In this heartfelt and wide-ranging conversation on the Chasing Entropy Podcast, I get to sit down with my friend, legendary storyteller, and community-builder Jack Daniel to trace a truly unique career journey, one that spans grease-stained garages, green-screen terminals, the early internet, and the global expansion of the BSides movement.

From Mechanic to Cybersecurity Strategist

Jack shares stories from his earliest days, working in auto repair, navigating the oddities of the Renault parts system, and unexpectedly becoming the "computer guy" because no one else would do it. It’s a masterclass in accidental career pivots driven by curiosity, necessity, and grit.

Building Communities and Hacking Conferences

One of the most inspiring parts of this episode is Jack’s account of the founding and evolution of BSides, the community-led security conference series. What began as a scrappy rebellion against corporate conference gatekeeping has now blossomed into over 1,150 events in more than 60 countries from Mexico City to Canberra, with passionate organizers creating space for local talent and untold stories.

Jack reflects humbly on his role in that movement, describing himself as a “cheerleader” and “uncle” to a vast family of hackers. But it’s clear: his vision, mentorship, and love for the community helped make it all possible.

Sock Puppets, Imposter Syndrome, and Speaking with Heart

The conversation also touches on Jack’s unique presentation style, including sock puppets and tuxedos, and the philosophy behind it. For Jack, great talks aren’t about ego; they’re about earning the audience’s attention. He champions the kind of speaker who walks on stage thinking, “Wow, they want to hear from me? I owe them everything.”

Highlights

• The evolution from mechanic to firewall evangelist
• Tales of early infosec user groups, ShmooCon, and BSides Vegas
• Community resilience in places like India, Brazil, Australia, and Kathmandu
• The human side of hacker culture: burnout, mentorship, and shared grief
• Why passion and participation, not polish, make a great speaker

Quote of the Episode:

Listen Now
Catch the full conversation on your favourite podcast platform, and don’t forget to subscribe for more human centric cybersecurity stories every week.

In this episode of the Chasing Entropy Podcast, host Dave Lewis sits down with Dr. Grigorios Fragkos, widely known as Dr. Greg, a cybersecurity veteran with deep roots in academia, government, and enterprise defense. From the early days of building near real-time threat detection systems to orchestrating national-level cyber defense initiatives, Dr. Greg shares a dynamic perspective on the ever-evolving cybersecurity landscape.

From Hacking Curiosity to PhD Pioneering

Dr. Greg opens up about his journey from tinkering with software engineering to earning a PhD focused on near real-time threat assessment using IDS data, a field he was ahead of by more than a decade. He candidly recounts the challenges of building AI-driven assessment engines long before the rise of today’s agentic AI approaches.

The Rise of Agentic AI & Its Impact

The conversation takes a deep dive into agentic AI, systems that can plan, reason, and execute. Dr. Greg argues for its use in advancing cybersecurity defense rather than offense, noting that current hype often ignores ethical applications. Both he and Dave stress the importance of separating the thinking layer of AI from raw processing power, an idea Greg proposed in his PhD work and sees finally coming to fruition.

Redefining the Role of the CISO

With experience leading cybersecurity efforts across industries and nations, Dr. Greg challenges the conventional definition of a CISO. He advocates for the emergence of a Chief Cybersecurity Officer, a broader role encompassing AI threats, cyber resilience, and critical infrastructure protection. He also cautions aspiring CISOs: “Don’t do it for the title. Do it because you believe in the mission.”

M&A Cyber Due Diligence: The Ugly Truth

Drawing from real-world mergers and acquisitions experience, Dr. Greg reveals the hidden pitfalls of cyber due diligence. From rubber-stamped security audits to outright neglect of breach indicators, he offers a sobering view into how risk is often underestimated or deliberately ignored during high-stakes deals.

Global Cybersecurity Culture & B-Sides Athens

Greg also explores how culture shapes cybersecurity practices around the world—from risk ownership misunderstandings to wildly differing maturity levels. He shares his passion project: B-Sides Athens, a thriving community-driven conference that’s celebrated its 10th year of inclusive, high-quality knowledge sharing.

Final Wisdom: Education, Not Just Certification

In closing, Dr. Greg pushes back against the growing narrative that university degrees no longer matter in cybersecurity. While certifications are valuable, he emphasizes that academic journeys foster critical thinking, understanding of fundamentals, and intellectual discipline—all essential in a fast-changing field.

Don’t forget to like, subscribe, and share this episode! Got thoughts or questions? Join the conversation on social media using #ChasingEntropy.

In this episode of the Chasing Entropy Podcast, host Dave Lewis sits down with the incomparable Javvad Malik, security advocate, Guinness World Record holder, and co-host of the Host Unknown podcast. What follows is a dynamic, humorous, and insightful conversation that spans decades of cybersecurity experience, unconventional career moves, and the art of connecting with people on stage, on camera, and in the boardroom.

From Banks to Blogging: Javvad’s Cybersecurity Origin Story

Javvad reflects on his start in the late ’90s at a UK bank—when password management involved envelopes and binders, not vaults and biometrics. From there, his journey took him through consulting, industry analysis (thanks to Wendy Nather’s nudge), and eventually into advocacy and content creation with KnowBe4. His career, fueled by curiosity and storytelling, shows just how many paths there are into (and through) the world of security.

Communication That Cuts Through the Noise

Javvad and Dave dive into the recurring theme of miscommunication in cybersecurity. Why do so many security pros still struggle to resonate with non-technical audiences? Javvad argues it’s about meeting people where they are whether that’s through TikTok trends, clear analogies, or a bit of humor. Rather than blame users for not “getting it,” he encourages listening to what people are really asking and addressing their concerns with empathy and clarity.

A Guinness World Record, Just for Fun

Javvad shares the backstory behind his tongue-in-cheek claim to fame: setting a Guinness World Record for the most views on a cybersecurity awareness video within 24 hours. It’s not about vanity, it’s about grabbing attention and delivering value. Humor, he explains, is the safest and most effective vehicle for driving engagement in a world awash with FUD.

The Host Unknown Podcast & Having Fun With Security

Dave and Javvad also talk about Host Unknown, the podcast Javvad co-hosts with Tom Langford and Andy. Part satire, part serious, the show exemplifies how cybersecurity content doesn’t have to be dry or fear-based to be effective. The key: build trust, stay authentic, and have a good laugh along the way.

On AI, Creativity & the Mundane

The duo wraps up with a candid chat about AI’s role in cybersecurity and content creation. While both share concerns about disingenuous use of generative AI, they remain hopeful that AI can offload tedious work and leave humans to focus on creativity and strategy if implemented thoughtfully and securely.

Final Thoughts

Javvad leaves listeners with this advice:

• Be curious.
• Ask questions.
• Share your voice, even if it’s still evolving.

Cybersecurity may be more complex and crowded than ever, but the human element connection, storytelling, and community remains the most powerful defense against entropy.