Beers with Talos Podcast

Christopher Marshall, Talos Vice President and former U.S. Navy nuclear operator, dives into his journey from the Navy to cybersecurity. He shares insights on translating complex technical concepts to non-technical leaders and emphasizes mission-focused leadership during tumultuous times. Marshall discusses the importance of building trust with clients, shares life-altering decisions that shaped his career, and reveals his nerdy hobbies like wargaming and woodworking that help him unwind while fostering team connections.

This week, the B-Team gets an upgrade as we’re joined by Sara McBroom from Talos’ nation-state threat intelligence and interdiction team. Sara shares her journey from a liberal arts major to tracking some of the world’s most advanced adversaries. Along the way, she talks about moving from the U.S federal service to Talos, mentoring, leading with empathy, and why making bad actors miserable is a pretty good day’s work.Before diving into Sara’s story, we hit the security headlines (ouch) and also discuss a Dutch hacker camp with flaming badges and port-a-potty internet. But from 17 minutes in, it’s all about Sara — her path, her research (Static Tundra, anyone?), and how she leads her team without micromanaging.If you’ve ever wondered what it’s like to ruin an APT’s day for a living, this is the episode.Here's the research that Bill mentioned: "Psychopathia Machinalis: A Nosological Framework for Understanding Pathologies in Advanced Artificial Intelligence" https://www.psychopathia.ai

We welcome new Talos teammate and incident commander Alex Ryan to the pod this week. Bill, Joe and Hazel chat with Alex about what it really takes to lead through the chaos of a cybersecurity incident, from coordinating stressed-out teams, fielding exec questions, and making sure people eat.Much to Bill's dismay, we have something resembling a "format" for this episode, and we start by breaking down the week's security news, including:The SharePoint zero-day exploit (“ToolShell”) and what defenders should do now. Here's the Talos blog we mention https://blog.talosintelligence.com/toolshell-affecting-sharepoint-servers/An AI assistant gone rogue — and how a consultant lost thousands of databases in his sleep.Everything Talos has got going on at Black HatWe then ask Alex more about her career story, including what it’s like breaking into security from a philosophy degree. We also have some honest talk about making mistakes, women in cyber, and why we need to keep mid-career women in tech. Want to meet Talos at Black Hat? Come find us at the Cisco booth, play Backdoors & Breaches over lunch with us, and hear the latest threat research. More details in this blog https://blog.talosintelligence.com/cisco-talos-at-black-hat-2025-briefings-booth-talks-and-what-to-expect/

Join a whimsical discussion about the future of AI-assisted IVF, where robots might be more than just headlines. Dive into the bizarre world of Mind-games-as-a-service in the ransomware realm and give a nod to conference dogs as unsung heroes. The hosts also ponder the implications of billionaires crafting their own genetically diverse legacies. A 'dairy war' emerges amid cyber threats to agriculture, while heartfelt anecdotes add a splash of warmth to the overall chaos. Don't miss the comic farewell to Bill after his last pun!

Joe, Hazel, Bill and Dave break down Talos' Year in Review 2024 and discuss how and why cybercriminals have been leaning so heavily on attacks that are routed in stealth in simplicity. The team also provide insights into some of the topics of the report, including the top-targeted vulnerabilities of the year, network-based attacks, adversary toolsets, identity attacks, multi-factor authentication (MFA) abuse, ransomware and AI-based attacks. For the full report, head to blog.talosintelligence.com/2024yearinreview

Bill springs a surprise topic on the team in this episode - how did you get into cybersecurity, and what skills have you brought with you throughout your career? What ensues is a rather lovely, vulnerable conversation that we hope will be helpful for anyone currently thinking about their next career move.Before that Dave has some surprising facts about Tasmanian devils, what they didn't cover (or deliberately hid?) in Looney Tunes, and why the scientific name for Tasmanian devils is a hotly debated topic. Some resources for getting into cybersecurity:Threat intelligence 101 with Cisco TalosDiversity in cybersecurity: A mosaic of career opportunitiesHow to hire the best (an earlier episode of BWT that Bill references)

More hijinks and silliness ensue in the second episode of the BWT B Team podcast. Joe shares his frustration with being involuntarily removed from a social media platform, Hazel conducts a live experiment, Dave talks about his newfound addiction to crossword puzzles and its parallels to cybersecurity, and Bill recommends the game "Nine Lives" and shares his top books of the year. Joe also briefly chats about his work customizing a tabletop cybersecurity game for humanitarian organizations. And we do a shoutout to Talos’ research on vulnerable Windows drivers and  proxy chain abuse.Find the latest research at https://blog.talosintelligence.com

With Mitch, Matt and Lurene currently stuck in the void, the Beers with Talos B team duly elect themselves to reopen the sacred BWT airwaves with their own brand of nonsense. Hazel, Joe, Bill and Dave each share the security rabbit hole they went down this week - from analyst in-jokes about AI, oligarchs and bad actors refusing to learn good op sec, the songs you'd play to send a message mid-hack, and the long awaited return of Turkey Lurkey Man, TM. Dave's insane creation is back with an exciting new take on Thanksgiving. For all the latest and greatest Talos research not featuring six degrees of Ally McBeal, head to https://blog.talosintelligence.com

It's been a while huh? Apologies for our absence, but the team are back with a run through of everything we've got going on at Black Hat - from our 10 year birthday celebrations, the interesting lightning talks in our booth, and Joe Marshall's "Backdoors and Breaches" game. Come and visit us at Cisco Booth 1732 and Splunk Booth 1940.Before that, Matt encourages Mitch and Lurene to join him in the joy of Tekkno Train by Electric Callboy (Choo Choo!) and Mitch explains why his son has developed a huge potty mouth, with no sense of irony. Lurene also reveals insights into creating a university curriculum for cyber weapons development.Stick around for an illumunating discussion on how AI could affect a Furby. Just don't google "Long Furbie". You just googled it didn't you? Ah man, we warned you...

Power grid security expert Joe Marshall joins the crew today to talk all things, well, power grid security. But not before he gets an impromptu pop quiz from Matt in the roundtable.Joe then tells some stories from his days working in electric utility,  deploying new systems and his experiences with pentesting teams ("Wow, y'all need to stop!"). Plus, the team ask Joe about  the risks with both aging infrastructure versus newer, smarter based infrastructure. And what happens when threat actors target critical infrastructure?