drains valuable engineering resources. They also discuss how new visualization tools are redefining this landscape by offering clear insights into CVE trends, empowering teams to make informed decisions and optimize both security and efficiency in their software development processes. In our reporter chat, Greg talks with Matt Kapko about the United States’ indictment of China-linked hackers.

In this episode, Greg Otto talks with Virtru Co-founder and CEO John Ackerly , discussing the significance of open standards, the challenges and successes of implementing the Trusted Data Format across federal agencies, and the critical role of interoperability and compliance. John also gives us details on how close the country was to a national privacy law before the 9/11 attacks upended everything In our reporter chat, Greg talks with CyberScoop Tim Starks about a flurry of news around the Department of Homeland Security.

In this episode, you will hear Cynthia Kaiser, deputy assistant director in the bureau’s cyber division talk about the implications of the Salt Typhoon breach, which she spoke about during CyberScoop’s Zero Trust Summit. Kaiser characterized the breach as “a different level of insidiousness” from Beijing, one that reflects its “ambition and reckless aggression in cyberspace.” In our reporter chat, Greg talks with CyberScoop’s new cybercrime reporter Matt Kapko about a slew of reports around Russian nation-state cyber actors.

Greg Otto talks with Jackie Burns-Koven, Head of Cyber Threat Intelligence at Chainalysis. They discuss research from Chainalysis that shows a 35% drop in ransom payments over the second half of 2024. They also discuss the growing refusal of victims to pay ransoms and how attackers are adapting their tactics. Additionally, she highlights the influence of Ransomware-as-a-Service, the evolution of data leak sites, and the effectiveness of international collaboration in combating these cyber threats. In our reporter chat, Greg talks with Tim Starks about the Trump administration’s nominee for national cyber director.

In this engaging discussion, John Hultquist, Chief Analyst for Google Threat Intelligence Group, and cybersecurity expert Derek B. Johnson unpack the evolving tactics of Advanced Persistent Threats (APTs) using generative AI. They highlight the qualitative differences between AI-generated and human-crafted social engineering tactics. The conversation dives into how AI accelerates cyberattacks and the pressing need for stronger defense systems. Additionally, they touch on the friction involving Elon Musk and cryptocurrency against a backdrop of federal cybersecurity challenges.

Greg Otto talks with Hugh Thompson, Executive Chairman for RSAC Conference. Greg and Hugh discuss how the SEC's cyber disclosure regulations have fallen short of their intended purpose, failing to provide investors with enhanced transparency due to ongoing debates about materiality and insufficient market consequences. Additionally, they discuss the evolving regulatory landscape for 2025 and recent efforts to strengthen border gateway protocol (BGP) security. In our reporter chat, Greg talks to Derek B. Johnson on DeepSeek’s newfound fame and its time in the security spotlight.

Greg Otto talks with Exabeam’s Gabrielle Hempel about the complex terrain of AI regulation at both the federal and state levels, offering a deep dive into the legislative challenges, and the balancing act of fostering innovation while protecting public interests. They also reflect on how public interaction with AI systems is shaping legislative efforts, aiming to provide a comprehensive exploration of the regulatory landscape and its implications for businesses. In our reporter chat, Greg talks to Tim Starks about a Congressional hearing that examined DHS’s elimination of the entire Cyber Safety Review Board’s roster. LINK: https://cyberscoop.com/removal-cyber-safety-review-board-members/

As we head into 2025, Greg talks with Jason Baker, a ransomware negotiator for Guidepoint Security, on how ransomware has shifted and evolved, and the challenges it poses for businesses and governments alike. Jason also sheds light on the top threat actors, the future of international regulations and where they might fall concerning the contentious issue of paying ransoms, and what businesses can do to limit the damage if they are ever attacked. In our reporter chat, Greg talks to Tim Starks about the conversations happening in Washington, D.C. regarding enhanced offensive cybersecurity operations. LINK: https://cyberscoop.com/aggressive-cyber-offense-trump-administration-us-strategy-debate/