Secure Talk Podcast

Terence Bennet watched from the deck of the USS Paul Hamilton as the Arab Spring unfolded. As a naval officer, he realized that his battlefield awareness was limited by good intelligence. Intelligence drove good decision-making. And in an area of conflict, good decision-making is the difference between mission success and failure.In this episode of Secure Talk, host Justin Beals talks with Terence Bennett, a former Naval Intelligence Officer and now the CEO of DreamFactory. They discuss Terence's intriguing path from an early interest in the military to a successful career in cybersecurity. He recounts his origin story, which is grounded in a lifelong dedication to service, racing sailboats at the naval academy, his experiences aboard the USS Paul Hamilton, and pivotal roles in intelligence during major geopolitical events such as the Arab Spring and the Bin Laden raid. The conversation covers topics including red teaming, the impact of digital transformation on intelligence, and the necessity of security by design in today’s fast-changing digital environment. Especially of interest is Terence’s new work on cybersecurity by marrying AI developed API’s with effective network segmentation. This episode serves as a valuable resource for cybersecurity professionals, providing a distinct viewpoint on the blend of military experience and cyber defense strategies.

In our latest SecureTalk episode, Justin Beals gathers Micah Spieler, Chief Product Officer, and Josh Bullers, Head of AI, to explore the multifaceted world of AI and cybersecurity. With the recent release of DeepSeek-r1, the AI marketplace has been thrown into turmoil. It has rocked the hubris of Silicon Valley and questioned the validity and valuations of organizations like OpenAI. What does DeepSeek mean to the AI landscape, and how does it fit into the fundamentals of machine learning and the future of information systems?Our discussion delves deeply into the synergy of AI advancements and the pressing need for robust security measures. Micah and Josh share their journey in striking the delicate balance between innovation and safety, offering invaluable insights for anyone in the tech and cybersecurity field.As AI continues to revolutionise industries, cybersecurity experts must adapt and evolve. Tune in as we examine the potential and challenges presented by cutting-edge AI models. This episode is essential listening for those striving to stay ahead in the ever-evolving landscape of AI-driven cybersecurity. Join us and be part of the conversation shaping the future of technology!

In this episode of Secure Talk, host Justin Beals welcomes Kate O'Neill, a passionate tech humanist dedicated to crafting technology solutions that genuinely prioritize people. Together, they explore the key themes of Kate's  books, “Tech Humanist” and  'What Matters Next: A Leader's Guide to Making Human-Friendly Tech Decisions in a World That's Moving Too Fast.' Their engaging discussion shines a light on the power of systems thinking, the significance of thoughtful decision-making in the tech industry, and the vital balance between achieving business objectives and enhancing the human experience. This episode is a delightful must-listen for cybersecurity professionals who are excited to navigate the important intersection of technology, ethics, and human dignity in our ever-evolving digital world.Books:O'Neill, Kate. What Matters Next: A Leader's Guide to Making Human-Friendly Decisions In a World That's Moving Too Fast (2025) Tech Humanist: How You Can Make Technology Better for Business and Better for Humans (2018) 

In this episode of SecureTalk, host Justin Beals warmly welcomes Panos Louridas for an insightful discussion on the history, evolution, and future of cryptography. Panos has deep expertise and authored a book called  "Cryptography"  that helps explain the history of keeping secrets, important innovations in the field and the mathematical functions of effective encryption. They delve into Panos's early interest in computing, starting with a ZX Spectrum and his recent book on cryptography, which aims to make complex algorithms accessible to those with a high school level of mathematics. The conversation traverses the critical role of cryptography in our digital lives, the potential impacts of quantum computing, and the practical aspects of key management in modern web applications. Panos also shares captivating stories from the history of the Enigma machine and discusses the ongoing arms race in cryptography. Perfect for cybersecurity experts, this episode offers a rich blend of historical anecdotes, technical insights, and future-looking perspectives.Book: Louridas, Panos. (2024) Cryptography. MIT Press.           00:00 Welcome to SecureTalk00:28 The Importance of Cryptography02:21 Introducing Panos Louridas03:41 Panos Louridas' Journey into Computing06:11 The Evolution of Cryptography12:13 The Enigma Machine and Its Legacy19:03 Security by Obscurity: A Fallacy22:32 Speculations on NSA Backdoors23:21 Government Contributions to Cryptography24:51 Evolution and Security of AES27:10 Challenges in Generating Randomness28:15 Quantum Computing and Cryptography33:45 Key Management in Modern Web Applications36:53 TLS and AES: Understanding Their Relationship39:01 The Human Factor in Cryptography40:38 Making Cryptography Accessible42:58 Conclusion and Final Thoughts

In 2000 the internet was expanding at an astronomical rate. Consumers were logging in via dial-up modems by the hundreds of millions and businesses were racing to maximize their footprint in the digital world. A hacker named Onel de Guzman living in the Philippines had been playing with a script called “I Love You”. Distributed via email, it could assume secret control of an individual's computer from a centralized control. The “I Love You” virus spread to over 50 million computers, creating the world's largest botnet. Michael Tiffany and his co-founders were aware of these types of cyber attacks and wanted to ensure the Internet worked for businesses wanting to connect with consumers. They founded Human Security, one of the first companies to combat botnet activity for major brands and today a very powerful cybersecurity company for major corporations.In this episode of Secure Talk, host Justin Beals interviews Michael Tiffany, co-founder of Human Security and the current leader of Fulcra Dynamics. Michael shares his early experiences with computers and his journey into cybersecurity, discussing topics the founding of Human Security as a solution for botnets, ad fraud, and early “Know Your Customer” challenges. He explains his current company, Fulcra's mission to empower individuals by unifying their personal data and promoting privacy and control in the age of AI. Listen as Michael reflects on the ethical responsibilities in technology and shares his vision for a future where individuals have sovereignty over their data.00:00 Introduction to SecureTalk00:32 Host's Journey into Computer Science01:39 Introducing Michael Tiffany03:12 Michael Tiffany's Early Experiences15:26 The Birth of Human Security20:56 Challenges and Innovations in Cybersecurity27:11 Fulcra Dynamics: Empowering Personal Data37:22 Vision for the Future of AI and Data Sovereignty43:59 Conclusion and Final Thoughts

Without the ability to keep secrets, our internet would fail. Without effective cryptography the internet would never have graduated from the hobbyist interest. And we have great examples of networks without effective encryption like the worldwide HAM radio operators.I’ve been utilizing cryptography in the development of web applications since my first professional web application development work. Although I’ve rarely understood the underlying technology and mathematics of cryptography.In this episode of SecureTalk, our guest is Dr. Bill Anderson, an expert in cryptography. Bill shares his journey into the field, starting as a student in electrical and computer engineering. He inadvertently ventured into cryptography during his postgraduate studies. He discusses the evolution of cryptography, its historical context, and the impact of quantum computing on current cryptographic methods.We explore various topics, including public key cryptography, digital signatures, and the ongoing need for crypto agility. Bill also provides insights into his current role as Principal Product Lead at Mattermost, a secure collaboration platform focused on data sovereignty and security. This episode offers a comprehensive look at modern cryptographic techniques and the challenges posed by future advancements in computing, making it a must-listen for anyone interested in cybersecurity and cryptography.00:00 Welcome to SecureTalk: Introduction and Host Introduction00:33 The Role of Security in Business Growth01:55 Introducing Dr. Bill Anderson: A Security Expert03:57 Dr. Anderson's Journey into Cryptography05:35 The Evolution of Security and Cryptography08:11 Understanding Business and Technology Landscapes13:56 Mattermost: A Secure Collaboration Platform22:01 The History and Methods of Cryptography25:01 Understanding Public and Private Keys25:58 Digital Signatures and Authentication27:12 The Open Research Model in Cryptography28:31 Challenges in Cryptographic Security31:02 Quantum Computing and Cryptography35:38 The Future of Cryptographic Systems42:04 NIST's Role in Quantum-Safe Cryptography49:41 Conclusion and Final Thoughts

Eldon Spickerhoff founded eSentire in 2001. He had been a Senior Information Security Engineer for ING Prime after completing his academic work at Waterloo University. At the time the cybersecurity solutions marketplace was primarily a services offering, focusing on vulnerability scanning. The team at eSentire realized that the tools deployed in vulnerability scanning to internal systems could be left running post a services engagement. And in the process they invented an ‘always on’ threat intelligence solution. In 2022 eSentire added storied private equity firm Warburg-Pincus to their cap table and achieved unicorn status with a valuation of one billion dollars.In this engaging episode of SecureTalk, host Justin Beals invites Eldon Sprickerhoff, a seasoned cybersecurity expert and founder of eSentire, to share his journey. Eldon graduated with a computer science degree from Waterloo University in 1991 and went on to establish a leading managed security services provider.During the conversation, Eldon reflects on his early career concerns and the macroeconomic challenges he faced during a recession. He also shares insights from his book, *Committed*, which explores the realities of startup life. The discussion highlights essential strategies for navigating the cybersecurity marketplace, the importance of founder-led sales, and the significant challenges and opportunities within the cybersecurity field.Tune in to gain valuable perspectives on entrepreneurship, real-time vulnerability scans, and the impact of AI and quantum computing on cybersecurity.Link to the Book: Commited: Startup Survival Tips and Uncommon Sense for First-Time Tech Founders https://sutherlandhousebooks.com/product/committed/

In this episode of Secure Talk, Justin welcomes Stephen Ferrell, a cybersecurity expert and Chief Strategy Officer of Strike Graph, to discuss the significant changes in the compliance landscape brought about by the Cybersecurity Maturity Model Certification (CMMC). They explore the recent finalization of the CMMC rule, its implications for the defense industrial base, and the phased compliance requirements for various certification levels. The conversation emphasizes the necessity of CMMC for federal contractors, including those in non-traditional sectors like medical equipment manufacturing, along with the associated costs and procedures. Stephen also shares insights from his experience conducting a self-assessment for CMMC compliance, offering practical advice for organizations aiming to achieve certification. This episode is essential for cybersecurity professionals who want to understand the latest federal compliance standards and prepare their organizations accordingly.

Privacy laws in our modern computing era have been around for well over twenty years. The conversation around appropriate privacy measures and effective governance of data has matured quite nicely since the early days of the Internet. While breaches do continue to happen, laws like GDPR, HIPAA and CCPA have helped set expectations for ethical and effective privacy practices.But we are in the midst of a massive proliferation of generative AI models. Since the technology is so nascent our expectations of privacy are being reshaped. An AI model is fundamentally a mathematical representation of a large data set. Its probabilistic function will create information depending on the prompts it can be given. Deep in the model the data used to ‘train’ it still leaves a fingerprint of the source information. What are the expectations for privacy, copyright and safety to those of us that have shared information on the internet?In this episode of Secure Talk, host Justin Beals engages in a comprehensive discussion with Dan Clarke,  about the significant impact of AI. The conversation begins with Dan’s early days in computing and follows his journey into developing AI governance. They explore the transformative effects of AI in comparison to historical technological innovations, as well as the risks and biases that are inherent in AI systems. Additionally, they discuss current and future legal compliance issues.Dan shares personal anecdotes related to privacy challenges and the applicability of AI, emphasizing the importance of transparency, thorough risk assessment, and bias testing in AI implementations. This episode provides valuable insights for anyone interested in the ethical and responsible use of AI technology in today's applications.00:00 Welcome to SecureTalk: Exploring Information Security00:32 The Evolving Landscape of Privacy and AI01:47 Introducing Dan Clark: AI Privacy Leader03:10 Dan Clark's Journey: From Intel to Privacy Advocacy04:14 The Impact of AI: Paradigm Shifts and Privacy Concerns06:08 Personal Data and Privacy: A Real-Life Story08:45 The Importance of Data Control and Fairness13:10 AI Governance and Legal Responsibilities21:02 Current Laws Impacting AI and Privacy26:47 Legal Basis for Data Usage27:01 Introduction to Truio and InnerEdge27:29 The Birth of Truio: Addressing GDPR28:39 AI Governance and Federal Privacy Law30:48 Transparent AI Practices31:58 Understanding AI Risks and Transparency36:52 AI Use Cases and Risk Assessment44:57 Bias Testing and AI Governance50:39 Concluding Thoughts on AI and GovernanceLink: https://get.truyo.com/ai-governance-training

In this episode of Secure Talk, host Justin Beals, CEO and founder of Strike Graph, discusses cybersecurity awareness training with Craig Taylor, CEO and co-founder of CyberHoot. They explore the evolution and significance of security training, particularly in light of the rising number of phishing attacks. Taylor shares insights from his extensive background, including being a senior risk analyst for Computer Sciences Corporation in the development of one of the first cloud hosting platforms. He also shares his experience as a virtual Chief Information Security Officer (vCISO) and the growth and success of CyberHoot. The conversation highlights CyberHoot's innovative use of positive reinforcement methods in their approach to automated training and examines the role of artificial intelligence (AI) in both creating and combating cybersecurity threats. They also discuss the future of AI in security training and provide practical steps that companies can take to enhance their cyber resilience.00:00 Introduction to SecureTalk00:34 The Importance of Security Awareness Training03:18 Craig Taylor's Journey into Cybersecurity05:25 The Evolution of Technology and AI15:30 The Role of Virtual CISOs21:48 Building CyberHoot: From Services to Product25:17 The Ineffectiveness of Shock Collars and Negative Reinforcement26:21 The Power of Positive Reinforcement in Training27:21 Challenges with Fake Email Phishing27:51 Cyberhoots' Approach to Phishing Simulations28:50 Gamification and Positive Outcomes30:26 The Anxiety Around Cybersecurity Training31:39 The Problem with Traditional Phishing Tests33:13 Emerging Best Practices in Cybersecurity38:53 The Role of AI in Phishing and Cybersecurity45:16 Future Perspectives and Rapid Content Creation48:46 Conclusion and Final Thoughts