Chasing Entropy Podcast by 1Password

In this episode of the Chasing Entropy Podcast, I am joined by Singapore-based cybersecurity leader Emil Tan, a man who wears many hats and wears them well. From government defense to grassroots community building, Emil’s journey is a masterclass in adaptability, curiosity, and community spirit in cybersecurity.Who Is Emil Tan?Emil is a cybersecurity polymath: a national defense contributor at Booz Allen, founder of the Singapore-based community Division Zero (Div0), co-founder of the hacker conference SINCON, advisor to the startup RedAlpha, and active participant in the non-profit CREST. His career arc spans R&D, operations, policy, and education—with a consistent theme of learning by doing.A Non-Linear Path to ImpactEmil shares his unlikely journey into cybersecurity, which began not with elite academic scores but with a love for math and curiosity about the digital world. After being part of Singapore’s first cohort in a cybersecurity diploma program, Emil embraced early challenges in capture-the-flag (CTF) competitions and informal meetups at McDonald's that eventually gave rise to Div0.From Operations to Policy and Back AgainWhat sets Emil apart is his transition from cyber operations to policymaking. Frustrated by policies that didn’t reflect frontline realities, he stepped into the policy arena to bridge the gap. He speaks candidly about the complexity of policymaking and the importance of being a "technical policymaker" who can translate between operations and lawmaking.The Power of Automation and AI (Without the Hype)Emil and Dave dig into the evolution of automation in security—from scripting away mundane tasks to the role of AI today. Emil’s philosophy? Automate the boring stuff so you can focus on meaningful work. He challenges the fear-driven narrative around AI, noting that rather than replacing jobs, it redefines them.Advice for Aspiring Security ProsWhether you’re new to the field or feeling stuck, Emil offers grounded, honest advice:Fall in love with your career, not just your jobStart anywhere, fail often, and learn deeplyTalk to people—war stories beat certificatesSeek community: Div0, SINCON, and beyondGet ConnectedWant to connect with Emil?LinkedIn Attend Div0 meetups (twice a month in Singapore)Catch him at the next SINCON conferenceListen now on all major platforms and don't forget to like, subscribe, and share. Thanks for joining me as we continue the Chasing Entropy Podcast, where chaos meets clarity, and security finds its human side.

Jack Daniel, a legendary storyteller and community-builder, shares his incredible journey from mechanic to cybersecurity strategist. He recounts humorous tales from his early days tinkering with cars, before navigating into tech by chance. The heart of the conversation focuses on the founding of BSides, a community-centered security movement that empowers local talent worldwide. Jack also discusses his unique presentation style with sock puppets, all while emphasizing the importance of community, mentorship, and authentic engagement in fostering connections.

In this discussion, Grigorios Fragkos, known as Dr. Greg, shares his extensive background in cybersecurity spanning academia and enterprise defense. He delves into the fascinating rise of agentic AI and its potential ethical applications in enhancing cybersecurity defenses. The talk also highlights the evolving role of the Chief Information Security Officer, advocating for a shift towards a Chief Cybersecurity Officer to address new challenges. Dr. Greg emphasizes the necessity of continuous learning and critical thinking in navigating the complex cybersecurity landscape.

Javvad Malik, a security advocate, Guinness World Record holder, and co-host of Host Unknown, dives into a captivating conversation about humor's role in cybersecurity. He shares his unique journey from banking in the late '90s to industry advocacy, emphasizing the art of clear communication with non-technical audiences. With engaging anecdotes, he highlights how humor can bridge gaps in understanding complex security risks. Javvad also reflects on collaborative podcasting and the importance of empathy in sharing cybersecurity insights, making tech both relatable and entertaining.

Mark Hillick, CISO at Brex, shares his extensive journey from infrastructure engineer to security leader, emphasizing the importance of security as a business enabler. He discusses the critical role of empathy in building trust within security teams, highlighting how communication can transform past traumas into collaborative victories. Hillick also delves into AI's transformative impact on operational efficiency while cautioning against rushing without necessary safeguards. His insights blend innovation and heartfelt connection, making security a partner, not a blocker.

Join Brian Honan, founder and CEO of BH Consulting and a key figure in cybersecurity policy in Europe, as he shares his journey from IT's early days to current challenges. He emphasizes the importance of curiosity and continuous learning for aspiring security professionals. Brian discusses the emergence of agentic AI and its implications for enterprise security, urging teams to enable safe business outcomes rather than merely saying no. He also explores the complexities of data sovereignty and the evolving landscape of cybersecurity threats.

In this engaging chat, Thom Langford, EMEA CTO at Rapid7 and a two-time recovering CISO, reflects on his unique journey into cybersecurity. He shares insights on the emotional challenges faced in the field, including burnout and imposter syndrome, lightening the mood with humor and relatable stories. Thom emphasizes the importance of mentorship and community, while advocating for a more user-friendly approach to security that doesn't sacrifice fun. His outlook shows that serious topics can still have a playful twist, making learning enjoyable.

Allison Miller, a cybersecurity veteran and founder of Cartomancy Labs, shares her fascinating journey from childhood hacker to industry expert. She discusses how fraud reveals system weaknesses and emphasizes the importance of understanding payment and identity vulnerabilities. Allison also delves into the evolving role of AI in cybersecurity, highlighting its potential for detection and automation while addressing governance concerns. Her insights challenge organizations to enhance trust and security in a rapidly changing digital landscape.

Wendy Nather, a cybersecurity trailblazer known for her innovative concept of the 'security poverty line,' shares her unconventional career journey. She discusses her transition from Unix systems at a Swiss bank to pivotal CISO roles. Wendy emphasizes the need for empathy in cybersecurity leadership, arguing that understanding people is key to success. She highlights how resource constraints impact security practices and calls for a collaborative approach between security and business operations. Her insights inspire a more inclusive view of cybersecurity careers.

In a candid conversation, Adrian Sanabria, Principal Researcher at the Defenders Initiative and founder of Destroyed by Breach, shares his unconventional path from tech support to cybersecurity thought leader. He debunks common myths, arguing many industry 'best practices' are outdated and often ineffective. Adrian discusses the impact of emerging threats like Agentic AI, emphasizing the need for foundational problem-solving over hastily adopted innovations. His insights on mentorship and community engagement highlight the importance of empathy in tech support and broader cybersecurity.